Date
July 12, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.825924] ================================================================== [ 14.827644] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.828336] Read of size 1 at addr ffff888103af7d02 by task kunit_try_catch/266 [ 14.829158] [ 14.829393] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.829450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.829592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.829614] Call Trace: [ 14.829627] <TASK> [ 14.829642] dump_stack_lvl+0x73/0xb0 [ 14.829672] print_report+0xd1/0x610 [ 14.829696] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829719] ? kasan_stack_oob+0x2b5/0x300 [ 14.829740] ? kasan_addr_to_slab+0x11/0xa0 [ 14.829761] ? kasan_stack_oob+0x2b5/0x300 [ 14.829783] kasan_report+0x141/0x180 [ 14.829805] ? kasan_stack_oob+0x2b5/0x300 [ 14.829832] __asan_report_load1_noabort+0x18/0x20 [ 14.829858] kasan_stack_oob+0x2b5/0x300 [ 14.829879] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.829900] ? finish_task_switch.isra.0+0x153/0x700 [ 14.829924] ? __switch_to+0x47/0xf50 [ 14.829952] ? __schedule+0x10cc/0x2b60 [ 14.829975] ? __pfx_read_tsc+0x10/0x10 [ 14.830016] ? ktime_get_ts64+0x86/0x230 [ 14.830069] kunit_try_run_case+0x1a5/0x480 [ 14.830095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.830144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.830171] ? __kthread_parkme+0x82/0x180 [ 14.830192] ? preempt_count_sub+0x50/0x80 [ 14.830216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.830279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.830306] kthread+0x337/0x6f0 [ 14.830326] ? trace_preempt_on+0x20/0xc0 [ 14.830351] ? __pfx_kthread+0x10/0x10 [ 14.830373] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830396] ? calculate_sigpending+0x7b/0xa0 [ 14.830421] ? __pfx_kthread+0x10/0x10 [ 14.830445] ret_from_fork+0x116/0x1d0 [ 14.830465] ? __pfx_kthread+0x10/0x10 [ 14.830486] ret_from_fork_asm+0x1a/0x30 [ 14.830518] </TASK> [ 14.830529] [ 14.841491] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.842148] and is located at offset 138 in frame: [ 14.842385] kasan_stack_oob+0x0/0x300 [ 14.842753] [ 14.842876] This frame has 4 objects: [ 14.843321] [48, 49) '__assertion' [ 14.843353] [64, 72) 'array' [ 14.843554] [96, 112) '__assertion' [ 14.843709] [128, 138) 'stack_array' [ 14.843949] [ 14.844358] The buggy address belongs to the physical page: [ 14.844612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af7 [ 14.844958] flags: 0x200000000000000(node=0|zone=2) [ 14.845285] raw: 0200000000000000 ffffea00040ebdc8 ffffea00040ebdc8 0000000000000000 [ 14.845621] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.845924] page dumped because: kasan: bad access detected [ 14.846339] [ 14.846425] Memory state around the buggy address: [ 14.846580] ffff888103af7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.846916] ffff888103af7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.847445] >ffff888103af7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.847738] ^ [ 14.847899] ffff888103af7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.848243] ffff888103af7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.848608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.275231] ================================================================== [ 12.275682] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.275975] Read of size 1 at addr ffff8881039fb000 by task kunit_try_catch/157 [ 12.276297] [ 12.276682] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.276729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.276741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.276763] Call Trace: [ 12.276775] <TASK> [ 12.276791] dump_stack_lvl+0x73/0xb0 [ 12.276824] print_report+0xd1/0x610 [ 12.276847] ? __virt_addr_valid+0x1db/0x2d0 [ 12.276872] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.276896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.276919] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.276943] kasan_report+0x141/0x180 [ 12.276965] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.277009] __asan_report_load1_noabort+0x18/0x20 [ 12.277034] kmalloc_node_oob_right+0x369/0x3c0 [ 12.277060] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.277085] ? __schedule+0x10cc/0x2b60 [ 12.277107] ? __pfx_read_tsc+0x10/0x10 [ 12.277129] ? ktime_get_ts64+0x86/0x230 [ 12.277156] kunit_try_run_case+0x1a5/0x480 [ 12.277182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.277230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.277254] ? __kthread_parkme+0x82/0x180 [ 12.277289] ? preempt_count_sub+0x50/0x80 [ 12.277314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.277388] kthread+0x337/0x6f0 [ 12.277406] ? trace_preempt_on+0x20/0xc0 [ 12.277431] ? __pfx_kthread+0x10/0x10 [ 12.277451] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.277473] ? calculate_sigpending+0x7b/0xa0 [ 12.277498] ? __pfx_kthread+0x10/0x10 [ 12.277519] ret_from_fork+0x116/0x1d0 [ 12.277538] ? __pfx_kthread+0x10/0x10 [ 12.277558] ret_from_fork_asm+0x1a/0x30 [ 12.277590] </TASK> [ 12.277600] [ 12.287685] Allocated by task 157: [ 12.287874] kasan_save_stack+0x45/0x70 [ 12.288064] kasan_save_track+0x18/0x40 [ 12.288226] kasan_save_alloc_info+0x3b/0x50 [ 12.288453] __kasan_kmalloc+0xb7/0xc0 [ 12.288649] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.288865] kmalloc_node_oob_right+0xab/0x3c0 [ 12.289076] kunit_try_run_case+0x1a5/0x480 [ 12.290016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.290499] kthread+0x337/0x6f0 [ 12.290719] ret_from_fork+0x116/0x1d0 [ 12.290857] ret_from_fork_asm+0x1a/0x30 [ 12.291005] [ 12.291078] The buggy address belongs to the object at ffff8881039fa000 [ 12.291078] which belongs to the cache kmalloc-4k of size 4096 [ 12.291445] The buggy address is located 0 bytes to the right of [ 12.291445] allocated 4096-byte region [ffff8881039fa000, ffff8881039fb000) [ 12.291814] [ 12.291886] The buggy address belongs to the physical page: [ 12.292120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 12.292750] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.293500] flags: 0x200000000000040(head|node=0|zone=2) [ 12.294110] page_type: f5(slab) [ 12.294442] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.295214] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.295987] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.296790] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.297530] head: 0200000000000003 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 12.298321] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.299204] page dumped because: kasan: bad access detected [ 12.299749] [ 12.299935] Memory state around the buggy address: [ 12.300441] ffff8881039faf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.301232] ffff8881039faf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.301869] >ffff8881039fb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.302686] ^ [ 12.303026] ffff8881039fb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.303649] ffff8881039fb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.304243] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.248190] ================================================================== [ 12.249331] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.249566] Read of size 1 at addr ffff888102610b1f by task kunit_try_catch/155 [ 12.249789] [ 12.249878] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.249924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.249935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.249956] Call Trace: [ 12.249969] <TASK> [ 12.249985] dump_stack_lvl+0x73/0xb0 [ 12.250014] print_report+0xd1/0x610 [ 12.250037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.250061] ? kmalloc_oob_left+0x361/0x3c0 [ 12.250082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.250105] ? kmalloc_oob_left+0x361/0x3c0 [ 12.250128] kasan_report+0x141/0x180 [ 12.250149] ? kmalloc_oob_left+0x361/0x3c0 [ 12.250176] __asan_report_load1_noabort+0x18/0x20 [ 12.250201] kmalloc_oob_left+0x361/0x3c0 [ 12.250223] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.250246] ? __schedule+0x10cc/0x2b60 [ 12.250282] ? __pfx_read_tsc+0x10/0x10 [ 12.250303] ? ktime_get_ts64+0x86/0x230 [ 12.250328] kunit_try_run_case+0x1a5/0x480 [ 12.250353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.250376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.250401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.250424] ? __kthread_parkme+0x82/0x180 [ 12.250445] ? preempt_count_sub+0x50/0x80 [ 12.250469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.250493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.250518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.250543] kthread+0x337/0x6f0 [ 12.250562] ? trace_preempt_on+0x20/0xc0 [ 12.250585] ? __pfx_kthread+0x10/0x10 [ 12.250606] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.250627] ? calculate_sigpending+0x7b/0xa0 [ 12.250652] ? __pfx_kthread+0x10/0x10 [ 12.250673] ret_from_fork+0x116/0x1d0 [ 12.250691] ? __pfx_kthread+0x10/0x10 [ 12.250718] ret_from_fork_asm+0x1a/0x30 [ 12.250749] </TASK> [ 12.250759] [ 12.261817] Allocated by task 1: [ 12.261996] kasan_save_stack+0x45/0x70 [ 12.262199] kasan_save_track+0x18/0x40 [ 12.262357] kasan_save_alloc_info+0x3b/0x50 [ 12.262508] __kasan_kmalloc+0xb7/0xc0 [ 12.262679] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.262949] kstrdup+0x3e/0xa0 [ 12.263117] kstrdup_const+0x2c/0x40 [ 12.263310] __kernfs_new_node+0xa7/0x6d0 [ 12.263514] kernfs_new_node+0x140/0x1e0 [ 12.263692] kernfs_create_dir_ns+0x30/0x140 [ 12.263849] sysfs_create_dir_ns+0x130/0x290 [ 12.264063] kobject_add_internal+0x222/0x9b0 [ 12.264291] kobject_init_and_add+0xf1/0x160 [ 12.264476] sysfs_slab_add+0x19a/0x1f0 [ 12.264611] slab_sysfs_init+0x76/0x110 [ 12.264750] do_one_initcall+0xd8/0x370 [ 12.264940] kernel_init_freeable+0x420/0x6f0 [ 12.265153] kernel_init+0x23/0x1e0 [ 12.265338] ret_from_fork+0x116/0x1d0 [ 12.265528] ret_from_fork_asm+0x1a/0x30 [ 12.265681] [ 12.265753] The buggy address belongs to the object at ffff888102610b00 [ 12.265753] which belongs to the cache kmalloc-16 of size 16 [ 12.266215] The buggy address is located 19 bytes to the right of [ 12.266215] allocated 12-byte region [ffff888102610b00, ffff888102610b0c) [ 12.266748] [ 12.266844] The buggy address belongs to the physical page: [ 12.267050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102610 [ 12.267365] flags: 0x200000000000000(node=0|zone=2) [ 12.267598] page_type: f5(slab) [ 12.267747] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.267983] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.268245] page dumped because: kasan: bad access detected [ 12.268500] [ 12.268590] Memory state around the buggy address: [ 12.268808] ffff888102610a00: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 12.269061] ffff888102610a80: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.269308] >ffff888102610b00: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 12.269621] ^ [ 12.269815] ffff888102610b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270097] ffff888102610c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.216837] ================================================================== [ 12.217510] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.218139] Read of size 1 at addr ffff8881029ef480 by task kunit_try_catch/153 [ 12.218758] [ 12.218926] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.218967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.218979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219000] Call Trace: [ 12.219012] <TASK> [ 12.219027] dump_stack_lvl+0x73/0xb0 [ 12.219054] print_report+0xd1/0x610 [ 12.219076] ? __virt_addr_valid+0x1db/0x2d0 [ 12.219100] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.219144] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219165] kasan_report+0x141/0x180 [ 12.219187] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.219213] __asan_report_load1_noabort+0x18/0x20 [ 12.219238] kmalloc_oob_right+0x68a/0x7f0 [ 12.219270] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.219294] ? __schedule+0x10cc/0x2b60 [ 12.219315] ? __pfx_read_tsc+0x10/0x10 [ 12.219336] ? ktime_get_ts64+0x86/0x230 [ 12.219361] kunit_try_run_case+0x1a5/0x480 [ 12.219386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.219433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.219457] ? __kthread_parkme+0x82/0x180 [ 12.219477] ? preempt_count_sub+0x50/0x80 [ 12.219502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.219526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.219551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.219576] kthread+0x337/0x6f0 [ 12.219594] ? trace_preempt_on+0x20/0xc0 [ 12.219617] ? __pfx_kthread+0x10/0x10 [ 12.219638] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.219659] ? calculate_sigpending+0x7b/0xa0 [ 12.219683] ? __pfx_kthread+0x10/0x10 [ 12.219704] ret_from_fork+0x116/0x1d0 [ 12.219722] ? __pfx_kthread+0x10/0x10 [ 12.219742] ret_from_fork_asm+0x1a/0x30 [ 12.219773] </TASK> [ 12.219783] [ 12.230612] Allocated by task 153: [ 12.230922] kasan_save_stack+0x45/0x70 [ 12.231138] kasan_save_track+0x18/0x40 [ 12.231284] kasan_save_alloc_info+0x3b/0x50 [ 12.231434] __kasan_kmalloc+0xb7/0xc0 [ 12.231567] __kmalloc_cache_noprof+0x189/0x420 [ 12.231723] kmalloc_oob_right+0xa9/0x7f0 [ 12.231863] kunit_try_run_case+0x1a5/0x480 [ 12.232009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.232187] kthread+0x337/0x6f0 [ 12.232394] ret_from_fork+0x116/0x1d0 [ 12.232725] ret_from_fork_asm+0x1a/0x30 [ 12.233067] [ 12.233220] The buggy address belongs to the object at ffff8881029ef400 [ 12.233220] which belongs to the cache kmalloc-128 of size 128 [ 12.234269] The buggy address is located 13 bytes to the right of [ 12.234269] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.235333] [ 12.235489] The buggy address belongs to the physical page: [ 12.235957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.236625] flags: 0x200000000000000(node=0|zone=2) [ 12.237055] page_type: f5(slab) [ 12.237345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.237988] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.238623] page dumped because: kasan: bad access detected [ 12.238813] [ 12.238882] Memory state around the buggy address: [ 12.239035] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.239249] ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.239842] >ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.240468] ^ [ 12.240750] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.241354] ffff8881029ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.241948] ================================================================== [ 12.175190] ================================================================== [ 12.175899] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.176590] Write of size 1 at addr ffff8881029ef473 by task kunit_try_catch/153 [ 12.176991] [ 12.177998] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.178345] Tainted: [N]=TEST [ 12.178376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.178585] Call Trace: [ 12.178652] <TASK> [ 12.178800] dump_stack_lvl+0x73/0xb0 [ 12.178889] print_report+0xd1/0x610 [ 12.178918] ? __virt_addr_valid+0x1db/0x2d0 [ 12.178944] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.178967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.178990] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.179012] kasan_report+0x141/0x180 [ 12.179034] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.179060] __asan_report_store1_noabort+0x1b/0x30 [ 12.179086] kmalloc_oob_right+0x6f0/0x7f0 [ 12.179108] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.179131] ? __schedule+0x10cc/0x2b60 [ 12.179154] ? __pfx_read_tsc+0x10/0x10 [ 12.179176] ? ktime_get_ts64+0x86/0x230 [ 12.179202] kunit_try_run_case+0x1a5/0x480 [ 12.179229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.179252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.179291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.179315] ? __kthread_parkme+0x82/0x180 [ 12.179336] ? preempt_count_sub+0x50/0x80 [ 12.179362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.179387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.179411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.179437] kthread+0x337/0x6f0 [ 12.179455] ? trace_preempt_on+0x20/0xc0 [ 12.179480] ? __pfx_kthread+0x10/0x10 [ 12.179500] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.179522] ? calculate_sigpending+0x7b/0xa0 [ 12.179547] ? __pfx_kthread+0x10/0x10 [ 12.179569] ret_from_fork+0x116/0x1d0 [ 12.179587] ? __pfx_kthread+0x10/0x10 [ 12.179608] ret_from_fork_asm+0x1a/0x30 [ 12.179662] </TASK> [ 12.179723] [ 12.186558] Allocated by task 153: [ 12.186818] kasan_save_stack+0x45/0x70 [ 12.187048] kasan_save_track+0x18/0x40 [ 12.187282] kasan_save_alloc_info+0x3b/0x50 [ 12.187517] __kasan_kmalloc+0xb7/0xc0 [ 12.187722] __kmalloc_cache_noprof+0x189/0x420 [ 12.187952] kmalloc_oob_right+0xa9/0x7f0 [ 12.188170] kunit_try_run_case+0x1a5/0x480 [ 12.188390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.188658] kthread+0x337/0x6f0 [ 12.188812] ret_from_fork+0x116/0x1d0 [ 12.188984] ret_from_fork_asm+0x1a/0x30 [ 12.189201] [ 12.189361] The buggy address belongs to the object at ffff8881029ef400 [ 12.189361] which belongs to the cache kmalloc-128 of size 128 [ 12.189875] The buggy address is located 0 bytes to the right of [ 12.189875] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.190421] [ 12.190587] The buggy address belongs to the physical page: [ 12.191007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.191596] flags: 0x200000000000000(node=0|zone=2) [ 12.192143] page_type: f5(slab) [ 12.192577] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.192937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.193351] page dumped because: kasan: bad access detected [ 12.193612] [ 12.193713] Memory state around the buggy address: [ 12.194165] ffff8881029ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.194522] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.194829] >ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.195162] ^ [ 12.195417] ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.195728] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.196039] ================================================================== [ 12.197944] ================================================================== [ 12.198724] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.199003] Write of size 1 at addr ffff8881029ef478 by task kunit_try_catch/153 [ 12.199310] [ 12.199425] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.199467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.199479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.199501] Call Trace: [ 12.199517] <TASK> [ 12.199532] dump_stack_lvl+0x73/0xb0 [ 12.199560] print_report+0xd1/0x610 [ 12.199582] ? __virt_addr_valid+0x1db/0x2d0 [ 12.199605] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.199650] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199671] kasan_report+0x141/0x180 [ 12.199693] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.199719] __asan_report_store1_noabort+0x1b/0x30 [ 12.199745] kmalloc_oob_right+0x6bd/0x7f0 [ 12.199767] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.199790] ? __schedule+0x10cc/0x2b60 [ 12.199812] ? __pfx_read_tsc+0x10/0x10 [ 12.199833] ? ktime_get_ts64+0x86/0x230 [ 12.199858] kunit_try_run_case+0x1a5/0x480 [ 12.199882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.199929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.199952] ? __kthread_parkme+0x82/0x180 [ 12.199973] ? preempt_count_sub+0x50/0x80 [ 12.199997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.200021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.200046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.200071] kthread+0x337/0x6f0 [ 12.200090] ? trace_preempt_on+0x20/0xc0 [ 12.200114] ? __pfx_kthread+0x10/0x10 [ 12.200134] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.200155] ? calculate_sigpending+0x7b/0xa0 [ 12.200179] ? __pfx_kthread+0x10/0x10 [ 12.200201] ret_from_fork+0x116/0x1d0 [ 12.200219] ? __pfx_kthread+0x10/0x10 [ 12.200239] ret_from_fork_asm+0x1a/0x30 [ 12.200280] </TASK> [ 12.200290] [ 12.206119] Allocated by task 153: [ 12.206245] kasan_save_stack+0x45/0x70 [ 12.206395] kasan_save_track+0x18/0x40 [ 12.206531] kasan_save_alloc_info+0x3b/0x50 [ 12.206680] __kasan_kmalloc+0xb7/0xc0 [ 12.206876] __kmalloc_cache_noprof+0x189/0x420 [ 12.207100] kmalloc_oob_right+0xa9/0x7f0 [ 12.207307] kunit_try_run_case+0x1a5/0x480 [ 12.207519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.207773] kthread+0x337/0x6f0 [ 12.207941] ret_from_fork+0x116/0x1d0 [ 12.208127] ret_from_fork_asm+0x1a/0x30 [ 12.208333] [ 12.208427] The buggy address belongs to the object at ffff8881029ef400 [ 12.208427] which belongs to the cache kmalloc-128 of size 128 [ 12.208923] The buggy address is located 5 bytes to the right of [ 12.208923] allocated 115-byte region [ffff8881029ef400, ffff8881029ef473) [ 12.209423] [ 12.209512] The buggy address belongs to the physical page: [ 12.209726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 12.210055] flags: 0x200000000000000(node=0|zone=2) [ 12.210340] page_type: f5(slab) [ 12.210627] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.211253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.211880] page dumped because: kasan: bad access detected [ 12.212341] [ 12.212493] Memory state around the buggy address: [ 12.212897] ffff8881029ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.213529] ffff8881029ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.214132] >ffff8881029ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.214750] ^ [ 12.215331] ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.215910] ffff8881029ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.216124] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 144.518718] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.520129] Modules linked in: [ 144.520487] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.520821] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.521010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.521278] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.521474] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.521973] RSP: 0000:ffff888109197c78 EFLAGS: 00010286 [ 144.522153] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.523131] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8da33b7c [ 144.523843] RBP: ffff888109197ca0 R08: 0000000000000000 R09: ffffed1020393f40 [ 144.524956] R10: ffff888101c9fa07 R11: 0000000000000000 R12: ffffffff8da33b68 [ 144.525904] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109197d38 [ 144.526900] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 144.527912] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.528795] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 144.529926] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 144.530754] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.531790] Call Trace: [ 144.532205] <TASK> [ 144.532627] drm_test_rect_calc_vscale+0x108/0x270 [ 144.533443] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.533888] ? __schedule+0x10cc/0x2b60 [ 144.534633] ? __pfx_read_tsc+0x10/0x10 [ 144.535210] ? ktime_get_ts64+0x86/0x230 [ 144.535621] kunit_try_run_case+0x1a5/0x480 [ 144.536335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.536547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.536714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.536885] ? __kthread_parkme+0x82/0x180 [ 144.537040] ? preempt_count_sub+0x50/0x80 [ 144.537188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.537471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.537970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.538604] kthread+0x337/0x6f0 [ 144.538983] ? trace_preempt_on+0x20/0xc0 [ 144.539474] ? __pfx_kthread+0x10/0x10 [ 144.539967] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.540565] ? calculate_sigpending+0x7b/0xa0 [ 144.541214] ? __pfx_kthread+0x10/0x10 [ 144.541690] ret_from_fork+0x116/0x1d0 [ 144.542087] ? __pfx_kthread+0x10/0x10 [ 144.542441] ret_from_fork_asm+0x1a/0x30 [ 144.542608] </TASK> [ 144.542702] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.548369] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.549241] Modules linked in: [ 144.549596] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.550430] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.550764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.551329] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.551837] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.552905] RSP: 0000:ffff88810994fc78 EFLAGS: 00010286 [ 144.553309] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.553608] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8da33bb4 [ 144.553889] RBP: ffff88810994fca0 R08: 0000000000000000 R09: ffffed1020538de0 [ 144.554513] R10: ffff8881029c6f07 R11: 0000000000000000 R12: ffffffff8da33ba0 [ 144.554841] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810994fd38 [ 144.555215] FS: 0000000000000000(0000) GS:ffff8881cb772000(0000) knlGS:0000000000000000 [ 144.555751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.556123] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 144.556426] DR0: ffffffff8fa52444 DR1: ffffffff8fa52449 DR2: ffffffff8fa5244a [ 144.556708] DR3: ffffffff8fa5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.556978] Call Trace: [ 144.557117] <TASK> [ 144.557269] drm_test_rect_calc_vscale+0x108/0x270 [ 144.557642] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.558184] ? __schedule+0x10cc/0x2b60 [ 144.558457] ? __pfx_read_tsc+0x10/0x10 [ 144.558620] ? ktime_get_ts64+0x86/0x230 [ 144.558831] kunit_try_run_case+0x1a5/0x480 [ 144.559192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.559444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.559669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.559929] ? __kthread_parkme+0x82/0x180 [ 144.560117] ? preempt_count_sub+0x50/0x80 [ 144.560297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.560827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.561062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.561464] kthread+0x337/0x6f0 [ 144.561597] ? trace_preempt_on+0x20/0xc0 [ 144.561834] ? __pfx_kthread+0x10/0x10 [ 144.562201] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.562427] ? calculate_sigpending+0x7b/0xa0 [ 144.562636] ? __pfx_kthread+0x10/0x10 [ 144.562807] ret_from_fork+0x116/0x1d0 [ 144.562992] ? __pfx_kthread+0x10/0x10 [ 144.563365] ret_from_fork_asm+0x1a/0x30 [ 144.563540] </TASK> [ 144.563664] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 144.477641] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.478636] Modules linked in: [ 144.479322] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.480428] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.481211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.481761] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.481949] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.483483] RSP: 0000:ffff88810923fc78 EFLAGS: 00010286 [ 144.483945] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.484463] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8da33bb8 [ 144.484886] RBP: ffff88810923fca0 R08: 0000000000000000 R09: ffffed1020538d40 [ 144.485573] R10: ffff8881029c6a07 R11: 0000000000000000 R12: ffffffff8da33ba0 [ 144.485873] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810923fd38 [ 144.486183] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 144.486882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.487490] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 144.488205] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 144.488834] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.489369] Call Trace: [ 144.489487] <TASK> [ 144.489586] drm_test_rect_calc_hscale+0x108/0x270 [ 144.489761] ? __kasan_check_write+0x18/0x20 [ 144.489914] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.490239] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 144.490429] ? trace_hardirqs_on+0x37/0xe0 [ 144.490577] ? __pfx_read_tsc+0x10/0x10 [ 144.490718] ? ktime_get_ts64+0x86/0x230 [ 144.490864] kunit_try_run_case+0x1a5/0x480 [ 144.491152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.491570] ? queued_spin_lock_slowpath+0x116/0xb40 [ 144.492073] ? __kthread_parkme+0x82/0x180 [ 144.492609] ? preempt_count_sub+0x50/0x80 [ 144.493037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.493460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.493932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.494572] kthread+0x337/0x6f0 [ 144.494902] ? trace_preempt_on+0x20/0xc0 [ 144.495342] ? __pfx_kthread+0x10/0x10 [ 144.495704] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.495908] ? calculate_sigpending+0x7b/0xa0 [ 144.496360] ? __pfx_kthread+0x10/0x10 [ 144.497020] ret_from_fork+0x116/0x1d0 [ 144.497332] ? __pfx_kthread+0x10/0x10 [ 144.497474] ret_from_fork_asm+0x1a/0x30 [ 144.497627] </TASK> [ 144.497718] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.450520] WARNING: CPU: 0 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.450911] Modules linked in: [ 144.451178] CPU: 0 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.451818] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.452238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.452905] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.454039] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.454794] RSP: 0000:ffff88810994fc78 EFLAGS: 00010286 [ 144.456426] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.456716] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8da33b80 [ 144.456931] RBP: ffff88810994fca0 R08: 0000000000000000 R09: ffffed1020538d00 [ 144.457654] R10: ffff8881029c6807 R11: 0000000000000000 R12: ffffffff8da33b68 [ 144.458462] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810994fd38 [ 144.459177] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 144.459766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.460012] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 144.460842] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 144.461643] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.462319] Call Trace: [ 144.462431] <TASK> [ 144.462536] drm_test_rect_calc_hscale+0x108/0x270 [ 144.462727] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.462907] ? __schedule+0x10cc/0x2b60 [ 144.463058] ? __pfx_read_tsc+0x10/0x10 [ 144.463201] ? ktime_get_ts64+0x86/0x230 [ 144.463359] kunit_try_run_case+0x1a5/0x480 [ 144.463513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.463673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.463833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.464001] ? __kthread_parkme+0x82/0x180 [ 144.464147] ? preempt_count_sub+0x50/0x80 [ 144.464317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.464718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.465407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.466071] kthread+0x337/0x6f0 [ 144.466383] ? trace_preempt_on+0x20/0xc0 [ 144.466784] ? __pfx_kthread+0x10/0x10 [ 144.467310] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.467750] ? calculate_sigpending+0x7b/0xa0 [ 144.468383] ? __pfx_kthread+0x10/0x10 [ 144.468784] ret_from_fork+0x116/0x1d0 [ 144.469279] ? __pfx_kthread+0x10/0x10 [ 144.469855] ret_from_fork_asm+0x1a/0x30 [ 144.470434] </TASK> [ 144.470674] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.624929] ================================================================== [ 51.625346] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 51.625346] [ 51.625770] Use-after-free read at 0x(____ptrval____) (in kfence-#158): [ 51.626008] test_krealloc+0x6fc/0xbe0 [ 51.626266] kunit_try_run_case+0x1a5/0x480 [ 51.626425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.626904] kthread+0x337/0x6f0 [ 51.627102] ret_from_fork+0x116/0x1d0 [ 51.627264] ret_from_fork_asm+0x1a/0x30 [ 51.627554] [ 51.627630] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.627630] [ 51.628052] allocated by task 354 on cpu 0 at 51.624291s (0.003759s ago): [ 51.628424] test_alloc+0x364/0x10f0 [ 51.628598] test_krealloc+0xad/0xbe0 [ 51.628770] kunit_try_run_case+0x1a5/0x480 [ 51.629000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.629260] kthread+0x337/0x6f0 [ 51.629443] ret_from_fork+0x116/0x1d0 [ 51.629629] ret_from_fork_asm+0x1a/0x30 [ 51.629976] [ 51.630344] freed by task 354 on cpu 0 at 51.624557s (0.005784s ago): [ 51.630645] krealloc_noprof+0x108/0x340 [ 51.630841] test_krealloc+0x226/0xbe0 [ 51.631013] kunit_try_run_case+0x1a5/0x480 [ 51.631595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.631903] kthread+0x337/0x6f0 [ 51.632042] ret_from_fork+0x116/0x1d0 [ 51.632255] ret_from_fork_asm+0x1a/0x30 [ 51.632426] [ 51.632550] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.632962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.633140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.633525] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.541290] ================================================================== [ 51.541710] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.541710] [ 51.542167] Use-after-free read at 0x(____ptrval____) (in kfence-#157): [ 51.542479] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.543242] kunit_try_run_case+0x1a5/0x480 [ 51.543417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.543593] kthread+0x337/0x6f0 [ 51.543719] ret_from_fork+0x116/0x1d0 [ 51.543853] ret_from_fork_asm+0x1a/0x30 [ 51.543991] [ 51.544070] kfence-#157: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 51.544070] [ 51.544728] allocated by task 352 on cpu 0 at 51.520855s (0.023872s ago): [ 51.545407] test_alloc+0x2a6/0x10f0 [ 51.545873] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 51.546384] kunit_try_run_case+0x1a5/0x480 [ 51.546592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.546790] kthread+0x337/0x6f0 [ 51.547088] ret_from_fork+0x116/0x1d0 [ 51.547474] ret_from_fork_asm+0x1a/0x30 [ 51.547618] [ 51.547692] freed by task 352 on cpu 0 at 51.520984s (0.026705s ago): [ 51.547904] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 51.548113] kunit_try_run_case+0x1a5/0x480 [ 51.548540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.548724] kthread+0x337/0x6f0 [ 51.548846] ret_from_fork+0x116/0x1d0 [ 51.548980] ret_from_fork_asm+0x1a/0x30 [ 51.549524] [ 51.549663] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.550274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.550532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.550899] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.573335] ================================================================== [ 26.573815] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 26.573815] [ 26.574820] Invalid read at 0x(____ptrval____): [ 26.575675] test_invalid_access+0xf0/0x210 [ 26.576214] kunit_try_run_case+0x1a5/0x480 [ 26.576681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.577170] kthread+0x337/0x6f0 [ 26.577505] ret_from_fork+0x116/0x1d0 [ 26.577780] ret_from_fork_asm+0x1a/0x30 [ 26.577987] [ 26.578323] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 26.578800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.579151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.579718] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.352522] ================================================================== [ 26.352939] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.352939] [ 26.353340] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#152): [ 26.353919] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.354107] kunit_try_run_case+0x1a5/0x480 [ 26.354260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.354449] kthread+0x337/0x6f0 [ 26.354575] ret_from_fork+0x116/0x1d0 [ 26.354720] ret_from_fork_asm+0x1a/0x30 [ 26.354864] [ 26.354938] kfence-#152: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 26.354938] [ 26.355230] allocated by task 342 on cpu 0 at 26.352231s (0.002996s ago): [ 26.355486] test_alloc+0x364/0x10f0 [ 26.355627] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 26.355833] kunit_try_run_case+0x1a5/0x480 [ 26.356036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.356303] kthread+0x337/0x6f0 [ 26.356476] ret_from_fork+0x116/0x1d0 [ 26.356675] ret_from_fork_asm+0x1a/0x30 [ 26.356887] [ 26.356964] freed by task 342 on cpu 0 at 26.352400s (0.004561s ago): [ 26.357176] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.357366] kunit_try_run_case+0x1a5/0x480 [ 26.357517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.357698] kthread+0x337/0x6f0 [ 26.357870] ret_from_fork+0x116/0x1d0 [ 26.358066] ret_from_fork_asm+0x1a/0x30 [ 26.358243] [ 26.358351] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 26.358740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.358879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.359149] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.312538] ================================================================== [ 25.312895] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.312895] [ 25.313229] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#142): [ 25.313486] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.313664] kunit_try_run_case+0x1a5/0x480 [ 25.313817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.314021] kthread+0x337/0x6f0 [ 25.314199] ret_from_fork+0x116/0x1d0 [ 25.314427] ret_from_fork_asm+0x1a/0x30 [ 25.314588] [ 25.314664] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.314664] [ 25.314952] allocated by task 340 on cpu 0 at 25.312321s (0.002629s ago): [ 25.315181] test_alloc+0x364/0x10f0 [ 25.315380] test_kmalloc_aligned_oob_read+0x105/0x560 [ 25.315631] kunit_try_run_case+0x1a5/0x480 [ 25.316234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.316776] kthread+0x337/0x6f0 [ 25.316965] ret_from_fork+0x116/0x1d0 [ 25.317159] ret_from_fork_asm+0x1a/0x30 [ 25.317398] [ 25.317525] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.317847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.317983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.318389] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.800407] ================================================================== [ 19.800788] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.800788] [ 19.801245] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#89): [ 19.801561] test_corruption+0x216/0x3e0 [ 19.801765] kunit_try_run_case+0x1a5/0x480 [ 19.801984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.802221] kthread+0x337/0x6f0 [ 19.802371] ret_from_fork+0x116/0x1d0 [ 19.802543] ret_from_fork_asm+0x1a/0x30 [ 19.802722] [ 19.802796] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.802796] [ 19.803201] allocated by task 330 on cpu 0 at 19.800295s (0.002904s ago): [ 19.803505] test_alloc+0x2a6/0x10f0 [ 19.803681] test_corruption+0x1cb/0x3e0 [ 19.803867] kunit_try_run_case+0x1a5/0x480 [ 19.804061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.804256] kthread+0x337/0x6f0 [ 19.804393] ret_from_fork+0x116/0x1d0 [ 19.804592] ret_from_fork_asm+0x1a/0x30 [ 19.804795] [ 19.804894] freed by task 330 on cpu 0 at 19.800337s (0.004555s ago): [ 19.805209] test_corruption+0x216/0x3e0 [ 19.805379] kunit_try_run_case+0x1a5/0x480 [ 19.805544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.805808] kthread+0x337/0x6f0 [ 19.805982] ret_from_fork+0x116/0x1d0 [ 19.806157] ret_from_fork_asm+0x1a/0x30 [ 19.806342] [ 19.806443] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.806814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.807014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.807388] ================================================================== [ 19.696442] ================================================================== [ 19.696841] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.696841] [ 19.697251] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#88): [ 19.697864] test_corruption+0x131/0x3e0 [ 19.698039] kunit_try_run_case+0x1a5/0x480 [ 19.698256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.698510] kthread+0x337/0x6f0 [ 19.698688] ret_from_fork+0x116/0x1d0 [ 19.698853] ret_from_fork_asm+0x1a/0x30 [ 19.699020] [ 19.699123] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.699123] [ 19.699506] allocated by task 330 on cpu 0 at 19.696319s (0.003185s ago): [ 19.699786] test_alloc+0x2a6/0x10f0 [ 19.699924] test_corruption+0xe6/0x3e0 [ 19.700120] kunit_try_run_case+0x1a5/0x480 [ 19.700344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.700605] kthread+0x337/0x6f0 [ 19.700743] ret_from_fork+0x116/0x1d0 [ 19.700938] ret_from_fork_asm+0x1a/0x30 [ 19.701090] [ 19.701165] freed by task 330 on cpu 0 at 19.696367s (0.004796s ago): [ 19.701422] test_corruption+0x131/0x3e0 [ 19.701632] kunit_try_run_case+0x1a5/0x480 [ 19.701847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.702111] kthread+0x337/0x6f0 [ 19.702269] ret_from_fork+0x116/0x1d0 [ 19.702407] ret_from_fork_asm+0x1a/0x30 [ 19.702553] [ 19.702670] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.703161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.703373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.703663] ================================================================== [ 19.072560] ================================================================== [ 19.072989] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.072989] [ 19.073323] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 19.074050] test_corruption+0x2d2/0x3e0 [ 19.074274] kunit_try_run_case+0x1a5/0x480 [ 19.074493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.074696] kthread+0x337/0x6f0 [ 19.074840] ret_from_fork+0x116/0x1d0 [ 19.075038] ret_from_fork_asm+0x1a/0x30 [ 19.075244] [ 19.075348] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.075348] [ 19.075660] allocated by task 328 on cpu 0 at 19.072304s (0.003354s ago): [ 19.075987] test_alloc+0x364/0x10f0 [ 19.076177] test_corruption+0xe6/0x3e0 [ 19.076350] kunit_try_run_case+0x1a5/0x480 [ 19.076524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.076784] kthread+0x337/0x6f0 [ 19.076938] ret_from_fork+0x116/0x1d0 [ 19.077121] ret_from_fork_asm+0x1a/0x30 [ 19.077276] [ 19.077351] freed by task 328 on cpu 0 at 19.072401s (0.004947s ago): [ 19.077668] test_corruption+0x2d2/0x3e0 [ 19.077872] kunit_try_run_case+0x1a5/0x480 [ 19.078071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.078322] kthread+0x337/0x6f0 [ 19.078500] ret_from_fork+0x116/0x1d0 [ 19.078665] ret_from_fork_asm+0x1a/0x30 [ 19.078817] [ 19.078917] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.079401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.079598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.079871] ================================================================== [ 19.280525] ================================================================== [ 19.280917] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.280917] [ 19.281243] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 19.281633] test_corruption+0x2df/0x3e0 [ 19.281824] kunit_try_run_case+0x1a5/0x480 [ 19.282039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.282259] kthread+0x337/0x6f0 [ 19.282427] ret_from_fork+0x116/0x1d0 [ 19.282568] ret_from_fork_asm+0x1a/0x30 [ 19.282775] [ 19.282877] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.282877] [ 19.283258] allocated by task 328 on cpu 0 at 19.280258s (0.002998s ago): [ 19.283527] test_alloc+0x364/0x10f0 [ 19.283716] test_corruption+0x1cb/0x3e0 [ 19.283908] kunit_try_run_case+0x1a5/0x480 [ 19.284074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.284349] kthread+0x337/0x6f0 [ 19.284512] ret_from_fork+0x116/0x1d0 [ 19.284675] ret_from_fork_asm+0x1a/0x30 [ 19.284841] [ 19.284941] freed by task 328 on cpu 0 at 19.280367s (0.004572s ago): [ 19.285243] test_corruption+0x2df/0x3e0 [ 19.285431] kunit_try_run_case+0x1a5/0x480 [ 19.285583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.285774] kthread+0x337/0x6f0 [ 19.285945] ret_from_fork+0x116/0x1d0 [ 19.286137] ret_from_fork_asm+0x1a/0x30 [ 19.286348] [ 19.286461] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.286793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.286995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.287411] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.240349] ================================================================== [ 18.240777] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.240777] [ 18.241164] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.241492] test_invalid_addr_free+0x1e1/0x260 [ 18.241729] kunit_try_run_case+0x1a5/0x480 [ 18.241937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.242115] kthread+0x337/0x6f0 [ 18.242237] ret_from_fork+0x116/0x1d0 [ 18.242382] ret_from_fork_asm+0x1a/0x30 [ 18.242584] [ 18.242683] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.242683] [ 18.243107] allocated by task 324 on cpu 1 at 18.240231s (0.002874s ago): [ 18.243393] test_alloc+0x364/0x10f0 [ 18.243601] test_invalid_addr_free+0xdb/0x260 [ 18.243853] kunit_try_run_case+0x1a5/0x480 [ 18.244058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.244297] kthread+0x337/0x6f0 [ 18.244479] ret_from_fork+0x116/0x1d0 [ 18.244661] ret_from_fork_asm+0x1a/0x30 [ 18.244848] [ 18.244964] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.245313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.245447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.245705] ================================================================== [ 18.344473] ================================================================== [ 18.344857] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.344857] [ 18.345314] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.345627] test_invalid_addr_free+0xfb/0x260 [ 18.345856] kunit_try_run_case+0x1a5/0x480 [ 18.346081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.346258] kthread+0x337/0x6f0 [ 18.346440] ret_from_fork+0x116/0x1d0 [ 18.346667] ret_from_fork_asm+0x1a/0x30 [ 18.346919] [ 18.347009] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.347009] [ 18.347401] allocated by task 326 on cpu 1 at 18.344369s (0.003030s ago): [ 18.347648] test_alloc+0x2a6/0x10f0 [ 18.347856] test_invalid_addr_free+0xdb/0x260 [ 18.348088] kunit_try_run_case+0x1a5/0x480 [ 18.348257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.348507] kthread+0x337/0x6f0 [ 18.348699] ret_from_fork+0x116/0x1d0 [ 18.348907] ret_from_fork_asm+0x1a/0x30 [ 18.349051] [ 18.349170] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.349664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.349857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.350184] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.032513] ================================================================== [ 18.032938] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.032938] [ 18.033299] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.033592] test_double_free+0x1d3/0x260 [ 18.033810] kunit_try_run_case+0x1a5/0x480 [ 18.034010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.034204] kthread+0x337/0x6f0 [ 18.034356] ret_from_fork+0x116/0x1d0 [ 18.034535] ret_from_fork_asm+0x1a/0x30 [ 18.034750] [ 18.034853] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.034853] [ 18.035237] allocated by task 320 on cpu 0 at 18.032275s (0.002960s ago): [ 18.035514] test_alloc+0x364/0x10f0 [ 18.035647] test_double_free+0xdb/0x260 [ 18.035846] kunit_try_run_case+0x1a5/0x480 [ 18.036055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.036305] kthread+0x337/0x6f0 [ 18.036430] ret_from_fork+0x116/0x1d0 [ 18.036598] ret_from_fork_asm+0x1a/0x30 [ 18.036800] [ 18.036892] freed by task 320 on cpu 0 at 18.032325s (0.004564s ago): [ 18.037198] test_double_free+0x1e0/0x260 [ 18.037371] kunit_try_run_case+0x1a5/0x480 [ 18.037519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.037779] kthread+0x337/0x6f0 [ 18.037952] ret_from_fork+0x116/0x1d0 [ 18.038153] ret_from_fork_asm+0x1a/0x30 [ 18.038334] [ 18.038458] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.038790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.038986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.039378] ================================================================== [ 18.136617] ================================================================== [ 18.136990] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.136990] [ 18.137256] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.137463] test_double_free+0x112/0x260 [ 18.137612] kunit_try_run_case+0x1a5/0x480 [ 18.137766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.137942] kthread+0x337/0x6f0 [ 18.138104] ret_from_fork+0x116/0x1d0 [ 18.138310] ret_from_fork_asm+0x1a/0x30 [ 18.138512] [ 18.138610] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.138610] [ 18.138916] allocated by task 322 on cpu 1 at 18.136414s (0.002500s ago): [ 18.139209] test_alloc+0x2a6/0x10f0 [ 18.139440] test_double_free+0xdb/0x260 [ 18.139640] kunit_try_run_case+0x1a5/0x480 [ 18.139851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.140079] kthread+0x337/0x6f0 [ 18.140207] ret_from_fork+0x116/0x1d0 [ 18.140403] ret_from_fork_asm+0x1a/0x30 [ 18.142447] [ 18.142933] freed by task 322 on cpu 1 at 18.136497s (0.006433s ago): [ 18.143838] test_double_free+0xfa/0x260 [ 18.144292] kunit_try_run_case+0x1a5/0x480 [ 18.144448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.144625] kthread+0x337/0x6f0 [ 18.144747] ret_from_fork+0x116/0x1d0 [ 18.144877] ret_from_fork_asm+0x1a/0x30 [ 18.145016] [ 18.145115] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.145921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.146073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.146428] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.616539] ================================================================== [ 17.616949] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.616949] [ 17.617434] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 17.617759] test_use_after_free_read+0x129/0x270 [ 17.617932] kunit_try_run_case+0x1a5/0x480 [ 17.618151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.618419] kthread+0x337/0x6f0 [ 17.618586] ret_from_fork+0x116/0x1d0 [ 17.618784] ret_from_fork_asm+0x1a/0x30 [ 17.618978] [ 17.619102] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.619102] [ 17.619526] allocated by task 312 on cpu 0 at 17.616326s (0.003197s ago): [ 17.619806] test_alloc+0x364/0x10f0 [ 17.619996] test_use_after_free_read+0xdc/0x270 [ 17.620192] kunit_try_run_case+0x1a5/0x480 [ 17.620428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.620708] kthread+0x337/0x6f0 [ 17.620878] ret_from_fork+0x116/0x1d0 [ 17.621058] ret_from_fork_asm+0x1a/0x30 [ 17.621317] [ 17.621548] freed by task 312 on cpu 0 at 17.616376s (0.005090s ago): [ 17.621866] test_use_after_free_read+0x1e7/0x270 [ 17.622039] kunit_try_run_case+0x1a5/0x480 [ 17.622237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.622555] kthread+0x337/0x6f0 [ 17.622761] ret_from_fork+0x116/0x1d0 [ 17.622989] ret_from_fork_asm+0x1a/0x30 [ 17.623254] [ 17.623398] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.623789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.623959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.624398] ================================================================== [ 17.720437] ================================================================== [ 17.720836] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.720836] [ 17.721321] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.721579] test_use_after_free_read+0x129/0x270 [ 17.721816] kunit_try_run_case+0x1a5/0x480 [ 17.721992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.722247] kthread+0x337/0x6f0 [ 17.722420] ret_from_fork+0x116/0x1d0 [ 17.722588] ret_from_fork_asm+0x1a/0x30 [ 17.722770] [ 17.722846] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.722846] [ 17.723225] allocated by task 314 on cpu 0 at 17.720313s (0.002910s ago): [ 17.723527] test_alloc+0x2a6/0x10f0 [ 17.723693] test_use_after_free_read+0xdc/0x270 [ 17.723892] kunit_try_run_case+0x1a5/0x480 [ 17.724040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.724307] kthread+0x337/0x6f0 [ 17.724481] ret_from_fork+0x116/0x1d0 [ 17.724678] ret_from_fork_asm+0x1a/0x30 [ 17.724836] [ 17.724938] freed by task 314 on cpu 0 at 17.720358s (0.004577s ago): [ 17.725184] test_use_after_free_read+0xfb/0x270 [ 17.725374] kunit_try_run_case+0x1a5/0x480 [ 17.725585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.725844] kthread+0x337/0x6f0 [ 17.725995] ret_from_fork+0x116/0x1d0 [ 17.726154] ret_from_fork_asm+0x1a/0x30 [ 17.726306] [ 17.726405] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.726902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.727111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.727497] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.512366] ================================================================== [ 17.512749] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.512749] [ 17.513331] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.513684] test_out_of_bounds_write+0x10d/0x260 [ 17.513918] kunit_try_run_case+0x1a5/0x480 [ 17.514068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.514334] kthread+0x337/0x6f0 [ 17.514530] ret_from_fork+0x116/0x1d0 [ 17.514714] ret_from_fork_asm+0x1a/0x30 [ 17.514883] [ 17.515001] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.515001] [ 17.515420] allocated by task 310 on cpu 0 at 17.512305s (0.003112s ago): [ 17.515732] test_alloc+0x2a6/0x10f0 [ 17.515918] test_out_of_bounds_write+0xd4/0x260 [ 17.516148] kunit_try_run_case+0x1a5/0x480 [ 17.516357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.516530] kthread+0x337/0x6f0 [ 17.516698] ret_from_fork+0x116/0x1d0 [ 17.516904] ret_from_fork_asm+0x1a/0x30 [ 17.517116] [ 17.517252] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.517702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.517933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.518301] ================================================================== [ 17.408376] ================================================================== [ 17.408764] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.408764] [ 17.409247] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 17.409626] test_out_of_bounds_write+0x10d/0x260 [ 17.409849] kunit_try_run_case+0x1a5/0x480 [ 17.410015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.410186] kthread+0x337/0x6f0 [ 17.410334] ret_from_fork+0x116/0x1d0 [ 17.410550] ret_from_fork_asm+0x1a/0x30 [ 17.410778] [ 17.410895] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.410895] [ 17.411341] allocated by task 308 on cpu 1 at 17.408247s (0.003092s ago): [ 17.411671] test_alloc+0x364/0x10f0 [ 17.411835] test_out_of_bounds_write+0xd4/0x260 [ 17.412049] kunit_try_run_case+0x1a5/0x480 [ 17.412242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.412517] kthread+0x337/0x6f0 [ 17.412693] ret_from_fork+0x116/0x1d0 [ 17.412871] ret_from_fork_asm+0x1a/0x30 [ 17.413010] [ 17.413102] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.413609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.413817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.414237] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.200376] ================================================================== [ 17.200765] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.200765] [ 17.201175] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#64): [ 17.201516] test_out_of_bounds_read+0x126/0x4e0 [ 17.201728] kunit_try_run_case+0x1a5/0x480 [ 17.201882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.202138] kthread+0x337/0x6f0 [ 17.202290] ret_from_fork+0x116/0x1d0 [ 17.202432] ret_from_fork_asm+0x1a/0x30 [ 17.202633] [ 17.202735] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.202735] [ 17.203047] allocated by task 306 on cpu 1 at 17.200323s (0.002723s ago): [ 17.203396] test_alloc+0x2a6/0x10f0 [ 17.203590] test_out_of_bounds_read+0xed/0x4e0 [ 17.203766] kunit_try_run_case+0x1a5/0x480 [ 17.203933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.204187] kthread+0x337/0x6f0 [ 17.204366] ret_from_fork+0x116/0x1d0 [ 17.204556] ret_from_fork_asm+0x1a/0x30 [ 17.204735] [ 17.204851] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.205221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.205437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.205783] ================================================================== [ 17.304451] ================================================================== [ 17.304836] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.304836] [ 17.305275] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 17.305607] test_out_of_bounds_read+0x216/0x4e0 [ 17.305775] kunit_try_run_case+0x1a5/0x480 [ 17.305997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.306243] kthread+0x337/0x6f0 [ 17.306381] ret_from_fork+0x116/0x1d0 [ 17.306577] ret_from_fork_asm+0x1a/0x30 [ 17.306792] [ 17.306868] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.306868] [ 17.307215] allocated by task 306 on cpu 1 at 17.304399s (0.002813s ago): [ 17.307530] test_alloc+0x2a6/0x10f0 [ 17.307708] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.307908] kunit_try_run_case+0x1a5/0x480 [ 17.308111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.308300] kthread+0x337/0x6f0 [ 17.308470] ret_from_fork+0x116/0x1d0 [ 17.308664] ret_from_fork_asm+0x1a/0x30 [ 17.308862] [ 17.308980] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.309437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.309603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.309958] ================================================================== [ 17.096542] ================================================================== [ 17.096929] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.096929] [ 17.097361] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.097696] test_out_of_bounds_read+0x216/0x4e0 [ 17.097925] kunit_try_run_case+0x1a5/0x480 [ 17.098079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.098353] kthread+0x337/0x6f0 [ 17.098529] ret_from_fork+0x116/0x1d0 [ 17.098730] ret_from_fork_asm+0x1a/0x30 [ 17.098885] [ 17.098961] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.098961] [ 17.099413] allocated by task 304 on cpu 1 at 17.096331s (0.003080s ago): [ 17.099699] test_alloc+0x364/0x10f0 [ 17.099882] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.100068] kunit_try_run_case+0x1a5/0x480 [ 17.100285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.100481] kthread+0x337/0x6f0 [ 17.100654] ret_from_fork+0x116/0x1d0 [ 17.100831] ret_from_fork_asm+0x1a/0x30 [ 17.101000] [ 17.101094] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.101510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.101712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.102005] ================================================================== [ 16.993417] ================================================================== [ 16.993942] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.993942] [ 16.994327] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.995099] test_out_of_bounds_read+0x126/0x4e0 [ 16.995561] kunit_try_run_case+0x1a5/0x480 [ 16.995826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.996002] kthread+0x337/0x6f0 [ 16.996125] ret_from_fork+0x116/0x1d0 [ 16.996257] ret_from_fork_asm+0x1a/0x30 [ 16.996421] [ 16.996641] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.996641] [ 16.997037] allocated by task 304 on cpu 1 at 16.992215s (0.004766s ago): [ 16.997571] test_alloc+0x364/0x10f0 [ 16.998010] test_out_of_bounds_read+0xed/0x4e0 [ 16.998444] kunit_try_run_case+0x1a5/0x480 [ 16.998839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.999331] kthread+0x337/0x6f0 [ 16.999649] ret_from_fork+0x116/0x1d0 [ 17.000003] ret_from_fork_asm+0x1a/0x30 [ 17.000454] [ 17.000704] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.001639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.002031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.002836] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.921372] ================================================================== [ 16.921814] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.922134] Write of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.922383] [ 16.922465] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.922505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.922518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.922539] Call Trace: [ 16.922556] <TASK> [ 16.922570] dump_stack_lvl+0x73/0xb0 [ 16.922597] print_report+0xd1/0x610 [ 16.922620] ? __virt_addr_valid+0x1db/0x2d0 [ 16.922644] ? strncpy_from_user+0x2e/0x1d0 [ 16.922669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.922694] ? strncpy_from_user+0x2e/0x1d0 [ 16.922722] kasan_report+0x141/0x180 [ 16.922745] ? strncpy_from_user+0x2e/0x1d0 [ 16.922787] kasan_check_range+0x10c/0x1c0 [ 16.922812] __kasan_check_write+0x18/0x20 [ 16.922833] strncpy_from_user+0x2e/0x1d0 [ 16.922869] ? __kasan_check_read+0x15/0x20 [ 16.922892] copy_user_test_oob+0x760/0x10f0 [ 16.922920] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.922945] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.922977] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.923006] kunit_try_run_case+0x1a5/0x480 [ 16.923032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.923056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.923081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.923107] ? __kthread_parkme+0x82/0x180 [ 16.923128] ? preempt_count_sub+0x50/0x80 [ 16.923153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.923179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.923204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.923233] kthread+0x337/0x6f0 [ 16.923253] ? trace_preempt_on+0x20/0xc0 [ 16.923287] ? __pfx_kthread+0x10/0x10 [ 16.923309] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.923333] ? calculate_sigpending+0x7b/0xa0 [ 16.923358] ? __pfx_kthread+0x10/0x10 [ 16.923381] ret_from_fork+0x116/0x1d0 [ 16.923400] ? __pfx_kthread+0x10/0x10 [ 16.923432] ret_from_fork_asm+0x1a/0x30 [ 16.923464] </TASK> [ 16.923475] [ 16.930816] Allocated by task 302: [ 16.930978] kasan_save_stack+0x45/0x70 [ 16.931184] kasan_save_track+0x18/0x40 [ 16.931387] kasan_save_alloc_info+0x3b/0x50 [ 16.931565] __kasan_kmalloc+0xb7/0xc0 [ 16.931702] __kmalloc_noprof+0x1c9/0x500 [ 16.931844] kunit_kmalloc_array+0x25/0x60 [ 16.931989] copy_user_test_oob+0xab/0x10f0 [ 16.932138] kunit_try_run_case+0x1a5/0x480 [ 16.932305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.932559] kthread+0x337/0x6f0 [ 16.932749] ret_from_fork+0x116/0x1d0 [ 16.932934] ret_from_fork_asm+0x1a/0x30 [ 16.933131] [ 16.933225] The buggy address belongs to the object at ffff888103a67500 [ 16.933225] which belongs to the cache kmalloc-128 of size 128 [ 16.933727] The buggy address is located 0 bytes inside of [ 16.933727] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.934087] [ 16.934159] The buggy address belongs to the physical page: [ 16.934341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.934721] flags: 0x200000000000000(node=0|zone=2) [ 16.934981] page_type: f5(slab) [ 16.935149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.935523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.935859] page dumped because: kasan: bad access detected [ 16.936135] [ 16.936228] Memory state around the buggy address: [ 16.936489] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.936806] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.937054] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.937403] ^ [ 16.937620] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.937939] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.938234] ================================================================== [ 16.938880] ================================================================== [ 16.939276] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.939618] Write of size 1 at addr ffff888103a67578 by task kunit_try_catch/302 [ 16.939946] [ 16.940059] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.940112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.940125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.940147] Call Trace: [ 16.940171] <TASK> [ 16.940186] dump_stack_lvl+0x73/0xb0 [ 16.940213] print_report+0xd1/0x610 [ 16.940238] ? __virt_addr_valid+0x1db/0x2d0 [ 16.940272] ? strncpy_from_user+0x1a5/0x1d0 [ 16.940297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.940322] ? strncpy_from_user+0x1a5/0x1d0 [ 16.940347] kasan_report+0x141/0x180 [ 16.940370] ? strncpy_from_user+0x1a5/0x1d0 [ 16.940399] __asan_report_store1_noabort+0x1b/0x30 [ 16.940426] strncpy_from_user+0x1a5/0x1d0 [ 16.940453] copy_user_test_oob+0x760/0x10f0 [ 16.940481] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.940506] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.940538] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.940568] kunit_try_run_case+0x1a5/0x480 [ 16.940594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.940618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.940644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.940669] ? __kthread_parkme+0x82/0x180 [ 16.940691] ? preempt_count_sub+0x50/0x80 [ 16.940716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.940742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.940768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.940795] kthread+0x337/0x6f0 [ 16.940816] ? trace_preempt_on+0x20/0xc0 [ 16.940840] ? __pfx_kthread+0x10/0x10 [ 16.940872] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.940895] ? calculate_sigpending+0x7b/0xa0 [ 16.940921] ? __pfx_kthread+0x10/0x10 [ 16.940958] ret_from_fork+0x116/0x1d0 [ 16.940978] ? __pfx_kthread+0x10/0x10 [ 16.941000] ret_from_fork_asm+0x1a/0x30 [ 16.941045] </TASK> [ 16.941056] [ 16.947730] Allocated by task 302: [ 16.947866] kasan_save_stack+0x45/0x70 [ 16.948010] kasan_save_track+0x18/0x40 [ 16.948229] kasan_save_alloc_info+0x3b/0x50 [ 16.948449] __kasan_kmalloc+0xb7/0xc0 [ 16.948637] __kmalloc_noprof+0x1c9/0x500 [ 16.948839] kunit_kmalloc_array+0x25/0x60 [ 16.949042] copy_user_test_oob+0xab/0x10f0 [ 16.949271] kunit_try_run_case+0x1a5/0x480 [ 16.949490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.949745] kthread+0x337/0x6f0 [ 16.949893] ret_from_fork+0x116/0x1d0 [ 16.950028] ret_from_fork_asm+0x1a/0x30 [ 16.950171] [ 16.950242] The buggy address belongs to the object at ffff888103a67500 [ 16.950242] which belongs to the cache kmalloc-128 of size 128 [ 16.950614] The buggy address is located 0 bytes to the right of [ 16.950614] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.951226] [ 16.951347] The buggy address belongs to the physical page: [ 16.951632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.952005] flags: 0x200000000000000(node=0|zone=2) [ 16.952280] page_type: f5(slab) [ 16.952451] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.952802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.953073] page dumped because: kasan: bad access detected [ 16.953298] [ 16.953396] Memory state around the buggy address: [ 16.953643] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.953940] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.954248] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.954519] ^ [ 16.954801] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.955088] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.955374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.869527] ================================================================== [ 16.869874] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.870207] Read of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.870890] [ 16.871001] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.871045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.871058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.871080] Call Trace: [ 16.871096] <TASK> [ 16.871111] dump_stack_lvl+0x73/0xb0 [ 16.871140] print_report+0xd1/0x610 [ 16.871163] ? __virt_addr_valid+0x1db/0x2d0 [ 16.871187] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.871212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.871237] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.871276] kasan_report+0x141/0x180 [ 16.871300] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.871329] kasan_check_range+0x10c/0x1c0 [ 16.871354] __kasan_check_read+0x15/0x20 [ 16.871375] copy_user_test_oob+0x4aa/0x10f0 [ 16.871402] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.871427] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.871459] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.871488] kunit_try_run_case+0x1a5/0x480 [ 16.871513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.871538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.871563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.871588] ? __kthread_parkme+0x82/0x180 [ 16.871609] ? preempt_count_sub+0x50/0x80 [ 16.871646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.871672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.871710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.871737] kthread+0x337/0x6f0 [ 16.871758] ? trace_preempt_on+0x20/0xc0 [ 16.871782] ? __pfx_kthread+0x10/0x10 [ 16.871804] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.871827] ? calculate_sigpending+0x7b/0xa0 [ 16.871853] ? __pfx_kthread+0x10/0x10 [ 16.871876] ret_from_fork+0x116/0x1d0 [ 16.871896] ? __pfx_kthread+0x10/0x10 [ 16.871918] ret_from_fork_asm+0x1a/0x30 [ 16.871950] </TASK> [ 16.871960] [ 16.878747] Allocated by task 302: [ 16.878917] kasan_save_stack+0x45/0x70 [ 16.879135] kasan_save_track+0x18/0x40 [ 16.879338] kasan_save_alloc_info+0x3b/0x50 [ 16.879522] __kasan_kmalloc+0xb7/0xc0 [ 16.879657] __kmalloc_noprof+0x1c9/0x500 [ 16.879801] kunit_kmalloc_array+0x25/0x60 [ 16.879986] copy_user_test_oob+0xab/0x10f0 [ 16.880209] kunit_try_run_case+0x1a5/0x480 [ 16.880427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.880679] kthread+0x337/0x6f0 [ 16.880846] ret_from_fork+0x116/0x1d0 [ 16.881008] ret_from_fork_asm+0x1a/0x30 [ 16.881149] [ 16.881239] The buggy address belongs to the object at ffff888103a67500 [ 16.881239] which belongs to the cache kmalloc-128 of size 128 [ 16.881815] The buggy address is located 0 bytes inside of [ 16.881815] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.882330] [ 16.882429] The buggy address belongs to the physical page: [ 16.882648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.882997] flags: 0x200000000000000(node=0|zone=2) [ 16.883224] page_type: f5(slab) [ 16.883353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.883587] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.883815] page dumped because: kasan: bad access detected [ 16.884089] [ 16.884183] Memory state around the buggy address: [ 16.884412] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.884731] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885053] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.885354] ^ [ 16.885578] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885794] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886031] ================================================================== [ 16.886946] ================================================================== [ 16.887471] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.887815] Write of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.888189] [ 16.888311] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.888354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.888367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.888388] Call Trace: [ 16.888403] <TASK> [ 16.888417] dump_stack_lvl+0x73/0xb0 [ 16.888445] print_report+0xd1/0x610 [ 16.888468] ? __virt_addr_valid+0x1db/0x2d0 [ 16.888493] ? copy_user_test_oob+0x557/0x10f0 [ 16.888518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.888543] ? copy_user_test_oob+0x557/0x10f0 [ 16.888567] kasan_report+0x141/0x180 [ 16.888591] ? copy_user_test_oob+0x557/0x10f0 [ 16.888632] kasan_check_range+0x10c/0x1c0 [ 16.888657] __kasan_check_write+0x18/0x20 [ 16.888689] copy_user_test_oob+0x557/0x10f0 [ 16.888717] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.888742] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.888773] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.888803] kunit_try_run_case+0x1a5/0x480 [ 16.888828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.888853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.888878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.888904] ? __kthread_parkme+0x82/0x180 [ 16.888925] ? preempt_count_sub+0x50/0x80 [ 16.888950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.888976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.889002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.889030] kthread+0x337/0x6f0 [ 16.889049] ? trace_preempt_on+0x20/0xc0 [ 16.889074] ? __pfx_kthread+0x10/0x10 [ 16.889106] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.889130] ? calculate_sigpending+0x7b/0xa0 [ 16.889156] ? __pfx_kthread+0x10/0x10 [ 16.889189] ret_from_fork+0x116/0x1d0 [ 16.889209] ? __pfx_kthread+0x10/0x10 [ 16.889231] ret_from_fork_asm+0x1a/0x30 [ 16.889282] </TASK> [ 16.889292] [ 16.896125] Allocated by task 302: [ 16.896320] kasan_save_stack+0x45/0x70 [ 16.896510] kasan_save_track+0x18/0x40 [ 16.896707] kasan_save_alloc_info+0x3b/0x50 [ 16.896892] __kasan_kmalloc+0xb7/0xc0 [ 16.897089] __kmalloc_noprof+0x1c9/0x500 [ 16.897231] kunit_kmalloc_array+0x25/0x60 [ 16.897387] copy_user_test_oob+0xab/0x10f0 [ 16.897615] kunit_try_run_case+0x1a5/0x480 [ 16.897824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.898078] kthread+0x337/0x6f0 [ 16.898237] ret_from_fork+0x116/0x1d0 [ 16.898380] ret_from_fork_asm+0x1a/0x30 [ 16.898570] [ 16.898664] The buggy address belongs to the object at ffff888103a67500 [ 16.898664] which belongs to the cache kmalloc-128 of size 128 [ 16.899211] The buggy address is located 0 bytes inside of [ 16.899211] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.899728] [ 16.899814] The buggy address belongs to the physical page: [ 16.900059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.900401] flags: 0x200000000000000(node=0|zone=2) [ 16.900642] page_type: f5(slab) [ 16.900805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.901134] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.901460] page dumped because: kasan: bad access detected [ 16.901695] [ 16.901766] Memory state around the buggy address: [ 16.901923] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.902139] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.902410] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.902752] ^ [ 16.903066] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.903387] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.903698] ================================================================== [ 16.904122] ================================================================== [ 16.904477] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.904915] Read of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.905360] [ 16.905494] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.905546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.905559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.905581] Call Trace: [ 16.905594] <TASK> [ 16.905608] dump_stack_lvl+0x73/0xb0 [ 16.905649] print_report+0xd1/0x610 [ 16.905671] ? __virt_addr_valid+0x1db/0x2d0 [ 16.905695] ? copy_user_test_oob+0x604/0x10f0 [ 16.905720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.905745] ? copy_user_test_oob+0x604/0x10f0 [ 16.905770] kasan_report+0x141/0x180 [ 16.905793] ? copy_user_test_oob+0x604/0x10f0 [ 16.905823] kasan_check_range+0x10c/0x1c0 [ 16.905847] __kasan_check_read+0x15/0x20 [ 16.905868] copy_user_test_oob+0x604/0x10f0 [ 16.905905] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.905929] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.905971] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.906001] kunit_try_run_case+0x1a5/0x480 [ 16.906026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.906051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.906075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.906101] ? __kthread_parkme+0x82/0x180 [ 16.906123] ? preempt_count_sub+0x50/0x80 [ 16.906147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.906173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.906199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.906226] kthread+0x337/0x6f0 [ 16.906247] ? trace_preempt_on+0x20/0xc0 [ 16.906290] ? __pfx_kthread+0x10/0x10 [ 16.906313] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.906337] ? calculate_sigpending+0x7b/0xa0 [ 16.906373] ? __pfx_kthread+0x10/0x10 [ 16.906396] ret_from_fork+0x116/0x1d0 [ 16.906416] ? __pfx_kthread+0x10/0x10 [ 16.906438] ret_from_fork_asm+0x1a/0x30 [ 16.906478] </TASK> [ 16.906488] [ 16.913074] Allocated by task 302: [ 16.913254] kasan_save_stack+0x45/0x70 [ 16.913494] kasan_save_track+0x18/0x40 [ 16.913686] kasan_save_alloc_info+0x3b/0x50 [ 16.913917] __kasan_kmalloc+0xb7/0xc0 [ 16.914114] __kmalloc_noprof+0x1c9/0x500 [ 16.914311] kunit_kmalloc_array+0x25/0x60 [ 16.914516] copy_user_test_oob+0xab/0x10f0 [ 16.914710] kunit_try_run_case+0x1a5/0x480 [ 16.914859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.915037] kthread+0x337/0x6f0 [ 16.915158] ret_from_fork+0x116/0x1d0 [ 16.915312] ret_from_fork_asm+0x1a/0x30 [ 16.915509] [ 16.915628] The buggy address belongs to the object at ffff888103a67500 [ 16.915628] which belongs to the cache kmalloc-128 of size 128 [ 16.916254] The buggy address is located 0 bytes inside of [ 16.916254] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.916773] [ 16.916845] The buggy address belongs to the physical page: [ 16.917018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.917416] flags: 0x200000000000000(node=0|zone=2) [ 16.917648] page_type: f5(slab) [ 16.917828] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.918156] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.918486] page dumped because: kasan: bad access detected [ 16.918723] [ 16.918840] Memory state around the buggy address: [ 16.919044] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.919355] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.919645] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.919986] ^ [ 16.920288] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.920553] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.920779] ================================================================== [ 16.852297] ================================================================== [ 16.852617] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.852954] Write of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.853344] [ 16.853484] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.853529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.853542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.853563] Call Trace: [ 16.853576] <TASK> [ 16.853591] dump_stack_lvl+0x73/0xb0 [ 16.853632] print_report+0xd1/0x610 [ 16.853655] ? __virt_addr_valid+0x1db/0x2d0 [ 16.853679] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.853715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.853740] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.853766] kasan_report+0x141/0x180 [ 16.853789] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.853818] kasan_check_range+0x10c/0x1c0 [ 16.853843] __kasan_check_write+0x18/0x20 [ 16.853874] copy_user_test_oob+0x3fd/0x10f0 [ 16.853901] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.853925] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.853971] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.854001] kunit_try_run_case+0x1a5/0x480 [ 16.854037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.854061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.854087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.854112] ? __kthread_parkme+0x82/0x180 [ 16.854134] ? preempt_count_sub+0x50/0x80 [ 16.854159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.854185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.854212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.854239] kthread+0x337/0x6f0 [ 16.854259] ? trace_preempt_on+0x20/0xc0 [ 16.854293] ? __pfx_kthread+0x10/0x10 [ 16.854316] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.854339] ? calculate_sigpending+0x7b/0xa0 [ 16.854365] ? __pfx_kthread+0x10/0x10 [ 16.854388] ret_from_fork+0x116/0x1d0 [ 16.854408] ? __pfx_kthread+0x10/0x10 [ 16.854431] ret_from_fork_asm+0x1a/0x30 [ 16.854463] </TASK> [ 16.854474] [ 16.861296] Allocated by task 302: [ 16.861506] kasan_save_stack+0x45/0x70 [ 16.861709] kasan_save_track+0x18/0x40 [ 16.861894] kasan_save_alloc_info+0x3b/0x50 [ 16.862090] __kasan_kmalloc+0xb7/0xc0 [ 16.862293] __kmalloc_noprof+0x1c9/0x500 [ 16.862496] kunit_kmalloc_array+0x25/0x60 [ 16.862676] copy_user_test_oob+0xab/0x10f0 [ 16.862905] kunit_try_run_case+0x1a5/0x480 [ 16.863126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.863380] kthread+0x337/0x6f0 [ 16.863547] ret_from_fork+0x116/0x1d0 [ 16.863747] ret_from_fork_asm+0x1a/0x30 [ 16.863921] [ 16.864028] The buggy address belongs to the object at ffff888103a67500 [ 16.864028] which belongs to the cache kmalloc-128 of size 128 [ 16.864533] The buggy address is located 0 bytes inside of [ 16.864533] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.864989] [ 16.865064] The buggy address belongs to the physical page: [ 16.865237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.865530] flags: 0x200000000000000(node=0|zone=2) [ 16.865772] page_type: f5(slab) [ 16.865950] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.866298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.866627] page dumped because: kasan: bad access detected [ 16.866804] [ 16.866872] Memory state around the buggy address: [ 16.867028] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.867299] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.867632] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.867989] ^ [ 16.868338] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868664] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.831677] ================================================================== [ 16.832007] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.832346] Read of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.832681] [ 16.832786] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.832830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.832844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.832876] Call Trace: [ 16.832891] <TASK> [ 16.832906] dump_stack_lvl+0x73/0xb0 [ 16.832946] print_report+0xd1/0x610 [ 16.832970] ? __virt_addr_valid+0x1db/0x2d0 [ 16.832993] ? _copy_to_user+0x3c/0x70 [ 16.833013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.833048] ? _copy_to_user+0x3c/0x70 [ 16.833068] kasan_report+0x141/0x180 [ 16.833092] ? _copy_to_user+0x3c/0x70 [ 16.833127] kasan_check_range+0x10c/0x1c0 [ 16.833153] __kasan_check_read+0x15/0x20 [ 16.833173] _copy_to_user+0x3c/0x70 [ 16.833194] copy_user_test_oob+0x364/0x10f0 [ 16.833222] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.833248] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.833288] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.833319] kunit_try_run_case+0x1a5/0x480 [ 16.833344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.833377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.833403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.833429] ? __kthread_parkme+0x82/0x180 [ 16.833461] ? preempt_count_sub+0x50/0x80 [ 16.833486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.833511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.833538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.833574] kthread+0x337/0x6f0 [ 16.833595] ? trace_preempt_on+0x20/0xc0 [ 16.833619] ? __pfx_kthread+0x10/0x10 [ 16.833651] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.833675] ? calculate_sigpending+0x7b/0xa0 [ 16.833700] ? __pfx_kthread+0x10/0x10 [ 16.833723] ret_from_fork+0x116/0x1d0 [ 16.833742] ? __pfx_kthread+0x10/0x10 [ 16.833764] ret_from_fork_asm+0x1a/0x30 [ 16.833796] </TASK> [ 16.833807] [ 16.840637] Allocated by task 302: [ 16.840817] kasan_save_stack+0x45/0x70 [ 16.840982] kasan_save_track+0x18/0x40 [ 16.841141] kasan_save_alloc_info+0x3b/0x50 [ 16.841387] __kasan_kmalloc+0xb7/0xc0 [ 16.841577] __kmalloc_noprof+0x1c9/0x500 [ 16.841765] kunit_kmalloc_array+0x25/0x60 [ 16.841973] copy_user_test_oob+0xab/0x10f0 [ 16.842174] kunit_try_run_case+0x1a5/0x480 [ 16.842394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.842634] kthread+0x337/0x6f0 [ 16.842785] ret_from_fork+0x116/0x1d0 [ 16.842929] ret_from_fork_asm+0x1a/0x30 [ 16.843146] [ 16.843241] The buggy address belongs to the object at ffff888103a67500 [ 16.843241] which belongs to the cache kmalloc-128 of size 128 [ 16.843726] The buggy address is located 0 bytes inside of [ 16.843726] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.844252] [ 16.844358] The buggy address belongs to the physical page: [ 16.844589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.844932] flags: 0x200000000000000(node=0|zone=2) [ 16.845164] page_type: f5(slab) [ 16.845355] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.845652] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.845879] page dumped because: kasan: bad access detected [ 16.846053] [ 16.846122] Memory state around the buggy address: [ 16.846329] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.846658] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.846985] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.847315] ^ [ 16.847601] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.847819] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848032] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.811629] ================================================================== [ 16.812484] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.812719] Write of size 121 at addr ffff888103a67500 by task kunit_try_catch/302 [ 16.812958] [ 16.813054] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.813101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.813114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.813138] Call Trace: [ 16.813151] <TASK> [ 16.813171] dump_stack_lvl+0x73/0xb0 [ 16.813203] print_report+0xd1/0x610 [ 16.813228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.813254] ? _copy_from_user+0x32/0x90 [ 16.813286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.813311] ? _copy_from_user+0x32/0x90 [ 16.813333] kasan_report+0x141/0x180 [ 16.813356] ? _copy_from_user+0x32/0x90 [ 16.813381] kasan_check_range+0x10c/0x1c0 [ 16.813406] __kasan_check_write+0x18/0x20 [ 16.813427] _copy_from_user+0x32/0x90 [ 16.813450] copy_user_test_oob+0x2be/0x10f0 [ 16.813518] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.813544] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.813589] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.813619] kunit_try_run_case+0x1a5/0x480 [ 16.813644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.813718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.813755] ? __kthread_parkme+0x82/0x180 [ 16.813789] ? preempt_count_sub+0x50/0x80 [ 16.813816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.813870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.813898] kthread+0x337/0x6f0 [ 16.813918] ? trace_preempt_on+0x20/0xc0 [ 16.813964] ? __pfx_kthread+0x10/0x10 [ 16.813987] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.814021] ? calculate_sigpending+0x7b/0xa0 [ 16.814059] ? __pfx_kthread+0x10/0x10 [ 16.814082] ret_from_fork+0x116/0x1d0 [ 16.814103] ? __pfx_kthread+0x10/0x10 [ 16.814125] ret_from_fork_asm+0x1a/0x30 [ 16.814158] </TASK> [ 16.814170] [ 16.820922] Allocated by task 302: [ 16.821050] kasan_save_stack+0x45/0x70 [ 16.821250] kasan_save_track+0x18/0x40 [ 16.821455] kasan_save_alloc_info+0x3b/0x50 [ 16.821668] __kasan_kmalloc+0xb7/0xc0 [ 16.821849] __kmalloc_noprof+0x1c9/0x500 [ 16.822046] kunit_kmalloc_array+0x25/0x60 [ 16.822196] copy_user_test_oob+0xab/0x10f0 [ 16.822423] kunit_try_run_case+0x1a5/0x480 [ 16.822594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.822812] kthread+0x337/0x6f0 [ 16.822931] ret_from_fork+0x116/0x1d0 [ 16.823061] ret_from_fork_asm+0x1a/0x30 [ 16.823255] [ 16.823359] The buggy address belongs to the object at ffff888103a67500 [ 16.823359] which belongs to the cache kmalloc-128 of size 128 [ 16.823894] The buggy address is located 0 bytes inside of [ 16.823894] allocated 120-byte region [ffff888103a67500, ffff888103a67578) [ 16.824406] [ 16.824524] The buggy address belongs to the physical page: [ 16.824755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.825086] flags: 0x200000000000000(node=0|zone=2) [ 16.825302] page_type: f5(slab) [ 16.825485] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.825744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.825966] page dumped because: kasan: bad access detected [ 16.826167] [ 16.826279] Memory state around the buggy address: [ 16.826501] ffff888103a67400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.826821] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827135] >ffff888103a67500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.827421] ^ [ 16.827689] ffff888103a67580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827900] ffff888103a67600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828155] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.740586] ================================================================== [ 16.741685] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.742257] Read of size 8 at addr ffff888103a67478 by task kunit_try_catch/298 [ 16.742896] [ 16.743160] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.743207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.743220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.743243] Call Trace: [ 16.743257] <TASK> [ 16.743284] dump_stack_lvl+0x73/0xb0 [ 16.743317] print_report+0xd1/0x610 [ 16.743376] ? __virt_addr_valid+0x1db/0x2d0 [ 16.743401] ? copy_to_kernel_nofault+0x225/0x260 [ 16.743438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.743464] ? copy_to_kernel_nofault+0x225/0x260 [ 16.743489] kasan_report+0x141/0x180 [ 16.743512] ? copy_to_kernel_nofault+0x225/0x260 [ 16.743542] __asan_report_load8_noabort+0x18/0x20 [ 16.743569] copy_to_kernel_nofault+0x225/0x260 [ 16.743595] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.743622] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.743648] ? finish_task_switch.isra.0+0x153/0x700 [ 16.743674] ? __schedule+0x10cc/0x2b60 [ 16.743697] ? trace_hardirqs_on+0x37/0xe0 [ 16.743730] ? __pfx_read_tsc+0x10/0x10 [ 16.743752] ? ktime_get_ts64+0x86/0x230 [ 16.743778] kunit_try_run_case+0x1a5/0x480 [ 16.743805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.743829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.743855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.743880] ? __kthread_parkme+0x82/0x180 [ 16.743903] ? preempt_count_sub+0x50/0x80 [ 16.743927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.743953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.743979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.744066] kthread+0x337/0x6f0 [ 16.744087] ? trace_preempt_on+0x20/0xc0 [ 16.744112] ? __pfx_kthread+0x10/0x10 [ 16.744133] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.744157] ? calculate_sigpending+0x7b/0xa0 [ 16.744183] ? __pfx_kthread+0x10/0x10 [ 16.744206] ret_from_fork+0x116/0x1d0 [ 16.744226] ? __pfx_kthread+0x10/0x10 [ 16.744247] ret_from_fork_asm+0x1a/0x30 [ 16.744291] </TASK> [ 16.744303] [ 16.758775] Allocated by task 298: [ 16.759074] kasan_save_stack+0x45/0x70 [ 16.759465] kasan_save_track+0x18/0x40 [ 16.759605] kasan_save_alloc_info+0x3b/0x50 [ 16.759753] __kasan_kmalloc+0xb7/0xc0 [ 16.759885] __kmalloc_cache_noprof+0x189/0x420 [ 16.760077] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.760299] kunit_try_run_case+0x1a5/0x480 [ 16.760525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.760779] kthread+0x337/0x6f0 [ 16.760911] ret_from_fork+0x116/0x1d0 [ 16.761067] ret_from_fork_asm+0x1a/0x30 [ 16.761276] [ 16.761374] The buggy address belongs to the object at ffff888103a67400 [ 16.761374] which belongs to the cache kmalloc-128 of size 128 [ 16.761793] The buggy address is located 0 bytes to the right of [ 16.761793] allocated 120-byte region [ffff888103a67400, ffff888103a67478) [ 16.762405] [ 16.762521] The buggy address belongs to the physical page: [ 16.762773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.763234] flags: 0x200000000000000(node=0|zone=2) [ 16.763430] page_type: f5(slab) [ 16.763551] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.763883] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.764284] page dumped because: kasan: bad access detected [ 16.764462] [ 16.764557] Memory state around the buggy address: [ 16.764808] ffff888103a67300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.765259] ffff888103a67380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.765597] >ffff888103a67400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.765893] ^ [ 16.766291] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766610] ffff888103a67500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766921] ================================================================== [ 16.767742] ================================================================== [ 16.768172] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.768958] Write of size 8 at addr ffff888103a67478 by task kunit_try_catch/298 [ 16.769526] [ 16.769634] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.769689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.769711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.769733] Call Trace: [ 16.769746] <TASK> [ 16.769761] dump_stack_lvl+0x73/0xb0 [ 16.769802] print_report+0xd1/0x610 [ 16.769826] ? __virt_addr_valid+0x1db/0x2d0 [ 16.769849] ? copy_to_kernel_nofault+0x99/0x260 [ 16.769875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.769900] ? copy_to_kernel_nofault+0x99/0x260 [ 16.769935] kasan_report+0x141/0x180 [ 16.769959] ? copy_to_kernel_nofault+0x99/0x260 [ 16.770023] kasan_check_range+0x10c/0x1c0 [ 16.770050] __kasan_check_write+0x18/0x20 [ 16.770071] copy_to_kernel_nofault+0x99/0x260 [ 16.770099] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.770125] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.770150] ? finish_task_switch.isra.0+0x153/0x700 [ 16.770175] ? __schedule+0x10cc/0x2b60 [ 16.770198] ? trace_hardirqs_on+0x37/0xe0 [ 16.770230] ? __pfx_read_tsc+0x10/0x10 [ 16.770253] ? ktime_get_ts64+0x86/0x230 [ 16.770287] kunit_try_run_case+0x1a5/0x480 [ 16.770313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.770337] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.770410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.770461] ? __kthread_parkme+0x82/0x180 [ 16.770483] ? preempt_count_sub+0x50/0x80 [ 16.770507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.770534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.770569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.770596] kthread+0x337/0x6f0 [ 16.770617] ? trace_preempt_on+0x20/0xc0 [ 16.770651] ? __pfx_kthread+0x10/0x10 [ 16.770673] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.770695] ? calculate_sigpending+0x7b/0xa0 [ 16.770725] ? __pfx_kthread+0x10/0x10 [ 16.770747] ret_from_fork+0x116/0x1d0 [ 16.770767] ? __pfx_kthread+0x10/0x10 [ 16.770798] ret_from_fork_asm+0x1a/0x30 [ 16.770831] </TASK> [ 16.770842] [ 16.780869] Allocated by task 298: [ 16.781020] kasan_save_stack+0x45/0x70 [ 16.781172] kasan_save_track+0x18/0x40 [ 16.781320] kasan_save_alloc_info+0x3b/0x50 [ 16.781471] __kasan_kmalloc+0xb7/0xc0 [ 16.781605] __kmalloc_cache_noprof+0x189/0x420 [ 16.781764] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.781930] kunit_try_run_case+0x1a5/0x480 [ 16.782078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.782257] kthread+0x337/0x6f0 [ 16.784416] ret_from_fork+0x116/0x1d0 [ 16.785477] ret_from_fork_asm+0x1a/0x30 [ 16.786437] [ 16.786551] The buggy address belongs to the object at ffff888103a67400 [ 16.786551] which belongs to the cache kmalloc-128 of size 128 [ 16.787301] The buggy address is located 0 bytes to the right of [ 16.787301] allocated 120-byte region [ffff888103a67400, ffff888103a67478) [ 16.788085] [ 16.788287] The buggy address belongs to the physical page: [ 16.788517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 16.788878] flags: 0x200000000000000(node=0|zone=2) [ 16.789447] page_type: f5(slab) [ 16.789606] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.789970] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.790685] page dumped because: kasan: bad access detected [ 16.791050] [ 16.791148] Memory state around the buggy address: [ 16.791332] ffff888103a67300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.791654] ffff888103a67380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.791975] >ffff888103a67400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.792636] ^ [ 16.793155] ffff888103a67480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.793692] ffff888103a67500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.794215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.394865] ================================================================== [ 16.395451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.395729] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.395955] [ 16.396039] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.396081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.396095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.396117] Call Trace: [ 16.396129] <TASK> [ 16.396143] dump_stack_lvl+0x73/0xb0 [ 16.396170] print_report+0xd1/0x610 [ 16.396193] ? __virt_addr_valid+0x1db/0x2d0 [ 16.396217] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.396240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.396276] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.396300] kasan_report+0x141/0x180 [ 16.396323] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.396351] kasan_check_range+0x10c/0x1c0 [ 16.396376] __kasan_check_write+0x18/0x20 [ 16.396397] kasan_atomics_helper+0x1c18/0x5450 [ 16.396421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.396446] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.396472] ? kasan_atomics+0x152/0x310 [ 16.396500] kasan_atomics+0x1dc/0x310 [ 16.396523] ? __pfx_kasan_atomics+0x10/0x10 [ 16.396548] ? __pfx_read_tsc+0x10/0x10 [ 16.396570] ? ktime_get_ts64+0x86/0x230 [ 16.396595] kunit_try_run_case+0x1a5/0x480 [ 16.396619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.396644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.396669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.396694] ? __kthread_parkme+0x82/0x180 [ 16.396716] ? preempt_count_sub+0x50/0x80 [ 16.396742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.396768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.396794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.396821] kthread+0x337/0x6f0 [ 16.396840] ? trace_preempt_on+0x20/0xc0 [ 16.396864] ? __pfx_kthread+0x10/0x10 [ 16.396885] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.396908] ? calculate_sigpending+0x7b/0xa0 [ 16.396933] ? __pfx_kthread+0x10/0x10 [ 16.396955] ret_from_fork+0x116/0x1d0 [ 16.396975] ? __pfx_kthread+0x10/0x10 [ 16.396996] ret_from_fork_asm+0x1a/0x30 [ 16.397028] </TASK> [ 16.397039] [ 16.404140] Allocated by task 282: [ 16.404322] kasan_save_stack+0x45/0x70 [ 16.404517] kasan_save_track+0x18/0x40 [ 16.404700] kasan_save_alloc_info+0x3b/0x50 [ 16.404877] __kasan_kmalloc+0xb7/0xc0 [ 16.405072] __kmalloc_cache_noprof+0x189/0x420 [ 16.405255] kasan_atomics+0x95/0x310 [ 16.405435] kunit_try_run_case+0x1a5/0x480 [ 16.405615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.405858] kthread+0x337/0x6f0 [ 16.406001] ret_from_fork+0x116/0x1d0 [ 16.406167] ret_from_fork_asm+0x1a/0x30 [ 16.406364] [ 16.406448] The buggy address belongs to the object at ffff888102a0a600 [ 16.406448] which belongs to the cache kmalloc-64 of size 64 [ 16.406918] The buggy address is located 0 bytes to the right of [ 16.406918] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.407392] [ 16.407471] The buggy address belongs to the physical page: [ 16.407643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.407883] flags: 0x200000000000000(node=0|zone=2) [ 16.408046] page_type: f5(slab) [ 16.408165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.408492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.408827] page dumped because: kasan: bad access detected [ 16.409074] [ 16.409166] Memory state around the buggy address: [ 16.409398] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.409712] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.410025] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.410254] ^ [ 16.410418] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.410633] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.410855] ================================================================== [ 15.965965] ================================================================== [ 15.966294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.966599] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.966849] [ 15.966956] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.966998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.967010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.967031] Call Trace: [ 15.967046] <TASK> [ 15.967061] dump_stack_lvl+0x73/0xb0 [ 15.967087] print_report+0xd1/0x610 [ 15.967110] ? __virt_addr_valid+0x1db/0x2d0 [ 15.967134] ? kasan_atomics_helper+0x1148/0x5450 [ 15.967157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.967183] ? kasan_atomics_helper+0x1148/0x5450 [ 15.967206] kasan_report+0x141/0x180 [ 15.967229] ? kasan_atomics_helper+0x1148/0x5450 [ 15.967257] kasan_check_range+0x10c/0x1c0 [ 15.967291] __kasan_check_write+0x18/0x20 [ 15.967312] kasan_atomics_helper+0x1148/0x5450 [ 15.967336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.967360] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.967386] ? kasan_atomics+0x152/0x310 [ 15.967413] kasan_atomics+0x1dc/0x310 [ 15.967437] ? __pfx_kasan_atomics+0x10/0x10 [ 15.967462] ? __pfx_read_tsc+0x10/0x10 [ 15.967484] ? ktime_get_ts64+0x86/0x230 [ 15.967509] kunit_try_run_case+0x1a5/0x480 [ 15.967534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.967559] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.967584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.967608] ? __kthread_parkme+0x82/0x180 [ 15.967630] ? preempt_count_sub+0x50/0x80 [ 15.967655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.967683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.967708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.967735] kthread+0x337/0x6f0 [ 15.967755] ? trace_preempt_on+0x20/0xc0 [ 15.967779] ? __pfx_kthread+0x10/0x10 [ 15.967801] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.967824] ? calculate_sigpending+0x7b/0xa0 [ 15.967849] ? __pfx_kthread+0x10/0x10 [ 15.967872] ret_from_fork+0x116/0x1d0 [ 15.967891] ? __pfx_kthread+0x10/0x10 [ 15.967914] ret_from_fork_asm+0x1a/0x30 [ 15.967946] </TASK> [ 15.967956] [ 15.976046] Allocated by task 282: [ 15.976319] kasan_save_stack+0x45/0x70 [ 15.976527] kasan_save_track+0x18/0x40 [ 15.976732] kasan_save_alloc_info+0x3b/0x50 [ 15.976943] __kasan_kmalloc+0xb7/0xc0 [ 15.977163] __kmalloc_cache_noprof+0x189/0x420 [ 15.977370] kasan_atomics+0x95/0x310 [ 15.977557] kunit_try_run_case+0x1a5/0x480 [ 15.977760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.977939] kthread+0x337/0x6f0 [ 15.978134] ret_from_fork+0x116/0x1d0 [ 15.978500] ret_from_fork_asm+0x1a/0x30 [ 15.978719] [ 15.978799] The buggy address belongs to the object at ffff888102a0a600 [ 15.978799] which belongs to the cache kmalloc-64 of size 64 [ 15.979459] The buggy address is located 0 bytes to the right of [ 15.979459] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.980226] [ 15.980350] The buggy address belongs to the physical page: [ 15.980573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.980835] flags: 0x200000000000000(node=0|zone=2) [ 15.981226] page_type: f5(slab) [ 15.981418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.981717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.982032] page dumped because: kasan: bad access detected [ 15.982252] [ 15.982344] Memory state around the buggy address: [ 15.982500] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.982723] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.982962] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.983283] ^ [ 15.983506] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.983817] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.984128] ================================================================== [ 16.637674] ================================================================== [ 16.637944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.638393] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.638618] [ 16.638727] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.638767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.638780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.638802] Call Trace: [ 16.638815] <TASK> [ 16.638829] dump_stack_lvl+0x73/0xb0 [ 16.638855] print_report+0xd1/0x610 [ 16.638877] ? __virt_addr_valid+0x1db/0x2d0 [ 16.638902] ? kasan_atomics_helper+0x218a/0x5450 [ 16.638924] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.638949] ? kasan_atomics_helper+0x218a/0x5450 [ 16.638972] kasan_report+0x141/0x180 [ 16.638994] ? kasan_atomics_helper+0x218a/0x5450 [ 16.639022] kasan_check_range+0x10c/0x1c0 [ 16.639048] __kasan_check_write+0x18/0x20 [ 16.639069] kasan_atomics_helper+0x218a/0x5450 [ 16.639093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.639117] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.639144] ? kasan_atomics+0x152/0x310 [ 16.639171] kasan_atomics+0x1dc/0x310 [ 16.639194] ? __pfx_kasan_atomics+0x10/0x10 [ 16.639220] ? __pfx_read_tsc+0x10/0x10 [ 16.639241] ? ktime_get_ts64+0x86/0x230 [ 16.639278] kunit_try_run_case+0x1a5/0x480 [ 16.639304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.639329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.639353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.639379] ? __kthread_parkme+0x82/0x180 [ 16.639401] ? preempt_count_sub+0x50/0x80 [ 16.639426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.639452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.639478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.639505] kthread+0x337/0x6f0 [ 16.639525] ? trace_preempt_on+0x20/0xc0 [ 16.639549] ? __pfx_kthread+0x10/0x10 [ 16.639571] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.639594] ? calculate_sigpending+0x7b/0xa0 [ 16.639619] ? __pfx_kthread+0x10/0x10 [ 16.639642] ret_from_fork+0x116/0x1d0 [ 16.639662] ? __pfx_kthread+0x10/0x10 [ 16.639683] ret_from_fork_asm+0x1a/0x30 [ 16.639715] </TASK> [ 16.639725] [ 16.646871] Allocated by task 282: [ 16.647047] kasan_save_stack+0x45/0x70 [ 16.647197] kasan_save_track+0x18/0x40 [ 16.647345] kasan_save_alloc_info+0x3b/0x50 [ 16.647495] __kasan_kmalloc+0xb7/0xc0 [ 16.647629] __kmalloc_cache_noprof+0x189/0x420 [ 16.647846] kasan_atomics+0x95/0x310 [ 16.648033] kunit_try_run_case+0x1a5/0x480 [ 16.648239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.648506] kthread+0x337/0x6f0 [ 16.648652] ret_from_fork+0x116/0x1d0 [ 16.648785] ret_from_fork_asm+0x1a/0x30 [ 16.648926] [ 16.648997] The buggy address belongs to the object at ffff888102a0a600 [ 16.648997] which belongs to the cache kmalloc-64 of size 64 [ 16.649481] The buggy address is located 0 bytes to the right of [ 16.649481] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.650041] [ 16.650140] The buggy address belongs to the physical page: [ 16.650410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.650729] flags: 0x200000000000000(node=0|zone=2) [ 16.650940] page_type: f5(slab) [ 16.651100] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.651395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.651703] page dumped because: kasan: bad access detected [ 16.651911] [ 16.652005] Memory state around the buggy address: [ 16.652225] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.652511] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.652780] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.653061] ^ [ 16.653289] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653567] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653809] ================================================================== [ 15.840795] ================================================================== [ 15.841401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.841701] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.841946] [ 15.842078] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.842122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.842134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.842309] Call Trace: [ 15.842329] <TASK> [ 15.842344] dump_stack_lvl+0x73/0xb0 [ 15.842373] print_report+0xd1/0x610 [ 15.842396] ? __virt_addr_valid+0x1db/0x2d0 [ 15.842419] ? kasan_atomics_helper+0xe78/0x5450 [ 15.842442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.842467] ? kasan_atomics_helper+0xe78/0x5450 [ 15.842490] kasan_report+0x141/0x180 [ 15.842513] ? kasan_atomics_helper+0xe78/0x5450 [ 15.842540] kasan_check_range+0x10c/0x1c0 [ 15.842565] __kasan_check_write+0x18/0x20 [ 15.842586] kasan_atomics_helper+0xe78/0x5450 [ 15.842610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.842635] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.842661] ? kasan_atomics+0x152/0x310 [ 15.842688] kasan_atomics+0x1dc/0x310 [ 15.842717] ? __pfx_kasan_atomics+0x10/0x10 [ 15.842743] ? __pfx_read_tsc+0x10/0x10 [ 15.842765] ? ktime_get_ts64+0x86/0x230 [ 15.842790] kunit_try_run_case+0x1a5/0x480 [ 15.842817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.842866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.842892] ? __kthread_parkme+0x82/0x180 [ 15.842913] ? preempt_count_sub+0x50/0x80 [ 15.842938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.842990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.843017] kthread+0x337/0x6f0 [ 15.843037] ? trace_preempt_on+0x20/0xc0 [ 15.843062] ? __pfx_kthread+0x10/0x10 [ 15.843084] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.843107] ? calculate_sigpending+0x7b/0xa0 [ 15.843132] ? __pfx_kthread+0x10/0x10 [ 15.843155] ret_from_fork+0x116/0x1d0 [ 15.843175] ? __pfx_kthread+0x10/0x10 [ 15.843196] ret_from_fork_asm+0x1a/0x30 [ 15.843228] </TASK> [ 15.843338] [ 15.851165] Allocated by task 282: [ 15.851359] kasan_save_stack+0x45/0x70 [ 15.851561] kasan_save_track+0x18/0x40 [ 15.851754] kasan_save_alloc_info+0x3b/0x50 [ 15.852219] __kasan_kmalloc+0xb7/0xc0 [ 15.852382] __kmalloc_cache_noprof+0x189/0x420 [ 15.852546] kasan_atomics+0x95/0x310 [ 15.852700] kunit_try_run_case+0x1a5/0x480 [ 15.852908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.853160] kthread+0x337/0x6f0 [ 15.853343] ret_from_fork+0x116/0x1d0 [ 15.853535] ret_from_fork_asm+0x1a/0x30 [ 15.854128] [ 15.854240] The buggy address belongs to the object at ffff888102a0a600 [ 15.854240] which belongs to the cache kmalloc-64 of size 64 [ 15.854732] The buggy address is located 0 bytes to the right of [ 15.854732] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.855299] [ 15.855396] The buggy address belongs to the physical page: [ 15.855572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.855814] flags: 0x200000000000000(node=0|zone=2) [ 15.855979] page_type: f5(slab) [ 15.856148] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.856516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.856855] page dumped because: kasan: bad access detected [ 15.857117] [ 15.857213] Memory state around the buggy address: [ 15.858574] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858817] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.859450] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.860464] ^ [ 15.861075] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861465] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861920] ================================================================== [ 16.069856] ================================================================== [ 16.070306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 16.070617] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.070909] [ 16.071219] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.071278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.071291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.071312] Call Trace: [ 16.071326] <TASK> [ 16.071340] dump_stack_lvl+0x73/0xb0 [ 16.071368] print_report+0xd1/0x610 [ 16.071390] ? __virt_addr_valid+0x1db/0x2d0 [ 16.071414] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.071436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.071462] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.071486] kasan_report+0x141/0x180 [ 16.071509] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.071538] __asan_report_load4_noabort+0x18/0x20 [ 16.071564] kasan_atomics_helper+0x49ce/0x5450 [ 16.071588] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.071614] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.071643] ? kasan_atomics+0x152/0x310 [ 16.071671] kasan_atomics+0x1dc/0x310 [ 16.071695] ? __pfx_kasan_atomics+0x10/0x10 [ 16.071720] ? __pfx_read_tsc+0x10/0x10 [ 16.071741] ? ktime_get_ts64+0x86/0x230 [ 16.071767] kunit_try_run_case+0x1a5/0x480 [ 16.071793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.071818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.071841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.071867] ? __kthread_parkme+0x82/0x180 [ 16.071891] ? preempt_count_sub+0x50/0x80 [ 16.071915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.071941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.072074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.072109] kthread+0x337/0x6f0 [ 16.072129] ? trace_preempt_on+0x20/0xc0 [ 16.072154] ? __pfx_kthread+0x10/0x10 [ 16.072175] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.072199] ? calculate_sigpending+0x7b/0xa0 [ 16.072223] ? __pfx_kthread+0x10/0x10 [ 16.072246] ret_from_fork+0x116/0x1d0 [ 16.072277] ? __pfx_kthread+0x10/0x10 [ 16.072299] ret_from_fork_asm+0x1a/0x30 [ 16.072330] </TASK> [ 16.072341] [ 16.080108] Allocated by task 282: [ 16.080307] kasan_save_stack+0x45/0x70 [ 16.080514] kasan_save_track+0x18/0x40 [ 16.080709] kasan_save_alloc_info+0x3b/0x50 [ 16.080920] __kasan_kmalloc+0xb7/0xc0 [ 16.081183] __kmalloc_cache_noprof+0x189/0x420 [ 16.081425] kasan_atomics+0x95/0x310 [ 16.081620] kunit_try_run_case+0x1a5/0x480 [ 16.081795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.082079] kthread+0x337/0x6f0 [ 16.082272] ret_from_fork+0x116/0x1d0 [ 16.082462] ret_from_fork_asm+0x1a/0x30 [ 16.082660] [ 16.082761] The buggy address belongs to the object at ffff888102a0a600 [ 16.082761] which belongs to the cache kmalloc-64 of size 64 [ 16.083356] The buggy address is located 0 bytes to the right of [ 16.083356] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.083902] [ 16.084114] The buggy address belongs to the physical page: [ 16.084385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.084729] flags: 0x200000000000000(node=0|zone=2) [ 16.084930] page_type: f5(slab) [ 16.085174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.085424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.085653] page dumped because: kasan: bad access detected [ 16.085826] [ 16.085907] Memory state around the buggy address: [ 16.086234] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086570] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086907] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.087447] ^ [ 16.087685] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088092] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088365] ================================================================== [ 15.946039] ================================================================== [ 15.946469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.946822] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.947339] [ 15.947585] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.947630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.947643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.947664] Call Trace: [ 15.947679] <TASK> [ 15.947694] dump_stack_lvl+0x73/0xb0 [ 15.947722] print_report+0xd1/0x610 [ 15.947744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.947767] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.947790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.947814] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.947838] kasan_report+0x141/0x180 [ 15.947861] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.947889] __asan_report_load4_noabort+0x18/0x20 [ 15.947915] kasan_atomics_helper+0x4a1c/0x5450 [ 15.947941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.947965] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.947991] ? kasan_atomics+0x152/0x310 [ 15.948017] kasan_atomics+0x1dc/0x310 [ 15.948042] ? __pfx_kasan_atomics+0x10/0x10 [ 15.948067] ? __pfx_read_tsc+0x10/0x10 [ 15.948089] ? ktime_get_ts64+0x86/0x230 [ 15.948113] kunit_try_run_case+0x1a5/0x480 [ 15.948138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.948161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.948186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.948211] ? __kthread_parkme+0x82/0x180 [ 15.948232] ? preempt_count_sub+0x50/0x80 [ 15.948256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.948296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.948323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.948349] kthread+0x337/0x6f0 [ 15.948369] ? trace_preempt_on+0x20/0xc0 [ 15.948549] ? __pfx_kthread+0x10/0x10 [ 15.948581] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.948604] ? calculate_sigpending+0x7b/0xa0 [ 15.948631] ? __pfx_kthread+0x10/0x10 [ 15.948654] ret_from_fork+0x116/0x1d0 [ 15.948674] ? __pfx_kthread+0x10/0x10 [ 15.948697] ret_from_fork_asm+0x1a/0x30 [ 15.948729] </TASK> [ 15.948740] [ 15.956892] Allocated by task 282: [ 15.957273] kasan_save_stack+0x45/0x70 [ 15.957460] kasan_save_track+0x18/0x40 [ 15.957633] kasan_save_alloc_info+0x3b/0x50 [ 15.957785] __kasan_kmalloc+0xb7/0xc0 [ 15.957947] __kmalloc_cache_noprof+0x189/0x420 [ 15.958377] kasan_atomics+0x95/0x310 [ 15.958664] kunit_try_run_case+0x1a5/0x480 [ 15.958841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.959208] kthread+0x337/0x6f0 [ 15.959389] ret_from_fork+0x116/0x1d0 [ 15.959557] ret_from_fork_asm+0x1a/0x30 [ 15.959738] [ 15.959831] The buggy address belongs to the object at ffff888102a0a600 [ 15.959831] which belongs to the cache kmalloc-64 of size 64 [ 15.960362] The buggy address is located 0 bytes to the right of [ 15.960362] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.960863] [ 15.960960] The buggy address belongs to the physical page: [ 15.961323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.961570] flags: 0x200000000000000(node=0|zone=2) [ 15.961735] page_type: f5(slab) [ 15.961856] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.962195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.962623] page dumped because: kasan: bad access detected [ 15.962884] [ 15.963141] Memory state around the buggy address: [ 15.963334] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.963555] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.963776] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.964243] ^ [ 15.964492] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.964823] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.965527] ================================================================== [ 16.540815] ================================================================== [ 16.541159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.541970] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.542257] [ 16.542360] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.542451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.542466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.542488] Call Trace: [ 16.542523] <TASK> [ 16.542541] dump_stack_lvl+0x73/0xb0 [ 16.542570] print_report+0xd1/0x610 [ 16.542610] ? __virt_addr_valid+0x1db/0x2d0 [ 16.542635] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.542657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.542682] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.542710] kasan_report+0x141/0x180 [ 16.542734] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.542780] __asan_report_load8_noabort+0x18/0x20 [ 16.542807] kasan_atomics_helper+0x4f71/0x5450 [ 16.542831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.542856] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.542882] ? kasan_atomics+0x152/0x310 [ 16.542909] kasan_atomics+0x1dc/0x310 [ 16.542933] ? __pfx_kasan_atomics+0x10/0x10 [ 16.542958] ? __pfx_read_tsc+0x10/0x10 [ 16.542995] ? ktime_get_ts64+0x86/0x230 [ 16.543034] kunit_try_run_case+0x1a5/0x480 [ 16.543073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.543098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.543123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.543148] ? __kthread_parkme+0x82/0x180 [ 16.543169] ? preempt_count_sub+0x50/0x80 [ 16.543194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.543221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.543246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.543284] kthread+0x337/0x6f0 [ 16.543304] ? trace_preempt_on+0x20/0xc0 [ 16.543329] ? __pfx_kthread+0x10/0x10 [ 16.543350] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.543373] ? calculate_sigpending+0x7b/0xa0 [ 16.543398] ? __pfx_kthread+0x10/0x10 [ 16.543421] ret_from_fork+0x116/0x1d0 [ 16.543441] ? __pfx_kthread+0x10/0x10 [ 16.543462] ret_from_fork_asm+0x1a/0x30 [ 16.543512] </TASK> [ 16.543523] [ 16.550688] Allocated by task 282: [ 16.550873] kasan_save_stack+0x45/0x70 [ 16.551103] kasan_save_track+0x18/0x40 [ 16.551303] kasan_save_alloc_info+0x3b/0x50 [ 16.551521] __kasan_kmalloc+0xb7/0xc0 [ 16.551689] __kmalloc_cache_noprof+0x189/0x420 [ 16.551844] kasan_atomics+0x95/0x310 [ 16.551977] kunit_try_run_case+0x1a5/0x480 [ 16.552121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.552305] kthread+0x337/0x6f0 [ 16.552425] ret_from_fork+0x116/0x1d0 [ 16.552553] ret_from_fork_asm+0x1a/0x30 [ 16.552690] [ 16.552774] The buggy address belongs to the object at ffff888102a0a600 [ 16.552774] which belongs to the cache kmalloc-64 of size 64 [ 16.553328] The buggy address is located 0 bytes to the right of [ 16.553328] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.553963] [ 16.554073] The buggy address belongs to the physical page: [ 16.554375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.554797] flags: 0x200000000000000(node=0|zone=2) [ 16.555052] page_type: f5(slab) [ 16.555241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.555602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.555824] page dumped because: kasan: bad access detected [ 16.555991] [ 16.556059] Memory state around the buggy address: [ 16.556210] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.556554] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.556916] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.557269] ^ [ 16.557514] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.557824] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.558160] ================================================================== [ 15.582939] ================================================================== [ 15.583179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.583651] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.584106] [ 15.584215] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.584259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.584285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.584308] Call Trace: [ 15.584324] <TASK> [ 15.584339] dump_stack_lvl+0x73/0xb0 [ 15.584367] print_report+0xd1/0x610 [ 15.584390] ? __virt_addr_valid+0x1db/0x2d0 [ 15.584414] ? kasan_atomics_helper+0x697/0x5450 [ 15.584437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.584462] ? kasan_atomics_helper+0x697/0x5450 [ 15.584485] kasan_report+0x141/0x180 [ 15.584508] ? kasan_atomics_helper+0x697/0x5450 [ 15.584549] kasan_check_range+0x10c/0x1c0 [ 15.584574] __kasan_check_write+0x18/0x20 [ 15.584595] kasan_atomics_helper+0x697/0x5450 [ 15.584619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.584644] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.584670] ? kasan_atomics+0x152/0x310 [ 15.584697] kasan_atomics+0x1dc/0x310 [ 15.584720] ? __pfx_kasan_atomics+0x10/0x10 [ 15.584746] ? __pfx_read_tsc+0x10/0x10 [ 15.584769] ? ktime_get_ts64+0x86/0x230 [ 15.584793] kunit_try_run_case+0x1a5/0x480 [ 15.584818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.584866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.584892] ? __kthread_parkme+0x82/0x180 [ 15.584914] ? preempt_count_sub+0x50/0x80 [ 15.584939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.585278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.585315] kthread+0x337/0x6f0 [ 15.585336] ? trace_preempt_on+0x20/0xc0 [ 15.585360] ? __pfx_kthread+0x10/0x10 [ 15.585382] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.585406] ? calculate_sigpending+0x7b/0xa0 [ 15.585432] ? __pfx_kthread+0x10/0x10 [ 15.585454] ret_from_fork+0x116/0x1d0 [ 15.585475] ? __pfx_kthread+0x10/0x10 [ 15.585497] ret_from_fork_asm+0x1a/0x30 [ 15.585529] </TASK> [ 15.585539] [ 15.593770] Allocated by task 282: [ 15.593958] kasan_save_stack+0x45/0x70 [ 15.594190] kasan_save_track+0x18/0x40 [ 15.594390] kasan_save_alloc_info+0x3b/0x50 [ 15.594543] __kasan_kmalloc+0xb7/0xc0 [ 15.594678] __kmalloc_cache_noprof+0x189/0x420 [ 15.594904] kasan_atomics+0x95/0x310 [ 15.595191] kunit_try_run_case+0x1a5/0x480 [ 15.595548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595746] kthread+0x337/0x6f0 [ 15.595869] ret_from_fork+0x116/0x1d0 [ 15.596068] ret_from_fork_asm+0x1a/0x30 [ 15.596286] [ 15.596384] The buggy address belongs to the object at ffff888102a0a600 [ 15.596384] which belongs to the cache kmalloc-64 of size 64 [ 15.596920] The buggy address is located 0 bytes to the right of [ 15.596920] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.597608] [ 15.597689] The buggy address belongs to the physical page: [ 15.597949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.598519] flags: 0x200000000000000(node=0|zone=2) [ 15.598723] page_type: f5(slab) [ 15.598890] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.599124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.599448] page dumped because: kasan: bad access detected [ 15.599813] [ 15.599941] Memory state around the buggy address: [ 15.600199] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.600482] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.600708] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.601013] ^ [ 15.601246] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.601584] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.601885] ================================================================== [ 15.640844] ================================================================== [ 15.641738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.642569] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.643239] [ 15.643362] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.643408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.643445] Call Trace: [ 15.643459] <TASK> [ 15.643474] dump_stack_lvl+0x73/0xb0 [ 15.643504] print_report+0xd1/0x610 [ 15.643528] ? __virt_addr_valid+0x1db/0x2d0 [ 15.643552] ? kasan_atomics_helper+0x860/0x5450 [ 15.643574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.643599] ? kasan_atomics_helper+0x860/0x5450 [ 15.643623] kasan_report+0x141/0x180 [ 15.643646] ? kasan_atomics_helper+0x860/0x5450 [ 15.643674] kasan_check_range+0x10c/0x1c0 [ 15.643699] __kasan_check_write+0x18/0x20 [ 15.643720] kasan_atomics_helper+0x860/0x5450 [ 15.643745] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.643769] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.643795] ? kasan_atomics+0x152/0x310 [ 15.643822] kasan_atomics+0x1dc/0x310 [ 15.643846] ? __pfx_kasan_atomics+0x10/0x10 [ 15.643871] ? __pfx_read_tsc+0x10/0x10 [ 15.643893] ? ktime_get_ts64+0x86/0x230 [ 15.643918] kunit_try_run_case+0x1a5/0x480 [ 15.643945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.643969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.644053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.644078] ? __kthread_parkme+0x82/0x180 [ 15.644100] ? preempt_count_sub+0x50/0x80 [ 15.644126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.644178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.644206] kthread+0x337/0x6f0 [ 15.644226] ? trace_preempt_on+0x20/0xc0 [ 15.644250] ? __pfx_kthread+0x10/0x10 [ 15.644282] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.644305] ? calculate_sigpending+0x7b/0xa0 [ 15.644329] ? __pfx_kthread+0x10/0x10 [ 15.644352] ret_from_fork+0x116/0x1d0 [ 15.644372] ? __pfx_kthread+0x10/0x10 [ 15.644393] ret_from_fork_asm+0x1a/0x30 [ 15.644426] </TASK> [ 15.644436] [ 15.652538] Allocated by task 282: [ 15.652730] kasan_save_stack+0x45/0x70 [ 15.652938] kasan_save_track+0x18/0x40 [ 15.653103] kasan_save_alloc_info+0x3b/0x50 [ 15.653307] __kasan_kmalloc+0xb7/0xc0 [ 15.653490] __kmalloc_cache_noprof+0x189/0x420 [ 15.653648] kasan_atomics+0x95/0x310 [ 15.653802] kunit_try_run_case+0x1a5/0x480 [ 15.654016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.654451] kthread+0x337/0x6f0 [ 15.654637] ret_from_fork+0x116/0x1d0 [ 15.654787] ret_from_fork_asm+0x1a/0x30 [ 15.654929] [ 15.655001] The buggy address belongs to the object at ffff888102a0a600 [ 15.655001] which belongs to the cache kmalloc-64 of size 64 [ 15.655634] The buggy address is located 0 bytes to the right of [ 15.655634] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.656185] [ 15.656420] The buggy address belongs to the physical page: [ 15.656631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.656930] flags: 0x200000000000000(node=0|zone=2) [ 15.657094] page_type: f5(slab) [ 15.657217] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.657565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.657907] page dumped because: kasan: bad access detected [ 15.658161] [ 15.658335] Memory state around the buggy address: [ 15.658561] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.659198] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.659515] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.659773] ^ [ 15.659931] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660534] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660912] ================================================================== [ 15.926974] ================================================================== [ 15.927327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.927669] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.928196] [ 15.928317] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.928362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.928377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.928398] Call Trace: [ 15.928413] <TASK> [ 15.928429] dump_stack_lvl+0x73/0xb0 [ 15.928458] print_report+0xd1/0x610 [ 15.928481] ? __virt_addr_valid+0x1db/0x2d0 [ 15.928505] ? kasan_atomics_helper+0x1079/0x5450 [ 15.928528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.928552] ? kasan_atomics_helper+0x1079/0x5450 [ 15.928576] kasan_report+0x141/0x180 [ 15.928599] ? kasan_atomics_helper+0x1079/0x5450 [ 15.928627] kasan_check_range+0x10c/0x1c0 [ 15.928652] __kasan_check_write+0x18/0x20 [ 15.928672] kasan_atomics_helper+0x1079/0x5450 [ 15.928696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.928721] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.928747] ? kasan_atomics+0x152/0x310 [ 15.928774] kasan_atomics+0x1dc/0x310 [ 15.928797] ? __pfx_kasan_atomics+0x10/0x10 [ 15.928823] ? __pfx_read_tsc+0x10/0x10 [ 15.928845] ? ktime_get_ts64+0x86/0x230 [ 15.928870] kunit_try_run_case+0x1a5/0x480 [ 15.928896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.928921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.928945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.928971] ? __kthread_parkme+0x82/0x180 [ 15.928992] ? preempt_count_sub+0x50/0x80 [ 15.929017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.929069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.929096] kthread+0x337/0x6f0 [ 15.929117] ? trace_preempt_on+0x20/0xc0 [ 15.929140] ? __pfx_kthread+0x10/0x10 [ 15.929163] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.929186] ? calculate_sigpending+0x7b/0xa0 [ 15.929211] ? __pfx_kthread+0x10/0x10 [ 15.929234] ret_from_fork+0x116/0x1d0 [ 15.929254] ? __pfx_kthread+0x10/0x10 [ 15.929285] ret_from_fork_asm+0x1a/0x30 [ 15.929317] </TASK> [ 15.929329] [ 15.937625] Allocated by task 282: [ 15.937762] kasan_save_stack+0x45/0x70 [ 15.937910] kasan_save_track+0x18/0x40 [ 15.938320] kasan_save_alloc_info+0x3b/0x50 [ 15.938547] __kasan_kmalloc+0xb7/0xc0 [ 15.938746] __kmalloc_cache_noprof+0x189/0x420 [ 15.939034] kasan_atomics+0x95/0x310 [ 15.939236] kunit_try_run_case+0x1a5/0x480 [ 15.939464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939689] kthread+0x337/0x6f0 [ 15.939812] ret_from_fork+0x116/0x1d0 [ 15.939946] ret_from_fork_asm+0x1a/0x30 [ 15.940455] [ 15.940564] The buggy address belongs to the object at ffff888102a0a600 [ 15.940564] which belongs to the cache kmalloc-64 of size 64 [ 15.941160] The buggy address is located 0 bytes to the right of [ 15.941160] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.941662] [ 15.941758] The buggy address belongs to the physical page: [ 15.942061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.942405] flags: 0x200000000000000(node=0|zone=2) [ 15.942571] page_type: f5(slab) [ 15.942692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.942933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.943275] page dumped because: kasan: bad access detected [ 15.943535] [ 15.943630] Memory state around the buggy address: [ 15.943856] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.944351] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.944641] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.944909] ^ [ 15.945185] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945483] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945706] ================================================================== [ 15.680336] ================================================================== [ 15.680682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.681191] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.681522] [ 15.681614] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.681658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.681671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.681694] Call Trace: [ 15.681711] <TASK> [ 15.681728] dump_stack_lvl+0x73/0xb0 [ 15.681758] print_report+0xd1/0x610 [ 15.681782] ? __virt_addr_valid+0x1db/0x2d0 [ 15.681807] ? kasan_atomics_helper+0x992/0x5450 [ 15.681829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.681855] ? kasan_atomics_helper+0x992/0x5450 [ 15.681879] kasan_report+0x141/0x180 [ 15.681902] ? kasan_atomics_helper+0x992/0x5450 [ 15.681930] kasan_check_range+0x10c/0x1c0 [ 15.681955] __kasan_check_write+0x18/0x20 [ 15.681975] kasan_atomics_helper+0x992/0x5450 [ 15.681999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.682023] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.682049] ? kasan_atomics+0x152/0x310 [ 15.682076] kasan_atomics+0x1dc/0x310 [ 15.682100] ? __pfx_kasan_atomics+0x10/0x10 [ 15.682125] ? __pfx_read_tsc+0x10/0x10 [ 15.682148] ? ktime_get_ts64+0x86/0x230 [ 15.682173] kunit_try_run_case+0x1a5/0x480 [ 15.682200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.682224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.682249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.682285] ? __kthread_parkme+0x82/0x180 [ 15.682307] ? preempt_count_sub+0x50/0x80 [ 15.682496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.682523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.682550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.682578] kthread+0x337/0x6f0 [ 15.682598] ? trace_preempt_on+0x20/0xc0 [ 15.682624] ? __pfx_kthread+0x10/0x10 [ 15.682647] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.682671] ? calculate_sigpending+0x7b/0xa0 [ 15.682697] ? __pfx_kthread+0x10/0x10 [ 15.682728] ret_from_fork+0x116/0x1d0 [ 15.682748] ? __pfx_kthread+0x10/0x10 [ 15.682770] ret_from_fork_asm+0x1a/0x30 [ 15.682803] </TASK> [ 15.682814] [ 15.690824] Allocated by task 282: [ 15.691098] kasan_save_stack+0x45/0x70 [ 15.691326] kasan_save_track+0x18/0x40 [ 15.691505] kasan_save_alloc_info+0x3b/0x50 [ 15.691693] __kasan_kmalloc+0xb7/0xc0 [ 15.691857] __kmalloc_cache_noprof+0x189/0x420 [ 15.692135] kasan_atomics+0x95/0x310 [ 15.692342] kunit_try_run_case+0x1a5/0x480 [ 15.692533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.692712] kthread+0x337/0x6f0 [ 15.692840] ret_from_fork+0x116/0x1d0 [ 15.692976] ret_from_fork_asm+0x1a/0x30 [ 15.693421] [ 15.693523] The buggy address belongs to the object at ffff888102a0a600 [ 15.693523] which belongs to the cache kmalloc-64 of size 64 [ 15.694331] The buggy address is located 0 bytes to the right of [ 15.694331] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.694868] [ 15.694960] The buggy address belongs to the physical page: [ 15.695224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.695484] flags: 0x200000000000000(node=0|zone=2) [ 15.695651] page_type: f5(slab) [ 15.695775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.696467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.696827] page dumped because: kasan: bad access detected [ 15.697238] [ 15.697352] Memory state around the buggy address: [ 15.697575] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.697839] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.698292] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.698620] ^ [ 15.698865] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.699213] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.699445] ================================================================== [ 15.380822] ================================================================== [ 15.381511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.381818] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.382089] [ 15.382200] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.382243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.382255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.382288] Call Trace: [ 15.382299] <TASK> [ 15.382315] dump_stack_lvl+0x73/0xb0 [ 15.382343] print_report+0xd1/0x610 [ 15.382364] ? __virt_addr_valid+0x1db/0x2d0 [ 15.382388] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.382411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.382437] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.382460] kasan_report+0x141/0x180 [ 15.382481] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.382508] __asan_report_load4_noabort+0x18/0x20 [ 15.382534] kasan_atomics_helper+0x4bbc/0x5450 [ 15.382559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.382583] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.382662] ? kasan_atomics+0x152/0x310 [ 15.382690] kasan_atomics+0x1dc/0x310 [ 15.382717] ? __pfx_kasan_atomics+0x10/0x10 [ 15.382740] ? __pfx_read_tsc+0x10/0x10 [ 15.382762] ? ktime_get_ts64+0x86/0x230 [ 15.382786] kunit_try_run_case+0x1a5/0x480 [ 15.382812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.382861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.382884] ? __kthread_parkme+0x82/0x180 [ 15.382905] ? preempt_count_sub+0x50/0x80 [ 15.382930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.382980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.383018] kthread+0x337/0x6f0 [ 15.383037] ? trace_preempt_on+0x20/0xc0 [ 15.383061] ? __pfx_kthread+0x10/0x10 [ 15.383082] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.383104] ? calculate_sigpending+0x7b/0xa0 [ 15.383129] ? __pfx_kthread+0x10/0x10 [ 15.383162] ret_from_fork+0x116/0x1d0 [ 15.383349] ? __pfx_kthread+0x10/0x10 [ 15.383371] ret_from_fork_asm+0x1a/0x30 [ 15.383402] </TASK> [ 15.383412] [ 15.394060] Allocated by task 282: [ 15.394230] kasan_save_stack+0x45/0x70 [ 15.394422] kasan_save_track+0x18/0x40 [ 15.394618] kasan_save_alloc_info+0x3b/0x50 [ 15.394791] __kasan_kmalloc+0xb7/0xc0 [ 15.394925] __kmalloc_cache_noprof+0x189/0x420 [ 15.395273] kasan_atomics+0x95/0x310 [ 15.395509] kunit_try_run_case+0x1a5/0x480 [ 15.395656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.396007] kthread+0x337/0x6f0 [ 15.396274] ret_from_fork+0x116/0x1d0 [ 15.396501] ret_from_fork_asm+0x1a/0x30 [ 15.396679] [ 15.396777] The buggy address belongs to the object at ffff888102a0a600 [ 15.396777] which belongs to the cache kmalloc-64 of size 64 [ 15.397547] The buggy address is located 0 bytes to the right of [ 15.397547] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.398035] [ 15.398134] The buggy address belongs to the physical page: [ 15.398487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.398807] flags: 0x200000000000000(node=0|zone=2) [ 15.399006] page_type: f5(slab) [ 15.399150] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.399567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.399846] page dumped because: kasan: bad access detected [ 15.400042] [ 15.400165] Memory state around the buggy address: [ 15.400542] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.400777] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401094] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.401592] ^ [ 15.401755] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402173] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402595] ================================================================== [ 15.883951] ================================================================== [ 15.884197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.884875] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.885790] [ 15.885919] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.885965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.885979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.886238] Call Trace: [ 15.886256] <TASK> [ 15.886288] dump_stack_lvl+0x73/0xb0 [ 15.886321] print_report+0xd1/0x610 [ 15.886344] ? __virt_addr_valid+0x1db/0x2d0 [ 15.886369] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.886393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.886418] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.886441] kasan_report+0x141/0x180 [ 15.886463] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.886492] kasan_check_range+0x10c/0x1c0 [ 15.886516] __kasan_check_write+0x18/0x20 [ 15.886536] kasan_atomics_helper+0xfa9/0x5450 [ 15.886561] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.886585] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.886612] ? kasan_atomics+0x152/0x310 [ 15.886640] kasan_atomics+0x1dc/0x310 [ 15.886664] ? __pfx_kasan_atomics+0x10/0x10 [ 15.886690] ? __pfx_read_tsc+0x10/0x10 [ 15.886716] ? ktime_get_ts64+0x86/0x230 [ 15.886741] kunit_try_run_case+0x1a5/0x480 [ 15.886768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.886792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.886818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.886843] ? __kthread_parkme+0x82/0x180 [ 15.886865] ? preempt_count_sub+0x50/0x80 [ 15.886891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.886918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.886943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.886970] kthread+0x337/0x6f0 [ 15.887170] ? trace_preempt_on+0x20/0xc0 [ 15.887197] ? __pfx_kthread+0x10/0x10 [ 15.887219] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.887242] ? calculate_sigpending+0x7b/0xa0 [ 15.887280] ? __pfx_kthread+0x10/0x10 [ 15.887303] ret_from_fork+0x116/0x1d0 [ 15.887323] ? __pfx_kthread+0x10/0x10 [ 15.887345] ret_from_fork_asm+0x1a/0x30 [ 15.887378] </TASK> [ 15.887389] [ 15.899537] Allocated by task 282: [ 15.899726] kasan_save_stack+0x45/0x70 [ 15.899920] kasan_save_track+0x18/0x40 [ 15.900071] kasan_save_alloc_info+0x3b/0x50 [ 15.900296] __kasan_kmalloc+0xb7/0xc0 [ 15.900461] __kmalloc_cache_noprof+0x189/0x420 [ 15.900664] kasan_atomics+0x95/0x310 [ 15.900850] kunit_try_run_case+0x1a5/0x480 [ 15.901043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.901341] kthread+0x337/0x6f0 [ 15.901508] ret_from_fork+0x116/0x1d0 [ 15.901708] ret_from_fork_asm+0x1a/0x30 [ 15.902094] [ 15.902239] The buggy address belongs to the object at ffff888102a0a600 [ 15.902239] which belongs to the cache kmalloc-64 of size 64 [ 15.902738] The buggy address is located 0 bytes to the right of [ 15.902738] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.903141] [ 15.903513] The buggy address belongs to the physical page: [ 15.903791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.904343] flags: 0x200000000000000(node=0|zone=2) [ 15.904585] page_type: f5(slab) [ 15.904714] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.905156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.905409] page dumped because: kasan: bad access detected [ 15.905662] [ 15.905755] Memory state around the buggy address: [ 15.905972] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.906330] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.906556] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.906887] ^ [ 15.907076] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.907519] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.907836] ================================================================== [ 16.246357] ================================================================== [ 16.247551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.248252] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.248958] [ 16.249288] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.249340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.249466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.249490] Call Trace: [ 16.249505] <TASK> [ 16.249524] dump_stack_lvl+0x73/0xb0 [ 16.249560] print_report+0xd1/0x610 [ 16.249585] ? __virt_addr_valid+0x1db/0x2d0 [ 16.249610] ? kasan_atomics_helper+0x177f/0x5450 [ 16.249632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.249657] ? kasan_atomics_helper+0x177f/0x5450 [ 16.249682] kasan_report+0x141/0x180 [ 16.249705] ? kasan_atomics_helper+0x177f/0x5450 [ 16.249733] kasan_check_range+0x10c/0x1c0 [ 16.249757] __kasan_check_write+0x18/0x20 [ 16.249778] kasan_atomics_helper+0x177f/0x5450 [ 16.249802] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.249826] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.249852] ? kasan_atomics+0x152/0x310 [ 16.249879] kasan_atomics+0x1dc/0x310 [ 16.249902] ? __pfx_kasan_atomics+0x10/0x10 [ 16.249927] ? __pfx_read_tsc+0x10/0x10 [ 16.249950] ? ktime_get_ts64+0x86/0x230 [ 16.249975] kunit_try_run_case+0x1a5/0x480 [ 16.250237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250278] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.250305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.250330] ? __kthread_parkme+0x82/0x180 [ 16.250353] ? preempt_count_sub+0x50/0x80 [ 16.250378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.250456] kthread+0x337/0x6f0 [ 16.250476] ? trace_preempt_on+0x20/0xc0 [ 16.250502] ? __pfx_kthread+0x10/0x10 [ 16.250524] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.250546] ? calculate_sigpending+0x7b/0xa0 [ 16.250572] ? __pfx_kthread+0x10/0x10 [ 16.250595] ret_from_fork+0x116/0x1d0 [ 16.250615] ? __pfx_kthread+0x10/0x10 [ 16.250637] ret_from_fork_asm+0x1a/0x30 [ 16.250670] </TASK> [ 16.250681] [ 16.263728] Allocated by task 282: [ 16.264164] kasan_save_stack+0x45/0x70 [ 16.264506] kasan_save_track+0x18/0x40 [ 16.264717] kasan_save_alloc_info+0x3b/0x50 [ 16.264930] __kasan_kmalloc+0xb7/0xc0 [ 16.266170] __kmalloc_cache_noprof+0x189/0x420 [ 16.266374] kasan_atomics+0x95/0x310 [ 16.266516] kunit_try_run_case+0x1a5/0x480 [ 16.266668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.266854] kthread+0x337/0x6f0 [ 16.266986] ret_from_fork+0x116/0x1d0 [ 16.267121] ret_from_fork_asm+0x1a/0x30 [ 16.267272] [ 16.267349] The buggy address belongs to the object at ffff888102a0a600 [ 16.267349] which belongs to the cache kmalloc-64 of size 64 [ 16.267706] The buggy address is located 0 bytes to the right of [ 16.267706] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.268075] [ 16.268148] The buggy address belongs to the physical page: [ 16.270557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.271493] flags: 0x200000000000000(node=0|zone=2) [ 16.271765] page_type: f5(slab) [ 16.271950] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.272788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.273689] page dumped because: kasan: bad access detected [ 16.273927] [ 16.274339] Memory state around the buggy address: [ 16.274547] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.274855] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.275644] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.276427] ^ [ 16.276744] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.277318] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.278122] ================================================================== [ 16.361099] ================================================================== [ 16.361625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.361923] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.362475] [ 16.362581] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.362623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362658] Call Trace: [ 16.362669] <TASK> [ 16.362685] dump_stack_lvl+0x73/0xb0 [ 16.362720] print_report+0xd1/0x610 [ 16.362743] ? __virt_addr_valid+0x1db/0x2d0 [ 16.362767] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.362789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.362815] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.362838] kasan_report+0x141/0x180 [ 16.362862] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.362890] kasan_check_range+0x10c/0x1c0 [ 16.362915] __kasan_check_write+0x18/0x20 [ 16.362936] kasan_atomics_helper+0x1a7f/0x5450 [ 16.362960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.362984] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.363010] ? kasan_atomics+0x152/0x310 [ 16.363037] kasan_atomics+0x1dc/0x310 [ 16.363060] ? __pfx_kasan_atomics+0x10/0x10 [ 16.363086] ? __pfx_read_tsc+0x10/0x10 [ 16.363107] ? ktime_get_ts64+0x86/0x230 [ 16.363132] kunit_try_run_case+0x1a5/0x480 [ 16.363158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.363207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.363233] ? __kthread_parkme+0x82/0x180 [ 16.363254] ? preempt_count_sub+0x50/0x80 [ 16.363289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.363368] kthread+0x337/0x6f0 [ 16.363387] ? trace_preempt_on+0x20/0xc0 [ 16.363411] ? __pfx_kthread+0x10/0x10 [ 16.363432] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.363455] ? calculate_sigpending+0x7b/0xa0 [ 16.363481] ? __pfx_kthread+0x10/0x10 [ 16.363503] ret_from_fork+0x116/0x1d0 [ 16.363523] ? __pfx_kthread+0x10/0x10 [ 16.363544] ret_from_fork_asm+0x1a/0x30 [ 16.363576] </TASK> [ 16.363587] [ 16.370685] Allocated by task 282: [ 16.370853] kasan_save_stack+0x45/0x70 [ 16.371030] kasan_save_track+0x18/0x40 [ 16.371218] kasan_save_alloc_info+0x3b/0x50 [ 16.371408] __kasan_kmalloc+0xb7/0xc0 [ 16.371594] __kmalloc_cache_noprof+0x189/0x420 [ 16.371786] kasan_atomics+0x95/0x310 [ 16.371956] kunit_try_run_case+0x1a5/0x480 [ 16.372119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.372307] kthread+0x337/0x6f0 [ 16.372430] ret_from_fork+0x116/0x1d0 [ 16.372591] ret_from_fork_asm+0x1a/0x30 [ 16.372791] [ 16.372885] The buggy address belongs to the object at ffff888102a0a600 [ 16.372885] which belongs to the cache kmalloc-64 of size 64 [ 16.373377] The buggy address is located 0 bytes to the right of [ 16.373377] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.373747] [ 16.373842] The buggy address belongs to the physical page: [ 16.374097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.374476] flags: 0x200000000000000(node=0|zone=2) [ 16.374718] page_type: f5(slab) [ 16.374889] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.375182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.375488] page dumped because: kasan: bad access detected [ 16.375719] [ 16.375799] Memory state around the buggy address: [ 16.375995] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.376284] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.376564] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.376778] ^ [ 16.376932] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.377152] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.377376] ================================================================== [ 15.699903] ================================================================== [ 15.700451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.700722] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.701043] [ 15.701156] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.701198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.701212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.701233] Call Trace: [ 15.701250] <TASK> [ 15.701617] dump_stack_lvl+0x73/0xb0 [ 15.701660] print_report+0xd1/0x610 [ 15.701685] ? __virt_addr_valid+0x1db/0x2d0 [ 15.701710] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.701733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.701767] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.701790] kasan_report+0x141/0x180 [ 15.701813] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.701841] kasan_check_range+0x10c/0x1c0 [ 15.701866] __kasan_check_write+0x18/0x20 [ 15.701887] kasan_atomics_helper+0xa2b/0x5450 [ 15.701911] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.701935] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.702023] ? kasan_atomics+0x152/0x310 [ 15.702072] kasan_atomics+0x1dc/0x310 [ 15.702097] ? __pfx_kasan_atomics+0x10/0x10 [ 15.702122] ? __pfx_read_tsc+0x10/0x10 [ 15.702144] ? ktime_get_ts64+0x86/0x230 [ 15.702170] kunit_try_run_case+0x1a5/0x480 [ 15.702196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.702244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.702281] ? __kthread_parkme+0x82/0x180 [ 15.702302] ? preempt_count_sub+0x50/0x80 [ 15.702327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.702382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.702410] kthread+0x337/0x6f0 [ 15.702431] ? trace_preempt_on+0x20/0xc0 [ 15.702455] ? __pfx_kthread+0x10/0x10 [ 15.702477] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.702501] ? calculate_sigpending+0x7b/0xa0 [ 15.702528] ? __pfx_kthread+0x10/0x10 [ 15.702551] ret_from_fork+0x116/0x1d0 [ 15.702571] ? __pfx_kthread+0x10/0x10 [ 15.702593] ret_from_fork_asm+0x1a/0x30 [ 15.702626] </TASK> [ 15.702637] [ 15.710663] Allocated by task 282: [ 15.710858] kasan_save_stack+0x45/0x70 [ 15.711152] kasan_save_track+0x18/0x40 [ 15.711367] kasan_save_alloc_info+0x3b/0x50 [ 15.711581] __kasan_kmalloc+0xb7/0xc0 [ 15.711773] __kmalloc_cache_noprof+0x189/0x420 [ 15.712028] kasan_atomics+0x95/0x310 [ 15.712230] kunit_try_run_case+0x1a5/0x480 [ 15.712453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.712686] kthread+0x337/0x6f0 [ 15.712848] ret_from_fork+0x116/0x1d0 [ 15.713107] ret_from_fork_asm+0x1a/0x30 [ 15.713305] [ 15.713391] The buggy address belongs to the object at ffff888102a0a600 [ 15.713391] which belongs to the cache kmalloc-64 of size 64 [ 15.713872] The buggy address is located 0 bytes to the right of [ 15.713872] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.714446] [ 15.714530] The buggy address belongs to the physical page: [ 15.714793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.715233] flags: 0x200000000000000(node=0|zone=2) [ 15.715483] page_type: f5(slab) [ 15.715650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.715945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.716277] page dumped because: kasan: bad access detected [ 15.716537] [ 15.716634] Memory state around the buggy address: [ 15.716862] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.717237] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.717564] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.717842] ^ [ 15.718259] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.718566] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.718839] ================================================================== [ 16.595285] ================================================================== [ 16.595796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.596386] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.597053] [ 16.597221] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.597275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.597290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.597321] Call Trace: [ 16.597336] <TASK> [ 16.597351] dump_stack_lvl+0x73/0xb0 [ 16.597385] print_report+0xd1/0x610 [ 16.597408] ? __virt_addr_valid+0x1db/0x2d0 [ 16.597432] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.597455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.597482] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.597505] kasan_report+0x141/0x180 [ 16.597528] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.597557] kasan_check_range+0x10c/0x1c0 [ 16.597582] __kasan_check_write+0x18/0x20 [ 16.597602] kasan_atomics_helper+0x20c8/0x5450 [ 16.597627] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.597651] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.597676] ? kasan_atomics+0x152/0x310 [ 16.597703] kasan_atomics+0x1dc/0x310 [ 16.597727] ? __pfx_kasan_atomics+0x10/0x10 [ 16.597752] ? __pfx_read_tsc+0x10/0x10 [ 16.597775] ? ktime_get_ts64+0x86/0x230 [ 16.597800] kunit_try_run_case+0x1a5/0x480 [ 16.597825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.597850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.597875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.597900] ? __kthread_parkme+0x82/0x180 [ 16.597921] ? preempt_count_sub+0x50/0x80 [ 16.597947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.597973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.597998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.598026] kthread+0x337/0x6f0 [ 16.598045] ? trace_preempt_on+0x20/0xc0 [ 16.598069] ? __pfx_kthread+0x10/0x10 [ 16.598090] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.598113] ? calculate_sigpending+0x7b/0xa0 [ 16.598138] ? __pfx_kthread+0x10/0x10 [ 16.598161] ret_from_fork+0x116/0x1d0 [ 16.598181] ? __pfx_kthread+0x10/0x10 [ 16.598203] ret_from_fork_asm+0x1a/0x30 [ 16.598235] </TASK> [ 16.598246] [ 16.610065] Allocated by task 282: [ 16.610396] kasan_save_stack+0x45/0x70 [ 16.610758] kasan_save_track+0x18/0x40 [ 16.611110] kasan_save_alloc_info+0x3b/0x50 [ 16.611513] __kasan_kmalloc+0xb7/0xc0 [ 16.611806] __kmalloc_cache_noprof+0x189/0x420 [ 16.611965] kasan_atomics+0x95/0x310 [ 16.612104] kunit_try_run_case+0x1a5/0x480 [ 16.612256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.612495] kthread+0x337/0x6f0 [ 16.612638] ret_from_fork+0x116/0x1d0 [ 16.612830] ret_from_fork_asm+0x1a/0x30 [ 16.612992] [ 16.613088] The buggy address belongs to the object at ffff888102a0a600 [ 16.613088] which belongs to the cache kmalloc-64 of size 64 [ 16.613584] The buggy address is located 0 bytes to the right of [ 16.613584] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.614607] [ 16.614771] The buggy address belongs to the physical page: [ 16.615216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.615465] flags: 0x200000000000000(node=0|zone=2) [ 16.615629] page_type: f5(slab) [ 16.615749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.616050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.616697] page dumped because: kasan: bad access detected [ 16.617157] [ 16.617320] Memory state around the buggy address: [ 16.617724] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618340] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618951] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.619561] ^ [ 16.619966] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620548] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620767] ================================================================== [ 15.820770] ================================================================== [ 15.821311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.821652] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.821958] [ 15.822248] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.822307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.822319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.822340] Call Trace: [ 15.822354] <TASK> [ 15.822369] dump_stack_lvl+0x73/0xb0 [ 15.822398] print_report+0xd1/0x610 [ 15.822421] ? __virt_addr_valid+0x1db/0x2d0 [ 15.822445] ? kasan_atomics_helper+0xde0/0x5450 [ 15.822467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.822492] ? kasan_atomics_helper+0xde0/0x5450 [ 15.822516] kasan_report+0x141/0x180 [ 15.822539] ? kasan_atomics_helper+0xde0/0x5450 [ 15.822566] kasan_check_range+0x10c/0x1c0 [ 15.822591] __kasan_check_write+0x18/0x20 [ 15.822612] kasan_atomics_helper+0xde0/0x5450 [ 15.822636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.822661] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.822687] ? kasan_atomics+0x152/0x310 [ 15.822720] kasan_atomics+0x1dc/0x310 [ 15.822744] ? __pfx_kasan_atomics+0x10/0x10 [ 15.822769] ? __pfx_read_tsc+0x10/0x10 [ 15.822792] ? ktime_get_ts64+0x86/0x230 [ 15.822818] kunit_try_run_case+0x1a5/0x480 [ 15.822844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.822893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.822919] ? __kthread_parkme+0x82/0x180 [ 15.822940] ? preempt_count_sub+0x50/0x80 [ 15.822966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.823116] kthread+0x337/0x6f0 [ 15.823137] ? trace_preempt_on+0x20/0xc0 [ 15.823161] ? __pfx_kthread+0x10/0x10 [ 15.823183] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.823206] ? calculate_sigpending+0x7b/0xa0 [ 15.823231] ? __pfx_kthread+0x10/0x10 [ 15.823254] ret_from_fork+0x116/0x1d0 [ 15.823285] ? __pfx_kthread+0x10/0x10 [ 15.823307] ret_from_fork_asm+0x1a/0x30 [ 15.823339] </TASK> [ 15.823350] [ 15.831666] Allocated by task 282: [ 15.831852] kasan_save_stack+0x45/0x70 [ 15.832134] kasan_save_track+0x18/0x40 [ 15.832330] kasan_save_alloc_info+0x3b/0x50 [ 15.832499] __kasan_kmalloc+0xb7/0xc0 [ 15.832691] __kmalloc_cache_noprof+0x189/0x420 [ 15.832871] kasan_atomics+0x95/0x310 [ 15.833010] kunit_try_run_case+0x1a5/0x480 [ 15.833158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833346] kthread+0x337/0x6f0 [ 15.833468] ret_from_fork+0x116/0x1d0 [ 15.833602] ret_from_fork_asm+0x1a/0x30 [ 15.833851] [ 15.834184] The buggy address belongs to the object at ffff888102a0a600 [ 15.834184] which belongs to the cache kmalloc-64 of size 64 [ 15.835169] The buggy address is located 0 bytes to the right of [ 15.835169] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.835845] [ 15.835922] The buggy address belongs to the physical page: [ 15.836097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.836631] flags: 0x200000000000000(node=0|zone=2) [ 15.836879] page_type: f5(slab) [ 15.837052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.837477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.837823] page dumped because: kasan: bad access detected [ 15.838257] [ 15.838359] Memory state around the buggy address: [ 15.838578] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.838828] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839347] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.839635] ^ [ 15.839795] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840125] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840418] ================================================================== [ 16.516567] ================================================================== [ 16.516914] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.517404] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.517737] [ 16.517869] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.517912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.517926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.517948] Call Trace: [ 16.517968] <TASK> [ 16.517982] dump_stack_lvl+0x73/0xb0 [ 16.518010] print_report+0xd1/0x610 [ 16.518047] ? __virt_addr_valid+0x1db/0x2d0 [ 16.518070] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.518093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.518118] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.518141] kasan_report+0x141/0x180 [ 16.518164] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.518192] kasan_check_range+0x10c/0x1c0 [ 16.518217] __kasan_check_write+0x18/0x20 [ 16.518237] kasan_atomics_helper+0x1f43/0x5450 [ 16.518272] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.518296] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.518322] ? kasan_atomics+0x152/0x310 [ 16.518349] kasan_atomics+0x1dc/0x310 [ 16.518372] ? __pfx_kasan_atomics+0x10/0x10 [ 16.518398] ? __pfx_read_tsc+0x10/0x10 [ 16.518421] ? ktime_get_ts64+0x86/0x230 [ 16.518447] kunit_try_run_case+0x1a5/0x480 [ 16.518472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.518497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.518522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.518547] ? __kthread_parkme+0x82/0x180 [ 16.518569] ? preempt_count_sub+0x50/0x80 [ 16.518594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.518620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.518646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.518673] kthread+0x337/0x6f0 [ 16.518693] ? trace_preempt_on+0x20/0xc0 [ 16.518725] ? __pfx_kthread+0x10/0x10 [ 16.518746] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.518769] ? calculate_sigpending+0x7b/0xa0 [ 16.518795] ? __pfx_kthread+0x10/0x10 [ 16.518818] ret_from_fork+0x116/0x1d0 [ 16.518838] ? __pfx_kthread+0x10/0x10 [ 16.518859] ret_from_fork_asm+0x1a/0x30 [ 16.518891] </TASK> [ 16.518901] [ 16.533332] Allocated by task 282: [ 16.533534] kasan_save_stack+0x45/0x70 [ 16.533702] kasan_save_track+0x18/0x40 [ 16.533899] kasan_save_alloc_info+0x3b/0x50 [ 16.534089] __kasan_kmalloc+0xb7/0xc0 [ 16.534257] __kmalloc_cache_noprof+0x189/0x420 [ 16.534428] kasan_atomics+0x95/0x310 [ 16.534617] kunit_try_run_case+0x1a5/0x480 [ 16.534831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.535053] kthread+0x337/0x6f0 [ 16.535173] ret_from_fork+0x116/0x1d0 [ 16.535358] ret_from_fork_asm+0x1a/0x30 [ 16.535558] [ 16.535658] The buggy address belongs to the object at ffff888102a0a600 [ 16.535658] which belongs to the cache kmalloc-64 of size 64 [ 16.536141] The buggy address is located 0 bytes to the right of [ 16.536141] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.536650] [ 16.536727] The buggy address belongs to the physical page: [ 16.536964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.537260] flags: 0x200000000000000(node=0|zone=2) [ 16.537504] page_type: f5(slab) [ 16.537652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.537956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.538277] page dumped because: kasan: bad access detected [ 16.538486] [ 16.538582] Memory state around the buggy address: [ 16.538776] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.539001] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.539256] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.539584] ^ [ 16.539807] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.540043] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.540257] ================================================================== [ 16.164343] ================================================================== [ 16.164654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 16.165088] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.165391] [ 16.165476] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.165518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.165531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.165552] Call Trace: [ 16.165567] <TASK> [ 16.165581] dump_stack_lvl+0x73/0xb0 [ 16.165608] print_report+0xd1/0x610 [ 16.165631] ? __virt_addr_valid+0x1db/0x2d0 [ 16.165655] ? kasan_atomics_helper+0x151d/0x5450 [ 16.165677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.165703] ? kasan_atomics_helper+0x151d/0x5450 [ 16.165726] kasan_report+0x141/0x180 [ 16.165749] ? kasan_atomics_helper+0x151d/0x5450 [ 16.165777] kasan_check_range+0x10c/0x1c0 [ 16.165802] __kasan_check_write+0x18/0x20 [ 16.165823] kasan_atomics_helper+0x151d/0x5450 [ 16.165847] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.165872] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.165898] ? kasan_atomics+0x152/0x310 [ 16.165925] kasan_atomics+0x1dc/0x310 [ 16.165948] ? __pfx_kasan_atomics+0x10/0x10 [ 16.166081] ? __pfx_read_tsc+0x10/0x10 [ 16.166107] ? ktime_get_ts64+0x86/0x230 [ 16.166132] kunit_try_run_case+0x1a5/0x480 [ 16.166158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.166182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.166206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.166232] ? __kthread_parkme+0x82/0x180 [ 16.166253] ? preempt_count_sub+0x50/0x80 [ 16.166289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.166315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.166342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.166369] kthread+0x337/0x6f0 [ 16.166389] ? trace_preempt_on+0x20/0xc0 [ 16.166413] ? __pfx_kthread+0x10/0x10 [ 16.166434] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.166458] ? calculate_sigpending+0x7b/0xa0 [ 16.166485] ? __pfx_kthread+0x10/0x10 [ 16.166508] ret_from_fork+0x116/0x1d0 [ 16.166527] ? __pfx_kthread+0x10/0x10 [ 16.166548] ret_from_fork_asm+0x1a/0x30 [ 16.166580] </TASK> [ 16.166591] [ 16.174582] Allocated by task 282: [ 16.174763] kasan_save_stack+0x45/0x70 [ 16.175131] kasan_save_track+0x18/0x40 [ 16.175343] kasan_save_alloc_info+0x3b/0x50 [ 16.175498] __kasan_kmalloc+0xb7/0xc0 [ 16.175634] __kmalloc_cache_noprof+0x189/0x420 [ 16.175810] kasan_atomics+0x95/0x310 [ 16.176113] kunit_try_run_case+0x1a5/0x480 [ 16.176344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.176602] kthread+0x337/0x6f0 [ 16.176776] ret_from_fork+0x116/0x1d0 [ 16.177036] ret_from_fork_asm+0x1a/0x30 [ 16.177245] [ 16.177353] The buggy address belongs to the object at ffff888102a0a600 [ 16.177353] which belongs to the cache kmalloc-64 of size 64 [ 16.177733] The buggy address is located 0 bytes to the right of [ 16.177733] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.178380] [ 16.178483] The buggy address belongs to the physical page: [ 16.178699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.179200] flags: 0x200000000000000(node=0|zone=2) [ 16.179387] page_type: f5(slab) [ 16.179547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.179895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.180364] page dumped because: kasan: bad access detected [ 16.180620] [ 16.180714] Memory state around the buggy address: [ 16.180941] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.181260] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.181598] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.181903] ^ [ 16.182192] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.182510] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.182743] ================================================================== [ 16.011725] ================================================================== [ 16.013071] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.013539] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.013846] [ 16.013950] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.013994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.014008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.014031] Call Trace: [ 16.014045] <TASK> [ 16.014061] dump_stack_lvl+0x73/0xb0 [ 16.014091] print_report+0xd1/0x610 [ 16.014115] ? __virt_addr_valid+0x1db/0x2d0 [ 16.014139] ? kasan_atomics_helper+0x1217/0x5450 [ 16.014162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.014188] ? kasan_atomics_helper+0x1217/0x5450 [ 16.014211] kasan_report+0x141/0x180 [ 16.014234] ? kasan_atomics_helper+0x1217/0x5450 [ 16.014293] kasan_check_range+0x10c/0x1c0 [ 16.014318] __kasan_check_write+0x18/0x20 [ 16.014340] kasan_atomics_helper+0x1217/0x5450 [ 16.014363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.014388] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.014414] ? kasan_atomics+0x152/0x310 [ 16.014442] kasan_atomics+0x1dc/0x310 [ 16.014465] ? __pfx_kasan_atomics+0x10/0x10 [ 16.014489] ? __pfx_read_tsc+0x10/0x10 [ 16.014513] ? ktime_get_ts64+0x86/0x230 [ 16.014538] kunit_try_run_case+0x1a5/0x480 [ 16.014563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.014613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.014637] ? __kthread_parkme+0x82/0x180 [ 16.014659] ? preempt_count_sub+0x50/0x80 [ 16.014684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.014742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.014768] kthread+0x337/0x6f0 [ 16.014788] ? trace_preempt_on+0x20/0xc0 [ 16.014812] ? __pfx_kthread+0x10/0x10 [ 16.014834] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.014857] ? calculate_sigpending+0x7b/0xa0 [ 16.014882] ? __pfx_kthread+0x10/0x10 [ 16.014904] ret_from_fork+0x116/0x1d0 [ 16.014924] ? __pfx_kthread+0x10/0x10 [ 16.014945] ret_from_fork_asm+0x1a/0x30 [ 16.014977] </TASK> [ 16.014989] [ 16.023201] Allocated by task 282: [ 16.023393] kasan_save_stack+0x45/0x70 [ 16.023592] kasan_save_track+0x18/0x40 [ 16.023760] kasan_save_alloc_info+0x3b/0x50 [ 16.023956] __kasan_kmalloc+0xb7/0xc0 [ 16.024191] __kmalloc_cache_noprof+0x189/0x420 [ 16.024363] kasan_atomics+0x95/0x310 [ 16.024548] kunit_try_run_case+0x1a5/0x480 [ 16.024757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.025127] kthread+0x337/0x6f0 [ 16.025326] ret_from_fork+0x116/0x1d0 [ 16.025503] ret_from_fork_asm+0x1a/0x30 [ 16.025646] [ 16.025720] The buggy address belongs to the object at ffff888102a0a600 [ 16.025720] which belongs to the cache kmalloc-64 of size 64 [ 16.026310] The buggy address is located 0 bytes to the right of [ 16.026310] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.026694] [ 16.026798] The buggy address belongs to the physical page: [ 16.027252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.027637] flags: 0x200000000000000(node=0|zone=2) [ 16.027870] page_type: f5(slab) [ 16.028128] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.028472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.028760] page dumped because: kasan: bad access detected [ 16.028955] [ 16.029119] Memory state around the buggy address: [ 16.029296] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.029628] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.029955] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.030368] ^ [ 16.030608] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.030911] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031395] ================================================================== [ 16.621192] ================================================================== [ 16.621471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.621807] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.622139] [ 16.622251] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.622303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.622317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.622338] Call Trace: [ 16.622354] <TASK> [ 16.622371] dump_stack_lvl+0x73/0xb0 [ 16.622397] print_report+0xd1/0x610 [ 16.622419] ? __virt_addr_valid+0x1db/0x2d0 [ 16.622443] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.622466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.622491] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.622515] kasan_report+0x141/0x180 [ 16.622538] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.622566] __asan_report_load8_noabort+0x18/0x20 [ 16.622592] kasan_atomics_helper+0x4fb2/0x5450 [ 16.622619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.622645] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.622671] ? kasan_atomics+0x152/0x310 [ 16.622698] kasan_atomics+0x1dc/0x310 [ 16.622728] ? __pfx_kasan_atomics+0x10/0x10 [ 16.622755] ? __pfx_read_tsc+0x10/0x10 [ 16.622776] ? ktime_get_ts64+0x86/0x230 [ 16.622802] kunit_try_run_case+0x1a5/0x480 [ 16.622828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.622854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.622880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.622906] ? __kthread_parkme+0x82/0x180 [ 16.622928] ? preempt_count_sub+0x50/0x80 [ 16.622952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.622979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.623005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.623031] kthread+0x337/0x6f0 [ 16.623051] ? trace_preempt_on+0x20/0xc0 [ 16.623075] ? __pfx_kthread+0x10/0x10 [ 16.623097] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.623120] ? calculate_sigpending+0x7b/0xa0 [ 16.623145] ? __pfx_kthread+0x10/0x10 [ 16.623168] ret_from_fork+0x116/0x1d0 [ 16.623187] ? __pfx_kthread+0x10/0x10 [ 16.623209] ret_from_fork_asm+0x1a/0x30 [ 16.623241] </TASK> [ 16.623252] [ 16.630175] Allocated by task 282: [ 16.630314] kasan_save_stack+0x45/0x70 [ 16.630456] kasan_save_track+0x18/0x40 [ 16.630616] kasan_save_alloc_info+0x3b/0x50 [ 16.630833] __kasan_kmalloc+0xb7/0xc0 [ 16.631020] __kmalloc_cache_noprof+0x189/0x420 [ 16.631241] kasan_atomics+0x95/0x310 [ 16.631438] kunit_try_run_case+0x1a5/0x480 [ 16.631649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.631847] kthread+0x337/0x6f0 [ 16.631969] ret_from_fork+0x116/0x1d0 [ 16.632150] ret_from_fork_asm+0x1a/0x30 [ 16.632361] [ 16.632458] The buggy address belongs to the object at ffff888102a0a600 [ 16.632458] which belongs to the cache kmalloc-64 of size 64 [ 16.632904] The buggy address is located 0 bytes to the right of [ 16.632904] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.633301] [ 16.633398] The buggy address belongs to the physical page: [ 16.633651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.634000] flags: 0x200000000000000(node=0|zone=2) [ 16.634214] page_type: f5(slab) [ 16.634344] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.634577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.634868] page dumped because: kasan: bad access detected [ 16.635124] [ 16.635216] Memory state around the buggy address: [ 16.635454] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.635780] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.636112] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.636417] ^ [ 16.636609] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.636826] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.637147] ================================================================== [ 16.429223] ================================================================== [ 16.430528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.430835] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.431065] [ 16.431150] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.431195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.431209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.431231] Call Trace: [ 16.431246] <TASK> [ 16.431260] dump_stack_lvl+0x73/0xb0 [ 16.431494] print_report+0xd1/0x610 [ 16.431519] ? __virt_addr_valid+0x1db/0x2d0 [ 16.431544] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.431567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.431591] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.431779] kasan_report+0x141/0x180 [ 16.431804] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.431833] kasan_check_range+0x10c/0x1c0 [ 16.431859] __kasan_check_write+0x18/0x20 [ 16.431879] kasan_atomics_helper+0x1ce1/0x5450 [ 16.431906] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.431930] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.431956] ? kasan_atomics+0x152/0x310 [ 16.431983] kasan_atomics+0x1dc/0x310 [ 16.432007] ? __pfx_kasan_atomics+0x10/0x10 [ 16.432032] ? __pfx_read_tsc+0x10/0x10 [ 16.432054] ? ktime_get_ts64+0x86/0x230 [ 16.432082] kunit_try_run_case+0x1a5/0x480 [ 16.432108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.432133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.432158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.432183] ? __kthread_parkme+0x82/0x180 [ 16.432204] ? preempt_count_sub+0x50/0x80 [ 16.432228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.432255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.432293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.432319] kthread+0x337/0x6f0 [ 16.432340] ? trace_preempt_on+0x20/0xc0 [ 16.432364] ? __pfx_kthread+0x10/0x10 [ 16.432386] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.432409] ? calculate_sigpending+0x7b/0xa0 [ 16.432434] ? __pfx_kthread+0x10/0x10 [ 16.432456] ret_from_fork+0x116/0x1d0 [ 16.432476] ? __pfx_kthread+0x10/0x10 [ 16.432497] ret_from_fork_asm+0x1a/0x30 [ 16.432530] </TASK> [ 16.432541] [ 16.444800] Allocated by task 282: [ 16.444940] kasan_save_stack+0x45/0x70 [ 16.445090] kasan_save_track+0x18/0x40 [ 16.445226] kasan_save_alloc_info+0x3b/0x50 [ 16.445390] __kasan_kmalloc+0xb7/0xc0 [ 16.445525] __kmalloc_cache_noprof+0x189/0x420 [ 16.445682] kasan_atomics+0x95/0x310 [ 16.445816] kunit_try_run_case+0x1a5/0x480 [ 16.445964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.446142] kthread+0x337/0x6f0 [ 16.446278] ret_from_fork+0x116/0x1d0 [ 16.446605] ret_from_fork_asm+0x1a/0x30 [ 16.446958] [ 16.447113] The buggy address belongs to the object at ffff888102a0a600 [ 16.447113] which belongs to the cache kmalloc-64 of size 64 [ 16.448112] The buggy address is located 0 bytes to the right of [ 16.448112] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.449154] [ 16.449329] The buggy address belongs to the physical page: [ 16.449799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.450482] flags: 0x200000000000000(node=0|zone=2) [ 16.450902] page_type: f5(slab) [ 16.451195] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.451846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.452483] page dumped because: kasan: bad access detected [ 16.452959] [ 16.453112] Memory state around the buggy address: [ 16.453531] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.454310] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.454921] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.455537] ^ [ 16.455968] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.456603] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.457212] ================================================================== [ 15.444670] ================================================================== [ 15.444972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.445388] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.445700] [ 15.445801] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.445843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.445857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.445878] Call Trace: [ 15.445893] <TASK> [ 15.445909] dump_stack_lvl+0x73/0xb0 [ 15.445936] print_report+0xd1/0x610 [ 15.445959] ? __virt_addr_valid+0x1db/0x2d0 [ 15.445983] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.446005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.446030] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.446053] kasan_report+0x141/0x180 [ 15.446076] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.446104] __asan_report_store4_noabort+0x1b/0x30 [ 15.446130] kasan_atomics_helper+0x4b6e/0x5450 [ 15.446155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.446198] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.446223] ? kasan_atomics+0x152/0x310 [ 15.446251] kasan_atomics+0x1dc/0x310 [ 15.446286] ? __pfx_kasan_atomics+0x10/0x10 [ 15.446311] ? __pfx_read_tsc+0x10/0x10 [ 15.446333] ? ktime_get_ts64+0x86/0x230 [ 15.446358] kunit_try_run_case+0x1a5/0x480 [ 15.446384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.446408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.446433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.446459] ? __kthread_parkme+0x82/0x180 [ 15.446480] ? preempt_count_sub+0x50/0x80 [ 15.446505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.446531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.446558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.446585] kthread+0x337/0x6f0 [ 15.446605] ? trace_preempt_on+0x20/0xc0 [ 15.446629] ? __pfx_kthread+0x10/0x10 [ 15.446651] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.446674] ? calculate_sigpending+0x7b/0xa0 [ 15.446699] ? __pfx_kthread+0x10/0x10 [ 15.446728] ret_from_fork+0x116/0x1d0 [ 15.446747] ? __pfx_kthread+0x10/0x10 [ 15.446769] ret_from_fork_asm+0x1a/0x30 [ 15.446801] </TASK> [ 15.446811] [ 15.454571] Allocated by task 282: [ 15.454767] kasan_save_stack+0x45/0x70 [ 15.454970] kasan_save_track+0x18/0x40 [ 15.455242] kasan_save_alloc_info+0x3b/0x50 [ 15.455443] __kasan_kmalloc+0xb7/0xc0 [ 15.455613] __kmalloc_cache_noprof+0x189/0x420 [ 15.455813] kasan_atomics+0x95/0x310 [ 15.456005] kunit_try_run_case+0x1a5/0x480 [ 15.456161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.456351] kthread+0x337/0x6f0 [ 15.456475] ret_from_fork+0x116/0x1d0 [ 15.456610] ret_from_fork_asm+0x1a/0x30 [ 15.456753] [ 15.456824] The buggy address belongs to the object at ffff888102a0a600 [ 15.456824] which belongs to the cache kmalloc-64 of size 64 [ 15.457301] The buggy address is located 0 bytes to the right of [ 15.457301] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.458594] [ 15.458691] The buggy address belongs to the physical page: [ 15.458947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.459396] flags: 0x200000000000000(node=0|zone=2) [ 15.459561] page_type: f5(slab) [ 15.459681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.459911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.460354] page dumped because: kasan: bad access detected [ 15.460621] [ 15.460714] Memory state around the buggy address: [ 15.460942] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.461600] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.461855] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.462393] ^ [ 15.462553] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.462778] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463208] ================================================================== [ 16.679918] ================================================================== [ 16.680434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.681058] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.681373] [ 16.681478] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.681522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.681535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.681557] Call Trace: [ 16.681573] <TASK> [ 16.681588] dump_stack_lvl+0x73/0xb0 [ 16.681616] print_report+0xd1/0x610 [ 16.681639] ? __virt_addr_valid+0x1db/0x2d0 [ 16.681662] ? kasan_atomics_helper+0x224c/0x5450 [ 16.681685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.681710] ? kasan_atomics_helper+0x224c/0x5450 [ 16.681734] kasan_report+0x141/0x180 [ 16.681756] ? kasan_atomics_helper+0x224c/0x5450 [ 16.681785] kasan_check_range+0x10c/0x1c0 [ 16.681810] __kasan_check_write+0x18/0x20 [ 16.681831] kasan_atomics_helper+0x224c/0x5450 [ 16.681856] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.681880] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.681906] ? kasan_atomics+0x152/0x310 [ 16.681933] kasan_atomics+0x1dc/0x310 [ 16.681957] ? __pfx_kasan_atomics+0x10/0x10 [ 16.681983] ? __pfx_read_tsc+0x10/0x10 [ 16.682005] ? ktime_get_ts64+0x86/0x230 [ 16.682031] kunit_try_run_case+0x1a5/0x480 [ 16.682056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.682083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.682107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.682133] ? __kthread_parkme+0x82/0x180 [ 16.682154] ? preempt_count_sub+0x50/0x80 [ 16.682180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.682207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.682233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.682260] kthread+0x337/0x6f0 [ 16.682480] ? trace_preempt_on+0x20/0xc0 [ 16.682507] ? __pfx_kthread+0x10/0x10 [ 16.682529] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.682553] ? calculate_sigpending+0x7b/0xa0 [ 16.682578] ? __pfx_kthread+0x10/0x10 [ 16.682636] ret_from_fork+0x116/0x1d0 [ 16.682658] ? __pfx_kthread+0x10/0x10 [ 16.682679] ret_from_fork_asm+0x1a/0x30 [ 16.682718] </TASK> [ 16.682729] [ 16.692830] Allocated by task 282: [ 16.693209] kasan_save_stack+0x45/0x70 [ 16.693510] kasan_save_track+0x18/0x40 [ 16.693884] kasan_save_alloc_info+0x3b/0x50 [ 16.694198] __kasan_kmalloc+0xb7/0xc0 [ 16.694636] __kmalloc_cache_noprof+0x189/0x420 [ 16.694918] kasan_atomics+0x95/0x310 [ 16.695201] kunit_try_run_case+0x1a5/0x480 [ 16.695603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.696051] kthread+0x337/0x6f0 [ 16.696288] ret_from_fork+0x116/0x1d0 [ 16.696582] ret_from_fork_asm+0x1a/0x30 [ 16.696879] [ 16.696987] The buggy address belongs to the object at ffff888102a0a600 [ 16.696987] which belongs to the cache kmalloc-64 of size 64 [ 16.697478] The buggy address is located 0 bytes to the right of [ 16.697478] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.697981] [ 16.698072] The buggy address belongs to the physical page: [ 16.698635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.699178] flags: 0x200000000000000(node=0|zone=2) [ 16.699581] page_type: f5(slab) [ 16.699874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.700390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.700946] page dumped because: kasan: bad access detected [ 16.701314] [ 16.701545] Memory state around the buggy address: [ 16.701779] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.702068] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.702368] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.702657] ^ [ 16.702872] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.703161] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.703826] ================================================================== [ 16.704935] ================================================================== [ 16.705599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.705906] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.706202] [ 16.706313] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.706356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.706369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.706392] Call Trace: [ 16.706408] <TASK> [ 16.706424] dump_stack_lvl+0x73/0xb0 [ 16.706452] print_report+0xd1/0x610 [ 16.706474] ? __virt_addr_valid+0x1db/0x2d0 [ 16.706498] ? kasan_atomics_helper+0x5115/0x5450 [ 16.706524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.706549] ? kasan_atomics_helper+0x5115/0x5450 [ 16.706572] kasan_report+0x141/0x180 [ 16.706596] ? kasan_atomics_helper+0x5115/0x5450 [ 16.706627] __asan_report_load8_noabort+0x18/0x20 [ 16.706655] kasan_atomics_helper+0x5115/0x5450 [ 16.706680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.706711] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.706738] ? kasan_atomics+0x152/0x310 [ 16.706765] kasan_atomics+0x1dc/0x310 [ 16.706790] ? __pfx_kasan_atomics+0x10/0x10 [ 16.706816] ? __pfx_read_tsc+0x10/0x10 [ 16.706838] ? ktime_get_ts64+0x86/0x230 [ 16.706864] kunit_try_run_case+0x1a5/0x480 [ 16.706890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.706914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.706939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.706965] ? __kthread_parkme+0x82/0x180 [ 16.706986] ? preempt_count_sub+0x50/0x80 [ 16.707011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.707037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.707063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.707090] kthread+0x337/0x6f0 [ 16.707111] ? trace_preempt_on+0x20/0xc0 [ 16.707134] ? __pfx_kthread+0x10/0x10 [ 16.707156] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.707179] ? calculate_sigpending+0x7b/0xa0 [ 16.707205] ? __pfx_kthread+0x10/0x10 [ 16.707227] ret_from_fork+0x116/0x1d0 [ 16.707247] ? __pfx_kthread+0x10/0x10 [ 16.707280] ret_from_fork_asm+0x1a/0x30 [ 16.707312] </TASK> [ 16.707323] [ 16.714285] Allocated by task 282: [ 16.714427] kasan_save_stack+0x45/0x70 [ 16.714596] kasan_save_track+0x18/0x40 [ 16.714800] kasan_save_alloc_info+0x3b/0x50 [ 16.714962] __kasan_kmalloc+0xb7/0xc0 [ 16.715158] __kmalloc_cache_noprof+0x189/0x420 [ 16.715356] kasan_atomics+0x95/0x310 [ 16.715524] kunit_try_run_case+0x1a5/0x480 [ 16.715715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.715938] kthread+0x337/0x6f0 [ 16.716095] ret_from_fork+0x116/0x1d0 [ 16.716255] ret_from_fork_asm+0x1a/0x30 [ 16.716424] [ 16.716509] The buggy address belongs to the object at ffff888102a0a600 [ 16.716509] which belongs to the cache kmalloc-64 of size 64 [ 16.716943] The buggy address is located 0 bytes to the right of [ 16.716943] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.717325] [ 16.717398] The buggy address belongs to the physical page: [ 16.717647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.718002] flags: 0x200000000000000(node=0|zone=2) [ 16.718231] page_type: f5(slab) [ 16.718406] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.718666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.718903] page dumped because: kasan: bad access detected [ 16.719076] [ 16.719146] Memory state around the buggy address: [ 16.719381] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.719706] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.720033] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.720366] ^ [ 16.720589] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720911] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.721188] ================================================================== [ 15.602344] ================================================================== [ 15.602682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.602940] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.603563] [ 15.603656] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.603702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.603716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.603738] Call Trace: [ 15.603752] <TASK> [ 15.603767] dump_stack_lvl+0x73/0xb0 [ 15.603795] print_report+0xd1/0x610 [ 15.603818] ? __virt_addr_valid+0x1db/0x2d0 [ 15.603842] ? kasan_atomics_helper+0x72f/0x5450 [ 15.603865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.603891] ? kasan_atomics_helper+0x72f/0x5450 [ 15.603914] kasan_report+0x141/0x180 [ 15.603937] ? kasan_atomics_helper+0x72f/0x5450 [ 15.603965] kasan_check_range+0x10c/0x1c0 [ 15.603989] __kasan_check_write+0x18/0x20 [ 15.604010] kasan_atomics_helper+0x72f/0x5450 [ 15.604034] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.604059] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.604086] ? kasan_atomics+0x152/0x310 [ 15.604113] kasan_atomics+0x1dc/0x310 [ 15.604136] ? __pfx_kasan_atomics+0x10/0x10 [ 15.604163] ? __pfx_read_tsc+0x10/0x10 [ 15.604184] ? ktime_get_ts64+0x86/0x230 [ 15.604209] kunit_try_run_case+0x1a5/0x480 [ 15.604316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.604345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.604369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.604395] ? __kthread_parkme+0x82/0x180 [ 15.604416] ? preempt_count_sub+0x50/0x80 [ 15.604441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.604467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.604493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.604520] kthread+0x337/0x6f0 [ 15.604541] ? trace_preempt_on+0x20/0xc0 [ 15.604564] ? __pfx_kthread+0x10/0x10 [ 15.604586] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.604608] ? calculate_sigpending+0x7b/0xa0 [ 15.604634] ? __pfx_kthread+0x10/0x10 [ 15.604657] ret_from_fork+0x116/0x1d0 [ 15.604677] ? __pfx_kthread+0x10/0x10 [ 15.604699] ret_from_fork_asm+0x1a/0x30 [ 15.604730] </TASK> [ 15.604741] [ 15.612691] Allocated by task 282: [ 15.612876] kasan_save_stack+0x45/0x70 [ 15.613337] kasan_save_track+0x18/0x40 [ 15.613640] kasan_save_alloc_info+0x3b/0x50 [ 15.613869] __kasan_kmalloc+0xb7/0xc0 [ 15.614203] __kmalloc_cache_noprof+0x189/0x420 [ 15.614427] kasan_atomics+0x95/0x310 [ 15.614564] kunit_try_run_case+0x1a5/0x480 [ 15.614736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.614990] kthread+0x337/0x6f0 [ 15.615216] ret_from_fork+0x116/0x1d0 [ 15.615450] ret_from_fork_asm+0x1a/0x30 [ 15.615654] [ 15.615732] The buggy address belongs to the object at ffff888102a0a600 [ 15.615732] which belongs to the cache kmalloc-64 of size 64 [ 15.616277] The buggy address is located 0 bytes to the right of [ 15.616277] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.616655] [ 15.616727] The buggy address belongs to the physical page: [ 15.616951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.617307] flags: 0x200000000000000(node=0|zone=2) [ 15.617540] page_type: f5(slab) [ 15.617871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.618161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.618804] page dumped because: kasan: bad access detected [ 15.619115] [ 15.619210] Memory state around the buggy address: [ 15.619431] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.619684] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.619903] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.620180] ^ [ 15.620421] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.620752] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.621075] ================================================================== [ 15.463670] ================================================================== [ 15.464020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.464356] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.464608] [ 15.464690] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.464730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.464744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.464766] Call Trace: [ 15.464781] <TASK> [ 15.464795] dump_stack_lvl+0x73/0xb0 [ 15.464822] print_report+0xd1/0x610 [ 15.464843] ? __virt_addr_valid+0x1db/0x2d0 [ 15.464867] ? kasan_atomics_helper+0x3df/0x5450 [ 15.464890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.464914] ? kasan_atomics_helper+0x3df/0x5450 [ 15.464937] kasan_report+0x141/0x180 [ 15.464960] ? kasan_atomics_helper+0x3df/0x5450 [ 15.464987] kasan_check_range+0x10c/0x1c0 [ 15.465012] __kasan_check_read+0x15/0x20 [ 15.465033] kasan_atomics_helper+0x3df/0x5450 [ 15.465057] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.465082] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.465108] ? kasan_atomics+0x152/0x310 [ 15.465135] kasan_atomics+0x1dc/0x310 [ 15.465159] ? __pfx_kasan_atomics+0x10/0x10 [ 15.465184] ? __pfx_read_tsc+0x10/0x10 [ 15.465205] ? ktime_get_ts64+0x86/0x230 [ 15.465230] kunit_try_run_case+0x1a5/0x480 [ 15.465255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.465315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.465340] ? __kthread_parkme+0x82/0x180 [ 15.465363] ? preempt_count_sub+0x50/0x80 [ 15.465388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.465466] kthread+0x337/0x6f0 [ 15.465486] ? trace_preempt_on+0x20/0xc0 [ 15.465510] ? __pfx_kthread+0x10/0x10 [ 15.465532] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.465555] ? calculate_sigpending+0x7b/0xa0 [ 15.465581] ? __pfx_kthread+0x10/0x10 [ 15.465604] ret_from_fork+0x116/0x1d0 [ 15.465623] ? __pfx_kthread+0x10/0x10 [ 15.465645] ret_from_fork_asm+0x1a/0x30 [ 15.465677] </TASK> [ 15.465687] [ 15.476077] Allocated by task 282: [ 15.476216] kasan_save_stack+0x45/0x70 [ 15.476383] kasan_save_track+0x18/0x40 [ 15.476522] kasan_save_alloc_info+0x3b/0x50 [ 15.476674] __kasan_kmalloc+0xb7/0xc0 [ 15.476938] __kmalloc_cache_noprof+0x189/0x420 [ 15.477318] kasan_atomics+0x95/0x310 [ 15.477456] kunit_try_run_case+0x1a5/0x480 [ 15.477619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.477867] kthread+0x337/0x6f0 [ 15.478036] ret_from_fork+0x116/0x1d0 [ 15.479169] ret_from_fork_asm+0x1a/0x30 [ 15.479414] [ 15.479512] The buggy address belongs to the object at ffff888102a0a600 [ 15.479512] which belongs to the cache kmalloc-64 of size 64 [ 15.479947] The buggy address is located 0 bytes to the right of [ 15.479947] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.481775] [ 15.481860] The buggy address belongs to the physical page: [ 15.482032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.482558] flags: 0x200000000000000(node=0|zone=2) [ 15.482787] page_type: f5(slab) [ 15.482931] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.483421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.483656] page dumped because: kasan: bad access detected [ 15.483831] [ 15.483928] Memory state around the buggy address: [ 15.484110] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.484351] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.485510] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.485833] ^ [ 15.486297] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486579] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486845] ================================================================== [ 15.801181] ================================================================== [ 15.801504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.801911] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.802416] [ 15.802729] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.802775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.802788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.802809] Call Trace: [ 15.802825] <TASK> [ 15.802839] dump_stack_lvl+0x73/0xb0 [ 15.802868] print_report+0xd1/0x610 [ 15.802891] ? __virt_addr_valid+0x1db/0x2d0 [ 15.802916] ? kasan_atomics_helper+0xd47/0x5450 [ 15.802939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.802964] ? kasan_atomics_helper+0xd47/0x5450 [ 15.802988] kasan_report+0x141/0x180 [ 15.803011] ? kasan_atomics_helper+0xd47/0x5450 [ 15.803039] kasan_check_range+0x10c/0x1c0 [ 15.803064] __kasan_check_write+0x18/0x20 [ 15.803086] kasan_atomics_helper+0xd47/0x5450 [ 15.803110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.803134] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.803161] ? kasan_atomics+0x152/0x310 [ 15.803188] kasan_atomics+0x1dc/0x310 [ 15.803212] ? __pfx_kasan_atomics+0x10/0x10 [ 15.803238] ? __pfx_read_tsc+0x10/0x10 [ 15.803260] ? ktime_get_ts64+0x86/0x230 [ 15.803299] kunit_try_run_case+0x1a5/0x480 [ 15.803325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.803349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.803375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.803401] ? __kthread_parkme+0x82/0x180 [ 15.803490] ? preempt_count_sub+0x50/0x80 [ 15.803518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.803545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.803571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.803598] kthread+0x337/0x6f0 [ 15.803619] ? trace_preempt_on+0x20/0xc0 [ 15.803643] ? __pfx_kthread+0x10/0x10 [ 15.803665] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.803688] ? calculate_sigpending+0x7b/0xa0 [ 15.803714] ? __pfx_kthread+0x10/0x10 [ 15.803737] ret_from_fork+0x116/0x1d0 [ 15.803757] ? __pfx_kthread+0x10/0x10 [ 15.803778] ret_from_fork_asm+0x1a/0x30 [ 15.803811] </TASK> [ 15.803822] [ 15.812224] Allocated by task 282: [ 15.812420] kasan_save_stack+0x45/0x70 [ 15.812623] kasan_save_track+0x18/0x40 [ 15.812814] kasan_save_alloc_info+0x3b/0x50 [ 15.813044] __kasan_kmalloc+0xb7/0xc0 [ 15.813179] __kmalloc_cache_noprof+0x189/0x420 [ 15.813344] kasan_atomics+0x95/0x310 [ 15.813480] kunit_try_run_case+0x1a5/0x480 [ 15.813815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.814368] kthread+0x337/0x6f0 [ 15.814559] ret_from_fork+0x116/0x1d0 [ 15.814754] ret_from_fork_asm+0x1a/0x30 [ 15.814955] [ 15.815116] The buggy address belongs to the object at ffff888102a0a600 [ 15.815116] which belongs to the cache kmalloc-64 of size 64 [ 15.815602] The buggy address is located 0 bytes to the right of [ 15.815602] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.816167] [ 15.816281] The buggy address belongs to the physical page: [ 15.816507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.816820] flags: 0x200000000000000(node=0|zone=2) [ 15.817112] page_type: f5(slab) [ 15.817277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.817574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.817880] page dumped because: kasan: bad access detected [ 15.818317] [ 15.818417] Memory state around the buggy address: [ 15.818630] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.818944] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819240] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.819468] ^ [ 15.819624] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819906] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820311] ================================================================== [ 16.654221] ================================================================== [ 16.654571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.654910] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.655856] [ 16.655978] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.656024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.656057] Call Trace: [ 16.656069] <TASK> [ 16.656084] dump_stack_lvl+0x73/0xb0 [ 16.656113] print_report+0xd1/0x610 [ 16.656137] ? __virt_addr_valid+0x1db/0x2d0 [ 16.656159] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.656182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.656209] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.656232] kasan_report+0x141/0x180 [ 16.656256] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.656295] __asan_report_load8_noabort+0x18/0x20 [ 16.656323] kasan_atomics_helper+0x4fa5/0x5450 [ 16.656347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.656372] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.656398] ? kasan_atomics+0x152/0x310 [ 16.656425] kasan_atomics+0x1dc/0x310 [ 16.656448] ? __pfx_kasan_atomics+0x10/0x10 [ 16.656475] ? __pfx_read_tsc+0x10/0x10 [ 16.656497] ? ktime_get_ts64+0x86/0x230 [ 16.656522] kunit_try_run_case+0x1a5/0x480 [ 16.656547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.656572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.656597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.656622] ? __kthread_parkme+0x82/0x180 [ 16.656644] ? preempt_count_sub+0x50/0x80 [ 16.656669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.656695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.656721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.656748] kthread+0x337/0x6f0 [ 16.656768] ? trace_preempt_on+0x20/0xc0 [ 16.656792] ? __pfx_kthread+0x10/0x10 [ 16.657319] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.657344] ? calculate_sigpending+0x7b/0xa0 [ 16.657370] ? __pfx_kthread+0x10/0x10 [ 16.657392] ret_from_fork+0x116/0x1d0 [ 16.657797] ? __pfx_kthread+0x10/0x10 [ 16.657827] ret_from_fork_asm+0x1a/0x30 [ 16.657861] </TASK> [ 16.657872] [ 16.668057] Allocated by task 282: [ 16.668494] kasan_save_stack+0x45/0x70 [ 16.668756] kasan_save_track+0x18/0x40 [ 16.669046] kasan_save_alloc_info+0x3b/0x50 [ 16.669408] __kasan_kmalloc+0xb7/0xc0 [ 16.669590] __kmalloc_cache_noprof+0x189/0x420 [ 16.669804] kasan_atomics+0x95/0x310 [ 16.669975] kunit_try_run_case+0x1a5/0x480 [ 16.670166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.670409] kthread+0x337/0x6f0 [ 16.670562] ret_from_fork+0x116/0x1d0 [ 16.670742] ret_from_fork_asm+0x1a/0x30 [ 16.670922] [ 16.671011] The buggy address belongs to the object at ffff888102a0a600 [ 16.671011] which belongs to the cache kmalloc-64 of size 64 [ 16.671999] The buggy address is located 0 bytes to the right of [ 16.671999] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.672809] [ 16.673044] The buggy address belongs to the physical page: [ 16.673482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.673993] flags: 0x200000000000000(node=0|zone=2) [ 16.674397] page_type: f5(slab) [ 16.674678] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.675178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.675780] page dumped because: kasan: bad access detected [ 16.676083] [ 16.676181] Memory state around the buggy address: [ 16.676401] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.676696] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.676985] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.677575] ^ [ 16.677906] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678347] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678822] ================================================================== [ 16.183348] ================================================================== [ 16.183631] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.183946] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.184505] [ 16.184617] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.184660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.184673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.184694] Call Trace: [ 16.184708] <TASK> [ 16.184721] dump_stack_lvl+0x73/0xb0 [ 16.184748] print_report+0xd1/0x610 [ 16.184772] ? __virt_addr_valid+0x1db/0x2d0 [ 16.184795] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.184817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.184842] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.184866] kasan_report+0x141/0x180 [ 16.184889] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.184917] kasan_check_range+0x10c/0x1c0 [ 16.184942] __kasan_check_write+0x18/0x20 [ 16.185043] kasan_atomics_helper+0x15b6/0x5450 [ 16.185073] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.185098] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.185125] ? kasan_atomics+0x152/0x310 [ 16.185151] kasan_atomics+0x1dc/0x310 [ 16.185175] ? __pfx_kasan_atomics+0x10/0x10 [ 16.185200] ? __pfx_read_tsc+0x10/0x10 [ 16.185223] ? ktime_get_ts64+0x86/0x230 [ 16.185248] kunit_try_run_case+0x1a5/0x480 [ 16.185285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.185334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.185360] ? __kthread_parkme+0x82/0x180 [ 16.185381] ? preempt_count_sub+0x50/0x80 [ 16.185405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.185458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.185484] kthread+0x337/0x6f0 [ 16.185504] ? trace_preempt_on+0x20/0xc0 [ 16.185528] ? __pfx_kthread+0x10/0x10 [ 16.185549] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.185572] ? calculate_sigpending+0x7b/0xa0 [ 16.185598] ? __pfx_kthread+0x10/0x10 [ 16.185620] ret_from_fork+0x116/0x1d0 [ 16.185640] ? __pfx_kthread+0x10/0x10 [ 16.185662] ret_from_fork_asm+0x1a/0x30 [ 16.185694] </TASK> [ 16.185705] [ 16.193823] Allocated by task 282: [ 16.194059] kasan_save_stack+0x45/0x70 [ 16.194281] kasan_save_track+0x18/0x40 [ 16.194420] kasan_save_alloc_info+0x3b/0x50 [ 16.194573] __kasan_kmalloc+0xb7/0xc0 [ 16.194772] __kmalloc_cache_noprof+0x189/0x420 [ 16.195172] kasan_atomics+0x95/0x310 [ 16.195386] kunit_try_run_case+0x1a5/0x480 [ 16.195596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.195794] kthread+0x337/0x6f0 [ 16.195916] ret_from_fork+0x116/0x1d0 [ 16.196194] ret_from_fork_asm+0x1a/0x30 [ 16.196408] [ 16.196507] The buggy address belongs to the object at ffff888102a0a600 [ 16.196507] which belongs to the cache kmalloc-64 of size 64 [ 16.197080] The buggy address is located 0 bytes to the right of [ 16.197080] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.197528] [ 16.197629] The buggy address belongs to the physical page: [ 16.197884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.198371] flags: 0x200000000000000(node=0|zone=2) [ 16.198621] page_type: f5(slab) [ 16.198777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.199255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.199619] page dumped because: kasan: bad access detected [ 16.199877] [ 16.200071] Memory state around the buggy address: [ 16.200304] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.200601] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.200842] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.201182] ^ [ 16.201422] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201711] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201945] ================================================================== [ 15.762875] ================================================================== [ 15.763249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.763667] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.763975] [ 15.764063] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.764107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.764120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.764142] Call Trace: [ 15.764157] <TASK> [ 15.764172] dump_stack_lvl+0x73/0xb0 [ 15.764200] print_report+0xd1/0x610 [ 15.764223] ? __virt_addr_valid+0x1db/0x2d0 [ 15.764247] ? kasan_atomics_helper+0xc70/0x5450 [ 15.764281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.764306] ? kasan_atomics_helper+0xc70/0x5450 [ 15.764330] kasan_report+0x141/0x180 [ 15.764353] ? kasan_atomics_helper+0xc70/0x5450 [ 15.764381] kasan_check_range+0x10c/0x1c0 [ 15.764406] __kasan_check_write+0x18/0x20 [ 15.764427] kasan_atomics_helper+0xc70/0x5450 [ 15.764451] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.764475] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.764501] ? kasan_atomics+0x152/0x310 [ 15.764529] kasan_atomics+0x1dc/0x310 [ 15.764553] ? __pfx_kasan_atomics+0x10/0x10 [ 15.764579] ? __pfx_read_tsc+0x10/0x10 [ 15.764602] ? ktime_get_ts64+0x86/0x230 [ 15.764627] kunit_try_run_case+0x1a5/0x480 [ 15.764653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.764677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.764703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.764729] ? __kthread_parkme+0x82/0x180 [ 15.764750] ? preempt_count_sub+0x50/0x80 [ 15.764775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.764801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.764827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.764853] kthread+0x337/0x6f0 [ 15.764873] ? trace_preempt_on+0x20/0xc0 [ 15.764897] ? __pfx_kthread+0x10/0x10 [ 15.764919] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.764941] ? calculate_sigpending+0x7b/0xa0 [ 15.764967] ? __pfx_kthread+0x10/0x10 [ 15.764990] ret_from_fork+0x116/0x1d0 [ 15.765009] ? __pfx_kthread+0x10/0x10 [ 15.765031] ret_from_fork_asm+0x1a/0x30 [ 15.765062] </TASK> [ 15.765073] [ 15.773338] Allocated by task 282: [ 15.773528] kasan_save_stack+0x45/0x70 [ 15.773705] kasan_save_track+0x18/0x40 [ 15.773843] kasan_save_alloc_info+0x3b/0x50 [ 15.773994] __kasan_kmalloc+0xb7/0xc0 [ 15.774129] __kmalloc_cache_noprof+0x189/0x420 [ 15.774296] kasan_atomics+0x95/0x310 [ 15.774741] kunit_try_run_case+0x1a5/0x480 [ 15.774951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.775203] kthread+0x337/0x6f0 [ 15.775595] ret_from_fork+0x116/0x1d0 [ 15.775793] ret_from_fork_asm+0x1a/0x30 [ 15.776045] [ 15.776142] The buggy address belongs to the object at ffff888102a0a600 [ 15.776142] which belongs to the cache kmalloc-64 of size 64 [ 15.776618] The buggy address is located 0 bytes to the right of [ 15.776618] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.777009] [ 15.777081] The buggy address belongs to the physical page: [ 15.777254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.777630] flags: 0x200000000000000(node=0|zone=2) [ 15.777870] page_type: f5(slab) [ 15.778041] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.778400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.778710] page dumped because: kasan: bad access detected [ 15.778941] [ 15.779042] Memory state around the buggy address: [ 15.779250] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.779663] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.779958] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.780358] ^ [ 15.780585] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.780888] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781259] ================================================================== [ 16.202513] ================================================================== [ 16.202863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.203406] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.203675] [ 16.203780] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.203822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.203834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.203855] Call Trace: [ 16.203869] <TASK> [ 16.203885] dump_stack_lvl+0x73/0xb0 [ 16.203913] print_report+0xd1/0x610 [ 16.203935] ? __virt_addr_valid+0x1db/0x2d0 [ 16.203959] ? kasan_atomics_helper+0x164f/0x5450 [ 16.204105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.204130] ? kasan_atomics_helper+0x164f/0x5450 [ 16.204153] kasan_report+0x141/0x180 [ 16.204177] ? kasan_atomics_helper+0x164f/0x5450 [ 16.204205] kasan_check_range+0x10c/0x1c0 [ 16.204229] __kasan_check_write+0x18/0x20 [ 16.204250] kasan_atomics_helper+0x164f/0x5450 [ 16.204286] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.204309] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.204338] ? kasan_atomics+0x152/0x310 [ 16.204365] kasan_atomics+0x1dc/0x310 [ 16.204389] ? __pfx_kasan_atomics+0x10/0x10 [ 16.204415] ? __pfx_read_tsc+0x10/0x10 [ 16.204437] ? ktime_get_ts64+0x86/0x230 [ 16.204461] kunit_try_run_case+0x1a5/0x480 [ 16.204486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.204511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.204535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.204561] ? __kthread_parkme+0x82/0x180 [ 16.204582] ? preempt_count_sub+0x50/0x80 [ 16.204607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.204633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.204658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.204686] kthread+0x337/0x6f0 [ 16.204706] ? trace_preempt_on+0x20/0xc0 [ 16.204730] ? __pfx_kthread+0x10/0x10 [ 16.204752] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.204775] ? calculate_sigpending+0x7b/0xa0 [ 16.204800] ? __pfx_kthread+0x10/0x10 [ 16.204822] ret_from_fork+0x116/0x1d0 [ 16.204841] ? __pfx_kthread+0x10/0x10 [ 16.204863] ret_from_fork_asm+0x1a/0x30 [ 16.204895] </TASK> [ 16.204906] [ 16.213056] Allocated by task 282: [ 16.213243] kasan_save_stack+0x45/0x70 [ 16.213461] kasan_save_track+0x18/0x40 [ 16.213622] kasan_save_alloc_info+0x3b/0x50 [ 16.213774] __kasan_kmalloc+0xb7/0xc0 [ 16.213948] __kmalloc_cache_noprof+0x189/0x420 [ 16.214292] kasan_atomics+0x95/0x310 [ 16.214469] kunit_try_run_case+0x1a5/0x480 [ 16.214618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.214885] kthread+0x337/0x6f0 [ 16.215321] ret_from_fork+0x116/0x1d0 [ 16.215481] ret_from_fork_asm+0x1a/0x30 [ 16.215624] [ 16.215697] The buggy address belongs to the object at ffff888102a0a600 [ 16.215697] which belongs to the cache kmalloc-64 of size 64 [ 16.216498] The buggy address is located 0 bytes to the right of [ 16.216498] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.216945] [ 16.217135] The buggy address belongs to the physical page: [ 16.217408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.217736] flags: 0x200000000000000(node=0|zone=2) [ 16.217947] page_type: f5(slab) [ 16.218188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.218498] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.218754] page dumped because: kasan: bad access detected [ 16.219195] [ 16.219314] Memory state around the buggy address: [ 16.219542] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.219789] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.220227] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.220530] ^ [ 16.220703] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.221111] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.221373] ================================================================== [ 15.719375] ================================================================== [ 15.719680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.720083] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.720401] [ 15.720499] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.720542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.720557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.720579] Call Trace: [ 15.720595] <TASK> [ 15.720610] dump_stack_lvl+0x73/0xb0 [ 15.720639] print_report+0xd1/0x610 [ 15.720662] ? __virt_addr_valid+0x1db/0x2d0 [ 15.720686] ? kasan_atomics_helper+0xac7/0x5450 [ 15.720709] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.720734] ? kasan_atomics_helper+0xac7/0x5450 [ 15.720757] kasan_report+0x141/0x180 [ 15.720780] ? kasan_atomics_helper+0xac7/0x5450 [ 15.720808] kasan_check_range+0x10c/0x1c0 [ 15.720832] __kasan_check_write+0x18/0x20 [ 15.720853] kasan_atomics_helper+0xac7/0x5450 [ 15.720878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.720902] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.720929] ? kasan_atomics+0x152/0x310 [ 15.720956] kasan_atomics+0x1dc/0x310 [ 15.721059] ? __pfx_kasan_atomics+0x10/0x10 [ 15.721085] ? __pfx_read_tsc+0x10/0x10 [ 15.721108] ? ktime_get_ts64+0x86/0x230 [ 15.721134] kunit_try_run_case+0x1a5/0x480 [ 15.721160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.721185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.721210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.721235] ? __kthread_parkme+0x82/0x180 [ 15.721258] ? preempt_count_sub+0x50/0x80 [ 15.721294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.721319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.721345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.721372] kthread+0x337/0x6f0 [ 15.721392] ? trace_preempt_on+0x20/0xc0 [ 15.721417] ? __pfx_kthread+0x10/0x10 [ 15.721439] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.721462] ? calculate_sigpending+0x7b/0xa0 [ 15.721488] ? __pfx_kthread+0x10/0x10 [ 15.721510] ret_from_fork+0x116/0x1d0 [ 15.721530] ? __pfx_kthread+0x10/0x10 [ 15.721551] ret_from_fork_asm+0x1a/0x30 [ 15.721583] </TASK> [ 15.721595] [ 15.729621] Allocated by task 282: [ 15.729784] kasan_save_stack+0x45/0x70 [ 15.730152] kasan_save_track+0x18/0x40 [ 15.730316] kasan_save_alloc_info+0x3b/0x50 [ 15.730491] __kasan_kmalloc+0xb7/0xc0 [ 15.730684] __kmalloc_cache_noprof+0x189/0x420 [ 15.730914] kasan_atomics+0x95/0x310 [ 15.731190] kunit_try_run_case+0x1a5/0x480 [ 15.731412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.731630] kthread+0x337/0x6f0 [ 15.731798] ret_from_fork+0x116/0x1d0 [ 15.732037] ret_from_fork_asm+0x1a/0x30 [ 15.732239] [ 15.732354] The buggy address belongs to the object at ffff888102a0a600 [ 15.732354] which belongs to the cache kmalloc-64 of size 64 [ 15.732792] The buggy address is located 0 bytes to the right of [ 15.732792] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.733415] [ 15.733522] The buggy address belongs to the physical page: [ 15.733740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.734229] flags: 0x200000000000000(node=0|zone=2) [ 15.734486] page_type: f5(slab) [ 15.734634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.734923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.737413] page dumped because: kasan: bad access detected [ 15.738095] [ 15.738207] Memory state around the buggy address: [ 15.738700] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.739131] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.739495] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.739726] ^ [ 15.739883] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740227] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740573] ================================================================== [ 15.661313] ================================================================== [ 15.661649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.661944] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.662455] [ 15.662554] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.662597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.662612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.662633] Call Trace: [ 15.662649] <TASK> [ 15.662664] dump_stack_lvl+0x73/0xb0 [ 15.662693] print_report+0xd1/0x610 [ 15.662721] ? __virt_addr_valid+0x1db/0x2d0 [ 15.662745] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.662767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.662792] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.662815] kasan_report+0x141/0x180 [ 15.662839] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.662866] kasan_check_range+0x10c/0x1c0 [ 15.662891] __kasan_check_write+0x18/0x20 [ 15.662912] kasan_atomics_helper+0x8f9/0x5450 [ 15.662936] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.662961] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.662988] ? kasan_atomics+0x152/0x310 [ 15.663015] kasan_atomics+0x1dc/0x310 [ 15.663039] ? __pfx_kasan_atomics+0x10/0x10 [ 15.663065] ? __pfx_read_tsc+0x10/0x10 [ 15.663087] ? ktime_get_ts64+0x86/0x230 [ 15.663113] kunit_try_run_case+0x1a5/0x480 [ 15.663138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.663229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.663258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.663296] ? __kthread_parkme+0x82/0x180 [ 15.663318] ? preempt_count_sub+0x50/0x80 [ 15.663342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.663380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.663406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.663434] kthread+0x337/0x6f0 [ 15.663454] ? trace_preempt_on+0x20/0xc0 [ 15.663477] ? __pfx_kthread+0x10/0x10 [ 15.663499] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.663523] ? calculate_sigpending+0x7b/0xa0 [ 15.663548] ? __pfx_kthread+0x10/0x10 [ 15.663571] ret_from_fork+0x116/0x1d0 [ 15.663590] ? __pfx_kthread+0x10/0x10 [ 15.663612] ret_from_fork_asm+0x1a/0x30 [ 15.663644] </TASK> [ 15.663654] [ 15.671767] Allocated by task 282: [ 15.671949] kasan_save_stack+0x45/0x70 [ 15.672157] kasan_save_track+0x18/0x40 [ 15.672365] kasan_save_alloc_info+0x3b/0x50 [ 15.672622] __kasan_kmalloc+0xb7/0xc0 [ 15.672818] __kmalloc_cache_noprof+0x189/0x420 [ 15.673013] kasan_atomics+0x95/0x310 [ 15.673180] kunit_try_run_case+0x1a5/0x480 [ 15.673342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.673570] kthread+0x337/0x6f0 [ 15.673740] ret_from_fork+0x116/0x1d0 [ 15.673935] ret_from_fork_asm+0x1a/0x30 [ 15.674100] [ 15.674200] The buggy address belongs to the object at ffff888102a0a600 [ 15.674200] which belongs to the cache kmalloc-64 of size 64 [ 15.674860] The buggy address is located 0 bytes to the right of [ 15.674860] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.675541] [ 15.675619] The buggy address belongs to the physical page: [ 15.675797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.676041] flags: 0x200000000000000(node=0|zone=2) [ 15.676279] page_type: f5(slab) [ 15.676446] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.676784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.677115] page dumped because: kasan: bad access detected [ 15.677435] [ 15.677509] Memory state around the buggy address: [ 15.677667] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.677885] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.678101] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.678583] ^ [ 15.678826] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679437] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679760] ================================================================== [ 15.862925] ================================================================== [ 15.863274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.863886] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.864528] [ 15.864738] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.864783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.864881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.864905] Call Trace: [ 15.864926] <TASK> [ 15.864942] dump_stack_lvl+0x73/0xb0 [ 15.864973] print_report+0xd1/0x610 [ 15.865008] ? __virt_addr_valid+0x1db/0x2d0 [ 15.865032] ? kasan_atomics_helper+0xf10/0x5450 [ 15.865054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.865079] ? kasan_atomics_helper+0xf10/0x5450 [ 15.865103] kasan_report+0x141/0x180 [ 15.865126] ? kasan_atomics_helper+0xf10/0x5450 [ 15.865153] kasan_check_range+0x10c/0x1c0 [ 15.865178] __kasan_check_write+0x18/0x20 [ 15.865198] kasan_atomics_helper+0xf10/0x5450 [ 15.865223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.865247] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.865283] ? kasan_atomics+0x152/0x310 [ 15.865310] kasan_atomics+0x1dc/0x310 [ 15.865333] ? __pfx_kasan_atomics+0x10/0x10 [ 15.865358] ? __pfx_read_tsc+0x10/0x10 [ 15.865381] ? ktime_get_ts64+0x86/0x230 [ 15.865408] kunit_try_run_case+0x1a5/0x480 [ 15.865434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.865459] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.865484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.865510] ? __kthread_parkme+0x82/0x180 [ 15.865531] ? preempt_count_sub+0x50/0x80 [ 15.865557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.865584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.865611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.865638] kthread+0x337/0x6f0 [ 15.865658] ? trace_preempt_on+0x20/0xc0 [ 15.865683] ? __pfx_kthread+0x10/0x10 [ 15.865705] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.865728] ? calculate_sigpending+0x7b/0xa0 [ 15.865753] ? __pfx_kthread+0x10/0x10 [ 15.865776] ret_from_fork+0x116/0x1d0 [ 15.865795] ? __pfx_kthread+0x10/0x10 [ 15.865817] ret_from_fork_asm+0x1a/0x30 [ 15.865849] </TASK> [ 15.865860] [ 15.874532] Allocated by task 282: [ 15.874719] kasan_save_stack+0x45/0x70 [ 15.874923] kasan_save_track+0x18/0x40 [ 15.875211] kasan_save_alloc_info+0x3b/0x50 [ 15.875441] __kasan_kmalloc+0xb7/0xc0 [ 15.875618] __kmalloc_cache_noprof+0x189/0x420 [ 15.875846] kasan_atomics+0x95/0x310 [ 15.875997] kunit_try_run_case+0x1a5/0x480 [ 15.876149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.876338] kthread+0x337/0x6f0 [ 15.876461] ret_from_fork+0x116/0x1d0 [ 15.876597] ret_from_fork_asm+0x1a/0x30 [ 15.876739] [ 15.876812] The buggy address belongs to the object at ffff888102a0a600 [ 15.876812] which belongs to the cache kmalloc-64 of size 64 [ 15.877326] The buggy address is located 0 bytes to the right of [ 15.877326] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.877884] [ 15.877983] The buggy address belongs to the physical page: [ 15.878242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.878527] flags: 0x200000000000000(node=0|zone=2) [ 15.879186] page_type: f5(slab) [ 15.879346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.879716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.879951] page dumped because: kasan: bad access detected [ 15.880579] [ 15.880683] Memory state around the buggy address: [ 15.880880] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.881338] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.881576] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.881792] ^ [ 15.881965] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882393] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.883275] ================================================================== [ 15.908244] ================================================================== [ 15.908511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.908840] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.909231] [ 15.909351] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.909395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.909407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.909428] Call Trace: [ 15.909444] <TASK> [ 15.909459] dump_stack_lvl+0x73/0xb0 [ 15.909488] print_report+0xd1/0x610 [ 15.909511] ? __virt_addr_valid+0x1db/0x2d0 [ 15.909536] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.909559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.909583] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.909606] kasan_report+0x141/0x180 [ 15.909630] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.909658] __asan_report_load4_noabort+0x18/0x20 [ 15.909684] kasan_atomics_helper+0x4a36/0x5450 [ 15.909708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.909733] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.909759] ? kasan_atomics+0x152/0x310 [ 15.909786] kasan_atomics+0x1dc/0x310 [ 15.909809] ? __pfx_kasan_atomics+0x10/0x10 [ 15.909834] ? __pfx_read_tsc+0x10/0x10 [ 15.909857] ? ktime_get_ts64+0x86/0x230 [ 15.909882] kunit_try_run_case+0x1a5/0x480 [ 15.909908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.909932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.909958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.909983] ? __kthread_parkme+0x82/0x180 [ 15.910005] ? preempt_count_sub+0x50/0x80 [ 15.910030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.910056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.910082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.910177] kthread+0x337/0x6f0 [ 15.910199] ? trace_preempt_on+0x20/0xc0 [ 15.910225] ? __pfx_kthread+0x10/0x10 [ 15.910247] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.910280] ? calculate_sigpending+0x7b/0xa0 [ 15.910306] ? __pfx_kthread+0x10/0x10 [ 15.910329] ret_from_fork+0x116/0x1d0 [ 15.910349] ? __pfx_kthread+0x10/0x10 [ 15.910371] ret_from_fork_asm+0x1a/0x30 [ 15.910403] </TASK> [ 15.910414] [ 15.918388] Allocated by task 282: [ 15.918652] kasan_save_stack+0x45/0x70 [ 15.918868] kasan_save_track+0x18/0x40 [ 15.919005] kasan_save_alloc_info+0x3b/0x50 [ 15.919156] __kasan_kmalloc+0xb7/0xc0 [ 15.919302] __kmalloc_cache_noprof+0x189/0x420 [ 15.919459] kasan_atomics+0x95/0x310 [ 15.919741] kunit_try_run_case+0x1a5/0x480 [ 15.919964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.920370] kthread+0x337/0x6f0 [ 15.920664] ret_from_fork+0x116/0x1d0 [ 15.920857] ret_from_fork_asm+0x1a/0x30 [ 15.921055] [ 15.921355] The buggy address belongs to the object at ffff888102a0a600 [ 15.921355] which belongs to the cache kmalloc-64 of size 64 [ 15.921780] The buggy address is located 0 bytes to the right of [ 15.921780] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.922646] [ 15.922757] The buggy address belongs to the physical page: [ 15.922969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.923341] flags: 0x200000000000000(node=0|zone=2) [ 15.923547] page_type: f5(slab) [ 15.923695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.923980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.924209] page dumped because: kasan: bad access detected [ 15.924393] [ 15.924463] Memory state around the buggy address: [ 15.924670] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.924987] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.925496] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.925829] ^ [ 15.926149] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.926387] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.926604] ================================================================== [ 16.031765] ================================================================== [ 16.032162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 16.032517] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.032851] [ 16.032958] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.033106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.033119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.033141] Call Trace: [ 16.033156] <TASK> [ 16.033171] dump_stack_lvl+0x73/0xb0 [ 16.033200] print_report+0xd1/0x610 [ 16.033222] ? __virt_addr_valid+0x1db/0x2d0 [ 16.033245] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.033280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.033306] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.033329] kasan_report+0x141/0x180 [ 16.033353] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.033381] __asan_report_load4_noabort+0x18/0x20 [ 16.033407] kasan_atomics_helper+0x49e8/0x5450 [ 16.033432] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.033456] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.033483] ? kasan_atomics+0x152/0x310 [ 16.033510] kasan_atomics+0x1dc/0x310 [ 16.033533] ? __pfx_kasan_atomics+0x10/0x10 [ 16.033558] ? __pfx_read_tsc+0x10/0x10 [ 16.033579] ? ktime_get_ts64+0x86/0x230 [ 16.033604] kunit_try_run_case+0x1a5/0x480 [ 16.033629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.033653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.033677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.033702] ? __kthread_parkme+0x82/0x180 [ 16.033723] ? preempt_count_sub+0x50/0x80 [ 16.033748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.033774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.033800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.033828] kthread+0x337/0x6f0 [ 16.033848] ? trace_preempt_on+0x20/0xc0 [ 16.033871] ? __pfx_kthread+0x10/0x10 [ 16.033893] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.033916] ? calculate_sigpending+0x7b/0xa0 [ 16.033940] ? __pfx_kthread+0x10/0x10 [ 16.034031] ret_from_fork+0x116/0x1d0 [ 16.034057] ? __pfx_kthread+0x10/0x10 [ 16.034078] ret_from_fork_asm+0x1a/0x30 [ 16.034110] </TASK> [ 16.034121] [ 16.041958] Allocated by task 282: [ 16.042211] kasan_save_stack+0x45/0x70 [ 16.042431] kasan_save_track+0x18/0x40 [ 16.042633] kasan_save_alloc_info+0x3b/0x50 [ 16.042857] __kasan_kmalloc+0xb7/0xc0 [ 16.043241] __kmalloc_cache_noprof+0x189/0x420 [ 16.043436] kasan_atomics+0x95/0x310 [ 16.043627] kunit_try_run_case+0x1a5/0x480 [ 16.043836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044160] kthread+0x337/0x6f0 [ 16.044337] ret_from_fork+0x116/0x1d0 [ 16.044507] ret_from_fork_asm+0x1a/0x30 [ 16.044688] [ 16.044785] The buggy address belongs to the object at ffff888102a0a600 [ 16.044785] which belongs to the cache kmalloc-64 of size 64 [ 16.045369] The buggy address is located 0 bytes to the right of [ 16.045369] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.045872] [ 16.046046] The buggy address belongs to the physical page: [ 16.046227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.046591] flags: 0x200000000000000(node=0|zone=2) [ 16.046832] page_type: f5(slab) [ 16.047201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.047535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.047876] page dumped because: kasan: bad access detected [ 16.048216] [ 16.048301] Memory state around the buggy address: [ 16.048462] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.048719] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.049045] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.049367] ^ [ 16.049580] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.049798] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.050046] ================================================================== [ 16.301656] ================================================================== [ 16.301937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.302451] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.302771] [ 16.302877] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.302921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.302934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.302957] Call Trace: [ 16.303007] <TASK> [ 16.303467] dump_stack_lvl+0x73/0xb0 [ 16.303499] print_report+0xd1/0x610 [ 16.303522] ? __virt_addr_valid+0x1db/0x2d0 [ 16.303546] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.303568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.303593] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.303616] kasan_report+0x141/0x180 [ 16.303639] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.303667] kasan_check_range+0x10c/0x1c0 [ 16.303692] __kasan_check_write+0x18/0x20 [ 16.303713] kasan_atomics_helper+0x18b1/0x5450 [ 16.303737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.303761] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.303787] ? kasan_atomics+0x152/0x310 [ 16.303815] kasan_atomics+0x1dc/0x310 [ 16.303838] ? __pfx_kasan_atomics+0x10/0x10 [ 16.303863] ? __pfx_read_tsc+0x10/0x10 [ 16.303885] ? ktime_get_ts64+0x86/0x230 [ 16.303911] kunit_try_run_case+0x1a5/0x480 [ 16.303937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.303961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.304057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.304085] ? __kthread_parkme+0x82/0x180 [ 16.304107] ? preempt_count_sub+0x50/0x80 [ 16.304134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.304160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.304187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.304214] kthread+0x337/0x6f0 [ 16.304234] ? trace_preempt_on+0x20/0xc0 [ 16.304259] ? __pfx_kthread+0x10/0x10 [ 16.304293] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.304317] ? calculate_sigpending+0x7b/0xa0 [ 16.304341] ? __pfx_kthread+0x10/0x10 [ 16.304364] ret_from_fork+0x116/0x1d0 [ 16.304383] ? __pfx_kthread+0x10/0x10 [ 16.304406] ret_from_fork_asm+0x1a/0x30 [ 16.304437] </TASK> [ 16.304448] [ 16.313838] Allocated by task 282: [ 16.314135] kasan_save_stack+0x45/0x70 [ 16.314473] kasan_save_track+0x18/0x40 [ 16.314679] kasan_save_alloc_info+0x3b/0x50 [ 16.314938] __kasan_kmalloc+0xb7/0xc0 [ 16.315337] __kmalloc_cache_noprof+0x189/0x420 [ 16.315610] kasan_atomics+0x95/0x310 [ 16.315775] kunit_try_run_case+0x1a5/0x480 [ 16.315970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.316294] kthread+0x337/0x6f0 [ 16.316419] ret_from_fork+0x116/0x1d0 [ 16.316569] ret_from_fork_asm+0x1a/0x30 [ 16.316770] [ 16.316868] The buggy address belongs to the object at ffff888102a0a600 [ 16.316868] which belongs to the cache kmalloc-64 of size 64 [ 16.317417] The buggy address is located 0 bytes to the right of [ 16.317417] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.317899] [ 16.317989] The buggy address belongs to the physical page: [ 16.318241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.318742] flags: 0x200000000000000(node=0|zone=2) [ 16.318916] page_type: f5(slab) [ 16.319040] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.319288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.319613] page dumped because: kasan: bad access detected [ 16.320065] [ 16.320188] Memory state around the buggy address: [ 16.320436] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.320774] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.321099] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.321426] ^ [ 16.321629] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.321906] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322238] ================================================================== [ 16.499117] ================================================================== [ 16.499798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.500544] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.500779] [ 16.500862] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.500903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.500919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.500942] Call Trace: [ 16.500958] <TASK> [ 16.500973] dump_stack_lvl+0x73/0xb0 [ 16.501002] print_report+0xd1/0x610 [ 16.501024] ? __virt_addr_valid+0x1db/0x2d0 [ 16.501048] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.501072] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.501097] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.501121] kasan_report+0x141/0x180 [ 16.501144] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.501172] kasan_check_range+0x10c/0x1c0 [ 16.501199] __kasan_check_write+0x18/0x20 [ 16.501220] kasan_atomics_helper+0x1eaa/0x5450 [ 16.501245] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.501280] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.501307] ? kasan_atomics+0x152/0x310 [ 16.501333] kasan_atomics+0x1dc/0x310 [ 16.501357] ? __pfx_kasan_atomics+0x10/0x10 [ 16.501383] ? __pfx_read_tsc+0x10/0x10 [ 16.501405] ? ktime_get_ts64+0x86/0x230 [ 16.501430] kunit_try_run_case+0x1a5/0x480 [ 16.501456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.501505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.501531] ? __kthread_parkme+0x82/0x180 [ 16.501552] ? preempt_count_sub+0x50/0x80 [ 16.501577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.501659] kthread+0x337/0x6f0 [ 16.501679] ? trace_preempt_on+0x20/0xc0 [ 16.501703] ? __pfx_kthread+0x10/0x10 [ 16.501725] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.501748] ? calculate_sigpending+0x7b/0xa0 [ 16.501772] ? __pfx_kthread+0x10/0x10 [ 16.501795] ret_from_fork+0x116/0x1d0 [ 16.501814] ? __pfx_kthread+0x10/0x10 [ 16.501835] ret_from_fork_asm+0x1a/0x30 [ 16.501867] </TASK> [ 16.501879] [ 16.508723] Allocated by task 282: [ 16.508849] kasan_save_stack+0x45/0x70 [ 16.509048] kasan_save_track+0x18/0x40 [ 16.509244] kasan_save_alloc_info+0x3b/0x50 [ 16.509469] __kasan_kmalloc+0xb7/0xc0 [ 16.509660] __kmalloc_cache_noprof+0x189/0x420 [ 16.509899] kasan_atomics+0x95/0x310 [ 16.510087] kunit_try_run_case+0x1a5/0x480 [ 16.510309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.510517] kthread+0x337/0x6f0 [ 16.510637] ret_from_fork+0x116/0x1d0 [ 16.510776] ret_from_fork_asm+0x1a/0x30 [ 16.510930] [ 16.511027] The buggy address belongs to the object at ffff888102a0a600 [ 16.511027] which belongs to the cache kmalloc-64 of size 64 [ 16.511566] The buggy address is located 0 bytes to the right of [ 16.511566] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.512068] [ 16.512167] The buggy address belongs to the physical page: [ 16.512410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.512659] flags: 0x200000000000000(node=0|zone=2) [ 16.512822] page_type: f5(slab) [ 16.512942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.513177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.513508] page dumped because: kasan: bad access detected [ 16.513764] [ 16.513859] Memory state around the buggy address: [ 16.514086] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.514713] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.515044] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.515372] ^ [ 16.515583] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515853] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516096] ================================================================== [ 16.558838] ================================================================== [ 16.559239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.559494] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.559841] [ 16.559949] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.560010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.560024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.560045] Call Trace: [ 16.560058] <TASK> [ 16.560071] dump_stack_lvl+0x73/0xb0 [ 16.560099] print_report+0xd1/0x610 [ 16.560122] ? __virt_addr_valid+0x1db/0x2d0 [ 16.560146] ? kasan_atomics_helper+0x2006/0x5450 [ 16.560168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.560192] ? kasan_atomics_helper+0x2006/0x5450 [ 16.560215] kasan_report+0x141/0x180 [ 16.560239] ? kasan_atomics_helper+0x2006/0x5450 [ 16.560296] kasan_check_range+0x10c/0x1c0 [ 16.560322] __kasan_check_write+0x18/0x20 [ 16.560342] kasan_atomics_helper+0x2006/0x5450 [ 16.560367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.560391] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.560418] ? kasan_atomics+0x152/0x310 [ 16.560445] kasan_atomics+0x1dc/0x310 [ 16.560485] ? __pfx_kasan_atomics+0x10/0x10 [ 16.560511] ? __pfx_read_tsc+0x10/0x10 [ 16.560532] ? ktime_get_ts64+0x86/0x230 [ 16.560557] kunit_try_run_case+0x1a5/0x480 [ 16.560584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.560608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.560647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.560687] ? __kthread_parkme+0x82/0x180 [ 16.560722] ? preempt_count_sub+0x50/0x80 [ 16.560760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.560799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.560852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.560880] kthread+0x337/0x6f0 [ 16.560899] ? trace_preempt_on+0x20/0xc0 [ 16.560924] ? __pfx_kthread+0x10/0x10 [ 16.560946] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.560969] ? calculate_sigpending+0x7b/0xa0 [ 16.560994] ? __pfx_kthread+0x10/0x10 [ 16.561017] ret_from_fork+0x116/0x1d0 [ 16.561037] ? __pfx_kthread+0x10/0x10 [ 16.561058] ret_from_fork_asm+0x1a/0x30 [ 16.561090] </TASK> [ 16.561101] [ 16.568546] Allocated by task 282: [ 16.568735] kasan_save_stack+0x45/0x70 [ 16.568876] kasan_save_track+0x18/0x40 [ 16.569086] kasan_save_alloc_info+0x3b/0x50 [ 16.569329] __kasan_kmalloc+0xb7/0xc0 [ 16.569509] __kmalloc_cache_noprof+0x189/0x420 [ 16.569698] kasan_atomics+0x95/0x310 [ 16.569881] kunit_try_run_case+0x1a5/0x480 [ 16.570094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.570318] kthread+0x337/0x6f0 [ 16.570508] ret_from_fork+0x116/0x1d0 [ 16.570722] ret_from_fork_asm+0x1a/0x30 [ 16.570881] [ 16.570951] The buggy address belongs to the object at ffff888102a0a600 [ 16.570951] which belongs to the cache kmalloc-64 of size 64 [ 16.571460] The buggy address is located 0 bytes to the right of [ 16.571460] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.571969] [ 16.572066] The buggy address belongs to the physical page: [ 16.572353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.572661] flags: 0x200000000000000(node=0|zone=2) [ 16.572893] page_type: f5(slab) [ 16.573032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.573380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.573707] page dumped because: kasan: bad access detected [ 16.573918] [ 16.573988] Memory state around the buggy address: [ 16.574139] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.574357] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.574661] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.574988] ^ [ 16.575213] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.575554] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.575820] ================================================================== [ 15.487474] ================================================================== [ 15.487776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.488319] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.488596] [ 15.488705] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.488747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.488759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.488782] Call Trace: [ 15.488797] <TASK> [ 15.488811] dump_stack_lvl+0x73/0xb0 [ 15.488841] print_report+0xd1/0x610 [ 15.488864] ? __virt_addr_valid+0x1db/0x2d0 [ 15.488888] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.488911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.488936] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.488959] kasan_report+0x141/0x180 [ 15.489047] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.489078] __asan_report_load4_noabort+0x18/0x20 [ 15.489105] kasan_atomics_helper+0x4b54/0x5450 [ 15.489130] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.489155] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.489181] ? kasan_atomics+0x152/0x310 [ 15.489207] kasan_atomics+0x1dc/0x310 [ 15.489232] ? __pfx_kasan_atomics+0x10/0x10 [ 15.489257] ? __pfx_read_tsc+0x10/0x10 [ 15.489303] ? ktime_get_ts64+0x86/0x230 [ 15.489329] kunit_try_run_case+0x1a5/0x480 [ 15.489355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489380] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.489405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.489430] ? __kthread_parkme+0x82/0x180 [ 15.489452] ? preempt_count_sub+0x50/0x80 [ 15.489476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.489528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.489554] kthread+0x337/0x6f0 [ 15.489575] ? trace_preempt_on+0x20/0xc0 [ 15.489599] ? __pfx_kthread+0x10/0x10 [ 15.489621] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.489644] ? calculate_sigpending+0x7b/0xa0 [ 15.489669] ? __pfx_kthread+0x10/0x10 [ 15.489692] ret_from_fork+0x116/0x1d0 [ 15.489712] ? __pfx_kthread+0x10/0x10 [ 15.489734] ret_from_fork_asm+0x1a/0x30 [ 15.489766] </TASK> [ 15.489776] [ 15.497431] Allocated by task 282: [ 15.497617] kasan_save_stack+0x45/0x70 [ 15.497815] kasan_save_track+0x18/0x40 [ 15.497997] kasan_save_alloc_info+0x3b/0x50 [ 15.498201] __kasan_kmalloc+0xb7/0xc0 [ 15.498372] __kmalloc_cache_noprof+0x189/0x420 [ 15.498526] kasan_atomics+0x95/0x310 [ 15.498658] kunit_try_run_case+0x1a5/0x480 [ 15.498865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.499116] kthread+0x337/0x6f0 [ 15.499291] ret_from_fork+0x116/0x1d0 [ 15.499436] ret_from_fork_asm+0x1a/0x30 [ 15.499573] [ 15.499642] The buggy address belongs to the object at ffff888102a0a600 [ 15.499642] which belongs to the cache kmalloc-64 of size 64 [ 15.500126] The buggy address is located 0 bytes to the right of [ 15.500126] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.500849] [ 15.500939] The buggy address belongs to the physical page: [ 15.501227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.501551] flags: 0x200000000000000(node=0|zone=2) [ 15.501755] page_type: f5(slab) [ 15.501923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.502305] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.502531] page dumped because: kasan: bad access detected [ 15.502699] [ 15.502775] Memory state around the buggy address: [ 15.502926] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.503227] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.503755] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.504057] ^ [ 15.504277] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504485] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504693] ================================================================== [ 16.322942] ================================================================== [ 16.323365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.323735] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.324135] [ 16.324224] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.324279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.324292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.324314] Call Trace: [ 16.324330] <TASK> [ 16.324344] dump_stack_lvl+0x73/0xb0 [ 16.324373] print_report+0xd1/0x610 [ 16.324397] ? __virt_addr_valid+0x1db/0x2d0 [ 16.324420] ? kasan_atomics_helper+0x194a/0x5450 [ 16.324443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.324468] ? kasan_atomics_helper+0x194a/0x5450 [ 16.324491] kasan_report+0x141/0x180 [ 16.324514] ? kasan_atomics_helper+0x194a/0x5450 [ 16.324542] kasan_check_range+0x10c/0x1c0 [ 16.324567] __kasan_check_write+0x18/0x20 [ 16.324588] kasan_atomics_helper+0x194a/0x5450 [ 16.324612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.324636] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.324662] ? kasan_atomics+0x152/0x310 [ 16.324689] kasan_atomics+0x1dc/0x310 [ 16.324713] ? __pfx_kasan_atomics+0x10/0x10 [ 16.324738] ? __pfx_read_tsc+0x10/0x10 [ 16.324760] ? ktime_get_ts64+0x86/0x230 [ 16.324801] kunit_try_run_case+0x1a5/0x480 [ 16.324827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.324852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.324876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.324901] ? __kthread_parkme+0x82/0x180 [ 16.324922] ? preempt_count_sub+0x50/0x80 [ 16.324946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.324972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.325054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.325083] kthread+0x337/0x6f0 [ 16.325103] ? trace_preempt_on+0x20/0xc0 [ 16.325126] ? __pfx_kthread+0x10/0x10 [ 16.325148] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.325171] ? calculate_sigpending+0x7b/0xa0 [ 16.325196] ? __pfx_kthread+0x10/0x10 [ 16.325218] ret_from_fork+0x116/0x1d0 [ 16.325238] ? __pfx_kthread+0x10/0x10 [ 16.325259] ret_from_fork_asm+0x1a/0x30 [ 16.325304] </TASK> [ 16.325315] [ 16.333403] Allocated by task 282: [ 16.333595] kasan_save_stack+0x45/0x70 [ 16.333798] kasan_save_track+0x18/0x40 [ 16.333992] kasan_save_alloc_info+0x3b/0x50 [ 16.334206] __kasan_kmalloc+0xb7/0xc0 [ 16.334408] __kmalloc_cache_noprof+0x189/0x420 [ 16.334628] kasan_atomics+0x95/0x310 [ 16.334822] kunit_try_run_case+0x1a5/0x480 [ 16.335012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.335228] kthread+0x337/0x6f0 [ 16.335599] ret_from_fork+0x116/0x1d0 [ 16.335784] ret_from_fork_asm+0x1a/0x30 [ 16.336029] [ 16.336133] The buggy address belongs to the object at ffff888102a0a600 [ 16.336133] which belongs to the cache kmalloc-64 of size 64 [ 16.336616] The buggy address is located 0 bytes to the right of [ 16.336616] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.337174] [ 16.337249] The buggy address belongs to the physical page: [ 16.337437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.337680] flags: 0x200000000000000(node=0|zone=2) [ 16.337912] page_type: f5(slab) [ 16.338074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.338423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.338850] page dumped because: kasan: bad access detected [ 16.339028] [ 16.339099] Memory state around the buggy address: [ 16.339254] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339587] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339920] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.340243] ^ [ 16.340645] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.340937] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341298] ================================================================== [ 16.482501] ================================================================== [ 16.482827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.483172] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.483459] [ 16.483566] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.483607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.483621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.483643] Call Trace: [ 16.483655] <TASK> [ 16.483669] dump_stack_lvl+0x73/0xb0 [ 16.483697] print_report+0xd1/0x610 [ 16.483720] ? __virt_addr_valid+0x1db/0x2d0 [ 16.483743] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.483766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.483791] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.483814] kasan_report+0x141/0x180 [ 16.483837] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.483865] kasan_check_range+0x10c/0x1c0 [ 16.483890] __kasan_check_write+0x18/0x20 [ 16.483911] kasan_atomics_helper+0x1e12/0x5450 [ 16.483935] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.483960] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.483986] ? kasan_atomics+0x152/0x310 [ 16.484013] kasan_atomics+0x1dc/0x310 [ 16.484037] ? __pfx_kasan_atomics+0x10/0x10 [ 16.484063] ? __pfx_read_tsc+0x10/0x10 [ 16.484085] ? ktime_get_ts64+0x86/0x230 [ 16.484109] kunit_try_run_case+0x1a5/0x480 [ 16.484135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.484159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.484184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.484210] ? __kthread_parkme+0x82/0x180 [ 16.484231] ? preempt_count_sub+0x50/0x80 [ 16.484256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.484293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.484319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.484346] kthread+0x337/0x6f0 [ 16.484365] ? trace_preempt_on+0x20/0xc0 [ 16.484390] ? __pfx_kthread+0x10/0x10 [ 16.484411] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.484433] ? calculate_sigpending+0x7b/0xa0 [ 16.484459] ? __pfx_kthread+0x10/0x10 [ 16.484481] ret_from_fork+0x116/0x1d0 [ 16.484500] ? __pfx_kthread+0x10/0x10 [ 16.484522] ret_from_fork_asm+0x1a/0x30 [ 16.484553] </TASK> [ 16.484564] [ 16.491592] Allocated by task 282: [ 16.491724] kasan_save_stack+0x45/0x70 [ 16.491887] kasan_save_track+0x18/0x40 [ 16.492074] kasan_save_alloc_info+0x3b/0x50 [ 16.492302] __kasan_kmalloc+0xb7/0xc0 [ 16.492491] __kmalloc_cache_noprof+0x189/0x420 [ 16.492683] kasan_atomics+0x95/0x310 [ 16.492817] kunit_try_run_case+0x1a5/0x480 [ 16.492965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.493193] kthread+0x337/0x6f0 [ 16.493375] ret_from_fork+0x116/0x1d0 [ 16.493562] ret_from_fork_asm+0x1a/0x30 [ 16.493767] [ 16.493862] The buggy address belongs to the object at ffff888102a0a600 [ 16.493862] which belongs to the cache kmalloc-64 of size 64 [ 16.494416] The buggy address is located 0 bytes to the right of [ 16.494416] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.494858] [ 16.494931] The buggy address belongs to the physical page: [ 16.495184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.495510] flags: 0x200000000000000(node=0|zone=2) [ 16.495720] page_type: f5(slab) [ 16.495880] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.496182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.496446] page dumped because: kasan: bad access detected [ 16.496671] [ 16.496764] Memory state around the buggy address: [ 16.496988] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497269] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497487] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.497703] ^ [ 16.497869] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498185] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498506] ================================================================== [ 15.424742] ================================================================== [ 15.425136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.425896] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.426447] [ 15.426555] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.426597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.426611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.426631] Call Trace: [ 15.426643] <TASK> [ 15.426657] dump_stack_lvl+0x73/0xb0 [ 15.426684] print_report+0xd1/0x610 [ 15.426711] ? __virt_addr_valid+0x1db/0x2d0 [ 15.426732] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.426754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.426778] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.426800] kasan_report+0x141/0x180 [ 15.426821] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.426849] __asan_report_load4_noabort+0x18/0x20 [ 15.426873] kasan_atomics_helper+0x4b88/0x5450 [ 15.426896] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.426919] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.426944] ? kasan_atomics+0x152/0x310 [ 15.426969] kasan_atomics+0x1dc/0x310 [ 15.427191] ? __pfx_kasan_atomics+0x10/0x10 [ 15.427217] ? __pfx_read_tsc+0x10/0x10 [ 15.427240] ? ktime_get_ts64+0x86/0x230 [ 15.427279] kunit_try_run_case+0x1a5/0x480 [ 15.427305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.427329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.427353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.427378] ? __kthread_parkme+0x82/0x180 [ 15.427398] ? preempt_count_sub+0x50/0x80 [ 15.427422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.427447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.427497] kthread+0x337/0x6f0 [ 15.427517] ? trace_preempt_on+0x20/0xc0 [ 15.427540] ? __pfx_kthread+0x10/0x10 [ 15.427560] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.427582] ? calculate_sigpending+0x7b/0xa0 [ 15.427607] ? __pfx_kthread+0x10/0x10 [ 15.427628] ret_from_fork+0x116/0x1d0 [ 15.427647] ? __pfx_kthread+0x10/0x10 [ 15.427668] ret_from_fork_asm+0x1a/0x30 [ 15.427698] </TASK> [ 15.427816] [ 15.435828] Allocated by task 282: [ 15.436118] kasan_save_stack+0x45/0x70 [ 15.436307] kasan_save_track+0x18/0x40 [ 15.436446] kasan_save_alloc_info+0x3b/0x50 [ 15.436647] __kasan_kmalloc+0xb7/0xc0 [ 15.436836] __kmalloc_cache_noprof+0x189/0x420 [ 15.437060] kasan_atomics+0x95/0x310 [ 15.437403] kunit_try_run_case+0x1a5/0x480 [ 15.437562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.437822] kthread+0x337/0x6f0 [ 15.438036] ret_from_fork+0x116/0x1d0 [ 15.438213] ret_from_fork_asm+0x1a/0x30 [ 15.438398] [ 15.438470] The buggy address belongs to the object at ffff888102a0a600 [ 15.438470] which belongs to the cache kmalloc-64 of size 64 [ 15.438833] The buggy address is located 0 bytes to the right of [ 15.438833] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.439390] [ 15.439485] The buggy address belongs to the physical page: [ 15.439885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.440300] flags: 0x200000000000000(node=0|zone=2) [ 15.440465] page_type: f5(slab) [ 15.440588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.441247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.441587] page dumped because: kasan: bad access detected [ 15.441863] [ 15.441949] Memory state around the buggy address: [ 15.442200] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.442546] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.442855] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.443337] ^ [ 15.443531] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.443831] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.444215] ================================================================== [ 15.505029] ================================================================== [ 15.505752] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.506090] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.506424] [ 15.506530] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.506573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.506588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.506610] Call Trace: [ 15.506624] <TASK> [ 15.506638] dump_stack_lvl+0x73/0xb0 [ 15.506664] print_report+0xd1/0x610 [ 15.506687] ? __virt_addr_valid+0x1db/0x2d0 [ 15.506717] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.506739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.506763] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.506787] kasan_report+0x141/0x180 [ 15.506811] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.506839] kasan_check_range+0x10c/0x1c0 [ 15.506864] __kasan_check_write+0x18/0x20 [ 15.506884] kasan_atomics_helper+0x4a0/0x5450 [ 15.506909] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.506933] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.506959] ? kasan_atomics+0x152/0x310 [ 15.506986] kasan_atomics+0x1dc/0x310 [ 15.507009] ? __pfx_kasan_atomics+0x10/0x10 [ 15.507035] ? __pfx_read_tsc+0x10/0x10 [ 15.507056] ? ktime_get_ts64+0x86/0x230 [ 15.507081] kunit_try_run_case+0x1a5/0x480 [ 15.507106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.507155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.507180] ? __kthread_parkme+0x82/0x180 [ 15.507202] ? preempt_count_sub+0x50/0x80 [ 15.507226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.507457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.507486] kthread+0x337/0x6f0 [ 15.507506] ? trace_preempt_on+0x20/0xc0 [ 15.507531] ? __pfx_kthread+0x10/0x10 [ 15.507553] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.507576] ? calculate_sigpending+0x7b/0xa0 [ 15.507602] ? __pfx_kthread+0x10/0x10 [ 15.507624] ret_from_fork+0x116/0x1d0 [ 15.507643] ? __pfx_kthread+0x10/0x10 [ 15.507664] ret_from_fork_asm+0x1a/0x30 [ 15.507696] </TASK> [ 15.507707] [ 15.515519] Allocated by task 282: [ 15.515688] kasan_save_stack+0x45/0x70 [ 15.515886] kasan_save_track+0x18/0x40 [ 15.516047] kasan_save_alloc_info+0x3b/0x50 [ 15.516249] __kasan_kmalloc+0xb7/0xc0 [ 15.516418] __kmalloc_cache_noprof+0x189/0x420 [ 15.516576] kasan_atomics+0x95/0x310 [ 15.516713] kunit_try_run_case+0x1a5/0x480 [ 15.516881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.517132] kthread+0x337/0x6f0 [ 15.517488] ret_from_fork+0x116/0x1d0 [ 15.517685] ret_from_fork_asm+0x1a/0x30 [ 15.517891] [ 15.517992] The buggy address belongs to the object at ffff888102a0a600 [ 15.517992] which belongs to the cache kmalloc-64 of size 64 [ 15.518629] The buggy address is located 0 bytes to the right of [ 15.518629] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.519220] [ 15.519306] The buggy address belongs to the physical page: [ 15.519484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.519751] flags: 0x200000000000000(node=0|zone=2) [ 15.519984] page_type: f5(slab) [ 15.520286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.520633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.520923] page dumped because: kasan: bad access detected [ 15.521095] [ 15.521187] Memory state around the buggy address: [ 15.521426] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521752] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.522026] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.522242] ^ [ 15.522554] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523177] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523515] ================================================================== [ 15.542779] ================================================================== [ 15.543122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.543475] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.543803] [ 15.543907] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.543948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.543962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.543984] Call Trace: [ 15.543999] <TASK> [ 15.544014] dump_stack_lvl+0x73/0xb0 [ 15.544040] print_report+0xd1/0x610 [ 15.544062] ? __virt_addr_valid+0x1db/0x2d0 [ 15.544089] ? kasan_atomics_helper+0x565/0x5450 [ 15.544111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.544137] ? kasan_atomics_helper+0x565/0x5450 [ 15.544162] kasan_report+0x141/0x180 [ 15.544187] ? kasan_atomics_helper+0x565/0x5450 [ 15.544214] kasan_check_range+0x10c/0x1c0 [ 15.544240] __kasan_check_write+0x18/0x20 [ 15.544275] kasan_atomics_helper+0x565/0x5450 [ 15.544300] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.544324] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.544350] ? kasan_atomics+0x152/0x310 [ 15.544377] kasan_atomics+0x1dc/0x310 [ 15.544401] ? __pfx_kasan_atomics+0x10/0x10 [ 15.544427] ? __pfx_read_tsc+0x10/0x10 [ 15.544449] ? ktime_get_ts64+0x86/0x230 [ 15.544473] kunit_try_run_case+0x1a5/0x480 [ 15.544499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.544523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.544548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.544573] ? __kthread_parkme+0x82/0x180 [ 15.544595] ? preempt_count_sub+0x50/0x80 [ 15.544620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.544646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.544672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.544700] kthread+0x337/0x6f0 [ 15.544720] ? trace_preempt_on+0x20/0xc0 [ 15.544743] ? __pfx_kthread+0x10/0x10 [ 15.544765] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.544787] ? calculate_sigpending+0x7b/0xa0 [ 15.544813] ? __pfx_kthread+0x10/0x10 [ 15.544835] ret_from_fork+0x116/0x1d0 [ 15.544855] ? __pfx_kthread+0x10/0x10 [ 15.544876] ret_from_fork_asm+0x1a/0x30 [ 15.544908] </TASK> [ 15.544919] [ 15.553228] Allocated by task 282: [ 15.553394] kasan_save_stack+0x45/0x70 [ 15.553540] kasan_save_track+0x18/0x40 [ 15.553678] kasan_save_alloc_info+0x3b/0x50 [ 15.553891] __kasan_kmalloc+0xb7/0xc0 [ 15.554232] __kmalloc_cache_noprof+0x189/0x420 [ 15.554469] kasan_atomics+0x95/0x310 [ 15.554662] kunit_try_run_case+0x1a5/0x480 [ 15.554862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.555260] kthread+0x337/0x6f0 [ 15.555434] ret_from_fork+0x116/0x1d0 [ 15.555608] ret_from_fork_asm+0x1a/0x30 [ 15.555789] [ 15.555862] The buggy address belongs to the object at ffff888102a0a600 [ 15.555862] which belongs to the cache kmalloc-64 of size 64 [ 15.556216] The buggy address is located 0 bytes to the right of [ 15.556216] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.557231] [ 15.557417] The buggy address belongs to the physical page: [ 15.557605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.557846] flags: 0x200000000000000(node=0|zone=2) [ 15.558360] page_type: f5(slab) [ 15.558537] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.558958] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.559426] page dumped because: kasan: bad access detected [ 15.559646] [ 15.559717] Memory state around the buggy address: [ 15.559874] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.560504] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.560814] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.561064] ^ [ 15.561220] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.561451] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.561799] ================================================================== [ 16.411341] ================================================================== [ 16.411684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.412049] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.412400] [ 16.412504] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.412546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.412558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.412578] Call Trace: [ 16.412593] <TASK> [ 16.412606] dump_stack_lvl+0x73/0xb0 [ 16.412632] print_report+0xd1/0x610 [ 16.412655] ? __virt_addr_valid+0x1db/0x2d0 [ 16.412678] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.412702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.412727] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.412751] kasan_report+0x141/0x180 [ 16.412774] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.412802] __asan_report_load8_noabort+0x18/0x20 [ 16.412828] kasan_atomics_helper+0x4f30/0x5450 [ 16.412853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.412877] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.412904] ? kasan_atomics+0x152/0x310 [ 16.412930] kasan_atomics+0x1dc/0x310 [ 16.412954] ? __pfx_kasan_atomics+0x10/0x10 [ 16.412980] ? __pfx_read_tsc+0x10/0x10 [ 16.413002] ? ktime_get_ts64+0x86/0x230 [ 16.413028] kunit_try_run_case+0x1a5/0x480 [ 16.413052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.413076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.413100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.413125] ? __kthread_parkme+0x82/0x180 [ 16.413147] ? preempt_count_sub+0x50/0x80 [ 16.413172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.413197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.413223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.413251] kthread+0x337/0x6f0 [ 16.413280] ? trace_preempt_on+0x20/0xc0 [ 16.413304] ? __pfx_kthread+0x10/0x10 [ 16.413325] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.413348] ? calculate_sigpending+0x7b/0xa0 [ 16.413372] ? __pfx_kthread+0x10/0x10 [ 16.413395] ret_from_fork+0x116/0x1d0 [ 16.413415] ? __pfx_kthread+0x10/0x10 [ 16.413436] ret_from_fork_asm+0x1a/0x30 [ 16.413468] </TASK> [ 16.413478] [ 16.420612] Allocated by task 282: [ 16.420795] kasan_save_stack+0x45/0x70 [ 16.420989] kasan_save_track+0x18/0x40 [ 16.421163] kasan_save_alloc_info+0x3b/0x50 [ 16.421355] __kasan_kmalloc+0xb7/0xc0 [ 16.421531] __kmalloc_cache_noprof+0x189/0x420 [ 16.421712] kasan_atomics+0x95/0x310 [ 16.421893] kunit_try_run_case+0x1a5/0x480 [ 16.422063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.422309] kthread+0x337/0x6f0 [ 16.422464] ret_from_fork+0x116/0x1d0 [ 16.422597] ret_from_fork_asm+0x1a/0x30 [ 16.422747] [ 16.422816] The buggy address belongs to the object at ffff888102a0a600 [ 16.422816] which belongs to the cache kmalloc-64 of size 64 [ 16.423168] The buggy address is located 0 bytes to the right of [ 16.423168] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.423699] [ 16.423794] The buggy address belongs to the physical page: [ 16.424044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.424397] flags: 0x200000000000000(node=0|zone=2) [ 16.424577] page_type: f5(slab) [ 16.424699] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.424934] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.425162] page dumped because: kasan: bad access detected [ 16.425343] [ 16.425414] Memory state around the buggy address: [ 16.425642] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.425961] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.426355] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.426695] ^ [ 16.426930] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.427253] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.427586] ================================================================== [ 16.279247] ================================================================== [ 16.279819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.280076] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.280469] [ 16.280592] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.280641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.280655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.280678] Call Trace: [ 16.280698] <TASK> [ 16.280717] dump_stack_lvl+0x73/0xb0 [ 16.280748] print_report+0xd1/0x610 [ 16.280771] ? __virt_addr_valid+0x1db/0x2d0 [ 16.280795] ? kasan_atomics_helper+0x1818/0x5450 [ 16.280819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.280844] ? kasan_atomics_helper+0x1818/0x5450 [ 16.280867] kasan_report+0x141/0x180 [ 16.280890] ? kasan_atomics_helper+0x1818/0x5450 [ 16.280919] kasan_check_range+0x10c/0x1c0 [ 16.280950] __kasan_check_write+0x18/0x20 [ 16.280971] kasan_atomics_helper+0x1818/0x5450 [ 16.280995] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.281020] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.281046] ? kasan_atomics+0x152/0x310 [ 16.281075] kasan_atomics+0x1dc/0x310 [ 16.281100] ? __pfx_kasan_atomics+0x10/0x10 [ 16.281125] ? __pfx_read_tsc+0x10/0x10 [ 16.281160] ? ktime_get_ts64+0x86/0x230 [ 16.281186] kunit_try_run_case+0x1a5/0x480 [ 16.281215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.281248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.281284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.281343] ? __kthread_parkme+0x82/0x180 [ 16.281366] ? preempt_count_sub+0x50/0x80 [ 16.281391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.281417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.281444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.281471] kthread+0x337/0x6f0 [ 16.281491] ? trace_preempt_on+0x20/0xc0 [ 16.281516] ? __pfx_kthread+0x10/0x10 [ 16.281538] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.281561] ? calculate_sigpending+0x7b/0xa0 [ 16.281588] ? __pfx_kthread+0x10/0x10 [ 16.281610] ret_from_fork+0x116/0x1d0 [ 16.281630] ? __pfx_kthread+0x10/0x10 [ 16.281651] ret_from_fork_asm+0x1a/0x30 [ 16.281683] </TASK> [ 16.281696] [ 16.290277] Allocated by task 282: [ 16.290468] kasan_save_stack+0x45/0x70 [ 16.290663] kasan_save_track+0x18/0x40 [ 16.290851] kasan_save_alloc_info+0x3b/0x50 [ 16.291743] __kasan_kmalloc+0xb7/0xc0 [ 16.291959] __kmalloc_cache_noprof+0x189/0x420 [ 16.292386] kasan_atomics+0x95/0x310 [ 16.292572] kunit_try_run_case+0x1a5/0x480 [ 16.292728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.293035] kthread+0x337/0x6f0 [ 16.293226] ret_from_fork+0x116/0x1d0 [ 16.293502] ret_from_fork_asm+0x1a/0x30 [ 16.293686] [ 16.293761] The buggy address belongs to the object at ffff888102a0a600 [ 16.293761] which belongs to the cache kmalloc-64 of size 64 [ 16.294498] The buggy address is located 0 bytes to the right of [ 16.294498] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.294966] [ 16.295043] The buggy address belongs to the physical page: [ 16.295217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.295697] flags: 0x200000000000000(node=0|zone=2) [ 16.296485] page_type: f5(slab) [ 16.296665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.296949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.297572] page dumped because: kasan: bad access detected [ 16.297863] [ 16.297944] Memory state around the buggy address: [ 16.298315] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.298663] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.299045] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.299365] ^ [ 16.299527] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299847] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300454] ================================================================== [ 16.126482] ================================================================== [ 16.126793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 16.127283] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.127621] [ 16.127729] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.127770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.127783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.127804] Call Trace: [ 16.127818] <TASK> [ 16.127833] dump_stack_lvl+0x73/0xb0 [ 16.127860] print_report+0xd1/0x610 [ 16.127883] ? __virt_addr_valid+0x1db/0x2d0 [ 16.127908] ? kasan_atomics_helper+0x1467/0x5450 [ 16.127930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.127955] ? kasan_atomics_helper+0x1467/0x5450 [ 16.128086] kasan_report+0x141/0x180 [ 16.128110] ? kasan_atomics_helper+0x1467/0x5450 [ 16.128138] kasan_check_range+0x10c/0x1c0 [ 16.128162] __kasan_check_write+0x18/0x20 [ 16.128183] kasan_atomics_helper+0x1467/0x5450 [ 16.128207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.128231] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.128257] ? kasan_atomics+0x152/0x310 [ 16.128297] kasan_atomics+0x1dc/0x310 [ 16.128320] ? __pfx_kasan_atomics+0x10/0x10 [ 16.128346] ? __pfx_read_tsc+0x10/0x10 [ 16.128367] ? ktime_get_ts64+0x86/0x230 [ 16.128392] kunit_try_run_case+0x1a5/0x480 [ 16.128418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.128443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.128468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.128494] ? __kthread_parkme+0x82/0x180 [ 16.128515] ? preempt_count_sub+0x50/0x80 [ 16.128541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.128566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.128592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.128619] kthread+0x337/0x6f0 [ 16.128639] ? trace_preempt_on+0x20/0xc0 [ 16.128663] ? __pfx_kthread+0x10/0x10 [ 16.128685] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.128708] ? calculate_sigpending+0x7b/0xa0 [ 16.128734] ? __pfx_kthread+0x10/0x10 [ 16.128757] ret_from_fork+0x116/0x1d0 [ 16.128777] ? __pfx_kthread+0x10/0x10 [ 16.128799] ret_from_fork_asm+0x1a/0x30 [ 16.128831] </TASK> [ 16.128842] [ 16.136872] Allocated by task 282: [ 16.137113] kasan_save_stack+0x45/0x70 [ 16.137323] kasan_save_track+0x18/0x40 [ 16.137496] kasan_save_alloc_info+0x3b/0x50 [ 16.137684] __kasan_kmalloc+0xb7/0xc0 [ 16.137846] __kmalloc_cache_noprof+0x189/0x420 [ 16.138130] kasan_atomics+0x95/0x310 [ 16.138336] kunit_try_run_case+0x1a5/0x480 [ 16.138545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.138762] kthread+0x337/0x6f0 [ 16.138929] ret_from_fork+0x116/0x1d0 [ 16.139315] ret_from_fork_asm+0x1a/0x30 [ 16.139468] [ 16.139550] The buggy address belongs to the object at ffff888102a0a600 [ 16.139550] which belongs to the cache kmalloc-64 of size 64 [ 16.140193] The buggy address is located 0 bytes to the right of [ 16.140193] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.140681] [ 16.140778] The buggy address belongs to the physical page: [ 16.141095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.141417] flags: 0x200000000000000(node=0|zone=2) [ 16.141581] page_type: f5(slab) [ 16.141702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.142062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.142419] page dumped because: kasan: bad access detected [ 16.142669] [ 16.142769] Memory state around the buggy address: [ 16.143170] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.143488] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.143790] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.144188] ^ [ 16.144379] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.144599] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.144906] ================================================================== [ 16.088822] ================================================================== [ 16.089250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 16.089580] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.089839] [ 16.089944] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.090083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.090097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.090118] Call Trace: [ 16.090132] <TASK> [ 16.090146] dump_stack_lvl+0x73/0xb0 [ 16.090174] print_report+0xd1/0x610 [ 16.090197] ? __virt_addr_valid+0x1db/0x2d0 [ 16.090221] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.090244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.090280] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.090303] kasan_report+0x141/0x180 [ 16.090326] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.090354] kasan_check_range+0x10c/0x1c0 [ 16.090378] __kasan_check_read+0x15/0x20 [ 16.090399] kasan_atomics_helper+0x13b5/0x5450 [ 16.090423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.090447] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.090473] ? kasan_atomics+0x152/0x310 [ 16.090500] kasan_atomics+0x1dc/0x310 [ 16.090523] ? __pfx_kasan_atomics+0x10/0x10 [ 16.090548] ? __pfx_read_tsc+0x10/0x10 [ 16.090570] ? ktime_get_ts64+0x86/0x230 [ 16.090594] kunit_try_run_case+0x1a5/0x480 [ 16.090619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.090645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.090669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.090694] ? __kthread_parkme+0x82/0x180 [ 16.090722] ? preempt_count_sub+0x50/0x80 [ 16.090747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.090773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.090798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.090825] kthread+0x337/0x6f0 [ 16.090845] ? trace_preempt_on+0x20/0xc0 [ 16.090869] ? __pfx_kthread+0x10/0x10 [ 16.090890] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.090913] ? calculate_sigpending+0x7b/0xa0 [ 16.090938] ? __pfx_kthread+0x10/0x10 [ 16.091125] ret_from_fork+0x116/0x1d0 [ 16.091157] ? __pfx_kthread+0x10/0x10 [ 16.091179] ret_from_fork_asm+0x1a/0x30 [ 16.091211] </TASK> [ 16.091222] [ 16.098952] Allocated by task 282: [ 16.099277] kasan_save_stack+0x45/0x70 [ 16.099470] kasan_save_track+0x18/0x40 [ 16.099666] kasan_save_alloc_info+0x3b/0x50 [ 16.099840] __kasan_kmalloc+0xb7/0xc0 [ 16.100134] __kmalloc_cache_noprof+0x189/0x420 [ 16.100343] kasan_atomics+0x95/0x310 [ 16.100534] kunit_try_run_case+0x1a5/0x480 [ 16.100737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.101063] kthread+0x337/0x6f0 [ 16.101221] ret_from_fork+0x116/0x1d0 [ 16.101383] ret_from_fork_asm+0x1a/0x30 [ 16.101526] [ 16.101598] The buggy address belongs to the object at ffff888102a0a600 [ 16.101598] which belongs to the cache kmalloc-64 of size 64 [ 16.102136] The buggy address is located 0 bytes to the right of [ 16.102136] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.102690] [ 16.102770] The buggy address belongs to the physical page: [ 16.102945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.103504] flags: 0x200000000000000(node=0|zone=2) [ 16.103751] page_type: f5(slab) [ 16.103922] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.104364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.104627] page dumped because: kasan: bad access detected [ 16.104879] [ 16.104980] Memory state around the buggy address: [ 16.105190] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.105488] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.105768] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.106078] ^ [ 16.106436] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.106708] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.106940] ================================================================== [ 16.341675] ================================================================== [ 16.342038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.342361] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.342679] [ 16.342779] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.342822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.342835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.342856] Call Trace: [ 16.342870] <TASK> [ 16.342884] dump_stack_lvl+0x73/0xb0 [ 16.342912] print_report+0xd1/0x610 [ 16.342934] ? __virt_addr_valid+0x1db/0x2d0 [ 16.342958] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.342981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.343008] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.343031] kasan_report+0x141/0x180 [ 16.343054] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.343082] kasan_check_range+0x10c/0x1c0 [ 16.343107] __kasan_check_write+0x18/0x20 [ 16.343127] kasan_atomics_helper+0x19e3/0x5450 [ 16.343151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.343176] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.343202] ? kasan_atomics+0x152/0x310 [ 16.343228] kasan_atomics+0x1dc/0x310 [ 16.343252] ? __pfx_kasan_atomics+0x10/0x10 [ 16.343287] ? __pfx_read_tsc+0x10/0x10 [ 16.343310] ? ktime_get_ts64+0x86/0x230 [ 16.343334] kunit_try_run_case+0x1a5/0x480 [ 16.343360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.343408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.343434] ? __kthread_parkme+0x82/0x180 [ 16.343456] ? preempt_count_sub+0x50/0x80 [ 16.343481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.343532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.343559] kthread+0x337/0x6f0 [ 16.343579] ? trace_preempt_on+0x20/0xc0 [ 16.343603] ? __pfx_kthread+0x10/0x10 [ 16.343624] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.343647] ? calculate_sigpending+0x7b/0xa0 [ 16.343672] ? __pfx_kthread+0x10/0x10 [ 16.343695] ret_from_fork+0x116/0x1d0 [ 16.343714] ? __pfx_kthread+0x10/0x10 [ 16.343736] ret_from_fork_asm+0x1a/0x30 [ 16.343767] </TASK> [ 16.343779] [ 16.352359] Allocated by task 282: [ 16.352526] kasan_save_stack+0x45/0x70 [ 16.352700] kasan_save_track+0x18/0x40 [ 16.352888] kasan_save_alloc_info+0x3b/0x50 [ 16.353133] __kasan_kmalloc+0xb7/0xc0 [ 16.353286] __kmalloc_cache_noprof+0x189/0x420 [ 16.353444] kasan_atomics+0x95/0x310 [ 16.353579] kunit_try_run_case+0x1a5/0x480 [ 16.353727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.353905] kthread+0x337/0x6f0 [ 16.354071] ret_from_fork+0x116/0x1d0 [ 16.354257] ret_from_fork_asm+0x1a/0x30 [ 16.354772] [ 16.354878] The buggy address belongs to the object at ffff888102a0a600 [ 16.354878] which belongs to the cache kmalloc-64 of size 64 [ 16.355328] The buggy address is located 0 bytes to the right of [ 16.355328] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.355702] [ 16.355778] The buggy address belongs to the physical page: [ 16.355952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.356762] flags: 0x200000000000000(node=0|zone=2) [ 16.357028] page_type: f5(slab) [ 16.357199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.357822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.358174] page dumped because: kasan: bad access detected [ 16.358538] [ 16.358620] Memory state around the buggy address: [ 16.358824] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359177] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359413] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.359629] ^ [ 16.359843] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360239] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360575] ================================================================== [ 15.403368] ================================================================== [ 15.403620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.403954] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.404318] [ 15.404403] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.404445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.404477] Call Trace: [ 15.404489] <TASK> [ 15.404501] dump_stack_lvl+0x73/0xb0 [ 15.404528] print_report+0xd1/0x610 [ 15.404549] ? __virt_addr_valid+0x1db/0x2d0 [ 15.404572] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.404594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.404617] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.404639] kasan_report+0x141/0x180 [ 15.404661] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.404687] __asan_report_store4_noabort+0x1b/0x30 [ 15.404713] kasan_atomics_helper+0x4ba2/0x5450 [ 15.404736] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.404758] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.404783] ? kasan_atomics+0x152/0x310 [ 15.404810] kasan_atomics+0x1dc/0x310 [ 15.404831] ? __pfx_kasan_atomics+0x10/0x10 [ 15.404856] ? __pfx_read_tsc+0x10/0x10 [ 15.404877] ? ktime_get_ts64+0x86/0x230 [ 15.404901] kunit_try_run_case+0x1a5/0x480 [ 15.404927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.404950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.404974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.404998] ? __kthread_parkme+0x82/0x180 [ 15.405019] ? preempt_count_sub+0x50/0x80 [ 15.405043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.405228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.405256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.405296] kthread+0x337/0x6f0 [ 15.405315] ? trace_preempt_on+0x20/0xc0 [ 15.405340] ? __pfx_kthread+0x10/0x10 [ 15.405361] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.405383] ? calculate_sigpending+0x7b/0xa0 [ 15.405407] ? __pfx_kthread+0x10/0x10 [ 15.405429] ret_from_fork+0x116/0x1d0 [ 15.405448] ? __pfx_kthread+0x10/0x10 [ 15.405469] ret_from_fork_asm+0x1a/0x30 [ 15.405499] </TASK> [ 15.405510] [ 15.413309] Allocated by task 282: [ 15.413444] kasan_save_stack+0x45/0x70 [ 15.413590] kasan_save_track+0x18/0x40 [ 15.413725] kasan_save_alloc_info+0x3b/0x50 [ 15.413929] __kasan_kmalloc+0xb7/0xc0 [ 15.414120] __kmalloc_cache_noprof+0x189/0x420 [ 15.414357] kasan_atomics+0x95/0x310 [ 15.414550] kunit_try_run_case+0x1a5/0x480 [ 15.414767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415019] kthread+0x337/0x6f0 [ 15.415187] ret_from_fork+0x116/0x1d0 [ 15.416334] ret_from_fork_asm+0x1a/0x30 [ 15.416512] [ 15.416964] The buggy address belongs to the object at ffff888102a0a600 [ 15.416964] which belongs to the cache kmalloc-64 of size 64 [ 15.417651] The buggy address is located 0 bytes to the right of [ 15.417651] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.418411] [ 15.418493] The buggy address belongs to the physical page: [ 15.418882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.419395] flags: 0x200000000000000(node=0|zone=2) [ 15.419577] page_type: f5(slab) [ 15.420110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.420405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.420859] page dumped because: kasan: bad access detected [ 15.421119] [ 15.421196] Memory state around the buggy address: [ 15.421666] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.422040] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.422361] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.422673] ^ [ 15.422886] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423599] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.424092] ================================================================== [ 15.781649] ================================================================== [ 15.781922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.782441] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.782671] [ 15.782763] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.782806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.782819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.782841] Call Trace: [ 15.782856] <TASK> [ 15.782871] dump_stack_lvl+0x73/0xb0 [ 15.782899] print_report+0xd1/0x610 [ 15.782922] ? __virt_addr_valid+0x1db/0x2d0 [ 15.782945] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.782968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.782993] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.783017] kasan_report+0x141/0x180 [ 15.783041] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.783069] __asan_report_load4_noabort+0x18/0x20 [ 15.783096] kasan_atomics_helper+0x4a84/0x5450 [ 15.783320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.783346] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.783373] ? kasan_atomics+0x152/0x310 [ 15.783400] kasan_atomics+0x1dc/0x310 [ 15.783424] ? __pfx_kasan_atomics+0x10/0x10 [ 15.783450] ? __pfx_read_tsc+0x10/0x10 [ 15.783473] ? ktime_get_ts64+0x86/0x230 [ 15.783498] kunit_try_run_case+0x1a5/0x480 [ 15.783523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.783572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.783598] ? __kthread_parkme+0x82/0x180 [ 15.783619] ? preempt_count_sub+0x50/0x80 [ 15.783643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.783723] kthread+0x337/0x6f0 [ 15.783746] ? trace_preempt_on+0x20/0xc0 [ 15.783773] ? __pfx_kthread+0x10/0x10 [ 15.783795] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.783818] ? calculate_sigpending+0x7b/0xa0 [ 15.783843] ? __pfx_kthread+0x10/0x10 [ 15.783867] ret_from_fork+0x116/0x1d0 [ 15.783888] ? __pfx_kthread+0x10/0x10 [ 15.783910] ret_from_fork_asm+0x1a/0x30 [ 15.783943] </TASK> [ 15.783954] [ 15.791885] Allocated by task 282: [ 15.792019] kasan_save_stack+0x45/0x70 [ 15.792212] kasan_save_track+0x18/0x40 [ 15.792413] kasan_save_alloc_info+0x3b/0x50 [ 15.792621] __kasan_kmalloc+0xb7/0xc0 [ 15.792807] __kmalloc_cache_noprof+0x189/0x420 [ 15.793030] kasan_atomics+0x95/0x310 [ 15.793191] kunit_try_run_case+0x1a5/0x480 [ 15.793739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.793974] kthread+0x337/0x6f0 [ 15.794280] ret_from_fork+0x116/0x1d0 [ 15.794466] ret_from_fork_asm+0x1a/0x30 [ 15.794629] [ 15.794700] The buggy address belongs to the object at ffff888102a0a600 [ 15.794700] which belongs to the cache kmalloc-64 of size 64 [ 15.795346] The buggy address is located 0 bytes to the right of [ 15.795346] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.795905] [ 15.796001] The buggy address belongs to the physical page: [ 15.796347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.796664] flags: 0x200000000000000(node=0|zone=2) [ 15.796877] page_type: f5(slab) [ 15.797043] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.797626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.797924] page dumped because: kasan: bad access detected [ 15.798311] [ 15.798406] Memory state around the buggy address: [ 15.798595] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.798861] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.799210] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.799650] ^ [ 15.799899] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800545] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800821] ================================================================== [ 16.457709] ================================================================== [ 16.458418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.459089] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.459708] [ 16.459798] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.459840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.459855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.459876] Call Trace: [ 16.459893] <TASK> [ 16.459910] dump_stack_lvl+0x73/0xb0 [ 16.459937] print_report+0xd1/0x610 [ 16.459960] ? __virt_addr_valid+0x1db/0x2d0 [ 16.459984] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.460007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.460032] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.460056] kasan_report+0x141/0x180 [ 16.460078] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.460107] kasan_check_range+0x10c/0x1c0 [ 16.460132] __kasan_check_write+0x18/0x20 [ 16.460152] kasan_atomics_helper+0x1d7a/0x5450 [ 16.460177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.460202] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.460228] ? kasan_atomics+0x152/0x310 [ 16.460255] kasan_atomics+0x1dc/0x310 [ 16.460296] ? __pfx_kasan_atomics+0x10/0x10 [ 16.460321] ? __pfx_read_tsc+0x10/0x10 [ 16.460343] ? ktime_get_ts64+0x86/0x230 [ 16.460368] kunit_try_run_case+0x1a5/0x480 [ 16.460394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.460418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.460443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.460469] ? __kthread_parkme+0x82/0x180 [ 16.460491] ? preempt_count_sub+0x50/0x80 [ 16.460516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.460542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.460567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.460593] kthread+0x337/0x6f0 [ 16.460613] ? trace_preempt_on+0x20/0xc0 [ 16.460638] ? __pfx_kthread+0x10/0x10 [ 16.460660] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.460682] ? calculate_sigpending+0x7b/0xa0 [ 16.460708] ? __pfx_kthread+0x10/0x10 [ 16.460731] ret_from_fork+0x116/0x1d0 [ 16.460750] ? __pfx_kthread+0x10/0x10 [ 16.460772] ret_from_fork_asm+0x1a/0x30 [ 16.460805] </TASK> [ 16.460815] [ 16.472493] Allocated by task 282: [ 16.472621] kasan_save_stack+0x45/0x70 [ 16.472795] kasan_save_track+0x18/0x40 [ 16.472991] kasan_save_alloc_info+0x3b/0x50 [ 16.473210] __kasan_kmalloc+0xb7/0xc0 [ 16.473534] __kmalloc_cache_noprof+0x189/0x420 [ 16.473924] kasan_atomics+0x95/0x310 [ 16.474247] kunit_try_run_case+0x1a5/0x480 [ 16.474623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.475089] kthread+0x337/0x6f0 [ 16.475396] ret_from_fork+0x116/0x1d0 [ 16.475735] ret_from_fork_asm+0x1a/0x30 [ 16.476090] [ 16.476244] The buggy address belongs to the object at ffff888102a0a600 [ 16.476244] which belongs to the cache kmalloc-64 of size 64 [ 16.477251] The buggy address is located 0 bytes to the right of [ 16.477251] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.478321] [ 16.478477] The buggy address belongs to the physical page: [ 16.478718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.478961] flags: 0x200000000000000(node=0|zone=2) [ 16.479126] page_type: f5(slab) [ 16.479247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.479567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.479853] page dumped because: kasan: bad access detected [ 16.480069] [ 16.480141] Memory state around the buggy address: [ 16.480359] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.480603] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.480900] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.481155] ^ [ 16.481388] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.481682] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.481937] ================================================================== [ 15.523992] ================================================================== [ 15.524626] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.524924] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.525311] [ 15.525416] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.525458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.525495] Call Trace: [ 15.525510] <TASK> [ 15.525526] dump_stack_lvl+0x73/0xb0 [ 15.525554] print_report+0xd1/0x610 [ 15.525577] ? __virt_addr_valid+0x1db/0x2d0 [ 15.525600] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.525623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.525649] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.525673] kasan_report+0x141/0x180 [ 15.525696] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.525725] __asan_report_store4_noabort+0x1b/0x30 [ 15.525751] kasan_atomics_helper+0x4b3a/0x5450 [ 15.525774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.525799] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.525824] ? kasan_atomics+0x152/0x310 [ 15.525852] kasan_atomics+0x1dc/0x310 [ 15.525875] ? __pfx_kasan_atomics+0x10/0x10 [ 15.525901] ? __pfx_read_tsc+0x10/0x10 [ 15.525923] ? ktime_get_ts64+0x86/0x230 [ 15.525949] kunit_try_run_case+0x1a5/0x480 [ 15.525978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.526045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.526072] ? __kthread_parkme+0x82/0x180 [ 15.526095] ? preempt_count_sub+0x50/0x80 [ 15.526120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.526199] kthread+0x337/0x6f0 [ 15.526219] ? trace_preempt_on+0x20/0xc0 [ 15.526243] ? __pfx_kthread+0x10/0x10 [ 15.526275] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.526298] ? calculate_sigpending+0x7b/0xa0 [ 15.526324] ? __pfx_kthread+0x10/0x10 [ 15.526347] ret_from_fork+0x116/0x1d0 [ 15.526366] ? __pfx_kthread+0x10/0x10 [ 15.526388] ret_from_fork_asm+0x1a/0x30 [ 15.526420] </TASK> [ 15.526431] [ 15.534090] Allocated by task 282: [ 15.534283] kasan_save_stack+0x45/0x70 [ 15.534758] kasan_save_track+0x18/0x40 [ 15.534925] kasan_save_alloc_info+0x3b/0x50 [ 15.535342] __kasan_kmalloc+0xb7/0xc0 [ 15.535537] __kmalloc_cache_noprof+0x189/0x420 [ 15.535699] kasan_atomics+0x95/0x310 [ 15.535875] kunit_try_run_case+0x1a5/0x480 [ 15.536287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536549] kthread+0x337/0x6f0 [ 15.536697] ret_from_fork+0x116/0x1d0 [ 15.536837] ret_from_fork_asm+0x1a/0x30 [ 15.537136] [ 15.537249] The buggy address belongs to the object at ffff888102a0a600 [ 15.537249] which belongs to the cache kmalloc-64 of size 64 [ 15.537791] The buggy address is located 0 bytes to the right of [ 15.537791] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.538344] [ 15.538444] The buggy address belongs to the physical page: [ 15.538674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.539049] flags: 0x200000000000000(node=0|zone=2) [ 15.539274] page_type: f5(slab) [ 15.539431] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.539726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.539982] page dumped because: kasan: bad access detected [ 15.540155] [ 15.540225] Memory state around the buggy address: [ 15.540389] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.540609] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.540920] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.541566] ^ [ 15.541807] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.542200] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.542432] ================================================================== [ 15.985878] ================================================================== [ 15.986617] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.986963] Read of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.987331] [ 15.987438] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.987481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.987495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.987518] Call Trace: [ 15.987532] <TASK> [ 15.987548] dump_stack_lvl+0x73/0xb0 [ 15.987576] print_report+0xd1/0x610 [ 15.987599] ? __virt_addr_valid+0x1db/0x2d0 [ 15.987622] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.987645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.987671] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.987694] kasan_report+0x141/0x180 [ 15.987718] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.987748] __asan_report_load4_noabort+0x18/0x20 [ 15.987777] kasan_atomics_helper+0x4a02/0x5450 [ 15.987801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.987825] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.987852] ? kasan_atomics+0x152/0x310 [ 15.987879] kasan_atomics+0x1dc/0x310 [ 15.987902] ? __pfx_kasan_atomics+0x10/0x10 [ 15.987928] ? __pfx_read_tsc+0x10/0x10 [ 15.987950] ? ktime_get_ts64+0x86/0x230 [ 15.987975] kunit_try_run_case+0x1a5/0x480 [ 15.988193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.988236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.988274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.988300] ? __kthread_parkme+0x82/0x180 [ 15.988321] ? preempt_count_sub+0x50/0x80 [ 15.988346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.988372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.988398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.988425] kthread+0x337/0x6f0 [ 15.988445] ? trace_preempt_on+0x20/0xc0 [ 15.988470] ? __pfx_kthread+0x10/0x10 [ 15.988492] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.988515] ? calculate_sigpending+0x7b/0xa0 [ 15.988540] ? __pfx_kthread+0x10/0x10 [ 15.988563] ret_from_fork+0x116/0x1d0 [ 15.988584] ? __pfx_kthread+0x10/0x10 [ 15.988606] ret_from_fork_asm+0x1a/0x30 [ 15.988638] </TASK> [ 15.988650] [ 15.997219] Allocated by task 282: [ 15.997381] kasan_save_stack+0x45/0x70 [ 15.997549] kasan_save_track+0x18/0x40 [ 15.997750] kasan_save_alloc_info+0x3b/0x50 [ 15.997966] __kasan_kmalloc+0xb7/0xc0 [ 15.998243] __kmalloc_cache_noprof+0x189/0x420 [ 15.998475] kasan_atomics+0x95/0x310 [ 16.000110] kunit_try_run_case+0x1a5/0x480 [ 16.000804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.001206] kthread+0x337/0x6f0 [ 16.001361] ret_from_fork+0x116/0x1d0 [ 16.001498] ret_from_fork_asm+0x1a/0x30 [ 16.001639] [ 16.001714] The buggy address belongs to the object at ffff888102a0a600 [ 16.001714] which belongs to the cache kmalloc-64 of size 64 [ 16.002217] The buggy address is located 0 bytes to the right of [ 16.002217] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.002608] [ 16.002682] The buggy address belongs to the physical page: [ 16.002891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.004052] flags: 0x200000000000000(node=0|zone=2) [ 16.006342] page_type: f5(slab) [ 16.006512] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.006747] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.006971] page dumped because: kasan: bad access detected [ 16.007141] [ 16.007212] Memory state around the buggy address: [ 16.007380] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.007593] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.007805] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.008013] ^ [ 16.008165] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.009688] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.010311] ================================================================== [ 16.145423] ================================================================== [ 16.145726] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 16.146132] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.146462] [ 16.146572] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.146613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.146627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.146648] Call Trace: [ 16.146660] <TASK> [ 16.146674] dump_stack_lvl+0x73/0xb0 [ 16.146702] print_report+0xd1/0x610 [ 16.146731] ? __virt_addr_valid+0x1db/0x2d0 [ 16.146754] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.146777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.146802] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.146826] kasan_report+0x141/0x180 [ 16.146849] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.146877] __asan_report_store8_noabort+0x1b/0x30 [ 16.146904] kasan_atomics_helper+0x50d4/0x5450 [ 16.146928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.146953] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.147156] ? kasan_atomics+0x152/0x310 [ 16.147184] kasan_atomics+0x1dc/0x310 [ 16.147208] ? __pfx_kasan_atomics+0x10/0x10 [ 16.147234] ? __pfx_read_tsc+0x10/0x10 [ 16.147255] ? ktime_get_ts64+0x86/0x230 [ 16.147295] kunit_try_run_case+0x1a5/0x480 [ 16.147320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.147344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.147369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.147394] ? __kthread_parkme+0x82/0x180 [ 16.147416] ? preempt_count_sub+0x50/0x80 [ 16.147441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.147467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.147493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.147519] kthread+0x337/0x6f0 [ 16.147539] ? trace_preempt_on+0x20/0xc0 [ 16.147563] ? __pfx_kthread+0x10/0x10 [ 16.147585] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.147607] ? calculate_sigpending+0x7b/0xa0 [ 16.147632] ? __pfx_kthread+0x10/0x10 [ 16.147655] ret_from_fork+0x116/0x1d0 [ 16.147674] ? __pfx_kthread+0x10/0x10 [ 16.147696] ret_from_fork_asm+0x1a/0x30 [ 16.147728] </TASK> [ 16.147739] [ 16.155578] Allocated by task 282: [ 16.155764] kasan_save_stack+0x45/0x70 [ 16.156079] kasan_save_track+0x18/0x40 [ 16.156299] kasan_save_alloc_info+0x3b/0x50 [ 16.156501] __kasan_kmalloc+0xb7/0xc0 [ 16.156668] __kmalloc_cache_noprof+0x189/0x420 [ 16.156865] kasan_atomics+0x95/0x310 [ 16.157110] kunit_try_run_case+0x1a5/0x480 [ 16.157342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.157549] kthread+0x337/0x6f0 [ 16.157715] ret_from_fork+0x116/0x1d0 [ 16.157875] ret_from_fork_asm+0x1a/0x30 [ 16.158146] [ 16.158245] The buggy address belongs to the object at ffff888102a0a600 [ 16.158245] which belongs to the cache kmalloc-64 of size 64 [ 16.158756] The buggy address is located 0 bytes to the right of [ 16.158756] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.159411] [ 16.159518] The buggy address belongs to the physical page: [ 16.159754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.160141] flags: 0x200000000000000(node=0|zone=2) [ 16.160323] page_type: f5(slab) [ 16.160447] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.160779] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.161199] page dumped because: kasan: bad access detected [ 16.161449] [ 16.161521] Memory state around the buggy address: [ 16.161677] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.161897] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.162302] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.162625] ^ [ 16.162864] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163451] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163788] ================================================================== [ 16.221796] ================================================================== [ 16.222186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.222555] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.222835] [ 16.222947] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.223168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.223184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.223206] Call Trace: [ 16.223221] <TASK> [ 16.223235] dump_stack_lvl+0x73/0xb0 [ 16.223280] print_report+0xd1/0x610 [ 16.223303] ? __virt_addr_valid+0x1db/0x2d0 [ 16.223327] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.223350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.223374] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.223397] kasan_report+0x141/0x180 [ 16.223420] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.223448] kasan_check_range+0x10c/0x1c0 [ 16.223473] __kasan_check_write+0x18/0x20 [ 16.223494] kasan_atomics_helper+0x16e7/0x5450 [ 16.223517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.223542] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.223568] ? kasan_atomics+0x152/0x310 [ 16.223595] kasan_atomics+0x1dc/0x310 [ 16.223619] ? __pfx_kasan_atomics+0x10/0x10 [ 16.223644] ? __pfx_read_tsc+0x10/0x10 [ 16.223665] ? ktime_get_ts64+0x86/0x230 [ 16.223689] kunit_try_run_case+0x1a5/0x480 [ 16.223715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.223739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.223764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.223789] ? __kthread_parkme+0x82/0x180 [ 16.223812] ? preempt_count_sub+0x50/0x80 [ 16.223836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.223862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.223888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.223916] kthread+0x337/0x6f0 [ 16.223936] ? trace_preempt_on+0x20/0xc0 [ 16.223960] ? __pfx_kthread+0x10/0x10 [ 16.224004] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.224027] ? calculate_sigpending+0x7b/0xa0 [ 16.224053] ? __pfx_kthread+0x10/0x10 [ 16.224076] ret_from_fork+0x116/0x1d0 [ 16.224095] ? __pfx_kthread+0x10/0x10 [ 16.224117] ret_from_fork_asm+0x1a/0x30 [ 16.224149] </TASK> [ 16.224160] [ 16.233314] Allocated by task 282: [ 16.233507] kasan_save_stack+0x45/0x70 [ 16.233720] kasan_save_track+0x18/0x40 [ 16.233894] kasan_save_alloc_info+0x3b/0x50 [ 16.234084] __kasan_kmalloc+0xb7/0xc0 [ 16.235190] __kmalloc_cache_noprof+0x189/0x420 [ 16.235433] kasan_atomics+0x95/0x310 [ 16.235744] kunit_try_run_case+0x1a5/0x480 [ 16.235943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.236397] kthread+0x337/0x6f0 [ 16.236583] ret_from_fork+0x116/0x1d0 [ 16.236920] ret_from_fork_asm+0x1a/0x30 [ 16.237300] [ 16.237555] The buggy address belongs to the object at ffff888102a0a600 [ 16.237555] which belongs to the cache kmalloc-64 of size 64 [ 16.238287] The buggy address is located 0 bytes to the right of [ 16.238287] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.239216] [ 16.239320] The buggy address belongs to the physical page: [ 16.239733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.240274] flags: 0x200000000000000(node=0|zone=2) [ 16.240606] page_type: f5(slab) [ 16.240863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.241336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.241746] page dumped because: kasan: bad access detected [ 16.242183] [ 16.242409] Memory state around the buggy address: [ 16.242658] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.243273] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.243696] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.244221] ^ [ 16.244569] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245055] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245473] ================================================================== [ 16.050687] ================================================================== [ 16.051237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 16.051599] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.051892] [ 16.052115] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.052160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.052172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.052194] Call Trace: [ 16.052209] <TASK> [ 16.052224] dump_stack_lvl+0x73/0xb0 [ 16.052252] print_report+0xd1/0x610 [ 16.052286] ? __virt_addr_valid+0x1db/0x2d0 [ 16.052311] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.052334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.052358] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.052381] kasan_report+0x141/0x180 [ 16.052404] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.052431] kasan_check_range+0x10c/0x1c0 [ 16.052456] __kasan_check_write+0x18/0x20 [ 16.052476] kasan_atomics_helper+0x12e6/0x5450 [ 16.052500] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.052524] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.052551] ? kasan_atomics+0x152/0x310 [ 16.052578] kasan_atomics+0x1dc/0x310 [ 16.052601] ? __pfx_kasan_atomics+0x10/0x10 [ 16.052627] ? __pfx_read_tsc+0x10/0x10 [ 16.052648] ? ktime_get_ts64+0x86/0x230 [ 16.052673] kunit_try_run_case+0x1a5/0x480 [ 16.052698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.052723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.052747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.052772] ? __kthread_parkme+0x82/0x180 [ 16.052794] ? preempt_count_sub+0x50/0x80 [ 16.052818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.052846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.052872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.052898] kthread+0x337/0x6f0 [ 16.052918] ? trace_preempt_on+0x20/0xc0 [ 16.052942] ? __pfx_kthread+0x10/0x10 [ 16.053035] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.053064] ? calculate_sigpending+0x7b/0xa0 [ 16.053089] ? __pfx_kthread+0x10/0x10 [ 16.053111] ret_from_fork+0x116/0x1d0 [ 16.053131] ? __pfx_kthread+0x10/0x10 [ 16.053153] ret_from_fork_asm+0x1a/0x30 [ 16.053185] </TASK> [ 16.053196] [ 16.061328] Allocated by task 282: [ 16.061521] kasan_save_stack+0x45/0x70 [ 16.061723] kasan_save_track+0x18/0x40 [ 16.061898] kasan_save_alloc_info+0x3b/0x50 [ 16.062188] __kasan_kmalloc+0xb7/0xc0 [ 16.062380] __kmalloc_cache_noprof+0x189/0x420 [ 16.062584] kasan_atomics+0x95/0x310 [ 16.062764] kunit_try_run_case+0x1a5/0x480 [ 16.062956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.063368] kthread+0x337/0x6f0 [ 16.063539] ret_from_fork+0x116/0x1d0 [ 16.063723] ret_from_fork_asm+0x1a/0x30 [ 16.063886] [ 16.063959] The buggy address belongs to the object at ffff888102a0a600 [ 16.063959] which belongs to the cache kmalloc-64 of size 64 [ 16.064432] The buggy address is located 0 bytes to the right of [ 16.064432] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.065057] [ 16.065155] The buggy address belongs to the physical page: [ 16.065415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.065744] flags: 0x200000000000000(node=0|zone=2) [ 16.065908] page_type: f5(slab) [ 16.066134] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.066502] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.066840] page dumped because: kasan: bad access detected [ 16.067277] [ 16.067379] Memory state around the buggy address: [ 16.067591] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.067879] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.068259] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.068567] ^ [ 16.068766] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.069159] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.069437] ================================================================== [ 16.576307] ================================================================== [ 16.576537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.576803] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.577174] [ 16.577288] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.577348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.577361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.577381] Call Trace: [ 16.577396] <TASK> [ 16.577410] dump_stack_lvl+0x73/0xb0 [ 16.577437] print_report+0xd1/0x610 [ 16.577460] ? __virt_addr_valid+0x1db/0x2d0 [ 16.577483] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.577505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.577548] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.577572] kasan_report+0x141/0x180 [ 16.577594] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.577637] __asan_report_load8_noabort+0x18/0x20 [ 16.577663] kasan_atomics_helper+0x4f98/0x5450 [ 16.577687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.577712] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.577738] ? kasan_atomics+0x152/0x310 [ 16.577765] kasan_atomics+0x1dc/0x310 [ 16.577806] ? __pfx_kasan_atomics+0x10/0x10 [ 16.577832] ? __pfx_read_tsc+0x10/0x10 [ 16.577854] ? ktime_get_ts64+0x86/0x230 [ 16.577878] kunit_try_run_case+0x1a5/0x480 [ 16.577904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.577928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.577953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.577978] ? __kthread_parkme+0x82/0x180 [ 16.577999] ? preempt_count_sub+0x50/0x80 [ 16.578040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.578080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.578119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.578159] kthread+0x337/0x6f0 [ 16.578191] ? trace_preempt_on+0x20/0xc0 [ 16.578228] ? __pfx_kthread+0x10/0x10 [ 16.578272] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.578295] ? calculate_sigpending+0x7b/0xa0 [ 16.578321] ? __pfx_kthread+0x10/0x10 [ 16.578343] ret_from_fork+0x116/0x1d0 [ 16.578363] ? __pfx_kthread+0x10/0x10 [ 16.578385] ret_from_fork_asm+0x1a/0x30 [ 16.578418] </TASK> [ 16.578429] [ 16.585822] Allocated by task 282: [ 16.585955] kasan_save_stack+0x45/0x70 [ 16.586094] kasan_save_track+0x18/0x40 [ 16.586311] kasan_save_alloc_info+0x3b/0x50 [ 16.586523] __kasan_kmalloc+0xb7/0xc0 [ 16.586719] __kmalloc_cache_noprof+0x189/0x420 [ 16.586916] kasan_atomics+0x95/0x310 [ 16.587095] kunit_try_run_case+0x1a5/0x480 [ 16.587292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.587516] kthread+0x337/0x6f0 [ 16.587689] ret_from_fork+0x116/0x1d0 [ 16.587874] ret_from_fork_asm+0x1a/0x30 [ 16.588087] [ 16.588161] The buggy address belongs to the object at ffff888102a0a600 [ 16.588161] which belongs to the cache kmalloc-64 of size 64 [ 16.588683] The buggy address is located 0 bytes to the right of [ 16.588683] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.589325] [ 16.589422] The buggy address belongs to the physical page: [ 16.589690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.590032] flags: 0x200000000000000(node=0|zone=2) [ 16.590258] page_type: f5(slab) [ 16.590430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.590770] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.591094] page dumped because: kasan: bad access detected [ 16.591342] [ 16.591435] Memory state around the buggy address: [ 16.591652] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.591904] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.592114] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.592327] ^ [ 16.592525] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.593798] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.594421] ================================================================== [ 15.742763] ================================================================== [ 15.743622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.743917] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.744202] [ 15.744323] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.744370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.744384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.744406] Call Trace: [ 15.744423] <TASK> [ 15.744439] dump_stack_lvl+0x73/0xb0 [ 15.744467] print_report+0xd1/0x610 [ 15.744491] ? __virt_addr_valid+0x1db/0x2d0 [ 15.744515] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.744538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.744563] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.744587] kasan_report+0x141/0x180 [ 15.744610] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.744638] kasan_check_range+0x10c/0x1c0 [ 15.744662] __kasan_check_write+0x18/0x20 [ 15.744683] kasan_atomics_helper+0xb6a/0x5450 [ 15.744707] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.744732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.744758] ? kasan_atomics+0x152/0x310 [ 15.744785] kasan_atomics+0x1dc/0x310 [ 15.744904] ? __pfx_kasan_atomics+0x10/0x10 [ 15.744936] ? __pfx_read_tsc+0x10/0x10 [ 15.744960] ? ktime_get_ts64+0x86/0x230 [ 15.745036] kunit_try_run_case+0x1a5/0x480 [ 15.745063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.745088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.745113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.745138] ? __kthread_parkme+0x82/0x180 [ 15.745160] ? preempt_count_sub+0x50/0x80 [ 15.745186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.745211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.745237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.745285] kthread+0x337/0x6f0 [ 15.745305] ? trace_preempt_on+0x20/0xc0 [ 15.745330] ? __pfx_kthread+0x10/0x10 [ 15.745352] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.745375] ? calculate_sigpending+0x7b/0xa0 [ 15.745401] ? __pfx_kthread+0x10/0x10 [ 15.745423] ret_from_fork+0x116/0x1d0 [ 15.745443] ? __pfx_kthread+0x10/0x10 [ 15.745466] ret_from_fork_asm+0x1a/0x30 [ 15.745497] </TASK> [ 15.745509] [ 15.754350] Allocated by task 282: [ 15.754538] kasan_save_stack+0x45/0x70 [ 15.754750] kasan_save_track+0x18/0x40 [ 15.754949] kasan_save_alloc_info+0x3b/0x50 [ 15.755244] __kasan_kmalloc+0xb7/0xc0 [ 15.755409] __kmalloc_cache_noprof+0x189/0x420 [ 15.755570] kasan_atomics+0x95/0x310 [ 15.755751] kunit_try_run_case+0x1a5/0x480 [ 15.755959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.756286] kthread+0x337/0x6f0 [ 15.756461] ret_from_fork+0x116/0x1d0 [ 15.756605] ret_from_fork_asm+0x1a/0x30 [ 15.756748] [ 15.756820] The buggy address belongs to the object at ffff888102a0a600 [ 15.756820] which belongs to the cache kmalloc-64 of size 64 [ 15.757349] The buggy address is located 0 bytes to the right of [ 15.757349] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.758172] [ 15.758299] The buggy address belongs to the physical page: [ 15.758483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.758731] flags: 0x200000000000000(node=0|zone=2) [ 15.758897] page_type: f5(slab) [ 15.759047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.759402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.759745] page dumped because: kasan: bad access detected [ 15.760007] [ 15.760102] Memory state around the buggy address: [ 15.760527] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.760854] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.761196] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.761458] ^ [ 15.761685] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762076] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762388] ================================================================== [ 16.377994] ================================================================== [ 16.378351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.378685] Write of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.379016] [ 16.379199] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.379241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.379253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.379286] Call Trace: [ 16.379301] <TASK> [ 16.379316] dump_stack_lvl+0x73/0xb0 [ 16.379343] print_report+0xd1/0x610 [ 16.379366] ? __virt_addr_valid+0x1db/0x2d0 [ 16.379390] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.379413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.379439] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.379462] kasan_report+0x141/0x180 [ 16.379485] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.379513] kasan_check_range+0x10c/0x1c0 [ 16.379538] __kasan_check_write+0x18/0x20 [ 16.379559] kasan_atomics_helper+0x1b22/0x5450 [ 16.379584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.379608] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.379634] ? kasan_atomics+0x152/0x310 [ 16.379661] kasan_atomics+0x1dc/0x310 [ 16.379684] ? __pfx_kasan_atomics+0x10/0x10 [ 16.379709] ? __pfx_read_tsc+0x10/0x10 [ 16.379732] ? ktime_get_ts64+0x86/0x230 [ 16.379756] kunit_try_run_case+0x1a5/0x480 [ 16.379783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.379832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.379858] ? __kthread_parkme+0x82/0x180 [ 16.379879] ? preempt_count_sub+0x50/0x80 [ 16.379903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.379982] kthread+0x337/0x6f0 [ 16.380002] ? trace_preempt_on+0x20/0xc0 [ 16.380026] ? __pfx_kthread+0x10/0x10 [ 16.380048] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.380070] ? calculate_sigpending+0x7b/0xa0 [ 16.380096] ? __pfx_kthread+0x10/0x10 [ 16.380119] ret_from_fork+0x116/0x1d0 [ 16.380138] ? __pfx_kthread+0x10/0x10 [ 16.380160] ret_from_fork_asm+0x1a/0x30 [ 16.380191] </TASK> [ 16.380202] [ 16.387368] Allocated by task 282: [ 16.387491] kasan_save_stack+0x45/0x70 [ 16.387634] kasan_save_track+0x18/0x40 [ 16.387780] kasan_save_alloc_info+0x3b/0x50 [ 16.387994] __kasan_kmalloc+0xb7/0xc0 [ 16.388179] __kmalloc_cache_noprof+0x189/0x420 [ 16.388407] kasan_atomics+0x95/0x310 [ 16.388594] kunit_try_run_case+0x1a5/0x480 [ 16.388832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.389105] kthread+0x337/0x6f0 [ 16.389252] ret_from_fork+0x116/0x1d0 [ 16.389435] ret_from_fork_asm+0x1a/0x30 [ 16.389574] [ 16.389644] The buggy address belongs to the object at ffff888102a0a600 [ 16.389644] which belongs to the cache kmalloc-64 of size 64 [ 16.390169] The buggy address is located 0 bytes to the right of [ 16.390169] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.390652] [ 16.390737] The buggy address belongs to the physical page: [ 16.390976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.391270] flags: 0x200000000000000(node=0|zone=2) [ 16.391468] page_type: f5(slab) [ 16.391634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.391916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.392221] page dumped because: kasan: bad access detected [ 16.392417] [ 16.392511] Memory state around the buggy address: [ 16.392729] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.392939] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.393151] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.393421] ^ [ 16.393640] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393949] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394257] ================================================================== [ 15.562553] ================================================================== [ 15.562793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.563126] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.563467] [ 15.563573] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.563613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.563626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.563648] Call Trace: [ 15.563661] <TASK> [ 15.563676] dump_stack_lvl+0x73/0xb0 [ 15.563704] print_report+0xd1/0x610 [ 15.563726] ? __virt_addr_valid+0x1db/0x2d0 [ 15.563750] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.563773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.563797] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.563822] kasan_report+0x141/0x180 [ 15.563845] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.563872] kasan_check_range+0x10c/0x1c0 [ 15.563897] __kasan_check_write+0x18/0x20 [ 15.563918] kasan_atomics_helper+0x5fe/0x5450 [ 15.563943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.563967] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.563993] ? kasan_atomics+0x152/0x310 [ 15.564020] kasan_atomics+0x1dc/0x310 [ 15.564044] ? __pfx_kasan_atomics+0x10/0x10 [ 15.564070] ? __pfx_read_tsc+0x10/0x10 [ 15.564091] ? ktime_get_ts64+0x86/0x230 [ 15.564116] kunit_try_run_case+0x1a5/0x480 [ 15.564141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.564166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.564190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.564215] ? __kthread_parkme+0x82/0x180 [ 15.564237] ? preempt_count_sub+0x50/0x80 [ 15.564271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.564297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.564323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.564351] kthread+0x337/0x6f0 [ 15.564370] ? trace_preempt_on+0x20/0xc0 [ 15.564393] ? __pfx_kthread+0x10/0x10 [ 15.564415] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.564437] ? calculate_sigpending+0x7b/0xa0 [ 15.564462] ? __pfx_kthread+0x10/0x10 [ 15.564485] ret_from_fork+0x116/0x1d0 [ 15.564504] ? __pfx_kthread+0x10/0x10 [ 15.564527] ret_from_fork_asm+0x1a/0x30 [ 15.564558] </TASK> [ 15.564569] [ 15.572444] Allocated by task 282: [ 15.572600] kasan_save_stack+0x45/0x70 [ 15.572783] kasan_save_track+0x18/0x40 [ 15.572920] kasan_save_alloc_info+0x3b/0x50 [ 15.573072] __kasan_kmalloc+0xb7/0xc0 [ 15.573206] __kmalloc_cache_noprof+0x189/0x420 [ 15.573572] kasan_atomics+0x95/0x310 [ 15.573770] kunit_try_run_case+0x1a5/0x480 [ 15.573976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574425] kthread+0x337/0x6f0 [ 15.574597] ret_from_fork+0x116/0x1d0 [ 15.574770] ret_from_fork_asm+0x1a/0x30 [ 15.574912] [ 15.575033] The buggy address belongs to the object at ffff888102a0a600 [ 15.575033] which belongs to the cache kmalloc-64 of size 64 [ 15.575595] The buggy address is located 0 bytes to the right of [ 15.575595] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.576145] [ 15.576248] The buggy address belongs to the physical page: [ 15.576487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.576812] flags: 0x200000000000000(node=0|zone=2) [ 15.577146] page_type: f5(slab) [ 15.577349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.577665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.577978] page dumped because: kasan: bad access detected [ 15.578921] [ 15.579091] Memory state around the buggy address: [ 15.579311] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579608] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579897] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.581610] ^ [ 15.581847] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582175] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582499] ================================================================== [ 15.621531] ================================================================== [ 15.621921] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.622156] Write of size 4 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 15.622514] [ 15.622619] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.622659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.622673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.622694] Call Trace: [ 15.622715] <TASK> [ 15.622730] dump_stack_lvl+0x73/0xb0 [ 15.622757] print_report+0xd1/0x610 [ 15.622780] ? __virt_addr_valid+0x1db/0x2d0 [ 15.622805] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.622828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.622853] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.622877] kasan_report+0x141/0x180 [ 15.622900] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.622928] kasan_check_range+0x10c/0x1c0 [ 15.622953] __kasan_check_write+0x18/0x20 [ 15.622974] kasan_atomics_helper+0x7c7/0x5450 [ 15.622998] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.623023] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.623049] ? kasan_atomics+0x152/0x310 [ 15.623077] kasan_atomics+0x1dc/0x310 [ 15.623101] ? __pfx_kasan_atomics+0x10/0x10 [ 15.623127] ? __pfx_read_tsc+0x10/0x10 [ 15.623149] ? ktime_get_ts64+0x86/0x230 [ 15.623174] kunit_try_run_case+0x1a5/0x480 [ 15.623200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.623225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.623250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.623285] ? __kthread_parkme+0x82/0x180 [ 15.623307] ? preempt_count_sub+0x50/0x80 [ 15.623332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.623358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.623383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.623410] kthread+0x337/0x6f0 [ 15.623429] ? trace_preempt_on+0x20/0xc0 [ 15.623454] ? __pfx_kthread+0x10/0x10 [ 15.623475] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.623498] ? calculate_sigpending+0x7b/0xa0 [ 15.623522] ? __pfx_kthread+0x10/0x10 [ 15.623545] ret_from_fork+0x116/0x1d0 [ 15.623565] ? __pfx_kthread+0x10/0x10 [ 15.623587] ret_from_fork_asm+0x1a/0x30 [ 15.623619] </TASK> [ 15.623629] [ 15.631438] Allocated by task 282: [ 15.631616] kasan_save_stack+0x45/0x70 [ 15.632004] kasan_save_track+0x18/0x40 [ 15.632341] kasan_save_alloc_info+0x3b/0x50 [ 15.632533] __kasan_kmalloc+0xb7/0xc0 [ 15.632716] __kmalloc_cache_noprof+0x189/0x420 [ 15.632911] kasan_atomics+0x95/0x310 [ 15.633046] kunit_try_run_case+0x1a5/0x480 [ 15.633226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.633491] kthread+0x337/0x6f0 [ 15.633662] ret_from_fork+0x116/0x1d0 [ 15.633852] ret_from_fork_asm+0x1a/0x30 [ 15.634053] [ 15.634133] The buggy address belongs to the object at ffff888102a0a600 [ 15.634133] which belongs to the cache kmalloc-64 of size 64 [ 15.634505] The buggy address is located 0 bytes to the right of [ 15.634505] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 15.634965] [ 15.635063] The buggy address belongs to the physical page: [ 15.635530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 15.635944] flags: 0x200000000000000(node=0|zone=2) [ 15.636383] page_type: f5(slab) [ 15.636557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.636897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.637307] page dumped because: kasan: bad access detected [ 15.637513] [ 15.637614] Memory state around the buggy address: [ 15.637785] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638012] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638335] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.638669] ^ [ 15.638829] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639046] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640301] ================================================================== [ 16.107564] ================================================================== [ 16.107901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 16.108354] Read of size 8 at addr ffff888102a0a630 by task kunit_try_catch/282 [ 16.108666] [ 16.108764] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.108806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.108818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.108839] Call Trace: [ 16.108852] <TASK> [ 16.108867] dump_stack_lvl+0x73/0xb0 [ 16.108895] print_report+0xd1/0x610 [ 16.108918] ? __virt_addr_valid+0x1db/0x2d0 [ 16.108941] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.109038] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.109068] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.109092] kasan_report+0x141/0x180 [ 16.109116] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.109143] __asan_report_load8_noabort+0x18/0x20 [ 16.109169] kasan_atomics_helper+0x4eae/0x5450 [ 16.109194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.109218] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.109244] ? kasan_atomics+0x152/0x310 [ 16.109282] kasan_atomics+0x1dc/0x310 [ 16.109304] ? __pfx_kasan_atomics+0x10/0x10 [ 16.109330] ? __pfx_read_tsc+0x10/0x10 [ 16.109352] ? ktime_get_ts64+0x86/0x230 [ 16.109377] kunit_try_run_case+0x1a5/0x480 [ 16.109403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.109427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.109452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.109477] ? __kthread_parkme+0x82/0x180 [ 16.109499] ? preempt_count_sub+0x50/0x80 [ 16.109522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.109549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.109574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.109601] kthread+0x337/0x6f0 [ 16.109621] ? trace_preempt_on+0x20/0xc0 [ 16.109643] ? __pfx_kthread+0x10/0x10 [ 16.109664] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.109688] ? calculate_sigpending+0x7b/0xa0 [ 16.109714] ? __pfx_kthread+0x10/0x10 [ 16.109736] ret_from_fork+0x116/0x1d0 [ 16.109755] ? __pfx_kthread+0x10/0x10 [ 16.109779] ret_from_fork_asm+0x1a/0x30 [ 16.109811] </TASK> [ 16.109822] [ 16.117831] Allocated by task 282: [ 16.118120] kasan_save_stack+0x45/0x70 [ 16.118339] kasan_save_track+0x18/0x40 [ 16.118497] kasan_save_alloc_info+0x3b/0x50 [ 16.118649] __kasan_kmalloc+0xb7/0xc0 [ 16.118815] __kmalloc_cache_noprof+0x189/0x420 [ 16.119223] kasan_atomics+0x95/0x310 [ 16.119417] kunit_try_run_case+0x1a5/0x480 [ 16.119610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.119837] kthread+0x337/0x6f0 [ 16.120091] ret_from_fork+0x116/0x1d0 [ 16.120233] ret_from_fork_asm+0x1a/0x30 [ 16.120387] [ 16.120486] The buggy address belongs to the object at ffff888102a0a600 [ 16.120486] which belongs to the cache kmalloc-64 of size 64 [ 16.121082] The buggy address is located 0 bytes to the right of [ 16.121082] allocated 48-byte region [ffff888102a0a600, ffff888102a0a630) [ 16.121493] [ 16.121594] The buggy address belongs to the physical page: [ 16.121847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 16.122305] flags: 0x200000000000000(node=0|zone=2) [ 16.122526] page_type: f5(slab) [ 16.122683] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.123229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.123479] page dumped because: kasan: bad access detected [ 16.123727] [ 16.123821] Memory state around the buggy address: [ 16.124168] ffff888102a0a500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.124489] ffff888102a0a580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.124746] >ffff888102a0a600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.125075] ^ [ 16.125314] ffff888102a0a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.125636] ffff888102a0a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.125924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.197478] ================================================================== [ 15.197715] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.198043] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.198390] [ 15.198500] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.198539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.198569] Call Trace: [ 15.198580] <TASK> [ 15.198593] dump_stack_lvl+0x73/0xb0 [ 15.198619] print_report+0xd1/0x610 [ 15.198641] ? __virt_addr_valid+0x1db/0x2d0 [ 15.198664] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.198694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.198724] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.198753] kasan_report+0x141/0x180 [ 15.198775] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.198808] kasan_check_range+0x10c/0x1c0 [ 15.198832] __kasan_check_write+0x18/0x20 [ 15.198852] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.198881] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.198912] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.198937] ? trace_hardirqs_on+0x37/0xe0 [ 15.198959] ? kasan_bitops_generic+0x92/0x1c0 [ 15.198986] kasan_bitops_generic+0x121/0x1c0 [ 15.199011] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.199037] ? __pfx_read_tsc+0x10/0x10 [ 15.199058] ? ktime_get_ts64+0x86/0x230 [ 15.199082] kunit_try_run_case+0x1a5/0x480 [ 15.199106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.199153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.199178] ? __kthread_parkme+0x82/0x180 [ 15.199198] ? preempt_count_sub+0x50/0x80 [ 15.199222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.199308] kthread+0x337/0x6f0 [ 15.199327] ? trace_preempt_on+0x20/0xc0 [ 15.199350] ? __pfx_kthread+0x10/0x10 [ 15.199370] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.199392] ? calculate_sigpending+0x7b/0xa0 [ 15.199416] ? __pfx_kthread+0x10/0x10 [ 15.199437] ret_from_fork+0x116/0x1d0 [ 15.199456] ? __pfx_kthread+0x10/0x10 [ 15.199476] ret_from_fork_asm+0x1a/0x30 [ 15.199506] </TASK> [ 15.199516] [ 15.208559] Allocated by task 278: [ 15.208728] kasan_save_stack+0x45/0x70 [ 15.208903] kasan_save_track+0x18/0x40 [ 15.209163] kasan_save_alloc_info+0x3b/0x50 [ 15.209359] __kasan_kmalloc+0xb7/0xc0 [ 15.209525] __kmalloc_cache_noprof+0x189/0x420 [ 15.209749] kasan_bitops_generic+0x92/0x1c0 [ 15.209917] kunit_try_run_case+0x1a5/0x480 [ 15.210299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.210542] kthread+0x337/0x6f0 [ 15.210695] ret_from_fork+0x116/0x1d0 [ 15.210884] ret_from_fork_asm+0x1a/0x30 [ 15.211025] [ 15.211098] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.211098] which belongs to the cache kmalloc-16 of size 16 [ 15.213300] The buggy address is located 8 bytes inside of [ 15.213300] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.213662] [ 15.213736] The buggy address belongs to the physical page: [ 15.213910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.214287] flags: 0x200000000000000(node=0|zone=2) [ 15.214451] page_type: f5(slab) [ 15.214569] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.214806] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.215026] page dumped because: kasan: bad access detected [ 15.215190] [ 15.215258] Memory state around the buggy address: [ 15.217882] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.218216] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.218545] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.218769] ^ [ 15.218920] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.219688] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.219926] ================================================================== [ 15.285497] ================================================================== [ 15.285733] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.286144] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.286961] [ 15.287195] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.287239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.287252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.287287] Call Trace: [ 15.287304] <TASK> [ 15.287319] dump_stack_lvl+0x73/0xb0 [ 15.287348] print_report+0xd1/0x610 [ 15.287369] ? __virt_addr_valid+0x1db/0x2d0 [ 15.287392] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.287421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.287445] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.287475] kasan_report+0x141/0x180 [ 15.287507] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.287540] kasan_check_range+0x10c/0x1c0 [ 15.287564] __kasan_check_write+0x18/0x20 [ 15.287583] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.287612] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.287643] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.287668] ? trace_hardirqs_on+0x37/0xe0 [ 15.287690] ? kasan_bitops_generic+0x92/0x1c0 [ 15.287717] kasan_bitops_generic+0x121/0x1c0 [ 15.287741] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.287767] ? __pfx_read_tsc+0x10/0x10 [ 15.287787] ? ktime_get_ts64+0x86/0x230 [ 15.287811] kunit_try_run_case+0x1a5/0x480 [ 15.287834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.287858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.287882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.287905] ? __kthread_parkme+0x82/0x180 [ 15.287926] ? preempt_count_sub+0x50/0x80 [ 15.287949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.287974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.288010] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.288035] kthread+0x337/0x6f0 [ 15.288055] ? trace_preempt_on+0x20/0xc0 [ 15.288076] ? __pfx_kthread+0x10/0x10 [ 15.288098] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.288118] ? calculate_sigpending+0x7b/0xa0 [ 15.288142] ? __pfx_kthread+0x10/0x10 [ 15.288164] ret_from_fork+0x116/0x1d0 [ 15.288182] ? __pfx_kthread+0x10/0x10 [ 15.288202] ret_from_fork_asm+0x1a/0x30 [ 15.288232] </TASK> [ 15.288242] [ 15.303229] Allocated by task 278: [ 15.303554] kasan_save_stack+0x45/0x70 [ 15.303906] kasan_save_track+0x18/0x40 [ 15.304327] kasan_save_alloc_info+0x3b/0x50 [ 15.304720] __kasan_kmalloc+0xb7/0xc0 [ 15.305115] __kmalloc_cache_noprof+0x189/0x420 [ 15.305535] kasan_bitops_generic+0x92/0x1c0 [ 15.305916] kunit_try_run_case+0x1a5/0x480 [ 15.306353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306547] kthread+0x337/0x6f0 [ 15.306669] ret_from_fork+0x116/0x1d0 [ 15.306806] ret_from_fork_asm+0x1a/0x30 [ 15.306945] [ 15.307135] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.307135] which belongs to the cache kmalloc-16 of size 16 [ 15.308339] The buggy address is located 8 bytes inside of [ 15.308339] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.309572] [ 15.309730] The buggy address belongs to the physical page: [ 15.310369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.311047] flags: 0x200000000000000(node=0|zone=2) [ 15.311529] page_type: f5(slab) [ 15.311818] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.312346] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.312581] page dumped because: kasan: bad access detected [ 15.312753] [ 15.312821] Memory state around the buggy address: [ 15.313024] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.313682] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.314462] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.315083] ^ [ 15.315592] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316426] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.317209] ================================================================== [ 15.241233] ================================================================== [ 15.241561] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.241858] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.242160] [ 15.242273] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.242313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.242325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.242344] Call Trace: [ 15.242359] <TASK> [ 15.242372] dump_stack_lvl+0x73/0xb0 [ 15.242458] print_report+0xd1/0x610 [ 15.242481] ? __virt_addr_valid+0x1db/0x2d0 [ 15.242503] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.242532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.242556] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.242586] kasan_report+0x141/0x180 [ 15.242608] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.242645] kasan_check_range+0x10c/0x1c0 [ 15.242668] __kasan_check_write+0x18/0x20 [ 15.242689] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.242726] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.242757] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.242782] ? trace_hardirqs_on+0x37/0xe0 [ 15.242804] ? kasan_bitops_generic+0x92/0x1c0 [ 15.242831] kasan_bitops_generic+0x121/0x1c0 [ 15.242855] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.242881] ? __pfx_read_tsc+0x10/0x10 [ 15.242903] ? ktime_get_ts64+0x86/0x230 [ 15.242927] kunit_try_run_case+0x1a5/0x480 [ 15.242950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.243044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.243068] ? __kthread_parkme+0x82/0x180 [ 15.243088] ? preempt_count_sub+0x50/0x80 [ 15.243111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.243136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.243186] kthread+0x337/0x6f0 [ 15.243205] ? trace_preempt_on+0x20/0xc0 [ 15.243227] ? __pfx_kthread+0x10/0x10 [ 15.243248] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.243281] ? calculate_sigpending+0x7b/0xa0 [ 15.243313] ? __pfx_kthread+0x10/0x10 [ 15.243334] ret_from_fork+0x116/0x1d0 [ 15.243352] ? __pfx_kthread+0x10/0x10 [ 15.243373] ret_from_fork_asm+0x1a/0x30 [ 15.243402] </TASK> [ 15.243411] [ 15.251807] Allocated by task 278: [ 15.251937] kasan_save_stack+0x45/0x70 [ 15.252104] kasan_save_track+0x18/0x40 [ 15.252302] kasan_save_alloc_info+0x3b/0x50 [ 15.252510] __kasan_kmalloc+0xb7/0xc0 [ 15.252823] __kmalloc_cache_noprof+0x189/0x420 [ 15.253050] kasan_bitops_generic+0x92/0x1c0 [ 15.253373] kunit_try_run_case+0x1a5/0x480 [ 15.253526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.253702] kthread+0x337/0x6f0 [ 15.253871] ret_from_fork+0x116/0x1d0 [ 15.254316] ret_from_fork_asm+0x1a/0x30 [ 15.254539] [ 15.254634] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.254634] which belongs to the cache kmalloc-16 of size 16 [ 15.255211] The buggy address is located 8 bytes inside of [ 15.255211] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.255717] [ 15.255789] The buggy address belongs to the physical page: [ 15.255960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.256197] flags: 0x200000000000000(node=0|zone=2) [ 15.256763] page_type: f5(slab) [ 15.256935] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.257478] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.257710] page dumped because: kasan: bad access detected [ 15.257881] [ 15.257950] Memory state around the buggy address: [ 15.258399] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.258738] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.259275] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.259562] ^ [ 15.259760] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260027] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260391] ================================================================== [ 15.357547] ================================================================== [ 15.358086] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.358479] Read of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.358747] [ 15.358829] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.358868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.358881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.358903] Call Trace: [ 15.358917] <TASK> [ 15.358932] dump_stack_lvl+0x73/0xb0 [ 15.358959] print_report+0xd1/0x610 [ 15.358980] ? __virt_addr_valid+0x1db/0x2d0 [ 15.359003] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.359033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.359056] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.359086] kasan_report+0x141/0x180 [ 15.359108] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.359142] __asan_report_load8_noabort+0x18/0x20 [ 15.359168] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.359198] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.359229] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.359253] ? trace_hardirqs_on+0x37/0xe0 [ 15.359285] ? kasan_bitops_generic+0x92/0x1c0 [ 15.359313] kasan_bitops_generic+0x121/0x1c0 [ 15.359338] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.359363] ? __pfx_read_tsc+0x10/0x10 [ 15.359384] ? ktime_get_ts64+0x86/0x230 [ 15.359408] kunit_try_run_case+0x1a5/0x480 [ 15.359432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.359455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.359480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.359504] ? __kthread_parkme+0x82/0x180 [ 15.359525] ? preempt_count_sub+0x50/0x80 [ 15.359549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.359573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.359600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.359626] kthread+0x337/0x6f0 [ 15.359645] ? trace_preempt_on+0x20/0xc0 [ 15.359667] ? __pfx_kthread+0x10/0x10 [ 15.359688] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.359710] ? calculate_sigpending+0x7b/0xa0 [ 15.359733] ? __pfx_kthread+0x10/0x10 [ 15.359755] ret_from_fork+0x116/0x1d0 [ 15.359774] ? __pfx_kthread+0x10/0x10 [ 15.359794] ret_from_fork_asm+0x1a/0x30 [ 15.359825] </TASK> [ 15.359834] [ 15.367976] Allocated by task 278: [ 15.368145] kasan_save_stack+0x45/0x70 [ 15.368341] kasan_save_track+0x18/0x40 [ 15.368481] kasan_save_alloc_info+0x3b/0x50 [ 15.368631] __kasan_kmalloc+0xb7/0xc0 [ 15.368763] __kmalloc_cache_noprof+0x189/0x420 [ 15.368943] kasan_bitops_generic+0x92/0x1c0 [ 15.369148] kunit_try_run_case+0x1a5/0x480 [ 15.369444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.369705] kthread+0x337/0x6f0 [ 15.369872] ret_from_fork+0x116/0x1d0 [ 15.370088] ret_from_fork_asm+0x1a/0x30 [ 15.370283] [ 15.370377] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.370377] which belongs to the cache kmalloc-16 of size 16 [ 15.370777] The buggy address is located 8 bytes inside of [ 15.370777] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.371207] [ 15.371309] The buggy address belongs to the physical page: [ 15.371598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.372044] flags: 0x200000000000000(node=0|zone=2) [ 15.372206] page_type: f5(slab) [ 15.372378] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.372725] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.373025] page dumped because: kasan: bad access detected [ 15.373196] [ 15.373272] Memory state around the buggy address: [ 15.373424] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.373706] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.374023] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.374389] ^ [ 15.374799] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.375017] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.375229] ================================================================== [ 15.220387] ================================================================== [ 15.221180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.221836] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.222507] [ 15.222622] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.222665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.222677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.222700] Call Trace: [ 15.222720] <TASK> [ 15.222734] dump_stack_lvl+0x73/0xb0 [ 15.222764] print_report+0xd1/0x610 [ 15.222786] ? __virt_addr_valid+0x1db/0x2d0 [ 15.222808] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.222837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.222860] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.222890] kasan_report+0x141/0x180 [ 15.222912] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.222946] kasan_check_range+0x10c/0x1c0 [ 15.222969] __kasan_check_write+0x18/0x20 [ 15.222989] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.223018] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.223061] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.223087] ? trace_hardirqs_on+0x37/0xe0 [ 15.223109] ? kasan_bitops_generic+0x92/0x1c0 [ 15.223136] kasan_bitops_generic+0x121/0x1c0 [ 15.223160] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.223185] ? __pfx_read_tsc+0x10/0x10 [ 15.223205] ? ktime_get_ts64+0x86/0x230 [ 15.223228] kunit_try_run_case+0x1a5/0x480 [ 15.223253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.223349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.223375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.223399] ? __kthread_parkme+0x82/0x180 [ 15.223419] ? preempt_count_sub+0x50/0x80 [ 15.223443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.223468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.223492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.223519] kthread+0x337/0x6f0 [ 15.223538] ? trace_preempt_on+0x20/0xc0 [ 15.223561] ? __pfx_kthread+0x10/0x10 [ 15.223581] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.223603] ? calculate_sigpending+0x7b/0xa0 [ 15.223627] ? __pfx_kthread+0x10/0x10 [ 15.223648] ret_from_fork+0x116/0x1d0 [ 15.223667] ? __pfx_kthread+0x10/0x10 [ 15.223687] ret_from_fork_asm+0x1a/0x30 [ 15.223718] </TASK> [ 15.223727] [ 15.232786] Allocated by task 278: [ 15.232973] kasan_save_stack+0x45/0x70 [ 15.233141] kasan_save_track+0x18/0x40 [ 15.233404] kasan_save_alloc_info+0x3b/0x50 [ 15.233596] __kasan_kmalloc+0xb7/0xc0 [ 15.233761] __kmalloc_cache_noprof+0x189/0x420 [ 15.233951] kasan_bitops_generic+0x92/0x1c0 [ 15.234376] kunit_try_run_case+0x1a5/0x480 [ 15.234535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.234773] kthread+0x337/0x6f0 [ 15.234941] ret_from_fork+0x116/0x1d0 [ 15.235305] ret_from_fork_asm+0x1a/0x30 [ 15.235495] [ 15.235572] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.235572] which belongs to the cache kmalloc-16 of size 16 [ 15.236044] The buggy address is located 8 bytes inside of [ 15.236044] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.236514] [ 15.236586] The buggy address belongs to the physical page: [ 15.236758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.237068] flags: 0x200000000000000(node=0|zone=2) [ 15.237391] page_type: f5(slab) [ 15.237553] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.237947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.238227] page dumped because: kasan: bad access detected [ 15.238412] [ 15.238481] Memory state around the buggy address: [ 15.238639] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.238964] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.239651] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.240043] ^ [ 15.240289] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240517] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240782] ================================================================== [ 15.337547] ================================================================== [ 15.337865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.338457] Read of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.338754] [ 15.338854] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.338895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338926] Call Trace: [ 15.338937] <TASK> [ 15.338950] dump_stack_lvl+0x73/0xb0 [ 15.339034] print_report+0xd1/0x610 [ 15.339061] ? __virt_addr_valid+0x1db/0x2d0 [ 15.339084] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.339115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.339138] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.339168] kasan_report+0x141/0x180 [ 15.339189] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.339223] kasan_check_range+0x10c/0x1c0 [ 15.339247] __kasan_check_read+0x15/0x20 [ 15.339277] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.339306] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.339338] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.339362] ? trace_hardirqs_on+0x37/0xe0 [ 15.339384] ? kasan_bitops_generic+0x92/0x1c0 [ 15.339411] kasan_bitops_generic+0x121/0x1c0 [ 15.339435] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.339461] ? __pfx_read_tsc+0x10/0x10 [ 15.339481] ? ktime_get_ts64+0x86/0x230 [ 15.339504] kunit_try_run_case+0x1a5/0x480 [ 15.339529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.339576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.339600] ? __kthread_parkme+0x82/0x180 [ 15.339620] ? preempt_count_sub+0x50/0x80 [ 15.339643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339719] kthread+0x337/0x6f0 [ 15.339738] ? trace_preempt_on+0x20/0xc0 [ 15.339760] ? __pfx_kthread+0x10/0x10 [ 15.339780] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.339803] ? calculate_sigpending+0x7b/0xa0 [ 15.339827] ? __pfx_kthread+0x10/0x10 [ 15.339848] ret_from_fork+0x116/0x1d0 [ 15.339866] ? __pfx_kthread+0x10/0x10 [ 15.339887] ret_from_fork_asm+0x1a/0x30 [ 15.339917] </TASK> [ 15.339928] [ 15.348849] Allocated by task 278: [ 15.349038] kasan_save_stack+0x45/0x70 [ 15.349191] kasan_save_track+0x18/0x40 [ 15.349339] kasan_save_alloc_info+0x3b/0x50 [ 15.349489] __kasan_kmalloc+0xb7/0xc0 [ 15.349682] __kmalloc_cache_noprof+0x189/0x420 [ 15.349902] kasan_bitops_generic+0x92/0x1c0 [ 15.350119] kunit_try_run_case+0x1a5/0x480 [ 15.350420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.350669] kthread+0x337/0x6f0 [ 15.350819] ret_from_fork+0x116/0x1d0 [ 15.350989] ret_from_fork_asm+0x1a/0x30 [ 15.351335] [ 15.351408] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.351408] which belongs to the cache kmalloc-16 of size 16 [ 15.351761] The buggy address is located 8 bytes inside of [ 15.351761] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.352292] [ 15.352385] The buggy address belongs to the physical page: [ 15.352835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.353258] flags: 0x200000000000000(node=0|zone=2) [ 15.353439] page_type: f5(slab) [ 15.353559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.353885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.354505] page dumped because: kasan: bad access detected [ 15.354780] [ 15.354872] Memory state around the buggy address: [ 15.355160] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.355412] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.355627] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.355935] ^ [ 15.356145] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.356734] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357162] ================================================================== [ 15.318102] ================================================================== [ 15.318944] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.319623] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.319854] [ 15.319940] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.319981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.320012] Call Trace: [ 15.320027] <TASK> [ 15.320041] dump_stack_lvl+0x73/0xb0 [ 15.320070] print_report+0xd1/0x610 [ 15.320092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.320114] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.320144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.320166] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.320196] kasan_report+0x141/0x180 [ 15.320218] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.320252] kasan_check_range+0x10c/0x1c0 [ 15.320291] __kasan_check_write+0x18/0x20 [ 15.320310] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.320340] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.320370] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.320395] ? trace_hardirqs_on+0x37/0xe0 [ 15.320416] ? kasan_bitops_generic+0x92/0x1c0 [ 15.320444] kasan_bitops_generic+0x121/0x1c0 [ 15.320467] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.320493] ? __pfx_read_tsc+0x10/0x10 [ 15.320514] ? ktime_get_ts64+0x86/0x230 [ 15.320537] kunit_try_run_case+0x1a5/0x480 [ 15.320561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320584] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.320608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.320632] ? __kthread_parkme+0x82/0x180 [ 15.320652] ? preempt_count_sub+0x50/0x80 [ 15.320675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.320749] kthread+0x337/0x6f0 [ 15.320768] ? trace_preempt_on+0x20/0xc0 [ 15.320790] ? __pfx_kthread+0x10/0x10 [ 15.320810] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.320832] ? calculate_sigpending+0x7b/0xa0 [ 15.320856] ? __pfx_kthread+0x10/0x10 [ 15.320878] ret_from_fork+0x116/0x1d0 [ 15.320897] ? __pfx_kthread+0x10/0x10 [ 15.320917] ret_from_fork_asm+0x1a/0x30 [ 15.320947] </TASK> [ 15.320956] [ 15.329313] Allocated by task 278: [ 15.329454] kasan_save_stack+0x45/0x70 [ 15.329657] kasan_save_track+0x18/0x40 [ 15.329823] kasan_save_alloc_info+0x3b/0x50 [ 15.329972] __kasan_kmalloc+0xb7/0xc0 [ 15.330207] __kmalloc_cache_noprof+0x189/0x420 [ 15.330449] kasan_bitops_generic+0x92/0x1c0 [ 15.330614] kunit_try_run_case+0x1a5/0x480 [ 15.330801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.331229] kthread+0x337/0x6f0 [ 15.331392] ret_from_fork+0x116/0x1d0 [ 15.331559] ret_from_fork_asm+0x1a/0x30 [ 15.331699] [ 15.331770] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.331770] which belongs to the cache kmalloc-16 of size 16 [ 15.332121] The buggy address is located 8 bytes inside of [ 15.332121] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.332646] [ 15.332739] The buggy address belongs to the physical page: [ 15.332987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.333407] flags: 0x200000000000000(node=0|zone=2) [ 15.333659] page_type: f5(slab) [ 15.333779] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.334010] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.334359] page dumped because: kasan: bad access detected [ 15.334623] [ 15.334717] Memory state around the buggy address: [ 15.334953] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.335429] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.335725] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.336081] ^ [ 15.336300] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336579] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336839] ================================================================== [ 15.178181] ================================================================== [ 15.178503] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.178867] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.179475] [ 15.179578] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.179621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.179634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.179653] Call Trace: [ 15.179665] <TASK> [ 15.179679] dump_stack_lvl+0x73/0xb0 [ 15.179707] print_report+0xd1/0x610 [ 15.179730] ? __virt_addr_valid+0x1db/0x2d0 [ 15.179752] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.179781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.179805] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.179835] kasan_report+0x141/0x180 [ 15.179857] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.179890] kasan_check_range+0x10c/0x1c0 [ 15.179914] __kasan_check_write+0x18/0x20 [ 15.179934] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.179963] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.180283] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.180308] ? trace_hardirqs_on+0x37/0xe0 [ 15.180331] ? kasan_bitops_generic+0x92/0x1c0 [ 15.180358] kasan_bitops_generic+0x121/0x1c0 [ 15.180382] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.180408] ? __pfx_read_tsc+0x10/0x10 [ 15.180429] ? ktime_get_ts64+0x86/0x230 [ 15.180453] kunit_try_run_case+0x1a5/0x480 [ 15.180476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.180500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.180524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.180548] ? __kthread_parkme+0x82/0x180 [ 15.180568] ? preempt_count_sub+0x50/0x80 [ 15.180591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.180616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.180641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.180667] kthread+0x337/0x6f0 [ 15.180686] ? trace_preempt_on+0x20/0xc0 [ 15.180708] ? __pfx_kthread+0x10/0x10 [ 15.180729] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.180751] ? calculate_sigpending+0x7b/0xa0 [ 15.180775] ? __pfx_kthread+0x10/0x10 [ 15.180797] ret_from_fork+0x116/0x1d0 [ 15.180815] ? __pfx_kthread+0x10/0x10 [ 15.180836] ret_from_fork_asm+0x1a/0x30 [ 15.180866] </TASK> [ 15.180876] [ 15.189403] Allocated by task 278: [ 15.189539] kasan_save_stack+0x45/0x70 [ 15.189685] kasan_save_track+0x18/0x40 [ 15.189820] kasan_save_alloc_info+0x3b/0x50 [ 15.189969] __kasan_kmalloc+0xb7/0xc0 [ 15.190137] __kmalloc_cache_noprof+0x189/0x420 [ 15.190416] kasan_bitops_generic+0x92/0x1c0 [ 15.190637] kunit_try_run_case+0x1a5/0x480 [ 15.190844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.191096] kthread+0x337/0x6f0 [ 15.191260] ret_from_fork+0x116/0x1d0 [ 15.191455] ret_from_fork_asm+0x1a/0x30 [ 15.191733] [ 15.191829] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.191829] which belongs to the cache kmalloc-16 of size 16 [ 15.192306] The buggy address is located 8 bytes inside of [ 15.192306] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.192662] [ 15.192757] The buggy address belongs to the physical page: [ 15.193184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.193566] flags: 0x200000000000000(node=0|zone=2) [ 15.193798] page_type: f5(slab) [ 15.193963] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.194330] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.194668] page dumped because: kasan: bad access detected [ 15.194895] [ 15.194979] Memory state around the buggy address: [ 15.195168] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.195474] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.195711] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.196025] ^ [ 15.196207] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196532] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196838] ================================================================== [ 15.260818] ================================================================== [ 15.261254] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.261653] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.261953] [ 15.262190] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.262233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.262245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.262279] Call Trace: [ 15.262291] <TASK> [ 15.262302] dump_stack_lvl+0x73/0xb0 [ 15.262329] print_report+0xd1/0x610 [ 15.262352] ? __virt_addr_valid+0x1db/0x2d0 [ 15.262374] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.262403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.262427] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.262457] kasan_report+0x141/0x180 [ 15.262478] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.262512] kasan_check_range+0x10c/0x1c0 [ 15.262536] __kasan_check_write+0x18/0x20 [ 15.262555] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.262585] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.262616] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.262640] ? trace_hardirqs_on+0x37/0xe0 [ 15.262662] ? kasan_bitops_generic+0x92/0x1c0 [ 15.262689] kasan_bitops_generic+0x121/0x1c0 [ 15.262720] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.262746] ? __pfx_read_tsc+0x10/0x10 [ 15.262767] ? ktime_get_ts64+0x86/0x230 [ 15.262791] kunit_try_run_case+0x1a5/0x480 [ 15.262815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262886] ? __kthread_parkme+0x82/0x180 [ 15.262905] ? preempt_count_sub+0x50/0x80 [ 15.262929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.263060] kthread+0x337/0x6f0 [ 15.263079] ? trace_preempt_on+0x20/0xc0 [ 15.263101] ? __pfx_kthread+0x10/0x10 [ 15.263122] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.263143] ? calculate_sigpending+0x7b/0xa0 [ 15.263167] ? __pfx_kthread+0x10/0x10 [ 15.263189] ret_from_fork+0x116/0x1d0 [ 15.263208] ? __pfx_kthread+0x10/0x10 [ 15.263229] ret_from_fork_asm+0x1a/0x30 [ 15.263259] </TASK> [ 15.263281] [ 15.271857] Allocated by task 278: [ 15.272018] kasan_save_stack+0x45/0x70 [ 15.272219] kasan_save_track+0x18/0x40 [ 15.273567] kasan_save_alloc_info+0x3b/0x50 [ 15.274250] __kasan_kmalloc+0xb7/0xc0 [ 15.274720] __kmalloc_cache_noprof+0x189/0x420 [ 15.275294] kasan_bitops_generic+0x92/0x1c0 [ 15.275549] kunit_try_run_case+0x1a5/0x480 [ 15.275748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.275998] kthread+0x337/0x6f0 [ 15.276150] ret_from_fork+0x116/0x1d0 [ 15.276332] ret_from_fork_asm+0x1a/0x30 [ 15.276511] [ 15.276607] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.276607] which belongs to the cache kmalloc-16 of size 16 [ 15.277067] The buggy address is located 8 bytes inside of [ 15.277067] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.278061] [ 15.278394] The buggy address belongs to the physical page: [ 15.278612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.279142] flags: 0x200000000000000(node=0|zone=2) [ 15.279486] page_type: f5(slab) [ 15.279627] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.280150] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.280496] page dumped because: kasan: bad access detected [ 15.280820] [ 15.280972] Memory state around the buggy address: [ 15.281314] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.282010] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.282518] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.282821] ^ [ 15.283182] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283677] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.284506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.060506] ================================================================== [ 15.060825] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061131] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.061601] [ 15.061722] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.061766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.061778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.061800] Call Trace: [ 15.061818] <TASK> [ 15.061833] dump_stack_lvl+0x73/0xb0 [ 15.061863] print_report+0xd1/0x610 [ 15.061886] ? __virt_addr_valid+0x1db/0x2d0 [ 15.061910] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.061961] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061988] kasan_report+0x141/0x180 [ 15.062010] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.062042] kasan_check_range+0x10c/0x1c0 [ 15.062128] __kasan_check_write+0x18/0x20 [ 15.062153] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.062181] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.062210] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.062236] ? trace_hardirqs_on+0x37/0xe0 [ 15.062259] ? kasan_bitops_generic+0x92/0x1c0 [ 15.062299] kasan_bitops_generic+0x116/0x1c0 [ 15.062323] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.062350] ? __pfx_read_tsc+0x10/0x10 [ 15.062372] ? ktime_get_ts64+0x86/0x230 [ 15.062397] kunit_try_run_case+0x1a5/0x480 [ 15.062422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.062471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.062496] ? __kthread_parkme+0x82/0x180 [ 15.062518] ? preempt_count_sub+0x50/0x80 [ 15.062542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.062619] kthread+0x337/0x6f0 [ 15.062639] ? trace_preempt_on+0x20/0xc0 [ 15.062661] ? __pfx_kthread+0x10/0x10 [ 15.062682] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.062708] ? calculate_sigpending+0x7b/0xa0 [ 15.062734] ? __pfx_kthread+0x10/0x10 [ 15.062755] ret_from_fork+0x116/0x1d0 [ 15.062774] ? __pfx_kthread+0x10/0x10 [ 15.062794] ret_from_fork_asm+0x1a/0x30 [ 15.062826] </TASK> [ 15.062836] [ 15.070805] Allocated by task 278: [ 15.070951] kasan_save_stack+0x45/0x70 [ 15.071149] kasan_save_track+0x18/0x40 [ 15.071351] kasan_save_alloc_info+0x3b/0x50 [ 15.071558] __kasan_kmalloc+0xb7/0xc0 [ 15.071745] __kmalloc_cache_noprof+0x189/0x420 [ 15.071962] kasan_bitops_generic+0x92/0x1c0 [ 15.072165] kunit_try_run_case+0x1a5/0x480 [ 15.072398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.072739] kthread+0x337/0x6f0 [ 15.072859] ret_from_fork+0x116/0x1d0 [ 15.073051] ret_from_fork_asm+0x1a/0x30 [ 15.073422] [ 15.073551] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.073551] which belongs to the cache kmalloc-16 of size 16 [ 15.074242] The buggy address is located 8 bytes inside of [ 15.074242] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.074687] [ 15.074791] The buggy address belongs to the physical page: [ 15.075058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.075511] flags: 0x200000000000000(node=0|zone=2) [ 15.075725] page_type: f5(slab) [ 15.075893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.076294] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.076560] page dumped because: kasan: bad access detected [ 15.076731] [ 15.076801] Memory state around the buggy address: [ 15.077041] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.077368] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.077679] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.077972] ^ [ 15.078199] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078429] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078670] ================================================================== [ 15.140898] ================================================================== [ 15.141180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.141576] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.141900] [ 15.142006] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.142047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.142081] Call Trace: [ 15.142093] <TASK> [ 15.142106] dump_stack_lvl+0x73/0xb0 [ 15.142133] print_report+0xd1/0x610 [ 15.142155] ? __virt_addr_valid+0x1db/0x2d0 [ 15.142177] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142205] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.142228] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142256] kasan_report+0x141/0x180 [ 15.142289] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142321] kasan_check_range+0x10c/0x1c0 [ 15.142345] __kasan_check_write+0x18/0x20 [ 15.142364] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142391] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.142420] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.142444] ? trace_hardirqs_on+0x37/0xe0 [ 15.142467] ? kasan_bitops_generic+0x92/0x1c0 [ 15.142494] kasan_bitops_generic+0x116/0x1c0 [ 15.142518] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.142544] ? __pfx_read_tsc+0x10/0x10 [ 15.142563] ? ktime_get_ts64+0x86/0x230 [ 15.142586] kunit_try_run_case+0x1a5/0x480 [ 15.142610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.142633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.142657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.142682] ? __kthread_parkme+0x82/0x180 [ 15.142701] ? preempt_count_sub+0x50/0x80 [ 15.142729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.142754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.142779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.142805] kthread+0x337/0x6f0 [ 15.142823] ? trace_preempt_on+0x20/0xc0 [ 15.142845] ? __pfx_kthread+0x10/0x10 [ 15.142865] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.142887] ? calculate_sigpending+0x7b/0xa0 [ 15.142910] ? __pfx_kthread+0x10/0x10 [ 15.142931] ret_from_fork+0x116/0x1d0 [ 15.142950] ? __pfx_kthread+0x10/0x10 [ 15.142970] ret_from_fork_asm+0x1a/0x30 [ 15.143000] </TASK> [ 15.143010] [ 15.151406] Allocated by task 278: [ 15.151576] kasan_save_stack+0x45/0x70 [ 15.151774] kasan_save_track+0x18/0x40 [ 15.151932] kasan_save_alloc_info+0x3b/0x50 [ 15.152228] __kasan_kmalloc+0xb7/0xc0 [ 15.152396] __kmalloc_cache_noprof+0x189/0x420 [ 15.152553] kasan_bitops_generic+0x92/0x1c0 [ 15.152704] kunit_try_run_case+0x1a5/0x480 [ 15.152851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153104] kthread+0x337/0x6f0 [ 15.153295] ret_from_fork+0x116/0x1d0 [ 15.153481] ret_from_fork_asm+0x1a/0x30 [ 15.153838] [ 15.154166] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.154166] which belongs to the cache kmalloc-16 of size 16 [ 15.154658] The buggy address is located 8 bytes inside of [ 15.154658] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.155079] [ 15.155179] The buggy address belongs to the physical page: [ 15.155446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.155803] flags: 0x200000000000000(node=0|zone=2) [ 15.156114] page_type: f5(slab) [ 15.156246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.156509] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.156823] page dumped because: kasan: bad access detected [ 15.157084] [ 15.157181] Memory state around the buggy address: [ 15.157394] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.157625] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.157946] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.158238] ^ [ 15.158526] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158831] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159158] ================================================================== [ 15.041683] ================================================================== [ 15.042006] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.042530] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.042801] [ 15.042916] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.042960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.042971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.042993] Call Trace: [ 15.043007] <TASK> [ 15.043023] dump_stack_lvl+0x73/0xb0 [ 15.043110] print_report+0xd1/0x610 [ 15.043134] ? __virt_addr_valid+0x1db/0x2d0 [ 15.043158] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.043210] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043238] kasan_report+0x141/0x180 [ 15.043259] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043303] kasan_check_range+0x10c/0x1c0 [ 15.043327] __kasan_check_write+0x18/0x20 [ 15.043347] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043374] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.043403] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043428] ? trace_hardirqs_on+0x37/0xe0 [ 15.043452] ? kasan_bitops_generic+0x92/0x1c0 [ 15.043480] kasan_bitops_generic+0x116/0x1c0 [ 15.043504] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.043529] ? __pfx_read_tsc+0x10/0x10 [ 15.043551] ? ktime_get_ts64+0x86/0x230 [ 15.043577] kunit_try_run_case+0x1a5/0x480 [ 15.043603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043676] ? __kthread_parkme+0x82/0x180 [ 15.043699] ? preempt_count_sub+0x50/0x80 [ 15.043724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.043774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.043800] kthread+0x337/0x6f0 [ 15.043819] ? trace_preempt_on+0x20/0xc0 [ 15.043841] ? __pfx_kthread+0x10/0x10 [ 15.043862] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.043883] ? calculate_sigpending+0x7b/0xa0 [ 15.043910] ? __pfx_kthread+0x10/0x10 [ 15.043932] ret_from_fork+0x116/0x1d0 [ 15.043951] ? __pfx_kthread+0x10/0x10 [ 15.043972] ret_from_fork_asm+0x1a/0x30 [ 15.044052] </TASK> [ 15.044061] [ 15.052517] Allocated by task 278: [ 15.052677] kasan_save_stack+0x45/0x70 [ 15.052825] kasan_save_track+0x18/0x40 [ 15.052959] kasan_save_alloc_info+0x3b/0x50 [ 15.053180] __kasan_kmalloc+0xb7/0xc0 [ 15.053383] __kmalloc_cache_noprof+0x189/0x420 [ 15.053603] kasan_bitops_generic+0x92/0x1c0 [ 15.053821] kunit_try_run_case+0x1a5/0x480 [ 15.053987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.054227] kthread+0x337/0x6f0 [ 15.054360] ret_from_fork+0x116/0x1d0 [ 15.054508] ret_from_fork_asm+0x1a/0x30 [ 15.054717] [ 15.054812] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.054812] which belongs to the cache kmalloc-16 of size 16 [ 15.055250] The buggy address is located 8 bytes inside of [ 15.055250] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.055894] [ 15.055970] The buggy address belongs to the physical page: [ 15.056303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.056657] flags: 0x200000000000000(node=0|zone=2) [ 15.056822] page_type: f5(slab) [ 15.056945] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.057469] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.057720] page dumped because: kasan: bad access detected [ 15.057892] [ 15.058025] Memory state around the buggy address: [ 15.058256] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.058584] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.058917] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.059234] ^ [ 15.059449] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059735] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059998] ================================================================== [ 15.103442] ================================================================== [ 15.103718] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104014] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.104473] [ 15.104589] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.104630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.104644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.104665] Call Trace: [ 15.104679] <TASK> [ 15.104694] dump_stack_lvl+0x73/0xb0 [ 15.104722] print_report+0xd1/0x610 [ 15.104744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104767] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104818] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104845] kasan_report+0x141/0x180 [ 15.104867] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104899] kasan_check_range+0x10c/0x1c0 [ 15.104923] __kasan_check_write+0x18/0x20 [ 15.104943] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104970] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.105012] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.105036] ? trace_hardirqs_on+0x37/0xe0 [ 15.105058] ? kasan_bitops_generic+0x92/0x1c0 [ 15.105086] kasan_bitops_generic+0x116/0x1c0 [ 15.105110] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.105137] ? __pfx_read_tsc+0x10/0x10 [ 15.105158] ? ktime_get_ts64+0x86/0x230 [ 15.105182] kunit_try_run_case+0x1a5/0x480 [ 15.105206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.105254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.105290] ? __kthread_parkme+0x82/0x180 [ 15.105311] ? preempt_count_sub+0x50/0x80 [ 15.105334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.105412] kthread+0x337/0x6f0 [ 15.105430] ? trace_preempt_on+0x20/0xc0 [ 15.105452] ? __pfx_kthread+0x10/0x10 [ 15.105473] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.105494] ? calculate_sigpending+0x7b/0xa0 [ 15.105518] ? __pfx_kthread+0x10/0x10 [ 15.105540] ret_from_fork+0x116/0x1d0 [ 15.105558] ? __pfx_kthread+0x10/0x10 [ 15.105579] ret_from_fork_asm+0x1a/0x30 [ 15.105609] </TASK> [ 15.105619] [ 15.113553] Allocated by task 278: [ 15.113732] kasan_save_stack+0x45/0x70 [ 15.113917] kasan_save_track+0x18/0x40 [ 15.114345] kasan_save_alloc_info+0x3b/0x50 [ 15.114557] __kasan_kmalloc+0xb7/0xc0 [ 15.114733] __kmalloc_cache_noprof+0x189/0x420 [ 15.114924] kasan_bitops_generic+0x92/0x1c0 [ 15.115184] kunit_try_run_case+0x1a5/0x480 [ 15.115416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115611] kthread+0x337/0x6f0 [ 15.115783] ret_from_fork+0x116/0x1d0 [ 15.116038] ret_from_fork_asm+0x1a/0x30 [ 15.116218] [ 15.116329] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.116329] which belongs to the cache kmalloc-16 of size 16 [ 15.116798] The buggy address is located 8 bytes inside of [ 15.116798] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.117345] [ 15.117427] The buggy address belongs to the physical page: [ 15.117598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.117836] flags: 0x200000000000000(node=0|zone=2) [ 15.117997] page_type: f5(slab) [ 15.118137] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.118483] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.118831] page dumped because: kasan: bad access detected [ 15.119069] [ 15.119138] Memory state around the buggy address: [ 15.119353] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.119574] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.119789] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.120223] ^ [ 15.120453] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.120785] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121102] ================================================================== [ 15.020860] ================================================================== [ 15.022073] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.022466] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.022759] [ 15.022875] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.022920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.022933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.022955] Call Trace: [ 15.022967] <TASK> [ 15.022983] dump_stack_lvl+0x73/0xb0 [ 15.023012] print_report+0xd1/0x610 [ 15.023035] ? __virt_addr_valid+0x1db/0x2d0 [ 15.023059] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.023110] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023138] kasan_report+0x141/0x180 [ 15.023160] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023191] kasan_check_range+0x10c/0x1c0 [ 15.023214] __kasan_check_write+0x18/0x20 [ 15.023235] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023272] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.023300] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.023326] ? trace_hardirqs_on+0x37/0xe0 [ 15.023348] ? kasan_bitops_generic+0x92/0x1c0 [ 15.023376] kasan_bitops_generic+0x116/0x1c0 [ 15.023400] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.023427] ? __pfx_read_tsc+0x10/0x10 [ 15.023448] ? ktime_get_ts64+0x86/0x230 [ 15.023473] kunit_try_run_case+0x1a5/0x480 [ 15.023511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.023582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.023606] ? __kthread_parkme+0x82/0x180 [ 15.023628] ? preempt_count_sub+0x50/0x80 [ 15.023653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.023730] kthread+0x337/0x6f0 [ 15.023749] ? trace_preempt_on+0x20/0xc0 [ 15.023771] ? __pfx_kthread+0x10/0x10 [ 15.023792] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.023813] ? calculate_sigpending+0x7b/0xa0 [ 15.023838] ? __pfx_kthread+0x10/0x10 [ 15.023859] ret_from_fork+0x116/0x1d0 [ 15.023878] ? __pfx_kthread+0x10/0x10 [ 15.023898] ret_from_fork_asm+0x1a/0x30 [ 15.023929] </TASK> [ 15.023940] [ 15.032429] Allocated by task 278: [ 15.033036] kasan_save_stack+0x45/0x70 [ 15.033239] kasan_save_track+0x18/0x40 [ 15.033433] kasan_save_alloc_info+0x3b/0x50 [ 15.033602] __kasan_kmalloc+0xb7/0xc0 [ 15.033791] __kmalloc_cache_noprof+0x189/0x420 [ 15.034076] kasan_bitops_generic+0x92/0x1c0 [ 15.034232] kunit_try_run_case+0x1a5/0x480 [ 15.034392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.034602] kthread+0x337/0x6f0 [ 15.034779] ret_from_fork+0x116/0x1d0 [ 15.034967] ret_from_fork_asm+0x1a/0x30 [ 15.035162] [ 15.035257] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.035257] which belongs to the cache kmalloc-16 of size 16 [ 15.035649] The buggy address is located 8 bytes inside of [ 15.035649] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.036555] [ 15.036656] The buggy address belongs to the physical page: [ 15.036867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.037109] flags: 0x200000000000000(node=0|zone=2) [ 15.037434] page_type: f5(slab) [ 15.037726] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.038465] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.038788] page dumped because: kasan: bad access detected [ 15.038998] [ 15.039089] Memory state around the buggy address: [ 15.039285] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.039553] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.039865] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.040077] ^ [ 15.040239] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040567] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040889] ================================================================== [ 15.079306] ================================================================== [ 15.079652] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080055] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.080363] [ 15.080471] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.080512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.080525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.080545] Call Trace: [ 15.080560] <TASK> [ 15.080574] dump_stack_lvl+0x73/0xb0 [ 15.080602] print_report+0xd1/0x610 [ 15.080625] ? __virt_addr_valid+0x1db/0x2d0 [ 15.080648] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.080699] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080726] kasan_report+0x141/0x180 [ 15.080748] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080780] kasan_check_range+0x10c/0x1c0 [ 15.080804] __kasan_check_write+0x18/0x20 [ 15.080824] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080851] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.080879] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.080903] ? trace_hardirqs_on+0x37/0xe0 [ 15.080926] ? kasan_bitops_generic+0x92/0x1c0 [ 15.080954] kasan_bitops_generic+0x116/0x1c0 [ 15.080978] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.081004] ? __pfx_read_tsc+0x10/0x10 [ 15.081025] ? ktime_get_ts64+0x86/0x230 [ 15.081049] kunit_try_run_case+0x1a5/0x480 [ 15.081073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.081097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.081121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.081146] ? __kthread_parkme+0x82/0x180 [ 15.081166] ? preempt_count_sub+0x50/0x80 [ 15.081191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.081215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.081275] kthread+0x337/0x6f0 [ 15.081295] ? trace_preempt_on+0x20/0xc0 [ 15.081317] ? __pfx_kthread+0x10/0x10 [ 15.081338] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.081360] ? calculate_sigpending+0x7b/0xa0 [ 15.081385] ? __pfx_kthread+0x10/0x10 [ 15.081406] ret_from_fork+0x116/0x1d0 [ 15.081425] ? __pfx_kthread+0x10/0x10 [ 15.081445] ret_from_fork_asm+0x1a/0x30 [ 15.081476] </TASK> [ 15.081486] [ 15.092566] Allocated by task 278: [ 15.092824] kasan_save_stack+0x45/0x70 [ 15.093146] kasan_save_track+0x18/0x40 [ 15.093426] kasan_save_alloc_info+0x3b/0x50 [ 15.093710] __kasan_kmalloc+0xb7/0xc0 [ 15.093858] __kmalloc_cache_noprof+0x189/0x420 [ 15.094082] kasan_bitops_generic+0x92/0x1c0 [ 15.094579] kunit_try_run_case+0x1a5/0x480 [ 15.094798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.095033] kthread+0x337/0x6f0 [ 15.095194] ret_from_fork+0x116/0x1d0 [ 15.095378] ret_from_fork_asm+0x1a/0x30 [ 15.095560] [ 15.095648] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.095648] which belongs to the cache kmalloc-16 of size 16 [ 15.096131] The buggy address is located 8 bytes inside of [ 15.096131] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.097039] [ 15.097302] The buggy address belongs to the physical page: [ 15.097790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.098132] flags: 0x200000000000000(node=0|zone=2) [ 15.098486] page_type: f5(slab) [ 15.098622] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.098942] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.099564] page dumped because: kasan: bad access detected [ 15.099895] [ 15.100108] Memory state around the buggy address: [ 15.100341] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.100753] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.101165] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.101567] ^ [ 15.101735] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102414] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102697] ================================================================== [ 15.121926] ================================================================== [ 15.122278] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.122610] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.122945] [ 15.123154] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.123195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.123208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.123228] Call Trace: [ 15.123242] <TASK> [ 15.123255] dump_stack_lvl+0x73/0xb0 [ 15.123298] print_report+0xd1/0x610 [ 15.123320] ? __virt_addr_valid+0x1db/0x2d0 [ 15.123343] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.123393] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123421] kasan_report+0x141/0x180 [ 15.123443] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123474] kasan_check_range+0x10c/0x1c0 [ 15.123498] __kasan_check_write+0x18/0x20 [ 15.123518] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123545] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.123575] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.123600] ? trace_hardirqs_on+0x37/0xe0 [ 15.123623] ? kasan_bitops_generic+0x92/0x1c0 [ 15.123651] kasan_bitops_generic+0x116/0x1c0 [ 15.123674] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.123701] ? __pfx_read_tsc+0x10/0x10 [ 15.123722] ? ktime_get_ts64+0x86/0x230 [ 15.123745] kunit_try_run_case+0x1a5/0x480 [ 15.123769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.123793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.123816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.123840] ? __kthread_parkme+0x82/0x180 [ 15.123861] ? preempt_count_sub+0x50/0x80 [ 15.123885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.123909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.123934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.123960] kthread+0x337/0x6f0 [ 15.123979] ? trace_preempt_on+0x20/0xc0 [ 15.124054] ? __pfx_kthread+0x10/0x10 [ 15.124075] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.124097] ? calculate_sigpending+0x7b/0xa0 [ 15.124120] ? __pfx_kthread+0x10/0x10 [ 15.124142] ret_from_fork+0x116/0x1d0 [ 15.124160] ? __pfx_kthread+0x10/0x10 [ 15.124181] ret_from_fork_asm+0x1a/0x30 [ 15.124211] </TASK> [ 15.124222] [ 15.132535] Allocated by task 278: [ 15.132721] kasan_save_stack+0x45/0x70 [ 15.132921] kasan_save_track+0x18/0x40 [ 15.133117] kasan_save_alloc_info+0x3b/0x50 [ 15.133519] __kasan_kmalloc+0xb7/0xc0 [ 15.133730] __kmalloc_cache_noprof+0x189/0x420 [ 15.133955] kasan_bitops_generic+0x92/0x1c0 [ 15.134229] kunit_try_run_case+0x1a5/0x480 [ 15.134440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.134660] kthread+0x337/0x6f0 [ 15.134812] ret_from_fork+0x116/0x1d0 [ 15.134952] ret_from_fork_asm+0x1a/0x30 [ 15.135091] [ 15.135160] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.135160] which belongs to the cache kmalloc-16 of size 16 [ 15.135780] The buggy address is located 8 bytes inside of [ 15.135780] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.136364] [ 15.136464] The buggy address belongs to the physical page: [ 15.136716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.137071] flags: 0x200000000000000(node=0|zone=2) [ 15.137313] page_type: f5(slab) [ 15.137460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.137763] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.138061] page dumped because: kasan: bad access detected [ 15.138232] [ 15.138309] Memory state around the buggy address: [ 15.138533] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.138851] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.139099] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.139405] ^ [ 15.139620] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139933] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.140520] ================================================================== [ 15.159604] ================================================================== [ 15.159908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.160305] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.160795] [ 15.160890] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.160931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.160944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.160964] Call Trace: [ 15.160979] <TASK> [ 15.160993] dump_stack_lvl+0x73/0xb0 [ 15.161020] print_report+0xd1/0x610 [ 15.161042] ? __virt_addr_valid+0x1db/0x2d0 [ 15.161064] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.161114] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161141] kasan_report+0x141/0x180 [ 15.161163] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161194] kasan_check_range+0x10c/0x1c0 [ 15.161218] __kasan_check_write+0x18/0x20 [ 15.161237] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161340] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.161368] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.161406] ? trace_hardirqs_on+0x37/0xe0 [ 15.161428] ? kasan_bitops_generic+0x92/0x1c0 [ 15.161456] kasan_bitops_generic+0x116/0x1c0 [ 15.161481] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.161506] ? __pfx_read_tsc+0x10/0x10 [ 15.161527] ? ktime_get_ts64+0x86/0x230 [ 15.161550] kunit_try_run_case+0x1a5/0x480 [ 15.161574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.161621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.161645] ? __kthread_parkme+0x82/0x180 [ 15.161665] ? preempt_count_sub+0x50/0x80 [ 15.161688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.161738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.161763] kthread+0x337/0x6f0 [ 15.161782] ? trace_preempt_on+0x20/0xc0 [ 15.161804] ? __pfx_kthread+0x10/0x10 [ 15.161824] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.161846] ? calculate_sigpending+0x7b/0xa0 [ 15.161870] ? __pfx_kthread+0x10/0x10 [ 15.161891] ret_from_fork+0x116/0x1d0 [ 15.161909] ? __pfx_kthread+0x10/0x10 [ 15.161930] ret_from_fork_asm+0x1a/0x30 [ 15.161961] </TASK> [ 15.161970] [ 15.169894] Allocated by task 278: [ 15.170166] kasan_save_stack+0x45/0x70 [ 15.170423] kasan_save_track+0x18/0x40 [ 15.170618] kasan_save_alloc_info+0x3b/0x50 [ 15.170834] __kasan_kmalloc+0xb7/0xc0 [ 15.170974] __kmalloc_cache_noprof+0x189/0x420 [ 15.171254] kasan_bitops_generic+0x92/0x1c0 [ 15.171447] kunit_try_run_case+0x1a5/0x480 [ 15.171642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.171862] kthread+0x337/0x6f0 [ 15.172093] ret_from_fork+0x116/0x1d0 [ 15.172273] ret_from_fork_asm+0x1a/0x30 [ 15.172458] [ 15.172529] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.172529] which belongs to the cache kmalloc-16 of size 16 [ 15.173022] The buggy address is located 8 bytes inside of [ 15.173022] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.173561] [ 15.173633] The buggy address belongs to the physical page: [ 15.173806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.174235] flags: 0x200000000000000(node=0|zone=2) [ 15.174497] page_type: f5(slab) [ 15.174663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.174947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.175172] page dumped because: kasan: bad access detected [ 15.175433] [ 15.175524] Memory state around the buggy address: [ 15.175752] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.176068] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.176456] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.176703] ^ [ 15.176921] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177254] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177542] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.995922] ================================================================== [ 14.996440] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.996730] Read of size 1 at addr ffff888103a693d0 by task kunit_try_catch/276 [ 14.997059] [ 14.997165] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.997206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.997218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.997239] Call Trace: [ 14.997255] <TASK> [ 14.997279] dump_stack_lvl+0x73/0xb0 [ 14.997306] print_report+0xd1/0x610 [ 14.997329] ? __virt_addr_valid+0x1db/0x2d0 [ 14.997351] ? strnlen+0x73/0x80 [ 14.997368] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.997392] ? strnlen+0x73/0x80 [ 14.997409] kasan_report+0x141/0x180 [ 14.997431] ? strnlen+0x73/0x80 [ 14.997452] __asan_report_load1_noabort+0x18/0x20 [ 14.997478] strnlen+0x73/0x80 [ 14.997496] kasan_strings+0x615/0xe80 [ 14.997516] ? trace_hardirqs_on+0x37/0xe0 [ 14.997538] ? __pfx_kasan_strings+0x10/0x10 [ 14.997559] ? finish_task_switch.isra.0+0x153/0x700 [ 14.997583] ? __switch_to+0x47/0xf50 [ 14.997609] ? __schedule+0x10cc/0x2b60 [ 14.997631] ? __pfx_read_tsc+0x10/0x10 [ 14.997652] ? ktime_get_ts64+0x86/0x230 [ 14.997675] kunit_try_run_case+0x1a5/0x480 [ 14.997699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.997723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.997747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.997771] ? __kthread_parkme+0x82/0x180 [ 14.997792] ? preempt_count_sub+0x50/0x80 [ 14.997815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.997840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.997866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.997891] kthread+0x337/0x6f0 [ 14.997910] ? trace_preempt_on+0x20/0xc0 [ 14.997932] ? __pfx_kthread+0x10/0x10 [ 14.997953] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.997975] ? calculate_sigpending+0x7b/0xa0 [ 14.997999] ? __pfx_kthread+0x10/0x10 [ 14.998021] ret_from_fork+0x116/0x1d0 [ 14.998039] ? __pfx_kthread+0x10/0x10 [ 14.998059] ret_from_fork_asm+0x1a/0x30 [ 14.998089] </TASK> [ 14.998099] [ 15.004893] Allocated by task 276: [ 15.005069] kasan_save_stack+0x45/0x70 [ 15.005283] kasan_save_track+0x18/0x40 [ 15.005472] kasan_save_alloc_info+0x3b/0x50 [ 15.005652] __kasan_kmalloc+0xb7/0xc0 [ 15.005821] __kmalloc_cache_noprof+0x189/0x420 [ 15.005978] kasan_strings+0xc0/0xe80 [ 15.006159] kunit_try_run_case+0x1a5/0x480 [ 15.006378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.006592] kthread+0x337/0x6f0 [ 15.006715] ret_from_fork+0x116/0x1d0 [ 15.006846] ret_from_fork_asm+0x1a/0x30 [ 15.006986] [ 15.007054] Freed by task 276: [ 15.007163] kasan_save_stack+0x45/0x70 [ 15.007321] kasan_save_track+0x18/0x40 [ 15.007511] kasan_save_free_info+0x3f/0x60 [ 15.007712] __kasan_slab_free+0x56/0x70 [ 15.007902] kfree+0x222/0x3f0 [ 15.008058] kasan_strings+0x2aa/0xe80 [ 15.008241] kunit_try_run_case+0x1a5/0x480 [ 15.008451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.008701] kthread+0x337/0x6f0 [ 15.008864] ret_from_fork+0x116/0x1d0 [ 15.009047] ret_from_fork_asm+0x1a/0x30 [ 15.009238] [ 15.009341] The buggy address belongs to the object at ffff888103a693c0 [ 15.009341] which belongs to the cache kmalloc-32 of size 32 [ 15.009711] The buggy address is located 16 bytes inside of [ 15.009711] freed 32-byte region [ffff888103a693c0, ffff888103a693e0) [ 15.010132] [ 15.010226] The buggy address belongs to the physical page: [ 15.010485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a69 [ 15.010847] flags: 0x200000000000000(node=0|zone=2) [ 15.011080] page_type: f5(slab) [ 15.011223] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.011550] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.011851] page dumped because: kasan: bad access detected [ 15.012021] [ 15.012088] Memory state around the buggy address: [ 15.012243] ffff888103a69280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.012469] ffff888103a69300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.012682] >ffff888103a69380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.012998] ^ [ 15.013257] ffff888103a69400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.013586] ffff888103a69480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.013902] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.977052] ================================================================== [ 14.977342] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.977623] Read of size 1 at addr ffff888103a693d0 by task kunit_try_catch/276 [ 14.977905] [ 14.977989] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.978029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.978043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.978064] Call Trace: [ 14.978078] <TASK> [ 14.978091] dump_stack_lvl+0x73/0xb0 [ 14.978118] print_report+0xd1/0x610 [ 14.978140] ? __virt_addr_valid+0x1db/0x2d0 [ 14.978164] ? strlen+0x8f/0xb0 [ 14.978181] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.978205] ? strlen+0x8f/0xb0 [ 14.978225] kasan_report+0x141/0x180 [ 14.978250] ? strlen+0x8f/0xb0 [ 14.978282] __asan_report_load1_noabort+0x18/0x20 [ 14.978308] strlen+0x8f/0xb0 [ 14.978326] kasan_strings+0x57b/0xe80 [ 14.978345] ? trace_hardirqs_on+0x37/0xe0 [ 14.978369] ? __pfx_kasan_strings+0x10/0x10 [ 14.978389] ? finish_task_switch.isra.0+0x153/0x700 [ 14.978412] ? __switch_to+0x47/0xf50 [ 14.978438] ? __schedule+0x10cc/0x2b60 [ 14.978461] ? __pfx_read_tsc+0x10/0x10 [ 14.978482] ? ktime_get_ts64+0x86/0x230 [ 14.978505] kunit_try_run_case+0x1a5/0x480 [ 14.978530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.978578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.978603] ? __kthread_parkme+0x82/0x180 [ 14.978623] ? preempt_count_sub+0x50/0x80 [ 14.978647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.978729] kthread+0x337/0x6f0 [ 14.978748] ? trace_preempt_on+0x20/0xc0 [ 14.978770] ? __pfx_kthread+0x10/0x10 [ 14.978791] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.978813] ? calculate_sigpending+0x7b/0xa0 [ 14.978838] ? __pfx_kthread+0x10/0x10 [ 14.978860] ret_from_fork+0x116/0x1d0 [ 14.978878] ? __pfx_kthread+0x10/0x10 [ 14.978898] ret_from_fork_asm+0x1a/0x30 [ 14.978928] </TASK> [ 14.978938] [ 14.986108] Allocated by task 276: [ 14.986275] kasan_save_stack+0x45/0x70 [ 14.986475] kasan_save_track+0x18/0x40 [ 14.986657] kasan_save_alloc_info+0x3b/0x50 [ 14.986861] __kasan_kmalloc+0xb7/0xc0 [ 14.987025] __kmalloc_cache_noprof+0x189/0x420 [ 14.987245] kasan_strings+0xc0/0xe80 [ 14.987425] kunit_try_run_case+0x1a5/0x480 [ 14.987610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987838] kthread+0x337/0x6f0 [ 14.987988] ret_from_fork+0x116/0x1d0 [ 14.988120] ret_from_fork_asm+0x1a/0x30 [ 14.988258] [ 14.988335] Freed by task 276: [ 14.988443] kasan_save_stack+0x45/0x70 [ 14.988633] kasan_save_track+0x18/0x40 [ 14.988824] kasan_save_free_info+0x3f/0x60 [ 14.989035] __kasan_slab_free+0x56/0x70 [ 14.989233] kfree+0x222/0x3f0 [ 14.989410] kasan_strings+0x2aa/0xe80 [ 14.989599] kunit_try_run_case+0x1a5/0x480 [ 14.989792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990007] kthread+0x337/0x6f0 [ 14.990127] ret_from_fork+0x116/0x1d0 [ 14.990259] ret_from_fork_asm+0x1a/0x30 [ 14.990421] [ 14.990515] The buggy address belongs to the object at ffff888103a693c0 [ 14.990515] which belongs to the cache kmalloc-32 of size 32 [ 14.991066] The buggy address is located 16 bytes inside of [ 14.991066] freed 32-byte region [ffff888103a693c0, ffff888103a693e0) [ 14.991481] [ 14.991553] The buggy address belongs to the physical page: [ 14.991724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a69 [ 14.991965] flags: 0x200000000000000(node=0|zone=2) [ 14.992124] page_type: f5(slab) [ 14.992300] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.992635] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.992967] page dumped because: kasan: bad access detected [ 14.993212] [ 14.993315] Memory state around the buggy address: [ 14.993531] ffff888103a69280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.993843] ffff888103a69300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.994155] >ffff888103a69380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.994429] ^ [ 14.994607] ffff888103a69400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.994828] ffff888103a69480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.995041] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.954872] ================================================================== [ 14.955158] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.956518] Read of size 1 at addr ffff888103a693d0 by task kunit_try_catch/276 [ 14.956856] [ 14.956965] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.957008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.957020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.957041] Call Trace: [ 14.957056] <TASK> [ 14.957071] dump_stack_lvl+0x73/0xb0 [ 14.957102] print_report+0xd1/0x610 [ 14.957125] ? __virt_addr_valid+0x1db/0x2d0 [ 14.957149] ? kasan_strings+0xcbc/0xe80 [ 14.957168] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.957192] ? kasan_strings+0xcbc/0xe80 [ 14.957213] kasan_report+0x141/0x180 [ 14.957234] ? kasan_strings+0xcbc/0xe80 [ 14.957260] __asan_report_load1_noabort+0x18/0x20 [ 14.958810] kasan_strings+0xcbc/0xe80 [ 14.958834] ? trace_hardirqs_on+0x37/0xe0 [ 14.958862] ? __pfx_kasan_strings+0x10/0x10 [ 14.958884] ? finish_task_switch.isra.0+0x153/0x700 [ 14.958908] ? __switch_to+0x47/0xf50 [ 14.958934] ? __schedule+0x10cc/0x2b60 [ 14.958956] ? __pfx_read_tsc+0x10/0x10 [ 14.959213] ? ktime_get_ts64+0x86/0x230 [ 14.959248] kunit_try_run_case+0x1a5/0x480 [ 14.959303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.959328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.959379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.959404] ? __kthread_parkme+0x82/0x180 [ 14.959425] ? preempt_count_sub+0x50/0x80 [ 14.959449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.959474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.959500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.959526] kthread+0x337/0x6f0 [ 14.959545] ? trace_preempt_on+0x20/0xc0 [ 14.959568] ? __pfx_kthread+0x10/0x10 [ 14.959589] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.959611] ? calculate_sigpending+0x7b/0xa0 [ 14.959636] ? __pfx_kthread+0x10/0x10 [ 14.959657] ret_from_fork+0x116/0x1d0 [ 14.959676] ? __pfx_kthread+0x10/0x10 [ 14.959696] ret_from_fork_asm+0x1a/0x30 [ 14.960475] </TASK> [ 14.960490] [ 14.967442] Allocated by task 276: [ 14.967595] kasan_save_stack+0x45/0x70 [ 14.967739] kasan_save_track+0x18/0x40 [ 14.967874] kasan_save_alloc_info+0x3b/0x50 [ 14.968024] __kasan_kmalloc+0xb7/0xc0 [ 14.968210] __kmalloc_cache_noprof+0x189/0x420 [ 14.968444] kasan_strings+0xc0/0xe80 [ 14.968627] kunit_try_run_case+0x1a5/0x480 [ 14.968831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.969079] kthread+0x337/0x6f0 [ 14.969243] ret_from_fork+0x116/0x1d0 [ 14.969416] ret_from_fork_asm+0x1a/0x30 [ 14.969557] [ 14.969627] Freed by task 276: [ 14.969748] kasan_save_stack+0x45/0x70 [ 14.969939] kasan_save_track+0x18/0x40 [ 14.970133] kasan_save_free_info+0x3f/0x60 [ 14.970345] __kasan_slab_free+0x56/0x70 [ 14.970539] kfree+0x222/0x3f0 [ 14.970706] kasan_strings+0x2aa/0xe80 [ 14.970873] kunit_try_run_case+0x1a5/0x480 [ 14.971071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.971300] kthread+0x337/0x6f0 [ 14.971472] ret_from_fork+0x116/0x1d0 [ 14.971605] ret_from_fork_asm+0x1a/0x30 [ 14.971745] [ 14.971814] The buggy address belongs to the object at ffff888103a693c0 [ 14.971814] which belongs to the cache kmalloc-32 of size 32 [ 14.972168] The buggy address is located 16 bytes inside of [ 14.972168] freed 32-byte region [ffff888103a693c0, ffff888103a693e0) [ 14.972697] [ 14.972791] The buggy address belongs to the physical page: [ 14.973038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a69 [ 14.973327] flags: 0x200000000000000(node=0|zone=2) [ 14.973491] page_type: f5(slab) [ 14.973610] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.973841] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.974066] page dumped because: kasan: bad access detected [ 14.974327] [ 14.974418] Memory state around the buggy address: [ 14.974640] ffff888103a69280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.974969] ffff888103a69300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.975305] >ffff888103a69380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.975619] ^ [ 14.975883] ffff888103a69400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.976205] ffff888103a69480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.976527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.933954] ================================================================== [ 14.935029] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.935331] Read of size 1 at addr ffff888103a693d0 by task kunit_try_catch/276 [ 14.935629] [ 14.935735] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.935779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.935790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.935812] Call Trace: [ 14.935824] <TASK> [ 14.935839] dump_stack_lvl+0x73/0xb0 [ 14.935866] print_report+0xd1/0x610 [ 14.935891] ? __virt_addr_valid+0x1db/0x2d0 [ 14.935914] ? strcmp+0xb0/0xc0 [ 14.935931] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.935955] ? strcmp+0xb0/0xc0 [ 14.935972] kasan_report+0x141/0x180 [ 14.935994] ? strcmp+0xb0/0xc0 [ 14.936015] __asan_report_load1_noabort+0x18/0x20 [ 14.936041] strcmp+0xb0/0xc0 [ 14.936060] kasan_strings+0x431/0xe80 [ 14.936079] ? trace_hardirqs_on+0x37/0xe0 [ 14.936103] ? __pfx_kasan_strings+0x10/0x10 [ 14.936124] ? finish_task_switch.isra.0+0x153/0x700 [ 14.936148] ? __switch_to+0x47/0xf50 [ 14.936173] ? __schedule+0x10cc/0x2b60 [ 14.936196] ? __pfx_read_tsc+0x10/0x10 [ 14.936217] ? ktime_get_ts64+0x86/0x230 [ 14.936241] kunit_try_run_case+0x1a5/0x480 [ 14.936277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.936325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.936350] ? __kthread_parkme+0x82/0x180 [ 14.936370] ? preempt_count_sub+0x50/0x80 [ 14.936393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.936443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.936469] kthread+0x337/0x6f0 [ 14.936488] ? trace_preempt_on+0x20/0xc0 [ 14.936511] ? __pfx_kthread+0x10/0x10 [ 14.936531] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.936552] ? calculate_sigpending+0x7b/0xa0 [ 14.936577] ? __pfx_kthread+0x10/0x10 [ 14.936598] ret_from_fork+0x116/0x1d0 [ 14.936616] ? __pfx_kthread+0x10/0x10 [ 14.936637] ret_from_fork_asm+0x1a/0x30 [ 14.936669] </TASK> [ 14.936679] [ 14.943477] Allocated by task 276: [ 14.943604] kasan_save_stack+0x45/0x70 [ 14.943775] kasan_save_track+0x18/0x40 [ 14.943968] kasan_save_alloc_info+0x3b/0x50 [ 14.944181] __kasan_kmalloc+0xb7/0xc0 [ 14.944379] __kmalloc_cache_noprof+0x189/0x420 [ 14.944615] kasan_strings+0xc0/0xe80 [ 14.944802] kunit_try_run_case+0x1a5/0x480 [ 14.945021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945289] kthread+0x337/0x6f0 [ 14.945458] ret_from_fork+0x116/0x1d0 [ 14.945622] ret_from_fork_asm+0x1a/0x30 [ 14.945798] [ 14.945868] Freed by task 276: [ 14.945977] kasan_save_stack+0x45/0x70 [ 14.946112] kasan_save_track+0x18/0x40 [ 14.946246] kasan_save_free_info+0x3f/0x60 [ 14.946442] __kasan_slab_free+0x56/0x70 [ 14.946638] kfree+0x222/0x3f0 [ 14.946805] kasan_strings+0x2aa/0xe80 [ 14.946991] kunit_try_run_case+0x1a5/0x480 [ 14.947198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947454] kthread+0x337/0x6f0 [ 14.947575] ret_from_fork+0x116/0x1d0 [ 14.947708] ret_from_fork_asm+0x1a/0x30 [ 14.947847] [ 14.947917] The buggy address belongs to the object at ffff888103a693c0 [ 14.947917] which belongs to the cache kmalloc-32 of size 32 [ 14.948417] The buggy address is located 16 bytes inside of [ 14.948417] freed 32-byte region [ffff888103a693c0, ffff888103a693e0) [ 14.948937] [ 14.949036] The buggy address belongs to the physical page: [ 14.949295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a69 [ 14.949651] flags: 0x200000000000000(node=0|zone=2) [ 14.949839] page_type: f5(slab) [ 14.950003] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.950309] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.950612] page dumped because: kasan: bad access detected [ 14.950787] [ 14.950854] Memory state around the buggy address: [ 14.952791] ffff888103a69280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953025] ffff888103a69300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953244] >ffff888103a69380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953475] ^ [ 14.953692] ffff888103a69400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.954003] ffff888103a69480: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.954341] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.901216] ================================================================== [ 14.901980] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.902446] Read of size 1 at addr ffff888102a085d8 by task kunit_try_catch/274 [ 14.902780] [ 14.902877] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.902920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.902958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.902980] Call Trace: [ 14.902991] <TASK> [ 14.903005] dump_stack_lvl+0x73/0xb0 [ 14.903033] print_report+0xd1/0x610 [ 14.903055] ? __virt_addr_valid+0x1db/0x2d0 [ 14.903078] ? memcmp+0x1b4/0x1d0 [ 14.903094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.903119] ? memcmp+0x1b4/0x1d0 [ 14.903136] kasan_report+0x141/0x180 [ 14.903157] ? memcmp+0x1b4/0x1d0 [ 14.903180] __asan_report_load1_noabort+0x18/0x20 [ 14.903206] memcmp+0x1b4/0x1d0 [ 14.903225] kasan_memcmp+0x18f/0x390 [ 14.903245] ? trace_hardirqs_on+0x37/0xe0 [ 14.903279] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.903299] ? finish_task_switch.isra.0+0x153/0x700 [ 14.903323] ? __switch_to+0x47/0xf50 [ 14.903351] ? __pfx_read_tsc+0x10/0x10 [ 14.903373] ? ktime_get_ts64+0x86/0x230 [ 14.903719] kunit_try_run_case+0x1a5/0x480 [ 14.903749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.903774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.903797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.903823] ? __kthread_parkme+0x82/0x180 [ 14.903845] ? preempt_count_sub+0x50/0x80 [ 14.903869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.903894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.903919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.903946] kthread+0x337/0x6f0 [ 14.903965] ? trace_preempt_on+0x20/0xc0 [ 14.904053] ? __pfx_kthread+0x10/0x10 [ 14.904076] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.904099] ? calculate_sigpending+0x7b/0xa0 [ 14.904123] ? __pfx_kthread+0x10/0x10 [ 14.904145] ret_from_fork+0x116/0x1d0 [ 14.904164] ? __pfx_kthread+0x10/0x10 [ 14.904185] ret_from_fork_asm+0x1a/0x30 [ 14.904215] </TASK> [ 14.904225] [ 14.915625] Allocated by task 274: [ 14.915799] kasan_save_stack+0x45/0x70 [ 14.916339] kasan_save_track+0x18/0x40 [ 14.916509] kasan_save_alloc_info+0x3b/0x50 [ 14.916856] __kasan_kmalloc+0xb7/0xc0 [ 14.917063] __kmalloc_cache_noprof+0x189/0x420 [ 14.917628] kasan_memcmp+0xb7/0x390 [ 14.917897] kunit_try_run_case+0x1a5/0x480 [ 14.918258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.918516] kthread+0x337/0x6f0 [ 14.918665] ret_from_fork+0x116/0x1d0 [ 14.918858] ret_from_fork_asm+0x1a/0x30 [ 14.919047] [ 14.919134] The buggy address belongs to the object at ffff888102a085c0 [ 14.919134] which belongs to the cache kmalloc-32 of size 32 [ 14.919641] The buggy address is located 0 bytes to the right of [ 14.919641] allocated 24-byte region [ffff888102a085c0, ffff888102a085d8) [ 14.920140] [ 14.920234] The buggy address belongs to the physical page: [ 14.921122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 14.921605] flags: 0x200000000000000(node=0|zone=2) [ 14.921914] page_type: f5(slab) [ 14.922234] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.922670] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.923153] page dumped because: kasan: bad access detected [ 14.923523] [ 14.923759] Memory state around the buggy address: [ 14.923973] ffff888102a08480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.924389] ffff888102a08500: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.924705] >ffff888102a08580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.925004] ^ [ 14.925423] ffff888102a08600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925679] ffff888102a08680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.926051] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.873244] ================================================================== [ 14.873889] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.874476] Read of size 1 at addr ffff888103b77c4a by task kunit_try_catch/270 [ 14.874834] [ 14.874935] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.874997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.875008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.875045] Call Trace: [ 14.875056] <TASK> [ 14.875070] dump_stack_lvl+0x73/0xb0 [ 14.875099] print_report+0xd1/0x610 [ 14.875121] ? __virt_addr_valid+0x1db/0x2d0 [ 14.875145] ? kasan_alloca_oob_right+0x329/0x390 [ 14.875186] ? kasan_addr_to_slab+0x11/0xa0 [ 14.875207] ? kasan_alloca_oob_right+0x329/0x390 [ 14.875245] kasan_report+0x141/0x180 [ 14.875292] ? kasan_alloca_oob_right+0x329/0x390 [ 14.875320] __asan_report_load1_noabort+0x18/0x20 [ 14.875346] kasan_alloca_oob_right+0x329/0x390 [ 14.875370] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.875393] ? finish_task_switch.isra.0+0x153/0x700 [ 14.875417] ? __schedule+0x200e/0x2b60 [ 14.875438] ? trace_hardirqs_on+0x37/0xe0 [ 14.875464] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.875491] ? __schedule+0x10cc/0x2b60 [ 14.875512] ? __pfx_read_tsc+0x10/0x10 [ 14.875533] ? ktime_get_ts64+0x86/0x230 [ 14.875557] kunit_try_run_case+0x1a5/0x480 [ 14.875582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.875605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.875629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.875653] ? __kthread_parkme+0x82/0x180 [ 14.875675] ? preempt_count_sub+0x50/0x80 [ 14.875699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.875724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.875748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.875774] kthread+0x337/0x6f0 [ 14.875794] ? trace_preempt_on+0x20/0xc0 [ 14.875816] ? __pfx_kthread+0x10/0x10 [ 14.875837] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.875859] ? calculate_sigpending+0x7b/0xa0 [ 14.875883] ? __pfx_kthread+0x10/0x10 [ 14.875904] ret_from_fork+0x116/0x1d0 [ 14.875923] ? __pfx_kthread+0x10/0x10 [ 14.875943] ret_from_fork_asm+0x1a/0x30 [ 14.875974] </TASK> [ 14.875984] [ 14.883924] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.884311] [ 14.884441] The buggy address belongs to the physical page: [ 14.884713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b77 [ 14.885274] flags: 0x200000000000000(node=0|zone=2) [ 14.885497] raw: 0200000000000000 ffffea00040eddc8 ffffea00040eddc8 0000000000000000 [ 14.885720] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.885964] page dumped because: kasan: bad access detected [ 14.886225] [ 14.886434] Memory state around the buggy address: [ 14.886781] ffff888103b77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.887319] ffff888103b77b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.887636] >ffff888103b77c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.887883] ^ [ 14.888356] ffff888103b77c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.888850] ffff888103b77d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.889421] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.851703] ================================================================== [ 14.852571] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.852888] Read of size 1 at addr ffff888103bb7c3f by task kunit_try_catch/268 [ 14.853341] [ 14.853436] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.853504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.853516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.853537] Call Trace: [ 14.853548] <TASK> [ 14.853578] dump_stack_lvl+0x73/0xb0 [ 14.853609] print_report+0xd1/0x610 [ 14.853631] ? __virt_addr_valid+0x1db/0x2d0 [ 14.853655] ? kasan_alloca_oob_left+0x320/0x380 [ 14.853678] ? kasan_addr_to_slab+0x11/0xa0 [ 14.853699] ? kasan_alloca_oob_left+0x320/0x380 [ 14.853721] kasan_report+0x141/0x180 [ 14.853744] ? kasan_alloca_oob_left+0x320/0x380 [ 14.853771] __asan_report_load1_noabort+0x18/0x20 [ 14.853796] kasan_alloca_oob_left+0x320/0x380 [ 14.853821] ? finish_task_switch.isra.0+0x153/0x700 [ 14.853863] ? __schedule+0x200e/0x2b60 [ 14.853884] ? trace_hardirqs_on+0x37/0xe0 [ 14.853909] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.853952] ? __schedule+0x10cc/0x2b60 [ 14.853972] ? __pfx_read_tsc+0x10/0x10 [ 14.853995] ? ktime_get_ts64+0x86/0x230 [ 14.854020] kunit_try_run_case+0x1a5/0x480 [ 14.854097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.854149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.854173] ? __kthread_parkme+0x82/0x180 [ 14.854195] ? preempt_count_sub+0x50/0x80 [ 14.854218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.854305] kthread+0x337/0x6f0 [ 14.854324] ? trace_preempt_on+0x20/0xc0 [ 14.854346] ? __pfx_kthread+0x10/0x10 [ 14.854367] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.854389] ? calculate_sigpending+0x7b/0xa0 [ 14.854414] ? __pfx_kthread+0x10/0x10 [ 14.854436] ret_from_fork+0x116/0x1d0 [ 14.854455] ? __pfx_kthread+0x10/0x10 [ 14.854475] ret_from_fork_asm+0x1a/0x30 [ 14.854507] </TASK> [ 14.854516] [ 14.863297] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.863617] [ 14.863728] The buggy address belongs to the physical page: [ 14.864006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bb7 [ 14.864418] flags: 0x200000000000000(node=0|zone=2) [ 14.864633] raw: 0200000000000000 ffffea00040eedc8 ffffea00040eedc8 0000000000000000 [ 14.864859] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.865142] page dumped because: kasan: bad access detected [ 14.865431] [ 14.865555] Memory state around the buggy address: [ 14.865800] ffff888103bb7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.866356] ffff888103bb7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.866725] >ffff888103bb7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.866970] ^ [ 14.867303] ffff888103bb7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.867512] ffff888103bb7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.867870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.798174] ================================================================== [ 14.798727] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.799059] Read of size 1 at addr ffffffff8fa63e8d by task kunit_try_catch/262 [ 14.799497] [ 14.799635] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.799679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.799691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.799712] Call Trace: [ 14.799724] <TASK> [ 14.799738] dump_stack_lvl+0x73/0xb0 [ 14.799791] print_report+0xd1/0x610 [ 14.799813] ? __virt_addr_valid+0x1db/0x2d0 [ 14.799838] ? kasan_global_oob_right+0x286/0x2d0 [ 14.799860] ? kasan_addr_to_slab+0x11/0xa0 [ 14.799881] ? kasan_global_oob_right+0x286/0x2d0 [ 14.799904] kasan_report+0x141/0x180 [ 14.799926] ? kasan_global_oob_right+0x286/0x2d0 [ 14.799953] __asan_report_load1_noabort+0x18/0x20 [ 14.800042] kasan_global_oob_right+0x286/0x2d0 [ 14.800070] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.800096] ? __schedule+0x10cc/0x2b60 [ 14.800119] ? __pfx_read_tsc+0x10/0x10 [ 14.800139] ? ktime_get_ts64+0x86/0x230 [ 14.800164] kunit_try_run_case+0x1a5/0x480 [ 14.800189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.800294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.800319] ? __kthread_parkme+0x82/0x180 [ 14.800341] ? preempt_count_sub+0x50/0x80 [ 14.800366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.800391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.800416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.800442] kthread+0x337/0x6f0 [ 14.800461] ? trace_preempt_on+0x20/0xc0 [ 14.800486] ? __pfx_kthread+0x10/0x10 [ 14.800507] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.800528] ? calculate_sigpending+0x7b/0xa0 [ 14.800553] ? __pfx_kthread+0x10/0x10 [ 14.800574] ret_from_fork+0x116/0x1d0 [ 14.800593] ? __pfx_kthread+0x10/0x10 [ 14.800613] ret_from_fork_asm+0x1a/0x30 [ 14.800643] </TASK> [ 14.800653] [ 14.811161] The buggy address belongs to the variable: [ 14.811700] global_array+0xd/0x40 [ 14.811856] [ 14.811949] The buggy address belongs to the physical page: [ 14.812726] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122863 [ 14.813731] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.814548] raw: 0200000000002000 ffffea00048a18c8 ffffea00048a18c8 0000000000000000 [ 14.815544] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.815860] page dumped because: kasan: bad access detected [ 14.816390] [ 14.816621] Memory state around the buggy address: [ 14.817281] ffffffff8fa63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.818113] ffffffff8fa63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.818859] >ffffffff8fa63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.819332] ^ [ 14.819467] ffffffff8fa63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.819685] ffffffff8fa63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.819899] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.769499] ================================================================== [ 14.770101] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.770609] Free of addr ffff888102c04001 by task kunit_try_catch/260 [ 14.771305] [ 14.771490] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.771535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.771719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.771744] Call Trace: [ 14.771756] <TASK> [ 14.771771] dump_stack_lvl+0x73/0xb0 [ 14.771802] print_report+0xd1/0x610 [ 14.771825] ? __virt_addr_valid+0x1db/0x2d0 [ 14.771849] ? kasan_addr_to_slab+0x11/0xa0 [ 14.771871] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.771899] kasan_report_invalid_free+0x10a/0x130 [ 14.771925] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.771955] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.772219] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.772248] mempool_free+0x2ec/0x380 [ 14.772288] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.772316] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.772347] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.772370] ? finish_task_switch.isra.0+0x153/0x700 [ 14.772398] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.772424] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.772454] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.772477] ? __pfx_mempool_kfree+0x10/0x10 [ 14.772502] ? __pfx_read_tsc+0x10/0x10 [ 14.772524] ? ktime_get_ts64+0x86/0x230 [ 14.772549] kunit_try_run_case+0x1a5/0x480 [ 14.772574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.772598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.772624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.772648] ? __kthread_parkme+0x82/0x180 [ 14.772669] ? preempt_count_sub+0x50/0x80 [ 14.772692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.772717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.772741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.772767] kthread+0x337/0x6f0 [ 14.772786] ? trace_preempt_on+0x20/0xc0 [ 14.772809] ? __pfx_kthread+0x10/0x10 [ 14.772830] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.772852] ? calculate_sigpending+0x7b/0xa0 [ 14.772877] ? __pfx_kthread+0x10/0x10 [ 14.772899] ret_from_fork+0x116/0x1d0 [ 14.772917] ? __pfx_kthread+0x10/0x10 [ 14.772937] ret_from_fork_asm+0x1a/0x30 [ 14.772968] </TASK> [ 14.773027] [ 14.786867] The buggy address belongs to the physical page: [ 14.787516] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 14.787861] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.788434] flags: 0x200000000000040(head|node=0|zone=2) [ 14.788927] page_type: f8(unknown) [ 14.789321] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.789914] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.790276] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.790949] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.791780] head: 0200000000000002 ffffea00040b0101 00000000ffffffff 00000000ffffffff [ 14.792412] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.792648] page dumped because: kasan: bad access detected [ 14.792819] [ 14.792887] Memory state around the buggy address: [ 14.793089] ffff888102c03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.793458] ffff888102c03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.793789] >ffff888102c04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.794179] ^ [ 14.794338] ffff888102c04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.794553] ffff888102c04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.794867] ================================================================== [ 14.731666] ================================================================== [ 14.733017] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.734022] Free of addr ffff888103a67001 by task kunit_try_catch/258 [ 14.734673] [ 14.734881] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.734928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.734941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.734965] Call Trace: [ 14.734977] <TASK> [ 14.734994] dump_stack_lvl+0x73/0xb0 [ 14.735026] print_report+0xd1/0x610 [ 14.735051] ? __virt_addr_valid+0x1db/0x2d0 [ 14.735076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.735101] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.735130] kasan_report_invalid_free+0x10a/0x130 [ 14.735218] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.735251] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.735296] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.735323] check_slab_allocation+0x11f/0x130 [ 14.735347] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.735373] mempool_free+0x2ec/0x380 [ 14.735403] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.735431] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.735461] ? __kasan_check_write+0x18/0x20 [ 14.735482] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.735507] ? finish_task_switch.isra.0+0x153/0x700 [ 14.735535] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.735561] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.735590] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.735614] ? __pfx_mempool_kfree+0x10/0x10 [ 14.735640] ? __pfx_read_tsc+0x10/0x10 [ 14.735662] ? ktime_get_ts64+0x86/0x230 [ 14.735688] kunit_try_run_case+0x1a5/0x480 [ 14.735715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.735764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.735789] ? __kthread_parkme+0x82/0x180 [ 14.735813] ? preempt_count_sub+0x50/0x80 [ 14.735838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.735889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.735916] kthread+0x337/0x6f0 [ 14.735937] ? trace_preempt_on+0x20/0xc0 [ 14.735961] ? __pfx_kthread+0x10/0x10 [ 14.735999] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.736022] ? calculate_sigpending+0x7b/0xa0 [ 14.736068] ? __pfx_kthread+0x10/0x10 [ 14.736091] ret_from_fork+0x116/0x1d0 [ 14.736112] ? __pfx_kthread+0x10/0x10 [ 14.736133] ret_from_fork_asm+0x1a/0x30 [ 14.736166] </TASK> [ 14.736178] [ 14.753690] Allocated by task 258: [ 14.754001] kasan_save_stack+0x45/0x70 [ 14.754254] kasan_save_track+0x18/0x40 [ 14.754652] kasan_save_alloc_info+0x3b/0x50 [ 14.754815] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.755229] remove_element+0x11e/0x190 [ 14.755784] mempool_alloc_preallocated+0x4d/0x90 [ 14.756313] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.756644] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.756992] kunit_try_run_case+0x1a5/0x480 [ 14.757467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757662] kthread+0x337/0x6f0 [ 14.757780] ret_from_fork+0x116/0x1d0 [ 14.757911] ret_from_fork_asm+0x1a/0x30 [ 14.758276] [ 14.758450] The buggy address belongs to the object at ffff888103a67000 [ 14.758450] which belongs to the cache kmalloc-128 of size 128 [ 14.759762] The buggy address is located 1 bytes inside of [ 14.759762] 128-byte region [ffff888103a67000, ffff888103a67080) [ 14.760571] [ 14.760755] The buggy address belongs to the physical page: [ 14.761381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 14.761635] flags: 0x200000000000000(node=0|zone=2) [ 14.761810] page_type: f5(slab) [ 14.761938] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.762709] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.763555] page dumped because: kasan: bad access detected [ 14.764123] [ 14.764303] Memory state around the buggy address: [ 14.764746] ffff888103a66f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765498] ffff888103a66f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765716] >ffff888103a67000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.765925] ^ [ 14.766071] ffff888103a67080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.766472] ffff888103a67100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.766765] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.700801] ================================================================== [ 14.702274] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.702978] Free of addr ffff888102c04000 by task kunit_try_catch/256 [ 14.703380] [ 14.703471] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.703515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.703526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.703549] Call Trace: [ 14.703560] <TASK> [ 14.703576] dump_stack_lvl+0x73/0xb0 [ 14.703606] print_report+0xd1/0x610 [ 14.703629] ? __virt_addr_valid+0x1db/0x2d0 [ 14.703655] ? kasan_addr_to_slab+0x11/0xa0 [ 14.703675] ? mempool_double_free_helper+0x184/0x370 [ 14.703701] kasan_report_invalid_free+0x10a/0x130 [ 14.703727] ? mempool_double_free_helper+0x184/0x370 [ 14.703754] ? mempool_double_free_helper+0x184/0x370 [ 14.703777] __kasan_mempool_poison_pages+0x115/0x130 [ 14.703804] mempool_free+0x290/0x380 [ 14.703831] mempool_double_free_helper+0x184/0x370 [ 14.703856] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.703881] ? update_curr+0x5c1/0x810 [ 14.703911] mempool_page_alloc_double_free+0xe8/0x140 [ 14.703938] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.703964] ? schedule+0x7c/0x2e0 [ 14.703987] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.704012] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.704039] ? __pfx_read_tsc+0x10/0x10 [ 14.704061] ? ktime_get_ts64+0x86/0x230 [ 14.704085] kunit_try_run_case+0x1a5/0x480 [ 14.704111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.704135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.704159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.704183] ? __kthread_parkme+0x82/0x180 [ 14.704204] ? preempt_count_sub+0x50/0x80 [ 14.704228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.704254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.704305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.704330] kthread+0x337/0x6f0 [ 14.704349] ? trace_preempt_on+0x20/0xc0 [ 14.704372] ? __pfx_kthread+0x10/0x10 [ 14.704392] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.704414] ? calculate_sigpending+0x7b/0xa0 [ 14.704439] ? __pfx_kthread+0x10/0x10 [ 14.704470] ret_from_fork+0x116/0x1d0 [ 14.704489] ? __pfx_kthread+0x10/0x10 [ 14.704509] ret_from_fork_asm+0x1a/0x30 [ 14.704551] </TASK> [ 14.704570] [ 14.716910] The buggy address belongs to the physical page: [ 14.717096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 14.717353] flags: 0x200000000000000(node=0|zone=2) [ 14.717525] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.717759] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.717987] page dumped because: kasan: bad access detected [ 14.718159] [ 14.718228] Memory state around the buggy address: [ 14.718638] ffff888102c03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.719247] ffff888102c03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.719862] >ffff888102c04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.720473] ^ [ 14.720774] ffff888102c04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.721382] ffff888102c04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.721982] ================================================================== [ 14.666383] ================================================================== [ 14.666789] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.667402] Free of addr ffff888102c04000 by task kunit_try_catch/254 [ 14.668168] [ 14.668451] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.668500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.668512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.668534] Call Trace: [ 14.668546] <TASK> [ 14.668562] dump_stack_lvl+0x73/0xb0 [ 14.668593] print_report+0xd1/0x610 [ 14.668616] ? __virt_addr_valid+0x1db/0x2d0 [ 14.668641] ? kasan_addr_to_slab+0x11/0xa0 [ 14.668663] ? mempool_double_free_helper+0x184/0x370 [ 14.668689] kasan_report_invalid_free+0x10a/0x130 [ 14.668714] ? mempool_double_free_helper+0x184/0x370 [ 14.668742] ? mempool_double_free_helper+0x184/0x370 [ 14.668766] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.668793] mempool_free+0x2ec/0x380 [ 14.668820] mempool_double_free_helper+0x184/0x370 [ 14.668845] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.668872] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.668895] ? finish_task_switch.isra.0+0x153/0x700 [ 14.668922] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.668948] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.668978] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.669001] ? __pfx_mempool_kfree+0x10/0x10 [ 14.669026] ? __pfx_read_tsc+0x10/0x10 [ 14.669047] ? ktime_get_ts64+0x86/0x230 [ 14.669071] kunit_try_run_case+0x1a5/0x480 [ 14.669097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669174] ? __kthread_parkme+0x82/0x180 [ 14.669195] ? preempt_count_sub+0x50/0x80 [ 14.669218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669305] kthread+0x337/0x6f0 [ 14.669323] ? trace_preempt_on+0x20/0xc0 [ 14.669347] ? __pfx_kthread+0x10/0x10 [ 14.669368] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.669431] ? calculate_sigpending+0x7b/0xa0 [ 14.669455] ? __pfx_kthread+0x10/0x10 [ 14.669488] ret_from_fork+0x116/0x1d0 [ 14.669508] ? __pfx_kthread+0x10/0x10 [ 14.669529] ret_from_fork_asm+0x1a/0x30 [ 14.669559] </TASK> [ 14.669570] [ 14.683191] The buggy address belongs to the physical page: [ 14.683720] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 14.684432] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.684897] flags: 0x200000000000040(head|node=0|zone=2) [ 14.685080] page_type: f8(unknown) [ 14.685211] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.685457] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.685690] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.685924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.686158] head: 0200000000000002 ffffea00040b0101 00000000ffffffff 00000000ffffffff [ 14.686666] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.687346] page dumped because: kasan: bad access detected [ 14.687819] [ 14.687978] Memory state around the buggy address: [ 14.688419] ffff888102c03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.689031] ffff888102c03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.689636] >ffff888102c04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.690238] ^ [ 14.690554] ffff888102c04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.691319] ffff888102c04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.691900] ================================================================== [ 14.624884] ================================================================== [ 14.625473] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.625715] Free of addr ffff8881029efc00 by task kunit_try_catch/252 [ 14.625914] [ 14.626326] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.626374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626409] Call Trace: [ 14.626422] <TASK> [ 14.626622] dump_stack_lvl+0x73/0xb0 [ 14.626659] print_report+0xd1/0x610 [ 14.626683] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626717] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.626741] ? mempool_double_free_helper+0x184/0x370 [ 14.626767] kasan_report_invalid_free+0x10a/0x130 [ 14.626792] ? mempool_double_free_helper+0x184/0x370 [ 14.626819] ? mempool_double_free_helper+0x184/0x370 [ 14.626843] ? mempool_double_free_helper+0x184/0x370 [ 14.626867] check_slab_allocation+0x101/0x130 [ 14.626890] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.626916] mempool_free+0x2ec/0x380 [ 14.626942] mempool_double_free_helper+0x184/0x370 [ 14.626967] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.627079] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.627103] ? finish_task_switch.isra.0+0x153/0x700 [ 14.627130] mempool_kmalloc_double_free+0xed/0x140 [ 14.627155] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.627184] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.627207] ? __pfx_mempool_kfree+0x10/0x10 [ 14.627232] ? __pfx_read_tsc+0x10/0x10 [ 14.627253] ? ktime_get_ts64+0x86/0x230 [ 14.627290] kunit_try_run_case+0x1a5/0x480 [ 14.627315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.627364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627388] ? __kthread_parkme+0x82/0x180 [ 14.627410] ? preempt_count_sub+0x50/0x80 [ 14.627436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627516] kthread+0x337/0x6f0 [ 14.627535] ? trace_preempt_on+0x20/0xc0 [ 14.627560] ? __pfx_kthread+0x10/0x10 [ 14.627581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627603] ? calculate_sigpending+0x7b/0xa0 [ 14.627628] ? __pfx_kthread+0x10/0x10 [ 14.627650] ret_from_fork+0x116/0x1d0 [ 14.627669] ? __pfx_kthread+0x10/0x10 [ 14.627690] ret_from_fork_asm+0x1a/0x30 [ 14.627721] </TASK> [ 14.627732] [ 14.644822] Allocated by task 252: [ 14.645243] kasan_save_stack+0x45/0x70 [ 14.645478] kasan_save_track+0x18/0x40 [ 14.645812] kasan_save_alloc_info+0x3b/0x50 [ 14.646273] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.646521] remove_element+0x11e/0x190 [ 14.646701] mempool_alloc_preallocated+0x4d/0x90 [ 14.646912] mempool_double_free_helper+0x8a/0x370 [ 14.647623] mempool_kmalloc_double_free+0xed/0x140 [ 14.648247] kunit_try_run_case+0x1a5/0x480 [ 14.648533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.648954] kthread+0x337/0x6f0 [ 14.649378] ret_from_fork+0x116/0x1d0 [ 14.649694] ret_from_fork_asm+0x1a/0x30 [ 14.649899] [ 14.650250] Freed by task 252: [ 14.650409] kasan_save_stack+0x45/0x70 [ 14.650592] kasan_save_track+0x18/0x40 [ 14.650770] kasan_save_free_info+0x3f/0x60 [ 14.650962] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.651710] mempool_free+0x2ec/0x380 [ 14.651968] mempool_double_free_helper+0x109/0x370 [ 14.652409] mempool_kmalloc_double_free+0xed/0x140 [ 14.652637] kunit_try_run_case+0x1a5/0x480 [ 14.652829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.653435] kthread+0x337/0x6f0 [ 14.653673] ret_from_fork+0x116/0x1d0 [ 14.653978] ret_from_fork_asm+0x1a/0x30 [ 14.654492] [ 14.654596] The buggy address belongs to the object at ffff8881029efc00 [ 14.654596] which belongs to the cache kmalloc-128 of size 128 [ 14.655537] The buggy address is located 0 bytes inside of [ 14.655537] 128-byte region [ffff8881029efc00, ffff8881029efc80) [ 14.656249] [ 14.656358] The buggy address belongs to the physical page: [ 14.656582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.656906] flags: 0x200000000000000(node=0|zone=2) [ 14.657588] page_type: f5(slab) [ 14.657836] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.658521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.658847] page dumped because: kasan: bad access detected [ 14.659483] [ 14.659655] Memory state around the buggy address: [ 14.660011] ffff8881029efb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.660399] ffff8881029efb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.660696] >ffff8881029efc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.661312] ^ [ 14.661570] ffff8881029efc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.662118] ffff8881029efd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.662434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.541251] ================================================================== [ 14.541747] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.542239] Read of size 1 at addr ffff888103b3c000 by task kunit_try_catch/246 [ 14.542572] [ 14.542687] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.542740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.542751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.542773] Call Trace: [ 14.542785] <TASK> [ 14.542800] dump_stack_lvl+0x73/0xb0 [ 14.542844] print_report+0xd1/0x610 [ 14.542867] ? __virt_addr_valid+0x1db/0x2d0 [ 14.542891] ? mempool_uaf_helper+0x392/0x400 [ 14.542929] ? kasan_addr_to_slab+0x11/0xa0 [ 14.542951] ? mempool_uaf_helper+0x392/0x400 [ 14.542975] kasan_report+0x141/0x180 [ 14.543137] ? mempool_uaf_helper+0x392/0x400 [ 14.543168] __asan_report_load1_noabort+0x18/0x20 [ 14.543207] mempool_uaf_helper+0x392/0x400 [ 14.543231] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.543254] ? update_load_avg+0x1be/0x21b0 [ 14.543289] ? dequeue_entities+0x27e/0x1740 [ 14.543324] ? finish_task_switch.isra.0+0x153/0x700 [ 14.543351] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.543387] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.543415] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.543440] ? __pfx_mempool_kfree+0x10/0x10 [ 14.543466] ? __pfx_read_tsc+0x10/0x10 [ 14.543488] ? ktime_get_ts64+0x86/0x230 [ 14.543513] kunit_try_run_case+0x1a5/0x480 [ 14.543542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.543595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.543619] ? __kthread_parkme+0x82/0x180 [ 14.543642] ? preempt_count_sub+0x50/0x80 [ 14.543667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.543718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.543745] kthread+0x337/0x6f0 [ 14.543764] ? trace_preempt_on+0x20/0xc0 [ 14.543790] ? __pfx_kthread+0x10/0x10 [ 14.543813] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.543835] ? calculate_sigpending+0x7b/0xa0 [ 14.543861] ? __pfx_kthread+0x10/0x10 [ 14.543883] ret_from_fork+0x116/0x1d0 [ 14.543903] ? __pfx_kthread+0x10/0x10 [ 14.543924] ret_from_fork_asm+0x1a/0x30 [ 14.543954] </TASK> [ 14.543965] [ 14.553660] The buggy address belongs to the physical page: [ 14.553925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b3c [ 14.554327] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.554724] flags: 0x200000000000040(head|node=0|zone=2) [ 14.555283] page_type: f8(unknown) [ 14.555540] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.555806] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.556327] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.556736] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.557185] head: 0200000000000002 ffffea00040ecf01 00000000ffffffff 00000000ffffffff [ 14.557561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.557790] page dumped because: kasan: bad access detected [ 14.558140] [ 14.558236] Memory state around the buggy address: [ 14.558468] ffff888103b3bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.558697] ffff888103b3bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.558991] >ffff888103b3c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.559539] ^ [ 14.559711] ffff888103b3c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.560111] ffff888103b3c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.560436] ================================================================== [ 14.598083] ================================================================== [ 14.599488] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.600248] Read of size 1 at addr ffff888102c04000 by task kunit_try_catch/250 [ 14.600783] [ 14.600906] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.600953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.600967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.600989] Call Trace: [ 14.601002] <TASK> [ 14.601018] dump_stack_lvl+0x73/0xb0 [ 14.601050] print_report+0xd1/0x610 [ 14.601073] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601098] ? mempool_uaf_helper+0x392/0x400 [ 14.601122] ? kasan_addr_to_slab+0x11/0xa0 [ 14.601143] ? mempool_uaf_helper+0x392/0x400 [ 14.601165] kasan_report+0x141/0x180 [ 14.601187] ? mempool_uaf_helper+0x392/0x400 [ 14.601214] __asan_report_load1_noabort+0x18/0x20 [ 14.601240] mempool_uaf_helper+0x392/0x400 [ 14.601275] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.601463] ? __kasan_check_write+0x18/0x20 [ 14.601485] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.601510] ? finish_task_switch.isra.0+0x153/0x700 [ 14.601538] mempool_page_alloc_uaf+0xed/0x140 [ 14.601563] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.601624] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.601652] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.601679] ? __pfx_read_tsc+0x10/0x10 [ 14.601701] ? ktime_get_ts64+0x86/0x230 [ 14.601727] kunit_try_run_case+0x1a5/0x480 [ 14.601753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601827] ? __kthread_parkme+0x82/0x180 [ 14.601849] ? preempt_count_sub+0x50/0x80 [ 14.601872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601948] kthread+0x337/0x6f0 [ 14.601967] ? trace_preempt_on+0x20/0xc0 [ 14.602003] ? __pfx_kthread+0x10/0x10 [ 14.602025] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.602058] ? calculate_sigpending+0x7b/0xa0 [ 14.602083] ? __pfx_kthread+0x10/0x10 [ 14.602104] ret_from_fork+0x116/0x1d0 [ 14.602123] ? __pfx_kthread+0x10/0x10 [ 14.602144] ret_from_fork_asm+0x1a/0x30 [ 14.602176] </TASK> [ 14.602187] [ 14.614541] The buggy address belongs to the physical page: [ 14.614806] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 14.615693] flags: 0x200000000000000(node=0|zone=2) [ 14.615914] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.616668] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.617029] page dumped because: kasan: bad access detected [ 14.617281] [ 14.617371] Memory state around the buggy address: [ 14.617574] ffff888102c03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.617867] ffff888102c03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.618505] >ffff888102c04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.618809] ^ [ 14.618961] ffff888102c04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.619794] ffff888102c04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.620100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.501178] ================================================================== [ 14.502607] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.502876] Read of size 1 at addr ffff8881027ebc00 by task kunit_try_catch/244 [ 14.503509] [ 14.504047] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.504189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.504205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.504228] Call Trace: [ 14.504242] <TASK> [ 14.504260] dump_stack_lvl+0x73/0xb0 [ 14.504306] print_report+0xd1/0x610 [ 14.504330] ? __virt_addr_valid+0x1db/0x2d0 [ 14.504355] ? mempool_uaf_helper+0x392/0x400 [ 14.504378] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.504402] ? mempool_uaf_helper+0x392/0x400 [ 14.504425] kasan_report+0x141/0x180 [ 14.504447] ? mempool_uaf_helper+0x392/0x400 [ 14.504474] __asan_report_load1_noabort+0x18/0x20 [ 14.504500] mempool_uaf_helper+0x392/0x400 [ 14.504523] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.504550] ? __kasan_check_write+0x18/0x20 [ 14.504569] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.504593] ? finish_task_switch.isra.0+0x153/0x700 [ 14.504621] mempool_kmalloc_uaf+0xef/0x140 [ 14.504644] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.504670] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.504696] ? __pfx_mempool_kfree+0x10/0x10 [ 14.504721] ? __pfx_read_tsc+0x10/0x10 [ 14.504743] ? ktime_get_ts64+0x86/0x230 [ 14.504767] kunit_try_run_case+0x1a5/0x480 [ 14.504794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.504819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.504847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.504872] ? __kthread_parkme+0x82/0x180 [ 14.504893] ? preempt_count_sub+0x50/0x80 [ 14.504917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.504943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.504968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.505007] kthread+0x337/0x6f0 [ 14.505040] ? trace_preempt_on+0x20/0xc0 [ 14.505072] ? __pfx_kthread+0x10/0x10 [ 14.505093] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.505117] ? calculate_sigpending+0x7b/0xa0 [ 14.505144] ? __pfx_kthread+0x10/0x10 [ 14.505165] ret_from_fork+0x116/0x1d0 [ 14.505184] ? __pfx_kthread+0x10/0x10 [ 14.505205] ret_from_fork_asm+0x1a/0x30 [ 14.505236] </TASK> [ 14.505247] [ 14.520665] Allocated by task 244: [ 14.521033] kasan_save_stack+0x45/0x70 [ 14.521484] kasan_save_track+0x18/0x40 [ 14.521869] kasan_save_alloc_info+0x3b/0x50 [ 14.522368] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.522554] remove_element+0x11e/0x190 [ 14.522696] mempool_alloc_preallocated+0x4d/0x90 [ 14.522860] mempool_uaf_helper+0x96/0x400 [ 14.523132] mempool_kmalloc_uaf+0xef/0x140 [ 14.523594] kunit_try_run_case+0x1a5/0x480 [ 14.524057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524584] kthread+0x337/0x6f0 [ 14.524921] ret_from_fork+0x116/0x1d0 [ 14.525392] ret_from_fork_asm+0x1a/0x30 [ 14.525911] [ 14.526134] Freed by task 244: [ 14.526479] kasan_save_stack+0x45/0x70 [ 14.526624] kasan_save_track+0x18/0x40 [ 14.526761] kasan_save_free_info+0x3f/0x60 [ 14.526905] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.527086] mempool_free+0x2ec/0x380 [ 14.527347] mempool_uaf_helper+0x11a/0x400 [ 14.527500] mempool_kmalloc_uaf+0xef/0x140 [ 14.527720] kunit_try_run_case+0x1a5/0x480 [ 14.527934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.528312] kthread+0x337/0x6f0 [ 14.528470] ret_from_fork+0x116/0x1d0 [ 14.528636] ret_from_fork_asm+0x1a/0x30 [ 14.528880] [ 14.529032] The buggy address belongs to the object at ffff8881027ebc00 [ 14.529032] which belongs to the cache kmalloc-128 of size 128 [ 14.529465] The buggy address is located 0 bytes inside of [ 14.529465] freed 128-byte region [ffff8881027ebc00, ffff8881027ebc80) [ 14.529943] [ 14.530039] The buggy address belongs to the physical page: [ 14.530244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 14.530516] flags: 0x200000000000000(node=0|zone=2) [ 14.530755] page_type: f5(slab) [ 14.530925] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.531344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.531713] page dumped because: kasan: bad access detected [ 14.531950] [ 14.532097] Memory state around the buggy address: [ 14.532309] ffff8881027ebb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.532652] ffff8881027ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.532875] >ffff8881027ebc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.533199] ^ [ 14.533369] ffff8881027ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.533578] ffff8881027ebd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.534192] ================================================================== [ 14.565948] ================================================================== [ 14.566593] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.566935] Read of size 1 at addr ffff888103a66240 by task kunit_try_catch/248 [ 14.567310] [ 14.567434] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.567494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.567506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.567527] Call Trace: [ 14.567541] <TASK> [ 14.567557] dump_stack_lvl+0x73/0xb0 [ 14.567602] print_report+0xd1/0x610 [ 14.567627] ? __virt_addr_valid+0x1db/0x2d0 [ 14.567653] ? mempool_uaf_helper+0x392/0x400 [ 14.567677] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.567703] ? mempool_uaf_helper+0x392/0x400 [ 14.567726] kasan_report+0x141/0x180 [ 14.567759] ? mempool_uaf_helper+0x392/0x400 [ 14.567788] __asan_report_load1_noabort+0x18/0x20 [ 14.567825] mempool_uaf_helper+0x392/0x400 [ 14.567850] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.567878] ? finish_task_switch.isra.0+0x153/0x700 [ 14.567917] mempool_slab_uaf+0xea/0x140 [ 14.567942] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.568055] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.568089] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.568117] ? __pfx_read_tsc+0x10/0x10 [ 14.568141] ? ktime_get_ts64+0x86/0x230 [ 14.568168] kunit_try_run_case+0x1a5/0x480 [ 14.568196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.568248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.568287] ? __kthread_parkme+0x82/0x180 [ 14.568310] ? preempt_count_sub+0x50/0x80 [ 14.568336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.568362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.568388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.568415] kthread+0x337/0x6f0 [ 14.568436] ? trace_preempt_on+0x20/0xc0 [ 14.568462] ? __pfx_kthread+0x10/0x10 [ 14.568483] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.568507] ? calculate_sigpending+0x7b/0xa0 [ 14.568534] ? __pfx_kthread+0x10/0x10 [ 14.568557] ret_from_fork+0x116/0x1d0 [ 14.568577] ? __pfx_kthread+0x10/0x10 [ 14.568599] ret_from_fork_asm+0x1a/0x30 [ 14.568632] </TASK> [ 14.568645] [ 14.577917] Allocated by task 248: [ 14.578277] kasan_save_stack+0x45/0x70 [ 14.578509] kasan_save_track+0x18/0x40 [ 14.578659] kasan_save_alloc_info+0x3b/0x50 [ 14.578911] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.579136] remove_element+0x11e/0x190 [ 14.579427] mempool_alloc_preallocated+0x4d/0x90 [ 14.579647] mempool_uaf_helper+0x96/0x400 [ 14.579849] mempool_slab_uaf+0xea/0x140 [ 14.580044] kunit_try_run_case+0x1a5/0x480 [ 14.580194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580412] kthread+0x337/0x6f0 [ 14.580677] ret_from_fork+0x116/0x1d0 [ 14.580930] ret_from_fork_asm+0x1a/0x30 [ 14.581134] [ 14.581350] Freed by task 248: [ 14.581514] kasan_save_stack+0x45/0x70 [ 14.581716] kasan_save_track+0x18/0x40 [ 14.581911] kasan_save_free_info+0x3f/0x60 [ 14.582238] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.582470] mempool_free+0x2ec/0x380 [ 14.582681] mempool_uaf_helper+0x11a/0x400 [ 14.582938] mempool_slab_uaf+0xea/0x140 [ 14.583401] kunit_try_run_case+0x1a5/0x480 [ 14.583580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.583856] kthread+0x337/0x6f0 [ 14.584129] ret_from_fork+0x116/0x1d0 [ 14.584340] ret_from_fork_asm+0x1a/0x30 [ 14.584548] [ 14.584649] The buggy address belongs to the object at ffff888103a66240 [ 14.584649] which belongs to the cache test_cache of size 123 [ 14.585243] The buggy address is located 0 bytes inside of [ 14.585243] freed 123-byte region [ffff888103a66240, ffff888103a662bb) [ 14.585732] [ 14.585806] The buggy address belongs to the physical page: [ 14.585982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a66 [ 14.586334] flags: 0x200000000000000(node=0|zone=2) [ 14.586768] page_type: f5(slab) [ 14.586907] raw: 0200000000000000 ffff888103a56500 dead000000000122 0000000000000000 [ 14.587138] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.587763] page dumped because: kasan: bad access detected [ 14.588025] [ 14.588121] Memory state around the buggy address: [ 14.588470] ffff888103a66100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.588786] ffff888103a66180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.589154] >ffff888103a66200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.589481] ^ [ 14.589720] ffff888103a66280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.590097] ffff888103a66300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.590415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.466113] ================================================================== [ 14.466553] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.466823] Read of size 1 at addr ffff888102a082bb by task kunit_try_catch/242 [ 14.467211] [ 14.467456] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.467516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.467528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.467562] Call Trace: [ 14.467574] <TASK> [ 14.467593] dump_stack_lvl+0x73/0xb0 [ 14.467637] print_report+0xd1/0x610 [ 14.467661] ? __virt_addr_valid+0x1db/0x2d0 [ 14.467687] ? mempool_oob_right_helper+0x318/0x380 [ 14.467711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.467734] ? mempool_oob_right_helper+0x318/0x380 [ 14.467758] kasan_report+0x141/0x180 [ 14.467789] ? mempool_oob_right_helper+0x318/0x380 [ 14.467818] __asan_report_load1_noabort+0x18/0x20 [ 14.467854] mempool_oob_right_helper+0x318/0x380 [ 14.467879] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.467906] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.467931] ? finish_task_switch.isra.0+0x153/0x700 [ 14.467958] mempool_slab_oob_right+0xed/0x140 [ 14.467982] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.468308] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.468337] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.468363] ? __pfx_read_tsc+0x10/0x10 [ 14.468396] ? ktime_get_ts64+0x86/0x230 [ 14.468422] kunit_try_run_case+0x1a5/0x480 [ 14.468449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.468473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.468500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.468525] ? __kthread_parkme+0x82/0x180 [ 14.468547] ? preempt_count_sub+0x50/0x80 [ 14.468580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.468622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.468658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.468684] kthread+0x337/0x6f0 [ 14.468703] ? trace_preempt_on+0x20/0xc0 [ 14.468727] ? __pfx_kthread+0x10/0x10 [ 14.468748] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.468769] ? calculate_sigpending+0x7b/0xa0 [ 14.468795] ? __pfx_kthread+0x10/0x10 [ 14.468816] ret_from_fork+0x116/0x1d0 [ 14.468835] ? __pfx_kthread+0x10/0x10 [ 14.468855] ret_from_fork_asm+0x1a/0x30 [ 14.468887] </TASK> [ 14.468897] [ 14.482616] Allocated by task 242: [ 14.482959] kasan_save_stack+0x45/0x70 [ 14.483427] kasan_save_track+0x18/0x40 [ 14.483793] kasan_save_alloc_info+0x3b/0x50 [ 14.484341] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.484912] remove_element+0x11e/0x190 [ 14.485225] mempool_alloc_preallocated+0x4d/0x90 [ 14.485399] mempool_oob_right_helper+0x8a/0x380 [ 14.485553] mempool_slab_oob_right+0xed/0x140 [ 14.485702] kunit_try_run_case+0x1a5/0x480 [ 14.485849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.486059] kthread+0x337/0x6f0 [ 14.486178] ret_from_fork+0x116/0x1d0 [ 14.486501] ret_from_fork_asm+0x1a/0x30 [ 14.486736] [ 14.486840] The buggy address belongs to the object at ffff888102a08240 [ 14.486840] which belongs to the cache test_cache of size 123 [ 14.487412] The buggy address is located 0 bytes to the right of [ 14.487412] allocated 123-byte region [ffff888102a08240, ffff888102a082bb) [ 14.487863] [ 14.487939] The buggy address belongs to the physical page: [ 14.488523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 14.488921] flags: 0x200000000000000(node=0|zone=2) [ 14.489169] page_type: f5(slab) [ 14.489363] raw: 0200000000000000 ffff888101cdddc0 dead000000000122 0000000000000000 [ 14.489793] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.490137] page dumped because: kasan: bad access detected [ 14.490453] [ 14.490570] Memory state around the buggy address: [ 14.490798] ffff888102a08180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.491130] ffff888102a08200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.491400] >ffff888102a08280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.491885] ^ [ 14.492183] ffff888102a08300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492536] ffff888102a08380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492806] ================================================================== [ 14.408300] ================================================================== [ 14.408752] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.409433] Read of size 1 at addr ffff8881027eb873 by task kunit_try_catch/238 [ 14.409774] [ 14.409895] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.409946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.409958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.409983] Call Trace: [ 14.410130] <TASK> [ 14.410315] dump_stack_lvl+0x73/0xb0 [ 14.410354] print_report+0xd1/0x610 [ 14.410379] ? __virt_addr_valid+0x1db/0x2d0 [ 14.410405] ? mempool_oob_right_helper+0x318/0x380 [ 14.410430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.410453] ? mempool_oob_right_helper+0x318/0x380 [ 14.410478] kasan_report+0x141/0x180 [ 14.410501] ? mempool_oob_right_helper+0x318/0x380 [ 14.410530] __asan_report_load1_noabort+0x18/0x20 [ 14.410556] mempool_oob_right_helper+0x318/0x380 [ 14.410581] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.410608] ? __kasan_check_write+0x18/0x20 [ 14.410629] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.410653] ? finish_task_switch.isra.0+0x153/0x700 [ 14.410681] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.410711] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.410739] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.410765] ? __pfx_mempool_kfree+0x10/0x10 [ 14.410791] ? __pfx_read_tsc+0x10/0x10 [ 14.410814] ? ktime_get_ts64+0x86/0x230 [ 14.410840] kunit_try_run_case+0x1a5/0x480 [ 14.410867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.410917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.410942] ? __kthread_parkme+0x82/0x180 [ 14.410964] ? preempt_count_sub+0x50/0x80 [ 14.411008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.411053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.411078] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.411104] kthread+0x337/0x6f0 [ 14.411123] ? trace_preempt_on+0x20/0xc0 [ 14.411149] ? __pfx_kthread+0x10/0x10 [ 14.411169] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.411191] ? calculate_sigpending+0x7b/0xa0 [ 14.411217] ? __pfx_kthread+0x10/0x10 [ 14.411239] ret_from_fork+0x116/0x1d0 [ 14.411257] ? __pfx_kthread+0x10/0x10 [ 14.411287] ret_from_fork_asm+0x1a/0x30 [ 14.411319] </TASK> [ 14.411331] [ 14.422331] Allocated by task 238: [ 14.422495] kasan_save_stack+0x45/0x70 [ 14.422696] kasan_save_track+0x18/0x40 [ 14.422889] kasan_save_alloc_info+0x3b/0x50 [ 14.423191] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.423505] remove_element+0x11e/0x190 [ 14.423695] mempool_alloc_preallocated+0x4d/0x90 [ 14.423854] mempool_oob_right_helper+0x8a/0x380 [ 14.424070] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.424317] kunit_try_run_case+0x1a5/0x480 [ 14.424641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424838] kthread+0x337/0x6f0 [ 14.425082] ret_from_fork+0x116/0x1d0 [ 14.425319] ret_from_fork_asm+0x1a/0x30 [ 14.425536] [ 14.425640] The buggy address belongs to the object at ffff8881027eb800 [ 14.425640] which belongs to the cache kmalloc-128 of size 128 [ 14.426139] The buggy address is located 0 bytes to the right of [ 14.426139] allocated 115-byte region [ffff8881027eb800, ffff8881027eb873) [ 14.426626] [ 14.426730] The buggy address belongs to the physical page: [ 14.427005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 14.427361] flags: 0x200000000000000(node=0|zone=2) [ 14.427814] page_type: f5(slab) [ 14.428014] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.428452] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.428709] page dumped because: kasan: bad access detected [ 14.429061] [ 14.429158] Memory state around the buggy address: [ 14.429389] ffff8881027eb700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.429651] ffff8881027eb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429924] >ffff8881027eb800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.430238] ^ [ 14.430453] ffff8881027eb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430922] ffff8881027eb900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.431141] ================================================================== [ 14.441733] ================================================================== [ 14.442521] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.442858] Read of size 1 at addr ffff888102c06001 by task kunit_try_catch/240 [ 14.443225] [ 14.443364] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.443414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.443427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.443451] Call Trace: [ 14.443463] <TASK> [ 14.443482] dump_stack_lvl+0x73/0xb0 [ 14.443516] print_report+0xd1/0x610 [ 14.443541] ? __virt_addr_valid+0x1db/0x2d0 [ 14.443566] ? mempool_oob_right_helper+0x318/0x380 [ 14.443591] ? kasan_addr_to_slab+0x11/0xa0 [ 14.443611] ? mempool_oob_right_helper+0x318/0x380 [ 14.443635] kasan_report+0x141/0x180 [ 14.443657] ? mempool_oob_right_helper+0x318/0x380 [ 14.443686] __asan_report_load1_noabort+0x18/0x20 [ 14.443711] mempool_oob_right_helper+0x318/0x380 [ 14.443737] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.443765] ? __kasan_check_write+0x18/0x20 [ 14.443785] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.443810] ? finish_task_switch.isra.0+0x153/0x700 [ 14.443836] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.443863] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.443892] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.443918] ? __pfx_mempool_kfree+0x10/0x10 [ 14.443942] ? __pfx_read_tsc+0x10/0x10 [ 14.443965] ? ktime_get_ts64+0x86/0x230 [ 14.443989] kunit_try_run_case+0x1a5/0x480 [ 14.444016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.444233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.444260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.444296] ? __kthread_parkme+0x82/0x180 [ 14.444318] ? preempt_count_sub+0x50/0x80 [ 14.444342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.444367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.444392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.444418] kthread+0x337/0x6f0 [ 14.444438] ? trace_preempt_on+0x20/0xc0 [ 14.444462] ? __pfx_kthread+0x10/0x10 [ 14.444483] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.444505] ? calculate_sigpending+0x7b/0xa0 [ 14.444530] ? __pfx_kthread+0x10/0x10 [ 14.444551] ret_from_fork+0x116/0x1d0 [ 14.444571] ? __pfx_kthread+0x10/0x10 [ 14.444592] ret_from_fork_asm+0x1a/0x30 [ 14.444624] </TASK> [ 14.444635] [ 14.454521] The buggy address belongs to the physical page: [ 14.454797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 14.455271] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.455552] flags: 0x200000000000040(head|node=0|zone=2) [ 14.455772] page_type: f8(unknown) [ 14.455925] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.456241] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.456665] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.456937] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.457218] head: 0200000000000002 ffffea00040b0101 00000000ffffffff 00000000ffffffff [ 14.457627] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.458093] page dumped because: kasan: bad access detected [ 14.458298] [ 14.458393] Memory state around the buggy address: [ 14.458625] ffff888102c05f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.458900] ffff888102c05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.459322] >ffff888102c06000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.459637] ^ [ 14.459812] ffff888102c06080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.460191] ffff888102c06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.460469] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.841112] ================================================================== [ 13.841790] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.842094] Read of size 1 at addr ffff888101cddb40 by task kunit_try_catch/232 [ 13.842421] [ 13.842538] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.842584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.842596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.842619] Call Trace: [ 13.842889] <TASK> [ 13.842913] dump_stack_lvl+0x73/0xb0 [ 13.842947] print_report+0xd1/0x610 [ 13.842972] ? __virt_addr_valid+0x1db/0x2d0 [ 13.842997] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.843022] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.843046] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.843139] kasan_report+0x141/0x180 [ 13.843163] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.843205] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.843231] __kasan_check_byte+0x3d/0x50 [ 13.843274] kmem_cache_destroy+0x25/0x1d0 [ 13.843298] kmem_cache_double_destroy+0x1bf/0x380 [ 13.843324] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.843350] ? finish_task_switch.isra.0+0x153/0x700 [ 13.843374] ? __switch_to+0x47/0xf50 [ 13.843404] ? __pfx_read_tsc+0x10/0x10 [ 13.843426] ? ktime_get_ts64+0x86/0x230 [ 13.843450] kunit_try_run_case+0x1a5/0x480 [ 13.843476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.843501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.843527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.843551] ? __kthread_parkme+0x82/0x180 [ 13.843571] ? preempt_count_sub+0x50/0x80 [ 13.843595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.843620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.843645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.843670] kthread+0x337/0x6f0 [ 13.843689] ? trace_preempt_on+0x20/0xc0 [ 13.843714] ? __pfx_kthread+0x10/0x10 [ 13.843736] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.843759] ? calculate_sigpending+0x7b/0xa0 [ 13.843785] ? __pfx_kthread+0x10/0x10 [ 13.843807] ret_from_fork+0x116/0x1d0 [ 13.843825] ? __pfx_kthread+0x10/0x10 [ 13.843846] ret_from_fork_asm+0x1a/0x30 [ 13.843878] </TASK> [ 13.843889] [ 13.853911] Allocated by task 232: [ 13.854057] kasan_save_stack+0x45/0x70 [ 13.854343] kasan_save_track+0x18/0x40 [ 13.854500] kasan_save_alloc_info+0x3b/0x50 [ 13.854748] __kasan_slab_alloc+0x91/0xa0 [ 13.854935] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.855205] __kmem_cache_create_args+0x169/0x240 [ 13.855441] kmem_cache_double_destroy+0xd5/0x380 [ 13.855757] kunit_try_run_case+0x1a5/0x480 [ 13.856592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.856945] kthread+0x337/0x6f0 [ 13.857619] ret_from_fork+0x116/0x1d0 [ 13.858039] ret_from_fork_asm+0x1a/0x30 [ 13.858243] [ 13.858333] Freed by task 232: [ 13.858447] kasan_save_stack+0x45/0x70 [ 13.858584] kasan_save_track+0x18/0x40 [ 13.858725] kasan_save_free_info+0x3f/0x60 [ 13.858873] __kasan_slab_free+0x56/0x70 [ 13.859118] kmem_cache_free+0x249/0x420 [ 13.859474] slab_kmem_cache_release+0x2e/0x40 [ 13.859873] kmem_cache_release+0x16/0x20 [ 13.860278] kobject_put+0x181/0x450 [ 13.860714] sysfs_slab_release+0x16/0x20 [ 13.861092] kmem_cache_destroy+0xf0/0x1d0 [ 13.861566] kmem_cache_double_destroy+0x14e/0x380 [ 13.862240] kunit_try_run_case+0x1a5/0x480 [ 13.862662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863212] kthread+0x337/0x6f0 [ 13.863542] ret_from_fork+0x116/0x1d0 [ 13.863872] ret_from_fork_asm+0x1a/0x30 [ 13.864074] [ 13.864328] The buggy address belongs to the object at ffff888101cddb40 [ 13.864328] which belongs to the cache kmem_cache of size 208 [ 13.864895] The buggy address is located 0 bytes inside of [ 13.864895] freed 208-byte region [ffff888101cddb40, ffff888101cddc10) [ 13.865897] [ 13.866062] The buggy address belongs to the physical page: [ 13.866819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cdd [ 13.867481] flags: 0x200000000000000(node=0|zone=2) [ 13.867855] page_type: f5(slab) [ 13.868059] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.868948] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.869311] page dumped because: kasan: bad access detected [ 13.869490] [ 13.869561] Memory state around the buggy address: [ 13.869717] ffff888101cdda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.869937] ffff888101cdda80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.870165] >ffff888101cddb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.870661] ^ [ 13.870856] ffff888101cddb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.871133] ffff888101cddc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.871463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.790329] ================================================================== [ 13.790933] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.791555] Read of size 1 at addr ffff888103a5e000 by task kunit_try_catch/230 [ 13.792183] [ 13.792427] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.792483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.792496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.792519] Call Trace: [ 13.792533] <TASK> [ 13.792551] dump_stack_lvl+0x73/0xb0 [ 13.792584] print_report+0xd1/0x610 [ 13.792607] ? __virt_addr_valid+0x1db/0x2d0 [ 13.792632] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.792655] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.792679] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.792702] kasan_report+0x141/0x180 [ 13.792724] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.792751] __asan_report_load1_noabort+0x18/0x20 [ 13.792777] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.792800] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.792824] ? finish_task_switch.isra.0+0x153/0x700 [ 13.792849] ? __switch_to+0x47/0xf50 [ 13.792878] ? __pfx_read_tsc+0x10/0x10 [ 13.792900] ? ktime_get_ts64+0x86/0x230 [ 13.792925] kunit_try_run_case+0x1a5/0x480 [ 13.793190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.793215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.793241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.793278] ? __kthread_parkme+0x82/0x180 [ 13.793300] ? preempt_count_sub+0x50/0x80 [ 13.793322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.793348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.793374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.793400] kthread+0x337/0x6f0 [ 13.793419] ? trace_preempt_on+0x20/0xc0 [ 13.793444] ? __pfx_kthread+0x10/0x10 [ 13.793465] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.793487] ? calculate_sigpending+0x7b/0xa0 [ 13.793513] ? __pfx_kthread+0x10/0x10 [ 13.793535] ret_from_fork+0x116/0x1d0 [ 13.793554] ? __pfx_kthread+0x10/0x10 [ 13.793575] ret_from_fork_asm+0x1a/0x30 [ 13.793607] </TASK> [ 13.793618] [ 13.801636] Allocated by task 230: [ 13.801773] kasan_save_stack+0x45/0x70 [ 13.801922] kasan_save_track+0x18/0x40 [ 13.802154] kasan_save_alloc_info+0x3b/0x50 [ 13.802370] __kasan_slab_alloc+0x91/0xa0 [ 13.802558] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.802774] kmem_cache_rcu_uaf+0x155/0x510 [ 13.802968] kunit_try_run_case+0x1a5/0x480 [ 13.803210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.803444] kthread+0x337/0x6f0 [ 13.803609] ret_from_fork+0x116/0x1d0 [ 13.803767] ret_from_fork_asm+0x1a/0x30 [ 13.803964] [ 13.804118] Freed by task 0: [ 13.804283] kasan_save_stack+0x45/0x70 [ 13.804467] kasan_save_track+0x18/0x40 [ 13.804648] kasan_save_free_info+0x3f/0x60 [ 13.804801] __kasan_slab_free+0x56/0x70 [ 13.804940] slab_free_after_rcu_debug+0xe4/0x310 [ 13.805100] rcu_core+0x66f/0x1c40 [ 13.805228] rcu_core_si+0x12/0x20 [ 13.805364] handle_softirqs+0x209/0x730 [ 13.805561] __irq_exit_rcu+0xc9/0x110 [ 13.805786] irq_exit_rcu+0x12/0x20 [ 13.805964] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.806195] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.806449] [ 13.806545] Last potentially related work creation: [ 13.806793] kasan_save_stack+0x45/0x70 [ 13.806986] kasan_record_aux_stack+0xb2/0xc0 [ 13.807154] kmem_cache_free+0x131/0x420 [ 13.807558] kmem_cache_rcu_uaf+0x194/0x510 [ 13.807776] kunit_try_run_case+0x1a5/0x480 [ 13.808051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808344] kthread+0x337/0x6f0 [ 13.808466] ret_from_fork+0x116/0x1d0 [ 13.808601] ret_from_fork_asm+0x1a/0x30 [ 13.808741] [ 13.808831] The buggy address belongs to the object at ffff888103a5e000 [ 13.808831] which belongs to the cache test_cache of size 200 [ 13.809878] The buggy address is located 0 bytes inside of [ 13.809878] freed 200-byte region [ffff888103a5e000, ffff888103a5e0c8) [ 13.810586] [ 13.810672] The buggy address belongs to the physical page: [ 13.810907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5e [ 13.811619] flags: 0x200000000000000(node=0|zone=2) [ 13.811854] page_type: f5(slab) [ 13.812083] raw: 0200000000000000 ffff888103a56280 dead000000000122 0000000000000000 [ 13.812413] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.812719] page dumped because: kasan: bad access detected [ 13.812945] [ 13.813085] Memory state around the buggy address: [ 13.813291] ffff888103a5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.813582] ffff888103a5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.813870] >ffff888103a5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.814213] ^ [ 13.814379] ffff888103a5e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.814660] ffff888103a5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814957] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.725247] ================================================================== [ 13.725706] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.726050] Free of addr ffff888102a03001 by task kunit_try_catch/228 [ 13.726951] [ 13.727070] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.727113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.727124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.727144] Call Trace: [ 13.727155] <TASK> [ 13.727171] dump_stack_lvl+0x73/0xb0 [ 13.727203] print_report+0xd1/0x610 [ 13.727225] ? __virt_addr_valid+0x1db/0x2d0 [ 13.727250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.727286] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.727312] kasan_report_invalid_free+0x10a/0x130 [ 13.727337] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.727364] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.727388] check_slab_allocation+0x11f/0x130 [ 13.727410] __kasan_slab_pre_free+0x28/0x40 [ 13.727431] kmem_cache_free+0xed/0x420 [ 13.727450] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.727471] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.727499] kmem_cache_invalid_free+0x1d8/0x460 [ 13.727523] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.727548] ? finish_task_switch.isra.0+0x153/0x700 [ 13.727572] ? __switch_to+0x47/0xf50 [ 13.727600] ? __pfx_read_tsc+0x10/0x10 [ 13.727690] ? ktime_get_ts64+0x86/0x230 [ 13.727718] kunit_try_run_case+0x1a5/0x480 [ 13.727743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.727791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.727814] ? __kthread_parkme+0x82/0x180 [ 13.727834] ? preempt_count_sub+0x50/0x80 [ 13.727857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.727905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.727930] kthread+0x337/0x6f0 [ 13.727949] ? trace_preempt_on+0x20/0xc0 [ 13.727973] ? __pfx_kthread+0x10/0x10 [ 13.727994] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.728015] ? calculate_sigpending+0x7b/0xa0 [ 13.728040] ? __pfx_kthread+0x10/0x10 [ 13.728060] ret_from_fork+0x116/0x1d0 [ 13.728079] ? __pfx_kthread+0x10/0x10 [ 13.728099] ret_from_fork_asm+0x1a/0x30 [ 13.728129] </TASK> [ 13.728140] [ 13.736842] Allocated by task 228: [ 13.737009] kasan_save_stack+0x45/0x70 [ 13.737201] kasan_save_track+0x18/0x40 [ 13.738084] kasan_save_alloc_info+0x3b/0x50 [ 13.738314] __kasan_slab_alloc+0x91/0xa0 [ 13.738677] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.739152] kmem_cache_invalid_free+0x157/0x460 [ 13.739679] kunit_try_run_case+0x1a5/0x480 [ 13.739881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.740442] kthread+0x337/0x6f0 [ 13.740657] ret_from_fork+0x116/0x1d0 [ 13.740963] ret_from_fork_asm+0x1a/0x30 [ 13.741369] [ 13.741649] The buggy address belongs to the object at ffff888102a03000 [ 13.741649] which belongs to the cache test_cache of size 200 [ 13.742415] The buggy address is located 1 bytes inside of [ 13.742415] 200-byte region [ffff888102a03000, ffff888102a030c8) [ 13.742874] [ 13.742966] The buggy address belongs to the physical page: [ 13.743581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a03 [ 13.744402] flags: 0x200000000000000(node=0|zone=2) [ 13.744779] page_type: f5(slab) [ 13.744944] raw: 0200000000000000 ffff888101cdda00 dead000000000122 0000000000000000 [ 13.745653] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.746337] page dumped because: kasan: bad access detected [ 13.746566] [ 13.746651] Memory state around the buggy address: [ 13.746865] ffff888102a02f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.747499] ffff888102a02f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.747799] >ffff888102a03000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.748316] ^ [ 13.748494] ffff888102a03080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.748780] ffff888102a03100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749579] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.680115] ================================================================== [ 13.680893] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.681787] Free of addr ffff888103a5c000 by task kunit_try_catch/226 [ 13.682657] [ 13.682762] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.682807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.682818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.682839] Call Trace: [ 13.682853] <TASK> [ 13.682869] dump_stack_lvl+0x73/0xb0 [ 13.682901] print_report+0xd1/0x610 [ 13.682924] ? __virt_addr_valid+0x1db/0x2d0 [ 13.682948] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.682971] ? kmem_cache_double_free+0x1e5/0x480 [ 13.682997] kasan_report_invalid_free+0x10a/0x130 [ 13.683022] ? kmem_cache_double_free+0x1e5/0x480 [ 13.683048] ? kmem_cache_double_free+0x1e5/0x480 [ 13.683073] check_slab_allocation+0x101/0x130 [ 13.683095] __kasan_slab_pre_free+0x28/0x40 [ 13.683116] kmem_cache_free+0xed/0x420 [ 13.683135] ? kasan_save_track+0x18/0x40 [ 13.683155] ? kasan_save_stack+0x45/0x70 [ 13.683174] ? kmem_cache_double_free+0x1e5/0x480 [ 13.683198] ? kmem_cache_double_free+0x14f/0x480 [ 13.683248] kmem_cache_double_free+0x1e5/0x480 [ 13.683452] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.683483] ? finish_task_switch.isra.0+0x153/0x700 [ 13.683617] ? __switch_to+0x47/0xf50 [ 13.683648] ? __pfx_read_tsc+0x10/0x10 [ 13.683669] ? ktime_get_ts64+0x86/0x230 [ 13.683695] kunit_try_run_case+0x1a5/0x480 [ 13.683721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.683744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.683769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.683793] ? __kthread_parkme+0x82/0x180 [ 13.683813] ? preempt_count_sub+0x50/0x80 [ 13.683836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.683860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.683885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.683910] kthread+0x337/0x6f0 [ 13.683929] ? trace_preempt_on+0x20/0xc0 [ 13.683953] ? __pfx_kthread+0x10/0x10 [ 13.683973] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.684233] ? calculate_sigpending+0x7b/0xa0 [ 13.684273] ? __pfx_kthread+0x10/0x10 [ 13.684295] ret_from_fork+0x116/0x1d0 [ 13.684315] ? __pfx_kthread+0x10/0x10 [ 13.684336] ret_from_fork_asm+0x1a/0x30 [ 13.684368] </TASK> [ 13.684380] [ 13.699930] Allocated by task 226: [ 13.700392] kasan_save_stack+0x45/0x70 [ 13.700676] kasan_save_track+0x18/0x40 [ 13.700814] kasan_save_alloc_info+0x3b/0x50 [ 13.700961] __kasan_slab_alloc+0x91/0xa0 [ 13.701434] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.701868] kmem_cache_double_free+0x14f/0x480 [ 13.702393] kunit_try_run_case+0x1a5/0x480 [ 13.702811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.703226] kthread+0x337/0x6f0 [ 13.703371] ret_from_fork+0x116/0x1d0 [ 13.703752] ret_from_fork_asm+0x1a/0x30 [ 13.703917] [ 13.704069] Freed by task 226: [ 13.704472] kasan_save_stack+0x45/0x70 [ 13.704840] kasan_save_track+0x18/0x40 [ 13.705048] kasan_save_free_info+0x3f/0x60 [ 13.705569] __kasan_slab_free+0x56/0x70 [ 13.705968] kmem_cache_free+0x249/0x420 [ 13.706334] kmem_cache_double_free+0x16a/0x480 [ 13.706661] kunit_try_run_case+0x1a5/0x480 [ 13.706812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.706983] kthread+0x337/0x6f0 [ 13.707303] ret_from_fork+0x116/0x1d0 [ 13.707676] ret_from_fork_asm+0x1a/0x30 [ 13.708199] [ 13.708406] The buggy address belongs to the object at ffff888103a5c000 [ 13.708406] which belongs to the cache test_cache of size 200 [ 13.709577] The buggy address is located 0 bytes inside of [ 13.709577] 200-byte region [ffff888103a5c000, ffff888103a5c0c8) [ 13.710168] [ 13.710381] The buggy address belongs to the physical page: [ 13.710892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 13.711668] flags: 0x200000000000000(node=0|zone=2) [ 13.711958] page_type: f5(slab) [ 13.712348] raw: 0200000000000000 ffff888103a56140 dead000000000122 0000000000000000 [ 13.713022] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.713431] page dumped because: kasan: bad access detected [ 13.713602] [ 13.713670] Memory state around the buggy address: [ 13.713822] ffff888103a5bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.714063] ffff888103a5bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.714376] >ffff888103a5c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.714752] ^ [ 13.714875] ffff888103a5c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.715381] ffff888103a5c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.715662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.637559] ================================================================== [ 13.638131] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.638500] Read of size 1 at addr ffff888103a590c8 by task kunit_try_catch/224 [ 13.638866] [ 13.638976] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.639318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.639335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.639377] Call Trace: [ 13.639391] <TASK> [ 13.639422] dump_stack_lvl+0x73/0xb0 [ 13.639562] print_report+0xd1/0x610 [ 13.639587] ? __virt_addr_valid+0x1db/0x2d0 [ 13.639611] ? kmem_cache_oob+0x402/0x530 [ 13.639633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.639656] ? kmem_cache_oob+0x402/0x530 [ 13.639679] kasan_report+0x141/0x180 [ 13.639700] ? kmem_cache_oob+0x402/0x530 [ 13.639727] __asan_report_load1_noabort+0x18/0x20 [ 13.639752] kmem_cache_oob+0x402/0x530 [ 13.639772] ? trace_hardirqs_on+0x37/0xe0 [ 13.639796] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.639819] ? finish_task_switch.isra.0+0x153/0x700 [ 13.639842] ? __switch_to+0x47/0xf50 [ 13.639869] ? __pfx_read_tsc+0x10/0x10 [ 13.639890] ? ktime_get_ts64+0x86/0x230 [ 13.639913] kunit_try_run_case+0x1a5/0x480 [ 13.639938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.640065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.640090] ? __kthread_parkme+0x82/0x180 [ 13.640111] ? preempt_count_sub+0x50/0x80 [ 13.640134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.640159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.640184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.640209] kthread+0x337/0x6f0 [ 13.640228] ? trace_preempt_on+0x20/0xc0 [ 13.640250] ? __pfx_kthread+0x10/0x10 [ 13.640283] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.640304] ? calculate_sigpending+0x7b/0xa0 [ 13.640329] ? __pfx_kthread+0x10/0x10 [ 13.640351] ret_from_fork+0x116/0x1d0 [ 13.640369] ? __pfx_kthread+0x10/0x10 [ 13.640389] ret_from_fork_asm+0x1a/0x30 [ 13.640420] </TASK> [ 13.640431] [ 13.648157] Allocated by task 224: [ 13.648336] kasan_save_stack+0x45/0x70 [ 13.648522] kasan_save_track+0x18/0x40 [ 13.648695] kasan_save_alloc_info+0x3b/0x50 [ 13.648888] __kasan_slab_alloc+0x91/0xa0 [ 13.649133] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.649353] kmem_cache_oob+0x157/0x530 [ 13.649527] kunit_try_run_case+0x1a5/0x480 [ 13.649717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.649952] kthread+0x337/0x6f0 [ 13.650945] ret_from_fork+0x116/0x1d0 [ 13.651213] ret_from_fork_asm+0x1a/0x30 [ 13.651970] [ 13.652184] The buggy address belongs to the object at ffff888103a59000 [ 13.652184] which belongs to the cache test_cache of size 200 [ 13.652692] The buggy address is located 0 bytes to the right of [ 13.652692] allocated 200-byte region [ffff888103a59000, ffff888103a590c8) [ 13.653319] [ 13.653421] The buggy address belongs to the physical page: [ 13.653697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a59 [ 13.654111] flags: 0x200000000000000(node=0|zone=2) [ 13.654392] page_type: f5(slab) [ 13.654519] raw: 0200000000000000 ffff888103a56000 dead000000000122 0000000000000000 [ 13.654824] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.655446] page dumped because: kasan: bad access detected [ 13.655664] [ 13.655758] Memory state around the buggy address: [ 13.656289] ffff888103a58f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656613] ffff888103a59000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.656880] >ffff888103a59080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.657634] ^ [ 13.657814] ffff888103a59100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658097] ffff888103a59180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659338] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.593696] ================================================================== [ 13.594200] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.594839] Read of size 8 at addr ffff888103a4fb80 by task kunit_try_catch/217 [ 13.595294] [ 13.595658] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.595817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.595831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.595853] Call Trace: [ 13.595867] <TASK> [ 13.595885] dump_stack_lvl+0x73/0xb0 [ 13.595916] print_report+0xd1/0x610 [ 13.595939] ? __virt_addr_valid+0x1db/0x2d0 [ 13.595962] ? workqueue_uaf+0x4d6/0x560 [ 13.596152] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.596180] ? workqueue_uaf+0x4d6/0x560 [ 13.596202] kasan_report+0x141/0x180 [ 13.596224] ? workqueue_uaf+0x4d6/0x560 [ 13.596250] __asan_report_load8_noabort+0x18/0x20 [ 13.596290] workqueue_uaf+0x4d6/0x560 [ 13.596311] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.596333] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.596360] ? trace_hardirqs_on+0x37/0xe0 [ 13.596384] ? __pfx_read_tsc+0x10/0x10 [ 13.596404] ? ktime_get_ts64+0x86/0x230 [ 13.596429] kunit_try_run_case+0x1a5/0x480 [ 13.596453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.596478] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.596504] ? __kthread_parkme+0x82/0x180 [ 13.596525] ? preempt_count_sub+0x50/0x80 [ 13.596551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.596578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.596602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.596627] kthread+0x337/0x6f0 [ 13.596646] ? trace_preempt_on+0x20/0xc0 [ 13.596668] ? __pfx_kthread+0x10/0x10 [ 13.596690] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.596711] ? calculate_sigpending+0x7b/0xa0 [ 13.596736] ? __pfx_kthread+0x10/0x10 [ 13.596757] ret_from_fork+0x116/0x1d0 [ 13.596775] ? __pfx_kthread+0x10/0x10 [ 13.596795] ret_from_fork_asm+0x1a/0x30 [ 13.596826] </TASK> [ 13.596838] [ 13.609834] Allocated by task 217: [ 13.610057] kasan_save_stack+0x45/0x70 [ 13.610629] kasan_save_track+0x18/0x40 [ 13.611047] kasan_save_alloc_info+0x3b/0x50 [ 13.611235] __kasan_kmalloc+0xb7/0xc0 [ 13.611382] __kmalloc_cache_noprof+0x189/0x420 [ 13.611542] workqueue_uaf+0x152/0x560 [ 13.611678] kunit_try_run_case+0x1a5/0x480 [ 13.611826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.612365] kthread+0x337/0x6f0 [ 13.612530] ret_from_fork+0x116/0x1d0 [ 13.612720] ret_from_fork_asm+0x1a/0x30 [ 13.612890] [ 13.612964] Freed by task 9: [ 13.613129] kasan_save_stack+0x45/0x70 [ 13.613314] kasan_save_track+0x18/0x40 [ 13.613465] kasan_save_free_info+0x3f/0x60 [ 13.614162] __kasan_slab_free+0x56/0x70 [ 13.614371] kfree+0x222/0x3f0 [ 13.614543] workqueue_uaf_work+0x12/0x20 [ 13.614724] process_one_work+0x5ee/0xf60 [ 13.614900] worker_thread+0x758/0x1220 [ 13.615105] kthread+0x337/0x6f0 [ 13.615257] ret_from_fork+0x116/0x1d0 [ 13.615432] ret_from_fork_asm+0x1a/0x30 [ 13.615637] [ 13.615729] Last potentially related work creation: [ 13.615934] kasan_save_stack+0x45/0x70 [ 13.616095] kasan_record_aux_stack+0xb2/0xc0 [ 13.616842] __queue_work+0x626/0xeb0 [ 13.617103] queue_work_on+0xb6/0xc0 [ 13.617302] workqueue_uaf+0x26d/0x560 [ 13.617617] kunit_try_run_case+0x1a5/0x480 [ 13.617897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.618202] kthread+0x337/0x6f0 [ 13.618587] ret_from_fork+0x116/0x1d0 [ 13.618789] ret_from_fork_asm+0x1a/0x30 [ 13.618940] [ 13.619035] The buggy address belongs to the object at ffff888103a4fb80 [ 13.619035] which belongs to the cache kmalloc-32 of size 32 [ 13.619971] The buggy address is located 0 bytes inside of [ 13.619971] freed 32-byte region [ffff888103a4fb80, ffff888103a4fba0) [ 13.620632] [ 13.620742] The buggy address belongs to the physical page: [ 13.620982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a4f [ 13.621340] flags: 0x200000000000000(node=0|zone=2) [ 13.621566] page_type: f5(slab) [ 13.621723] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.622022] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.622820] page dumped because: kasan: bad access detected [ 13.623027] [ 13.623410] Memory state around the buggy address: [ 13.623679] ffff888103a4fa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.624073] ffff888103a4fb00: fa fb fb fb fc fc fc fc 00 00 00 07 fc fc fc fc [ 13.624370] >ffff888103a4fb80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.624808] ^ [ 13.624981] ffff888103a4fc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.625552] ffff888103a4fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.625910] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.547144] ================================================================== [ 13.547615] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.547941] Read of size 4 at addr ffff888103a4fac0 by task swapper/0/0 [ 13.548240] [ 13.548382] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.548424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.548436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.548458] Call Trace: [ 13.548490] <IRQ> [ 13.548505] dump_stack_lvl+0x73/0xb0 [ 13.548536] print_report+0xd1/0x610 [ 13.548584] ? __virt_addr_valid+0x1db/0x2d0 [ 13.548608] ? rcu_uaf_reclaim+0x50/0x60 [ 13.548628] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.548651] ? rcu_uaf_reclaim+0x50/0x60 [ 13.548671] kasan_report+0x141/0x180 [ 13.548693] ? rcu_uaf_reclaim+0x50/0x60 [ 13.548717] __asan_report_load4_noabort+0x18/0x20 [ 13.548850] rcu_uaf_reclaim+0x50/0x60 [ 13.548871] rcu_core+0x66f/0x1c40 [ 13.548922] ? __pfx_rcu_core+0x10/0x10 [ 13.548944] ? ktime_get+0x6b/0x150 [ 13.548964] ? handle_softirqs+0x18e/0x730 [ 13.548999] rcu_core_si+0x12/0x20 [ 13.549018] handle_softirqs+0x209/0x730 [ 13.549047] ? hrtimer_interrupt+0x2fe/0x780 [ 13.549069] ? __pfx_handle_softirqs+0x10/0x10 [ 13.549094] __irq_exit_rcu+0xc9/0x110 [ 13.549114] irq_exit_rcu+0x12/0x20 [ 13.549134] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.549160] </IRQ> [ 13.549186] <TASK> [ 13.549222] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.549339] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.549605] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d c3 71 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.549691] RSP: 0000:ffffffff8e607dd8 EFLAGS: 00010212 [ 13.549777] RAX: ffff8881cb672000 RBX: ffffffff8e61cac0 RCX: ffffffff8d475125 [ 13.549823] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000001819c [ 13.549865] RBP: ffffffff8e607de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.549909] R10: ffff88815b030c53 R11: 000000000000ac00 R12: 0000000000000000 [ 13.549952] R13: fffffbfff1cc3958 R14: ffffffff8f1b1490 R15: 0000000000000000 [ 13.550024] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.550104] ? default_idle+0xd/0x20 [ 13.550127] arch_cpu_idle+0xd/0x20 [ 13.550148] default_idle_call+0x48/0x80 [ 13.550167] do_idle+0x379/0x4f0 [ 13.550194] ? __pfx_do_idle+0x10/0x10 [ 13.550215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.550239] ? trace_preempt_on+0x20/0xc0 [ 13.550271] ? schedule+0x86/0x2e0 [ 13.550291] ? preempt_count_sub+0x50/0x80 [ 13.550314] cpu_startup_entry+0x5c/0x70 [ 13.550334] rest_init+0x11a/0x140 [ 13.550351] ? acpi_subsystem_init+0x5d/0x150 [ 13.550376] start_kernel+0x330/0x410 [ 13.550401] x86_64_start_reservations+0x1c/0x30 [ 13.550426] x86_64_start_kernel+0x10d/0x120 [ 13.550450] common_startup_64+0x13e/0x148 [ 13.550482] </TASK> [ 13.550492] [ 13.566131] Allocated by task 215: [ 13.566325] kasan_save_stack+0x45/0x70 [ 13.566523] kasan_save_track+0x18/0x40 [ 13.566707] kasan_save_alloc_info+0x3b/0x50 [ 13.566902] __kasan_kmalloc+0xb7/0xc0 [ 13.567678] __kmalloc_cache_noprof+0x189/0x420 [ 13.567956] rcu_uaf+0xb0/0x330 [ 13.568228] kunit_try_run_case+0x1a5/0x480 [ 13.568439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.568664] kthread+0x337/0x6f0 [ 13.568822] ret_from_fork+0x116/0x1d0 [ 13.569052] ret_from_fork_asm+0x1a/0x30 [ 13.569236] [ 13.569334] Freed by task 0: [ 13.569471] kasan_save_stack+0x45/0x70 [ 13.569647] kasan_save_track+0x18/0x40 [ 13.569826] kasan_save_free_info+0x3f/0x60 [ 13.570241] __kasan_slab_free+0x56/0x70 [ 13.570455] kfree+0x222/0x3f0 [ 13.570604] rcu_uaf_reclaim+0x1f/0x60 [ 13.570777] rcu_core+0x66f/0x1c40 [ 13.570926] rcu_core_si+0x12/0x20 [ 13.571168] handle_softirqs+0x209/0x730 [ 13.571367] __irq_exit_rcu+0xc9/0x110 [ 13.571541] irq_exit_rcu+0x12/0x20 [ 13.571704] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.571903] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.572170] [ 13.572299] Last potentially related work creation: [ 13.572521] kasan_save_stack+0x45/0x70 [ 13.572702] kasan_record_aux_stack+0xb2/0xc0 [ 13.572899] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.573338] call_rcu+0x12/0x20 [ 13.573489] rcu_uaf+0x168/0x330 [ 13.573644] kunit_try_run_case+0x1a5/0x480 [ 13.573829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.574192] kthread+0x337/0x6f0 [ 13.574368] ret_from_fork+0x116/0x1d0 [ 13.574540] ret_from_fork_asm+0x1a/0x30 [ 13.574738] [ 13.574836] The buggy address belongs to the object at ffff888103a4fac0 [ 13.574836] which belongs to the cache kmalloc-32 of size 32 [ 13.575572] The buggy address is located 0 bytes inside of [ 13.575572] freed 32-byte region [ffff888103a4fac0, ffff888103a4fae0) [ 13.576135] [ 13.576231] The buggy address belongs to the physical page: [ 13.576474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a4f [ 13.576799] flags: 0x200000000000000(node=0|zone=2) [ 13.577057] page_type: f5(slab) [ 13.577224] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.577539] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.577839] page dumped because: kasan: bad access detected [ 13.578124] [ 13.578212] Memory state around the buggy address: [ 13.578430] ffff888103a4f980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.578724] ffff888103a4fa00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 13.579081] >ffff888103a4fa80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.579378] ^ [ 13.579601] ffff888103a4fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579875] ffff888103a4fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.580206] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.511903] ================================================================== [ 13.512438] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.512814] Read of size 1 at addr ffff8881029ef978 by task kunit_try_catch/213 [ 13.513211] [ 13.513312] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.513352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.513400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.513419] Call Trace: [ 13.513445] <TASK> [ 13.513471] dump_stack_lvl+0x73/0xb0 [ 13.513527] print_report+0xd1/0x610 [ 13.513550] ? __virt_addr_valid+0x1db/0x2d0 [ 13.513572] ? ksize_uaf+0x5e4/0x6c0 [ 13.513629] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.513664] ? ksize_uaf+0x5e4/0x6c0 [ 13.513695] kasan_report+0x141/0x180 [ 13.513717] ? ksize_uaf+0x5e4/0x6c0 [ 13.513744] __asan_report_load1_noabort+0x18/0x20 [ 13.513769] ksize_uaf+0x5e4/0x6c0 [ 13.513789] ? __pfx_ksize_uaf+0x10/0x10 [ 13.513811] ? __schedule+0x10cc/0x2b60 [ 13.513832] ? __pfx_read_tsc+0x10/0x10 [ 13.513852] ? ktime_get_ts64+0x86/0x230 [ 13.513877] kunit_try_run_case+0x1a5/0x480 [ 13.513900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.513923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.513947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.514001] ? __kthread_parkme+0x82/0x180 [ 13.514021] ? preempt_count_sub+0x50/0x80 [ 13.514100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.514153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.514179] kthread+0x337/0x6f0 [ 13.514198] ? trace_preempt_on+0x20/0xc0 [ 13.514221] ? __pfx_kthread+0x10/0x10 [ 13.514241] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.514308] ? calculate_sigpending+0x7b/0xa0 [ 13.514332] ? __pfx_kthread+0x10/0x10 [ 13.514387] ret_from_fork+0x116/0x1d0 [ 13.514405] ? __pfx_kthread+0x10/0x10 [ 13.514426] ret_from_fork_asm+0x1a/0x30 [ 13.514466] </TASK> [ 13.514476] [ 13.523273] Allocated by task 213: [ 13.523413] kasan_save_stack+0x45/0x70 [ 13.523559] kasan_save_track+0x18/0x40 [ 13.523743] kasan_save_alloc_info+0x3b/0x50 [ 13.524001] __kasan_kmalloc+0xb7/0xc0 [ 13.524193] __kmalloc_cache_noprof+0x189/0x420 [ 13.524557] ksize_uaf+0xaa/0x6c0 [ 13.524756] kunit_try_run_case+0x1a5/0x480 [ 13.524968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.525255] kthread+0x337/0x6f0 [ 13.525427] ret_from_fork+0x116/0x1d0 [ 13.525694] ret_from_fork_asm+0x1a/0x30 [ 13.525917] [ 13.525988] Freed by task 213: [ 13.526211] kasan_save_stack+0x45/0x70 [ 13.526466] kasan_save_track+0x18/0x40 [ 13.526645] kasan_save_free_info+0x3f/0x60 [ 13.526855] __kasan_slab_free+0x56/0x70 [ 13.527316] kfree+0x222/0x3f0 [ 13.527450] ksize_uaf+0x12c/0x6c0 [ 13.527612] kunit_try_run_case+0x1a5/0x480 [ 13.527878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.528135] kthread+0x337/0x6f0 [ 13.528339] ret_from_fork+0x116/0x1d0 [ 13.528643] ret_from_fork_asm+0x1a/0x30 [ 13.528788] [ 13.528860] The buggy address belongs to the object at ffff8881029ef900 [ 13.528860] which belongs to the cache kmalloc-128 of size 128 [ 13.529731] The buggy address is located 120 bytes inside of [ 13.529731] freed 128-byte region [ffff8881029ef900, ffff8881029ef980) [ 13.530355] [ 13.530431] The buggy address belongs to the physical page: [ 13.530720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.531097] flags: 0x200000000000000(node=0|zone=2) [ 13.531502] page_type: f5(slab) [ 13.531627] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.531943] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.532467] page dumped because: kasan: bad access detected [ 13.532830] [ 13.532904] Memory state around the buggy address: [ 13.533086] ffff8881029ef800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.533416] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.533699] >ffff8881029ef900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.533991] ^ [ 13.534298] ffff8881029ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.534607] ffff8881029efa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.534906] ================================================================== [ 13.467022] ================================================================== [ 13.467578] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.467844] Read of size 1 at addr ffff8881029ef900 by task kunit_try_catch/213 [ 13.468139] [ 13.468241] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.468297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.468310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.468332] Call Trace: [ 13.468344] <TASK> [ 13.468358] dump_stack_lvl+0x73/0xb0 [ 13.468390] print_report+0xd1/0x610 [ 13.468412] ? __virt_addr_valid+0x1db/0x2d0 [ 13.468437] ? ksize_uaf+0x19d/0x6c0 [ 13.468457] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.468480] ? ksize_uaf+0x19d/0x6c0 [ 13.468501] kasan_report+0x141/0x180 [ 13.468523] ? ksize_uaf+0x19d/0x6c0 [ 13.468547] ? ksize_uaf+0x19d/0x6c0 [ 13.468567] __kasan_check_byte+0x3d/0x50 [ 13.468590] ksize+0x20/0x60 [ 13.468610] ksize_uaf+0x19d/0x6c0 [ 13.468630] ? __pfx_ksize_uaf+0x10/0x10 [ 13.468652] ? __schedule+0x10cc/0x2b60 [ 13.468675] ? __pfx_read_tsc+0x10/0x10 [ 13.468696] ? ktime_get_ts64+0x86/0x230 [ 13.468721] kunit_try_run_case+0x1a5/0x480 [ 13.468747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.468770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.468795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.468818] ? __kthread_parkme+0x82/0x180 [ 13.468856] ? preempt_count_sub+0x50/0x80 [ 13.468881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.468905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.468931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.468956] kthread+0x337/0x6f0 [ 13.468975] ? trace_preempt_on+0x20/0xc0 [ 13.468999] ? __pfx_kthread+0x10/0x10 [ 13.469019] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.469041] ? calculate_sigpending+0x7b/0xa0 [ 13.469083] ? __pfx_kthread+0x10/0x10 [ 13.469105] ret_from_fork+0x116/0x1d0 [ 13.469124] ? __pfx_kthread+0x10/0x10 [ 13.469144] ret_from_fork_asm+0x1a/0x30 [ 13.469175] </TASK> [ 13.469186] [ 13.476398] Allocated by task 213: [ 13.476560] kasan_save_stack+0x45/0x70 [ 13.476723] kasan_save_track+0x18/0x40 [ 13.476908] kasan_save_alloc_info+0x3b/0x50 [ 13.477076] __kasan_kmalloc+0xb7/0xc0 [ 13.477369] __kmalloc_cache_noprof+0x189/0x420 [ 13.477556] ksize_uaf+0xaa/0x6c0 [ 13.477680] kunit_try_run_case+0x1a5/0x480 [ 13.477827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.478004] kthread+0x337/0x6f0 [ 13.478124] ret_from_fork+0x116/0x1d0 [ 13.478255] ret_from_fork_asm+0x1a/0x30 [ 13.478404] [ 13.478474] Freed by task 213: [ 13.478630] kasan_save_stack+0x45/0x70 [ 13.478830] kasan_save_track+0x18/0x40 [ 13.479025] kasan_save_free_info+0x3f/0x60 [ 13.479237] __kasan_slab_free+0x56/0x70 [ 13.479454] kfree+0x222/0x3f0 [ 13.479645] ksize_uaf+0x12c/0x6c0 [ 13.479911] kunit_try_run_case+0x1a5/0x480 [ 13.480193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.480805] kthread+0x337/0x6f0 [ 13.481282] ret_from_fork+0x116/0x1d0 [ 13.481702] ret_from_fork_asm+0x1a/0x30 [ 13.482830] [ 13.482936] The buggy address belongs to the object at ffff8881029ef900 [ 13.482936] which belongs to the cache kmalloc-128 of size 128 [ 13.483690] The buggy address is located 0 bytes inside of [ 13.483690] freed 128-byte region [ffff8881029ef900, ffff8881029ef980) [ 13.484526] [ 13.484644] The buggy address belongs to the physical page: [ 13.484844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.485233] flags: 0x200000000000000(node=0|zone=2) [ 13.485670] page_type: f5(slab) [ 13.485814] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.486234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.486765] page dumped because: kasan: bad access detected [ 13.486945] [ 13.487150] Memory state around the buggy address: [ 13.487391] ffff8881029ef800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.487747] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.488011] >ffff8881029ef900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.488362] ^ [ 13.488524] ffff8881029ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.489207] ffff8881029efa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.489614] ================================================================== [ 13.490348] ================================================================== [ 13.490627] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.490937] Read of size 1 at addr ffff8881029ef900 by task kunit_try_catch/213 [ 13.491502] [ 13.491612] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.491654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.491665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.491685] Call Trace: [ 13.491697] <TASK> [ 13.491711] dump_stack_lvl+0x73/0xb0 [ 13.491740] print_report+0xd1/0x610 [ 13.491762] ? __virt_addr_valid+0x1db/0x2d0 [ 13.491785] ? ksize_uaf+0x5fe/0x6c0 [ 13.491805] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.491829] ? ksize_uaf+0x5fe/0x6c0 [ 13.491849] kasan_report+0x141/0x180 [ 13.491871] ? ksize_uaf+0x5fe/0x6c0 [ 13.491896] __asan_report_load1_noabort+0x18/0x20 [ 13.491921] ksize_uaf+0x5fe/0x6c0 [ 13.491941] ? __pfx_ksize_uaf+0x10/0x10 [ 13.491963] ? __schedule+0x10cc/0x2b60 [ 13.492029] ? __pfx_read_tsc+0x10/0x10 [ 13.492050] ? ktime_get_ts64+0x86/0x230 [ 13.492087] kunit_try_run_case+0x1a5/0x480 [ 13.492111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.492135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.492159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.492183] ? __kthread_parkme+0x82/0x180 [ 13.492202] ? preempt_count_sub+0x50/0x80 [ 13.492227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.492251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.492348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.492376] kthread+0x337/0x6f0 [ 13.492395] ? trace_preempt_on+0x20/0xc0 [ 13.492419] ? __pfx_kthread+0x10/0x10 [ 13.492440] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.492461] ? calculate_sigpending+0x7b/0xa0 [ 13.492485] ? __pfx_kthread+0x10/0x10 [ 13.492506] ret_from_fork+0x116/0x1d0 [ 13.492524] ? __pfx_kthread+0x10/0x10 [ 13.492544] ret_from_fork_asm+0x1a/0x30 [ 13.492575] </TASK> [ 13.492585] [ 13.500010] Allocated by task 213: [ 13.500246] kasan_save_stack+0x45/0x70 [ 13.500463] kasan_save_track+0x18/0x40 [ 13.500661] kasan_save_alloc_info+0x3b/0x50 [ 13.500874] __kasan_kmalloc+0xb7/0xc0 [ 13.501059] __kmalloc_cache_noprof+0x189/0x420 [ 13.501295] ksize_uaf+0xaa/0x6c0 [ 13.501451] kunit_try_run_case+0x1a5/0x480 [ 13.501687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.502024] kthread+0x337/0x6f0 [ 13.502173] ret_from_fork+0x116/0x1d0 [ 13.502316] ret_from_fork_asm+0x1a/0x30 [ 13.502457] [ 13.502528] Freed by task 213: [ 13.502639] kasan_save_stack+0x45/0x70 [ 13.502783] kasan_save_track+0x18/0x40 [ 13.502917] kasan_save_free_info+0x3f/0x60 [ 13.503124] __kasan_slab_free+0x56/0x70 [ 13.503328] kfree+0x222/0x3f0 [ 13.503504] ksize_uaf+0x12c/0x6c0 [ 13.503683] kunit_try_run_case+0x1a5/0x480 [ 13.503893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.504148] kthread+0x337/0x6f0 [ 13.504441] ret_from_fork+0x116/0x1d0 [ 13.504646] ret_from_fork_asm+0x1a/0x30 [ 13.504853] [ 13.504951] The buggy address belongs to the object at ffff8881029ef900 [ 13.504951] which belongs to the cache kmalloc-128 of size 128 [ 13.506282] The buggy address is located 0 bytes inside of [ 13.506282] freed 128-byte region [ffff8881029ef900, ffff8881029ef980) [ 13.506916] [ 13.507078] The buggy address belongs to the physical page: [ 13.507332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.507577] flags: 0x200000000000000(node=0|zone=2) [ 13.507741] page_type: f5(slab) [ 13.507860] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.508136] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.508510] page dumped because: kasan: bad access detected [ 13.508768] [ 13.508862] Memory state around the buggy address: [ 13.509089] ffff8881029ef800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.509719] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.510191] >ffff8881029ef900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.510471] ^ [ 13.510637] ffff8881029ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.510963] ffff8881029efa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511370] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.389828] ================================================================== [ 13.390631] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.391226] Read of size 1 at addr ffff8881029ef873 by task kunit_try_catch/211 [ 13.392280] [ 13.392480] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.392527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.392539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.392559] Call Trace: [ 13.392571] <TASK> [ 13.392587] dump_stack_lvl+0x73/0xb0 [ 13.392620] print_report+0xd1/0x610 [ 13.392642] ? __virt_addr_valid+0x1db/0x2d0 [ 13.392667] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.392690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.392713] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.392736] kasan_report+0x141/0x180 [ 13.392757] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.392786] __asan_report_load1_noabort+0x18/0x20 [ 13.392811] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.392835] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.392858] ? finish_task_switch.isra.0+0x153/0x700 [ 13.392883] ? __switch_to+0x47/0xf50 [ 13.392909] ? __schedule+0x10cc/0x2b60 [ 13.392931] ? __pfx_read_tsc+0x10/0x10 [ 13.392952] ? ktime_get_ts64+0x86/0x230 [ 13.392977] kunit_try_run_case+0x1a5/0x480 [ 13.393023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.393056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.393081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.393104] ? __kthread_parkme+0x82/0x180 [ 13.393125] ? preempt_count_sub+0x50/0x80 [ 13.393148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.393172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.393196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.393221] kthread+0x337/0x6f0 [ 13.393240] ? trace_preempt_on+0x20/0xc0 [ 13.393275] ? __pfx_kthread+0x10/0x10 [ 13.393297] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.393319] ? calculate_sigpending+0x7b/0xa0 [ 13.393344] ? __pfx_kthread+0x10/0x10 [ 13.393365] ret_from_fork+0x116/0x1d0 [ 13.393383] ? __pfx_kthread+0x10/0x10 [ 13.393403] ret_from_fork_asm+0x1a/0x30 [ 13.393434] </TASK> [ 13.393444] [ 13.408915] Allocated by task 211: [ 13.409472] kasan_save_stack+0x45/0x70 [ 13.409659] kasan_save_track+0x18/0x40 [ 13.409888] kasan_save_alloc_info+0x3b/0x50 [ 13.410242] __kasan_kmalloc+0xb7/0xc0 [ 13.410414] __kmalloc_cache_noprof+0x189/0x420 [ 13.410596] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.410787] kunit_try_run_case+0x1a5/0x480 [ 13.410966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.411179] kthread+0x337/0x6f0 [ 13.411317] ret_from_fork+0x116/0x1d0 [ 13.411498] ret_from_fork_asm+0x1a/0x30 [ 13.411691] [ 13.411782] The buggy address belongs to the object at ffff8881029ef800 [ 13.411782] which belongs to the cache kmalloc-128 of size 128 [ 13.412245] The buggy address is located 0 bytes to the right of [ 13.412245] allocated 115-byte region [ffff8881029ef800, ffff8881029ef873) [ 13.413692] [ 13.413804] The buggy address belongs to the physical page: [ 13.414308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.414763] flags: 0x200000000000000(node=0|zone=2) [ 13.414987] page_type: f5(slab) [ 13.415329] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.415774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.416342] page dumped because: kasan: bad access detected [ 13.416555] [ 13.416647] Memory state around the buggy address: [ 13.417064] ffff8881029ef700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.417583] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.417914] >ffff8881029ef800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.418476] ^ [ 13.418779] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.419362] ffff8881029ef900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.419743] ================================================================== [ 13.420507] ================================================================== [ 13.420824] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.421470] Read of size 1 at addr ffff8881029ef878 by task kunit_try_catch/211 [ 13.421772] [ 13.421879] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.421923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.421936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.421957] Call Trace: [ 13.421975] <TASK> [ 13.422302] dump_stack_lvl+0x73/0xb0 [ 13.422342] print_report+0xd1/0x610 [ 13.422365] ? __virt_addr_valid+0x1db/0x2d0 [ 13.422388] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.422412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.422435] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.422459] kasan_report+0x141/0x180 [ 13.422481] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.422509] __asan_report_load1_noabort+0x18/0x20 [ 13.422533] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.422557] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.422580] ? finish_task_switch.isra.0+0x153/0x700 [ 13.422603] ? __switch_to+0x47/0xf50 [ 13.422629] ? __schedule+0x10cc/0x2b60 [ 13.422651] ? __pfx_read_tsc+0x10/0x10 [ 13.422671] ? ktime_get_ts64+0x86/0x230 [ 13.422695] kunit_try_run_case+0x1a5/0x480 [ 13.422727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.422750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.422774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.422797] ? __kthread_parkme+0x82/0x180 [ 13.422817] ? preempt_count_sub+0x50/0x80 [ 13.422840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.422864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.422889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.422914] kthread+0x337/0x6f0 [ 13.422933] ? trace_preempt_on+0x20/0xc0 [ 13.422956] ? __pfx_kthread+0x10/0x10 [ 13.423029] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.423053] ? calculate_sigpending+0x7b/0xa0 [ 13.423077] ? __pfx_kthread+0x10/0x10 [ 13.423098] ret_from_fork+0x116/0x1d0 [ 13.423116] ? __pfx_kthread+0x10/0x10 [ 13.423136] ret_from_fork_asm+0x1a/0x30 [ 13.423167] </TASK> [ 13.423177] [ 13.432971] Allocated by task 211: [ 13.433509] kasan_save_stack+0x45/0x70 [ 13.433772] kasan_save_track+0x18/0x40 [ 13.434017] kasan_save_alloc_info+0x3b/0x50 [ 13.434406] __kasan_kmalloc+0xb7/0xc0 [ 13.434749] __kmalloc_cache_noprof+0x189/0x420 [ 13.435039] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.435290] kunit_try_run_case+0x1a5/0x480 [ 13.435488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.435719] kthread+0x337/0x6f0 [ 13.435880] ret_from_fork+0x116/0x1d0 [ 13.436330] ret_from_fork_asm+0x1a/0x30 [ 13.436580] [ 13.436684] The buggy address belongs to the object at ffff8881029ef800 [ 13.436684] which belongs to the cache kmalloc-128 of size 128 [ 13.437553] The buggy address is located 5 bytes to the right of [ 13.437553] allocated 115-byte region [ffff8881029ef800, ffff8881029ef873) [ 13.438350] [ 13.438439] The buggy address belongs to the physical page: [ 13.438692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.439037] flags: 0x200000000000000(node=0|zone=2) [ 13.439258] page_type: f5(slab) [ 13.439409] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.439738] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.440049] page dumped because: kasan: bad access detected [ 13.440350] [ 13.440422] Memory state around the buggy address: [ 13.440577] ffff8881029ef700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.440818] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.441216] >ffff8881029ef800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.441613] ^ [ 13.441989] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.442274] ffff8881029ef900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.442558] ================================================================== [ 13.443159] ================================================================== [ 13.443464] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.443777] Read of size 1 at addr ffff8881029ef87f by task kunit_try_catch/211 [ 13.444277] [ 13.444371] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.444415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.444426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.444445] Call Trace: [ 13.444460] <TASK> [ 13.444475] dump_stack_lvl+0x73/0xb0 [ 13.444504] print_report+0xd1/0x610 [ 13.444526] ? __virt_addr_valid+0x1db/0x2d0 [ 13.444549] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.444572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.444595] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.444619] kasan_report+0x141/0x180 [ 13.444640] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.444668] __asan_report_load1_noabort+0x18/0x20 [ 13.444692] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.444716] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.444739] ? finish_task_switch.isra.0+0x153/0x700 [ 13.444762] ? __switch_to+0x47/0xf50 [ 13.444787] ? __schedule+0x10cc/0x2b60 [ 13.444809] ? __pfx_read_tsc+0x10/0x10 [ 13.444829] ? ktime_get_ts64+0x86/0x230 [ 13.444853] kunit_try_run_case+0x1a5/0x480 [ 13.444877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.444900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.444923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.444947] ? __kthread_parkme+0x82/0x180 [ 13.444967] ? preempt_count_sub+0x50/0x80 [ 13.445275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.445304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.445329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.445355] kthread+0x337/0x6f0 [ 13.445374] ? trace_preempt_on+0x20/0xc0 [ 13.445398] ? __pfx_kthread+0x10/0x10 [ 13.445418] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.445440] ? calculate_sigpending+0x7b/0xa0 [ 13.445463] ? __pfx_kthread+0x10/0x10 [ 13.445484] ret_from_fork+0x116/0x1d0 [ 13.445502] ? __pfx_kthread+0x10/0x10 [ 13.445522] ret_from_fork_asm+0x1a/0x30 [ 13.445553] </TASK> [ 13.445563] [ 13.453253] Allocated by task 211: [ 13.453400] kasan_save_stack+0x45/0x70 [ 13.453571] kasan_save_track+0x18/0x40 [ 13.453764] kasan_save_alloc_info+0x3b/0x50 [ 13.454030] __kasan_kmalloc+0xb7/0xc0 [ 13.454227] __kmalloc_cache_noprof+0x189/0x420 [ 13.454461] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.454676] kunit_try_run_case+0x1a5/0x480 [ 13.454893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.455209] kthread+0x337/0x6f0 [ 13.455359] ret_from_fork+0x116/0x1d0 [ 13.455527] ret_from_fork_asm+0x1a/0x30 [ 13.455721] [ 13.455811] The buggy address belongs to the object at ffff8881029ef800 [ 13.455811] which belongs to the cache kmalloc-128 of size 128 [ 13.456460] The buggy address is located 12 bytes to the right of [ 13.456460] allocated 115-byte region [ffff8881029ef800, ffff8881029ef873) [ 13.456919] [ 13.456991] The buggy address belongs to the physical page: [ 13.457163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.457484] flags: 0x200000000000000(node=0|zone=2) [ 13.458126] page_type: f5(slab) [ 13.458314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.458656] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.458899] page dumped because: kasan: bad access detected [ 13.459366] [ 13.459468] Memory state around the buggy address: [ 13.459675] ffff8881029ef700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.459977] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.460258] >ffff8881029ef800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.460529] ^ [ 13.460744] ffff8881029ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.461054] ffff8881029ef900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.461488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.348296] ================================================================== [ 13.349029] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.349468] Free of addr ffff888101c9b480 by task kunit_try_catch/209 [ 13.349674] [ 13.349765] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.349808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.349821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.349841] Call Trace: [ 13.349853] <TASK> [ 13.349869] dump_stack_lvl+0x73/0xb0 [ 13.349899] print_report+0xd1/0x610 [ 13.349922] ? __virt_addr_valid+0x1db/0x2d0 [ 13.349945] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.349968] ? kfree_sensitive+0x2e/0x90 [ 13.350005] kasan_report_invalid_free+0x10a/0x130 [ 13.350030] ? kfree_sensitive+0x2e/0x90 [ 13.350051] ? kfree_sensitive+0x2e/0x90 [ 13.350071] check_slab_allocation+0x101/0x130 [ 13.350154] __kasan_slab_pre_free+0x28/0x40 [ 13.350204] kfree+0xf0/0x3f0 [ 13.350226] ? kfree_sensitive+0x2e/0x90 [ 13.350248] kfree_sensitive+0x2e/0x90 [ 13.350276] kmalloc_double_kzfree+0x19c/0x350 [ 13.350310] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.350335] ? __schedule+0x10cc/0x2b60 [ 13.350358] ? __pfx_read_tsc+0x10/0x10 [ 13.350390] ? ktime_get_ts64+0x86/0x230 [ 13.350415] kunit_try_run_case+0x1a5/0x480 [ 13.350439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.350461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.350495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.350518] ? __kthread_parkme+0x82/0x180 [ 13.350539] ? preempt_count_sub+0x50/0x80 [ 13.350573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.350597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.350621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.350655] kthread+0x337/0x6f0 [ 13.350674] ? trace_preempt_on+0x20/0xc0 [ 13.350697] ? __pfx_kthread+0x10/0x10 [ 13.350733] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.350755] ? calculate_sigpending+0x7b/0xa0 [ 13.350779] ? __pfx_kthread+0x10/0x10 [ 13.350800] ret_from_fork+0x116/0x1d0 [ 13.350818] ? __pfx_kthread+0x10/0x10 [ 13.350838] ret_from_fork_asm+0x1a/0x30 [ 13.350877] </TASK> [ 13.350887] [ 13.367821] Allocated by task 209: [ 13.368102] kasan_save_stack+0x45/0x70 [ 13.368423] kasan_save_track+0x18/0x40 [ 13.368558] kasan_save_alloc_info+0x3b/0x50 [ 13.368704] __kasan_kmalloc+0xb7/0xc0 [ 13.368832] __kmalloc_cache_noprof+0x189/0x420 [ 13.369120] kmalloc_double_kzfree+0xa9/0x350 [ 13.369591] kunit_try_run_case+0x1a5/0x480 [ 13.370063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.370558] kthread+0x337/0x6f0 [ 13.370878] ret_from_fork+0x116/0x1d0 [ 13.371331] ret_from_fork_asm+0x1a/0x30 [ 13.371713] [ 13.371879] Freed by task 209: [ 13.372290] kasan_save_stack+0x45/0x70 [ 13.372647] kasan_save_track+0x18/0x40 [ 13.372780] kasan_save_free_info+0x3f/0x60 [ 13.372922] __kasan_slab_free+0x56/0x70 [ 13.373401] kfree+0x222/0x3f0 [ 13.373771] kfree_sensitive+0x67/0x90 [ 13.374220] kmalloc_double_kzfree+0x12b/0x350 [ 13.374647] kunit_try_run_case+0x1a5/0x480 [ 13.375113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.375422] kthread+0x337/0x6f0 [ 13.375584] ret_from_fork+0x116/0x1d0 [ 13.375735] ret_from_fork_asm+0x1a/0x30 [ 13.375900] [ 13.375990] The buggy address belongs to the object at ffff888101c9b480 [ 13.375990] which belongs to the cache kmalloc-16 of size 16 [ 13.376922] The buggy address is located 0 bytes inside of [ 13.376922] 16-byte region [ffff888101c9b480, ffff888101c9b490) [ 13.378204] [ 13.378561] The buggy address belongs to the physical page: [ 13.379165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 13.379877] flags: 0x200000000000000(node=0|zone=2) [ 13.380408] page_type: f5(slab) [ 13.380795] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.381510] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.381734] page dumped because: kasan: bad access detected [ 13.381899] [ 13.381966] Memory state around the buggy address: [ 13.382584] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.383349] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.384173] >ffff888101c9b480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.385054] ^ [ 13.385428] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.385684] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.386401] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.312072] ================================================================== [ 13.313556] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.314409] Read of size 1 at addr ffff888101c9b480 by task kunit_try_catch/209 [ 13.315100] [ 13.315328] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.315376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.315388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.315409] Call Trace: [ 13.315422] <TASK> [ 13.315438] dump_stack_lvl+0x73/0xb0 [ 13.315470] print_report+0xd1/0x610 [ 13.315493] ? __virt_addr_valid+0x1db/0x2d0 [ 13.315516] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.315539] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.315562] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.315586] kasan_report+0x141/0x180 [ 13.315607] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.315633] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.315657] __kasan_check_byte+0x3d/0x50 [ 13.315679] kfree_sensitive+0x22/0x90 [ 13.315702] kmalloc_double_kzfree+0x19c/0x350 [ 13.315725] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.315749] ? __schedule+0x10cc/0x2b60 [ 13.315772] ? __pfx_read_tsc+0x10/0x10 [ 13.315792] ? ktime_get_ts64+0x86/0x230 [ 13.315816] kunit_try_run_case+0x1a5/0x480 [ 13.315842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.315865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.315889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.315913] ? __kthread_parkme+0x82/0x180 [ 13.315934] ? preempt_count_sub+0x50/0x80 [ 13.315958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.315991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.316016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.316040] kthread+0x337/0x6f0 [ 13.316059] ? trace_preempt_on+0x20/0xc0 [ 13.316082] ? __pfx_kthread+0x10/0x10 [ 13.316102] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.316124] ? calculate_sigpending+0x7b/0xa0 [ 13.316149] ? __pfx_kthread+0x10/0x10 [ 13.316170] ret_from_fork+0x116/0x1d0 [ 13.316188] ? __pfx_kthread+0x10/0x10 [ 13.316208] ret_from_fork_asm+0x1a/0x30 [ 13.316238] </TASK> [ 13.316248] [ 13.328886] Allocated by task 209: [ 13.329384] kasan_save_stack+0x45/0x70 [ 13.329760] kasan_save_track+0x18/0x40 [ 13.329901] kasan_save_alloc_info+0x3b/0x50 [ 13.330331] __kasan_kmalloc+0xb7/0xc0 [ 13.330691] __kmalloc_cache_noprof+0x189/0x420 [ 13.330913] kmalloc_double_kzfree+0xa9/0x350 [ 13.331072] kunit_try_run_case+0x1a5/0x480 [ 13.331221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.331773] kthread+0x337/0x6f0 [ 13.332211] ret_from_fork+0x116/0x1d0 [ 13.332583] ret_from_fork_asm+0x1a/0x30 [ 13.332963] [ 13.333194] Freed by task 209: [ 13.333625] kasan_save_stack+0x45/0x70 [ 13.333980] kasan_save_track+0x18/0x40 [ 13.334299] kasan_save_free_info+0x3f/0x60 [ 13.334568] __kasan_slab_free+0x56/0x70 [ 13.334713] kfree+0x222/0x3f0 [ 13.334829] kfree_sensitive+0x67/0x90 [ 13.334962] kmalloc_double_kzfree+0x12b/0x350 [ 13.335650] kunit_try_run_case+0x1a5/0x480 [ 13.336098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336681] kthread+0x337/0x6f0 [ 13.337205] ret_from_fork+0x116/0x1d0 [ 13.337576] ret_from_fork_asm+0x1a/0x30 [ 13.337943] [ 13.338102] The buggy address belongs to the object at ffff888101c9b480 [ 13.338102] which belongs to the cache kmalloc-16 of size 16 [ 13.339074] The buggy address is located 0 bytes inside of [ 13.339074] freed 16-byte region [ffff888101c9b480, ffff888101c9b490) [ 13.339729] [ 13.339803] The buggy address belongs to the physical page: [ 13.339977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 13.340838] flags: 0x200000000000000(node=0|zone=2) [ 13.341571] page_type: f5(slab) [ 13.341899] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.342638] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.343167] page dumped because: kasan: bad access detected [ 13.343384] [ 13.343617] Memory state around the buggy address: [ 13.344204] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.344741] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.344964] >ffff888101c9b480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.345740] ^ [ 13.346057] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.346766] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.347052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.278370] ================================================================== [ 13.278990] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.279630] Read of size 1 at addr ffff888103a503a8 by task kunit_try_catch/205 [ 13.279946] [ 13.280145] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.280252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.280277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.280313] Call Trace: [ 13.280325] <TASK> [ 13.280342] dump_stack_lvl+0x73/0xb0 [ 13.280375] print_report+0xd1/0x610 [ 13.280398] ? __virt_addr_valid+0x1db/0x2d0 [ 13.280423] ? kmalloc_uaf2+0x4a8/0x520 [ 13.280442] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.280465] ? kmalloc_uaf2+0x4a8/0x520 [ 13.280486] kasan_report+0x141/0x180 [ 13.280507] ? kmalloc_uaf2+0x4a8/0x520 [ 13.280532] __asan_report_load1_noabort+0x18/0x20 [ 13.280557] kmalloc_uaf2+0x4a8/0x520 [ 13.280589] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.280609] ? finish_task_switch.isra.0+0x153/0x700 [ 13.280634] ? __switch_to+0x47/0xf50 [ 13.280661] ? __schedule+0x10cc/0x2b60 [ 13.280683] ? __pfx_read_tsc+0x10/0x10 [ 13.280704] ? ktime_get_ts64+0x86/0x230 [ 13.280730] kunit_try_run_case+0x1a5/0x480 [ 13.280755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.280778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.280803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.280826] ? __kthread_parkme+0x82/0x180 [ 13.280848] ? preempt_count_sub+0x50/0x80 [ 13.280870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.280895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.280919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.280944] kthread+0x337/0x6f0 [ 13.280963] ? trace_preempt_on+0x20/0xc0 [ 13.281004] ? __pfx_kthread+0x10/0x10 [ 13.281024] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.281046] ? calculate_sigpending+0x7b/0xa0 [ 13.281071] ? __pfx_kthread+0x10/0x10 [ 13.281093] ret_from_fork+0x116/0x1d0 [ 13.281111] ? __pfx_kthread+0x10/0x10 [ 13.281132] ret_from_fork_asm+0x1a/0x30 [ 13.281163] </TASK> [ 13.281172] [ 13.290046] Allocated by task 205: [ 13.290184] kasan_save_stack+0x45/0x70 [ 13.290686] kasan_save_track+0x18/0x40 [ 13.291149] kasan_save_alloc_info+0x3b/0x50 [ 13.291515] __kasan_kmalloc+0xb7/0xc0 [ 13.291652] __kmalloc_cache_noprof+0x189/0x420 [ 13.291811] kmalloc_uaf2+0xc6/0x520 [ 13.291940] kunit_try_run_case+0x1a5/0x480 [ 13.292505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.293081] kthread+0x337/0x6f0 [ 13.293437] ret_from_fork+0x116/0x1d0 [ 13.293803] ret_from_fork_asm+0x1a/0x30 [ 13.294371] [ 13.294535] Freed by task 205: [ 13.294871] kasan_save_stack+0x45/0x70 [ 13.295188] kasan_save_track+0x18/0x40 [ 13.295542] kasan_save_free_info+0x3f/0x60 [ 13.295694] __kasan_slab_free+0x56/0x70 [ 13.295832] kfree+0x222/0x3f0 [ 13.295950] kmalloc_uaf2+0x14c/0x520 [ 13.296380] kunit_try_run_case+0x1a5/0x480 [ 13.296792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.297461] kthread+0x337/0x6f0 [ 13.297841] ret_from_fork+0x116/0x1d0 [ 13.298233] ret_from_fork_asm+0x1a/0x30 [ 13.298824] [ 13.298997] The buggy address belongs to the object at ffff888103a50380 [ 13.298997] which belongs to the cache kmalloc-64 of size 64 [ 13.299581] The buggy address is located 40 bytes inside of [ 13.299581] freed 64-byte region [ffff888103a50380, ffff888103a503c0) [ 13.299932] [ 13.300005] The buggy address belongs to the physical page: [ 13.300180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 13.300876] flags: 0x200000000000000(node=0|zone=2) [ 13.301428] page_type: f5(slab) [ 13.301807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.302665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.303413] page dumped because: kasan: bad access detected [ 13.304124] [ 13.304311] Memory state around the buggy address: [ 13.304778] ffff888103a50280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.305579] ffff888103a50300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.305965] >ffff888103a50380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.306173] ^ [ 13.306332] ffff888103a50400: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.306539] ffff888103a50480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.306751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.244950] ================================================================== [ 13.245994] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.246781] Write of size 33 at addr ffff8881029fc200 by task kunit_try_catch/203 [ 13.247010] [ 13.247101] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.247146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.247157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.247178] Call Trace: [ 13.247191] <TASK> [ 13.247206] dump_stack_lvl+0x73/0xb0 [ 13.247236] print_report+0xd1/0x610 [ 13.247259] ? __virt_addr_valid+0x1db/0x2d0 [ 13.247296] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.247317] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.247340] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.247361] kasan_report+0x141/0x180 [ 13.247382] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.247409] kasan_check_range+0x10c/0x1c0 [ 13.247432] __asan_memset+0x27/0x50 [ 13.247457] kmalloc_uaf_memset+0x1a3/0x360 [ 13.247478] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.247501] ? __schedule+0x10cc/0x2b60 [ 13.247523] ? __pfx_read_tsc+0x10/0x10 [ 13.247544] ? ktime_get_ts64+0x86/0x230 [ 13.247568] kunit_try_run_case+0x1a5/0x480 [ 13.247592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.247615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.247639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.247663] ? __kthread_parkme+0x82/0x180 [ 13.247682] ? preempt_count_sub+0x50/0x80 [ 13.247706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.247730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.247754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.247779] kthread+0x337/0x6f0 [ 13.247798] ? trace_preempt_on+0x20/0xc0 [ 13.247822] ? __pfx_kthread+0x10/0x10 [ 13.247842] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.247863] ? calculate_sigpending+0x7b/0xa0 [ 13.247888] ? __pfx_kthread+0x10/0x10 [ 13.247909] ret_from_fork+0x116/0x1d0 [ 13.247927] ? __pfx_kthread+0x10/0x10 [ 13.247947] ret_from_fork_asm+0x1a/0x30 [ 13.247977] </TASK> [ 13.247987] [ 13.259115] Allocated by task 203: [ 13.259294] kasan_save_stack+0x45/0x70 [ 13.259471] kasan_save_track+0x18/0x40 [ 13.259631] kasan_save_alloc_info+0x3b/0x50 [ 13.259833] __kasan_kmalloc+0xb7/0xc0 [ 13.260295] __kmalloc_cache_noprof+0x189/0x420 [ 13.260515] kmalloc_uaf_memset+0xa9/0x360 [ 13.260697] kunit_try_run_case+0x1a5/0x480 [ 13.260884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.261304] kthread+0x337/0x6f0 [ 13.261475] ret_from_fork+0x116/0x1d0 [ 13.261650] ret_from_fork_asm+0x1a/0x30 [ 13.261832] [ 13.261921] Freed by task 203: [ 13.262130] kasan_save_stack+0x45/0x70 [ 13.262320] kasan_save_track+0x18/0x40 [ 13.262499] kasan_save_free_info+0x3f/0x60 [ 13.262695] __kasan_slab_free+0x56/0x70 [ 13.262887] kfree+0x222/0x3f0 [ 13.263087] kmalloc_uaf_memset+0x12b/0x360 [ 13.263287] kunit_try_run_case+0x1a5/0x480 [ 13.263475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.263706] kthread+0x337/0x6f0 [ 13.263861] ret_from_fork+0x116/0x1d0 [ 13.264085] ret_from_fork_asm+0x1a/0x30 [ 13.264277] [ 13.264370] The buggy address belongs to the object at ffff8881029fc200 [ 13.264370] which belongs to the cache kmalloc-64 of size 64 [ 13.264848] The buggy address is located 0 bytes inside of [ 13.264848] freed 64-byte region [ffff8881029fc200, ffff8881029fc240) [ 13.265530] [ 13.265627] The buggy address belongs to the physical page: [ 13.265860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029fc [ 13.266419] flags: 0x200000000000000(node=0|zone=2) [ 13.266642] page_type: f5(slab) [ 13.266802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.267171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.267481] page dumped because: kasan: bad access detected [ 13.267716] [ 13.267802] Memory state around the buggy address: [ 13.268048] ffff8881029fc100: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 13.268342] ffff8881029fc180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.268628] >ffff8881029fc200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.268911] ^ [ 13.269323] ffff8881029fc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.269620] ffff8881029fc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.269907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.212534] ================================================================== [ 13.214148] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.214400] Read of size 1 at addr ffff888102610b88 by task kunit_try_catch/201 [ 13.214624] [ 13.214721] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.214768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.214779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.214800] Call Trace: [ 13.214814] <TASK> [ 13.214831] dump_stack_lvl+0x73/0xb0 [ 13.214860] print_report+0xd1/0x610 [ 13.214883] ? __virt_addr_valid+0x1db/0x2d0 [ 13.214907] ? kmalloc_uaf+0x320/0x380 [ 13.214926] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.214949] ? kmalloc_uaf+0x320/0x380 [ 13.214969] kasan_report+0x141/0x180 [ 13.215003] ? kmalloc_uaf+0x320/0x380 [ 13.215027] __asan_report_load1_noabort+0x18/0x20 [ 13.215051] kmalloc_uaf+0x320/0x380 [ 13.215476] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.215500] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.215654] ? trace_hardirqs_on+0x37/0xe0 [ 13.215685] ? __pfx_read_tsc+0x10/0x10 [ 13.215707] ? ktime_get_ts64+0x86/0x230 [ 13.215731] kunit_try_run_case+0x1a5/0x480 [ 13.215757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215782] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.215808] ? __kthread_parkme+0x82/0x180 [ 13.215829] ? preempt_count_sub+0x50/0x80 [ 13.215853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.215901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.215927] kthread+0x337/0x6f0 [ 13.215946] ? trace_preempt_on+0x20/0xc0 [ 13.215968] ? __pfx_kthread+0x10/0x10 [ 13.216053] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.216075] ? calculate_sigpending+0x7b/0xa0 [ 13.216099] ? __pfx_kthread+0x10/0x10 [ 13.216120] ret_from_fork+0x116/0x1d0 [ 13.216139] ? __pfx_kthread+0x10/0x10 [ 13.216174] ret_from_fork_asm+0x1a/0x30 [ 13.216204] </TASK> [ 13.216215] [ 13.228121] Allocated by task 201: [ 13.228324] kasan_save_stack+0x45/0x70 [ 13.228521] kasan_save_track+0x18/0x40 [ 13.228691] kasan_save_alloc_info+0x3b/0x50 [ 13.228883] __kasan_kmalloc+0xb7/0xc0 [ 13.229675] __kmalloc_cache_noprof+0x189/0x420 [ 13.229860] kmalloc_uaf+0xaa/0x380 [ 13.229990] kunit_try_run_case+0x1a5/0x480 [ 13.230409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.230653] kthread+0x337/0x6f0 [ 13.230818] ret_from_fork+0x116/0x1d0 [ 13.231039] ret_from_fork_asm+0x1a/0x30 [ 13.231222] [ 13.231321] Freed by task 201: [ 13.231465] kasan_save_stack+0x45/0x70 [ 13.231642] kasan_save_track+0x18/0x40 [ 13.231819] kasan_save_free_info+0x3f/0x60 [ 13.232154] __kasan_slab_free+0x56/0x70 [ 13.232355] kfree+0x222/0x3f0 [ 13.232503] kmalloc_uaf+0x12c/0x380 [ 13.232655] kunit_try_run_case+0x1a5/0x480 [ 13.232836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.233141] kthread+0x337/0x6f0 [ 13.233307] ret_from_fork+0x116/0x1d0 [ 13.233481] ret_from_fork_asm+0x1a/0x30 [ 13.233661] [ 13.233750] The buggy address belongs to the object at ffff888102610b80 [ 13.233750] which belongs to the cache kmalloc-16 of size 16 [ 13.235256] The buggy address is located 8 bytes inside of [ 13.235256] freed 16-byte region [ffff888102610b80, ffff888102610b90) [ 13.235820] [ 13.235898] The buggy address belongs to the physical page: [ 13.236718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102610 [ 13.237289] flags: 0x200000000000000(node=0|zone=2) [ 13.237515] page_type: f5(slab) [ 13.237671] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.238029] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.238342] page dumped because: kasan: bad access detected [ 13.238564] [ 13.238650] Memory state around the buggy address: [ 13.238856] ffff888102610a80: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.239208] ffff888102610b00: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.239506] >ffff888102610b80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.239794] ^ [ 13.239950] ffff888102610c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.240386] ffff888102610c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.240678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.188257] ================================================================== [ 13.188806] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.189304] Read of size 64 at addr ffff888103a50184 by task kunit_try_catch/199 [ 13.189626] [ 13.189738] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.189780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.189791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.189812] Call Trace: [ 13.189824] <TASK> [ 13.189839] dump_stack_lvl+0x73/0xb0 [ 13.189869] print_report+0xd1/0x610 [ 13.189892] ? __virt_addr_valid+0x1db/0x2d0 [ 13.189916] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.189941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.189964] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.190115] kasan_report+0x141/0x180 [ 13.190142] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.190173] kasan_check_range+0x10c/0x1c0 [ 13.190198] __asan_memmove+0x27/0x70 [ 13.190218] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.190243] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.190283] ? __schedule+0x10cc/0x2b60 [ 13.190306] ? __pfx_read_tsc+0x10/0x10 [ 13.190327] ? ktime_get_ts64+0x86/0x230 [ 13.190351] kunit_try_run_case+0x1a5/0x480 [ 13.190376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.190424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.190448] ? __kthread_parkme+0x82/0x180 [ 13.190469] ? preempt_count_sub+0x50/0x80 [ 13.190493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.190542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.190567] kthread+0x337/0x6f0 [ 13.190586] ? trace_preempt_on+0x20/0xc0 [ 13.190610] ? __pfx_kthread+0x10/0x10 [ 13.190630] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.190651] ? calculate_sigpending+0x7b/0xa0 [ 13.190676] ? __pfx_kthread+0x10/0x10 [ 13.190698] ret_from_fork+0x116/0x1d0 [ 13.190721] ? __pfx_kthread+0x10/0x10 [ 13.190741] ret_from_fork_asm+0x1a/0x30 [ 13.190771] </TASK> [ 13.190781] [ 13.198339] Allocated by task 199: [ 13.198519] kasan_save_stack+0x45/0x70 [ 13.198730] kasan_save_track+0x18/0x40 [ 13.198901] kasan_save_alloc_info+0x3b/0x50 [ 13.199127] __kasan_kmalloc+0xb7/0xc0 [ 13.199277] __kmalloc_cache_noprof+0x189/0x420 [ 13.199463] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.199702] kunit_try_run_case+0x1a5/0x480 [ 13.199910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.200237] kthread+0x337/0x6f0 [ 13.200423] ret_from_fork+0x116/0x1d0 [ 13.200615] ret_from_fork_asm+0x1a/0x30 [ 13.200812] [ 13.200908] The buggy address belongs to the object at ffff888103a50180 [ 13.200908] which belongs to the cache kmalloc-64 of size 64 [ 13.201561] The buggy address is located 4 bytes inside of [ 13.201561] allocated 64-byte region [ffff888103a50180, ffff888103a501c0) [ 13.201926] [ 13.202120] The buggy address belongs to the physical page: [ 13.202384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 13.202737] flags: 0x200000000000000(node=0|zone=2) [ 13.203040] page_type: f5(slab) [ 13.203220] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.203564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.203847] page dumped because: kasan: bad access detected [ 13.204125] [ 13.204197] Memory state around the buggy address: [ 13.204380] ffff888103a50080: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.204703] ffff888103a50100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.205184] >ffff888103a50180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.205523] ^ [ 13.205757] ffff888103a50200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.206120] ffff888103a50280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.206368] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.163895] ================================================================== [ 13.164742] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.165327] Read of size 18446744073709551614 at addr ffff888103a50004 by task kunit_try_catch/197 [ 13.165696] [ 13.165813] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.165857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.165868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.165889] Call Trace: [ 13.165901] <TASK> [ 13.165915] dump_stack_lvl+0x73/0xb0 [ 13.165946] print_report+0xd1/0x610 [ 13.165968] ? __virt_addr_valid+0x1db/0x2d0 [ 13.166228] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.166254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.166291] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.166339] kasan_report+0x141/0x180 [ 13.166361] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.166392] kasan_check_range+0x10c/0x1c0 [ 13.166415] __asan_memmove+0x27/0x70 [ 13.166434] kmalloc_memmove_negative_size+0x171/0x330 [ 13.166460] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.166487] ? __schedule+0x10cc/0x2b60 [ 13.166510] ? __pfx_read_tsc+0x10/0x10 [ 13.166531] ? ktime_get_ts64+0x86/0x230 [ 13.166556] kunit_try_run_case+0x1a5/0x480 [ 13.166581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.166604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.166627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.166651] ? __kthread_parkme+0x82/0x180 [ 13.166671] ? preempt_count_sub+0x50/0x80 [ 13.166695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.166725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.166749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.166774] kthread+0x337/0x6f0 [ 13.166793] ? trace_preempt_on+0x20/0xc0 [ 13.166817] ? __pfx_kthread+0x10/0x10 [ 13.166837] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.166858] ? calculate_sigpending+0x7b/0xa0 [ 13.166882] ? __pfx_kthread+0x10/0x10 [ 13.166903] ret_from_fork+0x116/0x1d0 [ 13.166921] ? __pfx_kthread+0x10/0x10 [ 13.166941] ret_from_fork_asm+0x1a/0x30 [ 13.166971] </TASK> [ 13.167000] [ 13.174186] Allocated by task 197: [ 13.174528] kasan_save_stack+0x45/0x70 [ 13.174720] kasan_save_track+0x18/0x40 [ 13.174886] kasan_save_alloc_info+0x3b/0x50 [ 13.175197] __kasan_kmalloc+0xb7/0xc0 [ 13.175353] __kmalloc_cache_noprof+0x189/0x420 [ 13.175574] kmalloc_memmove_negative_size+0xac/0x330 [ 13.175804] kunit_try_run_case+0x1a5/0x480 [ 13.176045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.176278] kthread+0x337/0x6f0 [ 13.176434] ret_from_fork+0x116/0x1d0 [ 13.176622] ret_from_fork_asm+0x1a/0x30 [ 13.176806] [ 13.176878] The buggy address belongs to the object at ffff888103a50000 [ 13.176878] which belongs to the cache kmalloc-64 of size 64 [ 13.177479] The buggy address is located 4 bytes inside of [ 13.177479] 64-byte region [ffff888103a50000, ffff888103a50040) [ 13.177958] [ 13.178031] The buggy address belongs to the physical page: [ 13.178204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 13.178804] flags: 0x200000000000000(node=0|zone=2) [ 13.179063] page_type: f5(slab) [ 13.179231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.179556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.179850] page dumped because: kasan: bad access detected [ 13.180042] [ 13.180110] Memory state around the buggy address: [ 13.180273] ffff888103a4ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.180487] ffff888103a4ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.180801] >ffff888103a50000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.181112] ^ [ 13.181454] ffff888103a50080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.181794] ffff888103a50100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.182274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.139735] ================================================================== [ 13.140611] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.140888] Write of size 16 at addr ffff8881029ef769 by task kunit_try_catch/195 [ 13.141896] [ 13.142074] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.142512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.142527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.142549] Call Trace: [ 13.142562] <TASK> [ 13.142580] dump_stack_lvl+0x73/0xb0 [ 13.142615] print_report+0xd1/0x610 [ 13.142638] ? __virt_addr_valid+0x1db/0x2d0 [ 13.142663] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.142685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.142713] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.142735] kasan_report+0x141/0x180 [ 13.142757] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.142784] kasan_check_range+0x10c/0x1c0 [ 13.142807] __asan_memset+0x27/0x50 [ 13.142826] kmalloc_oob_memset_16+0x166/0x330 [ 13.142849] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.142872] ? __schedule+0x10cc/0x2b60 [ 13.142895] ? __pfx_read_tsc+0x10/0x10 [ 13.142917] ? ktime_get_ts64+0x86/0x230 [ 13.142943] kunit_try_run_case+0x1a5/0x480 [ 13.142968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.142991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.143016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.143039] ? __kthread_parkme+0x82/0x180 [ 13.143061] ? preempt_count_sub+0x50/0x80 [ 13.143085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.143133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.143158] kthread+0x337/0x6f0 [ 13.143177] ? trace_preempt_on+0x20/0xc0 [ 13.143201] ? __pfx_kthread+0x10/0x10 [ 13.143222] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.143243] ? calculate_sigpending+0x7b/0xa0 [ 13.143279] ? __pfx_kthread+0x10/0x10 [ 13.143385] ret_from_fork+0x116/0x1d0 [ 13.143409] ? __pfx_kthread+0x10/0x10 [ 13.143430] ret_from_fork_asm+0x1a/0x30 [ 13.143462] </TASK> [ 13.143473] [ 13.152377] Allocated by task 195: [ 13.152518] kasan_save_stack+0x45/0x70 [ 13.152668] kasan_save_track+0x18/0x40 [ 13.152858] kasan_save_alloc_info+0x3b/0x50 [ 13.153132] __kasan_kmalloc+0xb7/0xc0 [ 13.153366] __kmalloc_cache_noprof+0x189/0x420 [ 13.153559] kmalloc_oob_memset_16+0xac/0x330 [ 13.153765] kunit_try_run_case+0x1a5/0x480 [ 13.153913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.154119] kthread+0x337/0x6f0 [ 13.154452] ret_from_fork+0x116/0x1d0 [ 13.154646] ret_from_fork_asm+0x1a/0x30 [ 13.154893] [ 13.155037] The buggy address belongs to the object at ffff8881029ef700 [ 13.155037] which belongs to the cache kmalloc-128 of size 128 [ 13.155590] The buggy address is located 105 bytes inside of [ 13.155590] allocated 120-byte region [ffff8881029ef700, ffff8881029ef778) [ 13.156348] [ 13.156450] The buggy address belongs to the physical page: [ 13.156843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.157183] flags: 0x200000000000000(node=0|zone=2) [ 13.157393] page_type: f5(slab) [ 13.157515] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.157745] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.158249] page dumped because: kasan: bad access detected [ 13.158515] [ 13.158749] Memory state around the buggy address: [ 13.158969] ffff8881029ef600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159215] ffff8881029ef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159502] >ffff8881029ef700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.159821] ^ [ 13.160095] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160371] ffff8881029ef800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160697] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.115082] ================================================================== [ 13.115623] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.115942] Write of size 8 at addr ffff8881027eb571 by task kunit_try_catch/193 [ 13.116435] [ 13.116535] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.116580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.116593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.116614] Call Trace: [ 13.116627] <TASK> [ 13.116646] dump_stack_lvl+0x73/0xb0 [ 13.116678] print_report+0xd1/0x610 [ 13.116700] ? __virt_addr_valid+0x1db/0x2d0 [ 13.116724] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.116746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.116770] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.116792] kasan_report+0x141/0x180 [ 13.116814] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.116841] kasan_check_range+0x10c/0x1c0 [ 13.116865] __asan_memset+0x27/0x50 [ 13.116885] kmalloc_oob_memset_8+0x166/0x330 [ 13.116908] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.116931] ? __schedule+0x10cc/0x2b60 [ 13.116954] ? __pfx_read_tsc+0x10/0x10 [ 13.116975] ? ktime_get_ts64+0x86/0x230 [ 13.117067] kunit_try_run_case+0x1a5/0x480 [ 13.117093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.117116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.117141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.117165] ? __kthread_parkme+0x82/0x180 [ 13.117187] ? preempt_count_sub+0x50/0x80 [ 13.117212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.117236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.117273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.117298] kthread+0x337/0x6f0 [ 13.117318] ? trace_preempt_on+0x20/0xc0 [ 13.117342] ? __pfx_kthread+0x10/0x10 [ 13.117364] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.117386] ? calculate_sigpending+0x7b/0xa0 [ 13.117412] ? __pfx_kthread+0x10/0x10 [ 13.117434] ret_from_fork+0x116/0x1d0 [ 13.117454] ? __pfx_kthread+0x10/0x10 [ 13.117477] ret_from_fork_asm+0x1a/0x30 [ 13.117510] </TASK> [ 13.117522] [ 13.124957] Allocated by task 193: [ 13.125276] kasan_save_stack+0x45/0x70 [ 13.125487] kasan_save_track+0x18/0x40 [ 13.125669] kasan_save_alloc_info+0x3b/0x50 [ 13.125819] __kasan_kmalloc+0xb7/0xc0 [ 13.125952] __kmalloc_cache_noprof+0x189/0x420 [ 13.126255] kmalloc_oob_memset_8+0xac/0x330 [ 13.126483] kunit_try_run_case+0x1a5/0x480 [ 13.126695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.126959] kthread+0x337/0x6f0 [ 13.127195] ret_from_fork+0x116/0x1d0 [ 13.127344] ret_from_fork_asm+0x1a/0x30 [ 13.127486] [ 13.127558] The buggy address belongs to the object at ffff8881027eb500 [ 13.127558] which belongs to the cache kmalloc-128 of size 128 [ 13.128086] The buggy address is located 113 bytes inside of [ 13.128086] allocated 120-byte region [ffff8881027eb500, ffff8881027eb578) [ 13.128547] [ 13.128621] The buggy address belongs to the physical page: [ 13.128795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 13.129035] flags: 0x200000000000000(node=0|zone=2) [ 13.129346] page_type: f5(slab) [ 13.129533] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.129880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.130220] page dumped because: kasan: bad access detected [ 13.130486] [ 13.130720] Memory state around the buggy address: [ 13.130952] ffff8881027eb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.131309] ffff8881027eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131639] >ffff8881027eb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.131930] ^ [ 13.133385] ffff8881027eb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.134042] ffff8881027eb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.134282] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.091739] ================================================================== [ 13.092209] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.092776] Write of size 4 at addr ffff8881029ef675 by task kunit_try_catch/191 [ 13.093060] [ 13.093237] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.093299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.093310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.093330] Call Trace: [ 13.093342] <TASK> [ 13.093358] dump_stack_lvl+0x73/0xb0 [ 13.093390] print_report+0xd1/0x610 [ 13.093412] ? __virt_addr_valid+0x1db/0x2d0 [ 13.093436] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.093457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.093480] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.093505] kasan_report+0x141/0x180 [ 13.093526] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.093553] kasan_check_range+0x10c/0x1c0 [ 13.093576] __asan_memset+0x27/0x50 [ 13.093596] kmalloc_oob_memset_4+0x166/0x330 [ 13.093619] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.093643] ? __schedule+0x10cc/0x2b60 [ 13.093665] ? __pfx_read_tsc+0x10/0x10 [ 13.093686] ? ktime_get_ts64+0x86/0x230 [ 13.093711] kunit_try_run_case+0x1a5/0x480 [ 13.093736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.093758] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.093782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.093806] ? __kthread_parkme+0x82/0x180 [ 13.093827] ? preempt_count_sub+0x50/0x80 [ 13.093851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.093875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.093900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.093925] kthread+0x337/0x6f0 [ 13.093944] ? trace_preempt_on+0x20/0xc0 [ 13.093967] ? __pfx_kthread+0x10/0x10 [ 13.094006] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.094028] ? calculate_sigpending+0x7b/0xa0 [ 13.094052] ? __pfx_kthread+0x10/0x10 [ 13.094073] ret_from_fork+0x116/0x1d0 [ 13.094091] ? __pfx_kthread+0x10/0x10 [ 13.094112] ret_from_fork_asm+0x1a/0x30 [ 13.094145] </TASK> [ 13.094156] [ 13.101412] Allocated by task 191: [ 13.101595] kasan_save_stack+0x45/0x70 [ 13.101800] kasan_save_track+0x18/0x40 [ 13.101940] kasan_save_alloc_info+0x3b/0x50 [ 13.102163] __kasan_kmalloc+0xb7/0xc0 [ 13.102373] __kmalloc_cache_noprof+0x189/0x420 [ 13.102609] kmalloc_oob_memset_4+0xac/0x330 [ 13.102844] kunit_try_run_case+0x1a5/0x480 [ 13.103225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103476] kthread+0x337/0x6f0 [ 13.103642] ret_from_fork+0x116/0x1d0 [ 13.103799] ret_from_fork_asm+0x1a/0x30 [ 13.103992] [ 13.104192] The buggy address belongs to the object at ffff8881029ef600 [ 13.104192] which belongs to the cache kmalloc-128 of size 128 [ 13.104650] The buggy address is located 117 bytes inside of [ 13.104650] allocated 120-byte region [ffff8881029ef600, ffff8881029ef678) [ 13.105145] [ 13.105240] The buggy address belongs to the physical page: [ 13.105475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.105803] flags: 0x200000000000000(node=0|zone=2) [ 13.106034] page_type: f5(slab) [ 13.106181] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.107650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.107969] page dumped because: kasan: bad access detected [ 13.108278] [ 13.108359] Memory state around the buggy address: [ 13.108562] ffff8881029ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.108852] ffff8881029ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.109205] >ffff8881029ef600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.109504] ^ [ 13.109805] ffff8881029ef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.110166] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.110440] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.067573] ================================================================== [ 13.068155] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.068533] Write of size 2 at addr ffff8881027eb477 by task kunit_try_catch/189 [ 13.068803] [ 13.068942] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.068990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.069001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.069023] Call Trace: [ 13.069055] <TASK> [ 13.069072] dump_stack_lvl+0x73/0xb0 [ 13.069105] print_report+0xd1/0x610 [ 13.069424] ? __virt_addr_valid+0x1db/0x2d0 [ 13.069464] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.069487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.069510] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.069533] kasan_report+0x141/0x180 [ 13.069555] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.069583] kasan_check_range+0x10c/0x1c0 [ 13.069606] __asan_memset+0x27/0x50 [ 13.069626] kmalloc_oob_memset_2+0x166/0x330 [ 13.069649] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.069673] ? __schedule+0x10cc/0x2b60 [ 13.069696] ? __pfx_read_tsc+0x10/0x10 [ 13.069719] ? ktime_get_ts64+0x86/0x230 [ 13.069745] kunit_try_run_case+0x1a5/0x480 [ 13.069772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.069795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.069821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.069845] ? __kthread_parkme+0x82/0x180 [ 13.069867] ? preempt_count_sub+0x50/0x80 [ 13.069892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.069917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.069941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.069967] kthread+0x337/0x6f0 [ 13.070037] ? trace_preempt_on+0x20/0xc0 [ 13.070069] ? __pfx_kthread+0x10/0x10 [ 13.070102] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.070124] ? calculate_sigpending+0x7b/0xa0 [ 13.070149] ? __pfx_kthread+0x10/0x10 [ 13.070171] ret_from_fork+0x116/0x1d0 [ 13.070190] ? __pfx_kthread+0x10/0x10 [ 13.070210] ret_from_fork_asm+0x1a/0x30 [ 13.070242] </TASK> [ 13.070252] [ 13.077336] Allocated by task 189: [ 13.077501] kasan_save_stack+0x45/0x70 [ 13.077686] kasan_save_track+0x18/0x40 [ 13.077857] kasan_save_alloc_info+0x3b/0x50 [ 13.078098] __kasan_kmalloc+0xb7/0xc0 [ 13.078285] __kmalloc_cache_noprof+0x189/0x420 [ 13.078491] kmalloc_oob_memset_2+0xac/0x330 [ 13.078679] kunit_try_run_case+0x1a5/0x480 [ 13.078875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.079313] kthread+0x337/0x6f0 [ 13.079479] ret_from_fork+0x116/0x1d0 [ 13.079654] ret_from_fork_asm+0x1a/0x30 [ 13.079837] [ 13.079924] The buggy address belongs to the object at ffff8881027eb400 [ 13.079924] which belongs to the cache kmalloc-128 of size 128 [ 13.081588] The buggy address is located 119 bytes inside of [ 13.081588] allocated 120-byte region [ffff8881027eb400, ffff8881027eb478) [ 13.082044] [ 13.082148] The buggy address belongs to the physical page: [ 13.082409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 13.082742] flags: 0x200000000000000(node=0|zone=2) [ 13.082961] page_type: f5(slab) [ 13.083199] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.083518] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.083822] page dumped because: kasan: bad access detected [ 13.084116] [ 13.084208] Memory state around the buggy address: [ 13.084427] ffff8881027eb300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.084715] ffff8881027eb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.085050] >ffff8881027eb400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.085350] ^ [ 13.085638] ffff8881027eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.085924] ffff8881027eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.086515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.037653] ================================================================== [ 13.038207] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.038580] Write of size 128 at addr ffff8881029ef500 by task kunit_try_catch/187 [ 13.038824] [ 13.038916] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.038961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.038973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.038995] Call Trace: [ 13.039008] <TASK> [ 13.039025] dump_stack_lvl+0x73/0xb0 [ 13.039056] print_report+0xd1/0x610 [ 13.039078] ? __virt_addr_valid+0x1db/0x2d0 [ 13.039102] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.039124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.039147] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.039169] kasan_report+0x141/0x180 [ 13.039190] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.039218] kasan_check_range+0x10c/0x1c0 [ 13.039241] __asan_memset+0x27/0x50 [ 13.039273] kmalloc_oob_in_memset+0x15f/0x320 [ 13.039296] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.039319] ? __schedule+0x10cc/0x2b60 [ 13.039341] ? __pfx_read_tsc+0x10/0x10 [ 13.039362] ? ktime_get_ts64+0x86/0x230 [ 13.039387] kunit_try_run_case+0x1a5/0x480 [ 13.039414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.039437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.039461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.039484] ? __kthread_parkme+0x82/0x180 [ 13.039505] ? preempt_count_sub+0x50/0x80 [ 13.039530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.039554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.039578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.039603] kthread+0x337/0x6f0 [ 13.039622] ? trace_preempt_on+0x20/0xc0 [ 13.039647] ? __pfx_kthread+0x10/0x10 [ 13.039668] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.039689] ? calculate_sigpending+0x7b/0xa0 [ 13.039714] ? __pfx_kthread+0x10/0x10 [ 13.039735] ret_from_fork+0x116/0x1d0 [ 13.039766] ? __pfx_kthread+0x10/0x10 [ 13.039786] ret_from_fork_asm+0x1a/0x30 [ 13.039847] </TASK> [ 13.039858] [ 13.047741] Allocated by task 187: [ 13.047923] kasan_save_stack+0x45/0x70 [ 13.048308] kasan_save_track+0x18/0x40 [ 13.048472] kasan_save_alloc_info+0x3b/0x50 [ 13.048622] __kasan_kmalloc+0xb7/0xc0 [ 13.048810] __kmalloc_cache_noprof+0x189/0x420 [ 13.049202] kmalloc_oob_in_memset+0xac/0x320 [ 13.049393] kunit_try_run_case+0x1a5/0x480 [ 13.049543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.049720] kthread+0x337/0x6f0 [ 13.049842] ret_from_fork+0x116/0x1d0 [ 13.049975] ret_from_fork_asm+0x1a/0x30 [ 13.050114] [ 13.050185] The buggy address belongs to the object at ffff8881029ef500 [ 13.050185] which belongs to the cache kmalloc-128 of size 128 [ 13.050726] The buggy address is located 0 bytes inside of [ 13.050726] allocated 120-byte region [ffff8881029ef500, ffff8881029ef578) [ 13.051353] [ 13.051492] The buggy address belongs to the physical page: [ 13.051800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 13.052217] flags: 0x200000000000000(node=0|zone=2) [ 13.052502] page_type: f5(slab) [ 13.052673] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.053244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.053616] page dumped because: kasan: bad access detected [ 13.053877] [ 13.053964] Memory state around the buggy address: [ 13.054384] ffff8881029ef400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.054726] ffff8881029ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.055104] >ffff8881029ef500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.055391] ^ [ 13.055663] ffff8881029ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.056969] ffff8881029ef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.057378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.006449] ================================================================== [ 13.006906] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.007334] Read of size 16 at addr ffff888101c9b460 by task kunit_try_catch/185 [ 13.007914] [ 13.008018] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.008283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.008298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.008329] Call Trace: [ 13.008342] <TASK> [ 13.008361] dump_stack_lvl+0x73/0xb0 [ 13.008409] print_report+0xd1/0x610 [ 13.008614] ? __virt_addr_valid+0x1db/0x2d0 [ 13.008641] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.008674] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.008698] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.008718] kasan_report+0x141/0x180 [ 13.008739] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.008765] __asan_report_load16_noabort+0x18/0x20 [ 13.008790] kmalloc_uaf_16+0x47b/0x4c0 [ 13.008810] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.008832] ? __schedule+0x10cc/0x2b60 [ 13.008855] ? __pfx_read_tsc+0x10/0x10 [ 13.008877] ? ktime_get_ts64+0x86/0x230 [ 13.008903] kunit_try_run_case+0x1a5/0x480 [ 13.008929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.008952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.008976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.009111] ? __kthread_parkme+0x82/0x180 [ 13.009134] ? preempt_count_sub+0x50/0x80 [ 13.009172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.009197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.009222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.009247] kthread+0x337/0x6f0 [ 13.009275] ? trace_preempt_on+0x20/0xc0 [ 13.009300] ? __pfx_kthread+0x10/0x10 [ 13.009321] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.009344] ? calculate_sigpending+0x7b/0xa0 [ 13.009374] ? __pfx_kthread+0x10/0x10 [ 13.009395] ret_from_fork+0x116/0x1d0 [ 13.009414] ? __pfx_kthread+0x10/0x10 [ 13.009434] ret_from_fork_asm+0x1a/0x30 [ 13.009466] </TASK> [ 13.009478] [ 13.018827] Allocated by task 185: [ 13.019524] kasan_save_stack+0x45/0x70 [ 13.019717] kasan_save_track+0x18/0x40 [ 13.019911] kasan_save_alloc_info+0x3b/0x50 [ 13.020296] __kasan_kmalloc+0xb7/0xc0 [ 13.020452] __kmalloc_cache_noprof+0x189/0x420 [ 13.020683] kmalloc_uaf_16+0x15b/0x4c0 [ 13.020864] kunit_try_run_case+0x1a5/0x480 [ 13.021064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.021631] kthread+0x337/0x6f0 [ 13.021787] ret_from_fork+0x116/0x1d0 [ 13.021959] ret_from_fork_asm+0x1a/0x30 [ 13.022472] [ 13.022567] Freed by task 185: [ 13.022716] kasan_save_stack+0x45/0x70 [ 13.022895] kasan_save_track+0x18/0x40 [ 13.023289] kasan_save_free_info+0x3f/0x60 [ 13.023508] __kasan_slab_free+0x56/0x70 [ 13.023783] kfree+0x222/0x3f0 [ 13.024098] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.024287] kunit_try_run_case+0x1a5/0x480 [ 13.024684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.025109] kthread+0x337/0x6f0 [ 13.025293] ret_from_fork+0x116/0x1d0 [ 13.025575] ret_from_fork_asm+0x1a/0x30 [ 13.025770] [ 13.025871] The buggy address belongs to the object at ffff888101c9b460 [ 13.025871] which belongs to the cache kmalloc-16 of size 16 [ 13.026622] The buggy address is located 0 bytes inside of [ 13.026622] freed 16-byte region [ffff888101c9b460, ffff888101c9b470) [ 13.027501] [ 13.027610] The buggy address belongs to the physical page: [ 13.027849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 13.028250] flags: 0x200000000000000(node=0|zone=2) [ 13.028573] page_type: f5(slab) [ 13.028704] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.029046] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.029703] page dumped because: kasan: bad access detected [ 13.029931] [ 13.030026] Memory state around the buggy address: [ 13.030409] ffff888101c9b300: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 13.030722] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.031010] >ffff888101c9b400: fa fb fc fc 00 05 fc fc 00 00 fc fc fa fb fc fc [ 13.031304] ^ [ 13.031563] ffff888101c9b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031854] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.974499] ================================================================== [ 12.975651] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.976331] Write of size 16 at addr ffff888102610b40 by task kunit_try_catch/183 [ 12.976973] [ 12.977150] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.977207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.977219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.977241] Call Trace: [ 12.977254] <TASK> [ 12.977286] dump_stack_lvl+0x73/0xb0 [ 12.977317] print_report+0xd1/0x610 [ 12.977340] ? __virt_addr_valid+0x1db/0x2d0 [ 12.977363] ? kmalloc_oob_16+0x452/0x4a0 [ 12.977383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.977406] ? kmalloc_oob_16+0x452/0x4a0 [ 12.977427] kasan_report+0x141/0x180 [ 12.977448] ? kmalloc_oob_16+0x452/0x4a0 [ 12.977473] __asan_report_store16_noabort+0x1b/0x30 [ 12.977498] kmalloc_oob_16+0x452/0x4a0 [ 12.977519] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.977542] ? __schedule+0x10cc/0x2b60 [ 12.977564] ? __pfx_read_tsc+0x10/0x10 [ 12.977585] ? ktime_get_ts64+0x86/0x230 [ 12.977610] kunit_try_run_case+0x1a5/0x480 [ 12.977635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.977686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.977713] ? __kthread_parkme+0x82/0x180 [ 12.977734] ? preempt_count_sub+0x50/0x80 [ 12.977758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.977833] kthread+0x337/0x6f0 [ 12.977851] ? trace_preempt_on+0x20/0xc0 [ 12.977875] ? __pfx_kthread+0x10/0x10 [ 12.977895] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.977916] ? calculate_sigpending+0x7b/0xa0 [ 12.977941] ? __pfx_kthread+0x10/0x10 [ 12.977963] ret_from_fork+0x116/0x1d0 [ 12.977982] ? __pfx_kthread+0x10/0x10 [ 12.978002] ret_from_fork_asm+0x1a/0x30 [ 12.978032] </TASK> [ 12.978042] [ 12.988712] Allocated by task 183: [ 12.989047] kasan_save_stack+0x45/0x70 [ 12.989424] kasan_save_track+0x18/0x40 [ 12.989766] kasan_save_alloc_info+0x3b/0x50 [ 12.990164] __kasan_kmalloc+0xb7/0xc0 [ 12.990532] __kmalloc_cache_noprof+0x189/0x420 [ 12.990952] kmalloc_oob_16+0xa8/0x4a0 [ 12.991311] kunit_try_run_case+0x1a5/0x480 [ 12.991692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992168] kthread+0x337/0x6f0 [ 12.992483] ret_from_fork+0x116/0x1d0 [ 12.992831] ret_from_fork_asm+0x1a/0x30 [ 12.993196] [ 12.993358] The buggy address belongs to the object at ffff888102610b40 [ 12.993358] which belongs to the cache kmalloc-16 of size 16 [ 12.994399] The buggy address is located 0 bytes inside of [ 12.994399] allocated 13-byte region [ffff888102610b40, ffff888102610b4d) [ 12.994945] [ 12.995019] The buggy address belongs to the physical page: [ 12.995194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102610 [ 12.995501] flags: 0x200000000000000(node=0|zone=2) [ 12.995673] page_type: f5(slab) [ 12.995818] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.996164] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.996479] page dumped because: kasan: bad access detected [ 12.996726] [ 12.996819] Memory state around the buggy address: [ 12.997039] ffff888102610a00: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 12.997351] ffff888102610a80: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.997618] >ffff888102610b00: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.997941] ^ [ 12.998145] ffff888102610b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.998490] ffff888102610c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.998799] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.896739] ================================================================== [ 12.897375] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.897750] Read of size 1 at addr ffff888100a2e200 by task kunit_try_catch/181 [ 12.898064] [ 12.898253] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.898331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.898342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.898364] Call Trace: [ 12.898378] <TASK> [ 12.898395] dump_stack_lvl+0x73/0xb0 [ 12.898429] print_report+0xd1/0x610 [ 12.898453] ? __virt_addr_valid+0x1db/0x2d0 [ 12.898479] ? krealloc_uaf+0x1b8/0x5e0 [ 12.898500] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.898523] ? krealloc_uaf+0x1b8/0x5e0 [ 12.898545] kasan_report+0x141/0x180 [ 12.898566] ? krealloc_uaf+0x1b8/0x5e0 [ 12.898590] ? krealloc_uaf+0x1b8/0x5e0 [ 12.898611] __kasan_check_byte+0x3d/0x50 [ 12.898633] krealloc_noprof+0x3f/0x340 [ 12.898657] krealloc_uaf+0x1b8/0x5e0 [ 12.898678] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.898699] ? finish_task_switch.isra.0+0x153/0x700 [ 12.898735] ? __switch_to+0x47/0xf50 [ 12.898782] ? __schedule+0x10cc/0x2b60 [ 12.898805] ? __pfx_read_tsc+0x10/0x10 [ 12.898827] ? ktime_get_ts64+0x86/0x230 [ 12.898852] kunit_try_run_case+0x1a5/0x480 [ 12.898879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.898902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.898927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.898950] ? __kthread_parkme+0x82/0x180 [ 12.898972] ? preempt_count_sub+0x50/0x80 [ 12.899052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.899101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.899127] kthread+0x337/0x6f0 [ 12.899147] ? trace_preempt_on+0x20/0xc0 [ 12.899171] ? __pfx_kthread+0x10/0x10 [ 12.899192] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.899213] ? calculate_sigpending+0x7b/0xa0 [ 12.899238] ? __pfx_kthread+0x10/0x10 [ 12.899260] ret_from_fork+0x116/0x1d0 [ 12.899291] ? __pfx_kthread+0x10/0x10 [ 12.899312] ret_from_fork_asm+0x1a/0x30 [ 12.899343] </TASK> [ 12.899354] [ 12.906565] Allocated by task 181: [ 12.906768] kasan_save_stack+0x45/0x70 [ 12.907230] kasan_save_track+0x18/0x40 [ 12.907453] kasan_save_alloc_info+0x3b/0x50 [ 12.907675] __kasan_kmalloc+0xb7/0xc0 [ 12.907865] __kmalloc_cache_noprof+0x189/0x420 [ 12.908256] krealloc_uaf+0xbb/0x5e0 [ 12.908422] kunit_try_run_case+0x1a5/0x480 [ 12.908612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.908848] kthread+0x337/0x6f0 [ 12.910040] ret_from_fork+0x116/0x1d0 [ 12.910400] ret_from_fork_asm+0x1a/0x30 [ 12.910559] [ 12.910680] Freed by task 181: [ 12.910821] kasan_save_stack+0x45/0x70 [ 12.910971] kasan_save_track+0x18/0x40 [ 12.911108] kasan_save_free_info+0x3f/0x60 [ 12.911256] __kasan_slab_free+0x56/0x70 [ 12.911464] kfree+0x222/0x3f0 [ 12.911628] krealloc_uaf+0x13d/0x5e0 [ 12.911945] kunit_try_run_case+0x1a5/0x480 [ 12.912243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912517] kthread+0x337/0x6f0 [ 12.912707] ret_from_fork+0x116/0x1d0 [ 12.912896] ret_from_fork_asm+0x1a/0x30 [ 12.913286] [ 12.913481] The buggy address belongs to the object at ffff888100a2e200 [ 12.913481] which belongs to the cache kmalloc-256 of size 256 [ 12.914826] The buggy address is located 0 bytes inside of [ 12.914826] freed 256-byte region [ffff888100a2e200, ffff888100a2e300) [ 12.915950] [ 12.916166] The buggy address belongs to the physical page: [ 12.916617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.917199] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.917743] flags: 0x200000000000040(head|node=0|zone=2) [ 12.917932] page_type: f5(slab) [ 12.918312] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.919114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.919648] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.920203] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.920670] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.920906] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.921599] page dumped because: kasan: bad access detected [ 12.922141] [ 12.922307] Memory state around the buggy address: [ 12.922813] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923238] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923585] >ffff888100a2e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.924319] ^ [ 12.924643] ffff888100a2e280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.925288] ffff888100a2e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.925515] ================================================================== [ 12.928755] ================================================================== [ 12.929719] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.930383] Read of size 1 at addr ffff888100a2e200 by task kunit_try_catch/181 [ 12.931187] [ 12.931427] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.931473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.931484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.931504] Call Trace: [ 12.931517] <TASK> [ 12.931535] dump_stack_lvl+0x73/0xb0 [ 12.931567] print_report+0xd1/0x610 [ 12.931591] ? __virt_addr_valid+0x1db/0x2d0 [ 12.931618] ? krealloc_uaf+0x53c/0x5e0 [ 12.931640] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.931663] ? krealloc_uaf+0x53c/0x5e0 [ 12.931684] kasan_report+0x141/0x180 [ 12.931706] ? krealloc_uaf+0x53c/0x5e0 [ 12.931734] __asan_report_load1_noabort+0x18/0x20 [ 12.931760] krealloc_uaf+0x53c/0x5e0 [ 12.931781] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.931802] ? finish_task_switch.isra.0+0x153/0x700 [ 12.931826] ? __switch_to+0x47/0xf50 [ 12.931853] ? __schedule+0x10cc/0x2b60 [ 12.931877] ? __pfx_read_tsc+0x10/0x10 [ 12.931898] ? ktime_get_ts64+0x86/0x230 [ 12.931933] kunit_try_run_case+0x1a5/0x480 [ 12.931959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.931982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.932017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.932041] ? __kthread_parkme+0x82/0x180 [ 12.932061] ? preempt_count_sub+0x50/0x80 [ 12.932084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.932109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.932139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.932164] kthread+0x337/0x6f0 [ 12.932183] ? trace_preempt_on+0x20/0xc0 [ 12.932208] ? __pfx_kthread+0x10/0x10 [ 12.932228] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.932249] ? calculate_sigpending+0x7b/0xa0 [ 12.932284] ? __pfx_kthread+0x10/0x10 [ 12.932324] ret_from_fork+0x116/0x1d0 [ 12.932343] ? __pfx_kthread+0x10/0x10 [ 12.932380] ret_from_fork_asm+0x1a/0x30 [ 12.932412] </TASK> [ 12.932423] [ 12.949097] Allocated by task 181: [ 12.949336] kasan_save_stack+0x45/0x70 [ 12.949781] kasan_save_track+0x18/0x40 [ 12.950241] kasan_save_alloc_info+0x3b/0x50 [ 12.950590] __kasan_kmalloc+0xb7/0xc0 [ 12.950844] __kmalloc_cache_noprof+0x189/0x420 [ 12.951296] krealloc_uaf+0xbb/0x5e0 [ 12.951723] kunit_try_run_case+0x1a5/0x480 [ 12.952032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.952224] kthread+0x337/0x6f0 [ 12.952362] ret_from_fork+0x116/0x1d0 [ 12.952612] ret_from_fork_asm+0x1a/0x30 [ 12.953012] [ 12.953181] Freed by task 181: [ 12.953520] kasan_save_stack+0x45/0x70 [ 12.953906] kasan_save_track+0x18/0x40 [ 12.954371] kasan_save_free_info+0x3f/0x60 [ 12.954840] __kasan_slab_free+0x56/0x70 [ 12.955287] kfree+0x222/0x3f0 [ 12.955495] krealloc_uaf+0x13d/0x5e0 [ 12.955787] kunit_try_run_case+0x1a5/0x480 [ 12.956196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.956636] kthread+0x337/0x6f0 [ 12.957022] ret_from_fork+0x116/0x1d0 [ 12.957419] ret_from_fork_asm+0x1a/0x30 [ 12.957567] [ 12.957641] The buggy address belongs to the object at ffff888100a2e200 [ 12.957641] which belongs to the cache kmalloc-256 of size 256 [ 12.958495] The buggy address is located 0 bytes inside of [ 12.958495] freed 256-byte region [ffff888100a2e200, ffff888100a2e300) [ 12.959777] [ 12.960163] The buggy address belongs to the physical page: [ 12.960815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.961822] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.962438] flags: 0x200000000000040(head|node=0|zone=2) [ 12.962622] page_type: f5(slab) [ 12.962752] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.963026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.964053] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.964948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.965751] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.966880] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.967543] page dumped because: kasan: bad access detected [ 12.967906] [ 12.968184] Memory state around the buggy address: [ 12.968528] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969028] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969653] >ffff888100a2e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.970310] ^ [ 12.970431] ffff888100a2e280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.970649] ffff888100a2e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.970873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.770091] ================================================================== [ 12.770514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.770781] Write of size 1 at addr ffff88810272e0c9 by task kunit_try_catch/179 [ 12.771020] [ 12.771115] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.771161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.771173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.771194] Call Trace: [ 12.771207] <TASK> [ 12.771533] dump_stack_lvl+0x73/0xb0 [ 12.771577] print_report+0xd1/0x610 [ 12.771602] ? __virt_addr_valid+0x1db/0x2d0 [ 12.771628] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.771654] ? kasan_addr_to_slab+0x11/0xa0 [ 12.771675] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.771700] kasan_report+0x141/0x180 [ 12.771722] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.771751] __asan_report_store1_noabort+0x1b/0x30 [ 12.771816] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.771843] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.771869] ? finish_task_switch.isra.0+0x153/0x700 [ 12.771894] ? __switch_to+0x47/0xf50 [ 12.771921] ? __schedule+0x10cc/0x2b60 [ 12.771945] ? __pfx_read_tsc+0x10/0x10 [ 12.771970] krealloc_large_less_oob+0x1c/0x30 [ 12.772120] kunit_try_run_case+0x1a5/0x480 [ 12.772149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.772173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.772199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.772223] ? __kthread_parkme+0x82/0x180 [ 12.772245] ? preempt_count_sub+0x50/0x80 [ 12.772280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.772305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.772330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.772356] kthread+0x337/0x6f0 [ 12.772375] ? trace_preempt_on+0x20/0xc0 [ 12.772400] ? __pfx_kthread+0x10/0x10 [ 12.772421] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.772443] ? calculate_sigpending+0x7b/0xa0 [ 12.772469] ? __pfx_kthread+0x10/0x10 [ 12.772490] ret_from_fork+0x116/0x1d0 [ 12.772509] ? __pfx_kthread+0x10/0x10 [ 12.772529] ret_from_fork_asm+0x1a/0x30 [ 12.772561] </TASK> [ 12.772572] [ 12.784681] The buggy address belongs to the physical page: [ 12.784875] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.785471] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.787340] flags: 0x200000000000040(head|node=0|zone=2) [ 12.787538] page_type: f8(unknown) [ 12.787672] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.787955] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.788526] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.789406] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.789691] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.789920] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.790683] page dumped because: kasan: bad access detected [ 12.791332] [ 12.791547] Memory state around the buggy address: [ 12.792049] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.792872] ffff88810272e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.793478] >ffff88810272e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.793692] ^ [ 12.793866] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.794091] ffff88810272e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.794787] ================================================================== [ 12.669583] ================================================================== [ 12.669920] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.670512] Write of size 1 at addr ffff888100a2e0ea by task kunit_try_catch/175 [ 12.670751] [ 12.670843] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.670888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.670899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.670920] Call Trace: [ 12.670938] <TASK> [ 12.670954] dump_stack_lvl+0x73/0xb0 [ 12.670984] print_report+0xd1/0x610 [ 12.671006] ? __virt_addr_valid+0x1db/0x2d0 [ 12.671029] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.671053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.671076] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.671101] kasan_report+0x141/0x180 [ 12.671122] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.671151] __asan_report_store1_noabort+0x1b/0x30 [ 12.671176] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.671202] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.671227] ? finish_task_switch.isra.0+0x153/0x700 [ 12.671250] ? __switch_to+0x47/0xf50 [ 12.671288] ? __schedule+0x10cc/0x2b60 [ 12.671310] ? __pfx_read_tsc+0x10/0x10 [ 12.671334] krealloc_less_oob+0x1c/0x30 [ 12.671355] kunit_try_run_case+0x1a5/0x480 [ 12.671379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.671402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.671426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.671450] ? __kthread_parkme+0x82/0x180 [ 12.671470] ? preempt_count_sub+0x50/0x80 [ 12.671493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.671607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.671638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.671663] kthread+0x337/0x6f0 [ 12.671683] ? trace_preempt_on+0x20/0xc0 [ 12.671708] ? __pfx_kthread+0x10/0x10 [ 12.671728] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.671750] ? calculate_sigpending+0x7b/0xa0 [ 12.671774] ? __pfx_kthread+0x10/0x10 [ 12.671795] ret_from_fork+0x116/0x1d0 [ 12.671814] ? __pfx_kthread+0x10/0x10 [ 12.671834] ret_from_fork_asm+0x1a/0x30 [ 12.671864] </TASK> [ 12.671875] [ 12.681253] Allocated by task 175: [ 12.681409] kasan_save_stack+0x45/0x70 [ 12.681604] kasan_save_track+0x18/0x40 [ 12.681797] kasan_save_alloc_info+0x3b/0x50 [ 12.682013] __kasan_krealloc+0x190/0x1f0 [ 12.682213] krealloc_noprof+0xf3/0x340 [ 12.682396] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.682581] krealloc_less_oob+0x1c/0x30 [ 12.682735] kunit_try_run_case+0x1a5/0x480 [ 12.682944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.683215] kthread+0x337/0x6f0 [ 12.684203] ret_from_fork+0x116/0x1d0 [ 12.685304] ret_from_fork_asm+0x1a/0x30 [ 12.686327] [ 12.686886] The buggy address belongs to the object at ffff888100a2e000 [ 12.686886] which belongs to the cache kmalloc-256 of size 256 [ 12.688291] The buggy address is located 33 bytes to the right of [ 12.688291] allocated 201-byte region [ffff888100a2e000, ffff888100a2e0c9) [ 12.689477] [ 12.689908] The buggy address belongs to the physical page: [ 12.690803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.691350] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.691674] flags: 0x200000000000040(head|node=0|zone=2) [ 12.691924] page_type: f5(slab) [ 12.692081] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.692410] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.692714] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.693012] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.693381] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.693740] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.694293] page dumped because: kasan: bad access detected [ 12.694478] [ 12.694572] Memory state around the buggy address: [ 12.694805] ffff888100a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.695189] ffff888100a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.695504] >ffff888100a2e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.695751] ^ [ 12.696106] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.696403] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.696690] ================================================================== [ 12.589514] ================================================================== [ 12.591519] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.592769] Write of size 1 at addr ffff888100a2e0c9 by task kunit_try_catch/175 [ 12.593739] [ 12.593936] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.593986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.593998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.594020] Call Trace: [ 12.595058] <TASK> [ 12.595084] dump_stack_lvl+0x73/0xb0 [ 12.595121] print_report+0xd1/0x610 [ 12.595145] ? __virt_addr_valid+0x1db/0x2d0 [ 12.595170] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.595217] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595241] kasan_report+0x141/0x180 [ 12.595275] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595303] __asan_report_store1_noabort+0x1b/0x30 [ 12.595330] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595356] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.595381] ? finish_task_switch.isra.0+0x153/0x700 [ 12.595405] ? __switch_to+0x47/0xf50 [ 12.595431] ? __schedule+0x10cc/0x2b60 [ 12.595453] ? __pfx_read_tsc+0x10/0x10 [ 12.595477] krealloc_less_oob+0x1c/0x30 [ 12.595498] kunit_try_run_case+0x1a5/0x480 [ 12.595524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.595571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.595594] ? __kthread_parkme+0x82/0x180 [ 12.595615] ? preempt_count_sub+0x50/0x80 [ 12.595638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.595711] kthread+0x337/0x6f0 [ 12.595729] ? trace_preempt_on+0x20/0xc0 [ 12.595754] ? __pfx_kthread+0x10/0x10 [ 12.595774] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.595796] ? calculate_sigpending+0x7b/0xa0 [ 12.595820] ? __pfx_kthread+0x10/0x10 [ 12.595841] ret_from_fork+0x116/0x1d0 [ 12.595859] ? __pfx_kthread+0x10/0x10 [ 12.595879] ret_from_fork_asm+0x1a/0x30 [ 12.595910] </TASK> [ 12.595920] [ 12.607948] Allocated by task 175: [ 12.608337] kasan_save_stack+0x45/0x70 [ 12.608686] kasan_save_track+0x18/0x40 [ 12.608920] kasan_save_alloc_info+0x3b/0x50 [ 12.609145] __kasan_krealloc+0x190/0x1f0 [ 12.609307] krealloc_noprof+0xf3/0x340 [ 12.609446] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.609610] krealloc_less_oob+0x1c/0x30 [ 12.609749] kunit_try_run_case+0x1a5/0x480 [ 12.609895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.610487] kthread+0x337/0x6f0 [ 12.610636] ret_from_fork+0x116/0x1d0 [ 12.610805] ret_from_fork_asm+0x1a/0x30 [ 12.611227] [ 12.611457] The buggy address belongs to the object at ffff888100a2e000 [ 12.611457] which belongs to the cache kmalloc-256 of size 256 [ 12.611973] The buggy address is located 0 bytes to the right of [ 12.611973] allocated 201-byte region [ffff888100a2e000, ffff888100a2e0c9) [ 12.613172] [ 12.613251] The buggy address belongs to the physical page: [ 12.613452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.613702] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.613931] flags: 0x200000000000040(head|node=0|zone=2) [ 12.614110] page_type: f5(slab) [ 12.614623] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.615372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.615618] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.615857] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.616579] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.618253] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.618929] page dumped because: kasan: bad access detected [ 12.619408] [ 12.619484] Memory state around the buggy address: [ 12.619638] ffff888100a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.620056] ffff888100a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.620313] >ffff888100a2e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.620521] ^ [ 12.620692] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.621732] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.622208] ================================================================== [ 12.795537] ================================================================== [ 12.795789] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.796044] Write of size 1 at addr ffff88810272e0d0 by task kunit_try_catch/179 [ 12.797726] [ 12.798063] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.798321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.798334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.798355] Call Trace: [ 12.798367] <TASK> [ 12.798385] dump_stack_lvl+0x73/0xb0 [ 12.798419] print_report+0xd1/0x610 [ 12.798442] ? __virt_addr_valid+0x1db/0x2d0 [ 12.798467] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.798492] ? kasan_addr_to_slab+0x11/0xa0 [ 12.798512] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.798537] kasan_report+0x141/0x180 [ 12.798559] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.798588] __asan_report_store1_noabort+0x1b/0x30 [ 12.798614] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.798640] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.798666] ? finish_task_switch.isra.0+0x153/0x700 [ 12.798689] ? __switch_to+0x47/0xf50 [ 12.798723] ? __schedule+0x10cc/0x2b60 [ 12.798747] ? __pfx_read_tsc+0x10/0x10 [ 12.798771] krealloc_large_less_oob+0x1c/0x30 [ 12.798795] kunit_try_run_case+0x1a5/0x480 [ 12.798820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.798844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.798868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.798892] ? __kthread_parkme+0x82/0x180 [ 12.798913] ? preempt_count_sub+0x50/0x80 [ 12.798936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.798961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.799118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.799147] kthread+0x337/0x6f0 [ 12.799181] ? trace_preempt_on+0x20/0xc0 [ 12.799206] ? __pfx_kthread+0x10/0x10 [ 12.799226] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.799291] ? calculate_sigpending+0x7b/0xa0 [ 12.799316] ? __pfx_kthread+0x10/0x10 [ 12.799338] ret_from_fork+0x116/0x1d0 [ 12.799358] ? __pfx_kthread+0x10/0x10 [ 12.799379] ret_from_fork_asm+0x1a/0x30 [ 12.799410] </TASK> [ 12.799421] [ 12.815628] The buggy address belongs to the physical page: [ 12.816194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.817308] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.818103] flags: 0x200000000000040(head|node=0|zone=2) [ 12.818766] page_type: f8(unknown) [ 12.819258] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.820100] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.820843] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.821688] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.822614] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.822912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.823824] page dumped because: kasan: bad access detected [ 12.824483] [ 12.824679] Memory state around the buggy address: [ 12.825203] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.825765] ffff88810272e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.826000] >ffff88810272e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.826705] ^ [ 12.827541] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.828334] ffff88810272e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.828640] ================================================================== [ 12.697227] ================================================================== [ 12.697586] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.697873] Write of size 1 at addr ffff888100a2e0eb by task kunit_try_catch/175 [ 12.698439] [ 12.698553] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.698599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.698610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.698630] Call Trace: [ 12.698649] <TASK> [ 12.698665] dump_stack_lvl+0x73/0xb0 [ 12.698695] print_report+0xd1/0x610 [ 12.698721] ? __virt_addr_valid+0x1db/0x2d0 [ 12.698745] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.698770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.698792] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.698817] kasan_report+0x141/0x180 [ 12.698838] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.698867] __asan_report_store1_noabort+0x1b/0x30 [ 12.698892] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.698918] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.698943] ? finish_task_switch.isra.0+0x153/0x700 [ 12.699048] ? __switch_to+0x47/0xf50 [ 12.699078] ? __schedule+0x10cc/0x2b60 [ 12.699100] ? __pfx_read_tsc+0x10/0x10 [ 12.699124] krealloc_less_oob+0x1c/0x30 [ 12.699146] kunit_try_run_case+0x1a5/0x480 [ 12.699171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.699194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.699218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.699241] ? __kthread_parkme+0x82/0x180 [ 12.699273] ? preempt_count_sub+0x50/0x80 [ 12.699296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.699320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.699344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.699369] kthread+0x337/0x6f0 [ 12.699389] ? trace_preempt_on+0x20/0xc0 [ 12.699412] ? __pfx_kthread+0x10/0x10 [ 12.699432] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.699454] ? calculate_sigpending+0x7b/0xa0 [ 12.699478] ? __pfx_kthread+0x10/0x10 [ 12.699499] ret_from_fork+0x116/0x1d0 [ 12.699517] ? __pfx_kthread+0x10/0x10 [ 12.699539] ret_from_fork_asm+0x1a/0x30 [ 12.699570] </TASK> [ 12.699580] [ 12.707334] Allocated by task 175: [ 12.707474] kasan_save_stack+0x45/0x70 [ 12.707679] kasan_save_track+0x18/0x40 [ 12.707869] kasan_save_alloc_info+0x3b/0x50 [ 12.708157] __kasan_krealloc+0x190/0x1f0 [ 12.708372] krealloc_noprof+0xf3/0x340 [ 12.708565] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.708758] krealloc_less_oob+0x1c/0x30 [ 12.708902] kunit_try_run_case+0x1a5/0x480 [ 12.709186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.709459] kthread+0x337/0x6f0 [ 12.709632] ret_from_fork+0x116/0x1d0 [ 12.709816] ret_from_fork_asm+0x1a/0x30 [ 12.709957] [ 12.710221] The buggy address belongs to the object at ffff888100a2e000 [ 12.710221] which belongs to the cache kmalloc-256 of size 256 [ 12.710786] The buggy address is located 34 bytes to the right of [ 12.710786] allocated 201-byte region [ffff888100a2e000, ffff888100a2e0c9) [ 12.711332] [ 12.711408] The buggy address belongs to the physical page: [ 12.711644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.712089] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.712445] flags: 0x200000000000040(head|node=0|zone=2) [ 12.712699] page_type: f5(slab) [ 12.712863] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.713240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.713558] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.713873] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.714406] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.714646] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.715071] page dumped because: kasan: bad access detected [ 12.715334] [ 12.715426] Memory state around the buggy address: [ 12.715585] ffff888100a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.715835] ffff888100a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.716235] >ffff888100a2e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.716572] ^ [ 12.716836] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.717185] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.717482] ================================================================== [ 12.854141] ================================================================== [ 12.854501] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.854853] Write of size 1 at addr ffff88810272e0ea by task kunit_try_catch/179 [ 12.855293] [ 12.855393] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.855437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.855449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.855480] Call Trace: [ 12.855500] <TASK> [ 12.855519] dump_stack_lvl+0x73/0xb0 [ 12.855562] print_report+0xd1/0x610 [ 12.855586] ? __virt_addr_valid+0x1db/0x2d0 [ 12.855610] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.855635] ? kasan_addr_to_slab+0x11/0xa0 [ 12.855657] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.855683] kasan_report+0x141/0x180 [ 12.855705] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.855734] __asan_report_store1_noabort+0x1b/0x30 [ 12.855769] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.855796] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.855822] ? finish_task_switch.isra.0+0x153/0x700 [ 12.855857] ? __switch_to+0x47/0xf50 [ 12.855883] ? __schedule+0x10cc/0x2b60 [ 12.855906] ? __pfx_read_tsc+0x10/0x10 [ 12.855931] krealloc_large_less_oob+0x1c/0x30 [ 12.855954] kunit_try_run_case+0x1a5/0x480 [ 12.855990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.856014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.856038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.856062] ? __kthread_parkme+0x82/0x180 [ 12.856084] ? preempt_count_sub+0x50/0x80 [ 12.856107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.856201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.856237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.856273] kthread+0x337/0x6f0 [ 12.856293] ? trace_preempt_on+0x20/0xc0 [ 12.856318] ? __pfx_kthread+0x10/0x10 [ 12.856338] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.856360] ? calculate_sigpending+0x7b/0xa0 [ 12.856386] ? __pfx_kthread+0x10/0x10 [ 12.856407] ret_from_fork+0x116/0x1d0 [ 12.856426] ? __pfx_kthread+0x10/0x10 [ 12.856447] ret_from_fork_asm+0x1a/0x30 [ 12.856478] </TASK> [ 12.856488] [ 12.865436] The buggy address belongs to the physical page: [ 12.865710] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.866098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.866626] flags: 0x200000000000040(head|node=0|zone=2) [ 12.866907] page_type: f8(unknown) [ 12.867193] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.867515] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.867846] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.868371] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.868610] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.869007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.869353] page dumped because: kasan: bad access detected [ 12.869539] [ 12.869608] Memory state around the buggy address: [ 12.870135] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.870627] ffff88810272e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.870938] >ffff88810272e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.871334] ^ [ 12.871582] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.871915] ffff88810272e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.872468] ================================================================== [ 12.648909] ================================================================== [ 12.649503] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.649832] Write of size 1 at addr ffff888100a2e0da by task kunit_try_catch/175 [ 12.650127] [ 12.650372] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.650418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.650431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.650452] Call Trace: [ 12.650471] <TASK> [ 12.650487] dump_stack_lvl+0x73/0xb0 [ 12.650517] print_report+0xd1/0x610 [ 12.650539] ? __virt_addr_valid+0x1db/0x2d0 [ 12.650562] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.650586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.650609] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.650633] kasan_report+0x141/0x180 [ 12.650655] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.650683] __asan_report_store1_noabort+0x1b/0x30 [ 12.650716] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.650742] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.650767] ? finish_task_switch.isra.0+0x153/0x700 [ 12.650791] ? __switch_to+0x47/0xf50 [ 12.650816] ? __schedule+0x10cc/0x2b60 [ 12.650838] ? __pfx_read_tsc+0x10/0x10 [ 12.650862] krealloc_less_oob+0x1c/0x30 [ 12.650883] kunit_try_run_case+0x1a5/0x480 [ 12.650908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.650931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.650955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.650978] ? __kthread_parkme+0x82/0x180 [ 12.650999] ? preempt_count_sub+0x50/0x80 [ 12.651021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.651045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.651070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.651095] kthread+0x337/0x6f0 [ 12.651114] ? trace_preempt_on+0x20/0xc0 [ 12.651138] ? __pfx_kthread+0x10/0x10 [ 12.651219] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.651242] ? calculate_sigpending+0x7b/0xa0 [ 12.651280] ? __pfx_kthread+0x10/0x10 [ 12.651302] ret_from_fork+0x116/0x1d0 [ 12.651321] ? __pfx_kthread+0x10/0x10 [ 12.651341] ret_from_fork_asm+0x1a/0x30 [ 12.651381] </TASK> [ 12.651391] [ 12.659058] Allocated by task 175: [ 12.659244] kasan_save_stack+0x45/0x70 [ 12.659644] kasan_save_track+0x18/0x40 [ 12.659807] kasan_save_alloc_info+0x3b/0x50 [ 12.660086] __kasan_krealloc+0x190/0x1f0 [ 12.660275] krealloc_noprof+0xf3/0x340 [ 12.660450] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.660671] krealloc_less_oob+0x1c/0x30 [ 12.660843] kunit_try_run_case+0x1a5/0x480 [ 12.661101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.661334] kthread+0x337/0x6f0 [ 12.661490] ret_from_fork+0x116/0x1d0 [ 12.661674] ret_from_fork_asm+0x1a/0x30 [ 12.661846] [ 12.661931] The buggy address belongs to the object at ffff888100a2e000 [ 12.661931] which belongs to the cache kmalloc-256 of size 256 [ 12.662443] The buggy address is located 17 bytes to the right of [ 12.662443] allocated 201-byte region [ffff888100a2e000, ffff888100a2e0c9) [ 12.662901] [ 12.662972] The buggy address belongs to the physical page: [ 12.663146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.663474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.663818] flags: 0x200000000000040(head|node=0|zone=2) [ 12.664075] page_type: f5(slab) [ 12.664246] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.664806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.665133] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.665524] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.665846] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.666246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.666492] page dumped because: kasan: bad access detected [ 12.666665] [ 12.666740] Memory state around the buggy address: [ 12.666896] ffff888100a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.667190] ffff888100a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.667527] >ffff888100a2e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.667847] ^ [ 12.668124] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.668452] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.668956] ================================================================== [ 12.623233] ================================================================== [ 12.624304] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.625063] Write of size 1 at addr ffff888100a2e0d0 by task kunit_try_catch/175 [ 12.625617] [ 12.625737] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.625784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.625797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.625818] Call Trace: [ 12.625836] <TASK> [ 12.625854] dump_stack_lvl+0x73/0xb0 [ 12.625884] print_report+0xd1/0x610 [ 12.625907] ? __virt_addr_valid+0x1db/0x2d0 [ 12.625931] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.625955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.625978] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626373] kasan_report+0x141/0x180 [ 12.626398] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626428] __asan_report_store1_noabort+0x1b/0x30 [ 12.626454] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626481] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.626548] ? finish_task_switch.isra.0+0x153/0x700 [ 12.626573] ? __switch_to+0x47/0xf50 [ 12.626598] ? __schedule+0x10cc/0x2b60 [ 12.626621] ? __pfx_read_tsc+0x10/0x10 [ 12.626645] krealloc_less_oob+0x1c/0x30 [ 12.626666] kunit_try_run_case+0x1a5/0x480 [ 12.626691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.626721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.626746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.626770] ? __kthread_parkme+0x82/0x180 [ 12.626790] ? preempt_count_sub+0x50/0x80 [ 12.626813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.626837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.626861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.626886] kthread+0x337/0x6f0 [ 12.626905] ? trace_preempt_on+0x20/0xc0 [ 12.626929] ? __pfx_kthread+0x10/0x10 [ 12.626950] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.626971] ? calculate_sigpending+0x7b/0xa0 [ 12.627012] ? __pfx_kthread+0x10/0x10 [ 12.627049] ret_from_fork+0x116/0x1d0 [ 12.627067] ? __pfx_kthread+0x10/0x10 [ 12.627087] ret_from_fork_asm+0x1a/0x30 [ 12.627118] </TASK> [ 12.627128] [ 12.637501] Allocated by task 175: [ 12.637680] kasan_save_stack+0x45/0x70 [ 12.637875] kasan_save_track+0x18/0x40 [ 12.638177] kasan_save_alloc_info+0x3b/0x50 [ 12.638390] __kasan_krealloc+0x190/0x1f0 [ 12.638571] krealloc_noprof+0xf3/0x340 [ 12.638758] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.639135] krealloc_less_oob+0x1c/0x30 [ 12.639353] kunit_try_run_case+0x1a5/0x480 [ 12.639549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.639784] kthread+0x337/0x6f0 [ 12.639939] ret_from_fork+0x116/0x1d0 [ 12.640177] ret_from_fork_asm+0x1a/0x30 [ 12.640379] [ 12.640471] The buggy address belongs to the object at ffff888100a2e000 [ 12.640471] which belongs to the cache kmalloc-256 of size 256 [ 12.640962] The buggy address is located 7 bytes to the right of [ 12.640962] allocated 201-byte region [ffff888100a2e000, ffff888100a2e0c9) [ 12.642475] [ 12.642558] The buggy address belongs to the physical page: [ 12.642740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2e [ 12.643198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.643564] flags: 0x200000000000040(head|node=0|zone=2) [ 12.643777] page_type: f5(slab) [ 12.643948] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.644340] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.644635] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.644950] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.645407] head: 0200000000000001 ffffea0004028b81 00000000ffffffff 00000000ffffffff [ 12.645711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.645978] page dumped because: kasan: bad access detected [ 12.646360] [ 12.646453] Memory state around the buggy address: [ 12.646643] ffff888100a2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.646880] ffff888100a2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.647253] >ffff888100a2e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.647563] ^ [ 12.647775] ffff888100a2e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.648062] ffff888100a2e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.648358] ================================================================== [ 12.872823] ================================================================== [ 12.873289] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.873635] Write of size 1 at addr ffff88810272e0eb by task kunit_try_catch/179 [ 12.873864] [ 12.873955] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.874198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.874214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.874235] Call Trace: [ 12.874255] <TASK> [ 12.874282] dump_stack_lvl+0x73/0xb0 [ 12.874317] print_report+0xd1/0x610 [ 12.874342] ? __virt_addr_valid+0x1db/0x2d0 [ 12.874366] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.874391] ? kasan_addr_to_slab+0x11/0xa0 [ 12.874411] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.874436] kasan_report+0x141/0x180 [ 12.874458] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.874487] __asan_report_store1_noabort+0x1b/0x30 [ 12.874513] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.874540] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.874565] ? finish_task_switch.isra.0+0x153/0x700 [ 12.874589] ? __switch_to+0x47/0xf50 [ 12.874615] ? __schedule+0x10cc/0x2b60 [ 12.874637] ? __pfx_read_tsc+0x10/0x10 [ 12.874662] krealloc_large_less_oob+0x1c/0x30 [ 12.874685] kunit_try_run_case+0x1a5/0x480 [ 12.874716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.874740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.874765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.874789] ? __kthread_parkme+0x82/0x180 [ 12.874810] ? preempt_count_sub+0x50/0x80 [ 12.874833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.874858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.874883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.874909] kthread+0x337/0x6f0 [ 12.874927] ? trace_preempt_on+0x20/0xc0 [ 12.874952] ? __pfx_kthread+0x10/0x10 [ 12.874972] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.875063] ? calculate_sigpending+0x7b/0xa0 [ 12.875089] ? __pfx_kthread+0x10/0x10 [ 12.875110] ret_from_fork+0x116/0x1d0 [ 12.875130] ? __pfx_kthread+0x10/0x10 [ 12.875151] ret_from_fork_asm+0x1a/0x30 [ 12.875193] </TASK> [ 12.875204] [ 12.884607] The buggy address belongs to the physical page: [ 12.884810] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.886010] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.887483] flags: 0x200000000000040(head|node=0|zone=2) [ 12.887754] page_type: f8(unknown) [ 12.887920] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.888228] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.888528] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.888837] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.889108] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.889693] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.889995] page dumped because: kasan: bad access detected [ 12.890247] [ 12.890365] Memory state around the buggy address: [ 12.890596] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.891395] ffff88810272e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.891729] >ffff88810272e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.892324] ^ [ 12.892607] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.892987] ffff88810272e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.893374] ================================================================== [ 12.828952] ================================================================== [ 12.829696] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.830429] Write of size 1 at addr ffff88810272e0da by task kunit_try_catch/179 [ 12.831480] [ 12.831693] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.831739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.831762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.831784] Call Trace: [ 12.831803] <TASK> [ 12.831832] dump_stack_lvl+0x73/0xb0 [ 12.831865] print_report+0xd1/0x610 [ 12.831889] ? __virt_addr_valid+0x1db/0x2d0 [ 12.831913] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.831938] ? kasan_addr_to_slab+0x11/0xa0 [ 12.831959] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.832066] kasan_report+0x141/0x180 [ 12.832093] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.832123] __asan_report_store1_noabort+0x1b/0x30 [ 12.832149] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.832177] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.832203] ? finish_task_switch.isra.0+0x153/0x700 [ 12.832227] ? __switch_to+0x47/0xf50 [ 12.832253] ? __schedule+0x10cc/0x2b60 [ 12.832288] ? __pfx_read_tsc+0x10/0x10 [ 12.832313] krealloc_large_less_oob+0x1c/0x30 [ 12.832339] kunit_try_run_case+0x1a5/0x480 [ 12.832367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.832392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.832418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.832442] ? __kthread_parkme+0x82/0x180 [ 12.832464] ? preempt_count_sub+0x50/0x80 [ 12.832487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.832511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.832537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.832563] kthread+0x337/0x6f0 [ 12.832583] ? trace_preempt_on+0x20/0xc0 [ 12.832608] ? __pfx_kthread+0x10/0x10 [ 12.832629] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.832651] ? calculate_sigpending+0x7b/0xa0 [ 12.832675] ? __pfx_kthread+0x10/0x10 [ 12.832697] ret_from_fork+0x116/0x1d0 [ 12.832716] ? __pfx_kthread+0x10/0x10 [ 12.832737] ret_from_fork_asm+0x1a/0x30 [ 12.832768] </TASK> [ 12.832778] [ 12.845547] The buggy address belongs to the physical page: [ 12.845745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.846011] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.846922] flags: 0x200000000000040(head|node=0|zone=2) [ 12.847507] page_type: f8(unknown) [ 12.847856] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.848631] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.849393] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.850372] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.850616] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.850864] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.851143] page dumped because: kasan: bad access detected [ 12.851486] [ 12.851580] Memory state around the buggy address: [ 12.851755] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.852060] ffff88810272e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.852314] >ffff88810272e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.852615] ^ [ 12.852884] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.853181] ffff88810272e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.853597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.509317] ================================================================== [ 12.509935] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.511122] Write of size 1 at addr ffff8881003484eb by task kunit_try_catch/173 [ 12.511428] [ 12.511519] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.511562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.511574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.511596] Call Trace: [ 12.511608] <TASK> [ 12.511623] dump_stack_lvl+0x73/0xb0 [ 12.511654] print_report+0xd1/0x610 [ 12.511677] ? __virt_addr_valid+0x1db/0x2d0 [ 12.511701] ? krealloc_more_oob_helper+0x821/0x930 [ 12.511726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.511750] ? krealloc_more_oob_helper+0x821/0x930 [ 12.511775] kasan_report+0x141/0x180 [ 12.511797] ? krealloc_more_oob_helper+0x821/0x930 [ 12.511827] __asan_report_store1_noabort+0x1b/0x30 [ 12.511852] krealloc_more_oob_helper+0x821/0x930 [ 12.511877] ? __schedule+0x10cc/0x2b60 [ 12.511900] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.511925] ? finish_task_switch.isra.0+0x153/0x700 [ 12.511950] ? __switch_to+0x47/0xf50 [ 12.511984] ? __schedule+0x10cc/0x2b60 [ 12.512006] ? __pfx_read_tsc+0x10/0x10 [ 12.512030] krealloc_more_oob+0x1c/0x30 [ 12.512052] kunit_try_run_case+0x1a5/0x480 [ 12.512077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.512101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.512124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.512149] ? __kthread_parkme+0x82/0x180 [ 12.512174] ? preempt_count_sub+0x50/0x80 [ 12.512198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.512223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.512248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.512538] kthread+0x337/0x6f0 [ 12.512579] ? trace_preempt_on+0x20/0xc0 [ 12.512605] ? __pfx_kthread+0x10/0x10 [ 12.512661] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.512684] ? calculate_sigpending+0x7b/0xa0 [ 12.512709] ? __pfx_kthread+0x10/0x10 [ 12.512731] ret_from_fork+0x116/0x1d0 [ 12.512750] ? __pfx_kthread+0x10/0x10 [ 12.512771] ret_from_fork_asm+0x1a/0x30 [ 12.512802] </TASK> [ 12.512813] [ 12.530538] Allocated by task 173: [ 12.530955] kasan_save_stack+0x45/0x70 [ 12.531154] kasan_save_track+0x18/0x40 [ 12.531435] kasan_save_alloc_info+0x3b/0x50 [ 12.531971] __kasan_krealloc+0x190/0x1f0 [ 12.532514] krealloc_noprof+0xf3/0x340 [ 12.532793] krealloc_more_oob_helper+0x1a9/0x930 [ 12.533259] krealloc_more_oob+0x1c/0x30 [ 12.533430] kunit_try_run_case+0x1a5/0x480 [ 12.533797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.534357] kthread+0x337/0x6f0 [ 12.534485] ret_from_fork+0x116/0x1d0 [ 12.534619] ret_from_fork_asm+0x1a/0x30 [ 12.534767] [ 12.534843] The buggy address belongs to the object at ffff888100348400 [ 12.534843] which belongs to the cache kmalloc-256 of size 256 [ 12.535348] The buggy address is located 0 bytes to the right of [ 12.535348] allocated 235-byte region [ffff888100348400, ffff8881003484eb) [ 12.535918] [ 12.536111] The buggy address belongs to the physical page: [ 12.536693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 12.537511] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.537925] flags: 0x200000000000040(head|node=0|zone=2) [ 12.538514] page_type: f5(slab) [ 12.538903] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.539699] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.540331] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.540797] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.541365] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 12.541600] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.541829] page dumped because: kasan: bad access detected [ 12.542073] [ 12.542236] Memory state around the buggy address: [ 12.542811] ffff888100348380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.543689] ffff888100348400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.544453] >ffff888100348480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.545199] ^ [ 12.545866] ffff888100348500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.546710] ffff888100348580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.547578] ================================================================== [ 12.722714] ================================================================== [ 12.723569] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.724239] Write of size 1 at addr ffff888102bea0eb by task kunit_try_catch/177 [ 12.724482] [ 12.724576] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.724623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.724633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.724655] Call Trace: [ 12.724667] <TASK> [ 12.724683] dump_stack_lvl+0x73/0xb0 [ 12.724714] print_report+0xd1/0x610 [ 12.724736] ? __virt_addr_valid+0x1db/0x2d0 [ 12.724760] ? krealloc_more_oob_helper+0x821/0x930 [ 12.724784] ? kasan_addr_to_slab+0x11/0xa0 [ 12.724804] ? krealloc_more_oob_helper+0x821/0x930 [ 12.724828] kasan_report+0x141/0x180 [ 12.724849] ? krealloc_more_oob_helper+0x821/0x930 [ 12.724878] __asan_report_store1_noabort+0x1b/0x30 [ 12.724903] krealloc_more_oob_helper+0x821/0x930 [ 12.724925] ? __schedule+0x10cc/0x2b60 [ 12.724948] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.724973] ? finish_task_switch.isra.0+0x153/0x700 [ 12.724997] ? __switch_to+0x47/0xf50 [ 12.725022] ? __schedule+0x10cc/0x2b60 [ 12.725042] ? __pfx_read_tsc+0x10/0x10 [ 12.725066] krealloc_large_more_oob+0x1c/0x30 [ 12.725089] kunit_try_run_case+0x1a5/0x480 [ 12.725114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.725136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.725160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.725184] ? __kthread_parkme+0x82/0x180 [ 12.725205] ? preempt_count_sub+0x50/0x80 [ 12.725228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.725252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.725286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.725311] kthread+0x337/0x6f0 [ 12.725329] ? trace_preempt_on+0x20/0xc0 [ 12.725353] ? __pfx_kthread+0x10/0x10 [ 12.725502] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.725524] ? calculate_sigpending+0x7b/0xa0 [ 12.725549] ? __pfx_kthread+0x10/0x10 [ 12.725570] ret_from_fork+0x116/0x1d0 [ 12.725589] ? __pfx_kthread+0x10/0x10 [ 12.725609] ret_from_fork_asm+0x1a/0x30 [ 12.725640] </TASK> [ 12.725652] [ 12.736026] The buggy address belongs to the physical page: [ 12.736315] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be8 [ 12.736635] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.736934] flags: 0x200000000000040(head|node=0|zone=2) [ 12.737162] page_type: f8(unknown) [ 12.737338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.737674] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.737995] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.738819] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.739208] head: 0200000000000002 ffffea00040afa01 00000000ffffffff 00000000ffffffff [ 12.739629] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.740052] page dumped because: kasan: bad access detected [ 12.740384] [ 12.740590] Memory state around the buggy address: [ 12.740866] ffff888102be9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.741228] ffff888102bea000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.741569] >ffff888102bea080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.741868] ^ [ 12.742144] ffff888102bea100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.742445] ffff888102bea180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.742749] ================================================================== [ 12.548512] ================================================================== [ 12.549325] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.550109] Write of size 1 at addr ffff8881003484f0 by task kunit_try_catch/173 [ 12.550527] [ 12.550625] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.550952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.550978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.551000] Call Trace: [ 12.551039] <TASK> [ 12.551058] dump_stack_lvl+0x73/0xb0 [ 12.551091] print_report+0xd1/0x610 [ 12.551114] ? __virt_addr_valid+0x1db/0x2d0 [ 12.551138] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.551163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.551187] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.551211] kasan_report+0x141/0x180 [ 12.551233] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.551276] __asan_report_store1_noabort+0x1b/0x30 [ 12.551304] krealloc_more_oob_helper+0x7eb/0x930 [ 12.551327] ? __schedule+0x10cc/0x2b60 [ 12.551350] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.551375] ? finish_task_switch.isra.0+0x153/0x700 [ 12.551399] ? __switch_to+0x47/0xf50 [ 12.551425] ? __schedule+0x10cc/0x2b60 [ 12.551446] ? __pfx_read_tsc+0x10/0x10 [ 12.551470] krealloc_more_oob+0x1c/0x30 [ 12.551492] kunit_try_run_case+0x1a5/0x480 [ 12.551517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.551565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.551589] ? __kthread_parkme+0x82/0x180 [ 12.551610] ? preempt_count_sub+0x50/0x80 [ 12.551633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.551682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.551707] kthread+0x337/0x6f0 [ 12.551726] ? trace_preempt_on+0x20/0xc0 [ 12.551750] ? __pfx_kthread+0x10/0x10 [ 12.551771] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.551792] ? calculate_sigpending+0x7b/0xa0 [ 12.551817] ? __pfx_kthread+0x10/0x10 [ 12.551838] ret_from_fork+0x116/0x1d0 [ 12.551856] ? __pfx_kthread+0x10/0x10 [ 12.551877] ret_from_fork_asm+0x1a/0x30 [ 12.551908] </TASK> [ 12.551919] [ 12.565887] Allocated by task 173: [ 12.566076] kasan_save_stack+0x45/0x70 [ 12.566441] kasan_save_track+0x18/0x40 [ 12.566883] kasan_save_alloc_info+0x3b/0x50 [ 12.567417] __kasan_krealloc+0x190/0x1f0 [ 12.567859] krealloc_noprof+0xf3/0x340 [ 12.568286] krealloc_more_oob_helper+0x1a9/0x930 [ 12.568728] krealloc_more_oob+0x1c/0x30 [ 12.569185] kunit_try_run_case+0x1a5/0x480 [ 12.569597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.570253] kthread+0x337/0x6f0 [ 12.570609] ret_from_fork+0x116/0x1d0 [ 12.570836] ret_from_fork_asm+0x1a/0x30 [ 12.571119] [ 12.571357] The buggy address belongs to the object at ffff888100348400 [ 12.571357] which belongs to the cache kmalloc-256 of size 256 [ 12.572404] The buggy address is located 5 bytes to the right of [ 12.572404] allocated 235-byte region [ffff888100348400, ffff8881003484eb) [ 12.573147] [ 12.573323] The buggy address belongs to the physical page: [ 12.573779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 12.574209] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.574862] flags: 0x200000000000040(head|node=0|zone=2) [ 12.575056] page_type: f5(slab) [ 12.575498] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.576132] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.576564] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.576798] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.577049] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 12.577424] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.577916] page dumped because: kasan: bad access detected [ 12.578549] [ 12.578862] Memory state around the buggy address: [ 12.579337] ffff888100348380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.579562] ffff888100348400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.579779] >ffff888100348480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.579990] ^ [ 12.580196] ffff888100348500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.580422] ffff888100348580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.580636] ================================================================== [ 12.744018] ================================================================== [ 12.744391] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.744827] Write of size 1 at addr ffff888102bea0f0 by task kunit_try_catch/177 [ 12.745348] [ 12.745456] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.745499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.745511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.745532] Call Trace: [ 12.745543] <TASK> [ 12.745557] dump_stack_lvl+0x73/0xb0 [ 12.745586] print_report+0xd1/0x610 [ 12.745608] ? __virt_addr_valid+0x1db/0x2d0 [ 12.745632] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745656] ? kasan_addr_to_slab+0x11/0xa0 [ 12.745676] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745890] kasan_report+0x141/0x180 [ 12.745913] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745943] __asan_report_store1_noabort+0x1b/0x30 [ 12.745968] krealloc_more_oob_helper+0x7eb/0x930 [ 12.745991] ? __schedule+0x10cc/0x2b60 [ 12.746014] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.746039] ? finish_task_switch.isra.0+0x153/0x700 [ 12.746063] ? __switch_to+0x47/0xf50 [ 12.746089] ? __schedule+0x10cc/0x2b60 [ 12.746109] ? __pfx_read_tsc+0x10/0x10 [ 12.746133] krealloc_large_more_oob+0x1c/0x30 [ 12.746156] kunit_try_run_case+0x1a5/0x480 [ 12.746182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.746204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.746228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.746252] ? __kthread_parkme+0x82/0x180 [ 12.746286] ? preempt_count_sub+0x50/0x80 [ 12.746309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.746333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.746359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.746384] kthread+0x337/0x6f0 [ 12.746403] ? trace_preempt_on+0x20/0xc0 [ 12.746426] ? __pfx_kthread+0x10/0x10 [ 12.746447] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.746468] ? calculate_sigpending+0x7b/0xa0 [ 12.746493] ? __pfx_kthread+0x10/0x10 [ 12.746514] ret_from_fork+0x116/0x1d0 [ 12.746532] ? __pfx_kthread+0x10/0x10 [ 12.746552] ret_from_fork_asm+0x1a/0x30 [ 12.746583] </TASK> [ 12.746593] [ 12.756198] The buggy address belongs to the physical page: [ 12.756475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be8 [ 12.756821] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.757143] flags: 0x200000000000040(head|node=0|zone=2) [ 12.757389] page_type: f8(unknown) [ 12.757557] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.758437] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.759180] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.759935] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.760672] head: 0200000000000002 ffffea00040afa01 00000000ffffffff 00000000ffffffff [ 12.761392] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.762097] page dumped because: kasan: bad access detected [ 12.762644] [ 12.762806] Memory state around the buggy address: [ 12.763336] ffff888102be9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.763815] ffff888102bea000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.764042] >ffff888102bea080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.764259] ^ [ 12.764993] ffff888102bea100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.765654] ffff888102bea180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.766315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.487715] ================================================================== [ 12.488670] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.489051] Read of size 1 at addr ffff888103ac0000 by task kunit_try_catch/171 [ 12.489328] [ 12.489536] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.489580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.489593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.489613] Call Trace: [ 12.489626] <TASK> [ 12.489640] dump_stack_lvl+0x73/0xb0 [ 12.489671] print_report+0xd1/0x610 [ 12.489694] ? __virt_addr_valid+0x1db/0x2d0 [ 12.489717] ? page_alloc_uaf+0x356/0x3d0 [ 12.489740] ? kasan_addr_to_slab+0x11/0xa0 [ 12.489761] ? page_alloc_uaf+0x356/0x3d0 [ 12.489783] kasan_report+0x141/0x180 [ 12.489804] ? page_alloc_uaf+0x356/0x3d0 [ 12.489830] __asan_report_load1_noabort+0x18/0x20 [ 12.489855] page_alloc_uaf+0x356/0x3d0 [ 12.489876] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.489900] ? __schedule+0x10cc/0x2b60 [ 12.489922] ? __pfx_read_tsc+0x10/0x10 [ 12.489943] ? ktime_get_ts64+0x86/0x230 [ 12.489968] kunit_try_run_case+0x1a5/0x480 [ 12.490331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.490355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.490381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.490405] ? __kthread_parkme+0x82/0x180 [ 12.490426] ? preempt_count_sub+0x50/0x80 [ 12.490450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.490474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.490499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.490524] kthread+0x337/0x6f0 [ 12.490543] ? trace_preempt_on+0x20/0xc0 [ 12.490566] ? __pfx_kthread+0x10/0x10 [ 12.490587] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.490608] ? calculate_sigpending+0x7b/0xa0 [ 12.490633] ? __pfx_kthread+0x10/0x10 [ 12.490654] ret_from_fork+0x116/0x1d0 [ 12.490672] ? __pfx_kthread+0x10/0x10 [ 12.490692] ret_from_fork_asm+0x1a/0x30 [ 12.490729] </TASK> [ 12.490739] [ 12.500990] The buggy address belongs to the physical page: [ 12.501394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0 [ 12.501714] flags: 0x200000000000000(node=0|zone=2) [ 12.501930] page_type: f0(buddy) [ 12.502277] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 12.502734] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 12.503149] page dumped because: kasan: bad access detected [ 12.503423] [ 12.503592] Memory state around the buggy address: [ 12.503945] ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.504377] ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.504837] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.505141] ^ [ 12.505324] ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.505622] ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.506158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.459926] ================================================================== [ 12.460725] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.460936] Free of addr ffff888102be8001 by task kunit_try_catch/167 [ 12.461168] [ 12.461311] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.461355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.461365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.461387] Call Trace: [ 12.461399] <TASK> [ 12.461668] dump_stack_lvl+0x73/0xb0 [ 12.461710] print_report+0xd1/0x610 [ 12.461734] ? __virt_addr_valid+0x1db/0x2d0 [ 12.461759] ? kasan_addr_to_slab+0x11/0xa0 [ 12.461778] ? kfree+0x274/0x3f0 [ 12.461799] kasan_report_invalid_free+0x10a/0x130 [ 12.461824] ? kfree+0x274/0x3f0 [ 12.461846] ? kfree+0x274/0x3f0 [ 12.461866] __kasan_kfree_large+0x86/0xd0 [ 12.461887] free_large_kmalloc+0x4b/0x110 [ 12.461911] kfree+0x274/0x3f0 [ 12.461935] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.461958] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.462057] ? __schedule+0x10cc/0x2b60 [ 12.462082] ? __pfx_read_tsc+0x10/0x10 [ 12.462207] ? ktime_get_ts64+0x86/0x230 [ 12.462232] kunit_try_run_case+0x1a5/0x480 [ 12.462258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.462317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.462341] ? __kthread_parkme+0x82/0x180 [ 12.462362] ? preempt_count_sub+0x50/0x80 [ 12.462386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.462434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.462459] kthread+0x337/0x6f0 [ 12.462478] ? trace_preempt_on+0x20/0xc0 [ 12.462502] ? __pfx_kthread+0x10/0x10 [ 12.462522] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.462543] ? calculate_sigpending+0x7b/0xa0 [ 12.462568] ? __pfx_kthread+0x10/0x10 [ 12.462588] ret_from_fork+0x116/0x1d0 [ 12.462606] ? __pfx_kthread+0x10/0x10 [ 12.462627] ret_from_fork_asm+0x1a/0x30 [ 12.462658] </TASK> [ 12.462668] [ 12.472893] The buggy address belongs to the physical page: [ 12.473305] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be8 [ 12.473837] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.474416] flags: 0x200000000000040(head|node=0|zone=2) [ 12.474789] page_type: f8(unknown) [ 12.475112] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.475675] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.476020] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.477110] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.477725] head: 0200000000000002 ffffea00040afa01 00000000ffffffff 00000000ffffffff [ 12.478407] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.478636] page dumped because: kasan: bad access detected [ 12.478810] [ 12.478878] Memory state around the buggy address: [ 12.479048] ffff888102be7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.479974] ffff888102be7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.480556] >ffff888102be8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.480994] ^ [ 12.481403] ffff888102be8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.481888] ffff888102be8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.482506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.440097] ================================================================== [ 12.440898] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.441720] Read of size 1 at addr ffff88810272c000 by task kunit_try_catch/165 [ 12.442431] [ 12.442569] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.442614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.442625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.442646] Call Trace: [ 12.442657] <TASK> [ 12.442673] dump_stack_lvl+0x73/0xb0 [ 12.442713] print_report+0xd1/0x610 [ 12.442739] ? __virt_addr_valid+0x1db/0x2d0 [ 12.442764] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.442784] ? kasan_addr_to_slab+0x11/0xa0 [ 12.442804] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.442825] kasan_report+0x141/0x180 [ 12.442847] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.442872] __asan_report_load1_noabort+0x18/0x20 [ 12.442896] kmalloc_large_uaf+0x2f1/0x340 [ 12.442917] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.442939] ? __schedule+0x10cc/0x2b60 [ 12.442960] ? __pfx_read_tsc+0x10/0x10 [ 12.443062] ? ktime_get_ts64+0x86/0x230 [ 12.443087] kunit_try_run_case+0x1a5/0x480 [ 12.443113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.443136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.443159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.443183] ? __kthread_parkme+0x82/0x180 [ 12.443204] ? preempt_count_sub+0x50/0x80 [ 12.443228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.443252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.443287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.443312] kthread+0x337/0x6f0 [ 12.443331] ? trace_preempt_on+0x20/0xc0 [ 12.443354] ? __pfx_kthread+0x10/0x10 [ 12.443375] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.443396] ? calculate_sigpending+0x7b/0xa0 [ 12.443421] ? __pfx_kthread+0x10/0x10 [ 12.443442] ret_from_fork+0x116/0x1d0 [ 12.443459] ? __pfx_kthread+0x10/0x10 [ 12.443480] ret_from_fork_asm+0x1a/0x30 [ 12.443510] </TASK> [ 12.443520] [ 12.452911] The buggy address belongs to the physical page: [ 12.453220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.453474] flags: 0x200000000000000(node=0|zone=2) [ 12.453706] raw: 0200000000000000 ffff88815b039f80 ffff88815b039f80 0000000000000000 [ 12.454052] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.454405] page dumped because: kasan: bad access detected [ 12.454627] [ 12.454694] Memory state around the buggy address: [ 12.454854] ffff88810272bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.455150] ffff88810272bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.455540] >ffff88810272c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.455800] ^ [ 12.455918] ffff88810272c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.456478] ffff88810272c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.456941] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.409297] ================================================================== [ 12.409730] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.409985] Write of size 1 at addr ffff88810272e00a by task kunit_try_catch/163 [ 12.410209] [ 12.410310] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.410354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.410365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.410385] Call Trace: [ 12.410397] <TASK> [ 12.410413] dump_stack_lvl+0x73/0xb0 [ 12.410440] print_report+0xd1/0x610 [ 12.410461] ? __virt_addr_valid+0x1db/0x2d0 [ 12.410484] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.410504] ? kasan_addr_to_slab+0x11/0xa0 [ 12.410523] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.410544] kasan_report+0x141/0x180 [ 12.410564] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.410590] __asan_report_store1_noabort+0x1b/0x30 [ 12.410613] kmalloc_large_oob_right+0x2e9/0x330 [ 12.410634] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.410657] ? __schedule+0x10cc/0x2b60 [ 12.410678] ? __pfx_read_tsc+0x10/0x10 [ 12.410697] ? ktime_get_ts64+0x86/0x230 [ 12.410728] kunit_try_run_case+0x1a5/0x480 [ 12.410751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.410772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.410794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.410816] ? __kthread_parkme+0x82/0x180 [ 12.410835] ? preempt_count_sub+0x50/0x80 [ 12.410858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.410881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.410903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.410926] kthread+0x337/0x6f0 [ 12.410943] ? trace_preempt_on+0x20/0xc0 [ 12.410966] ? __pfx_kthread+0x10/0x10 [ 12.410985] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.411004] ? calculate_sigpending+0x7b/0xa0 [ 12.411028] ? __pfx_kthread+0x10/0x10 [ 12.411047] ret_from_fork+0x116/0x1d0 [ 12.411065] ? __pfx_kthread+0x10/0x10 [ 12.411085] ret_from_fork_asm+0x1a/0x30 [ 12.411114] </TASK> [ 12.411124] [ 12.426933] The buggy address belongs to the physical page: [ 12.427319] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272c [ 12.428193] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.428778] flags: 0x200000000000040(head|node=0|zone=2) [ 12.428977] page_type: f8(unknown) [ 12.429417] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.430211] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.431192] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.431697] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.431932] head: 0200000000000002 ffffea000409cb01 00000000ffffffff 00000000ffffffff [ 12.432205] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.432911] page dumped because: kasan: bad access detected [ 12.433330] [ 12.433489] Memory state around the buggy address: [ 12.433969] ffff88810272df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.434556] ffff88810272df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.435035] >ffff88810272e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.435243] ^ [ 12.435373] ffff88810272e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.436106] ffff88810272e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.436757] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.374806] ================================================================== [ 12.376126] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.376802] Write of size 1 at addr ffff888101efdf00 by task kunit_try_catch/161 [ 12.377661] [ 12.377860] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.377910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.377922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.377943] Call Trace: [ 12.377957] <TASK> [ 12.377976] dump_stack_lvl+0x73/0xb0 [ 12.378030] print_report+0xd1/0x610 [ 12.378054] ? __virt_addr_valid+0x1db/0x2d0 [ 12.378079] ? kmalloc_big_oob_right+0x316/0x370 [ 12.378101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.378124] ? kmalloc_big_oob_right+0x316/0x370 [ 12.378147] kasan_report+0x141/0x180 [ 12.378169] ? kmalloc_big_oob_right+0x316/0x370 [ 12.378197] __asan_report_store1_noabort+0x1b/0x30 [ 12.378222] kmalloc_big_oob_right+0x316/0x370 [ 12.378245] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.378281] ? __schedule+0x10cc/0x2b60 [ 12.378304] ? __pfx_read_tsc+0x10/0x10 [ 12.378326] ? ktime_get_ts64+0x86/0x230 [ 12.378352] kunit_try_run_case+0x1a5/0x480 [ 12.378378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.378401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.378426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.378449] ? __kthread_parkme+0x82/0x180 [ 12.378471] ? preempt_count_sub+0x50/0x80 [ 12.378496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.378520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.378545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.378570] kthread+0x337/0x6f0 [ 12.378589] ? trace_preempt_on+0x20/0xc0 [ 12.378613] ? __pfx_kthread+0x10/0x10 [ 12.378634] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.378655] ? calculate_sigpending+0x7b/0xa0 [ 12.378680] ? __pfx_kthread+0x10/0x10 [ 12.378706] ret_from_fork+0x116/0x1d0 [ 12.378725] ? __pfx_kthread+0x10/0x10 [ 12.378746] ret_from_fork_asm+0x1a/0x30 [ 12.378779] </TASK> [ 12.378790] [ 12.391174] Allocated by task 161: [ 12.391517] kasan_save_stack+0x45/0x70 [ 12.391862] kasan_save_track+0x18/0x40 [ 12.392252] kasan_save_alloc_info+0x3b/0x50 [ 12.392417] __kasan_kmalloc+0xb7/0xc0 [ 12.392550] __kmalloc_cache_noprof+0x189/0x420 [ 12.392708] kmalloc_big_oob_right+0xa9/0x370 [ 12.392860] kunit_try_run_case+0x1a5/0x480 [ 12.393024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.393375] kthread+0x337/0x6f0 [ 12.393817] ret_from_fork+0x116/0x1d0 [ 12.394276] ret_from_fork_asm+0x1a/0x30 [ 12.394524] [ 12.394597] The buggy address belongs to the object at ffff888101efc000 [ 12.394597] which belongs to the cache kmalloc-8k of size 8192 [ 12.394965] The buggy address is located 0 bytes to the right of [ 12.394965] allocated 7936-byte region [ffff888101efc000, ffff888101efdf00) [ 12.396234] [ 12.396409] The buggy address belongs to the physical page: [ 12.396886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ef8 [ 12.397775] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.398338] flags: 0x200000000000040(head|node=0|zone=2) [ 12.398810] page_type: f5(slab) [ 12.398934] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.399182] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.399431] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.400158] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.400811] head: 0200000000000003 ffffea000407be01 00000000ffffffff 00000000ffffffff [ 12.401611] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.401897] page dumped because: kasan: bad access detected [ 12.402312] [ 12.402484] Memory state around the buggy address: [ 12.402912] ffff888101efde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.403531] ffff888101efde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.403752] >ffff888101efdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.403964] ^ [ 12.404349] ffff888101efdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.404962] ffff888101efe000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.405705] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.307618] ================================================================== [ 12.308462] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.309660] Write of size 1 at addr ffff8881027eb278 by task kunit_try_catch/159 [ 12.310716] [ 12.310819] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.310865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.310877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.310898] Call Trace: [ 12.310911] <TASK> [ 12.310930] dump_stack_lvl+0x73/0xb0 [ 12.310963] print_report+0xd1/0x610 [ 12.310996] ? __virt_addr_valid+0x1db/0x2d0 [ 12.311021] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.311046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.311069] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.311094] kasan_report+0x141/0x180 [ 12.311170] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.311204] __asan_report_store1_noabort+0x1b/0x30 [ 12.311242] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.311278] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.311307] ? __schedule+0x10cc/0x2b60 [ 12.311331] ? __pfx_read_tsc+0x10/0x10 [ 12.311352] ? ktime_get_ts64+0x86/0x230 [ 12.311377] kunit_try_run_case+0x1a5/0x480 [ 12.311402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.311424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.311448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.311472] ? __kthread_parkme+0x82/0x180 [ 12.311492] ? preempt_count_sub+0x50/0x80 [ 12.311517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.311541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.311564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.311589] kthread+0x337/0x6f0 [ 12.311608] ? trace_preempt_on+0x20/0xc0 [ 12.311631] ? __pfx_kthread+0x10/0x10 [ 12.311651] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.311672] ? calculate_sigpending+0x7b/0xa0 [ 12.311696] ? __pfx_kthread+0x10/0x10 [ 12.311717] ret_from_fork+0x116/0x1d0 [ 12.311736] ? __pfx_kthread+0x10/0x10 [ 12.311756] ret_from_fork_asm+0x1a/0x30 [ 12.311787] </TASK> [ 12.311797] [ 12.325492] Allocated by task 159: [ 12.325945] kasan_save_stack+0x45/0x70 [ 12.326437] kasan_save_track+0x18/0x40 [ 12.326802] kasan_save_alloc_info+0x3b/0x50 [ 12.327279] __kasan_kmalloc+0xb7/0xc0 [ 12.327675] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.327885] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.328060] kunit_try_run_case+0x1a5/0x480 [ 12.328560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.329162] kthread+0x337/0x6f0 [ 12.329533] ret_from_fork+0x116/0x1d0 [ 12.329952] ret_from_fork_asm+0x1a/0x30 [ 12.330394] [ 12.330608] The buggy address belongs to the object at ffff8881027eb200 [ 12.330608] which belongs to the cache kmalloc-128 of size 128 [ 12.331395] The buggy address is located 0 bytes to the right of [ 12.331395] allocated 120-byte region [ffff8881027eb200, ffff8881027eb278) [ 12.332496] [ 12.332578] The buggy address belongs to the physical page: [ 12.332756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 12.333020] flags: 0x200000000000000(node=0|zone=2) [ 12.333522] page_type: f5(slab) [ 12.333925] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.334740] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.335657] page dumped because: kasan: bad access detected [ 12.336323] [ 12.336558] Memory state around the buggy address: [ 12.337084] ffff8881027eb100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.337671] ffff8881027eb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.338230] >ffff8881027eb200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.338998] ^ [ 12.339444] ffff8881027eb280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.340212] ffff8881027eb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.340805] ================================================================== [ 12.341574] ================================================================== [ 12.342572] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.343093] Write of size 1 at addr ffff8881027eb378 by task kunit_try_catch/159 [ 12.343974] [ 12.344155] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.344199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344229] Call Trace: [ 12.344240] <TASK> [ 12.344257] dump_stack_lvl+0x73/0xb0 [ 12.344301] print_report+0xd1/0x610 [ 12.344323] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344346] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.344372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.344399] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.344426] kasan_report+0x141/0x180 [ 12.344448] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.344479] __asan_report_store1_noabort+0x1b/0x30 [ 12.344505] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.344565] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.344593] ? __schedule+0x10cc/0x2b60 [ 12.344616] ? __pfx_read_tsc+0x10/0x10 [ 12.344638] ? ktime_get_ts64+0x86/0x230 [ 12.344664] kunit_try_run_case+0x1a5/0x480 [ 12.344689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.344736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.344759] ? __kthread_parkme+0x82/0x180 [ 12.344779] ? preempt_count_sub+0x50/0x80 [ 12.344803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.344876] kthread+0x337/0x6f0 [ 12.344895] ? trace_preempt_on+0x20/0xc0 [ 12.344918] ? __pfx_kthread+0x10/0x10 [ 12.344938] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.344959] ? calculate_sigpending+0x7b/0xa0 [ 12.345002] ? __pfx_kthread+0x10/0x10 [ 12.345032] ret_from_fork+0x116/0x1d0 [ 12.345062] ? __pfx_kthread+0x10/0x10 [ 12.345082] ret_from_fork_asm+0x1a/0x30 [ 12.345113] </TASK> [ 12.345123] [ 12.356512] Allocated by task 159: [ 12.356661] kasan_save_stack+0x45/0x70 [ 12.356818] kasan_save_track+0x18/0x40 [ 12.356954] kasan_save_alloc_info+0x3b/0x50 [ 12.357103] __kasan_kmalloc+0xb7/0xc0 [ 12.357238] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.357804] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.358351] kunit_try_run_case+0x1a5/0x480 [ 12.359890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.360880] kthread+0x337/0x6f0 [ 12.361290] ret_from_fork+0x116/0x1d0 [ 12.361636] ret_from_fork_asm+0x1a/0x30 [ 12.362063] [ 12.362224] The buggy address belongs to the object at ffff8881027eb300 [ 12.362224] which belongs to the cache kmalloc-128 of size 128 [ 12.362890] The buggy address is located 0 bytes to the right of [ 12.362890] allocated 120-byte region [ffff8881027eb300, ffff8881027eb378) [ 12.364122] [ 12.364318] The buggy address belongs to the physical page: [ 12.364583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027eb [ 12.364833] flags: 0x200000000000000(node=0|zone=2) [ 12.365155] page_type: f5(slab) [ 12.365470] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.366172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.366829] page dumped because: kasan: bad access detected [ 12.367370] [ 12.367527] Memory state around the buggy address: [ 12.367704] ffff8881027eb200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.367926] ffff8881027eb280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.368705] >ffff8881027eb300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.369430] ^ [ 12.370071] ffff8881027eb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.370401] ffff8881027eb400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.370960] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 143.764686] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 143.764791] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 143.765848] Modules linked in: [ 143.766200] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.766649] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.766894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.767425] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 143.767840] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 60 8a 9e 8d 4c 89 f2 48 c7 c7 20 87 9e 8d 48 89 c6 e8 34 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 143.768743] RSP: 0000:ffff88810489fd18 EFLAGS: 00010286 [ 143.769028] RAX: 0000000000000000 RBX: ffff888107b38800 RCX: 1ffffffff1ce4ce8 [ 143.769251] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.769860] RBP: ffff88810489fd48 R08: 0000000000000000 R09: fffffbfff1ce4ce8 [ 143.770276] R10: 0000000000000003 R11: 0000000000038e10 R12: ffff888109574000 [ 143.770583] R13: ffff888107b388f8 R14: ffff888102e85d00 R15: ffff88810039fb40 [ 143.770891] FS: 0000000000000000(0000) GS:ffff8881cb772000(0000) knlGS:0000000000000000 [ 143.771220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.771671] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 143.772266] DR0: ffffffff8fa52444 DR1: ffffffff8fa52449 DR2: ffffffff8fa5244a [ 143.772819] DR3: ffffffff8fa5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.773268] Call Trace: [ 143.773393] <TASK> [ 143.773509] ? trace_preempt_on+0x20/0xc0 [ 143.773736] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 143.774064] drm_gem_shmem_free_wrapper+0x12/0x20 [ 143.774373] __kunit_action_free+0x57/0x70 [ 143.774641] kunit_remove_resource+0x133/0x200 [ 143.774873] ? preempt_count_sub+0x50/0x80 [ 143.775223] kunit_cleanup+0x7a/0x120 [ 143.775735] kunit_try_run_case_cleanup+0xbd/0xf0 [ 143.776026] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 143.776361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.776567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.776890] kthread+0x337/0x6f0 [ 143.777174] ? trace_preempt_on+0x20/0xc0 [ 143.777543] ? __pfx_kthread+0x10/0x10 [ 143.777701] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.777927] ? calculate_sigpending+0x7b/0xa0 [ 143.778215] ? __pfx_kthread+0x10/0x10 [ 143.778440] ret_from_fork+0x116/0x1d0 [ 143.778707] ? __pfx_kthread+0x10/0x10 [ 143.778926] ret_from_fork_asm+0x1a/0x30 [ 143.779343] </TASK> [ 143.779482] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 143.627436] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 143.627762] Modules linked in: [ 143.627914] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.628493] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.629195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.629601] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 143.629784] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 143.630789] RSP: 0000:ffff8881096efb20 EFLAGS: 00010246 [ 143.631218] RAX: ffff8881096efba8 RBX: ffff8881096efc28 RCX: 1ffff110212ddf8e [ 143.631724] RDX: dffffc0000000000 RSI: ffff8881095ed000 RDI: ffff8881095ed000 [ 143.632217] RBP: ffff8881096efb70 R08: ffff8881095ed000 R09: ffffffff8d9d8da0 [ 143.632535] R10: 0000000000000003 R11: 00000000849d7849 R12: 1ffff110212ddf71 [ 143.632834] R13: ffff8881096efc70 R14: ffff8881096efdb8 R15: 0000000000000000 [ 143.634181] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 143.634534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.634901] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 143.635447] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 143.635855] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.636603] Call Trace: [ 143.636745] <TASK> [ 143.636860] ? trace_preempt_on+0x20/0xc0 [ 143.637555] ? add_dr+0xc1/0x1d0 [ 143.637718] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.638229] ? add_dr+0x148/0x1d0 [ 143.638528] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.638924] ? __drmm_add_action+0x1a4/0x280 [ 143.639366] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.639736] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.640156] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.640517] ? __schedule+0x10cc/0x2b60 [ 143.640801] ? __pfx_read_tsc+0x10/0x10 [ 143.641115] ? ktime_get_ts64+0x86/0x230 [ 143.641482] kunit_try_run_case+0x1a5/0x480 [ 143.641791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.641971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.642492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.642835] ? __kthread_parkme+0x82/0x180 [ 143.643178] ? preempt_count_sub+0x50/0x80 [ 143.643523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.643714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.644234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.644657] kthread+0x337/0x6f0 [ 143.644852] ? trace_preempt_on+0x20/0xc0 [ 143.645026] ? __pfx_kthread+0x10/0x10 [ 143.645679] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.645911] ? calculate_sigpending+0x7b/0xa0 [ 143.646374] ? __pfx_kthread+0x10/0x10 [ 143.646578] ret_from_fork+0x116/0x1d0 [ 143.646729] ? __pfx_kthread+0x10/0x10 [ 143.647177] ret_from_fork_asm+0x1a/0x30 [ 143.647494] </TASK> [ 143.647631] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 143.580792] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 143.580934] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.581907] Modules linked in: [ 143.582075] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.582693] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.583385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.585387] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.585856] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 40 38 9d 8d 4c 89 fa 48 c7 c7 a0 38 9d 8d 48 89 c6 e8 b2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.587620] RSP: 0000:ffff888109587b68 EFLAGS: 00010282 [ 143.587827] RAX: 0000000000000000 RBX: ffff888109587c40 RCX: 1ffffffff1ce4ce8 [ 143.588297] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.588905] RBP: ffff888109587b90 R08: 0000000000000000 R09: fffffbfff1ce4ce8 [ 143.589765] R10: 0000000000000003 R11: 0000000000037470 R12: ffff888109587c18 [ 143.590399] R13: ffff888109590800 R14: ffff8881095e9000 R15: ffff888102ea4f80 [ 143.590794] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 143.591620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.592224] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 143.592705] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 143.592919] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.593255] Call Trace: [ 143.593524] <TASK> [ 143.593752] drm_test_framebuffer_free+0x1ab/0x610 [ 143.594388] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.594942] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.595595] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.596160] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.596627] ? __schedule+0x10cc/0x2b60 [ 143.596882] ? __pfx_read_tsc+0x10/0x10 [ 143.597094] ? ktime_get_ts64+0x86/0x230 [ 143.597542] kunit_try_run_case+0x1a5/0x480 [ 143.597997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.598581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.598903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.599505] ? __kthread_parkme+0x82/0x180 [ 143.600014] ? preempt_count_sub+0x50/0x80 [ 143.600446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.600635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.600833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.601370] kthread+0x337/0x6f0 [ 143.601666] ? trace_preempt_on+0x20/0xc0 [ 143.601849] ? __pfx_kthread+0x10/0x10 [ 143.601984] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.602135] ? calculate_sigpending+0x7b/0xa0 [ 143.602302] ? __pfx_kthread+0x10/0x10 [ 143.602659] ret_from_fork+0x116/0x1d0 [ 143.603230] ? __pfx_kthread+0x10/0x10 [ 143.603800] ret_from_fork_asm+0x1a/0x30 [ 143.604254] </TASK> [ 143.604551] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 142.172767] WARNING: CPU: 1 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.173293] Modules linked in: [ 142.173586] CPU: 1 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.173908] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.174382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.175382] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.175689] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.177230] RSP: 0000:ffff88810163fc90 EFLAGS: 00010246 [ 142.177614] RAX: dffffc0000000000 RBX: ffff8881020e8000 RCX: 0000000000000000 [ 142.178041] RDX: 1ffff1102041d032 RSI: ffffffff8ac067c8 RDI: ffff8881020e8190 [ 142.178501] RBP: ffff88810163fca0 R08: 1ffff11020073f69 R09: ffffed10202c7f65 [ 142.178885] R10: 0000000000000003 R11: ffffffff8a1859c8 R12: 0000000000000000 [ 142.179422] R13: ffff88810163fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.179849] FS: 0000000000000000(0000) GS:ffff8881cb772000(0000) knlGS:0000000000000000 [ 142.180376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.180813] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 142.181302] DR0: ffffffff8fa52444 DR1: ffffffff8fa52449 DR2: ffffffff8fa5244a [ 142.181813] DR3: ffffffff8fa5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.182331] Call Trace: [ 142.182462] <TASK> [ 142.182722] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 142.183218] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 142.183638] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 142.184099] kunit_try_run_case+0x1a5/0x480 [ 142.184439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.184620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.185163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.185426] ? __kthread_parkme+0x82/0x180 [ 142.185629] ? preempt_count_sub+0x50/0x80 [ 142.185843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.186151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.186383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.186668] kthread+0x337/0x6f0 [ 142.186803] ? trace_preempt_on+0x20/0xc0 [ 142.187066] ? __pfx_kthread+0x10/0x10 [ 142.187296] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.187531] ? calculate_sigpending+0x7b/0xa0 [ 142.187729] ? __pfx_kthread+0x10/0x10 [ 142.187948] ret_from_fork+0x116/0x1d0 [ 142.188229] ? __pfx_kthread+0x10/0x10 [ 142.188446] ret_from_fork_asm+0x1a/0x30 [ 142.188616] </TASK> [ 142.188710] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.249836] WARNING: CPU: 1 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.250523] Modules linked in: [ 142.251099] CPU: 1 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.251568] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.251916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.252640] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.253125] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.254031] RSP: 0000:ffff888104297c90 EFLAGS: 00010246 [ 142.254454] RAX: dffffc0000000000 RBX: ffff888104614000 RCX: 0000000000000000 [ 142.254798] RDX: 1ffff110208c2832 RSI: ffffffff8ac067c8 RDI: ffff888104614190 [ 142.255320] RBP: ffff888104297ca0 R08: 1ffff11020073f69 R09: ffffed1020852f65 [ 142.255769] R10: 0000000000000003 R11: ffffffff8a1859c8 R12: 0000000000000000 [ 142.256272] R13: ffff888104297d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.256785] FS: 0000000000000000(0000) GS:ffff8881cb772000(0000) knlGS:0000000000000000 [ 142.257407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.257780] CR2: 00007ffff7ffe000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 142.258537] DR0: ffffffff8fa52444 DR1: ffffffff8fa52449 DR2: ffffffff8fa5244a [ 142.258835] DR3: ffffffff8fa5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.259134] Call Trace: [ 142.259538] <TASK> [ 142.259906] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 142.260397] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 142.260830] ? __schedule+0x10cc/0x2b60 [ 142.261248] ? __pfx_read_tsc+0x10/0x10 [ 142.261574] ? ktime_get_ts64+0x86/0x230 [ 142.261896] kunit_try_run_case+0x1a5/0x480 [ 142.262326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.262674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.263259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.263499] ? __kthread_parkme+0x82/0x180 [ 142.263675] ? preempt_count_sub+0x50/0x80 [ 142.263885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.264513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.264774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.265397] kthread+0x337/0x6f0 [ 142.265601] ? trace_preempt_on+0x20/0xc0 [ 142.265897] ? __pfx_kthread+0x10/0x10 [ 142.266372] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.266717] ? calculate_sigpending+0x7b/0xa0 [ 142.266934] ? __pfx_kthread+0x10/0x10 [ 142.267570] ret_from_fork+0x116/0x1d0 [ 142.267797] ? __pfx_kthread+0x10/0x10 [ 142.267949] ret_from_fork_asm+0x1a/0x30 [ 142.268439] </TASK> [ 142.268534] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.697827] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.698908] Modules linked in: [ 110.699446] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 110.700796] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.701531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.702326] RIP: 0010:intlog10+0x2a/0x40 [ 110.702495] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.703011] RSP: 0000:ffff888109fffcb0 EFLAGS: 00010246 [ 110.703192] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110213fffb4 [ 110.703536] RDX: 1ffffffff1b12db4 RSI: 1ffff110213fffb3 RDI: 0000000000000000 [ 110.704227] RBP: ffff888109fffd60 R08: 0000000000000000 R09: ffffed10213d5f20 [ 110.704878] R10: ffff888109eaf907 R11: 0000000000000000 R12: 1ffff110213fff97 [ 110.705543] R13: ffffffff8d896da0 R14: 0000000000000000 R15: ffff888109fffd38 [ 110.706166] FS: 0000000000000000(0000) GS:ffff8881cb772000(0000) knlGS:0000000000000000 [ 110.706855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.707342] CR2: ffff88815a80000a CR3: 00000001214bc000 CR4: 00000000000006f0 [ 110.707949] DR0: ffffffff8fa52444 DR1: ffffffff8fa52449 DR2: ffffffff8fa5244a [ 110.708278] DR3: ffffffff8fa5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.708935] Call Trace: [ 110.709383] <TASK> [ 110.709631] ? intlog10_test+0xf2/0x220 [ 110.709869] ? __pfx_intlog10_test+0x10/0x10 [ 110.710479] ? __pfx_intlog10_test+0x10/0x10 [ 110.710743] kunit_try_run_case+0x1a5/0x480 [ 110.710902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.711452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.712028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.712597] ? __kthread_parkme+0x82/0x180 [ 110.713057] ? preempt_count_sub+0x50/0x80 [ 110.713484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.713676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.714251] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.714916] kthread+0x337/0x6f0 [ 110.715399] ? trace_preempt_on+0x20/0xc0 [ 110.715725] ? __pfx_kthread+0x10/0x10 [ 110.716029] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.716391] ? calculate_sigpending+0x7b/0xa0 [ 110.716769] ? __pfx_kthread+0x10/0x10 [ 110.716907] ret_from_fork+0x116/0x1d0 [ 110.717371] ? __pfx_kthread+0x10/0x10 [ 110.717715] ret_from_fork_asm+0x1a/0x30 [ 110.718262] </TASK> [ 110.718566] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.653597] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.654010] Modules linked in: [ 110.654204] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 110.654858] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.655644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.656227] RIP: 0010:intlog2+0xdf/0x110 [ 110.656411] Code: 89 8d c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 97 aa 86 02 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 110.657196] RSP: 0000:ffff888109fefcb0 EFLAGS: 00010246 [ 110.657475] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110213fdfb4 [ 110.657765] RDX: 1ffffffff1b12e08 RSI: 1ffff110213fdfb3 RDI: 0000000000000000 [ 110.658083] RBP: ffff888109fefd60 R08: 0000000000000000 R09: ffffed10213a7ce0 [ 110.658400] R10: ffff888109d3e707 R11: 0000000000000000 R12: 1ffff110213fdf97 [ 110.658653] R13: ffffffff8d897040 R14: 0000000000000000 R15: ffff888109fefd38 [ 110.658966] FS: 0000000000000000(0000) GS:ffff8881cb672000(0000) knlGS:0000000000000000 [ 110.659532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.659794] CR2: dffffc0000000000 CR3: 00000001214bc000 CR4: 00000000000006f0 [ 110.660204] DR0: ffffffff8fa52440 DR1: ffffffff8fa52441 DR2: ffffffff8fa52443 [ 110.660522] DR3: ffffffff8fa52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.660815] Call Trace: [ 110.660933] <TASK> [ 110.661648] ? intlog2_test+0xf2/0x220 [ 110.661864] ? __pfx_intlog2_test+0x10/0x10 [ 110.662101] ? __schedule+0x10cc/0x2b60 [ 110.662392] ? __pfx_read_tsc+0x10/0x10 [ 110.662576] ? ktime_get_ts64+0x86/0x230 [ 110.662787] kunit_try_run_case+0x1a5/0x480 [ 110.663289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.663581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.663771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.663975] ? __kthread_parkme+0x82/0x180 [ 110.664304] ? preempt_count_sub+0x50/0x80 [ 110.664542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.664752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.664989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.665320] kthread+0x337/0x6f0 [ 110.665526] ? trace_preempt_on+0x20/0xc0 [ 110.665760] ? __pfx_kthread+0x10/0x10 [ 110.665953] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.666153] ? calculate_sigpending+0x7b/0xa0 [ 110.666401] ? __pfx_kthread+0x10/0x10 [ 110.666756] ret_from_fork+0x116/0x1d0 [ 110.666922] ? __pfx_kthread+0x10/0x10 [ 110.667148] ret_from_fork_asm+0x1a/0x30 [ 110.667496] </TASK> [ 110.667641] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 110.046074] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI