Date
July 8, 2025, 11:09 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.202096] ================================================================== [ 49.202565] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.202565] [ 49.202937] Use-after-free read at 0x(____ptrval____) (in kfence-#129): [ 49.203309] test_krealloc+0x6fc/0xbe0 [ 49.203457] kunit_try_run_case+0x1a5/0x480 [ 49.203807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.204071] kthread+0x337/0x6f0 [ 49.204227] ret_from_fork+0x116/0x1d0 [ 49.204400] ret_from_fork_asm+0x1a/0x30 [ 49.204543] [ 49.204616] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.204616] [ 49.205678] allocated by task 355 on cpu 1 at 49.201328s (0.004346s ago): [ 49.206249] test_alloc+0x364/0x10f0 [ 49.206434] test_krealloc+0xad/0xbe0 [ 49.206816] kunit_try_run_case+0x1a5/0x480 [ 49.207228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.207500] kthread+0x337/0x6f0 [ 49.207775] ret_from_fork+0x116/0x1d0 [ 49.207963] ret_from_fork_asm+0x1a/0x30 [ 49.208153] [ 49.208238] freed by task 355 on cpu 1 at 49.201572s (0.006664s ago): [ 49.208782] krealloc_noprof+0x108/0x340 [ 49.209073] test_krealloc+0x226/0xbe0 [ 49.209253] kunit_try_run_case+0x1a5/0x480 [ 49.209439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.209736] kthread+0x337/0x6f0 [ 49.210231] ret_from_fork+0x116/0x1d0 [ 49.210429] ret_from_fork_asm+0x1a/0x30 [ 49.210674] [ 49.210794] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.211252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.211439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.212094] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.112576] ================================================================== [ 49.113118] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.113118] [ 49.113536] Use-after-free read at 0x(____ptrval____) (in kfence-#128): [ 49.113848] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.114115] kunit_try_run_case+0x1a5/0x480 [ 49.114300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.114480] kthread+0x337/0x6f0 [ 49.114742] ret_from_fork+0x116/0x1d0 [ 49.114942] ret_from_fork_asm+0x1a/0x30 [ 49.115146] [ 49.115234] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.115234] [ 49.115549] allocated by task 353 on cpu 1 at 49.098320s (0.017226s ago): [ 49.115902] test_alloc+0x2a6/0x10f0 [ 49.116345] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.116797] kunit_try_run_case+0x1a5/0x480 [ 49.116987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.117215] kthread+0x337/0x6f0 [ 49.117361] ret_from_fork+0x116/0x1d0 [ 49.117502] ret_from_fork_asm+0x1a/0x30 [ 49.117716] [ 49.117822] freed by task 353 on cpu 1 at 49.098412s (0.019408s ago): [ 49.118120] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.118350] kunit_try_run_case+0x1a5/0x480 [ 49.118561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.118848] kthread+0x337/0x6f0 [ 49.119289] ret_from_fork+0x116/0x1d0 [ 49.119426] ret_from_fork_asm+0x1a/0x30 [ 49.119678] [ 49.119875] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.120575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.120737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.121100] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.740339] ================================================================== [ 23.741428] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.741428] [ 23.741918] Invalid read at 0x(____ptrval____): [ 23.742171] test_invalid_access+0xf0/0x210 [ 23.742523] kunit_try_run_case+0x1a5/0x480 [ 23.743076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.743486] kthread+0x337/0x6f0 [ 23.743682] ret_from_fork+0x116/0x1d0 [ 23.743830] ret_from_fork_asm+0x1a/0x30 [ 23.744053] [ 23.744209] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.745060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.745305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.746110] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.513574] ================================================================== [ 23.514407] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.514407] [ 23.514926] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#124): [ 23.515418] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.516203] kunit_try_run_case+0x1a5/0x480 [ 23.516600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.517083] kthread+0x337/0x6f0 [ 23.517901] ret_from_fork+0x116/0x1d0 [ 23.518214] ret_from_fork_asm+0x1a/0x30 [ 23.518357] [ 23.518431] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.518431] [ 23.519371] allocated by task 343 on cpu 1 at 23.513306s (0.006062s ago): [ 23.520035] test_alloc+0x364/0x10f0 [ 23.520358] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.521315] kunit_try_run_case+0x1a5/0x480 [ 23.521474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.521983] kthread+0x337/0x6f0 [ 23.522272] ret_from_fork+0x116/0x1d0 [ 23.522419] ret_from_fork_asm+0x1a/0x30 [ 23.522589] [ 23.522701] freed by task 343 on cpu 1 at 23.513454s (0.009245s ago): [ 23.523273] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.523825] kunit_try_run_case+0x1a5/0x480 [ 23.524286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.524467] kthread+0x337/0x6f0 [ 23.524770] ret_from_fork+0x116/0x1d0 [ 23.525118] ret_from_fork_asm+0x1a/0x30 [ 23.525474] [ 23.525592] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.525973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.526110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.526537] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.409565] ================================================================== [ 23.410191] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.410191] [ 23.410685] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#123): [ 23.411030] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.411243] kunit_try_run_case+0x1a5/0x480 [ 23.411402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.411747] kthread+0x337/0x6f0 [ 23.411908] ret_from_fork+0x116/0x1d0 [ 23.412040] ret_from_fork_asm+0x1a/0x30 [ 23.412189] [ 23.412322] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.412322] [ 23.412693] allocated by task 341 on cpu 0 at 23.409326s (0.003364s ago): [ 23.413022] test_alloc+0x364/0x10f0 [ 23.413214] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.414188] kunit_try_run_case+0x1a5/0x480 [ 23.415031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.415286] kthread+0x337/0x6f0 [ 23.415459] ret_from_fork+0x116/0x1d0 [ 23.415625] ret_from_fork_asm+0x1a/0x30 [ 23.415803] [ 23.415932] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.416296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.416467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.416975] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.833552] ================================================================== [ 18.833963] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.833963] [ 18.834418] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#79): [ 18.834908] test_corruption+0x2df/0x3e0 [ 18.835061] kunit_try_run_case+0x1a5/0x480 [ 18.835215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.835391] kthread+0x337/0x6f0 [ 18.835518] ret_from_fork+0x116/0x1d0 [ 18.835667] ret_from_fork_asm+0x1a/0x30 [ 18.835812] [ 18.835904] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.835904] [ 18.836253] allocated by task 329 on cpu 0 at 18.833290s (0.002961s ago): [ 18.836574] test_alloc+0x364/0x10f0 [ 18.836836] test_corruption+0x1cb/0x3e0 [ 18.837083] kunit_try_run_case+0x1a5/0x480 [ 18.837258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.837435] kthread+0x337/0x6f0 [ 18.837576] ret_from_fork+0x116/0x1d0 [ 18.837726] ret_from_fork_asm+0x1a/0x30 [ 18.837867] [ 18.837938] freed by task 329 on cpu 0 at 18.833391s (0.004544s ago): [ 18.838180] test_corruption+0x2df/0x3e0 [ 18.838371] kunit_try_run_case+0x1a5/0x480 [ 18.838582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.838841] kthread+0x337/0x6f0 [ 18.839006] ret_from_fork+0x116/0x1d0 [ 18.839194] ret_from_fork_asm+0x1a/0x30 [ 18.839353] [ 18.839470] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.839868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.840009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.840347] ================================================================== [ 18.937438] ================================================================== [ 18.937846] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.937846] [ 18.938209] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 18.939152] test_corruption+0x131/0x3e0 [ 18.939372] kunit_try_run_case+0x1a5/0x480 [ 18.939886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.940136] kthread+0x337/0x6f0 [ 18.940457] ret_from_fork+0x116/0x1d0 [ 18.940840] ret_from_fork_asm+0x1a/0x30 [ 18.941142] [ 18.941343] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.941343] [ 18.941911] allocated by task 331 on cpu 0 at 18.937307s (0.004601s ago): [ 18.942387] test_alloc+0x2a6/0x10f0 [ 18.942690] test_corruption+0xe6/0x3e0 [ 18.942900] kunit_try_run_case+0x1a5/0x480 [ 18.943218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.943550] kthread+0x337/0x6f0 [ 18.943742] ret_from_fork+0x116/0x1d0 [ 18.944047] ret_from_fork_asm+0x1a/0x30 [ 18.944338] [ 18.944460] freed by task 331 on cpu 0 at 18.937366s (0.007092s ago): [ 18.944923] test_corruption+0x131/0x3e0 [ 18.945221] kunit_try_run_case+0x1a5/0x480 [ 18.945525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.945816] kthread+0x337/0x6f0 [ 18.946106] ret_from_fork+0x116/0x1d0 [ 18.946378] ret_from_fork_asm+0x1a/0x30 [ 18.946679] [ 18.946828] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.947440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.947802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.948180] ================================================================== [ 18.729490] ================================================================== [ 18.729959] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.729959] [ 18.730311] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 18.731140] test_corruption+0x2d2/0x3e0 [ 18.731447] kunit_try_run_case+0x1a5/0x480 [ 18.731635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.731816] kthread+0x337/0x6f0 [ 18.731942] ret_from_fork+0x116/0x1d0 [ 18.732080] ret_from_fork_asm+0x1a/0x30 [ 18.732222] [ 18.732298] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.732298] [ 18.732619] allocated by task 329 on cpu 0 at 18.729219s (0.003398s ago): [ 18.732930] test_alloc+0x364/0x10f0 [ 18.733124] test_corruption+0xe6/0x3e0 [ 18.733313] kunit_try_run_case+0x1a5/0x480 [ 18.733497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.733745] kthread+0x337/0x6f0 [ 18.733870] ret_from_fork+0x116/0x1d0 [ 18.734006] ret_from_fork_asm+0x1a/0x30 [ 18.734213] [ 18.734311] freed by task 329 on cpu 0 at 18.729321s (0.004988s ago): [ 18.734622] test_corruption+0x2d2/0x3e0 [ 18.734876] kunit_try_run_case+0x1a5/0x480 [ 18.735024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.735442] kthread+0x337/0x6f0 [ 18.735778] ret_from_fork+0x116/0x1d0 [ 18.735942] ret_from_fork_asm+0x1a/0x30 [ 18.736116] [ 18.736211] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.736653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.736827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.737094] ================================================================== [ 19.042482] ================================================================== [ 19.042896] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.042896] [ 19.043298] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 19.044260] test_corruption+0x216/0x3e0 [ 19.044702] kunit_try_run_case+0x1a5/0x480 [ 19.044934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.045332] kthread+0x337/0x6f0 [ 19.045633] ret_from_fork+0x116/0x1d0 [ 19.045837] ret_from_fork_asm+0x1a/0x30 [ 19.046171] [ 19.046296] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.046296] [ 19.046847] allocated by task 331 on cpu 0 at 19.042349s (0.004496s ago): [ 19.047328] test_alloc+0x2a6/0x10f0 [ 19.047623] test_corruption+0x1cb/0x3e0 [ 19.047913] kunit_try_run_case+0x1a5/0x480 [ 19.048219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.048473] kthread+0x337/0x6f0 [ 19.048617] ret_from_fork+0x116/0x1d0 [ 19.048753] ret_from_fork_asm+0x1a/0x30 [ 19.048895] [ 19.048968] freed by task 331 on cpu 0 at 19.042410s (0.006557s ago): [ 19.049186] test_corruption+0x216/0x3e0 [ 19.049328] kunit_try_run_case+0x1a5/0x480 [ 19.049477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.049764] kthread+0x337/0x6f0 [ 19.049899] ret_from_fork+0x116/0x1d0 [ 19.050035] ret_from_fork_asm+0x1a/0x30 [ 19.050177] [ 19.050273] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.050594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.050745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.051121] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.417359] ================================================================== [ 18.417897] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.417897] [ 18.418230] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.418574] test_invalid_addr_free+0xfb/0x260 [ 18.418815] kunit_try_run_case+0x1a5/0x480 [ 18.418965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.419138] kthread+0x337/0x6f0 [ 18.419300] ret_from_fork+0x116/0x1d0 [ 18.419495] ret_from_fork_asm+0x1a/0x30 [ 18.419759] [ 18.419870] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.419870] [ 18.420299] allocated by task 327 on cpu 1 at 18.417259s (0.003037s ago): [ 18.421382] test_alloc+0x2a6/0x10f0 [ 18.421656] test_invalid_addr_free+0xdb/0x260 [ 18.421867] kunit_try_run_case+0x1a5/0x480 [ 18.422066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.422304] kthread+0x337/0x6f0 [ 18.422472] ret_from_fork+0x116/0x1d0 [ 18.422682] ret_from_fork_asm+0x1a/0x30 [ 18.422822] [ 18.422916] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.423427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.423660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.424088] ================================================================== [ 18.313356] ================================================================== [ 18.313801] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.313801] [ 18.314131] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.314445] test_invalid_addr_free+0x1e1/0x260 [ 18.314629] kunit_try_run_case+0x1a5/0x480 [ 18.314868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.315071] kthread+0x337/0x6f0 [ 18.315248] ret_from_fork+0x116/0x1d0 [ 18.315421] ret_from_fork_asm+0x1a/0x30 [ 18.315680] [ 18.315761] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.315761] [ 18.316126] allocated by task 325 on cpu 0 at 18.313220s (0.002904s ago): [ 18.316449] test_alloc+0x364/0x10f0 [ 18.316681] test_invalid_addr_free+0xdb/0x260 [ 18.316865] kunit_try_run_case+0x1a5/0x480 [ 18.317036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.317282] kthread+0x337/0x6f0 [ 18.317442] ret_from_fork+0x116/0x1d0 [ 18.317574] ret_from_fork_asm+0x1a/0x30 [ 18.317727] [ 18.317955] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.318437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.318645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.319021] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.209383] ================================================================== [ 18.209807] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.209807] [ 18.210140] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.210428] test_double_free+0x112/0x260 [ 18.210693] kunit_try_run_case+0x1a5/0x480 [ 18.210848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.211105] kthread+0x337/0x6f0 [ 18.211286] ret_from_fork+0x116/0x1d0 [ 18.211451] ret_from_fork_asm+0x1a/0x30 [ 18.211686] [ 18.211864] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.211864] [ 18.212188] allocated by task 323 on cpu 1 at 18.209227s (0.002959s ago): [ 18.212510] test_alloc+0x2a6/0x10f0 [ 18.212715] test_double_free+0xdb/0x260 [ 18.212915] kunit_try_run_case+0x1a5/0x480 [ 18.213085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.213301] kthread+0x337/0x6f0 [ 18.213422] ret_from_fork+0x116/0x1d0 [ 18.213556] ret_from_fork_asm+0x1a/0x30 [ 18.213761] [ 18.213863] freed by task 323 on cpu 1 at 18.209277s (0.004584s ago): [ 18.214208] test_double_free+0xfa/0x260 [ 18.214375] kunit_try_run_case+0x1a5/0x480 [ 18.214975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.215201] kthread+0x337/0x6f0 [ 18.215326] ret_from_fork+0x116/0x1d0 [ 18.215555] ret_from_fork_asm+0x1a/0x30 [ 18.215765] [ 18.215890] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.216234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.216449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.217248] ================================================================== [ 18.105425] ================================================================== [ 18.105875] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.105875] [ 18.106306] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.106659] test_double_free+0x1d3/0x260 [ 18.106836] kunit_try_run_case+0x1a5/0x480 [ 18.107038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.107328] kthread+0x337/0x6f0 [ 18.107473] ret_from_fork+0x116/0x1d0 [ 18.107682] ret_from_fork_asm+0x1a/0x30 [ 18.107893] [ 18.107966] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.107966] [ 18.108349] allocated by task 321 on cpu 1 at 18.105177s (0.003170s ago): [ 18.108686] test_alloc+0x364/0x10f0 [ 18.108917] test_double_free+0xdb/0x260 [ 18.109054] kunit_try_run_case+0x1a5/0x480 [ 18.109226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.109502] kthread+0x337/0x6f0 [ 18.109873] ret_from_fork+0x116/0x1d0 [ 18.110227] ret_from_fork_asm+0x1a/0x30 [ 18.110517] [ 18.110590] freed by task 321 on cpu 1 at 18.105244s (0.005344s ago): [ 18.111532] test_double_free+0x1e0/0x260 [ 18.111700] kunit_try_run_case+0x1a5/0x480 [ 18.112022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.112266] kthread+0x337/0x6f0 [ 18.112405] ret_from_fork+0x116/0x1d0 [ 18.112613] ret_from_fork_asm+0x1a/0x30 [ 18.112866] [ 18.113000] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.113428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.113658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.114146] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.689495] ================================================================== [ 17.689962] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.689962] [ 17.690861] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 17.691137] test_use_after_free_read+0x129/0x270 [ 17.691376] kunit_try_run_case+0x1a5/0x480 [ 17.691628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.691835] kthread+0x337/0x6f0 [ 17.692036] ret_from_fork+0x116/0x1d0 [ 17.692187] ret_from_fork_asm+0x1a/0x30 [ 17.692328] [ 17.692411] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.692411] [ 17.692912] allocated by task 313 on cpu 1 at 17.689275s (0.003636s ago): [ 17.693381] test_alloc+0x364/0x10f0 [ 17.693617] test_use_after_free_read+0xdc/0x270 [ 17.693820] kunit_try_run_case+0x1a5/0x480 [ 17.694049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694293] kthread+0x337/0x6f0 [ 17.694448] ret_from_fork+0x116/0x1d0 [ 17.694664] ret_from_fork_asm+0x1a/0x30 [ 17.694923] [ 17.695165] freed by task 313 on cpu 1 at 17.689334s (0.005748s ago): [ 17.695524] test_use_after_free_read+0x1e7/0x270 [ 17.695838] kunit_try_run_case+0x1a5/0x480 [ 17.696059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.696297] kthread+0x337/0x6f0 [ 17.696455] ret_from_fork+0x116/0x1d0 [ 17.696588] ret_from_fork_asm+0x1a/0x30 [ 17.696956] [ 17.697107] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.697638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.697847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.698234] ================================================================== [ 17.793396] ================================================================== [ 17.793876] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.793876] [ 17.794371] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.794722] test_use_after_free_read+0x129/0x270 [ 17.794899] kunit_try_run_case+0x1a5/0x480 [ 17.795112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.795377] kthread+0x337/0x6f0 [ 17.795558] ret_from_fork+0x116/0x1d0 [ 17.795840] ret_from_fork_asm+0x1a/0x30 [ 17.796038] [ 17.796183] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.796183] [ 17.796612] allocated by task 315 on cpu 0 at 17.793257s (0.003352s ago): [ 17.796953] test_alloc+0x2a6/0x10f0 [ 17.797162] test_use_after_free_read+0xdc/0x270 [ 17.797388] kunit_try_run_case+0x1a5/0x480 [ 17.797537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.797915] kthread+0x337/0x6f0 [ 17.798052] ret_from_fork+0x116/0x1d0 [ 17.798188] ret_from_fork_asm+0x1a/0x30 [ 17.798348] [ 17.798448] freed by task 315 on cpu 0 at 17.793310s (0.005135s ago): [ 17.798936] test_use_after_free_read+0xfb/0x270 [ 17.799575] kunit_try_run_case+0x1a5/0x480 [ 17.800087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.800305] kthread+0x337/0x6f0 [ 17.800586] ret_from_fork+0x116/0x1d0 [ 17.800903] ret_from_fork_asm+0x1a/0x30 [ 17.801206] [ 17.801334] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.801961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.802253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.802852] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.481371] ================================================================== [ 17.481867] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.481867] [ 17.482361] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 17.482799] test_out_of_bounds_write+0x10d/0x260 [ 17.482993] kunit_try_run_case+0x1a5/0x480 [ 17.483151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.483413] kthread+0x337/0x6f0 [ 17.483644] ret_from_fork+0x116/0x1d0 [ 17.484321] ret_from_fork_asm+0x1a/0x30 [ 17.484885] [ 17.484992] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.484992] [ 17.485380] allocated by task 309 on cpu 1 at 17.481222s (0.004155s ago): [ 17.485946] test_alloc+0x364/0x10f0 [ 17.486138] test_out_of_bounds_write+0xd4/0x260 [ 17.486498] kunit_try_run_case+0x1a5/0x480 [ 17.486817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.487072] kthread+0x337/0x6f0 [ 17.487236] ret_from_fork+0x116/0x1d0 [ 17.487413] ret_from_fork_asm+0x1a/0x30 [ 17.487872] [ 17.487998] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.488656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.488994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.489385] ================================================================== [ 17.585354] ================================================================== [ 17.585805] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.585805] [ 17.586238] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.586632] test_out_of_bounds_write+0x10d/0x260 [ 17.586814] kunit_try_run_case+0x1a5/0x480 [ 17.587035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.587278] kthread+0x337/0x6f0 [ 17.587437] ret_from_fork+0x116/0x1d0 [ 17.587595] ret_from_fork_asm+0x1a/0x30 [ 17.587779] [ 17.587881] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.587881] [ 17.588280] allocated by task 311 on cpu 0 at 17.585288s (0.002990s ago): [ 17.588560] test_alloc+0x2a6/0x10f0 [ 17.588792] test_out_of_bounds_write+0xd4/0x260 [ 17.589040] kunit_try_run_case+0x1a5/0x480 [ 17.589234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.589461] kthread+0x337/0x6f0 [ 17.589585] ret_from_fork+0x116/0x1d0 [ 17.589794] ret_from_fork_asm+0x1a/0x30 [ 17.590049] [ 17.590166] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.590612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.590753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.591164] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.961408] ================================================================== [ 16.961851] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.961851] [ 16.962324] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 16.962726] test_out_of_bounds_read+0x216/0x4e0 [ 16.962937] kunit_try_run_case+0x1a5/0x480 [ 16.963137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.963378] kthread+0x337/0x6f0 [ 16.963586] ret_from_fork+0x116/0x1d0 [ 16.963808] ret_from_fork_asm+0x1a/0x30 [ 16.963994] [ 16.964097] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.964097] [ 16.964448] allocated by task 305 on cpu 0 at 16.961225s (0.003221s ago): [ 16.965076] test_alloc+0x364/0x10f0 [ 16.965266] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.965435] kunit_try_run_case+0x1a5/0x480 [ 16.965738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.966431] kthread+0x337/0x6f0 [ 16.966751] ret_from_fork+0x116/0x1d0 [ 16.967016] ret_from_fork_asm+0x1a/0x30 [ 16.967184] [ 16.967318] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.967808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.968018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.968328] ================================================================== [ 17.169312] ================================================================== [ 17.169756] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.169756] [ 17.170169] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 17.170512] test_out_of_bounds_read+0x126/0x4e0 [ 17.170732] kunit_try_run_case+0x1a5/0x480 [ 17.170935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.171175] kthread+0x337/0x6f0 [ 17.171333] ret_from_fork+0x116/0x1d0 [ 17.171528] ret_from_fork_asm+0x1a/0x30 [ 17.171706] [ 17.171819] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.171819] [ 17.172122] allocated by task 307 on cpu 0 at 17.169255s (0.002865s ago): [ 17.172487] test_alloc+0x2a6/0x10f0 [ 17.172699] test_out_of_bounds_read+0xed/0x4e0 [ 17.172858] kunit_try_run_case+0x1a5/0x480 [ 17.173048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.173301] kthread+0x337/0x6f0 [ 17.173474] ret_from_fork+0x116/0x1d0 [ 17.173650] ret_from_fork_asm+0x1a/0x30 [ 17.173822] [ 17.173917] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.174393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.174592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.174957] ================================================================== [ 17.377318] ================================================================== [ 17.377794] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.377794] [ 17.378201] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 17.378544] test_out_of_bounds_read+0x216/0x4e0 [ 17.378741] kunit_try_run_case+0x1a5/0x480 [ 17.378916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.379177] kthread+0x337/0x6f0 [ 17.379358] ret_from_fork+0x116/0x1d0 [ 17.379533] ret_from_fork_asm+0x1a/0x30 [ 17.379687] [ 17.379796] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.379796] [ 17.380170] allocated by task 307 on cpu 0 at 17.377261s (0.002907s ago): [ 17.380492] test_alloc+0x2a6/0x10f0 [ 17.380726] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.380909] kunit_try_run_case+0x1a5/0x480 [ 17.381098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.381329] kthread+0x337/0x6f0 [ 17.381453] ret_from_fork+0x116/0x1d0 [ 17.381588] ret_from_fork_asm+0x1a/0x30 [ 17.381908] [ 17.382032] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.382558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.382774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.383114] ================================================================== [ 16.650541] ================================================================== [ 16.651710] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.651710] [ 16.653652] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#58): [ 16.654146] test_out_of_bounds_read+0x126/0x4e0 [ 16.654387] kunit_try_run_case+0x1a5/0x480 [ 16.654623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.654848] kthread+0x337/0x6f0 [ 16.655005] ret_from_fork+0x116/0x1d0 [ 16.655165] ret_from_fork_asm+0x1a/0x30 [ 16.655365] [ 16.655627] kfence-#58: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.655627] [ 16.656161] allocated by task 305 on cpu 0 at 16.649180s (0.006920s ago): [ 16.656742] test_alloc+0x364/0x10f0 [ 16.656966] test_out_of_bounds_read+0xed/0x4e0 [ 16.657168] kunit_try_run_case+0x1a5/0x480 [ 16.657365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.657651] kthread+0x337/0x6f0 [ 16.657788] ret_from_fork+0x116/0x1d0 [ 16.657924] ret_from_fork_asm+0x1a/0x30 [ 16.658184] [ 16.658338] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.658850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.659016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.659376] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.570760] ================================================================== [ 16.571226] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.571459] Write of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.571812] [ 16.571924] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.571969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.571982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.572004] Call Trace: [ 16.572023] <TASK> [ 16.572042] dump_stack_lvl+0x73/0xb0 [ 16.572082] print_report+0xd1/0x650 [ 16.572106] ? __virt_addr_valid+0x1db/0x2d0 [ 16.572131] ? strncpy_from_user+0x2e/0x1d0 [ 16.572156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.572181] ? strncpy_from_user+0x2e/0x1d0 [ 16.572206] kasan_report+0x141/0x180 [ 16.572228] ? strncpy_from_user+0x2e/0x1d0 [ 16.572258] kasan_check_range+0x10c/0x1c0 [ 16.572283] __kasan_check_write+0x18/0x20 [ 16.572303] strncpy_from_user+0x2e/0x1d0 [ 16.572327] ? __kasan_check_read+0x15/0x20 [ 16.572349] copy_user_test_oob+0x760/0x10f0 [ 16.572377] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.572402] ? finish_task_switch.isra.0+0x153/0x700 [ 16.572426] ? __switch_to+0x47/0xf50 [ 16.572453] ? __schedule+0x10cc/0x2b60 [ 16.572477] ? __pfx_read_tsc+0x10/0x10 [ 16.572499] ? ktime_get_ts64+0x86/0x230 [ 16.572533] kunit_try_run_case+0x1a5/0x480 [ 16.572558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.572583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.572621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.572646] ? __kthread_parkme+0x82/0x180 [ 16.572668] ? preempt_count_sub+0x50/0x80 [ 16.572692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.572718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.572744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.572770] kthread+0x337/0x6f0 [ 16.572790] ? trace_preempt_on+0x20/0xc0 [ 16.572815] ? __pfx_kthread+0x10/0x10 [ 16.572838] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.572860] ? calculate_sigpending+0x7b/0xa0 [ 16.572886] ? __pfx_kthread+0x10/0x10 [ 16.572908] ret_from_fork+0x116/0x1d0 [ 16.572927] ? __pfx_kthread+0x10/0x10 [ 16.572948] ret_from_fork_asm+0x1a/0x30 [ 16.572980] </TASK> [ 16.572992] [ 16.580243] Allocated by task 303: [ 16.580398] kasan_save_stack+0x45/0x70 [ 16.580637] kasan_save_track+0x18/0x40 [ 16.580793] kasan_save_alloc_info+0x3b/0x50 [ 16.580990] __kasan_kmalloc+0xb7/0xc0 [ 16.581155] __kmalloc_noprof+0x1c9/0x500 [ 16.581302] kunit_kmalloc_array+0x25/0x60 [ 16.581510] copy_user_test_oob+0xab/0x10f0 [ 16.581741] kunit_try_run_case+0x1a5/0x480 [ 16.581927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582138] kthread+0x337/0x6f0 [ 16.582294] ret_from_fork+0x116/0x1d0 [ 16.582428] ret_from_fork_asm+0x1a/0x30 [ 16.582568] [ 16.582649] The buggy address belongs to the object at ffff888102675c00 [ 16.582649] which belongs to the cache kmalloc-128 of size 128 [ 16.583075] The buggy address is located 0 bytes inside of [ 16.583075] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.583721] [ 16.583818] The buggy address belongs to the physical page: [ 16.584068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.584422] flags: 0x200000000000000(node=0|zone=2) [ 16.584743] page_type: f5(slab) [ 16.584902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.585152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.585378] page dumped because: kasan: bad access detected [ 16.585546] [ 16.585624] Memory state around the buggy address: [ 16.585925] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.586369] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.586663] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.586966] ^ [ 16.587200] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587483] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587820] ================================================================== [ 16.588258] ================================================================== [ 16.588531] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.588876] Write of size 1 at addr ffff888102675c78 by task kunit_try_catch/303 [ 16.589211] [ 16.589406] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.589449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.589462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.589483] Call Trace: [ 16.589499] <TASK> [ 16.589514] dump_stack_lvl+0x73/0xb0 [ 16.589543] print_report+0xd1/0x650 [ 16.589568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.589593] ? strncpy_from_user+0x1a5/0x1d0 [ 16.589629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.589655] ? strncpy_from_user+0x1a5/0x1d0 [ 16.589679] kasan_report+0x141/0x180 [ 16.589706] ? strncpy_from_user+0x1a5/0x1d0 [ 16.589735] __asan_report_store1_noabort+0x1b/0x30 [ 16.589762] strncpy_from_user+0x1a5/0x1d0 [ 16.589788] copy_user_test_oob+0x760/0x10f0 [ 16.589816] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.589841] ? finish_task_switch.isra.0+0x153/0x700 [ 16.589875] ? __switch_to+0x47/0xf50 [ 16.589902] ? __schedule+0x10cc/0x2b60 [ 16.589925] ? __pfx_read_tsc+0x10/0x10 [ 16.589947] ? ktime_get_ts64+0x86/0x230 [ 16.589973] kunit_try_run_case+0x1a5/0x480 [ 16.589998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.590023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.590048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.590073] ? __kthread_parkme+0x82/0x180 [ 16.590094] ? preempt_count_sub+0x50/0x80 [ 16.590119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.590144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.590170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.590198] kthread+0x337/0x6f0 [ 16.590217] ? trace_preempt_on+0x20/0xc0 [ 16.590242] ? __pfx_kthread+0x10/0x10 [ 16.590265] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.590287] ? calculate_sigpending+0x7b/0xa0 [ 16.590312] ? __pfx_kthread+0x10/0x10 [ 16.590334] ret_from_fork+0x116/0x1d0 [ 16.590353] ? __pfx_kthread+0x10/0x10 [ 16.590374] ret_from_fork_asm+0x1a/0x30 [ 16.590406] </TASK> [ 16.590417] [ 16.597721] Allocated by task 303: [ 16.597905] kasan_save_stack+0x45/0x70 [ 16.598108] kasan_save_track+0x18/0x40 [ 16.598301] kasan_save_alloc_info+0x3b/0x50 [ 16.598523] __kasan_kmalloc+0xb7/0xc0 [ 16.598728] __kmalloc_noprof+0x1c9/0x500 [ 16.598935] kunit_kmalloc_array+0x25/0x60 [ 16.599120] copy_user_test_oob+0xab/0x10f0 [ 16.599310] kunit_try_run_case+0x1a5/0x480 [ 16.599492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.599728] kthread+0x337/0x6f0 [ 16.599851] ret_from_fork+0x116/0x1d0 [ 16.600046] ret_from_fork_asm+0x1a/0x30 [ 16.600245] [ 16.600341] The buggy address belongs to the object at ffff888102675c00 [ 16.600341] which belongs to the cache kmalloc-128 of size 128 [ 16.600843] The buggy address is located 0 bytes to the right of [ 16.600843] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.601311] [ 16.601405] The buggy address belongs to the physical page: [ 16.601651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.601968] flags: 0x200000000000000(node=0|zone=2) [ 16.602189] page_type: f5(slab) [ 16.602344] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.602725] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.603027] page dumped because: kasan: bad access detected [ 16.603254] [ 16.603331] Memory state around the buggy address: [ 16.603533] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.603816] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604027] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.604239] ^ [ 16.604448] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604847] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605439] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.490927] ================================================================== [ 16.491301] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.491663] Write of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.491977] [ 16.492098] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.492147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.492161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.492184] Call Trace: [ 16.492201] <TASK> [ 16.492221] dump_stack_lvl+0x73/0xb0 [ 16.492253] print_report+0xd1/0x650 [ 16.492278] ? __virt_addr_valid+0x1db/0x2d0 [ 16.492303] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.492329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.492354] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.492378] kasan_report+0x141/0x180 [ 16.492401] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.492430] kasan_check_range+0x10c/0x1c0 [ 16.492455] __kasan_check_write+0x18/0x20 [ 16.492476] copy_user_test_oob+0x3fd/0x10f0 [ 16.492502] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.492537] ? finish_task_switch.isra.0+0x153/0x700 [ 16.492562] ? __switch_to+0x47/0xf50 [ 16.492590] ? __schedule+0x10cc/0x2b60 [ 16.492625] ? __pfx_read_tsc+0x10/0x10 [ 16.492648] ? ktime_get_ts64+0x86/0x230 [ 16.492675] kunit_try_run_case+0x1a5/0x480 [ 16.492702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.492726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.492752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.492777] ? __kthread_parkme+0x82/0x180 [ 16.492799] ? preempt_count_sub+0x50/0x80 [ 16.492824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.492849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.492875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.492901] kthread+0x337/0x6f0 [ 16.492921] ? trace_preempt_on+0x20/0xc0 [ 16.492947] ? __pfx_kthread+0x10/0x10 [ 16.492968] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.492991] ? calculate_sigpending+0x7b/0xa0 [ 16.493016] ? __pfx_kthread+0x10/0x10 [ 16.493039] ret_from_fork+0x116/0x1d0 [ 16.493058] ? __pfx_kthread+0x10/0x10 [ 16.493080] ret_from_fork_asm+0x1a/0x30 [ 16.493113] </TASK> [ 16.493124] [ 16.500222] Allocated by task 303: [ 16.500395] kasan_save_stack+0x45/0x70 [ 16.500631] kasan_save_track+0x18/0x40 [ 16.500807] kasan_save_alloc_info+0x3b/0x50 [ 16.500979] __kasan_kmalloc+0xb7/0xc0 [ 16.501112] __kmalloc_noprof+0x1c9/0x500 [ 16.501251] kunit_kmalloc_array+0x25/0x60 [ 16.501410] copy_user_test_oob+0xab/0x10f0 [ 16.501624] kunit_try_run_case+0x1a5/0x480 [ 16.501840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.502128] kthread+0x337/0x6f0 [ 16.502248] ret_from_fork+0x116/0x1d0 [ 16.502379] ret_from_fork_asm+0x1a/0x30 [ 16.502517] [ 16.502614] The buggy address belongs to the object at ffff888102675c00 [ 16.502614] which belongs to the cache kmalloc-128 of size 128 [ 16.503161] The buggy address is located 0 bytes inside of [ 16.503161] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.503713] [ 16.503786] The buggy address belongs to the physical page: [ 16.503958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.504194] flags: 0x200000000000000(node=0|zone=2) [ 16.504394] page_type: f5(slab) [ 16.504559] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.504905] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.505237] page dumped because: kasan: bad access detected [ 16.505543] [ 16.505620] Memory state around the buggy address: [ 16.505776] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.505988] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506198] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.506541] ^ [ 16.506869] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.507197] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.507526] ================================================================== [ 16.548884] ================================================================== [ 16.549397] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.549847] Read of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.550087] [ 16.550397] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.550447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.550461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.550483] Call Trace: [ 16.550609] <TASK> [ 16.550631] dump_stack_lvl+0x73/0xb0 [ 16.550667] print_report+0xd1/0x650 [ 16.550692] ? __virt_addr_valid+0x1db/0x2d0 [ 16.550717] ? copy_user_test_oob+0x604/0x10f0 [ 16.550742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.550766] ? copy_user_test_oob+0x604/0x10f0 [ 16.550791] kasan_report+0x141/0x180 [ 16.550814] ? copy_user_test_oob+0x604/0x10f0 [ 16.550844] kasan_check_range+0x10c/0x1c0 [ 16.550869] __kasan_check_read+0x15/0x20 [ 16.550890] copy_user_test_oob+0x604/0x10f0 [ 16.550916] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.550940] ? finish_task_switch.isra.0+0x153/0x700 [ 16.550965] ? __switch_to+0x47/0xf50 [ 16.550993] ? __schedule+0x10cc/0x2b60 [ 16.551016] ? __pfx_read_tsc+0x10/0x10 [ 16.551038] ? ktime_get_ts64+0x86/0x230 [ 16.551065] kunit_try_run_case+0x1a5/0x480 [ 16.551091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.551115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.551141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.551166] ? __kthread_parkme+0x82/0x180 [ 16.551188] ? preempt_count_sub+0x50/0x80 [ 16.551214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.551240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.551265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.551292] kthread+0x337/0x6f0 [ 16.551312] ? trace_preempt_on+0x20/0xc0 [ 16.551337] ? __pfx_kthread+0x10/0x10 [ 16.551358] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.551381] ? calculate_sigpending+0x7b/0xa0 [ 16.551407] ? __pfx_kthread+0x10/0x10 [ 16.551430] ret_from_fork+0x116/0x1d0 [ 16.551449] ? __pfx_kthread+0x10/0x10 [ 16.551470] ret_from_fork_asm+0x1a/0x30 [ 16.551528] </TASK> [ 16.551540] [ 16.561062] Allocated by task 303: [ 16.561390] kasan_save_stack+0x45/0x70 [ 16.561712] kasan_save_track+0x18/0x40 [ 16.561871] kasan_save_alloc_info+0x3b/0x50 [ 16.562199] __kasan_kmalloc+0xb7/0xc0 [ 16.562379] __kmalloc_noprof+0x1c9/0x500 [ 16.562717] kunit_kmalloc_array+0x25/0x60 [ 16.563000] copy_user_test_oob+0xab/0x10f0 [ 16.563176] kunit_try_run_case+0x1a5/0x480 [ 16.563467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.563848] kthread+0x337/0x6f0 [ 16.564010] ret_from_fork+0x116/0x1d0 [ 16.564195] ret_from_fork_asm+0x1a/0x30 [ 16.564383] [ 16.564461] The buggy address belongs to the object at ffff888102675c00 [ 16.564461] which belongs to the cache kmalloc-128 of size 128 [ 16.565288] The buggy address is located 0 bytes inside of [ 16.565288] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.565914] [ 16.566159] The buggy address belongs to the physical page: [ 16.566355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.566881] flags: 0x200000000000000(node=0|zone=2) [ 16.567108] page_type: f5(slab) [ 16.567265] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.567534] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.567950] page dumped because: kasan: bad access detected [ 16.568157] [ 16.568235] Memory state around the buggy address: [ 16.568461] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.568749] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.569047] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.569306] ^ [ 16.569574] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.569839] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.570164] ================================================================== [ 16.508164] ================================================================== [ 16.508619] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.508861] Read of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.509532] [ 16.509664] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.509714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.509727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.509748] Call Trace: [ 16.509764] <TASK> [ 16.509781] dump_stack_lvl+0x73/0xb0 [ 16.509813] print_report+0xd1/0x650 [ 16.509837] ? __virt_addr_valid+0x1db/0x2d0 [ 16.509861] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.509887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.509912] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.509938] kasan_report+0x141/0x180 [ 16.509961] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.509991] kasan_check_range+0x10c/0x1c0 [ 16.510015] __kasan_check_read+0x15/0x20 [ 16.510035] copy_user_test_oob+0x4aa/0x10f0 [ 16.510062] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.510086] ? finish_task_switch.isra.0+0x153/0x700 [ 16.510110] ? __switch_to+0x47/0xf50 [ 16.510137] ? __schedule+0x10cc/0x2b60 [ 16.510161] ? __pfx_read_tsc+0x10/0x10 [ 16.510183] ? ktime_get_ts64+0x86/0x230 [ 16.510209] kunit_try_run_case+0x1a5/0x480 [ 16.510234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.510258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.510283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.510308] ? __kthread_parkme+0x82/0x180 [ 16.510330] ? preempt_count_sub+0x50/0x80 [ 16.510355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.510381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.510406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.510433] kthread+0x337/0x6f0 [ 16.510452] ? trace_preempt_on+0x20/0xc0 [ 16.510477] ? __pfx_kthread+0x10/0x10 [ 16.510499] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.510521] ? calculate_sigpending+0x7b/0xa0 [ 16.510546] ? __pfx_kthread+0x10/0x10 [ 16.510569] ret_from_fork+0x116/0x1d0 [ 16.510588] ? __pfx_kthread+0x10/0x10 [ 16.510620] ret_from_fork_asm+0x1a/0x30 [ 16.510652] </TASK> [ 16.510662] [ 16.517881] Allocated by task 303: [ 16.518022] kasan_save_stack+0x45/0x70 [ 16.518200] kasan_save_track+0x18/0x40 [ 16.518397] kasan_save_alloc_info+0x3b/0x50 [ 16.518629] __kasan_kmalloc+0xb7/0xc0 [ 16.518762] __kmalloc_noprof+0x1c9/0x500 [ 16.518900] kunit_kmalloc_array+0x25/0x60 [ 16.519042] copy_user_test_oob+0xab/0x10f0 [ 16.519186] kunit_try_run_case+0x1a5/0x480 [ 16.519330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519640] kthread+0x337/0x6f0 [ 16.519808] ret_from_fork+0x116/0x1d0 [ 16.519995] ret_from_fork_asm+0x1a/0x30 [ 16.520190] [ 16.520283] The buggy address belongs to the object at ffff888102675c00 [ 16.520283] which belongs to the cache kmalloc-128 of size 128 [ 16.520891] The buggy address is located 0 bytes inside of [ 16.520891] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.521250] [ 16.521320] The buggy address belongs to the physical page: [ 16.521490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.521861] flags: 0x200000000000000(node=0|zone=2) [ 16.522104] page_type: f5(slab) [ 16.522273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.522767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.523074] page dumped because: kasan: bad access detected [ 16.523274] [ 16.523372] Memory state around the buggy address: [ 16.523622] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.523892] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.524131] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.524342] ^ [ 16.524772] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525102] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525425] ================================================================== [ 16.525922] ================================================================== [ 16.526220] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.526613] Write of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.526876] [ 16.526962] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.527004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.527017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.527037] Call Trace: [ 16.527053] <TASK> [ 16.527070] dump_stack_lvl+0x73/0xb0 [ 16.527100] print_report+0xd1/0x650 [ 16.527123] ? __virt_addr_valid+0x1db/0x2d0 [ 16.527148] ? copy_user_test_oob+0x557/0x10f0 [ 16.527172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.527197] ? copy_user_test_oob+0x557/0x10f0 [ 16.527222] kasan_report+0x141/0x180 [ 16.527244] ? copy_user_test_oob+0x557/0x10f0 [ 16.527274] kasan_check_range+0x10c/0x1c0 [ 16.527299] __kasan_check_write+0x18/0x20 [ 16.527320] copy_user_test_oob+0x557/0x10f0 [ 16.527347] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.527371] ? finish_task_switch.isra.0+0x153/0x700 [ 16.527396] ? __switch_to+0x47/0xf50 [ 16.527423] ? __schedule+0x10cc/0x2b60 [ 16.527446] ? __pfx_read_tsc+0x10/0x10 [ 16.527468] ? ktime_get_ts64+0x86/0x230 [ 16.527494] kunit_try_run_case+0x1a5/0x480 [ 16.527527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.527551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.527577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.527613] ? __kthread_parkme+0x82/0x180 [ 16.527635] ? preempt_count_sub+0x50/0x80 [ 16.527660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.527685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.527711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.527737] kthread+0x337/0x6f0 [ 16.527757] ? trace_preempt_on+0x20/0xc0 [ 16.527782] ? __pfx_kthread+0x10/0x10 [ 16.527803] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.527826] ? calculate_sigpending+0x7b/0xa0 [ 16.527852] ? __pfx_kthread+0x10/0x10 [ 16.527874] ret_from_fork+0x116/0x1d0 [ 16.527894] ? __pfx_kthread+0x10/0x10 [ 16.527915] ret_from_fork_asm+0x1a/0x30 [ 16.527947] </TASK> [ 16.527958] [ 16.537514] Allocated by task 303: [ 16.537872] kasan_save_stack+0x45/0x70 [ 16.538165] kasan_save_track+0x18/0x40 [ 16.538409] kasan_save_alloc_info+0x3b/0x50 [ 16.538722] __kasan_kmalloc+0xb7/0xc0 [ 16.538922] __kmalloc_noprof+0x1c9/0x500 [ 16.539218] kunit_kmalloc_array+0x25/0x60 [ 16.539412] copy_user_test_oob+0xab/0x10f0 [ 16.539745] kunit_try_run_case+0x1a5/0x480 [ 16.540033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.540237] kthread+0x337/0x6f0 [ 16.540568] ret_from_fork+0x116/0x1d0 [ 16.540782] ret_from_fork_asm+0x1a/0x30 [ 16.541084] [ 16.541186] The buggy address belongs to the object at ffff888102675c00 [ 16.541186] which belongs to the cache kmalloc-128 of size 128 [ 16.541815] The buggy address is located 0 bytes inside of [ 16.541815] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.542442] [ 16.542698] The buggy address belongs to the physical page: [ 16.542991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.543381] flags: 0x200000000000000(node=0|zone=2) [ 16.543695] page_type: f5(slab) [ 16.543873] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.544313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.544722] page dumped because: kasan: bad access detected [ 16.544975] [ 16.545223] Memory state around the buggy address: [ 16.545441] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.545842] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.546149] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.546438] ^ [ 16.546974] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547326] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.469279] ================================================================== [ 16.469657] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.469956] Read of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.470264] [ 16.470393] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.470440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.470453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.470475] Call Trace: [ 16.470494] <TASK> [ 16.470521] dump_stack_lvl+0x73/0xb0 [ 16.470552] print_report+0xd1/0x650 [ 16.470577] ? __virt_addr_valid+0x1db/0x2d0 [ 16.470613] ? _copy_to_user+0x3c/0x70 [ 16.470633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.470660] ? _copy_to_user+0x3c/0x70 [ 16.470680] kasan_report+0x141/0x180 [ 16.470703] ? _copy_to_user+0x3c/0x70 [ 16.470728] kasan_check_range+0x10c/0x1c0 [ 16.470753] __kasan_check_read+0x15/0x20 [ 16.470774] _copy_to_user+0x3c/0x70 [ 16.470794] copy_user_test_oob+0x364/0x10f0 [ 16.470822] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.470846] ? finish_task_switch.isra.0+0x153/0x700 [ 16.470872] ? __switch_to+0x47/0xf50 [ 16.470899] ? __schedule+0x10cc/0x2b60 [ 16.470923] ? __pfx_read_tsc+0x10/0x10 [ 16.470946] ? ktime_get_ts64+0x86/0x230 [ 16.470973] kunit_try_run_case+0x1a5/0x480 [ 16.470998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.471022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.471048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.471073] ? __kthread_parkme+0x82/0x180 [ 16.471095] ? preempt_count_sub+0x50/0x80 [ 16.471120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.471146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.471172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.471198] kthread+0x337/0x6f0 [ 16.471218] ? trace_preempt_on+0x20/0xc0 [ 16.471244] ? __pfx_kthread+0x10/0x10 [ 16.471265] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.471288] ? calculate_sigpending+0x7b/0xa0 [ 16.471313] ? __pfx_kthread+0x10/0x10 [ 16.471336] ret_from_fork+0x116/0x1d0 [ 16.471355] ? __pfx_kthread+0x10/0x10 [ 16.471377] ret_from_fork_asm+0x1a/0x30 [ 16.471410] </TASK> [ 16.471420] [ 16.478496] Allocated by task 303: [ 16.478633] kasan_save_stack+0x45/0x70 [ 16.478816] kasan_save_track+0x18/0x40 [ 16.479016] kasan_save_alloc_info+0x3b/0x50 [ 16.479227] __kasan_kmalloc+0xb7/0xc0 [ 16.479415] __kmalloc_noprof+0x1c9/0x500 [ 16.479618] kunit_kmalloc_array+0x25/0x60 [ 16.480013] copy_user_test_oob+0xab/0x10f0 [ 16.480166] kunit_try_run_case+0x1a5/0x480 [ 16.480313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.480488] kthread+0x337/0x6f0 [ 16.480684] ret_from_fork+0x116/0x1d0 [ 16.480876] ret_from_fork_asm+0x1a/0x30 [ 16.481076] [ 16.481174] The buggy address belongs to the object at ffff888102675c00 [ 16.481174] which belongs to the cache kmalloc-128 of size 128 [ 16.481702] The buggy address is located 0 bytes inside of [ 16.481702] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.482065] [ 16.482142] The buggy address belongs to the physical page: [ 16.482342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.482778] flags: 0x200000000000000(node=0|zone=2) [ 16.483019] page_type: f5(slab) [ 16.483189] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.483759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.484042] page dumped because: kasan: bad access detected [ 16.484211] [ 16.484279] Memory state around the buggy address: [ 16.484433] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.484971] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485297] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.485581] ^ [ 16.485932] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486224] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.439582] ================================================================== [ 16.440440] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.440769] Write of size 121 at addr ffff888102675c00 by task kunit_try_catch/303 [ 16.441075] [ 16.441191] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.441243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.441256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.441281] Call Trace: [ 16.441296] <TASK> [ 16.441319] dump_stack_lvl+0x73/0xb0 [ 16.441355] print_report+0xd1/0x650 [ 16.441383] ? __virt_addr_valid+0x1db/0x2d0 [ 16.441410] ? _copy_from_user+0x32/0x90 [ 16.441431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.441457] ? _copy_from_user+0x32/0x90 [ 16.441478] kasan_report+0x141/0x180 [ 16.441777] ? _copy_from_user+0x32/0x90 [ 16.441813] kasan_check_range+0x10c/0x1c0 [ 16.441841] __kasan_check_write+0x18/0x20 [ 16.441862] _copy_from_user+0x32/0x90 [ 16.441884] copy_user_test_oob+0x2be/0x10f0 [ 16.442089] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.442126] ? finish_task_switch.isra.0+0x153/0x700 [ 16.442155] ? __switch_to+0x47/0xf50 [ 16.442188] ? __schedule+0x10cc/0x2b60 [ 16.442213] ? __pfx_read_tsc+0x10/0x10 [ 16.442237] ? ktime_get_ts64+0x86/0x230 [ 16.442265] kunit_try_run_case+0x1a5/0x480 [ 16.442290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.442315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.442342] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.442368] ? __kthread_parkme+0x82/0x180 [ 16.442393] ? preempt_count_sub+0x50/0x80 [ 16.442419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.442445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.442473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.442500] kthread+0x337/0x6f0 [ 16.442519] ? trace_preempt_on+0x20/0xc0 [ 16.442546] ? __pfx_kthread+0x10/0x10 [ 16.442567] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.442590] ? calculate_sigpending+0x7b/0xa0 [ 16.442631] ? __pfx_kthread+0x10/0x10 [ 16.442653] ret_from_fork+0x116/0x1d0 [ 16.442673] ? __pfx_kthread+0x10/0x10 [ 16.442695] ret_from_fork_asm+0x1a/0x30 [ 16.442729] </TASK> [ 16.442743] [ 16.453681] Allocated by task 303: [ 16.453856] kasan_save_stack+0x45/0x70 [ 16.454051] kasan_save_track+0x18/0x40 [ 16.454232] kasan_save_alloc_info+0x3b/0x50 [ 16.454427] __kasan_kmalloc+0xb7/0xc0 [ 16.454861] __kmalloc_noprof+0x1c9/0x500 [ 16.455286] kunit_kmalloc_array+0x25/0x60 [ 16.455558] copy_user_test_oob+0xab/0x10f0 [ 16.455982] kunit_try_run_case+0x1a5/0x480 [ 16.456209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.456451] kthread+0x337/0x6f0 [ 16.456851] ret_from_fork+0x116/0x1d0 [ 16.457158] ret_from_fork_asm+0x1a/0x30 [ 16.457557] [ 16.457666] The buggy address belongs to the object at ffff888102675c00 [ 16.457666] which belongs to the cache kmalloc-128 of size 128 [ 16.458166] The buggy address is located 0 bytes inside of [ 16.458166] allocated 120-byte region [ffff888102675c00, ffff888102675c78) [ 16.458970] [ 16.459220] The buggy address belongs to the physical page: [ 16.459676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.460188] flags: 0x200000000000000(node=0|zone=2) [ 16.460623] page_type: f5(slab) [ 16.460908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.461237] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.461803] page dumped because: kasan: bad access detected [ 16.462084] [ 16.462309] Memory state around the buggy address: [ 16.462771] ffff888102675b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.463084] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463379] >ffff888102675c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.463995] ^ [ 16.464430] ffff888102675c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.464983] ffff888102675d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.465292] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.386563] ================================================================== [ 16.387236] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.387623] Read of size 8 at addr ffff888102675b78 by task kunit_try_catch/299 [ 16.388014] [ 16.388119] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.388172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.388186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.388210] Call Trace: [ 16.388224] <TASK> [ 16.388245] dump_stack_lvl+0x73/0xb0 [ 16.388280] print_report+0xd1/0x650 [ 16.388306] ? __virt_addr_valid+0x1db/0x2d0 [ 16.388333] ? copy_to_kernel_nofault+0x225/0x260 [ 16.388370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.388396] ? copy_to_kernel_nofault+0x225/0x260 [ 16.388421] kasan_report+0x141/0x180 [ 16.388444] ? copy_to_kernel_nofault+0x225/0x260 [ 16.388474] __asan_report_load8_noabort+0x18/0x20 [ 16.388501] copy_to_kernel_nofault+0x225/0x260 [ 16.388528] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.388554] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.388579] ? finish_task_switch.isra.0+0x153/0x700 [ 16.388616] ? __schedule+0x10cc/0x2b60 [ 16.388639] ? trace_hardirqs_on+0x37/0xe0 [ 16.388674] ? __pfx_read_tsc+0x10/0x10 [ 16.388698] ? ktime_get_ts64+0x86/0x230 [ 16.388725] kunit_try_run_case+0x1a5/0x480 [ 16.388753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.388778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.388804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.388829] ? __kthread_parkme+0x82/0x180 [ 16.388852] ? preempt_count_sub+0x50/0x80 [ 16.388877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.388903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.388940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.388966] kthread+0x337/0x6f0 [ 16.388987] ? trace_preempt_on+0x20/0xc0 [ 16.389011] ? __pfx_kthread+0x10/0x10 [ 16.389032] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.389056] ? calculate_sigpending+0x7b/0xa0 [ 16.389082] ? __pfx_kthread+0x10/0x10 [ 16.389105] ret_from_fork+0x116/0x1d0 [ 16.389124] ? __pfx_kthread+0x10/0x10 [ 16.389146] ret_from_fork_asm+0x1a/0x30 [ 16.389181] </TASK> [ 16.389193] [ 16.396866] Allocated by task 299: [ 16.396995] kasan_save_stack+0x45/0x70 [ 16.397325] kasan_save_track+0x18/0x40 [ 16.397535] kasan_save_alloc_info+0x3b/0x50 [ 16.397750] __kasan_kmalloc+0xb7/0xc0 [ 16.397884] __kmalloc_cache_noprof+0x189/0x420 [ 16.398111] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.398356] kunit_try_run_case+0x1a5/0x480 [ 16.398561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398818] kthread+0x337/0x6f0 [ 16.398942] ret_from_fork+0x116/0x1d0 [ 16.399116] ret_from_fork_asm+0x1a/0x30 [ 16.399444] [ 16.399598] The buggy address belongs to the object at ffff888102675b00 [ 16.399598] which belongs to the cache kmalloc-128 of size 128 [ 16.400131] The buggy address is located 0 bytes to the right of [ 16.400131] allocated 120-byte region [ffff888102675b00, ffff888102675b78) [ 16.400575] [ 16.400691] The buggy address belongs to the physical page: [ 16.400945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.401514] flags: 0x200000000000000(node=0|zone=2) [ 16.401753] page_type: f5(slab) [ 16.401908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.402272] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.402619] page dumped because: kasan: bad access detected [ 16.402793] [ 16.402877] Memory state around the buggy address: [ 16.403249] ffff888102675a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.403609] ffff888102675a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403824] >ffff888102675b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.404036] ^ [ 16.404247] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404697] ffff888102675c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405016] ================================================================== [ 16.405904] ================================================================== [ 16.406540] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.406864] Write of size 8 at addr ffff888102675b78 by task kunit_try_catch/299 [ 16.407088] [ 16.407174] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.407215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.407227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.407248] Call Trace: [ 16.407261] <TASK> [ 16.407276] dump_stack_lvl+0x73/0xb0 [ 16.407306] print_report+0xd1/0x650 [ 16.407330] ? __virt_addr_valid+0x1db/0x2d0 [ 16.407355] ? copy_to_kernel_nofault+0x99/0x260 [ 16.407381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.407406] ? copy_to_kernel_nofault+0x99/0x260 [ 16.407431] kasan_report+0x141/0x180 [ 16.407454] ? copy_to_kernel_nofault+0x99/0x260 [ 16.407483] kasan_check_range+0x10c/0x1c0 [ 16.407508] __kasan_check_write+0x18/0x20 [ 16.407529] copy_to_kernel_nofault+0x99/0x260 [ 16.407555] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.407581] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.407619] ? finish_task_switch.isra.0+0x153/0x700 [ 16.407645] ? __schedule+0x10cc/0x2b60 [ 16.407667] ? trace_hardirqs_on+0x37/0xe0 [ 16.407701] ? __pfx_read_tsc+0x10/0x10 [ 16.407724] ? ktime_get_ts64+0x86/0x230 [ 16.407750] kunit_try_run_case+0x1a5/0x480 [ 16.407776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.407826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.407852] ? __kthread_parkme+0x82/0x180 [ 16.407874] ? preempt_count_sub+0x50/0x80 [ 16.407898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.407961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.407988] kthread+0x337/0x6f0 [ 16.408017] ? trace_preempt_on+0x20/0xc0 [ 16.408041] ? __pfx_kthread+0x10/0x10 [ 16.408062] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.408086] ? calculate_sigpending+0x7b/0xa0 [ 16.408111] ? __pfx_kthread+0x10/0x10 [ 16.408134] ret_from_fork+0x116/0x1d0 [ 16.408154] ? __pfx_kthread+0x10/0x10 [ 16.408176] ret_from_fork_asm+0x1a/0x30 [ 16.408208] </TASK> [ 16.408220] [ 16.416825] Allocated by task 299: [ 16.416963] kasan_save_stack+0x45/0x70 [ 16.417196] kasan_save_track+0x18/0x40 [ 16.417387] kasan_save_alloc_info+0x3b/0x50 [ 16.417669] __kasan_kmalloc+0xb7/0xc0 [ 16.417920] __kmalloc_cache_noprof+0x189/0x420 [ 16.418155] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.418332] kunit_try_run_case+0x1a5/0x480 [ 16.418486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.418898] kthread+0x337/0x6f0 [ 16.419025] ret_from_fork+0x116/0x1d0 [ 16.419209] ret_from_fork_asm+0x1a/0x30 [ 16.419438] [ 16.419562] The buggy address belongs to the object at ffff888102675b00 [ 16.419562] which belongs to the cache kmalloc-128 of size 128 [ 16.420073] The buggy address is located 0 bytes to the right of [ 16.420073] allocated 120-byte region [ffff888102675b00, ffff888102675b78) [ 16.420555] [ 16.420641] The buggy address belongs to the physical page: [ 16.420855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 16.421300] flags: 0x200000000000000(node=0|zone=2) [ 16.421499] page_type: f5(slab) [ 16.421752] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.422059] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.422285] page dumped because: kasan: bad access detected [ 16.422454] [ 16.422523] Memory state around the buggy address: [ 16.422687] ffff888102675a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.422903] ffff888102675a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.423117] >ffff888102675b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.423487] ^ [ 16.423960] ffff888102675b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.424274] ffff888102675c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.424709] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.907766] ================================================================== [ 14.909572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.910546] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 14.911460] [ 14.911763] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.911813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.911824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911845] Call Trace: [ 14.911857] <TASK> [ 14.911872] dump_stack_lvl+0x73/0xb0 [ 14.911904] print_report+0xd1/0x650 [ 14.911927] ? __virt_addr_valid+0x1db/0x2d0 [ 14.911952] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.911974] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.911997] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.912020] kasan_report+0x141/0x180 [ 14.912041] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.912068] __asan_report_load4_noabort+0x18/0x20 [ 14.912093] kasan_atomics_helper+0x4bbc/0x5450 [ 14.912115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.912139] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.912165] ? kasan_atomics+0x152/0x310 [ 14.912191] kasan_atomics+0x1dc/0x310 [ 14.912214] ? __pfx_kasan_atomics+0x10/0x10 [ 14.912239] ? __pfx_read_tsc+0x10/0x10 [ 14.912259] ? ktime_get_ts64+0x86/0x230 [ 14.912285] kunit_try_run_case+0x1a5/0x480 [ 14.912309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.912356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.912380] ? __kthread_parkme+0x82/0x180 [ 14.912401] ? preempt_count_sub+0x50/0x80 [ 14.912426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.912501] kthread+0x337/0x6f0 [ 14.912520] ? trace_preempt_on+0x20/0xc0 [ 14.912544] ? __pfx_kthread+0x10/0x10 [ 14.912564] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.912586] ? calculate_sigpending+0x7b/0xa0 [ 14.912624] ? __pfx_kthread+0x10/0x10 [ 14.912675] ret_from_fork+0x116/0x1d0 [ 14.912693] ? __pfx_kthread+0x10/0x10 [ 14.912714] ret_from_fork_asm+0x1a/0x30 [ 14.912758] </TASK> [ 14.912768] [ 14.924189] Allocated by task 283: [ 14.924350] kasan_save_stack+0x45/0x70 [ 14.924804] kasan_save_track+0x18/0x40 [ 14.925034] kasan_save_alloc_info+0x3b/0x50 [ 14.925404] __kasan_kmalloc+0xb7/0xc0 [ 14.925844] __kmalloc_cache_noprof+0x189/0x420 [ 14.926169] kasan_atomics+0x95/0x310 [ 14.926530] kunit_try_run_case+0x1a5/0x480 [ 14.926757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.927076] kthread+0x337/0x6f0 [ 14.927274] ret_from_fork+0x116/0x1d0 [ 14.927457] ret_from_fork_asm+0x1a/0x30 [ 14.927942] [ 14.928096] The buggy address belongs to the object at ffff888102ba6080 [ 14.928096] which belongs to the cache kmalloc-64 of size 64 [ 14.928668] The buggy address is located 0 bytes to the right of [ 14.928668] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 14.929650] [ 14.929870] The buggy address belongs to the physical page: [ 14.930241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 14.930671] flags: 0x200000000000000(node=0|zone=2) [ 14.930901] page_type: f5(slab) [ 14.931098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.931476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.931745] page dumped because: kasan: bad access detected [ 14.932089] [ 14.932195] Memory state around the buggy address: [ 14.932375] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932734] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.933053] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.933362] ^ [ 14.933527] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934033] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934247] ================================================================== [ 15.143490] ================================================================== [ 15.143850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.144345] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.144850] [ 15.144987] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.145029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.145043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.145064] Call Trace: [ 15.145080] <TASK> [ 15.145108] dump_stack_lvl+0x73/0xb0 [ 15.145139] print_report+0xd1/0x650 [ 15.145161] ? __virt_addr_valid+0x1db/0x2d0 [ 15.145198] ? kasan_atomics_helper+0x72f/0x5450 [ 15.145221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.145244] ? kasan_atomics_helper+0x72f/0x5450 [ 15.145267] kasan_report+0x141/0x180 [ 15.145290] ? kasan_atomics_helper+0x72f/0x5450 [ 15.145327] kasan_check_range+0x10c/0x1c0 [ 15.145352] __kasan_check_write+0x18/0x20 [ 15.145374] kasan_atomics_helper+0x72f/0x5450 [ 15.145407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.145432] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.145458] ? kasan_atomics+0x152/0x310 [ 15.145485] kasan_atomics+0x1dc/0x310 [ 15.145517] ? __pfx_kasan_atomics+0x10/0x10 [ 15.145550] ? __pfx_read_tsc+0x10/0x10 [ 15.145572] ? ktime_get_ts64+0x86/0x230 [ 15.145597] kunit_try_run_case+0x1a5/0x480 [ 15.145641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.145665] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.145690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.145720] ? __kthread_parkme+0x82/0x180 [ 15.145741] ? preempt_count_sub+0x50/0x80 [ 15.145776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.145801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.145838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.145863] kthread+0x337/0x6f0 [ 15.145884] ? trace_preempt_on+0x20/0xc0 [ 15.145909] ? __pfx_kthread+0x10/0x10 [ 15.145978] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.146015] ? calculate_sigpending+0x7b/0xa0 [ 15.146042] ? __pfx_kthread+0x10/0x10 [ 15.146065] ret_from_fork+0x116/0x1d0 [ 15.146085] ? __pfx_kthread+0x10/0x10 [ 15.146107] ret_from_fork_asm+0x1a/0x30 [ 15.146149] </TASK> [ 15.146160] [ 15.160798] Allocated by task 283: [ 15.161221] kasan_save_stack+0x45/0x70 [ 15.161578] kasan_save_track+0x18/0x40 [ 15.161789] kasan_save_alloc_info+0x3b/0x50 [ 15.162233] __kasan_kmalloc+0xb7/0xc0 [ 15.162591] __kmalloc_cache_noprof+0x189/0x420 [ 15.162816] kasan_atomics+0x95/0x310 [ 15.163343] kunit_try_run_case+0x1a5/0x480 [ 15.163722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164290] kthread+0x337/0x6f0 [ 15.164457] ret_from_fork+0x116/0x1d0 [ 15.164874] ret_from_fork_asm+0x1a/0x30 [ 15.165332] [ 15.165572] The buggy address belongs to the object at ffff888102ba6080 [ 15.165572] which belongs to the cache kmalloc-64 of size 64 [ 15.166662] The buggy address is located 0 bytes to the right of [ 15.166662] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.167462] [ 15.167628] The buggy address belongs to the physical page: [ 15.167868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.168661] flags: 0x200000000000000(node=0|zone=2) [ 15.169448] page_type: f5(slab) [ 15.169663] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.170250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.170723] page dumped because: kasan: bad access detected [ 15.171015] [ 15.171110] Memory state around the buggy address: [ 15.171322] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.171961] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.172615] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.173110] ^ [ 15.173333] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173864] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174454] ================================================================== [ 16.227029] ================================================================== [ 16.227324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.227707] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.227929] [ 16.228013] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.228055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.228068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.228089] Call Trace: [ 16.228103] <TASK> [ 16.228119] dump_stack_lvl+0x73/0xb0 [ 16.228147] print_report+0xd1/0x650 [ 16.228170] ? __virt_addr_valid+0x1db/0x2d0 [ 16.228193] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.228216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.228241] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.228264] kasan_report+0x141/0x180 [ 16.228287] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.228315] kasan_check_range+0x10c/0x1c0 [ 16.228340] __kasan_check_write+0x18/0x20 [ 16.228360] kasan_atomics_helper+0x20c8/0x5450 [ 16.228384] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.228408] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.228435] ? kasan_atomics+0x152/0x310 [ 16.228462] kasan_atomics+0x1dc/0x310 [ 16.228485] ? __pfx_kasan_atomics+0x10/0x10 [ 16.228511] ? __pfx_read_tsc+0x10/0x10 [ 16.228532] ? ktime_get_ts64+0x86/0x230 [ 16.228557] kunit_try_run_case+0x1a5/0x480 [ 16.228583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.228645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.228669] ? __kthread_parkme+0x82/0x180 [ 16.228691] ? preempt_count_sub+0x50/0x80 [ 16.228716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.228767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.228794] kthread+0x337/0x6f0 [ 16.228814] ? trace_preempt_on+0x20/0xc0 [ 16.228838] ? __pfx_kthread+0x10/0x10 [ 16.228860] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.228883] ? calculate_sigpending+0x7b/0xa0 [ 16.228909] ? __pfx_kthread+0x10/0x10 [ 16.228931] ret_from_fork+0x116/0x1d0 [ 16.228958] ? __pfx_kthread+0x10/0x10 [ 16.228980] ret_from_fork_asm+0x1a/0x30 [ 16.229013] </TASK> [ 16.229025] [ 16.236747] Allocated by task 283: [ 16.236943] kasan_save_stack+0x45/0x70 [ 16.237162] kasan_save_track+0x18/0x40 [ 16.237362] kasan_save_alloc_info+0x3b/0x50 [ 16.237577] __kasan_kmalloc+0xb7/0xc0 [ 16.237785] __kmalloc_cache_noprof+0x189/0x420 [ 16.237980] kasan_atomics+0x95/0x310 [ 16.238112] kunit_try_run_case+0x1a5/0x480 [ 16.238258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.238521] kthread+0x337/0x6f0 [ 16.238697] ret_from_fork+0x116/0x1d0 [ 16.238862] ret_from_fork_asm+0x1a/0x30 [ 16.239000] [ 16.239069] The buggy address belongs to the object at ffff888102ba6080 [ 16.239069] which belongs to the cache kmalloc-64 of size 64 [ 16.239417] The buggy address is located 0 bytes to the right of [ 16.239417] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.240121] [ 16.240220] The buggy address belongs to the physical page: [ 16.240476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.240849] flags: 0x200000000000000(node=0|zone=2) [ 16.241091] page_type: f5(slab) [ 16.241216] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.241443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.241903] page dumped because: kasan: bad access detected [ 16.242156] [ 16.242252] Memory state around the buggy address: [ 16.242440] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.242778] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.243053] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.243285] ^ [ 16.243443] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243674] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.244010] ================================================================== [ 15.060770] ================================================================== [ 15.061633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.062106] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.062396] [ 15.062506] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.062551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.062565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.062588] Call Trace: [ 15.062619] <TASK> [ 15.062639] dump_stack_lvl+0x73/0xb0 [ 15.062672] print_report+0xd1/0x650 [ 15.062695] ? __virt_addr_valid+0x1db/0x2d0 [ 15.062720] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.062742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.062767] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.062790] kasan_report+0x141/0x180 [ 15.062813] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.062840] __asan_report_store4_noabort+0x1b/0x30 [ 15.062867] kasan_atomics_helper+0x4b3a/0x5450 [ 15.062891] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.062914] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.062942] ? kasan_atomics+0x152/0x310 [ 15.062970] kasan_atomics+0x1dc/0x310 [ 15.062993] ? __pfx_kasan_atomics+0x10/0x10 [ 15.063019] ? __pfx_read_tsc+0x10/0x10 [ 15.063041] ? ktime_get_ts64+0x86/0x230 [ 15.063067] kunit_try_run_case+0x1a5/0x480 [ 15.063093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.063143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.063170] ? __kthread_parkme+0x82/0x180 [ 15.063193] ? preempt_count_sub+0x50/0x80 [ 15.063219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.063271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.063297] kthread+0x337/0x6f0 [ 15.063317] ? trace_preempt_on+0x20/0xc0 [ 15.063343] ? __pfx_kthread+0x10/0x10 [ 15.063365] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.063387] ? calculate_sigpending+0x7b/0xa0 [ 15.063414] ? __pfx_kthread+0x10/0x10 [ 15.063437] ret_from_fork+0x116/0x1d0 [ 15.063457] ? __pfx_kthread+0x10/0x10 [ 15.063478] ret_from_fork_asm+0x1a/0x30 [ 15.063512] </TASK> [ 15.063524] [ 15.072198] Allocated by task 283: [ 15.072657] kasan_save_stack+0x45/0x70 [ 15.072868] kasan_save_track+0x18/0x40 [ 15.073166] kasan_save_alloc_info+0x3b/0x50 [ 15.073349] __kasan_kmalloc+0xb7/0xc0 [ 15.073539] __kmalloc_cache_noprof+0x189/0x420 [ 15.073780] kasan_atomics+0x95/0x310 [ 15.073917] kunit_try_run_case+0x1a5/0x480 [ 15.074336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.074642] kthread+0x337/0x6f0 [ 15.074791] ret_from_fork+0x116/0x1d0 [ 15.075076] ret_from_fork_asm+0x1a/0x30 [ 15.075294] [ 15.075382] The buggy address belongs to the object at ffff888102ba6080 [ 15.075382] which belongs to the cache kmalloc-64 of size 64 [ 15.075859] The buggy address is located 0 bytes to the right of [ 15.075859] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.076345] [ 15.076447] The buggy address belongs to the physical page: [ 15.076709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.077359] flags: 0x200000000000000(node=0|zone=2) [ 15.077660] page_type: f5(slab) [ 15.077853] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.078088] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.078705] page dumped because: kasan: bad access detected [ 15.078996] [ 15.079107] Memory state around the buggy address: [ 15.079442] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.079743] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.080259] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.080583] ^ [ 15.080821] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.081166] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.081518] ================================================================== [ 16.329404] ================================================================== [ 16.329803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.330338] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.330681] [ 16.330808] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.330848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.330861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.330882] Call Trace: [ 16.330899] <TASK> [ 16.330914] dump_stack_lvl+0x73/0xb0 [ 16.330942] print_report+0xd1/0x650 [ 16.330965] ? __virt_addr_valid+0x1db/0x2d0 [ 16.330988] ? kasan_atomics_helper+0x224c/0x5450 [ 16.331011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.331035] ? kasan_atomics_helper+0x224c/0x5450 [ 16.331057] kasan_report+0x141/0x180 [ 16.331080] ? kasan_atomics_helper+0x224c/0x5450 [ 16.331109] kasan_check_range+0x10c/0x1c0 [ 16.331134] __kasan_check_write+0x18/0x20 [ 16.331155] kasan_atomics_helper+0x224c/0x5450 [ 16.331179] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.331203] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.331229] ? kasan_atomics+0x152/0x310 [ 16.331257] kasan_atomics+0x1dc/0x310 [ 16.331280] ? __pfx_kasan_atomics+0x10/0x10 [ 16.331306] ? __pfx_read_tsc+0x10/0x10 [ 16.331327] ? ktime_get_ts64+0x86/0x230 [ 16.331352] kunit_try_run_case+0x1a5/0x480 [ 16.331389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.331413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.331439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.331476] ? __kthread_parkme+0x82/0x180 [ 16.331498] ? preempt_count_sub+0x50/0x80 [ 16.331523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.331559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.331584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.331627] kthread+0x337/0x6f0 [ 16.331646] ? trace_preempt_on+0x20/0xc0 [ 16.331692] ? __pfx_kthread+0x10/0x10 [ 16.331715] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.331737] ? calculate_sigpending+0x7b/0xa0 [ 16.331763] ? __pfx_kthread+0x10/0x10 [ 16.331785] ret_from_fork+0x116/0x1d0 [ 16.331805] ? __pfx_kthread+0x10/0x10 [ 16.331826] ret_from_fork_asm+0x1a/0x30 [ 16.331860] </TASK> [ 16.331870] [ 16.339637] Allocated by task 283: [ 16.339763] kasan_save_stack+0x45/0x70 [ 16.339906] kasan_save_track+0x18/0x40 [ 16.340098] kasan_save_alloc_info+0x3b/0x50 [ 16.340322] __kasan_kmalloc+0xb7/0xc0 [ 16.340507] __kmalloc_cache_noprof+0x189/0x420 [ 16.340710] kasan_atomics+0x95/0x310 [ 16.340851] kunit_try_run_case+0x1a5/0x480 [ 16.341301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.341576] kthread+0x337/0x6f0 [ 16.341819] ret_from_fork+0x116/0x1d0 [ 16.342012] ret_from_fork_asm+0x1a/0x30 [ 16.342159] [ 16.342229] The buggy address belongs to the object at ffff888102ba6080 [ 16.342229] which belongs to the cache kmalloc-64 of size 64 [ 16.342678] The buggy address is located 0 bytes to the right of [ 16.342678] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.343172] [ 16.343244] The buggy address belongs to the physical page: [ 16.343416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.343767] flags: 0x200000000000000(node=0|zone=2) [ 16.344004] page_type: f5(slab) [ 16.344198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.344628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.344982] page dumped because: kasan: bad access detected [ 16.345239] [ 16.345324] Memory state around the buggy address: [ 16.345479] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345828] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.346162] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.346421] ^ [ 16.346810] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.347154] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.347403] ================================================================== [ 16.173714] ================================================================== [ 16.174376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.174703] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.175011] [ 16.175121] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.175163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.175175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.175197] Call Trace: [ 16.175214] <TASK> [ 16.175231] dump_stack_lvl+0x73/0xb0 [ 16.175259] print_report+0xd1/0x650 [ 16.175282] ? __virt_addr_valid+0x1db/0x2d0 [ 16.175305] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.175327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.175351] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.175374] kasan_report+0x141/0x180 [ 16.175397] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.175425] __asan_report_load8_noabort+0x18/0x20 [ 16.175451] kasan_atomics_helper+0x4f71/0x5450 [ 16.175475] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.175500] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.175541] ? kasan_atomics+0x152/0x310 [ 16.175568] kasan_atomics+0x1dc/0x310 [ 16.175592] ? __pfx_kasan_atomics+0x10/0x10 [ 16.175627] ? __pfx_read_tsc+0x10/0x10 [ 16.175649] ? ktime_get_ts64+0x86/0x230 [ 16.175674] kunit_try_run_case+0x1a5/0x480 [ 16.175699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.175749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.175775] ? __kthread_parkme+0x82/0x180 [ 16.175796] ? preempt_count_sub+0x50/0x80 [ 16.175822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.175873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.175899] kthread+0x337/0x6f0 [ 16.175919] ? trace_preempt_on+0x20/0xc0 [ 16.175944] ? __pfx_kthread+0x10/0x10 [ 16.175966] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.175989] ? calculate_sigpending+0x7b/0xa0 [ 16.176015] ? __pfx_kthread+0x10/0x10 [ 16.176037] ret_from_fork+0x116/0x1d0 [ 16.176056] ? __pfx_kthread+0x10/0x10 [ 16.176077] ret_from_fork_asm+0x1a/0x30 [ 16.176109] </TASK> [ 16.176119] [ 16.183459] Allocated by task 283: [ 16.183693] kasan_save_stack+0x45/0x70 [ 16.183853] kasan_save_track+0x18/0x40 [ 16.184043] kasan_save_alloc_info+0x3b/0x50 [ 16.184238] __kasan_kmalloc+0xb7/0xc0 [ 16.184418] __kmalloc_cache_noprof+0x189/0x420 [ 16.184630] kasan_atomics+0x95/0x310 [ 16.184815] kunit_try_run_case+0x1a5/0x480 [ 16.184999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.185174] kthread+0x337/0x6f0 [ 16.185293] ret_from_fork+0x116/0x1d0 [ 16.185423] ret_from_fork_asm+0x1a/0x30 [ 16.185562] [ 16.185641] The buggy address belongs to the object at ffff888102ba6080 [ 16.185641] which belongs to the cache kmalloc-64 of size 64 [ 16.185990] The buggy address is located 0 bytes to the right of [ 16.185990] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.186449] [ 16.186644] The buggy address belongs to the physical page: [ 16.186890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.187229] flags: 0x200000000000000(node=0|zone=2) [ 16.187450] page_type: f5(slab) [ 16.187675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.188009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.188338] page dumped because: kasan: bad access detected [ 16.188687] [ 16.188784] Memory state around the buggy address: [ 16.188947] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.189161] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.189374] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.189806] ^ [ 16.190032] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.190357] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.190922] ================================================================== [ 15.728519] ================================================================== [ 15.729209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.729465] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.729737] [ 15.729957] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.730005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.730030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.730053] Call Trace: [ 15.730074] <TASK> [ 15.730106] dump_stack_lvl+0x73/0xb0 [ 15.730138] print_report+0xd1/0x650 [ 15.730173] ? __virt_addr_valid+0x1db/0x2d0 [ 15.730199] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.730222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.730247] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.730270] kasan_report+0x141/0x180 [ 15.730294] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.730322] __asan_report_load8_noabort+0x18/0x20 [ 15.730349] kasan_atomics_helper+0x4eae/0x5450 [ 15.730377] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.730401] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.730430] ? kasan_atomics+0x152/0x310 [ 15.730468] kasan_atomics+0x1dc/0x310 [ 15.730492] ? __pfx_kasan_atomics+0x10/0x10 [ 15.730537] ? __pfx_read_tsc+0x10/0x10 [ 15.730561] ? ktime_get_ts64+0x86/0x230 [ 15.730587] kunit_try_run_case+0x1a5/0x480 [ 15.730626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.730676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.730701] ? __kthread_parkme+0x82/0x180 [ 15.730724] ? preempt_count_sub+0x50/0x80 [ 15.730749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.730827] kthread+0x337/0x6f0 [ 15.730848] ? trace_preempt_on+0x20/0xc0 [ 15.730873] ? __pfx_kthread+0x10/0x10 [ 15.730895] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.730918] ? calculate_sigpending+0x7b/0xa0 [ 15.730943] ? __pfx_kthread+0x10/0x10 [ 15.730966] ret_from_fork+0x116/0x1d0 [ 15.730986] ? __pfx_kthread+0x10/0x10 [ 15.731007] ret_from_fork_asm+0x1a/0x30 [ 15.731041] </TASK> [ 15.731052] [ 15.740881] Allocated by task 283: [ 15.741015] kasan_save_stack+0x45/0x70 [ 15.741160] kasan_save_track+0x18/0x40 [ 15.741295] kasan_save_alloc_info+0x3b/0x50 [ 15.741444] __kasan_kmalloc+0xb7/0xc0 [ 15.741628] __kmalloc_cache_noprof+0x189/0x420 [ 15.741971] kasan_atomics+0x95/0x310 [ 15.742308] kunit_try_run_case+0x1a5/0x480 [ 15.742834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743342] kthread+0x337/0x6f0 [ 15.743730] ret_from_fork+0x116/0x1d0 [ 15.744060] ret_from_fork_asm+0x1a/0x30 [ 15.744406] [ 15.744573] The buggy address belongs to the object at ffff888102ba6080 [ 15.744573] which belongs to the cache kmalloc-64 of size 64 [ 15.745629] The buggy address is located 0 bytes to the right of [ 15.745629] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.746744] [ 15.746911] The buggy address belongs to the physical page: [ 15.747393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.748158] flags: 0x200000000000000(node=0|zone=2) [ 15.748501] page_type: f5(slab) [ 15.748834] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.749120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.749345] page dumped because: kasan: bad access detected [ 15.749535] [ 15.749697] Memory state around the buggy address: [ 15.750105] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750811] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.751408] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.752019] ^ [ 15.752436] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.753147] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.753650] ================================================================== [ 16.097093] ================================================================== [ 16.097542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.097900] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.098465] [ 16.098680] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.098821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.098835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.098856] Call Trace: [ 16.098873] <TASK> [ 16.098890] dump_stack_lvl+0x73/0xb0 [ 16.098921] print_report+0xd1/0x650 [ 16.098942] ? __virt_addr_valid+0x1db/0x2d0 [ 16.098966] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.098989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.099013] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.099036] kasan_report+0x141/0x180 [ 16.099059] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.099088] kasan_check_range+0x10c/0x1c0 [ 16.099112] __kasan_check_write+0x18/0x20 [ 16.099133] kasan_atomics_helper+0x1d7a/0x5450 [ 16.099156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.099180] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.099206] ? kasan_atomics+0x152/0x310 [ 16.099233] kasan_atomics+0x1dc/0x310 [ 16.099257] ? __pfx_kasan_atomics+0x10/0x10 [ 16.099282] ? __pfx_read_tsc+0x10/0x10 [ 16.099304] ? ktime_get_ts64+0x86/0x230 [ 16.099328] kunit_try_run_case+0x1a5/0x480 [ 16.099353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.099377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.099402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.099427] ? __kthread_parkme+0x82/0x180 [ 16.099449] ? preempt_count_sub+0x50/0x80 [ 16.099474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.099617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.099673] kthread+0x337/0x6f0 [ 16.099694] ? trace_preempt_on+0x20/0xc0 [ 16.099719] ? __pfx_kthread+0x10/0x10 [ 16.099740] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.099763] ? calculate_sigpending+0x7b/0xa0 [ 16.099788] ? __pfx_kthread+0x10/0x10 [ 16.099811] ret_from_fork+0x116/0x1d0 [ 16.099830] ? __pfx_kthread+0x10/0x10 [ 16.099851] ret_from_fork_asm+0x1a/0x30 [ 16.099884] </TASK> [ 16.099895] [ 16.109901] Allocated by task 283: [ 16.110216] kasan_save_stack+0x45/0x70 [ 16.110372] kasan_save_track+0x18/0x40 [ 16.110715] kasan_save_alloc_info+0x3b/0x50 [ 16.110941] __kasan_kmalloc+0xb7/0xc0 [ 16.111123] __kmalloc_cache_noprof+0x189/0x420 [ 16.111327] kasan_atomics+0x95/0x310 [ 16.111495] kunit_try_run_case+0x1a5/0x480 [ 16.111934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112130] kthread+0x337/0x6f0 [ 16.112422] ret_from_fork+0x116/0x1d0 [ 16.112637] ret_from_fork_asm+0x1a/0x30 [ 16.113001] [ 16.113085] The buggy address belongs to the object at ffff888102ba6080 [ 16.113085] which belongs to the cache kmalloc-64 of size 64 [ 16.113771] The buggy address is located 0 bytes to the right of [ 16.113771] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.114471] [ 16.114552] The buggy address belongs to the physical page: [ 16.115042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.115452] flags: 0x200000000000000(node=0|zone=2) [ 16.115655] page_type: f5(slab) [ 16.115984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.116403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.116743] page dumped because: kasan: bad access detected [ 16.117004] [ 16.117086] Memory state around the buggy address: [ 16.117288] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.117575] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118195] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.118611] ^ [ 16.118795] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119221] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119619] ================================================================== [ 16.156394] ================================================================== [ 16.156750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.157188] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.157518] [ 16.157635] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.157676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.157689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.157714] Call Trace: [ 16.157731] <TASK> [ 16.157748] dump_stack_lvl+0x73/0xb0 [ 16.157775] print_report+0xd1/0x650 [ 16.157797] ? __virt_addr_valid+0x1db/0x2d0 [ 16.157819] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.157840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.157863] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.157885] kasan_report+0x141/0x180 [ 16.157922] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.157951] kasan_check_range+0x10c/0x1c0 [ 16.157975] __kasan_check_write+0x18/0x20 [ 16.157996] kasan_atomics_helper+0x1f43/0x5450 [ 16.158020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.158044] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.158071] ? kasan_atomics+0x152/0x310 [ 16.158100] kasan_atomics+0x1dc/0x310 [ 16.158124] ? __pfx_kasan_atomics+0x10/0x10 [ 16.158149] ? __pfx_read_tsc+0x10/0x10 [ 16.158171] ? ktime_get_ts64+0x86/0x230 [ 16.158197] kunit_try_run_case+0x1a5/0x480 [ 16.158222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.158246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.158271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.158296] ? __kthread_parkme+0x82/0x180 [ 16.158318] ? preempt_count_sub+0x50/0x80 [ 16.158344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.158370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.158396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.158422] kthread+0x337/0x6f0 [ 16.158441] ? trace_preempt_on+0x20/0xc0 [ 16.158466] ? __pfx_kthread+0x10/0x10 [ 16.158488] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.158510] ? calculate_sigpending+0x7b/0xa0 [ 16.158545] ? __pfx_kthread+0x10/0x10 [ 16.158567] ret_from_fork+0x116/0x1d0 [ 16.158587] ? __pfx_kthread+0x10/0x10 [ 16.158619] ret_from_fork_asm+0x1a/0x30 [ 16.158652] </TASK> [ 16.158663] [ 16.166062] Allocated by task 283: [ 16.166224] kasan_save_stack+0x45/0x70 [ 16.166401] kasan_save_track+0x18/0x40 [ 16.166582] kasan_save_alloc_info+0x3b/0x50 [ 16.166787] __kasan_kmalloc+0xb7/0xc0 [ 16.166949] __kmalloc_cache_noprof+0x189/0x420 [ 16.167105] kasan_atomics+0x95/0x310 [ 16.167239] kunit_try_run_case+0x1a5/0x480 [ 16.167385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167667] kthread+0x337/0x6f0 [ 16.167835] ret_from_fork+0x116/0x1d0 [ 16.168035] ret_from_fork_asm+0x1a/0x30 [ 16.168232] [ 16.168324] The buggy address belongs to the object at ffff888102ba6080 [ 16.168324] which belongs to the cache kmalloc-64 of size 64 [ 16.168934] The buggy address is located 0 bytes to the right of [ 16.168934] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.169367] [ 16.169438] The buggy address belongs to the physical page: [ 16.169710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.170245] flags: 0x200000000000000(node=0|zone=2) [ 16.170546] page_type: f5(slab) [ 16.170677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.170907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.171131] page dumped because: kasan: bad access detected [ 16.171302] [ 16.171370] Memory state around the buggy address: [ 16.171592] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.171925] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.172237] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.172545] ^ [ 16.172775] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.173079] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.173297] ================================================================== [ 15.662329] ================================================================== [ 15.662700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.663179] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.663514] [ 15.663636] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.663680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.663692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.663714] Call Trace: [ 15.663731] <TASK> [ 15.663749] dump_stack_lvl+0x73/0xb0 [ 15.663778] print_report+0xd1/0x650 [ 15.663801] ? __virt_addr_valid+0x1db/0x2d0 [ 15.663826] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.663847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.663871] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.663894] kasan_report+0x141/0x180 [ 15.663917] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.663945] kasan_check_range+0x10c/0x1c0 [ 15.663970] __kasan_check_write+0x18/0x20 [ 15.663990] kasan_atomics_helper+0x12e6/0x5450 [ 15.664014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.664038] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.664065] ? kasan_atomics+0x152/0x310 [ 15.664092] kasan_atomics+0x1dc/0x310 [ 15.664115] ? __pfx_kasan_atomics+0x10/0x10 [ 15.664141] ? __pfx_read_tsc+0x10/0x10 [ 15.664163] ? ktime_get_ts64+0x86/0x230 [ 15.664189] kunit_try_run_case+0x1a5/0x480 [ 15.664214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.664238] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.664265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.664290] ? __kthread_parkme+0x82/0x180 [ 15.664312] ? preempt_count_sub+0x50/0x80 [ 15.664338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.664363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.664389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.664415] kthread+0x337/0x6f0 [ 15.664435] ? trace_preempt_on+0x20/0xc0 [ 15.664460] ? __pfx_kthread+0x10/0x10 [ 15.664482] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.664504] ? calculate_sigpending+0x7b/0xa0 [ 15.664530] ? __pfx_kthread+0x10/0x10 [ 15.664552] ret_from_fork+0x116/0x1d0 [ 15.664571] ? __pfx_kthread+0x10/0x10 [ 15.664593] ret_from_fork_asm+0x1a/0x30 [ 15.664635] </TASK> [ 15.664646] [ 15.672109] Allocated by task 283: [ 15.672298] kasan_save_stack+0x45/0x70 [ 15.672511] kasan_save_track+0x18/0x40 [ 15.672710] kasan_save_alloc_info+0x3b/0x50 [ 15.672874] __kasan_kmalloc+0xb7/0xc0 [ 15.673017] __kmalloc_cache_noprof+0x189/0x420 [ 15.673243] kasan_atomics+0x95/0x310 [ 15.673433] kunit_try_run_case+0x1a5/0x480 [ 15.673647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.673897] kthread+0x337/0x6f0 [ 15.674049] ret_from_fork+0x116/0x1d0 [ 15.674222] ret_from_fork_asm+0x1a/0x30 [ 15.674402] [ 15.674495] The buggy address belongs to the object at ffff888102ba6080 [ 15.674495] which belongs to the cache kmalloc-64 of size 64 [ 15.674974] The buggy address is located 0 bytes to the right of [ 15.674974] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.675446] [ 15.675539] The buggy address belongs to the physical page: [ 15.675798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.676107] flags: 0x200000000000000(node=0|zone=2) [ 15.676296] page_type: f5(slab) [ 15.676416] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.677008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.677296] page dumped because: kasan: bad access detected [ 15.677466] [ 15.677613] Memory state around the buggy address: [ 15.677848] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.678145] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.678415] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.678814] ^ [ 15.679010] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679264] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679477] ================================================================== [ 15.697820] ================================================================== [ 15.698212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.699146] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.699410] [ 15.699503] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.699548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.699561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.699584] Call Trace: [ 15.699612] <TASK> [ 15.699630] dump_stack_lvl+0x73/0xb0 [ 15.699662] print_report+0xd1/0x650 [ 15.699685] ? __virt_addr_valid+0x1db/0x2d0 [ 15.699710] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.700738] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.700782] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.700806] kasan_report+0x141/0x180 [ 15.700831] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.700866] kasan_check_range+0x10c/0x1c0 [ 15.700891] __kasan_check_read+0x15/0x20 [ 15.700910] kasan_atomics_helper+0x13b5/0x5450 [ 15.700934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.700959] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.700986] ? kasan_atomics+0x152/0x310 [ 15.701012] kasan_atomics+0x1dc/0x310 [ 15.701036] ? __pfx_kasan_atomics+0x10/0x10 [ 15.701061] ? __pfx_read_tsc+0x10/0x10 [ 15.701084] ? ktime_get_ts64+0x86/0x230 [ 15.701109] kunit_try_run_case+0x1a5/0x480 [ 15.701136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.701187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.701212] ? __kthread_parkme+0x82/0x180 [ 15.701234] ? preempt_count_sub+0x50/0x80 [ 15.701259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.701310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.701336] kthread+0x337/0x6f0 [ 15.701356] ? trace_preempt_on+0x20/0xc0 [ 15.701381] ? __pfx_kthread+0x10/0x10 [ 15.701403] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.701425] ? calculate_sigpending+0x7b/0xa0 [ 15.701451] ? __pfx_kthread+0x10/0x10 [ 15.701474] ret_from_fork+0x116/0x1d0 [ 15.701493] ? __pfx_kthread+0x10/0x10 [ 15.701526] ret_from_fork_asm+0x1a/0x30 [ 15.701560] </TASK> [ 15.701572] [ 15.714093] Allocated by task 283: [ 15.714477] kasan_save_stack+0x45/0x70 [ 15.714897] kasan_save_track+0x18/0x40 [ 15.715279] kasan_save_alloc_info+0x3b/0x50 [ 15.715464] __kasan_kmalloc+0xb7/0xc0 [ 15.715893] __kmalloc_cache_noprof+0x189/0x420 [ 15.716280] kasan_atomics+0x95/0x310 [ 15.716414] kunit_try_run_case+0x1a5/0x480 [ 15.716610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.717116] kthread+0x337/0x6f0 [ 15.717432] ret_from_fork+0x116/0x1d0 [ 15.717830] ret_from_fork_asm+0x1a/0x30 [ 15.718205] [ 15.718377] The buggy address belongs to the object at ffff888102ba6080 [ 15.718377] which belongs to the cache kmalloc-64 of size 64 [ 15.719165] The buggy address is located 0 bytes to the right of [ 15.719165] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.719541] [ 15.719627] The buggy address belongs to the physical page: [ 15.719939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.720693] flags: 0x200000000000000(node=0|zone=2) [ 15.721033] page_type: f5(slab) [ 15.721158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.721387] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.721876] page dumped because: kasan: bad access detected [ 15.722374] [ 15.722536] Memory state around the buggy address: [ 15.723057] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.723732] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.724335] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.725039] ^ [ 15.725382] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.725657] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726281] ================================================================== [ 16.348167] ================================================================== [ 16.348490] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.348818] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.349152] [ 16.349261] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.349312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.349324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.349345] Call Trace: [ 16.349358] <TASK> [ 16.349384] dump_stack_lvl+0x73/0xb0 [ 16.349413] print_report+0xd1/0x650 [ 16.349435] ? __virt_addr_valid+0x1db/0x2d0 [ 16.349458] ? kasan_atomics_helper+0x5115/0x5450 [ 16.349480] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.349504] ? kasan_atomics_helper+0x5115/0x5450 [ 16.349540] kasan_report+0x141/0x180 [ 16.349564] ? kasan_atomics_helper+0x5115/0x5450 [ 16.349592] __asan_report_load8_noabort+0x18/0x20 [ 16.349627] kasan_atomics_helper+0x5115/0x5450 [ 16.349651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.349684] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.349715] ? kasan_atomics+0x152/0x310 [ 16.349742] kasan_atomics+0x1dc/0x310 [ 16.349776] ? __pfx_kasan_atomics+0x10/0x10 [ 16.349802] ? __pfx_read_tsc+0x10/0x10 [ 16.349823] ? ktime_get_ts64+0x86/0x230 [ 16.349848] kunit_try_run_case+0x1a5/0x480 [ 16.349882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.349906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.349931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.349967] ? __kthread_parkme+0x82/0x180 [ 16.349988] ? preempt_count_sub+0x50/0x80 [ 16.350014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.350039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.350064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.350091] kthread+0x337/0x6f0 [ 16.350111] ? trace_preempt_on+0x20/0xc0 [ 16.350135] ? __pfx_kthread+0x10/0x10 [ 16.350157] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.350180] ? calculate_sigpending+0x7b/0xa0 [ 16.350205] ? __pfx_kthread+0x10/0x10 [ 16.350227] ret_from_fork+0x116/0x1d0 [ 16.350246] ? __pfx_kthread+0x10/0x10 [ 16.350276] ret_from_fork_asm+0x1a/0x30 [ 16.350310] </TASK> [ 16.350320] [ 16.357697] Allocated by task 283: [ 16.357907] kasan_save_stack+0x45/0x70 [ 16.358206] kasan_save_track+0x18/0x40 [ 16.358435] kasan_save_alloc_info+0x3b/0x50 [ 16.358888] __kasan_kmalloc+0xb7/0xc0 [ 16.359068] __kmalloc_cache_noprof+0x189/0x420 [ 16.359249] kasan_atomics+0x95/0x310 [ 16.359448] kunit_try_run_case+0x1a5/0x480 [ 16.359665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.359941] kthread+0x337/0x6f0 [ 16.360064] ret_from_fork+0x116/0x1d0 [ 16.360197] ret_from_fork_asm+0x1a/0x30 [ 16.360359] [ 16.360454] The buggy address belongs to the object at ffff888102ba6080 [ 16.360454] which belongs to the cache kmalloc-64 of size 64 [ 16.361501] The buggy address is located 0 bytes to the right of [ 16.361501] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.361936] [ 16.362009] The buggy address belongs to the physical page: [ 16.362180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.362653] flags: 0x200000000000000(node=0|zone=2) [ 16.362885] page_type: f5(slab) [ 16.363049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.363384] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.363763] page dumped because: kasan: bad access detected [ 16.363935] [ 16.364007] Memory state around the buggy address: [ 16.364162] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.364419] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.365052] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.365398] ^ [ 16.365634] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.365946] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.366250] ================================================================== [ 15.548765] ================================================================== [ 15.549274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.549834] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.550261] [ 15.550390] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.550438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.550451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.550473] Call Trace: [ 15.550493] <TASK> [ 15.550675] dump_stack_lvl+0x73/0xb0 [ 15.550712] print_report+0xd1/0x650 [ 15.550737] ? __virt_addr_valid+0x1db/0x2d0 [ 15.550762] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.550784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.550845] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.550868] kasan_report+0x141/0x180 [ 15.550892] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.550921] __asan_report_load4_noabort+0x18/0x20 [ 15.550947] kasan_atomics_helper+0x4a1c/0x5450 [ 15.550971] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.550994] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.551021] ? kasan_atomics+0x152/0x310 [ 15.551049] kasan_atomics+0x1dc/0x310 [ 15.551072] ? __pfx_kasan_atomics+0x10/0x10 [ 15.551097] ? __pfx_read_tsc+0x10/0x10 [ 15.551119] ? ktime_get_ts64+0x86/0x230 [ 15.551145] kunit_try_run_case+0x1a5/0x480 [ 15.551172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.551195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.551222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.551247] ? __kthread_parkme+0x82/0x180 [ 15.551269] ? preempt_count_sub+0x50/0x80 [ 15.551295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.551320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.551346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.551373] kthread+0x337/0x6f0 [ 15.551393] ? trace_preempt_on+0x20/0xc0 [ 15.551419] ? __pfx_kthread+0x10/0x10 [ 15.551441] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.551464] ? calculate_sigpending+0x7b/0xa0 [ 15.551491] ? __pfx_kthread+0x10/0x10 [ 15.551526] ret_from_fork+0x116/0x1d0 [ 15.551545] ? __pfx_kthread+0x10/0x10 [ 15.551568] ret_from_fork_asm+0x1a/0x30 [ 15.551613] </TASK> [ 15.551624] [ 15.558717] Allocated by task 283: [ 15.558898] kasan_save_stack+0x45/0x70 [ 15.559101] kasan_save_track+0x18/0x40 [ 15.559299] kasan_save_alloc_info+0x3b/0x50 [ 15.559515] __kasan_kmalloc+0xb7/0xc0 [ 15.559716] __kmalloc_cache_noprof+0x189/0x420 [ 15.559916] kasan_atomics+0x95/0x310 [ 15.560077] kunit_try_run_case+0x1a5/0x480 [ 15.560231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.560409] kthread+0x337/0x6f0 [ 15.560573] ret_from_fork+0x116/0x1d0 [ 15.560768] ret_from_fork_asm+0x1a/0x30 [ 15.561153] [ 15.561313] The buggy address belongs to the object at ffff888102ba6080 [ 15.561313] which belongs to the cache kmalloc-64 of size 64 [ 15.561828] The buggy address is located 0 bytes to the right of [ 15.561828] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.562298] [ 15.562397] The buggy address belongs to the physical page: [ 15.562643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.562886] flags: 0x200000000000000(node=0|zone=2) [ 15.563109] page_type: f5(slab) [ 15.563277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.563618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.563841] page dumped because: kasan: bad access detected [ 15.564008] [ 15.564137] Memory state around the buggy address: [ 15.564359] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.564908] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.565226] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.565440] ^ [ 15.565730] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.566035] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.566306] ================================================================== [ 15.754256] ================================================================== [ 15.754498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.754785] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.755103] [ 15.755339] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.755389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.755403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.755425] Call Trace: [ 15.755444] <TASK> [ 15.755464] dump_stack_lvl+0x73/0xb0 [ 15.755498] print_report+0xd1/0x650 [ 15.755522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.755547] ? kasan_atomics_helper+0x1467/0x5450 [ 15.755570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.755595] ? kasan_atomics_helper+0x1467/0x5450 [ 15.755644] kasan_report+0x141/0x180 [ 15.755667] ? kasan_atomics_helper+0x1467/0x5450 [ 15.755695] kasan_check_range+0x10c/0x1c0 [ 15.755721] __kasan_check_write+0x18/0x20 [ 15.755741] kasan_atomics_helper+0x1467/0x5450 [ 15.755765] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.755790] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.755816] ? kasan_atomics+0x152/0x310 [ 15.755844] kasan_atomics+0x1dc/0x310 [ 15.755867] ? __pfx_kasan_atomics+0x10/0x10 [ 15.755893] ? __pfx_read_tsc+0x10/0x10 [ 15.755915] ? ktime_get_ts64+0x86/0x230 [ 15.755942] kunit_try_run_case+0x1a5/0x480 [ 15.755967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.755991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.756017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.756042] ? __kthread_parkme+0x82/0x180 [ 15.756065] ? preempt_count_sub+0x50/0x80 [ 15.756090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.756116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.756142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.756169] kthread+0x337/0x6f0 [ 15.756189] ? trace_preempt_on+0x20/0xc0 [ 15.756214] ? __pfx_kthread+0x10/0x10 [ 15.756236] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.756258] ? calculate_sigpending+0x7b/0xa0 [ 15.756284] ? __pfx_kthread+0x10/0x10 [ 15.756307] ret_from_fork+0x116/0x1d0 [ 15.756326] ? __pfx_kthread+0x10/0x10 [ 15.756347] ret_from_fork_asm+0x1a/0x30 [ 15.756380] </TASK> [ 15.756391] [ 15.763669] Allocated by task 283: [ 15.763848] kasan_save_stack+0x45/0x70 [ 15.764051] kasan_save_track+0x18/0x40 [ 15.764249] kasan_save_alloc_info+0x3b/0x50 [ 15.764468] __kasan_kmalloc+0xb7/0xc0 [ 15.764643] __kmalloc_cache_noprof+0x189/0x420 [ 15.764799] kasan_atomics+0x95/0x310 [ 15.765003] kunit_try_run_case+0x1a5/0x480 [ 15.765223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.765476] kthread+0x337/0x6f0 [ 15.765667] ret_from_fork+0x116/0x1d0 [ 15.765810] ret_from_fork_asm+0x1a/0x30 [ 15.765950] [ 15.766020] The buggy address belongs to the object at ffff888102ba6080 [ 15.766020] which belongs to the cache kmalloc-64 of size 64 [ 15.766422] The buggy address is located 0 bytes to the right of [ 15.766422] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.766976] [ 15.767074] The buggy address belongs to the physical page: [ 15.767328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.767737] flags: 0x200000000000000(node=0|zone=2) [ 15.767958] page_type: f5(slab) [ 15.768114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.768380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.768614] page dumped because: kasan: bad access detected [ 15.768784] [ 15.768870] Memory state around the buggy address: [ 15.769235] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769554] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.769892] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.770305] ^ [ 15.770540] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.770817] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.771029] ================================================================== [ 15.995477] ================================================================== [ 15.995848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.996238] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.996591] [ 15.996787] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.996845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.996858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.996880] Call Trace: [ 15.996901] <TASK> [ 15.996921] dump_stack_lvl+0x73/0xb0 [ 15.996985] print_report+0xd1/0x650 [ 15.997009] ? __virt_addr_valid+0x1db/0x2d0 [ 15.997032] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.997066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.997091] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.997140] kasan_report+0x141/0x180 [ 15.997163] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.997219] kasan_check_range+0x10c/0x1c0 [ 15.997243] __kasan_check_write+0x18/0x20 [ 15.997264] kasan_atomics_helper+0x1b22/0x5450 [ 15.997288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.997312] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.997339] ? kasan_atomics+0x152/0x310 [ 15.997392] kasan_atomics+0x1dc/0x310 [ 15.997415] ? __pfx_kasan_atomics+0x10/0x10 [ 15.997451] ? __pfx_read_tsc+0x10/0x10 [ 15.997475] ? ktime_get_ts64+0x86/0x230 [ 15.997501] kunit_try_run_case+0x1a5/0x480 [ 15.997527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.997551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.997578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.997655] ? __kthread_parkme+0x82/0x180 [ 15.997678] ? preempt_count_sub+0x50/0x80 [ 15.997719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.997745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.997771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.997826] kthread+0x337/0x6f0 [ 15.997847] ? trace_preempt_on+0x20/0xc0 [ 15.997872] ? __pfx_kthread+0x10/0x10 [ 15.997906] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.997929] ? calculate_sigpending+0x7b/0xa0 [ 15.997955] ? __pfx_kthread+0x10/0x10 [ 15.997978] ret_from_fork+0x116/0x1d0 [ 15.997999] ? __pfx_kthread+0x10/0x10 [ 15.998020] ret_from_fork_asm+0x1a/0x30 [ 15.998054] </TASK> [ 15.998065] [ 16.008621] Allocated by task 283: [ 16.008898] kasan_save_stack+0x45/0x70 [ 16.009205] kasan_save_track+0x18/0x40 [ 16.009496] kasan_save_alloc_info+0x3b/0x50 [ 16.009834] __kasan_kmalloc+0xb7/0xc0 [ 16.010116] __kmalloc_cache_noprof+0x189/0x420 [ 16.010421] kasan_atomics+0x95/0x310 [ 16.010756] kunit_try_run_case+0x1a5/0x480 [ 16.010960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.011361] kthread+0x337/0x6f0 [ 16.011676] ret_from_fork+0x116/0x1d0 [ 16.011850] ret_from_fork_asm+0x1a/0x30 [ 16.012234] [ 16.012371] The buggy address belongs to the object at ffff888102ba6080 [ 16.012371] which belongs to the cache kmalloc-64 of size 64 [ 16.013161] The buggy address is located 0 bytes to the right of [ 16.013161] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.013993] [ 16.014215] The buggy address belongs to the physical page: [ 16.014534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.015017] flags: 0x200000000000000(node=0|zone=2) [ 16.015333] page_type: f5(slab) [ 16.015617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.016048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.016476] page dumped because: kasan: bad access detected [ 16.016856] [ 16.016989] Memory state around the buggy address: [ 16.017282] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.017878] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.018251] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.018752] ^ [ 16.019070] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019485] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019884] ================================================================== [ 15.567120] ================================================================== [ 15.567471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.567790] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.568012] [ 15.568099] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.568142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.568155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.568176] Call Trace: [ 15.568195] <TASK> [ 15.568212] dump_stack_lvl+0x73/0xb0 [ 15.568241] print_report+0xd1/0x650 [ 15.568263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.568286] ? kasan_atomics_helper+0x1148/0x5450 [ 15.568308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.568331] ? kasan_atomics_helper+0x1148/0x5450 [ 15.568372] kasan_report+0x141/0x180 [ 15.568396] ? kasan_atomics_helper+0x1148/0x5450 [ 15.568423] kasan_check_range+0x10c/0x1c0 [ 15.568449] __kasan_check_write+0x18/0x20 [ 15.568469] kasan_atomics_helper+0x1148/0x5450 [ 15.568493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.568526] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.568553] ? kasan_atomics+0x152/0x310 [ 15.568580] kasan_atomics+0x1dc/0x310 [ 15.568615] ? __pfx_kasan_atomics+0x10/0x10 [ 15.568641] ? __pfx_read_tsc+0x10/0x10 [ 15.568663] ? ktime_get_ts64+0x86/0x230 [ 15.568689] kunit_try_run_case+0x1a5/0x480 [ 15.568715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.568739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.568765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.568790] ? __kthread_parkme+0x82/0x180 [ 15.568812] ? preempt_count_sub+0x50/0x80 [ 15.568838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.568863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.568889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.568915] kthread+0x337/0x6f0 [ 15.568935] ? trace_preempt_on+0x20/0xc0 [ 15.568960] ? __pfx_kthread+0x10/0x10 [ 15.568981] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.569004] ? calculate_sigpending+0x7b/0xa0 [ 15.569029] ? __pfx_kthread+0x10/0x10 [ 15.569052] ret_from_fork+0x116/0x1d0 [ 15.569071] ? __pfx_kthread+0x10/0x10 [ 15.569092] ret_from_fork_asm+0x1a/0x30 [ 15.569126] </TASK> [ 15.569136] [ 15.576625] Allocated by task 283: [ 15.576819] kasan_save_stack+0x45/0x70 [ 15.576995] kasan_save_track+0x18/0x40 [ 15.577185] kasan_save_alloc_info+0x3b/0x50 [ 15.577335] __kasan_kmalloc+0xb7/0xc0 [ 15.577497] __kmalloc_cache_noprof+0x189/0x420 [ 15.577745] kasan_atomics+0x95/0x310 [ 15.577932] kunit_try_run_case+0x1a5/0x480 [ 15.578138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.578357] kthread+0x337/0x6f0 [ 15.578477] ret_from_fork+0x116/0x1d0 [ 15.578617] ret_from_fork_asm+0x1a/0x30 [ 15.578785] [ 15.578881] The buggy address belongs to the object at ffff888102ba6080 [ 15.578881] which belongs to the cache kmalloc-64 of size 64 [ 15.579412] The buggy address is located 0 bytes to the right of [ 15.579412] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.579928] [ 15.580001] The buggy address belongs to the physical page: [ 15.580245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.580570] flags: 0x200000000000000(node=0|zone=2) [ 15.580814] page_type: f5(slab) [ 15.580951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.581253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.581476] page dumped because: kasan: bad access detected [ 15.581656] [ 15.581728] Memory state around the buggy address: [ 15.581881] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582187] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.582680] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.582989] ^ [ 15.583207] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583641] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583855] ================================================================== [ 14.954110] ================================================================== [ 14.954664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.955168] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 14.955402] [ 14.955487] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.955528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.955540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.955560] Call Trace: [ 14.955572] <TASK> [ 14.955587] dump_stack_lvl+0x73/0xb0 [ 14.955626] print_report+0xd1/0x650 [ 14.955649] ? __virt_addr_valid+0x1db/0x2d0 [ 14.955670] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.955692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.955716] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.955738] kasan_report+0x141/0x180 [ 14.955760] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.955787] __asan_report_load4_noabort+0x18/0x20 [ 14.955812] kasan_atomics_helper+0x4b88/0x5450 [ 14.955835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.955858] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.955883] ? kasan_atomics+0x152/0x310 [ 14.955909] kasan_atomics+0x1dc/0x310 [ 14.955932] ? __pfx_kasan_atomics+0x10/0x10 [ 14.955956] ? __pfx_read_tsc+0x10/0x10 [ 14.955977] ? ktime_get_ts64+0x86/0x230 [ 14.956001] kunit_try_run_case+0x1a5/0x480 [ 14.956025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.956220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.956247] ? __kthread_parkme+0x82/0x180 [ 14.956289] ? preempt_count_sub+0x50/0x80 [ 14.956316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.956369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.956396] kthread+0x337/0x6f0 [ 14.956417] ? trace_preempt_on+0x20/0xc0 [ 14.956442] ? __pfx_kthread+0x10/0x10 [ 14.956465] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.956488] ? calculate_sigpending+0x7b/0xa0 [ 14.956522] ? __pfx_kthread+0x10/0x10 [ 14.956545] ret_from_fork+0x116/0x1d0 [ 14.956574] ? __pfx_kthread+0x10/0x10 [ 14.956595] ret_from_fork_asm+0x1a/0x30 [ 14.956645] </TASK> [ 14.956657] [ 14.965696] Allocated by task 283: [ 14.965882] kasan_save_stack+0x45/0x70 [ 14.966163] kasan_save_track+0x18/0x40 [ 14.966336] kasan_save_alloc_info+0x3b/0x50 [ 14.966586] __kasan_kmalloc+0xb7/0xc0 [ 14.967518] __kmalloc_cache_noprof+0x189/0x420 [ 14.967725] kasan_atomics+0x95/0x310 [ 14.967884] kunit_try_run_case+0x1a5/0x480 [ 14.968205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.968448] kthread+0x337/0x6f0 [ 14.968651] ret_from_fork+0x116/0x1d0 [ 14.968856] ret_from_fork_asm+0x1a/0x30 [ 14.969101] [ 14.969218] The buggy address belongs to the object at ffff888102ba6080 [ 14.969218] which belongs to the cache kmalloc-64 of size 64 [ 14.969799] The buggy address is located 0 bytes to the right of [ 14.969799] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 14.970214] [ 14.970286] The buggy address belongs to the physical page: [ 14.970458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 14.970707] flags: 0x200000000000000(node=0|zone=2) [ 14.970871] page_type: f5(slab) [ 14.970991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.971538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.971902] page dumped because: kasan: bad access detected [ 14.972158] [ 14.972256] Memory state around the buggy address: [ 14.972431] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.972892] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.973115] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.973444] ^ [ 14.973793] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974190] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974502] ================================================================== [ 16.073425] ================================================================== [ 16.074075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.074316] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.074692] [ 16.074809] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.074992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.075009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.075032] Call Trace: [ 16.075051] <TASK> [ 16.075069] dump_stack_lvl+0x73/0xb0 [ 16.075183] print_report+0xd1/0x650 [ 16.075208] ? __virt_addr_valid+0x1db/0x2d0 [ 16.075233] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.075256] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.075280] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.075458] kasan_report+0x141/0x180 [ 16.075483] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.075523] kasan_check_range+0x10c/0x1c0 [ 16.075548] __kasan_check_write+0x18/0x20 [ 16.075569] kasan_atomics_helper+0x1ce1/0x5450 [ 16.075593] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.075630] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.075658] ? kasan_atomics+0x152/0x310 [ 16.075687] kasan_atomics+0x1dc/0x310 [ 16.075710] ? __pfx_kasan_atomics+0x10/0x10 [ 16.075735] ? __pfx_read_tsc+0x10/0x10 [ 16.075758] ? ktime_get_ts64+0x86/0x230 [ 16.075784] kunit_try_run_case+0x1a5/0x480 [ 16.075810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.075861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.075886] ? __kthread_parkme+0x82/0x180 [ 16.075908] ? preempt_count_sub+0x50/0x80 [ 16.075933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.075986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.076012] kthread+0x337/0x6f0 [ 16.076032] ? trace_preempt_on+0x20/0xc0 [ 16.076057] ? __pfx_kthread+0x10/0x10 [ 16.076078] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.076101] ? calculate_sigpending+0x7b/0xa0 [ 16.076127] ? __pfx_kthread+0x10/0x10 [ 16.076149] ret_from_fork+0x116/0x1d0 [ 16.076168] ? __pfx_kthread+0x10/0x10 [ 16.076189] ret_from_fork_asm+0x1a/0x30 [ 16.076222] </TASK> [ 16.076233] [ 16.086411] Allocated by task 283: [ 16.086546] kasan_save_stack+0x45/0x70 [ 16.087018] kasan_save_track+0x18/0x40 [ 16.087162] kasan_save_alloc_info+0x3b/0x50 [ 16.087493] __kasan_kmalloc+0xb7/0xc0 [ 16.087786] __kmalloc_cache_noprof+0x189/0x420 [ 16.087960] kasan_atomics+0x95/0x310 [ 16.088265] kunit_try_run_case+0x1a5/0x480 [ 16.088547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.088884] kthread+0x337/0x6f0 [ 16.089131] ret_from_fork+0x116/0x1d0 [ 16.089277] ret_from_fork_asm+0x1a/0x30 [ 16.089716] [ 16.089901] The buggy address belongs to the object at ffff888102ba6080 [ 16.089901] which belongs to the cache kmalloc-64 of size 64 [ 16.090399] The buggy address is located 0 bytes to the right of [ 16.090399] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.091152] [ 16.091432] The buggy address belongs to the physical page: [ 16.091686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.092086] flags: 0x200000000000000(node=0|zone=2) [ 16.092393] page_type: f5(slab) [ 16.092557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.093054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.093490] page dumped because: kasan: bad access detected [ 16.093830] [ 16.093908] Memory state around the buggy address: [ 16.094108] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.094588] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.094996] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.095303] ^ [ 16.095649] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.096012] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.096380] ================================================================== [ 16.209092] ================================================================== [ 16.209321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.209649] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.210279] [ 16.210389] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.210431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.210444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.210465] Call Trace: [ 16.210480] <TASK> [ 16.210495] dump_stack_lvl+0x73/0xb0 [ 16.210532] print_report+0xd1/0x650 [ 16.210555] ? __virt_addr_valid+0x1db/0x2d0 [ 16.210579] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.210612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.210637] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.210662] kasan_report+0x141/0x180 [ 16.210685] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.210713] __asan_report_load8_noabort+0x18/0x20 [ 16.210739] kasan_atomics_helper+0x4f98/0x5450 [ 16.210763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.210786] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.210814] ? kasan_atomics+0x152/0x310 [ 16.210842] kasan_atomics+0x1dc/0x310 [ 16.210865] ? __pfx_kasan_atomics+0x10/0x10 [ 16.210891] ? __pfx_read_tsc+0x10/0x10 [ 16.210912] ? ktime_get_ts64+0x86/0x230 [ 16.210938] kunit_try_run_case+0x1a5/0x480 [ 16.210963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.210986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.211013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.211038] ? __kthread_parkme+0x82/0x180 [ 16.211059] ? preempt_count_sub+0x50/0x80 [ 16.211084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.211109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.211135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.211161] kthread+0x337/0x6f0 [ 16.211181] ? trace_preempt_on+0x20/0xc0 [ 16.211206] ? __pfx_kthread+0x10/0x10 [ 16.211227] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.211251] ? calculate_sigpending+0x7b/0xa0 [ 16.211276] ? __pfx_kthread+0x10/0x10 [ 16.211299] ret_from_fork+0x116/0x1d0 [ 16.211318] ? __pfx_kthread+0x10/0x10 [ 16.211339] ret_from_fork_asm+0x1a/0x30 [ 16.211372] </TASK> [ 16.211382] [ 16.218670] Allocated by task 283: [ 16.218850] kasan_save_stack+0x45/0x70 [ 16.219050] kasan_save_track+0x18/0x40 [ 16.219241] kasan_save_alloc_info+0x3b/0x50 [ 16.219451] __kasan_kmalloc+0xb7/0xc0 [ 16.219642] __kmalloc_cache_noprof+0x189/0x420 [ 16.219859] kasan_atomics+0x95/0x310 [ 16.220043] kunit_try_run_case+0x1a5/0x480 [ 16.220186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.220359] kthread+0x337/0x6f0 [ 16.220478] ret_from_fork+0x116/0x1d0 [ 16.220616] ret_from_fork_asm+0x1a/0x30 [ 16.220753] [ 16.220821] The buggy address belongs to the object at ffff888102ba6080 [ 16.220821] which belongs to the cache kmalloc-64 of size 64 [ 16.221840] The buggy address is located 0 bytes to the right of [ 16.221840] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.222392] [ 16.222492] The buggy address belongs to the physical page: [ 16.222762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.223120] flags: 0x200000000000000(node=0|zone=2) [ 16.223282] page_type: f5(slab) [ 16.223399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.223634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.223858] page dumped because: kasan: bad access detected [ 16.224080] [ 16.224231] Memory state around the buggy address: [ 16.224454] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.224993] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225208] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.225419] ^ [ 16.225708] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226036] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226456] ================================================================== [ 16.278293] ================================================================== [ 16.279065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.279755] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.280409] [ 16.280624] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.280676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.280689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.280711] Call Trace: [ 16.280727] <TASK> [ 16.280744] dump_stack_lvl+0x73/0xb0 [ 16.280775] print_report+0xd1/0x650 [ 16.280798] ? __virt_addr_valid+0x1db/0x2d0 [ 16.280833] ? kasan_atomics_helper+0x218a/0x5450 [ 16.280856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.280881] ? kasan_atomics_helper+0x218a/0x5450 [ 16.280915] kasan_report+0x141/0x180 [ 16.280937] ? kasan_atomics_helper+0x218a/0x5450 [ 16.280966] kasan_check_range+0x10c/0x1c0 [ 16.280991] __kasan_check_write+0x18/0x20 [ 16.281011] kasan_atomics_helper+0x218a/0x5450 [ 16.281036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.281061] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.281088] ? kasan_atomics+0x152/0x310 [ 16.281115] kasan_atomics+0x1dc/0x310 [ 16.281139] ? __pfx_kasan_atomics+0x10/0x10 [ 16.281165] ? __pfx_read_tsc+0x10/0x10 [ 16.281188] ? ktime_get_ts64+0x86/0x230 [ 16.281214] kunit_try_run_case+0x1a5/0x480 [ 16.281240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.281264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.281289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.281314] ? __kthread_parkme+0x82/0x180 [ 16.281336] ? preempt_count_sub+0x50/0x80 [ 16.281362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.281388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.281413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.281440] kthread+0x337/0x6f0 [ 16.281459] ? trace_preempt_on+0x20/0xc0 [ 16.281484] ? __pfx_kthread+0x10/0x10 [ 16.281513] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.281535] ? calculate_sigpending+0x7b/0xa0 [ 16.281561] ? __pfx_kthread+0x10/0x10 [ 16.281583] ret_from_fork+0x116/0x1d0 [ 16.281610] ? __pfx_kthread+0x10/0x10 [ 16.281632] ret_from_fork_asm+0x1a/0x30 [ 16.281665] </TASK> [ 16.281677] [ 16.293127] Allocated by task 283: [ 16.293259] kasan_save_stack+0x45/0x70 [ 16.293406] kasan_save_track+0x18/0x40 [ 16.293590] kasan_save_alloc_info+0x3b/0x50 [ 16.293772] __kasan_kmalloc+0xb7/0xc0 [ 16.293906] __kmalloc_cache_noprof+0x189/0x420 [ 16.294131] kasan_atomics+0x95/0x310 [ 16.294317] kunit_try_run_case+0x1a5/0x480 [ 16.294529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.294815] kthread+0x337/0x6f0 [ 16.294949] ret_from_fork+0x116/0x1d0 [ 16.295162] ret_from_fork_asm+0x1a/0x30 [ 16.295300] [ 16.295392] The buggy address belongs to the object at ffff888102ba6080 [ 16.295392] which belongs to the cache kmalloc-64 of size 64 [ 16.296080] The buggy address is located 0 bytes to the right of [ 16.296080] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.296655] [ 16.296752] The buggy address belongs to the physical page: [ 16.296947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.297204] flags: 0x200000000000000(node=0|zone=2) [ 16.297440] page_type: f5(slab) [ 16.297776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.298149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.298480] page dumped because: kasan: bad access detected [ 16.298705] [ 16.298775] Memory state around the buggy address: [ 16.298959] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299275] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.299587] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.299890] ^ [ 16.300118] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300456] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300807] ================================================================== [ 15.680101] ================================================================== [ 15.680566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.680839] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.681330] [ 15.681445] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.681490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.681514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.681537] Call Trace: [ 15.681555] <TASK> [ 15.681573] dump_stack_lvl+0x73/0xb0 [ 15.681614] print_report+0xd1/0x650 [ 15.681637] ? __virt_addr_valid+0x1db/0x2d0 [ 15.681662] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.681683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.681714] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.681737] kasan_report+0x141/0x180 [ 15.681760] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.681787] __asan_report_load4_noabort+0x18/0x20 [ 15.681813] kasan_atomics_helper+0x49ce/0x5450 [ 15.681837] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.681860] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.681887] ? kasan_atomics+0x152/0x310 [ 15.681915] kasan_atomics+0x1dc/0x310 [ 15.681938] ? __pfx_kasan_atomics+0x10/0x10 [ 15.681963] ? __pfx_read_tsc+0x10/0x10 [ 15.681985] ? ktime_get_ts64+0x86/0x230 [ 15.682011] kunit_try_run_case+0x1a5/0x480 [ 15.682037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.682060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.682087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.682112] ? __kthread_parkme+0x82/0x180 [ 15.682134] ? preempt_count_sub+0x50/0x80 [ 15.682160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.682185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.682210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.682236] kthread+0x337/0x6f0 [ 15.682256] ? trace_preempt_on+0x20/0xc0 [ 15.682281] ? __pfx_kthread+0x10/0x10 [ 15.682303] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.682326] ? calculate_sigpending+0x7b/0xa0 [ 15.682351] ? __pfx_kthread+0x10/0x10 [ 15.682374] ret_from_fork+0x116/0x1d0 [ 15.682393] ? __pfx_kthread+0x10/0x10 [ 15.682415] ret_from_fork_asm+0x1a/0x30 [ 15.682449] </TASK> [ 15.682460] [ 15.689862] Allocated by task 283: [ 15.690043] kasan_save_stack+0x45/0x70 [ 15.690246] kasan_save_track+0x18/0x40 [ 15.690394] kasan_save_alloc_info+0x3b/0x50 [ 15.690620] __kasan_kmalloc+0xb7/0xc0 [ 15.690805] __kmalloc_cache_noprof+0x189/0x420 [ 15.690961] kasan_atomics+0x95/0x310 [ 15.691092] kunit_try_run_case+0x1a5/0x480 [ 15.691238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.691412] kthread+0x337/0x6f0 [ 15.691546] ret_from_fork+0x116/0x1d0 [ 15.691743] ret_from_fork_asm+0x1a/0x30 [ 15.691941] [ 15.692033] The buggy address belongs to the object at ffff888102ba6080 [ 15.692033] which belongs to the cache kmalloc-64 of size 64 [ 15.692553] The buggy address is located 0 bytes to the right of [ 15.692553] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.693065] [ 15.693137] The buggy address belongs to the physical page: [ 15.693307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.693908] flags: 0x200000000000000(node=0|zone=2) [ 15.694146] page_type: f5(slab) [ 15.694306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.694642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.694949] page dumped because: kasan: bad access detected [ 15.695137] [ 15.695205] Memory state around the buggy address: [ 15.695396] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.695883] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.696150] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.696419] ^ [ 15.696687] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.696966] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.697240] ================================================================== [ 15.969075] ================================================================== [ 15.969858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.970646] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.971290] [ 15.971515] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.971565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971624] Call Trace: [ 15.971644] <TASK> [ 15.971665] dump_stack_lvl+0x73/0xb0 [ 15.971698] print_report+0xd1/0x650 [ 15.971722] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971747] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.971771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971794] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.971818] kasan_report+0x141/0x180 [ 15.971841] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.971868] kasan_check_range+0x10c/0x1c0 [ 15.971894] __kasan_check_write+0x18/0x20 [ 15.971914] kasan_atomics_helper+0x1a7f/0x5450 [ 15.971938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971962] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971990] ? kasan_atomics+0x152/0x310 [ 15.972017] kasan_atomics+0x1dc/0x310 [ 15.972040] ? __pfx_kasan_atomics+0x10/0x10 [ 15.972065] ? __pfx_read_tsc+0x10/0x10 [ 15.972088] ? ktime_get_ts64+0x86/0x230 [ 15.972114] kunit_try_run_case+0x1a5/0x480 [ 15.972140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972215] ? __kthread_parkme+0x82/0x180 [ 15.972238] ? preempt_count_sub+0x50/0x80 [ 15.972264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972342] kthread+0x337/0x6f0 [ 15.972361] ? trace_preempt_on+0x20/0xc0 [ 15.972386] ? __pfx_kthread+0x10/0x10 [ 15.972408] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972431] ? calculate_sigpending+0x7b/0xa0 [ 15.972457] ? __pfx_kthread+0x10/0x10 [ 15.972479] ret_from_fork+0x116/0x1d0 [ 15.972519] ? __pfx_kthread+0x10/0x10 [ 15.972542] ret_from_fork_asm+0x1a/0x30 [ 15.972575] </TASK> [ 15.972586] [ 15.984707] Allocated by task 283: [ 15.985089] kasan_save_stack+0x45/0x70 [ 15.985490] kasan_save_track+0x18/0x40 [ 15.985889] kasan_save_alloc_info+0x3b/0x50 [ 15.986174] __kasan_kmalloc+0xb7/0xc0 [ 15.986309] __kmalloc_cache_noprof+0x189/0x420 [ 15.986467] kasan_atomics+0x95/0x310 [ 15.986640] kunit_try_run_case+0x1a5/0x480 [ 15.987036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.987342] kthread+0x337/0x6f0 [ 15.987467] ret_from_fork+0x116/0x1d0 [ 15.987806] ret_from_fork_asm+0x1a/0x30 [ 15.988202] [ 15.988380] The buggy address belongs to the object at ffff888102ba6080 [ 15.988380] which belongs to the cache kmalloc-64 of size 64 [ 15.989421] The buggy address is located 0 bytes to the right of [ 15.989421] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.990100] [ 15.990175] The buggy address belongs to the physical page: [ 15.990346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.990608] flags: 0x200000000000000(node=0|zone=2) [ 15.990894] page_type: f5(slab) [ 15.991082] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.991369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.991758] page dumped because: kasan: bad access detected [ 15.991973] [ 15.992071] Memory state around the buggy address: [ 15.992369] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.992748] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.993039] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.993428] ^ [ 15.993722] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994019] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994351] ================================================================== [ 15.847325] ================================================================== [ 15.848140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.848475] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.848827] [ 15.848943] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.848997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.849010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.849032] Call Trace: [ 15.849049] <TASK> [ 15.849078] dump_stack_lvl+0x73/0xb0 [ 15.849110] print_report+0xd1/0x650 [ 15.849133] ? __virt_addr_valid+0x1db/0x2d0 [ 15.849169] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.849192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.849228] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.849251] kasan_report+0x141/0x180 [ 15.849274] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.849314] kasan_check_range+0x10c/0x1c0 [ 15.849339] __kasan_check_write+0x18/0x20 [ 15.849360] kasan_atomics_helper+0x16e7/0x5450 [ 15.849396] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.849420] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.849447] ? kasan_atomics+0x152/0x310 [ 15.849484] kasan_atomics+0x1dc/0x310 [ 15.849532] ? __pfx_kasan_atomics+0x10/0x10 [ 15.849558] ? __pfx_read_tsc+0x10/0x10 [ 15.849590] ? ktime_get_ts64+0x86/0x230 [ 15.849631] kunit_try_run_case+0x1a5/0x480 [ 15.849657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.849721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.849747] ? __kthread_parkme+0x82/0x180 [ 15.849769] ? preempt_count_sub+0x50/0x80 [ 15.849795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.849856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.849883] kthread+0x337/0x6f0 [ 15.849903] ? trace_preempt_on+0x20/0xc0 [ 15.849940] ? __pfx_kthread+0x10/0x10 [ 15.849961] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.849984] ? calculate_sigpending+0x7b/0xa0 [ 15.850010] ? __pfx_kthread+0x10/0x10 [ 15.850033] ret_from_fork+0x116/0x1d0 [ 15.850053] ? __pfx_kthread+0x10/0x10 [ 15.850074] ret_from_fork_asm+0x1a/0x30 [ 15.850108] </TASK> [ 15.850119] [ 15.857722] Allocated by task 283: [ 15.857852] kasan_save_stack+0x45/0x70 [ 15.857995] kasan_save_track+0x18/0x40 [ 15.858211] kasan_save_alloc_info+0x3b/0x50 [ 15.858424] __kasan_kmalloc+0xb7/0xc0 [ 15.858646] __kmalloc_cache_noprof+0x189/0x420 [ 15.858870] kasan_atomics+0x95/0x310 [ 15.859004] kunit_try_run_case+0x1a5/0x480 [ 15.859196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.859455] kthread+0x337/0x6f0 [ 15.859673] ret_from_fork+0x116/0x1d0 [ 15.859841] ret_from_fork_asm+0x1a/0x30 [ 15.860039] [ 15.860120] The buggy address belongs to the object at ffff888102ba6080 [ 15.860120] which belongs to the cache kmalloc-64 of size 64 [ 15.860682] The buggy address is located 0 bytes to the right of [ 15.860682] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.861064] [ 15.861137] The buggy address belongs to the physical page: [ 15.861305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.861710] flags: 0x200000000000000(node=0|zone=2) [ 15.861942] page_type: f5(slab) [ 15.862107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.862441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.862798] page dumped because: kasan: bad access detected [ 15.863001] [ 15.863116] Memory state around the buggy address: [ 15.863294] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863533] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.863866] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.864204] ^ [ 15.864428] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864768] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.865084] ================================================================== [ 15.037583] ================================================================== [ 15.037881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.038418] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.038784] [ 15.038883] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.038966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.039004] Call Trace: [ 15.039034] <TASK> [ 15.039050] dump_stack_lvl+0x73/0xb0 [ 15.039082] print_report+0xd1/0x650 [ 15.039117] ? __virt_addr_valid+0x1db/0x2d0 [ 15.039142] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.039164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.039197] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.039220] kasan_report+0x141/0x180 [ 15.039244] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.039282] kasan_check_range+0x10c/0x1c0 [ 15.039307] __kasan_check_write+0x18/0x20 [ 15.039328] kasan_atomics_helper+0x4a0/0x5450 [ 15.039351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.039375] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.039403] ? kasan_atomics+0x152/0x310 [ 15.039430] kasan_atomics+0x1dc/0x310 [ 15.039454] ? __pfx_kasan_atomics+0x10/0x10 [ 15.039480] ? __pfx_read_tsc+0x10/0x10 [ 15.039502] ? ktime_get_ts64+0x86/0x230 [ 15.039528] kunit_try_run_case+0x1a5/0x480 [ 15.039561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.039627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.039652] ? __kthread_parkme+0x82/0x180 [ 15.039674] ? preempt_count_sub+0x50/0x80 [ 15.039700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039778] kthread+0x337/0x6f0 [ 15.039798] ? trace_preempt_on+0x20/0xc0 [ 15.039823] ? __pfx_kthread+0x10/0x10 [ 15.039845] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039868] ? calculate_sigpending+0x7b/0xa0 [ 15.039893] ? __pfx_kthread+0x10/0x10 [ 15.039916] ret_from_fork+0x116/0x1d0 [ 15.039985] ? __pfx_kthread+0x10/0x10 [ 15.040008] ret_from_fork_asm+0x1a/0x30 [ 15.040054] </TASK> [ 15.040065] [ 15.048511] Allocated by task 283: [ 15.048797] kasan_save_stack+0x45/0x70 [ 15.049062] kasan_save_track+0x18/0x40 [ 15.049270] kasan_save_alloc_info+0x3b/0x50 [ 15.049423] __kasan_kmalloc+0xb7/0xc0 [ 15.049656] __kmalloc_cache_noprof+0x189/0x420 [ 15.049908] kasan_atomics+0x95/0x310 [ 15.050153] kunit_try_run_case+0x1a5/0x480 [ 15.050346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.050647] kthread+0x337/0x6f0 [ 15.050817] ret_from_fork+0x116/0x1d0 [ 15.051094] ret_from_fork_asm+0x1a/0x30 [ 15.051302] [ 15.051387] The buggy address belongs to the object at ffff888102ba6080 [ 15.051387] which belongs to the cache kmalloc-64 of size 64 [ 15.051913] The buggy address is located 0 bytes to the right of [ 15.051913] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.052366] [ 15.052442] The buggy address belongs to the physical page: [ 15.052721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.053073] flags: 0x200000000000000(node=0|zone=2) [ 15.053294] page_type: f5(slab) [ 15.053414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.053652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.054420] page dumped because: kasan: bad access detected [ 15.055619] [ 15.055751] Memory state around the buggy address: [ 15.056111] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056434] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.057185] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.057499] ^ [ 15.057730] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.058674] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059441] ================================================================== [ 15.901804] ================================================================== [ 15.902051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.902323] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.902680] [ 15.902792] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.902833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.902845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.902865] Call Trace: [ 15.902882] <TASK> [ 15.902897] dump_stack_lvl+0x73/0xb0 [ 15.902924] print_report+0xd1/0x650 [ 15.902946] ? __virt_addr_valid+0x1db/0x2d0 [ 15.902970] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.902991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.903013] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.903036] kasan_report+0x141/0x180 [ 15.903058] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.903085] kasan_check_range+0x10c/0x1c0 [ 15.903109] __kasan_check_write+0x18/0x20 [ 15.903128] kasan_atomics_helper+0x18b1/0x5450 [ 15.903151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.903173] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.903198] ? kasan_atomics+0x152/0x310 [ 15.903226] kasan_atomics+0x1dc/0x310 [ 15.903248] ? __pfx_kasan_atomics+0x10/0x10 [ 15.903273] ? __pfx_read_tsc+0x10/0x10 [ 15.903294] ? ktime_get_ts64+0x86/0x230 [ 15.903319] kunit_try_run_case+0x1a5/0x480 [ 15.903344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.903391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.903415] ? __kthread_parkme+0x82/0x180 [ 15.903436] ? preempt_count_sub+0x50/0x80 [ 15.903461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.903510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.903534] kthread+0x337/0x6f0 [ 15.903554] ? trace_preempt_on+0x20/0xc0 [ 15.903579] ? __pfx_kthread+0x10/0x10 [ 15.903838] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.903872] ? calculate_sigpending+0x7b/0xa0 [ 15.903913] ? __pfx_kthread+0x10/0x10 [ 15.903937] ret_from_fork+0x116/0x1d0 [ 15.903957] ? __pfx_kthread+0x10/0x10 [ 15.903979] ret_from_fork_asm+0x1a/0x30 [ 15.904013] </TASK> [ 15.904025] [ 15.912046] Allocated by task 283: [ 15.912271] kasan_save_stack+0x45/0x70 [ 15.912422] kasan_save_track+0x18/0x40 [ 15.912621] kasan_save_alloc_info+0x3b/0x50 [ 15.912887] __kasan_kmalloc+0xb7/0xc0 [ 15.913155] __kmalloc_cache_noprof+0x189/0x420 [ 15.913470] kasan_atomics+0x95/0x310 [ 15.913713] kunit_try_run_case+0x1a5/0x480 [ 15.913972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.914194] kthread+0x337/0x6f0 [ 15.914316] ret_from_fork+0x116/0x1d0 [ 15.914479] ret_from_fork_asm+0x1a/0x30 [ 15.914756] [ 15.914855] The buggy address belongs to the object at ffff888102ba6080 [ 15.914855] which belongs to the cache kmalloc-64 of size 64 [ 15.915510] The buggy address is located 0 bytes to the right of [ 15.915510] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.915945] [ 15.916045] The buggy address belongs to the physical page: [ 15.916349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.916690] flags: 0x200000000000000(node=0|zone=2) [ 15.916939] page_type: f5(slab) [ 15.917079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.917392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.917745] page dumped because: kasan: bad access detected [ 15.917995] [ 15.918066] Memory state around the buggy address: [ 15.918222] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.918533] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.918909] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.919321] ^ [ 15.919618] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919838] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.920203] ================================================================== [ 14.935141] ================================================================== [ 14.935426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.935826] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 14.936162] [ 14.936274] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.936314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.936326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.936345] Call Trace: [ 14.936356] <TASK> [ 14.936370] dump_stack_lvl+0x73/0xb0 [ 14.936398] print_report+0xd1/0x650 [ 14.936420] ? __virt_addr_valid+0x1db/0x2d0 [ 14.936442] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.936463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.936487] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.936509] kasan_report+0x141/0x180 [ 14.936531] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.936558] __asan_report_store4_noabort+0x1b/0x30 [ 14.936583] kasan_atomics_helper+0x4ba2/0x5450 [ 14.936634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.936657] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.936694] ? kasan_atomics+0x152/0x310 [ 14.936720] kasan_atomics+0x1dc/0x310 [ 14.936742] ? __pfx_kasan_atomics+0x10/0x10 [ 14.936766] ? __pfx_read_tsc+0x10/0x10 [ 14.936786] ? ktime_get_ts64+0x86/0x230 [ 14.936811] kunit_try_run_case+0x1a5/0x480 [ 14.936835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.936881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.936906] ? __kthread_parkme+0x82/0x180 [ 14.936926] ? preempt_count_sub+0x50/0x80 [ 14.936950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.937000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.937035] kthread+0x337/0x6f0 [ 14.937054] ? trace_preempt_on+0x20/0xc0 [ 14.937077] ? __pfx_kthread+0x10/0x10 [ 14.937115] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.937137] ? calculate_sigpending+0x7b/0xa0 [ 14.937161] ? __pfx_kthread+0x10/0x10 [ 14.937182] ret_from_fork+0x116/0x1d0 [ 14.937200] ? __pfx_kthread+0x10/0x10 [ 14.937221] ret_from_fork_asm+0x1a/0x30 [ 14.937254] </TASK> [ 14.937264] [ 14.945166] Allocated by task 283: [ 14.945296] kasan_save_stack+0x45/0x70 [ 14.945439] kasan_save_track+0x18/0x40 [ 14.945791] kasan_save_alloc_info+0x3b/0x50 [ 14.946123] __kasan_kmalloc+0xb7/0xc0 [ 14.946433] __kmalloc_cache_noprof+0x189/0x420 [ 14.946639] kasan_atomics+0x95/0x310 [ 14.946870] kunit_try_run_case+0x1a5/0x480 [ 14.947186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947361] kthread+0x337/0x6f0 [ 14.947550] ret_from_fork+0x116/0x1d0 [ 14.947762] ret_from_fork_asm+0x1a/0x30 [ 14.947971] [ 14.948097] The buggy address belongs to the object at ffff888102ba6080 [ 14.948097] which belongs to the cache kmalloc-64 of size 64 [ 14.948616] The buggy address is located 0 bytes to the right of [ 14.948616] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 14.949097] [ 14.949380] The buggy address belongs to the physical page: [ 14.949609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 14.949975] flags: 0x200000000000000(node=0|zone=2) [ 14.950242] page_type: f5(slab) [ 14.950370] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.950729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.951086] page dumped because: kasan: bad access detected [ 14.951346] [ 14.951443] Memory state around the buggy address: [ 14.951703] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.951916] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.952126] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.952336] ^ [ 14.952681] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953283] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953505] ================================================================== [ 15.921091] ================================================================== [ 15.921393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.921814] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.922135] [ 15.922283] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.922339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922374] Call Trace: [ 15.922390] <TASK> [ 15.922438] dump_stack_lvl+0x73/0xb0 [ 15.922472] print_report+0xd1/0x650 [ 15.922520] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922545] ? kasan_atomics_helper+0x194a/0x5450 [ 15.922568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922592] ? kasan_atomics_helper+0x194a/0x5450 [ 15.922624] kasan_report+0x141/0x180 [ 15.922648] ? kasan_atomics_helper+0x194a/0x5450 [ 15.922675] kasan_check_range+0x10c/0x1c0 [ 15.922701] __kasan_check_write+0x18/0x20 [ 15.922753] kasan_atomics_helper+0x194a/0x5450 [ 15.922790] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.922825] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.922852] ? kasan_atomics+0x152/0x310 [ 15.922879] kasan_atomics+0x1dc/0x310 [ 15.922903] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922928] ? __pfx_read_tsc+0x10/0x10 [ 15.922950] ? ktime_get_ts64+0x86/0x230 [ 15.922975] kunit_try_run_case+0x1a5/0x480 [ 15.923002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.923052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.923078] ? __kthread_parkme+0x82/0x180 [ 15.923099] ? preempt_count_sub+0x50/0x80 [ 15.923124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.923202] kthread+0x337/0x6f0 [ 15.923222] ? trace_preempt_on+0x20/0xc0 [ 15.923247] ? __pfx_kthread+0x10/0x10 [ 15.923269] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.923292] ? calculate_sigpending+0x7b/0xa0 [ 15.923318] ? __pfx_kthread+0x10/0x10 [ 15.923341] ret_from_fork+0x116/0x1d0 [ 15.923360] ? __pfx_kthread+0x10/0x10 [ 15.923382] ret_from_fork_asm+0x1a/0x30 [ 15.923415] </TASK> [ 15.923427] [ 15.931199] Allocated by task 283: [ 15.931368] kasan_save_stack+0x45/0x70 [ 15.931616] kasan_save_track+0x18/0x40 [ 15.931851] kasan_save_alloc_info+0x3b/0x50 [ 15.932069] __kasan_kmalloc+0xb7/0xc0 [ 15.932282] __kmalloc_cache_noprof+0x189/0x420 [ 15.932555] kasan_atomics+0x95/0x310 [ 15.932758] kunit_try_run_case+0x1a5/0x480 [ 15.932911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.933159] kthread+0x337/0x6f0 [ 15.933366] ret_from_fork+0x116/0x1d0 [ 15.933584] ret_from_fork_asm+0x1a/0x30 [ 15.933740] [ 15.933886] The buggy address belongs to the object at ffff888102ba6080 [ 15.933886] which belongs to the cache kmalloc-64 of size 64 [ 15.934394] The buggy address is located 0 bytes to the right of [ 15.934394] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.934849] [ 15.934984] The buggy address belongs to the physical page: [ 15.935255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.935718] flags: 0x200000000000000(node=0|zone=2) [ 15.935949] page_type: f5(slab) [ 15.936107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.936339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.936767] page dumped because: kasan: bad access detected [ 15.937095] [ 15.937179] Memory state around the buggy address: [ 15.937357] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.937731] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.937952] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.938289] ^ [ 15.938564] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.938944] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939274] ================================================================== [ 15.615747] ================================================================== [ 15.616840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.617744] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.618413] [ 15.618512] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.618559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.618572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.618595] Call Trace: [ 15.618628] <TASK> [ 15.618647] dump_stack_lvl+0x73/0xb0 [ 15.618682] print_report+0xd1/0x650 [ 15.618705] ? __virt_addr_valid+0x1db/0x2d0 [ 15.618730] ? kasan_atomics_helper+0x1217/0x5450 [ 15.618753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.618777] ? kasan_atomics_helper+0x1217/0x5450 [ 15.618800] kasan_report+0x141/0x180 [ 15.618823] ? kasan_atomics_helper+0x1217/0x5450 [ 15.618851] kasan_check_range+0x10c/0x1c0 [ 15.618876] __kasan_check_write+0x18/0x20 [ 15.618895] kasan_atomics_helper+0x1217/0x5450 [ 15.618919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.618943] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.618971] ? kasan_atomics+0x152/0x310 [ 15.618997] kasan_atomics+0x1dc/0x310 [ 15.619021] ? __pfx_kasan_atomics+0x10/0x10 [ 15.619046] ? __pfx_read_tsc+0x10/0x10 [ 15.619069] ? ktime_get_ts64+0x86/0x230 [ 15.619095] kunit_try_run_case+0x1a5/0x480 [ 15.619120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.619170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.619194] ? __kthread_parkme+0x82/0x180 [ 15.619217] ? preempt_count_sub+0x50/0x80 [ 15.619244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.619296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.619322] kthread+0x337/0x6f0 [ 15.619342] ? trace_preempt_on+0x20/0xc0 [ 15.619368] ? __pfx_kthread+0x10/0x10 [ 15.619390] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.619413] ? calculate_sigpending+0x7b/0xa0 [ 15.619439] ? __pfx_kthread+0x10/0x10 [ 15.619462] ret_from_fork+0x116/0x1d0 [ 15.619481] ? __pfx_kthread+0x10/0x10 [ 15.619665] ret_from_fork_asm+0x1a/0x30 [ 15.619714] </TASK> [ 15.619727] [ 15.634686] Allocated by task 283: [ 15.635067] kasan_save_stack+0x45/0x70 [ 15.635365] kasan_save_track+0x18/0x40 [ 15.635525] kasan_save_alloc_info+0x3b/0x50 [ 15.635959] __kasan_kmalloc+0xb7/0xc0 [ 15.636331] __kmalloc_cache_noprof+0x189/0x420 [ 15.636795] kasan_atomics+0x95/0x310 [ 15.637153] kunit_try_run_case+0x1a5/0x480 [ 15.637446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637821] kthread+0x337/0x6f0 [ 15.638141] ret_from_fork+0x116/0x1d0 [ 15.638500] ret_from_fork_asm+0x1a/0x30 [ 15.638840] [ 15.639062] The buggy address belongs to the object at ffff888102ba6080 [ 15.639062] which belongs to the cache kmalloc-64 of size 64 [ 15.639792] The buggy address is located 0 bytes to the right of [ 15.639792] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.640155] [ 15.640230] The buggy address belongs to the physical page: [ 15.640401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.640958] flags: 0x200000000000000(node=0|zone=2) [ 15.641323] page_type: f5(slab) [ 15.641709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.642144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.642609] page dumped because: kasan: bad access detected [ 15.642786] [ 15.642855] Memory state around the buggy address: [ 15.643013] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.643231] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643452] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.643718] ^ [ 15.643903] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.644249] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.644632] ================================================================== [ 16.020819] ================================================================== [ 16.021825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.022268] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.022969] [ 16.023107] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.023155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.023167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.023189] Call Trace: [ 16.023209] <TASK> [ 16.023231] dump_stack_lvl+0x73/0xb0 [ 16.023264] print_report+0xd1/0x650 [ 16.023286] ? __virt_addr_valid+0x1db/0x2d0 [ 16.023311] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.023333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.023358] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.023382] kasan_report+0x141/0x180 [ 16.023406] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.023434] kasan_check_range+0x10c/0x1c0 [ 16.023460] __kasan_check_write+0x18/0x20 [ 16.023480] kasan_atomics_helper+0x1c18/0x5450 [ 16.023528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.023561] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.023590] ? kasan_atomics+0x152/0x310 [ 16.023634] kasan_atomics+0x1dc/0x310 [ 16.023658] ? __pfx_kasan_atomics+0x10/0x10 [ 16.023683] ? __pfx_read_tsc+0x10/0x10 [ 16.023705] ? ktime_get_ts64+0x86/0x230 [ 16.023731] kunit_try_run_case+0x1a5/0x480 [ 16.023757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.023781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.023807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.023832] ? __kthread_parkme+0x82/0x180 [ 16.023853] ? preempt_count_sub+0x50/0x80 [ 16.023879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.023905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.023956] kthread+0x337/0x6f0 [ 16.023976] ? trace_preempt_on+0x20/0xc0 [ 16.024001] ? __pfx_kthread+0x10/0x10 [ 16.024023] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.024049] ? calculate_sigpending+0x7b/0xa0 [ 16.024075] ? __pfx_kthread+0x10/0x10 [ 16.024097] ret_from_fork+0x116/0x1d0 [ 16.024116] ? __pfx_kthread+0x10/0x10 [ 16.024138] ret_from_fork_asm+0x1a/0x30 [ 16.024173] </TASK> [ 16.024185] [ 16.035646] Allocated by task 283: [ 16.035851] kasan_save_stack+0x45/0x70 [ 16.036152] kasan_save_track+0x18/0x40 [ 16.036433] kasan_save_alloc_info+0x3b/0x50 [ 16.036744] __kasan_kmalloc+0xb7/0xc0 [ 16.037019] __kmalloc_cache_noprof+0x189/0x420 [ 16.037333] kasan_atomics+0x95/0x310 [ 16.037631] kunit_try_run_case+0x1a5/0x480 [ 16.037943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.038296] kthread+0x337/0x6f0 [ 16.038615] ret_from_fork+0x116/0x1d0 [ 16.038927] ret_from_fork_asm+0x1a/0x30 [ 16.039220] [ 16.039351] The buggy address belongs to the object at ffff888102ba6080 [ 16.039351] which belongs to the cache kmalloc-64 of size 64 [ 16.040214] The buggy address is located 0 bytes to the right of [ 16.040214] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.041102] [ 16.041186] The buggy address belongs to the physical page: [ 16.041445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.041905] flags: 0x200000000000000(node=0|zone=2) [ 16.042371] page_type: f5(slab) [ 16.042562] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.042924] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.043427] page dumped because: kasan: bad access detected [ 16.043756] [ 16.043999] Memory state around the buggy address: [ 16.044312] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.044839] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.045250] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.045720] ^ [ 16.046041] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.046494] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.046994] ================================================================== [ 16.191516] ================================================================== [ 16.191888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.192198] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.192480] [ 16.192684] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.192726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.192737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.192758] Call Trace: [ 16.192772] <TASK> [ 16.192788] dump_stack_lvl+0x73/0xb0 [ 16.192841] print_report+0xd1/0x650 [ 16.192864] ? __virt_addr_valid+0x1db/0x2d0 [ 16.192887] ? kasan_atomics_helper+0x2006/0x5450 [ 16.192909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.192934] ? kasan_atomics_helper+0x2006/0x5450 [ 16.192957] kasan_report+0x141/0x180 [ 16.192981] ? kasan_atomics_helper+0x2006/0x5450 [ 16.193008] kasan_check_range+0x10c/0x1c0 [ 16.193034] __kasan_check_write+0x18/0x20 [ 16.193061] kasan_atomics_helper+0x2006/0x5450 [ 16.193085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.193109] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.193135] ? kasan_atomics+0x152/0x310 [ 16.193162] kasan_atomics+0x1dc/0x310 [ 16.193185] ? __pfx_kasan_atomics+0x10/0x10 [ 16.193210] ? __pfx_read_tsc+0x10/0x10 [ 16.193232] ? ktime_get_ts64+0x86/0x230 [ 16.193257] kunit_try_run_case+0x1a5/0x480 [ 16.193282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.193306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.193331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.193356] ? __kthread_parkme+0x82/0x180 [ 16.193378] ? preempt_count_sub+0x50/0x80 [ 16.193404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.193429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.193456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.193482] kthread+0x337/0x6f0 [ 16.193501] ? trace_preempt_on+0x20/0xc0 [ 16.193526] ? __pfx_kthread+0x10/0x10 [ 16.193548] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.193570] ? calculate_sigpending+0x7b/0xa0 [ 16.193596] ? __pfx_kthread+0x10/0x10 [ 16.193628] ret_from_fork+0x116/0x1d0 [ 16.193648] ? __pfx_kthread+0x10/0x10 [ 16.193669] ret_from_fork_asm+0x1a/0x30 [ 16.193702] </TASK> [ 16.193717] [ 16.200701] Allocated by task 283: [ 16.200878] kasan_save_stack+0x45/0x70 [ 16.201077] kasan_save_track+0x18/0x40 [ 16.201266] kasan_save_alloc_info+0x3b/0x50 [ 16.201475] __kasan_kmalloc+0xb7/0xc0 [ 16.201910] __kmalloc_cache_noprof+0x189/0x420 [ 16.202132] kasan_atomics+0x95/0x310 [ 16.202324] kunit_try_run_case+0x1a5/0x480 [ 16.202542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.202811] kthread+0x337/0x6f0 [ 16.202964] ret_from_fork+0x116/0x1d0 [ 16.203124] ret_from_fork_asm+0x1a/0x30 [ 16.203311] [ 16.203388] The buggy address belongs to the object at ffff888102ba6080 [ 16.203388] which belongs to the cache kmalloc-64 of size 64 [ 16.204246] The buggy address is located 0 bytes to the right of [ 16.204246] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.204782] [ 16.204876] The buggy address belongs to the physical page: [ 16.205074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.205597] flags: 0x200000000000000(node=0|zone=2) [ 16.205825] page_type: f5(slab) [ 16.206014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.206328] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.206698] page dumped because: kasan: bad access detected [ 16.206868] [ 16.206937] Memory state around the buggy address: [ 16.207090] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.207303] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.207520] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.207852] ^ [ 16.208079] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.208403] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.208751] ================================================================== [ 15.645223] ================================================================== [ 15.645639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.645984] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.646287] [ 15.646411] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.646472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.646488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.646512] Call Trace: [ 15.646534] <TASK> [ 15.646557] dump_stack_lvl+0x73/0xb0 [ 15.646588] print_report+0xd1/0x650 [ 15.646623] ? __virt_addr_valid+0x1db/0x2d0 [ 15.646658] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.646681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.646707] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.646732] kasan_report+0x141/0x180 [ 15.646755] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.646783] __asan_report_load4_noabort+0x18/0x20 [ 15.646810] kasan_atomics_helper+0x49e8/0x5450 [ 15.646834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.646857] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.646884] ? kasan_atomics+0x152/0x310 [ 15.646912] kasan_atomics+0x1dc/0x310 [ 15.646935] ? __pfx_kasan_atomics+0x10/0x10 [ 15.646960] ? __pfx_read_tsc+0x10/0x10 [ 15.646983] ? ktime_get_ts64+0x86/0x230 [ 15.647009] kunit_try_run_case+0x1a5/0x480 [ 15.647035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.647059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.647086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.647111] ? __kthread_parkme+0x82/0x180 [ 15.647133] ? preempt_count_sub+0x50/0x80 [ 15.647159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.647184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.647210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.647236] kthread+0x337/0x6f0 [ 15.647255] ? trace_preempt_on+0x20/0xc0 [ 15.647282] ? __pfx_kthread+0x10/0x10 [ 15.647305] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.647328] ? calculate_sigpending+0x7b/0xa0 [ 15.647354] ? __pfx_kthread+0x10/0x10 [ 15.647377] ret_from_fork+0x116/0x1d0 [ 15.647396] ? __pfx_kthread+0x10/0x10 [ 15.647418] ret_from_fork_asm+0x1a/0x30 [ 15.647452] </TASK> [ 15.647463] [ 15.654656] Allocated by task 283: [ 15.654784] kasan_save_stack+0x45/0x70 [ 15.654959] kasan_save_track+0x18/0x40 [ 15.655154] kasan_save_alloc_info+0x3b/0x50 [ 15.655367] __kasan_kmalloc+0xb7/0xc0 [ 15.655622] __kmalloc_cache_noprof+0x189/0x420 [ 15.655817] kasan_atomics+0x95/0x310 [ 15.655973] kunit_try_run_case+0x1a5/0x480 [ 15.656167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.656401] kthread+0x337/0x6f0 [ 15.656566] ret_from_fork+0x116/0x1d0 [ 15.656763] ret_from_fork_asm+0x1a/0x30 [ 15.656942] [ 15.657012] The buggy address belongs to the object at ffff888102ba6080 [ 15.657012] which belongs to the cache kmalloc-64 of size 64 [ 15.657507] The buggy address is located 0 bytes to the right of [ 15.657507] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.657982] [ 15.658084] The buggy address belongs to the physical page: [ 15.658317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.658704] flags: 0x200000000000000(node=0|zone=2) [ 15.658925] page_type: f5(slab) [ 15.659083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.659365] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.659743] page dumped because: kasan: bad access detected [ 15.659996] [ 15.660080] Memory state around the buggy address: [ 15.660278] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660559] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.660860] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.661138] ^ [ 15.661349] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.661610] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.661827] ================================================================== [ 14.996833] ================================================================== [ 14.997211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.997579] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 14.997920] [ 14.998078] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.998137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.998150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.998173] Call Trace: [ 14.998190] <TASK> [ 14.998207] dump_stack_lvl+0x73/0xb0 [ 14.998238] print_report+0xd1/0x650 [ 14.998261] ? __virt_addr_valid+0x1db/0x2d0 [ 14.998285] ? kasan_atomics_helper+0x3df/0x5450 [ 14.998308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.998332] ? kasan_atomics_helper+0x3df/0x5450 [ 14.998355] kasan_report+0x141/0x180 [ 14.998378] ? kasan_atomics_helper+0x3df/0x5450 [ 14.998405] kasan_check_range+0x10c/0x1c0 [ 14.998430] __kasan_check_read+0x15/0x20 [ 14.998451] kasan_atomics_helper+0x3df/0x5450 [ 14.998474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.998499] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.998527] ? kasan_atomics+0x152/0x310 [ 14.998556] kasan_atomics+0x1dc/0x310 [ 14.998581] ? __pfx_kasan_atomics+0x10/0x10 [ 14.998616] ? __pfx_read_tsc+0x10/0x10 [ 14.998639] ? ktime_get_ts64+0x86/0x230 [ 14.998665] kunit_try_run_case+0x1a5/0x480 [ 14.998692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.998716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.998742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.998767] ? __kthread_parkme+0x82/0x180 [ 14.998789] ? preempt_count_sub+0x50/0x80 [ 14.998815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.998851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.998904] kthread+0x337/0x6f0 [ 14.998935] ? trace_preempt_on+0x20/0xc0 [ 14.998960] ? __pfx_kthread+0x10/0x10 [ 14.998982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.999005] ? calculate_sigpending+0x7b/0xa0 [ 14.999031] ? __pfx_kthread+0x10/0x10 [ 14.999053] ret_from_fork+0x116/0x1d0 [ 14.999073] ? __pfx_kthread+0x10/0x10 [ 14.999094] ret_from_fork_asm+0x1a/0x30 [ 14.999129] </TASK> [ 14.999139] [ 15.007572] Allocated by task 283: [ 15.007748] kasan_save_stack+0x45/0x70 [ 15.007895] kasan_save_track+0x18/0x40 [ 15.008092] kasan_save_alloc_info+0x3b/0x50 [ 15.008459] __kasan_kmalloc+0xb7/0xc0 [ 15.008632] __kmalloc_cache_noprof+0x189/0x420 [ 15.009062] kasan_atomics+0x95/0x310 [ 15.009408] kunit_try_run_case+0x1a5/0x480 [ 15.009714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.009969] kthread+0x337/0x6f0 [ 15.010178] ret_from_fork+0x116/0x1d0 [ 15.010391] ret_from_fork_asm+0x1a/0x30 [ 15.010532] [ 15.010613] The buggy address belongs to the object at ffff888102ba6080 [ 15.010613] which belongs to the cache kmalloc-64 of size 64 [ 15.011361] The buggy address is located 0 bytes to the right of [ 15.011361] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.011968] [ 15.012079] The buggy address belongs to the physical page: [ 15.012300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.012538] flags: 0x200000000000000(node=0|zone=2) [ 15.012881] page_type: f5(slab) [ 15.013232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.013674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.013916] page dumped because: kasan: bad access detected [ 15.014384] [ 15.014487] Memory state around the buggy address: [ 15.014735] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.014954] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.015221] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.015580] ^ [ 15.015846] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016302] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016621] ================================================================== [ 15.082248] ================================================================== [ 15.082578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.082923] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.083298] [ 15.083416] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.083472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.083484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.083530] Call Trace: [ 15.083551] <TASK> [ 15.083573] dump_stack_lvl+0x73/0xb0 [ 15.083616] print_report+0xd1/0x650 [ 15.083651] ? __virt_addr_valid+0x1db/0x2d0 [ 15.083676] ? kasan_atomics_helper+0x565/0x5450 [ 15.083700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.083735] ? kasan_atomics_helper+0x565/0x5450 [ 15.083758] kasan_report+0x141/0x180 [ 15.083782] ? kasan_atomics_helper+0x565/0x5450 [ 15.083818] kasan_check_range+0x10c/0x1c0 [ 15.083845] __kasan_check_write+0x18/0x20 [ 15.083866] kasan_atomics_helper+0x565/0x5450 [ 15.083900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.083924] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.084001] ? kasan_atomics+0x152/0x310 [ 15.084039] kasan_atomics+0x1dc/0x310 [ 15.084063] ? __pfx_kasan_atomics+0x10/0x10 [ 15.084100] ? __pfx_read_tsc+0x10/0x10 [ 15.084123] ? ktime_get_ts64+0x86/0x230 [ 15.084149] kunit_try_run_case+0x1a5/0x480 [ 15.084175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.084199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.084226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.084260] ? __kthread_parkme+0x82/0x180 [ 15.084281] ? preempt_count_sub+0x50/0x80 [ 15.084307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.084343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.084368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.084395] kthread+0x337/0x6f0 [ 15.084414] ? trace_preempt_on+0x20/0xc0 [ 15.084440] ? __pfx_kthread+0x10/0x10 [ 15.084462] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.084484] ? calculate_sigpending+0x7b/0xa0 [ 15.084521] ? __pfx_kthread+0x10/0x10 [ 15.084544] ret_from_fork+0x116/0x1d0 [ 15.084564] ? __pfx_kthread+0x10/0x10 [ 15.084585] ret_from_fork_asm+0x1a/0x30 [ 15.084629] </TASK> [ 15.084641] [ 15.093322] Allocated by task 283: [ 15.093458] kasan_save_stack+0x45/0x70 [ 15.093617] kasan_save_track+0x18/0x40 [ 15.093878] kasan_save_alloc_info+0x3b/0x50 [ 15.094376] __kasan_kmalloc+0xb7/0xc0 [ 15.094673] __kmalloc_cache_noprof+0x189/0x420 [ 15.094914] kasan_atomics+0x95/0x310 [ 15.095164] kunit_try_run_case+0x1a5/0x480 [ 15.095404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.095717] kthread+0x337/0x6f0 [ 15.095860] ret_from_fork+0x116/0x1d0 [ 15.095995] ret_from_fork_asm+0x1a/0x30 [ 15.096136] [ 15.096206] The buggy address belongs to the object at ffff888102ba6080 [ 15.096206] which belongs to the cache kmalloc-64 of size 64 [ 15.096713] The buggy address is located 0 bytes to the right of [ 15.096713] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.097743] [ 15.097824] The buggy address belongs to the physical page: [ 15.098171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.098568] flags: 0x200000000000000(node=0|zone=2) [ 15.098921] page_type: f5(slab) [ 15.099156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.099402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.099853] page dumped because: kasan: bad access detected [ 15.100191] [ 15.100272] Memory state around the buggy address: [ 15.100428] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100789] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.101199] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.101645] ^ [ 15.101851] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102171] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102384] ================================================================== [ 15.865801] ================================================================== [ 15.866192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.866546] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.866904] [ 15.866996] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.867039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.867051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.867073] Call Trace: [ 15.867088] <TASK> [ 15.867104] dump_stack_lvl+0x73/0xb0 [ 15.867134] print_report+0xd1/0x650 [ 15.867158] ? __virt_addr_valid+0x1db/0x2d0 [ 15.867194] ? kasan_atomics_helper+0x177f/0x5450 [ 15.867217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.867242] ? kasan_atomics_helper+0x177f/0x5450 [ 15.867276] kasan_report+0x141/0x180 [ 15.867299] ? kasan_atomics_helper+0x177f/0x5450 [ 15.867327] kasan_check_range+0x10c/0x1c0 [ 15.867352] __kasan_check_write+0x18/0x20 [ 15.867373] kasan_atomics_helper+0x177f/0x5450 [ 15.867398] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.867422] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.867449] ? kasan_atomics+0x152/0x310 [ 15.867477] kasan_atomics+0x1dc/0x310 [ 15.867519] ? __pfx_kasan_atomics+0x10/0x10 [ 15.867545] ? __pfx_read_tsc+0x10/0x10 [ 15.867568] ? ktime_get_ts64+0x86/0x230 [ 15.867594] kunit_try_run_case+0x1a5/0x480 [ 15.867630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.867657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.867693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.867718] ? __kthread_parkme+0x82/0x180 [ 15.867740] ? preempt_count_sub+0x50/0x80 [ 15.867779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.867805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.867831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.867857] kthread+0x337/0x6f0 [ 15.867878] ? trace_preempt_on+0x20/0xc0 [ 15.867903] ? __pfx_kthread+0x10/0x10 [ 15.867925] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.867948] ? calculate_sigpending+0x7b/0xa0 [ 15.867974] ? __pfx_kthread+0x10/0x10 [ 15.867996] ret_from_fork+0x116/0x1d0 [ 15.868016] ? __pfx_kthread+0x10/0x10 [ 15.868037] ret_from_fork_asm+0x1a/0x30 [ 15.868071] </TASK> [ 15.868082] [ 15.875623] Allocated by task 283: [ 15.875833] kasan_save_stack+0x45/0x70 [ 15.875996] kasan_save_track+0x18/0x40 [ 15.876202] kasan_save_alloc_info+0x3b/0x50 [ 15.876412] __kasan_kmalloc+0xb7/0xc0 [ 15.876609] __kmalloc_cache_noprof+0x189/0x420 [ 15.876857] kasan_atomics+0x95/0x310 [ 15.877010] kunit_try_run_case+0x1a5/0x480 [ 15.877157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.877428] kthread+0x337/0x6f0 [ 15.877629] ret_from_fork+0x116/0x1d0 [ 15.877821] ret_from_fork_asm+0x1a/0x30 [ 15.877997] [ 15.878082] The buggy address belongs to the object at ffff888102ba6080 [ 15.878082] which belongs to the cache kmalloc-64 of size 64 [ 15.878614] The buggy address is located 0 bytes to the right of [ 15.878614] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.879132] [ 15.879235] The buggy address belongs to the physical page: [ 15.879446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.879717] flags: 0x200000000000000(node=0|zone=2) [ 15.879880] page_type: f5(slab) [ 15.880000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.880353] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.880718] page dumped because: kasan: bad access detected [ 15.880968] [ 15.881065] Memory state around the buggy address: [ 15.881291] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.881611] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.881831] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.882044] ^ [ 15.882217] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882579] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882940] ================================================================== [ 16.138833] ================================================================== [ 16.139385] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.139734] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.140038] [ 16.140148] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.140190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.140203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.140225] Call Trace: [ 16.140240] <TASK> [ 16.140256] dump_stack_lvl+0x73/0xb0 [ 16.140284] print_report+0xd1/0x650 [ 16.140308] ? __virt_addr_valid+0x1db/0x2d0 [ 16.140332] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.140355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.140379] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.140403] kasan_report+0x141/0x180 [ 16.140426] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.140454] kasan_check_range+0x10c/0x1c0 [ 16.140481] __kasan_check_write+0x18/0x20 [ 16.140501] kasan_atomics_helper+0x1eaa/0x5450 [ 16.140537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.140561] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.140588] ? kasan_atomics+0x152/0x310 [ 16.140627] kasan_atomics+0x1dc/0x310 [ 16.140651] ? __pfx_kasan_atomics+0x10/0x10 [ 16.140677] ? __pfx_read_tsc+0x10/0x10 [ 16.140700] ? ktime_get_ts64+0x86/0x230 [ 16.140726] kunit_try_run_case+0x1a5/0x480 [ 16.140752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.140776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.140802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.140826] ? __kthread_parkme+0x82/0x180 [ 16.140848] ? preempt_count_sub+0x50/0x80 [ 16.140873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.140898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.140924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.140950] kthread+0x337/0x6f0 [ 16.140971] ? trace_preempt_on+0x20/0xc0 [ 16.140996] ? __pfx_kthread+0x10/0x10 [ 16.141017] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.141039] ? calculate_sigpending+0x7b/0xa0 [ 16.141065] ? __pfx_kthread+0x10/0x10 [ 16.141087] ret_from_fork+0x116/0x1d0 [ 16.141106] ? __pfx_kthread+0x10/0x10 [ 16.141127] ret_from_fork_asm+0x1a/0x30 [ 16.141160] </TASK> [ 16.141171] [ 16.149012] Allocated by task 283: [ 16.149172] kasan_save_stack+0x45/0x70 [ 16.149361] kasan_save_track+0x18/0x40 [ 16.149530] kasan_save_alloc_info+0x3b/0x50 [ 16.149764] __kasan_kmalloc+0xb7/0xc0 [ 16.149938] __kmalloc_cache_noprof+0x189/0x420 [ 16.150123] kasan_atomics+0x95/0x310 [ 16.150313] kunit_try_run_case+0x1a5/0x480 [ 16.150502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.150752] kthread+0x337/0x6f0 [ 16.150904] ret_from_fork+0x116/0x1d0 [ 16.151063] ret_from_fork_asm+0x1a/0x30 [ 16.151204] [ 16.151290] The buggy address belongs to the object at ffff888102ba6080 [ 16.151290] which belongs to the cache kmalloc-64 of size 64 [ 16.151903] The buggy address is located 0 bytes to the right of [ 16.151903] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.152382] [ 16.152481] The buggy address belongs to the physical page: [ 16.152743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.153052] flags: 0x200000000000000(node=0|zone=2) [ 16.153228] page_type: f5(slab) [ 16.153374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.153758] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.154008] page dumped because: kasan: bad access detected [ 16.154177] [ 16.154246] Memory state around the buggy address: [ 16.154400] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.154691] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155061] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.155371] ^ [ 16.155549] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155772] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155981] ================================================================== [ 15.584237] ================================================================== [ 15.584528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.584892] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.585224] [ 15.585334] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.585374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.585386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.585407] Call Trace: [ 15.585424] <TASK> [ 15.585440] dump_stack_lvl+0x73/0xb0 [ 15.585481] print_report+0xd1/0x650 [ 15.585504] ? __virt_addr_valid+0x1db/0x2d0 [ 15.585540] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.585563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.585587] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.585620] kasan_report+0x141/0x180 [ 15.585643] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.585671] __asan_report_load4_noabort+0x18/0x20 [ 15.585697] kasan_atomics_helper+0x4a02/0x5450 [ 15.585727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.585753] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.585782] ? kasan_atomics+0x152/0x310 [ 15.585810] kasan_atomics+0x1dc/0x310 [ 15.585834] ? __pfx_kasan_atomics+0x10/0x10 [ 15.585859] ? __pfx_read_tsc+0x10/0x10 [ 15.585882] ? ktime_get_ts64+0x86/0x230 [ 15.585908] kunit_try_run_case+0x1a5/0x480 [ 15.585934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.585958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.585985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.586010] ? __kthread_parkme+0x82/0x180 [ 15.586032] ? preempt_count_sub+0x50/0x80 [ 15.586058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.586083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.586109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.586135] kthread+0x337/0x6f0 [ 15.586155] ? trace_preempt_on+0x20/0xc0 [ 15.586180] ? __pfx_kthread+0x10/0x10 [ 15.586201] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.586224] ? calculate_sigpending+0x7b/0xa0 [ 15.586249] ? __pfx_kthread+0x10/0x10 [ 15.586272] ret_from_fork+0x116/0x1d0 [ 15.586291] ? __pfx_kthread+0x10/0x10 [ 15.586312] ret_from_fork_asm+0x1a/0x30 [ 15.586346] </TASK> [ 15.586357] [ 15.597816] Allocated by task 283: [ 15.597958] kasan_save_stack+0x45/0x70 [ 15.598112] kasan_save_track+0x18/0x40 [ 15.598251] kasan_save_alloc_info+0x3b/0x50 [ 15.598401] __kasan_kmalloc+0xb7/0xc0 [ 15.599104] __kmalloc_cache_noprof+0x189/0x420 [ 15.599698] kasan_atomics+0x95/0x310 [ 15.600233] kunit_try_run_case+0x1a5/0x480 [ 15.600883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.601562] kthread+0x337/0x6f0 [ 15.602038] ret_from_fork+0x116/0x1d0 [ 15.602540] ret_from_fork_asm+0x1a/0x30 [ 15.603101] [ 15.603407] The buggy address belongs to the object at ffff888102ba6080 [ 15.603407] which belongs to the cache kmalloc-64 of size 64 [ 15.604447] The buggy address is located 0 bytes to the right of [ 15.604447] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.605431] [ 15.605750] The buggy address belongs to the physical page: [ 15.606332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.607167] flags: 0x200000000000000(node=0|zone=2) [ 15.607342] page_type: f5(slab) [ 15.607463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.608493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.609345] page dumped because: kasan: bad access detected [ 15.609969] [ 15.610051] Memory state around the buggy address: [ 15.610209] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610430] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.611453] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.612349] ^ [ 15.613002] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613937] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614470] ================================================================== [ 16.047908] ================================================================== [ 16.048770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.049110] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.049721] [ 16.049974] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.050024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.050037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.050168] Call Trace: [ 16.050193] <TASK> [ 16.050213] dump_stack_lvl+0x73/0xb0 [ 16.050247] print_report+0xd1/0x650 [ 16.050270] ? __virt_addr_valid+0x1db/0x2d0 [ 16.050294] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.050317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.050343] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.050366] kasan_report+0x141/0x180 [ 16.050389] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.050417] __asan_report_load8_noabort+0x18/0x20 [ 16.050443] kasan_atomics_helper+0x4f30/0x5450 [ 16.050467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.050491] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.050528] ? kasan_atomics+0x152/0x310 [ 16.050557] kasan_atomics+0x1dc/0x310 [ 16.050580] ? __pfx_kasan_atomics+0x10/0x10 [ 16.050617] ? __pfx_read_tsc+0x10/0x10 [ 16.050640] ? ktime_get_ts64+0x86/0x230 [ 16.050667] kunit_try_run_case+0x1a5/0x480 [ 16.050694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.050720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.050747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.050772] ? __kthread_parkme+0x82/0x180 [ 16.050794] ? preempt_count_sub+0x50/0x80 [ 16.050820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.050847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.050873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.050899] kthread+0x337/0x6f0 [ 16.050919] ? trace_preempt_on+0x20/0xc0 [ 16.050945] ? __pfx_kthread+0x10/0x10 [ 16.050967] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.050990] ? calculate_sigpending+0x7b/0xa0 [ 16.051016] ? __pfx_kthread+0x10/0x10 [ 16.051039] ret_from_fork+0x116/0x1d0 [ 16.051059] ? __pfx_kthread+0x10/0x10 [ 16.051080] ret_from_fork_asm+0x1a/0x30 [ 16.051113] </TASK> [ 16.051125] [ 16.062214] Allocated by task 283: [ 16.062348] kasan_save_stack+0x45/0x70 [ 16.062631] kasan_save_track+0x18/0x40 [ 16.063040] kasan_save_alloc_info+0x3b/0x50 [ 16.063264] __kasan_kmalloc+0xb7/0xc0 [ 16.063450] __kmalloc_cache_noprof+0x189/0x420 [ 16.063943] kasan_atomics+0x95/0x310 [ 16.064130] kunit_try_run_case+0x1a5/0x480 [ 16.064333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.064740] kthread+0x337/0x6f0 [ 16.065082] ret_from_fork+0x116/0x1d0 [ 16.065346] ret_from_fork_asm+0x1a/0x30 [ 16.065717] [ 16.065916] The buggy address belongs to the object at ffff888102ba6080 [ 16.065916] which belongs to the cache kmalloc-64 of size 64 [ 16.066534] The buggy address is located 0 bytes to the right of [ 16.066534] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.067335] [ 16.067562] The buggy address belongs to the physical page: [ 16.067875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.068224] flags: 0x200000000000000(node=0|zone=2) [ 16.068459] page_type: f5(slab) [ 16.068835] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.069241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.069667] page dumped because: kasan: bad access detected [ 16.069921] [ 16.070148] Memory state around the buggy address: [ 16.070328] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.070783] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.071151] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.071555] ^ [ 16.071762] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.072131] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.072431] ================================================================== [ 14.975109] ================================================================== [ 14.975362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.975628] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 14.975853] [ 14.975945] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.975992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.976332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.976366] Call Trace: [ 14.976389] <TASK> [ 14.976411] dump_stack_lvl+0x73/0xb0 [ 14.976445] print_report+0xd1/0x650 [ 14.976470] ? __virt_addr_valid+0x1db/0x2d0 [ 14.976510] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.976542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.976566] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.976613] kasan_report+0x141/0x180 [ 14.976636] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.976664] __asan_report_store4_noabort+0x1b/0x30 [ 14.976692] kasan_atomics_helper+0x4b6e/0x5450 [ 14.976716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.976750] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.976777] ? kasan_atomics+0x152/0x310 [ 14.976815] kasan_atomics+0x1dc/0x310 [ 14.976839] ? __pfx_kasan_atomics+0x10/0x10 [ 14.976865] ? __pfx_read_tsc+0x10/0x10 [ 14.976897] ? ktime_get_ts64+0x86/0x230 [ 14.976923] kunit_try_run_case+0x1a5/0x480 [ 14.976950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.977359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.977399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.977436] ? __kthread_parkme+0x82/0x180 [ 14.977460] ? preempt_count_sub+0x50/0x80 [ 14.977497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.977535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.977562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.977597] kthread+0x337/0x6f0 [ 14.977627] ? trace_preempt_on+0x20/0xc0 [ 14.977653] ? __pfx_kthread+0x10/0x10 [ 14.977687] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.977717] ? calculate_sigpending+0x7b/0xa0 [ 14.977753] ? __pfx_kthread+0x10/0x10 [ 14.977777] ret_from_fork+0x116/0x1d0 [ 14.977797] ? __pfx_kthread+0x10/0x10 [ 14.977819] ret_from_fork_asm+0x1a/0x30 [ 14.977854] </TASK> [ 14.977866] [ 14.987445] Allocated by task 283: [ 14.987589] kasan_save_stack+0x45/0x70 [ 14.987756] kasan_save_track+0x18/0x40 [ 14.987894] kasan_save_alloc_info+0x3b/0x50 [ 14.988167] __kasan_kmalloc+0xb7/0xc0 [ 14.988376] __kmalloc_cache_noprof+0x189/0x420 [ 14.988731] kasan_atomics+0x95/0x310 [ 14.988964] kunit_try_run_case+0x1a5/0x480 [ 14.989185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.989444] kthread+0x337/0x6f0 [ 14.989687] ret_from_fork+0x116/0x1d0 [ 14.989898] ret_from_fork_asm+0x1a/0x30 [ 14.990155] [ 14.990252] The buggy address belongs to the object at ffff888102ba6080 [ 14.990252] which belongs to the cache kmalloc-64 of size 64 [ 14.990888] The buggy address is located 0 bytes to the right of [ 14.990888] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 14.991312] [ 14.991385] The buggy address belongs to the physical page: [ 14.991556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 14.991805] flags: 0x200000000000000(node=0|zone=2) [ 14.992295] page_type: f5(slab) [ 14.992494] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.992892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.993518] page dumped because: kasan: bad access detected [ 14.993839] [ 14.994018] Memory state around the buggy address: [ 14.994242] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.994650] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.995020] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.995355] ^ [ 14.995588] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.995898] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996275] ================================================================== [ 15.262577] ================================================================== [ 15.262912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.263231] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.263988] [ 15.264360] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.264410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.264423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.264446] Call Trace: [ 15.264507] <TASK> [ 15.264540] dump_stack_lvl+0x73/0xb0 [ 15.264574] print_report+0xd1/0x650 [ 15.264597] ? __virt_addr_valid+0x1db/0x2d0 [ 15.264634] ? kasan_atomics_helper+0x992/0x5450 [ 15.264656] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.264681] ? kasan_atomics_helper+0x992/0x5450 [ 15.264704] kasan_report+0x141/0x180 [ 15.264726] ? kasan_atomics_helper+0x992/0x5450 [ 15.264755] kasan_check_range+0x10c/0x1c0 [ 15.264780] __kasan_check_write+0x18/0x20 [ 15.264801] kasan_atomics_helper+0x992/0x5450 [ 15.264826] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.264849] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.264876] ? kasan_atomics+0x152/0x310 [ 15.264904] kasan_atomics+0x1dc/0x310 [ 15.264927] ? __pfx_kasan_atomics+0x10/0x10 [ 15.264952] ? __pfx_read_tsc+0x10/0x10 [ 15.264975] ? ktime_get_ts64+0x86/0x230 [ 15.265001] kunit_try_run_case+0x1a5/0x480 [ 15.265026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.265051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.265077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.265103] ? __kthread_parkme+0x82/0x180 [ 15.265125] ? preempt_count_sub+0x50/0x80 [ 15.265150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.265176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.265202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.265229] kthread+0x337/0x6f0 [ 15.265248] ? trace_preempt_on+0x20/0xc0 [ 15.265274] ? __pfx_kthread+0x10/0x10 [ 15.265295] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.265318] ? calculate_sigpending+0x7b/0xa0 [ 15.265344] ? __pfx_kthread+0x10/0x10 [ 15.265367] ret_from_fork+0x116/0x1d0 [ 15.265386] ? __pfx_kthread+0x10/0x10 [ 15.265407] ret_from_fork_asm+0x1a/0x30 [ 15.265441] </TASK> [ 15.265453] [ 15.276800] Allocated by task 283: [ 15.276983] kasan_save_stack+0x45/0x70 [ 15.277175] kasan_save_track+0x18/0x40 [ 15.277357] kasan_save_alloc_info+0x3b/0x50 [ 15.277893] __kasan_kmalloc+0xb7/0xc0 [ 15.278133] __kmalloc_cache_noprof+0x189/0x420 [ 15.278455] kasan_atomics+0x95/0x310 [ 15.278834] kunit_try_run_case+0x1a5/0x480 [ 15.279140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279485] kthread+0x337/0x6f0 [ 15.279762] ret_from_fork+0x116/0x1d0 [ 15.279947] ret_from_fork_asm+0x1a/0x30 [ 15.280134] [ 15.280224] The buggy address belongs to the object at ffff888102ba6080 [ 15.280224] which belongs to the cache kmalloc-64 of size 64 [ 15.281275] The buggy address is located 0 bytes to the right of [ 15.281275] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.282177] [ 15.282431] The buggy address belongs to the physical page: [ 15.282945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.283446] flags: 0x200000000000000(node=0|zone=2) [ 15.283855] page_type: f5(slab) [ 15.284146] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.284476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.285139] page dumped because: kasan: bad access detected [ 15.285389] [ 15.285483] Memory state around the buggy address: [ 15.285924] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.286235] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.286706] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.287194] ^ [ 15.287530] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288003] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288294] ================================================================== [ 15.370353] ================================================================== [ 15.370764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.371211] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.371671] [ 15.371802] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.372060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.372074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.372096] Call Trace: [ 15.372113] <TASK> [ 15.372131] dump_stack_lvl+0x73/0xb0 [ 15.372198] print_report+0xd1/0x650 [ 15.372222] ? __virt_addr_valid+0x1db/0x2d0 [ 15.372246] ? kasan_atomics_helper+0xc70/0x5450 [ 15.372269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.372294] ? kasan_atomics_helper+0xc70/0x5450 [ 15.372317] kasan_report+0x141/0x180 [ 15.372340] ? kasan_atomics_helper+0xc70/0x5450 [ 15.372367] kasan_check_range+0x10c/0x1c0 [ 15.372393] __kasan_check_write+0x18/0x20 [ 15.372413] kasan_atomics_helper+0xc70/0x5450 [ 15.372436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.372460] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.372486] ? kasan_atomics+0x152/0x310 [ 15.372514] kasan_atomics+0x1dc/0x310 [ 15.372537] ? __pfx_kasan_atomics+0x10/0x10 [ 15.372563] ? __pfx_read_tsc+0x10/0x10 [ 15.372585] ? ktime_get_ts64+0x86/0x230 [ 15.372621] kunit_try_run_case+0x1a5/0x480 [ 15.372647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.372672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.372697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.372721] ? __kthread_parkme+0x82/0x180 [ 15.372743] ? preempt_count_sub+0x50/0x80 [ 15.372768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.372793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.372819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.372845] kthread+0x337/0x6f0 [ 15.372866] ? trace_preempt_on+0x20/0xc0 [ 15.372891] ? __pfx_kthread+0x10/0x10 [ 15.372913] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.372935] ? calculate_sigpending+0x7b/0xa0 [ 15.372960] ? __pfx_kthread+0x10/0x10 [ 15.372983] ret_from_fork+0x116/0x1d0 [ 15.373003] ? __pfx_kthread+0x10/0x10 [ 15.373024] ret_from_fork_asm+0x1a/0x30 [ 15.373058] </TASK> [ 15.373069] [ 15.384237] Allocated by task 283: [ 15.384530] kasan_save_stack+0x45/0x70 [ 15.384921] kasan_save_track+0x18/0x40 [ 15.385219] kasan_save_alloc_info+0x3b/0x50 [ 15.385565] __kasan_kmalloc+0xb7/0xc0 [ 15.385899] __kmalloc_cache_noprof+0x189/0x420 [ 15.386116] kasan_atomics+0x95/0x310 [ 15.386295] kunit_try_run_case+0x1a5/0x480 [ 15.386489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.387022] kthread+0x337/0x6f0 [ 15.387311] ret_from_fork+0x116/0x1d0 [ 15.387719] ret_from_fork_asm+0x1a/0x30 [ 15.388025] [ 15.388135] The buggy address belongs to the object at ffff888102ba6080 [ 15.388135] which belongs to the cache kmalloc-64 of size 64 [ 15.388898] The buggy address is located 0 bytes to the right of [ 15.388898] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.389787] [ 15.389892] The buggy address belongs to the physical page: [ 15.390289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.390950] flags: 0x200000000000000(node=0|zone=2) [ 15.391255] page_type: f5(slab) [ 15.391531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.392074] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.392396] page dumped because: kasan: bad access detected [ 15.392855] [ 15.393095] Memory state around the buggy address: [ 15.393434] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.393964] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.394263] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.394841] ^ [ 15.395147] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.395646] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.396134] ================================================================== [ 15.829287] ================================================================== [ 15.829664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.830035] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.830342] [ 15.830470] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.830545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.830559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.830582] Call Trace: [ 15.830619] <TASK> [ 15.830637] dump_stack_lvl+0x73/0xb0 [ 15.830668] print_report+0xd1/0x650 [ 15.830692] ? __virt_addr_valid+0x1db/0x2d0 [ 15.830726] ? kasan_atomics_helper+0x164f/0x5450 [ 15.830748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.830773] ? kasan_atomics_helper+0x164f/0x5450 [ 15.830807] kasan_report+0x141/0x180 [ 15.830830] ? kasan_atomics_helper+0x164f/0x5450 [ 15.830858] kasan_check_range+0x10c/0x1c0 [ 15.830892] __kasan_check_write+0x18/0x20 [ 15.830913] kasan_atomics_helper+0x164f/0x5450 [ 15.830937] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.830972] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.831000] ? kasan_atomics+0x152/0x310 [ 15.831028] kasan_atomics+0x1dc/0x310 [ 15.831062] ? __pfx_kasan_atomics+0x10/0x10 [ 15.831087] ? __pfx_read_tsc+0x10/0x10 [ 15.831110] ? ktime_get_ts64+0x86/0x230 [ 15.831136] kunit_try_run_case+0x1a5/0x480 [ 15.831171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.831195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.831227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.831253] ? __kthread_parkme+0x82/0x180 [ 15.831275] ? preempt_count_sub+0x50/0x80 [ 15.831301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.831326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.831353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.831379] kthread+0x337/0x6f0 [ 15.831399] ? trace_preempt_on+0x20/0xc0 [ 15.831424] ? __pfx_kthread+0x10/0x10 [ 15.831446] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.831468] ? calculate_sigpending+0x7b/0xa0 [ 15.831516] ? __pfx_kthread+0x10/0x10 [ 15.831539] ret_from_fork+0x116/0x1d0 [ 15.831559] ? __pfx_kthread+0x10/0x10 [ 15.831581] ret_from_fork_asm+0x1a/0x30 [ 15.831624] </TASK> [ 15.831635] [ 15.839147] Allocated by task 283: [ 15.839300] kasan_save_stack+0x45/0x70 [ 15.839446] kasan_save_track+0x18/0x40 [ 15.839616] kasan_save_alloc_info+0x3b/0x50 [ 15.839847] __kasan_kmalloc+0xb7/0xc0 [ 15.840034] __kmalloc_cache_noprof+0x189/0x420 [ 15.840258] kasan_atomics+0x95/0x310 [ 15.840446] kunit_try_run_case+0x1a5/0x480 [ 15.840687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.840923] kthread+0x337/0x6f0 [ 15.841045] ret_from_fork+0x116/0x1d0 [ 15.841219] ret_from_fork_asm+0x1a/0x30 [ 15.841429] [ 15.841569] The buggy address belongs to the object at ffff888102ba6080 [ 15.841569] which belongs to the cache kmalloc-64 of size 64 [ 15.842078] The buggy address is located 0 bytes to the right of [ 15.842078] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.842657] [ 15.842760] The buggy address belongs to the physical page: [ 15.842980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.843318] flags: 0x200000000000000(node=0|zone=2) [ 15.843552] page_type: f5(slab) [ 15.843688] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.843917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.844147] page dumped because: kasan: bad access detected [ 15.844409] [ 15.844538] Memory state around the buggy address: [ 15.844768] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.845081] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.845392] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.845733] ^ [ 15.845924] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.846219] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.846433] ================================================================== [ 15.397414] ================================================================== [ 15.397761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.398420] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.399110] [ 15.399223] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.399365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.399381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.399404] Call Trace: [ 15.399422] <TASK> [ 15.399441] dump_stack_lvl+0x73/0xb0 [ 15.399473] print_report+0xd1/0x650 [ 15.399514] ? __virt_addr_valid+0x1db/0x2d0 [ 15.399539] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.399562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.399587] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.399619] kasan_report+0x141/0x180 [ 15.399643] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.399670] __asan_report_load4_noabort+0x18/0x20 [ 15.399696] kasan_atomics_helper+0x4a84/0x5450 [ 15.399719] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.399743] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.399770] ? kasan_atomics+0x152/0x310 [ 15.399797] kasan_atomics+0x1dc/0x310 [ 15.399820] ? __pfx_kasan_atomics+0x10/0x10 [ 15.399845] ? __pfx_read_tsc+0x10/0x10 [ 15.399867] ? ktime_get_ts64+0x86/0x230 [ 15.399893] kunit_try_run_case+0x1a5/0x480 [ 15.399917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.399942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.399968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.399992] ? __kthread_parkme+0x82/0x180 [ 15.400014] ? preempt_count_sub+0x50/0x80 [ 15.400038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.400065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.400090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.400117] kthread+0x337/0x6f0 [ 15.400137] ? trace_preempt_on+0x20/0xc0 [ 15.400163] ? __pfx_kthread+0x10/0x10 [ 15.400185] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.400208] ? calculate_sigpending+0x7b/0xa0 [ 15.400234] ? __pfx_kthread+0x10/0x10 [ 15.400257] ret_from_fork+0x116/0x1d0 [ 15.400276] ? __pfx_kthread+0x10/0x10 [ 15.400298] ret_from_fork_asm+0x1a/0x30 [ 15.400331] </TASK> [ 15.400342] [ 15.407274] Allocated by task 283: [ 15.407461] kasan_save_stack+0x45/0x70 [ 15.407682] kasan_save_track+0x18/0x40 [ 15.407881] kasan_save_alloc_info+0x3b/0x50 [ 15.408327] __kasan_kmalloc+0xb7/0xc0 [ 15.408520] __kmalloc_cache_noprof+0x189/0x420 [ 15.408721] kasan_atomics+0x95/0x310 [ 15.408915] kunit_try_run_case+0x1a5/0x480 [ 15.409096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.409275] kthread+0x337/0x6f0 [ 15.409393] ret_from_fork+0x116/0x1d0 [ 15.409661] ret_from_fork_asm+0x1a/0x30 [ 15.409864] [ 15.409956] The buggy address belongs to the object at ffff888102ba6080 [ 15.409956] which belongs to the cache kmalloc-64 of size 64 [ 15.410420] The buggy address is located 0 bytes to the right of [ 15.410420] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.410895] [ 15.411058] The buggy address belongs to the physical page: [ 15.411278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.411510] flags: 0x200000000000000(node=0|zone=2) [ 15.411960] page_type: f5(slab) [ 15.412143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.412408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.412974] page dumped because: kasan: bad access detected [ 15.413194] [ 15.413288] Memory state around the buggy address: [ 15.413490] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.413781] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.414020] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.414232] ^ [ 15.414384] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414662] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414982] ================================================================== [ 15.811246] ================================================================== [ 15.811556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.811978] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.812317] [ 15.812434] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.812480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.812513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.812536] Call Trace: [ 15.812554] <TASK> [ 15.812575] dump_stack_lvl+0x73/0xb0 [ 15.812614] print_report+0xd1/0x650 [ 15.812648] ? __virt_addr_valid+0x1db/0x2d0 [ 15.812673] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.812695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.812731] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.812754] kasan_report+0x141/0x180 [ 15.812777] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.812805] kasan_check_range+0x10c/0x1c0 [ 15.812830] __kasan_check_write+0x18/0x20 [ 15.812851] kasan_atomics_helper+0x15b6/0x5450 [ 15.812875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.812899] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.812937] ? kasan_atomics+0x152/0x310 [ 15.812964] kasan_atomics+0x1dc/0x310 [ 15.812998] ? __pfx_kasan_atomics+0x10/0x10 [ 15.813024] ? __pfx_read_tsc+0x10/0x10 [ 15.813046] ? ktime_get_ts64+0x86/0x230 [ 15.813073] kunit_try_run_case+0x1a5/0x480 [ 15.813098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.813148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.813173] ? __kthread_parkme+0x82/0x180 [ 15.813195] ? preempt_count_sub+0x50/0x80 [ 15.813230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.813319] kthread+0x337/0x6f0 [ 15.813339] ? trace_preempt_on+0x20/0xc0 [ 15.813364] ? __pfx_kthread+0x10/0x10 [ 15.813387] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.813410] ? calculate_sigpending+0x7b/0xa0 [ 15.813435] ? __pfx_kthread+0x10/0x10 [ 15.813458] ret_from_fork+0x116/0x1d0 [ 15.813477] ? __pfx_kthread+0x10/0x10 [ 15.813518] ret_from_fork_asm+0x1a/0x30 [ 15.813551] </TASK> [ 15.813562] [ 15.821162] Allocated by task 283: [ 15.821347] kasan_save_stack+0x45/0x70 [ 15.821567] kasan_save_track+0x18/0x40 [ 15.821775] kasan_save_alloc_info+0x3b/0x50 [ 15.821929] __kasan_kmalloc+0xb7/0xc0 [ 15.822063] __kmalloc_cache_noprof+0x189/0x420 [ 15.822309] kasan_atomics+0x95/0x310 [ 15.822515] kunit_try_run_case+0x1a5/0x480 [ 15.822733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822987] kthread+0x337/0x6f0 [ 15.823149] ret_from_fork+0x116/0x1d0 [ 15.823282] ret_from_fork_asm+0x1a/0x30 [ 15.823448] [ 15.823568] The buggy address belongs to the object at ffff888102ba6080 [ 15.823568] which belongs to the cache kmalloc-64 of size 64 [ 15.824107] The buggy address is located 0 bytes to the right of [ 15.824107] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.824477] [ 15.824569] The buggy address belongs to the physical page: [ 15.824830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.825242] flags: 0x200000000000000(node=0|zone=2) [ 15.825535] page_type: f5(slab) [ 15.825713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.826054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.826314] page dumped because: kasan: bad access detected [ 15.826509] [ 15.826584] Memory state around the buggy address: [ 15.826824] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827170] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.827534] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.827855] ^ [ 15.828025] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.828240] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.828526] ================================================================== [ 15.103245] ================================================================== [ 15.103952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.104194] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.104461] [ 15.104568] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.104619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.104631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.104653] Call Trace: [ 15.104671] <TASK> [ 15.104687] dump_stack_lvl+0x73/0xb0 [ 15.104717] print_report+0xd1/0x650 [ 15.104740] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104831] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.104857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104883] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.104917] kasan_report+0x141/0x180 [ 15.104977] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.105005] kasan_check_range+0x10c/0x1c0 [ 15.105030] __kasan_check_write+0x18/0x20 [ 15.105051] kasan_atomics_helper+0x5fe/0x5450 [ 15.105076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.105109] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.105137] ? kasan_atomics+0x152/0x310 [ 15.105163] kasan_atomics+0x1dc/0x310 [ 15.105198] ? __pfx_kasan_atomics+0x10/0x10 [ 15.105224] ? __pfx_read_tsc+0x10/0x10 [ 15.105246] ? ktime_get_ts64+0x86/0x230 [ 15.105281] kunit_try_run_case+0x1a5/0x480 [ 15.105306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.105366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.105392] ? __kthread_parkme+0x82/0x180 [ 15.105413] ? preempt_count_sub+0x50/0x80 [ 15.105438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.105516] kthread+0x337/0x6f0 [ 15.105536] ? trace_preempt_on+0x20/0xc0 [ 15.105561] ? __pfx_kthread+0x10/0x10 [ 15.105583] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.105615] ? calculate_sigpending+0x7b/0xa0 [ 15.105651] ? __pfx_kthread+0x10/0x10 [ 15.105673] ret_from_fork+0x116/0x1d0 [ 15.105694] ? __pfx_kthread+0x10/0x10 [ 15.105729] ret_from_fork_asm+0x1a/0x30 [ 15.105763] </TASK> [ 15.105774] [ 15.114278] Allocated by task 283: [ 15.114566] kasan_save_stack+0x45/0x70 [ 15.114842] kasan_save_track+0x18/0x40 [ 15.115154] kasan_save_alloc_info+0x3b/0x50 [ 15.115312] __kasan_kmalloc+0xb7/0xc0 [ 15.115497] __kmalloc_cache_noprof+0x189/0x420 [ 15.115747] kasan_atomics+0x95/0x310 [ 15.115979] kunit_try_run_case+0x1a5/0x480 [ 15.116234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.116475] kthread+0x337/0x6f0 [ 15.116680] ret_from_fork+0x116/0x1d0 [ 15.116877] ret_from_fork_asm+0x1a/0x30 [ 15.117139] [ 15.117224] The buggy address belongs to the object at ffff888102ba6080 [ 15.117224] which belongs to the cache kmalloc-64 of size 64 [ 15.117693] The buggy address is located 0 bytes to the right of [ 15.117693] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.118060] [ 15.118151] The buggy address belongs to the physical page: [ 15.118455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.119379] flags: 0x200000000000000(node=0|zone=2) [ 15.119707] page_type: f5(slab) [ 15.119871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.120203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.120435] page dumped because: kasan: bad access detected [ 15.120639] [ 15.120736] Memory state around the buggy address: [ 15.120979] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121350] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.121779] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.122126] ^ [ 15.122286] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122743] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123103] ================================================================== [ 15.940059] ================================================================== [ 15.940414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.940795] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.941202] [ 15.941372] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.941440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.941476] Call Trace: [ 15.941517] <TASK> [ 15.941534] dump_stack_lvl+0x73/0xb0 [ 15.941563] print_report+0xd1/0x650 [ 15.941586] ? __virt_addr_valid+0x1db/0x2d0 [ 15.941623] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.941645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.941670] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.941694] kasan_report+0x141/0x180 [ 15.941720] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.941748] kasan_check_range+0x10c/0x1c0 [ 15.941804] __kasan_check_write+0x18/0x20 [ 15.941824] kasan_atomics_helper+0x19e3/0x5450 [ 15.941849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.941883] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.941910] ? kasan_atomics+0x152/0x310 [ 15.941937] kasan_atomics+0x1dc/0x310 [ 15.941960] ? __pfx_kasan_atomics+0x10/0x10 [ 15.941986] ? __pfx_read_tsc+0x10/0x10 [ 15.942008] ? ktime_get_ts64+0x86/0x230 [ 15.942034] kunit_try_run_case+0x1a5/0x480 [ 15.942058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.942107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.942133] ? __kthread_parkme+0x82/0x180 [ 15.942155] ? preempt_count_sub+0x50/0x80 [ 15.942181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.942233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.942259] kthread+0x337/0x6f0 [ 15.942279] ? trace_preempt_on+0x20/0xc0 [ 15.942304] ? __pfx_kthread+0x10/0x10 [ 15.942326] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.942349] ? calculate_sigpending+0x7b/0xa0 [ 15.942374] ? __pfx_kthread+0x10/0x10 [ 15.942397] ret_from_fork+0x116/0x1d0 [ 15.942417] ? __pfx_kthread+0x10/0x10 [ 15.942439] ret_from_fork_asm+0x1a/0x30 [ 15.942471] </TASK> [ 15.942483] [ 15.954834] Allocated by task 283: [ 15.955197] kasan_save_stack+0x45/0x70 [ 15.955626] kasan_save_track+0x18/0x40 [ 15.956012] kasan_save_alloc_info+0x3b/0x50 [ 15.956438] __kasan_kmalloc+0xb7/0xc0 [ 15.956710] __kmalloc_cache_noprof+0x189/0x420 [ 15.956871] kasan_atomics+0x95/0x310 [ 15.957005] kunit_try_run_case+0x1a5/0x480 [ 15.957152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.957329] kthread+0x337/0x6f0 [ 15.957452] ret_from_fork+0x116/0x1d0 [ 15.957848] ret_from_fork_asm+0x1a/0x30 [ 15.958209] [ 15.958448] The buggy address belongs to the object at ffff888102ba6080 [ 15.958448] which belongs to the cache kmalloc-64 of size 64 [ 15.959562] The buggy address is located 0 bytes to the right of [ 15.959562] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.960706] [ 15.960906] The buggy address belongs to the physical page: [ 15.961405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.962134] flags: 0x200000000000000(node=0|zone=2) [ 15.962623] page_type: f5(slab) [ 15.962810] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.963042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.963270] page dumped because: kasan: bad access detected [ 15.963441] [ 15.963581] Memory state around the buggy address: [ 15.964040] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.964695] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.965320] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.965976] ^ [ 15.966424] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.967090] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.967697] ================================================================== [ 15.469971] ================================================================== [ 15.470369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.470738] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.471017] [ 15.471150] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.471195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.471207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.471230] Call Trace: [ 15.471250] <TASK> [ 15.471271] dump_stack_lvl+0x73/0xb0 [ 15.471301] print_report+0xd1/0x650 [ 15.471325] ? __virt_addr_valid+0x1db/0x2d0 [ 15.471350] ? kasan_atomics_helper+0xf10/0x5450 [ 15.471373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.471397] ? kasan_atomics_helper+0xf10/0x5450 [ 15.471420] kasan_report+0x141/0x180 [ 15.471443] ? kasan_atomics_helper+0xf10/0x5450 [ 15.471470] kasan_check_range+0x10c/0x1c0 [ 15.471495] __kasan_check_write+0x18/0x20 [ 15.471547] kasan_atomics_helper+0xf10/0x5450 [ 15.471572] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.471596] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.471634] ? kasan_atomics+0x152/0x310 [ 15.471661] kasan_atomics+0x1dc/0x310 [ 15.471685] ? __pfx_kasan_atomics+0x10/0x10 [ 15.471710] ? __pfx_read_tsc+0x10/0x10 [ 15.471732] ? ktime_get_ts64+0x86/0x230 [ 15.471760] kunit_try_run_case+0x1a5/0x480 [ 15.471787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.471837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.471863] ? __kthread_parkme+0x82/0x180 [ 15.471885] ? preempt_count_sub+0x50/0x80 [ 15.471911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.471990] kthread+0x337/0x6f0 [ 15.472009] ? trace_preempt_on+0x20/0xc0 [ 15.472034] ? __pfx_kthread+0x10/0x10 [ 15.472075] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.472098] ? calculate_sigpending+0x7b/0xa0 [ 15.472124] ? __pfx_kthread+0x10/0x10 [ 15.472147] ret_from_fork+0x116/0x1d0 [ 15.472166] ? __pfx_kthread+0x10/0x10 [ 15.472187] ret_from_fork_asm+0x1a/0x30 [ 15.472221] </TASK> [ 15.472232] [ 15.479774] Allocated by task 283: [ 15.479915] kasan_save_stack+0x45/0x70 [ 15.480063] kasan_save_track+0x18/0x40 [ 15.480310] kasan_save_alloc_info+0x3b/0x50 [ 15.480544] __kasan_kmalloc+0xb7/0xc0 [ 15.480750] __kmalloc_cache_noprof+0x189/0x420 [ 15.481225] kasan_atomics+0x95/0x310 [ 15.481441] kunit_try_run_case+0x1a5/0x480 [ 15.481727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.481978] kthread+0x337/0x6f0 [ 15.482135] ret_from_fork+0x116/0x1d0 [ 15.482269] ret_from_fork_asm+0x1a/0x30 [ 15.482453] [ 15.482621] The buggy address belongs to the object at ffff888102ba6080 [ 15.482621] which belongs to the cache kmalloc-64 of size 64 [ 15.483132] The buggy address is located 0 bytes to the right of [ 15.483132] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.483729] [ 15.483814] The buggy address belongs to the physical page: [ 15.483985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.484221] flags: 0x200000000000000(node=0|zone=2) [ 15.484385] page_type: f5(slab) [ 15.484506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.484842] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.485177] page dumped because: kasan: bad access detected [ 15.485427] [ 15.485521] Memory state around the buggy address: [ 15.485729] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485945] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.486158] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.486368] ^ [ 15.486567] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486897] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.487245] ================================================================== [ 15.529781] ================================================================== [ 15.530366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.530724] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.531022] [ 15.531120] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.531165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.531178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.531201] Call Trace: [ 15.531221] <TASK> [ 15.531241] dump_stack_lvl+0x73/0xb0 [ 15.531271] print_report+0xd1/0x650 [ 15.531294] ? __virt_addr_valid+0x1db/0x2d0 [ 15.531318] ? kasan_atomics_helper+0x1079/0x5450 [ 15.531341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.531365] ? kasan_atomics_helper+0x1079/0x5450 [ 15.531389] kasan_report+0x141/0x180 [ 15.531412] ? kasan_atomics_helper+0x1079/0x5450 [ 15.531439] kasan_check_range+0x10c/0x1c0 [ 15.531464] __kasan_check_write+0x18/0x20 [ 15.531486] kasan_atomics_helper+0x1079/0x5450 [ 15.531522] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.531546] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.531573] ? kasan_atomics+0x152/0x310 [ 15.531611] kasan_atomics+0x1dc/0x310 [ 15.531635] ? __pfx_kasan_atomics+0x10/0x10 [ 15.531660] ? __pfx_read_tsc+0x10/0x10 [ 15.531683] ? ktime_get_ts64+0x86/0x230 [ 15.531709] kunit_try_run_case+0x1a5/0x480 [ 15.531735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.531759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.531785] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.531810] ? __kthread_parkme+0x82/0x180 [ 15.531831] ? preempt_count_sub+0x50/0x80 [ 15.531857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.531883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.531909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.531935] kthread+0x337/0x6f0 [ 15.531955] ? trace_preempt_on+0x20/0xc0 [ 15.531980] ? __pfx_kthread+0x10/0x10 [ 15.532002] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.532024] ? calculate_sigpending+0x7b/0xa0 [ 15.532051] ? __pfx_kthread+0x10/0x10 [ 15.532075] ret_from_fork+0x116/0x1d0 [ 15.532096] ? __pfx_kthread+0x10/0x10 [ 15.532118] ret_from_fork_asm+0x1a/0x30 [ 15.532153] </TASK> [ 15.532164] [ 15.539429] Allocated by task 283: [ 15.539732] kasan_save_stack+0x45/0x70 [ 15.539929] kasan_save_track+0x18/0x40 [ 15.540106] kasan_save_alloc_info+0x3b/0x50 [ 15.540305] __kasan_kmalloc+0xb7/0xc0 [ 15.540484] __kmalloc_cache_noprof+0x189/0x420 [ 15.540687] kasan_atomics+0x95/0x310 [ 15.540821] kunit_try_run_case+0x1a5/0x480 [ 15.540969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.541226] kthread+0x337/0x6f0 [ 15.541398] ret_from_fork+0x116/0x1d0 [ 15.541589] ret_from_fork_asm+0x1a/0x30 [ 15.541801] [ 15.541883] The buggy address belongs to the object at ffff888102ba6080 [ 15.541883] which belongs to the cache kmalloc-64 of size 64 [ 15.542283] The buggy address is located 0 bytes to the right of [ 15.542283] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.542655] [ 15.542728] The buggy address belongs to the physical page: [ 15.542963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.543309] flags: 0x200000000000000(node=0|zone=2) [ 15.543613] page_type: f5(slab) [ 15.543784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.544119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.544402] page dumped because: kasan: bad access detected [ 15.544698] [ 15.544792] Memory state around the buggy address: [ 15.545016] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.545244] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.545495] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.545799] ^ [ 15.546003] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.546287] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.547209] ================================================================== [ 15.123735] ================================================================== [ 15.124229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.124510] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.124857] [ 15.124972] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.125015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.125028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.125051] Call Trace: [ 15.125065] <TASK> [ 15.125082] dump_stack_lvl+0x73/0xb0 [ 15.125113] print_report+0xd1/0x650 [ 15.125136] ? __virt_addr_valid+0x1db/0x2d0 [ 15.125161] ? kasan_atomics_helper+0x697/0x5450 [ 15.125232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.125259] ? kasan_atomics_helper+0x697/0x5450 [ 15.125282] kasan_report+0x141/0x180 [ 15.125318] ? kasan_atomics_helper+0x697/0x5450 [ 15.125346] kasan_check_range+0x10c/0x1c0 [ 15.125371] __kasan_check_write+0x18/0x20 [ 15.125404] kasan_atomics_helper+0x697/0x5450 [ 15.125428] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.125452] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.125487] ? kasan_atomics+0x152/0x310 [ 15.125515] kasan_atomics+0x1dc/0x310 [ 15.125538] ? __pfx_kasan_atomics+0x10/0x10 [ 15.125584] ? __pfx_read_tsc+0x10/0x10 [ 15.125616] ? ktime_get_ts64+0x86/0x230 [ 15.125644] kunit_try_run_case+0x1a5/0x480 [ 15.125669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.125731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.125766] ? __kthread_parkme+0x82/0x180 [ 15.125787] ? preempt_count_sub+0x50/0x80 [ 15.125813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.125864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.125890] kthread+0x337/0x6f0 [ 15.125909] ? trace_preempt_on+0x20/0xc0 [ 15.125970] ? __pfx_kthread+0x10/0x10 [ 15.125992] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.126016] ? calculate_sigpending+0x7b/0xa0 [ 15.126042] ? __pfx_kthread+0x10/0x10 [ 15.126065] ret_from_fork+0x116/0x1d0 [ 15.126094] ? __pfx_kthread+0x10/0x10 [ 15.126116] ret_from_fork_asm+0x1a/0x30 [ 15.126149] </TASK> [ 15.126172] [ 15.134313] Allocated by task 283: [ 15.134529] kasan_save_stack+0x45/0x70 [ 15.134727] kasan_save_track+0x18/0x40 [ 15.134941] kasan_save_alloc_info+0x3b/0x50 [ 15.135210] __kasan_kmalloc+0xb7/0xc0 [ 15.135402] __kmalloc_cache_noprof+0x189/0x420 [ 15.135637] kasan_atomics+0x95/0x310 [ 15.135772] kunit_try_run_case+0x1a5/0x480 [ 15.136223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.136499] kthread+0x337/0x6f0 [ 15.136690] ret_from_fork+0x116/0x1d0 [ 15.136884] ret_from_fork_asm+0x1a/0x30 [ 15.137147] [ 15.137251] The buggy address belongs to the object at ffff888102ba6080 [ 15.137251] which belongs to the cache kmalloc-64 of size 64 [ 15.137781] The buggy address is located 0 bytes to the right of [ 15.137781] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.138391] [ 15.138489] The buggy address belongs to the physical page: [ 15.138755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.139161] flags: 0x200000000000000(node=0|zone=2) [ 15.139431] page_type: f5(slab) [ 15.139664] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.140093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.140374] page dumped because: kasan: bad access detected [ 15.140725] [ 15.140811] Memory state around the buggy address: [ 15.140980] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.141198] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.141412] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.141893] ^ [ 15.142255] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.142792] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.143112] ================================================================== [ 15.451596] ================================================================== [ 15.451861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.452318] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.452541] [ 15.452641] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.452686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.452699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.452722] Call Trace: [ 15.452742] <TASK> [ 15.452762] dump_stack_lvl+0x73/0xb0 [ 15.452792] print_report+0xd1/0x650 [ 15.452814] ? __virt_addr_valid+0x1db/0x2d0 [ 15.452838] ? kasan_atomics_helper+0xe78/0x5450 [ 15.452861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.452885] ? kasan_atomics_helper+0xe78/0x5450 [ 15.452908] kasan_report+0x141/0x180 [ 15.452930] ? kasan_atomics_helper+0xe78/0x5450 [ 15.452958] kasan_check_range+0x10c/0x1c0 [ 15.452983] __kasan_check_write+0x18/0x20 [ 15.453003] kasan_atomics_helper+0xe78/0x5450 [ 15.453027] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.453051] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.453088] ? kasan_atomics+0x152/0x310 [ 15.453115] kasan_atomics+0x1dc/0x310 [ 15.453139] ? __pfx_kasan_atomics+0x10/0x10 [ 15.453165] ? __pfx_read_tsc+0x10/0x10 [ 15.453187] ? ktime_get_ts64+0x86/0x230 [ 15.453214] kunit_try_run_case+0x1a5/0x480 [ 15.453239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.453291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.453316] ? __kthread_parkme+0x82/0x180 [ 15.453338] ? preempt_count_sub+0x50/0x80 [ 15.453364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.453441] kthread+0x337/0x6f0 [ 15.453461] ? trace_preempt_on+0x20/0xc0 [ 15.453487] ? __pfx_kthread+0x10/0x10 [ 15.453515] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.453538] ? calculate_sigpending+0x7b/0xa0 [ 15.453564] ? __pfx_kthread+0x10/0x10 [ 15.453586] ret_from_fork+0x116/0x1d0 [ 15.453616] ? __pfx_kthread+0x10/0x10 [ 15.453638] ret_from_fork_asm+0x1a/0x30 [ 15.453671] </TASK> [ 15.453683] [ 15.461514] Allocated by task 283: [ 15.461720] kasan_save_stack+0x45/0x70 [ 15.461899] kasan_save_track+0x18/0x40 [ 15.462035] kasan_save_alloc_info+0x3b/0x50 [ 15.462185] __kasan_kmalloc+0xb7/0xc0 [ 15.462316] __kmalloc_cache_noprof+0x189/0x420 [ 15.462473] kasan_atomics+0x95/0x310 [ 15.462693] kunit_try_run_case+0x1a5/0x480 [ 15.462904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.463158] kthread+0x337/0x6f0 [ 15.463327] ret_from_fork+0x116/0x1d0 [ 15.463518] ret_from_fork_asm+0x1a/0x30 [ 15.463733] [ 15.463828] The buggy address belongs to the object at ffff888102ba6080 [ 15.463828] which belongs to the cache kmalloc-64 of size 64 [ 15.464322] The buggy address is located 0 bytes to the right of [ 15.464322] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.465127] [ 15.465211] The buggy address belongs to the physical page: [ 15.465436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.465834] flags: 0x200000000000000(node=0|zone=2) [ 15.466063] page_type: f5(slab) [ 15.466248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.466478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.466864] page dumped because: kasan: bad access detected [ 15.467115] [ 15.467192] Memory state around the buggy address: [ 15.467408] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467664] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.468246] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.468513] ^ [ 15.468746] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468961] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469248] ================================================================== [ 16.301368] ================================================================== [ 16.302189] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.302698] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.303022] [ 16.303235] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.303315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.303328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.303360] Call Trace: [ 16.303376] <TASK> [ 16.303393] dump_stack_lvl+0x73/0xb0 [ 16.303422] print_report+0xd1/0x650 [ 16.303446] ? __virt_addr_valid+0x1db/0x2d0 [ 16.303469] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.303492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.303516] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.303567] kasan_report+0x141/0x180 [ 16.303589] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.303635] __asan_report_load8_noabort+0x18/0x20 [ 16.303662] kasan_atomics_helper+0x4fa5/0x5450 [ 16.303686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.303710] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.303736] ? kasan_atomics+0x152/0x310 [ 16.303763] kasan_atomics+0x1dc/0x310 [ 16.303787] ? __pfx_kasan_atomics+0x10/0x10 [ 16.303812] ? __pfx_read_tsc+0x10/0x10 [ 16.303834] ? ktime_get_ts64+0x86/0x230 [ 16.303858] kunit_try_run_case+0x1a5/0x480 [ 16.303883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.303907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.303962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.303988] ? __kthread_parkme+0x82/0x180 [ 16.304032] ? preempt_count_sub+0x50/0x80 [ 16.304058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.304083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.304109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.304136] kthread+0x337/0x6f0 [ 16.304155] ? trace_preempt_on+0x20/0xc0 [ 16.304180] ? __pfx_kthread+0x10/0x10 [ 16.304201] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.304224] ? calculate_sigpending+0x7b/0xa0 [ 16.304250] ? __pfx_kthread+0x10/0x10 [ 16.304273] ret_from_fork+0x116/0x1d0 [ 16.304292] ? __pfx_kthread+0x10/0x10 [ 16.304314] ret_from_fork_asm+0x1a/0x30 [ 16.304346] </TASK> [ 16.304356] [ 16.317198] Allocated by task 283: [ 16.317550] kasan_save_stack+0x45/0x70 [ 16.318088] kasan_save_track+0x18/0x40 [ 16.318568] kasan_save_alloc_info+0x3b/0x50 [ 16.319001] __kasan_kmalloc+0xb7/0xc0 [ 16.319301] __kmalloc_cache_noprof+0x189/0x420 [ 16.319621] kasan_atomics+0x95/0x310 [ 16.319759] kunit_try_run_case+0x1a5/0x480 [ 16.319910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.320089] kthread+0x337/0x6f0 [ 16.320210] ret_from_fork+0x116/0x1d0 [ 16.320342] ret_from_fork_asm+0x1a/0x30 [ 16.320482] [ 16.320657] The buggy address belongs to the object at ffff888102ba6080 [ 16.320657] which belongs to the cache kmalloc-64 of size 64 [ 16.321842] The buggy address is located 0 bytes to the right of [ 16.321842] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.323025] [ 16.323214] The buggy address belongs to the physical page: [ 16.323789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.324475] flags: 0x200000000000000(node=0|zone=2) [ 16.324953] page_type: f5(slab) [ 16.325281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.325992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.326636] page dumped because: kasan: bad access detected [ 16.326811] [ 16.326879] Memory state around the buggy address: [ 16.327035] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.327252] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.327472] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.327710] ^ [ 16.327965] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.328332] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.328697] ================================================================== [ 15.175457] ================================================================== [ 15.176427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.177204] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.177682] [ 15.177952] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.178161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.178178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.178201] Call Trace: [ 15.178220] <TASK> [ 15.178240] dump_stack_lvl+0x73/0xb0 [ 15.178273] print_report+0xd1/0x650 [ 15.178297] ? __virt_addr_valid+0x1db/0x2d0 [ 15.178321] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.178343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.178368] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.178391] kasan_report+0x141/0x180 [ 15.178413] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.178441] kasan_check_range+0x10c/0x1c0 [ 15.178466] __kasan_check_write+0x18/0x20 [ 15.178488] kasan_atomics_helper+0x7c7/0x5450 [ 15.178646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.178675] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.178715] ? kasan_atomics+0x152/0x310 [ 15.178742] kasan_atomics+0x1dc/0x310 [ 15.178803] ? __pfx_kasan_atomics+0x10/0x10 [ 15.178832] ? __pfx_read_tsc+0x10/0x10 [ 15.178854] ? ktime_get_ts64+0x86/0x230 [ 15.178880] kunit_try_run_case+0x1a5/0x480 [ 15.178904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.178971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.178996] ? __kthread_parkme+0x82/0x180 [ 15.179017] ? preempt_count_sub+0x50/0x80 [ 15.179043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.179069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.179094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.179121] kthread+0x337/0x6f0 [ 15.179141] ? trace_preempt_on+0x20/0xc0 [ 15.179166] ? __pfx_kthread+0x10/0x10 [ 15.179187] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.179210] ? calculate_sigpending+0x7b/0xa0 [ 15.179236] ? __pfx_kthread+0x10/0x10 [ 15.179258] ret_from_fork+0x116/0x1d0 [ 15.179277] ? __pfx_kthread+0x10/0x10 [ 15.179299] ret_from_fork_asm+0x1a/0x30 [ 15.179332] </TASK> [ 15.179342] [ 15.191777] Allocated by task 283: [ 15.192094] kasan_save_stack+0x45/0x70 [ 15.192367] kasan_save_track+0x18/0x40 [ 15.192717] kasan_save_alloc_info+0x3b/0x50 [ 15.193094] __kasan_kmalloc+0xb7/0xc0 [ 15.193281] __kmalloc_cache_noprof+0x189/0x420 [ 15.193495] kasan_atomics+0x95/0x310 [ 15.193947] kunit_try_run_case+0x1a5/0x480 [ 15.194163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194401] kthread+0x337/0x6f0 [ 15.194849] ret_from_fork+0x116/0x1d0 [ 15.195115] ret_from_fork_asm+0x1a/0x30 [ 15.195440] [ 15.195679] The buggy address belongs to the object at ffff888102ba6080 [ 15.195679] which belongs to the cache kmalloc-64 of size 64 [ 15.196768] The buggy address is located 0 bytes to the right of [ 15.196768] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.197956] [ 15.198271] The buggy address belongs to the physical page: [ 15.198741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.199329] flags: 0x200000000000000(node=0|zone=2) [ 15.199830] page_type: f5(slab) [ 15.200150] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.200737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.201288] page dumped because: kasan: bad access detected [ 15.201966] [ 15.202057] Memory state around the buggy address: [ 15.202283] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202888] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.203426] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.204025] ^ [ 15.204238] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204781] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205225] ================================================================== [ 15.343404] ================================================================== [ 15.344083] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.344409] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.345109] [ 15.345213] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.345470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.345485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.345509] Call Trace: [ 15.345530] <TASK> [ 15.345558] dump_stack_lvl+0x73/0xb0 [ 15.345648] print_report+0xd1/0x650 [ 15.345673] ? __virt_addr_valid+0x1db/0x2d0 [ 15.345697] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.345724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.345749] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.345771] kasan_report+0x141/0x180 [ 15.345795] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.345822] kasan_check_range+0x10c/0x1c0 [ 15.345846] __kasan_check_write+0x18/0x20 [ 15.345867] kasan_atomics_helper+0xb6a/0x5450 [ 15.345890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.345914] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.345942] ? kasan_atomics+0x152/0x310 [ 15.345969] kasan_atomics+0x1dc/0x310 [ 15.345992] ? __pfx_kasan_atomics+0x10/0x10 [ 15.346018] ? __pfx_read_tsc+0x10/0x10 [ 15.346039] ? ktime_get_ts64+0x86/0x230 [ 15.346066] kunit_try_run_case+0x1a5/0x480 [ 15.346092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.346143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.346168] ? __kthread_parkme+0x82/0x180 [ 15.346190] ? preempt_count_sub+0x50/0x80 [ 15.346215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.346266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.346293] kthread+0x337/0x6f0 [ 15.346312] ? trace_preempt_on+0x20/0xc0 [ 15.346338] ? __pfx_kthread+0x10/0x10 [ 15.346359] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.346382] ? calculate_sigpending+0x7b/0xa0 [ 15.346409] ? __pfx_kthread+0x10/0x10 [ 15.346432] ret_from_fork+0x116/0x1d0 [ 15.346451] ? __pfx_kthread+0x10/0x10 [ 15.346472] ret_from_fork_asm+0x1a/0x30 [ 15.346506] </TASK> [ 15.346517] [ 15.357070] Allocated by task 283: [ 15.357505] kasan_save_stack+0x45/0x70 [ 15.357805] kasan_save_track+0x18/0x40 [ 15.358179] kasan_save_alloc_info+0x3b/0x50 [ 15.358500] __kasan_kmalloc+0xb7/0xc0 [ 15.358895] __kmalloc_cache_noprof+0x189/0x420 [ 15.359216] kasan_atomics+0x95/0x310 [ 15.359582] kunit_try_run_case+0x1a5/0x480 [ 15.359917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.360350] kthread+0x337/0x6f0 [ 15.360654] ret_from_fork+0x116/0x1d0 [ 15.360849] ret_from_fork_asm+0x1a/0x30 [ 15.361038] [ 15.361125] The buggy address belongs to the object at ffff888102ba6080 [ 15.361125] which belongs to the cache kmalloc-64 of size 64 [ 15.361887] The buggy address is located 0 bytes to the right of [ 15.361887] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.362933] [ 15.363024] The buggy address belongs to the physical page: [ 15.363422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.363889] flags: 0x200000000000000(node=0|zone=2) [ 15.364114] page_type: f5(slab) [ 15.364268] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.364868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.365365] page dumped because: kasan: bad access detected [ 15.365837] [ 15.365943] Memory state around the buggy address: [ 15.366346] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366846] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.367274] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.367838] ^ [ 15.368125] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.368788] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.369223] ================================================================== [ 15.433694] ================================================================== [ 15.433933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.434665] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.435002] [ 15.435115] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.435159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.435172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.435194] Call Trace: [ 15.435211] <TASK> [ 15.435227] dump_stack_lvl+0x73/0xb0 [ 15.435257] print_report+0xd1/0x650 [ 15.435281] ? __virt_addr_valid+0x1db/0x2d0 [ 15.435305] ? kasan_atomics_helper+0xde0/0x5450 [ 15.435328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.435352] ? kasan_atomics_helper+0xde0/0x5450 [ 15.435375] kasan_report+0x141/0x180 [ 15.435398] ? kasan_atomics_helper+0xde0/0x5450 [ 15.435426] kasan_check_range+0x10c/0x1c0 [ 15.435451] __kasan_check_write+0x18/0x20 [ 15.435472] kasan_atomics_helper+0xde0/0x5450 [ 15.435496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.435533] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.435562] ? kasan_atomics+0x152/0x310 [ 15.435591] kasan_atomics+0x1dc/0x310 [ 15.435626] ? __pfx_kasan_atomics+0x10/0x10 [ 15.435651] ? __pfx_read_tsc+0x10/0x10 [ 15.435674] ? ktime_get_ts64+0x86/0x230 [ 15.435700] kunit_try_run_case+0x1a5/0x480 [ 15.435725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.435777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.435802] ? __kthread_parkme+0x82/0x180 [ 15.435824] ? preempt_count_sub+0x50/0x80 [ 15.435849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.435900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.435926] kthread+0x337/0x6f0 [ 15.435946] ? trace_preempt_on+0x20/0xc0 [ 15.435972] ? __pfx_kthread+0x10/0x10 [ 15.435993] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.436015] ? calculate_sigpending+0x7b/0xa0 [ 15.436041] ? __pfx_kthread+0x10/0x10 [ 15.436064] ret_from_fork+0x116/0x1d0 [ 15.436083] ? __pfx_kthread+0x10/0x10 [ 15.436105] ret_from_fork_asm+0x1a/0x30 [ 15.436137] </TASK> [ 15.436147] [ 15.443621] Allocated by task 283: [ 15.443794] kasan_save_stack+0x45/0x70 [ 15.443997] kasan_save_track+0x18/0x40 [ 15.444191] kasan_save_alloc_info+0x3b/0x50 [ 15.444404] __kasan_kmalloc+0xb7/0xc0 [ 15.444711] __kmalloc_cache_noprof+0x189/0x420 [ 15.444885] kasan_atomics+0x95/0x310 [ 15.445018] kunit_try_run_case+0x1a5/0x480 [ 15.445164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445339] kthread+0x337/0x6f0 [ 15.445462] ret_from_fork+0x116/0x1d0 [ 15.445610] ret_from_fork_asm+0x1a/0x30 [ 15.445816] [ 15.445911] The buggy address belongs to the object at ffff888102ba6080 [ 15.445911] which belongs to the cache kmalloc-64 of size 64 [ 15.446431] The buggy address is located 0 bytes to the right of [ 15.446431] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.446855] [ 15.446953] The buggy address belongs to the physical page: [ 15.447207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.447516] flags: 0x200000000000000(node=0|zone=2) [ 15.447757] page_type: f5(slab) [ 15.447878] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.448107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.448341] page dumped because: kasan: bad access detected [ 15.448590] [ 15.448694] Memory state around the buggy address: [ 15.448919] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449245] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.449673] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.449999] ^ [ 15.450231] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450591] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450893] ================================================================== [ 15.771811] ================================================================== [ 15.772282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.772719] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.773016] [ 15.773131] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.773177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.773190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.773213] Call Trace: [ 15.773232] <TASK> [ 15.773253] dump_stack_lvl+0x73/0xb0 [ 15.773284] print_report+0xd1/0x650 [ 15.773308] ? __virt_addr_valid+0x1db/0x2d0 [ 15.773332] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.773355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.773379] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.773402] kasan_report+0x141/0x180 [ 15.773425] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.773453] __asan_report_store8_noabort+0x1b/0x30 [ 15.773479] kasan_atomics_helper+0x50d4/0x5450 [ 15.773513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.773537] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.773564] ? kasan_atomics+0x152/0x310 [ 15.773592] kasan_atomics+0x1dc/0x310 [ 15.773627] ? __pfx_kasan_atomics+0x10/0x10 [ 15.773653] ? __pfx_read_tsc+0x10/0x10 [ 15.773675] ? ktime_get_ts64+0x86/0x230 [ 15.773702] kunit_try_run_case+0x1a5/0x480 [ 15.773732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.773755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.773782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.773806] ? __kthread_parkme+0x82/0x180 [ 15.773828] ? preempt_count_sub+0x50/0x80 [ 15.773854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.773878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.773904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.773930] kthread+0x337/0x6f0 [ 15.773950] ? trace_preempt_on+0x20/0xc0 [ 15.773975] ? __pfx_kthread+0x10/0x10 [ 15.773997] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.774019] ? calculate_sigpending+0x7b/0xa0 [ 15.774045] ? __pfx_kthread+0x10/0x10 [ 15.774067] ret_from_fork+0x116/0x1d0 [ 15.774086] ? __pfx_kthread+0x10/0x10 [ 15.774108] ret_from_fork_asm+0x1a/0x30 [ 15.774141] </TASK> [ 15.774153] [ 15.781716] Allocated by task 283: [ 15.781929] kasan_save_stack+0x45/0x70 [ 15.782143] kasan_save_track+0x18/0x40 [ 15.782323] kasan_save_alloc_info+0x3b/0x50 [ 15.782571] __kasan_kmalloc+0xb7/0xc0 [ 15.782825] __kmalloc_cache_noprof+0x189/0x420 [ 15.783077] kasan_atomics+0x95/0x310 [ 15.783274] kunit_try_run_case+0x1a5/0x480 [ 15.783481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783743] kthread+0x337/0x6f0 [ 15.783923] ret_from_fork+0x116/0x1d0 [ 15.784111] ret_from_fork_asm+0x1a/0x30 [ 15.784332] [ 15.784402] The buggy address belongs to the object at ffff888102ba6080 [ 15.784402] which belongs to the cache kmalloc-64 of size 64 [ 15.784758] The buggy address is located 0 bytes to the right of [ 15.784758] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.785559] [ 15.785663] The buggy address belongs to the physical page: [ 15.785923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.786319] flags: 0x200000000000000(node=0|zone=2) [ 15.786594] page_type: f5(slab) [ 15.786796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.787177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.787523] page dumped because: kasan: bad access detected [ 15.787783] [ 15.787877] Memory state around the buggy address: [ 15.788102] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.788417] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.788834] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.789064] ^ [ 15.789218] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.789430] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.789758] ================================================================== [ 15.316633] ================================================================== [ 15.317031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.317466] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.318030] [ 15.318143] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.318185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.318198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.318220] Call Trace: [ 15.318236] <TASK> [ 15.318253] dump_stack_lvl+0x73/0xb0 [ 15.318284] print_report+0xd1/0x650 [ 15.318307] ? __virt_addr_valid+0x1db/0x2d0 [ 15.318330] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.318376] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318398] kasan_report+0x141/0x180 [ 15.318422] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318449] kasan_check_range+0x10c/0x1c0 [ 15.318473] __kasan_check_write+0x18/0x20 [ 15.318493] kasan_atomics_helper+0xac7/0x5450 [ 15.318683] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.318708] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.318735] ? kasan_atomics+0x152/0x310 [ 15.318762] kasan_atomics+0x1dc/0x310 [ 15.318786] ? __pfx_kasan_atomics+0x10/0x10 [ 15.318842] ? __pfx_read_tsc+0x10/0x10 [ 15.318864] ? ktime_get_ts64+0x86/0x230 [ 15.318889] kunit_try_run_case+0x1a5/0x480 [ 15.318915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.318939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.318965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.318990] ? __kthread_parkme+0x82/0x180 [ 15.319013] ? preempt_count_sub+0x50/0x80 [ 15.319038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.319064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.319090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.319116] kthread+0x337/0x6f0 [ 15.319136] ? trace_preempt_on+0x20/0xc0 [ 15.319162] ? __pfx_kthread+0x10/0x10 [ 15.319184] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.319207] ? calculate_sigpending+0x7b/0xa0 [ 15.319232] ? __pfx_kthread+0x10/0x10 [ 15.319255] ret_from_fork+0x116/0x1d0 [ 15.319273] ? __pfx_kthread+0x10/0x10 [ 15.319296] ret_from_fork_asm+0x1a/0x30 [ 15.319329] </TASK> [ 15.319340] [ 15.330215] Allocated by task 283: [ 15.330397] kasan_save_stack+0x45/0x70 [ 15.330995] kasan_save_track+0x18/0x40 [ 15.331254] kasan_save_alloc_info+0x3b/0x50 [ 15.331697] __kasan_kmalloc+0xb7/0xc0 [ 15.331941] __kmalloc_cache_noprof+0x189/0x420 [ 15.332269] kasan_atomics+0x95/0x310 [ 15.332667] kunit_try_run_case+0x1a5/0x480 [ 15.332878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.333113] kthread+0x337/0x6f0 [ 15.333273] ret_from_fork+0x116/0x1d0 [ 15.333447] ret_from_fork_asm+0x1a/0x30 [ 15.333900] [ 15.334128] The buggy address belongs to the object at ffff888102ba6080 [ 15.334128] which belongs to the cache kmalloc-64 of size 64 [ 15.335009] The buggy address is located 0 bytes to the right of [ 15.335009] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.335849] [ 15.335957] The buggy address belongs to the physical page: [ 15.336189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.336808] flags: 0x200000000000000(node=0|zone=2) [ 15.337082] page_type: f5(slab) [ 15.337384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.337919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.338533] page dumped because: kasan: bad access detected [ 15.338859] [ 15.339068] Memory state around the buggy address: [ 15.339388] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339918] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.340393] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.341148] ^ [ 15.341442] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.341938] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.342420] ================================================================== [ 16.120397] ================================================================== [ 16.120783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.121528] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.122084] [ 16.122180] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.122227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.122239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.122261] Call Trace: [ 16.122280] <TASK> [ 16.122297] dump_stack_lvl+0x73/0xb0 [ 16.122330] print_report+0xd1/0x650 [ 16.122354] ? __virt_addr_valid+0x1db/0x2d0 [ 16.122378] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.122401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.122425] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.122449] kasan_report+0x141/0x180 [ 16.122472] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.122500] kasan_check_range+0x10c/0x1c0 [ 16.122527] __kasan_check_write+0x18/0x20 [ 16.122548] kasan_atomics_helper+0x1e12/0x5450 [ 16.122574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.122598] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.122637] ? kasan_atomics+0x152/0x310 [ 16.122664] kasan_atomics+0x1dc/0x310 [ 16.122687] ? __pfx_kasan_atomics+0x10/0x10 [ 16.122712] ? __pfx_read_tsc+0x10/0x10 [ 16.122734] ? ktime_get_ts64+0x86/0x230 [ 16.122760] kunit_try_run_case+0x1a5/0x480 [ 16.122784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.122808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.122834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.122859] ? __kthread_parkme+0x82/0x180 [ 16.122880] ? preempt_count_sub+0x50/0x80 [ 16.122905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.122931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.122956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.122982] kthread+0x337/0x6f0 [ 16.123002] ? trace_preempt_on+0x20/0xc0 [ 16.123027] ? __pfx_kthread+0x10/0x10 [ 16.123049] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.123071] ? calculate_sigpending+0x7b/0xa0 [ 16.123096] ? __pfx_kthread+0x10/0x10 [ 16.123119] ret_from_fork+0x116/0x1d0 [ 16.123138] ? __pfx_kthread+0x10/0x10 [ 16.123160] ret_from_fork_asm+0x1a/0x30 [ 16.123192] </TASK> [ 16.123203] [ 16.130623] Allocated by task 283: [ 16.130807] kasan_save_stack+0x45/0x70 [ 16.130989] kasan_save_track+0x18/0x40 [ 16.131126] kasan_save_alloc_info+0x3b/0x50 [ 16.131337] __kasan_kmalloc+0xb7/0xc0 [ 16.131526] __kmalloc_cache_noprof+0x189/0x420 [ 16.131745] kasan_atomics+0x95/0x310 [ 16.131918] kunit_try_run_case+0x1a5/0x480 [ 16.132066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.132243] kthread+0x337/0x6f0 [ 16.132411] ret_from_fork+0x116/0x1d0 [ 16.132595] ret_from_fork_asm+0x1a/0x30 [ 16.132805] [ 16.132897] The buggy address belongs to the object at ffff888102ba6080 [ 16.132897] which belongs to the cache kmalloc-64 of size 64 [ 16.133561] The buggy address is located 0 bytes to the right of [ 16.133561] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.133938] [ 16.134011] The buggy address belongs to the physical page: [ 16.134306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.134851] flags: 0x200000000000000(node=0|zone=2) [ 16.135100] page_type: f5(slab) [ 16.135272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.135507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.135744] page dumped because: kasan: bad access detected [ 16.136205] [ 16.136299] Memory state around the buggy address: [ 16.136544] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.136815] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.137116] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.137328] ^ [ 16.137482] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137969] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138294] ================================================================== [ 15.415656] ================================================================== [ 15.416073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.416363] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.416765] [ 15.416880] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.416924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.416937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.416960] Call Trace: [ 15.416977] <TASK> [ 15.416994] dump_stack_lvl+0x73/0xb0 [ 15.417024] print_report+0xd1/0x650 [ 15.417047] ? __virt_addr_valid+0x1db/0x2d0 [ 15.417072] ? kasan_atomics_helper+0xd47/0x5450 [ 15.417094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.417118] ? kasan_atomics_helper+0xd47/0x5450 [ 15.417141] kasan_report+0x141/0x180 [ 15.417164] ? kasan_atomics_helper+0xd47/0x5450 [ 15.417192] kasan_check_range+0x10c/0x1c0 [ 15.417216] __kasan_check_write+0x18/0x20 [ 15.417236] kasan_atomics_helper+0xd47/0x5450 [ 15.417260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.417283] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.417310] ? kasan_atomics+0x152/0x310 [ 15.417337] kasan_atomics+0x1dc/0x310 [ 15.417361] ? __pfx_kasan_atomics+0x10/0x10 [ 15.417385] ? __pfx_read_tsc+0x10/0x10 [ 15.417408] ? ktime_get_ts64+0x86/0x230 [ 15.417434] kunit_try_run_case+0x1a5/0x480 [ 15.417459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.417520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.417546] ? __kthread_parkme+0x82/0x180 [ 15.417567] ? preempt_count_sub+0x50/0x80 [ 15.417593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.417631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.417656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.417682] kthread+0x337/0x6f0 [ 15.417702] ? trace_preempt_on+0x20/0xc0 [ 15.417731] ? __pfx_kthread+0x10/0x10 [ 15.417752] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.417774] ? calculate_sigpending+0x7b/0xa0 [ 15.417800] ? __pfx_kthread+0x10/0x10 [ 15.417822] ret_from_fork+0x116/0x1d0 [ 15.417842] ? __pfx_kthread+0x10/0x10 [ 15.417863] ret_from_fork_asm+0x1a/0x30 [ 15.417896] </TASK> [ 15.417906] [ 15.425498] Allocated by task 283: [ 15.425683] kasan_save_stack+0x45/0x70 [ 15.426093] kasan_save_track+0x18/0x40 [ 15.426233] kasan_save_alloc_info+0x3b/0x50 [ 15.426382] __kasan_kmalloc+0xb7/0xc0 [ 15.426517] __kmalloc_cache_noprof+0x189/0x420 [ 15.426755] kasan_atomics+0x95/0x310 [ 15.426960] kunit_try_run_case+0x1a5/0x480 [ 15.427173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427438] kthread+0x337/0x6f0 [ 15.427741] ret_from_fork+0x116/0x1d0 [ 15.427885] ret_from_fork_asm+0x1a/0x30 [ 15.428024] [ 15.428094] The buggy address belongs to the object at ffff888102ba6080 [ 15.428094] which belongs to the cache kmalloc-64 of size 64 [ 15.428575] The buggy address is located 0 bytes to the right of [ 15.428575] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.429215] [ 15.429289] The buggy address belongs to the physical page: [ 15.429459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.430002] flags: 0x200000000000000(node=0|zone=2) [ 15.430225] page_type: f5(slab) [ 15.430345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.430571] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.431052] page dumped because: kasan: bad access detected [ 15.431304] [ 15.431401] Memory state around the buggy address: [ 15.431704] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.431966] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.432179] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.432389] ^ [ 15.432587] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.432911] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433225] ================================================================== [ 15.883539] ================================================================== [ 15.883895] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.884243] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.884543] [ 15.884802] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.884860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.884872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.884905] Call Trace: [ 15.884920] <TASK> [ 15.884935] dump_stack_lvl+0x73/0xb0 [ 15.884965] print_report+0xd1/0x650 [ 15.884997] ? __virt_addr_valid+0x1db/0x2d0 [ 15.885022] ? kasan_atomics_helper+0x1818/0x5450 [ 15.885045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.885079] ? kasan_atomics_helper+0x1818/0x5450 [ 15.885102] kasan_report+0x141/0x180 [ 15.885125] ? kasan_atomics_helper+0x1818/0x5450 [ 15.885153] kasan_check_range+0x10c/0x1c0 [ 15.885178] __kasan_check_write+0x18/0x20 [ 15.885200] kasan_atomics_helper+0x1818/0x5450 [ 15.885224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.885249] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.885276] ? kasan_atomics+0x152/0x310 [ 15.885305] kasan_atomics+0x1dc/0x310 [ 15.885329] ? __pfx_kasan_atomics+0x10/0x10 [ 15.885355] ? __pfx_read_tsc+0x10/0x10 [ 15.885377] ? ktime_get_ts64+0x86/0x230 [ 15.885412] kunit_try_run_case+0x1a5/0x480 [ 15.885438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.885472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.885516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.885542] ? __kthread_parkme+0x82/0x180 [ 15.885563] ? preempt_count_sub+0x50/0x80 [ 15.885589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.885625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.885651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.885677] kthread+0x337/0x6f0 [ 15.885697] ? trace_preempt_on+0x20/0xc0 [ 15.885725] ? __pfx_kthread+0x10/0x10 [ 15.885747] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.885770] ? calculate_sigpending+0x7b/0xa0 [ 15.885796] ? __pfx_kthread+0x10/0x10 [ 15.885819] ret_from_fork+0x116/0x1d0 [ 15.885848] ? __pfx_kthread+0x10/0x10 [ 15.885869] ret_from_fork_asm+0x1a/0x30 [ 15.885915] </TASK> [ 15.885925] [ 15.893508] Allocated by task 283: [ 15.893670] kasan_save_stack+0x45/0x70 [ 15.893822] kasan_save_track+0x18/0x40 [ 15.893960] kasan_save_alloc_info+0x3b/0x50 [ 15.894138] __kasan_kmalloc+0xb7/0xc0 [ 15.894337] __kmalloc_cache_noprof+0x189/0x420 [ 15.894613] kasan_atomics+0x95/0x310 [ 15.894806] kunit_try_run_case+0x1a5/0x480 [ 15.895020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.895275] kthread+0x337/0x6f0 [ 15.895445] ret_from_fork+0x116/0x1d0 [ 15.895670] ret_from_fork_asm+0x1a/0x30 [ 15.895826] [ 15.895946] The buggy address belongs to the object at ffff888102ba6080 [ 15.895946] which belongs to the cache kmalloc-64 of size 64 [ 15.896406] The buggy address is located 0 bytes to the right of [ 15.896406] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.896978] [ 15.897097] The buggy address belongs to the physical page: [ 15.897368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.897677] flags: 0x200000000000000(node=0|zone=2) [ 15.897883] page_type: f5(slab) [ 15.898030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.898439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.898828] page dumped because: kasan: bad access detected [ 15.899078] [ 15.899170] Memory state around the buggy address: [ 15.899368] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899620] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.899838] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.900138] ^ [ 15.900409] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.900791] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.901180] ================================================================== [ 15.205915] ================================================================== [ 15.206564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.206906] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.207633] [ 15.207755] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.207802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.207815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.207839] Call Trace: [ 15.207859] <TASK> [ 15.207878] dump_stack_lvl+0x73/0xb0 [ 15.207912] print_report+0xd1/0x650 [ 15.208093] ? __virt_addr_valid+0x1db/0x2d0 [ 15.208119] ? kasan_atomics_helper+0x860/0x5450 [ 15.208143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.208168] ? kasan_atomics_helper+0x860/0x5450 [ 15.208192] kasan_report+0x141/0x180 [ 15.208257] ? kasan_atomics_helper+0x860/0x5450 [ 15.208285] kasan_check_range+0x10c/0x1c0 [ 15.208311] __kasan_check_write+0x18/0x20 [ 15.208332] kasan_atomics_helper+0x860/0x5450 [ 15.208357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.208381] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.208409] ? kasan_atomics+0x152/0x310 [ 15.208437] kasan_atomics+0x1dc/0x310 [ 15.208460] ? __pfx_kasan_atomics+0x10/0x10 [ 15.208485] ? __pfx_read_tsc+0x10/0x10 [ 15.208522] ? ktime_get_ts64+0x86/0x230 [ 15.208548] kunit_try_run_case+0x1a5/0x480 [ 15.208574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.208637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.208662] ? __kthread_parkme+0x82/0x180 [ 15.208684] ? preempt_count_sub+0x50/0x80 [ 15.208711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.208788] kthread+0x337/0x6f0 [ 15.208808] ? trace_preempt_on+0x20/0xc0 [ 15.208833] ? __pfx_kthread+0x10/0x10 [ 15.208854] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.208877] ? calculate_sigpending+0x7b/0xa0 [ 15.208902] ? __pfx_kthread+0x10/0x10 [ 15.208936] ret_from_fork+0x116/0x1d0 [ 15.208955] ? __pfx_kthread+0x10/0x10 [ 15.208977] ret_from_fork_asm+0x1a/0x30 [ 15.209010] </TASK> [ 15.209022] [ 15.220896] Allocated by task 283: [ 15.221285] kasan_save_stack+0x45/0x70 [ 15.221488] kasan_save_track+0x18/0x40 [ 15.221860] kasan_save_alloc_info+0x3b/0x50 [ 15.222370] __kasan_kmalloc+0xb7/0xc0 [ 15.222611] __kmalloc_cache_noprof+0x189/0x420 [ 15.223293] kasan_atomics+0x95/0x310 [ 15.223509] kunit_try_run_case+0x1a5/0x480 [ 15.223726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224288] kthread+0x337/0x6f0 [ 15.224562] ret_from_fork+0x116/0x1d0 [ 15.225034] ret_from_fork_asm+0x1a/0x30 [ 15.225362] [ 15.225457] The buggy address belongs to the object at ffff888102ba6080 [ 15.225457] which belongs to the cache kmalloc-64 of size 64 [ 15.226464] The buggy address is located 0 bytes to the right of [ 15.226464] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.227213] [ 15.227328] The buggy address belongs to the physical page: [ 15.227851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.228756] flags: 0x200000000000000(node=0|zone=2) [ 15.229174] page_type: f5(slab) [ 15.229354] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.229910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.230427] page dumped because: kasan: bad access detected [ 15.230849] [ 15.231113] Memory state around the buggy address: [ 15.231314] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231821] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.232514] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.232829] ^ [ 15.233226] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233916] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.234236] ================================================================== [ 15.017157] ================================================================== [ 15.017523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.017860] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.018297] [ 15.018424] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.018468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.018493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.018514] Call Trace: [ 15.018538] <TASK> [ 15.018554] dump_stack_lvl+0x73/0xb0 [ 15.018585] print_report+0xd1/0x650 [ 15.018624] ? __virt_addr_valid+0x1db/0x2d0 [ 15.018649] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.018672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.018697] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.018720] kasan_report+0x141/0x180 [ 15.018742] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.018771] __asan_report_load4_noabort+0x18/0x20 [ 15.018806] kasan_atomics_helper+0x4b54/0x5450 [ 15.018830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.018865] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.018892] ? kasan_atomics+0x152/0x310 [ 15.018919] kasan_atomics+0x1dc/0x310 [ 15.019002] ? __pfx_kasan_atomics+0x10/0x10 [ 15.019028] ? __pfx_read_tsc+0x10/0x10 [ 15.019061] ? ktime_get_ts64+0x86/0x230 [ 15.019088] kunit_try_run_case+0x1a5/0x480 [ 15.019113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.019172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.019197] ? __kthread_parkme+0x82/0x180 [ 15.019229] ? preempt_count_sub+0x50/0x80 [ 15.019255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.019315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.019341] kthread+0x337/0x6f0 [ 15.019362] ? trace_preempt_on+0x20/0xc0 [ 15.019397] ? __pfx_kthread+0x10/0x10 [ 15.019419] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.019443] ? calculate_sigpending+0x7b/0xa0 [ 15.019478] ? __pfx_kthread+0x10/0x10 [ 15.019501] ret_from_fork+0x116/0x1d0 [ 15.019520] ? __pfx_kthread+0x10/0x10 [ 15.019553] ret_from_fork_asm+0x1a/0x30 [ 15.019596] </TASK> [ 15.019616] [ 15.028112] Allocated by task 283: [ 15.028316] kasan_save_stack+0x45/0x70 [ 15.028540] kasan_save_track+0x18/0x40 [ 15.028733] kasan_save_alloc_info+0x3b/0x50 [ 15.028998] __kasan_kmalloc+0xb7/0xc0 [ 15.029198] __kmalloc_cache_noprof+0x189/0x420 [ 15.029410] kasan_atomics+0x95/0x310 [ 15.029658] kunit_try_run_case+0x1a5/0x480 [ 15.029810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029985] kthread+0x337/0x6f0 [ 15.030104] ret_from_fork+0x116/0x1d0 [ 15.030234] ret_from_fork_asm+0x1a/0x30 [ 15.030440] [ 15.030657] The buggy address belongs to the object at ffff888102ba6080 [ 15.030657] which belongs to the cache kmalloc-64 of size 64 [ 15.031438] The buggy address is located 0 bytes to the right of [ 15.031438] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.032177] [ 15.032309] The buggy address belongs to the physical page: [ 15.032562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.032838] flags: 0x200000000000000(node=0|zone=2) [ 15.033183] page_type: f5(slab) [ 15.033361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.033776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.034005] page dumped because: kasan: bad access detected [ 15.034174] [ 15.034243] Memory state around the buggy address: [ 15.034399] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035186] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.035517] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.035863] ^ [ 15.036341] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036750] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.037088] ================================================================== [ 15.289657] ================================================================== [ 15.290177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.291028] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.291705] [ 15.291820] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.291965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.292005] Call Trace: [ 15.292024] <TASK> [ 15.292041] dump_stack_lvl+0x73/0xb0 [ 15.292113] print_report+0xd1/0x650 [ 15.292141] ? __virt_addr_valid+0x1db/0x2d0 [ 15.292166] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.292188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.292214] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.292237] kasan_report+0x141/0x180 [ 15.292260] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.292287] kasan_check_range+0x10c/0x1c0 [ 15.292313] __kasan_check_write+0x18/0x20 [ 15.292333] kasan_atomics_helper+0xa2b/0x5450 [ 15.292357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.292381] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.292408] ? kasan_atomics+0x152/0x310 [ 15.292436] kasan_atomics+0x1dc/0x310 [ 15.292459] ? __pfx_kasan_atomics+0x10/0x10 [ 15.292484] ? __pfx_read_tsc+0x10/0x10 [ 15.292514] ? ktime_get_ts64+0x86/0x230 [ 15.292541] kunit_try_run_case+0x1a5/0x480 [ 15.292566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.292629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.292654] ? __kthread_parkme+0x82/0x180 [ 15.292675] ? preempt_count_sub+0x50/0x80 [ 15.292701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.292780] kthread+0x337/0x6f0 [ 15.292800] ? trace_preempt_on+0x20/0xc0 [ 15.292825] ? __pfx_kthread+0x10/0x10 [ 15.292846] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.292869] ? calculate_sigpending+0x7b/0xa0 [ 15.292895] ? __pfx_kthread+0x10/0x10 [ 15.292918] ret_from_fork+0x116/0x1d0 [ 15.292937] ? __pfx_kthread+0x10/0x10 [ 15.292959] ret_from_fork_asm+0x1a/0x30 [ 15.292993] </TASK> [ 15.293003] [ 15.303952] Allocated by task 283: [ 15.304259] kasan_save_stack+0x45/0x70 [ 15.304455] kasan_save_track+0x18/0x40 [ 15.304873] kasan_save_alloc_info+0x3b/0x50 [ 15.305193] __kasan_kmalloc+0xb7/0xc0 [ 15.305574] __kmalloc_cache_noprof+0x189/0x420 [ 15.305806] kasan_atomics+0x95/0x310 [ 15.305984] kunit_try_run_case+0x1a5/0x480 [ 15.306178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306416] kthread+0x337/0x6f0 [ 15.306847] ret_from_fork+0x116/0x1d0 [ 15.307275] ret_from_fork_asm+0x1a/0x30 [ 15.307579] [ 15.307815] The buggy address belongs to the object at ffff888102ba6080 [ 15.307815] which belongs to the cache kmalloc-64 of size 64 [ 15.308558] The buggy address is located 0 bytes to the right of [ 15.308558] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.309236] [ 15.309335] The buggy address belongs to the physical page: [ 15.309876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.310334] flags: 0x200000000000000(node=0|zone=2) [ 15.310810] page_type: f5(slab) [ 15.311120] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.311769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.312171] page dumped because: kasan: bad access detected [ 15.312407] [ 15.312705] Memory state around the buggy address: [ 15.312971] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313450] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.313785] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.314079] ^ [ 15.314288] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.314949] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.315375] ================================================================== [ 15.790587] ================================================================== [ 15.791021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.791399] Write of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.792016] [ 15.792119] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.792162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.792175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.792198] Call Trace: [ 15.792215] <TASK> [ 15.792233] dump_stack_lvl+0x73/0xb0 [ 15.792264] print_report+0xd1/0x650 [ 15.792288] ? __virt_addr_valid+0x1db/0x2d0 [ 15.792313] ? kasan_atomics_helper+0x151d/0x5450 [ 15.792336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.792360] ? kasan_atomics_helper+0x151d/0x5450 [ 15.792383] kasan_report+0x141/0x180 [ 15.792406] ? kasan_atomics_helper+0x151d/0x5450 [ 15.792434] kasan_check_range+0x10c/0x1c0 [ 15.792459] __kasan_check_write+0x18/0x20 [ 15.792480] kasan_atomics_helper+0x151d/0x5450 [ 15.792504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.792528] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.792555] ? kasan_atomics+0x152/0x310 [ 15.792582] kasan_atomics+0x1dc/0x310 [ 15.792616] ? __pfx_kasan_atomics+0x10/0x10 [ 15.792641] ? __pfx_read_tsc+0x10/0x10 [ 15.792664] ? ktime_get_ts64+0x86/0x230 [ 15.792689] kunit_try_run_case+0x1a5/0x480 [ 15.792727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.792751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.792799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.792824] ? __kthread_parkme+0x82/0x180 [ 15.792847] ? preempt_count_sub+0x50/0x80 [ 15.792888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.792914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.792954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.792980] kthread+0x337/0x6f0 [ 15.793000] ? trace_preempt_on+0x20/0xc0 [ 15.793025] ? __pfx_kthread+0x10/0x10 [ 15.793047] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.793070] ? calculate_sigpending+0x7b/0xa0 [ 15.793095] ? __pfx_kthread+0x10/0x10 [ 15.793117] ret_from_fork+0x116/0x1d0 [ 15.793136] ? __pfx_kthread+0x10/0x10 [ 15.793158] ret_from_fork_asm+0x1a/0x30 [ 15.793191] </TASK> [ 15.793202] [ 15.802568] Allocated by task 283: [ 15.802723] kasan_save_stack+0x45/0x70 [ 15.802979] kasan_save_track+0x18/0x40 [ 15.803174] kasan_save_alloc_info+0x3b/0x50 [ 15.803386] __kasan_kmalloc+0xb7/0xc0 [ 15.803568] __kmalloc_cache_noprof+0x189/0x420 [ 15.803772] kasan_atomics+0x95/0x310 [ 15.803998] kunit_try_run_case+0x1a5/0x480 [ 15.804238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.804521] kthread+0x337/0x6f0 [ 15.804684] ret_from_fork+0x116/0x1d0 [ 15.804892] ret_from_fork_asm+0x1a/0x30 [ 15.805083] [ 15.805182] The buggy address belongs to the object at ffff888102ba6080 [ 15.805182] which belongs to the cache kmalloc-64 of size 64 [ 15.805628] The buggy address is located 0 bytes to the right of [ 15.805628] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.806152] [ 15.806248] The buggy address belongs to the physical page: [ 15.806528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.806876] flags: 0x200000000000000(node=0|zone=2) [ 15.807113] page_type: f5(slab) [ 15.807269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.807573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.807814] page dumped because: kasan: bad access detected [ 15.808073] [ 15.808191] Memory state around the buggy address: [ 15.808443] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.808820] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.809145] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.809423] ^ [ 15.809660] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.809979] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810296] ================================================================== [ 15.488225] ================================================================== [ 15.488588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.488973] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.489329] [ 15.489443] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.489488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.489501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.489525] Call Trace: [ 15.489545] <TASK> [ 15.489565] dump_stack_lvl+0x73/0xb0 [ 15.489596] print_report+0xd1/0x650 [ 15.489632] ? __virt_addr_valid+0x1db/0x2d0 [ 15.489656] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.489679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.489707] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.489730] kasan_report+0x141/0x180 [ 15.489754] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.489782] kasan_check_range+0x10c/0x1c0 [ 15.489806] __kasan_check_write+0x18/0x20 [ 15.489827] kasan_atomics_helper+0xfa9/0x5450 [ 15.489852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.489876] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.489937] ? kasan_atomics+0x152/0x310 [ 15.489965] kasan_atomics+0x1dc/0x310 [ 15.489990] ? __pfx_kasan_atomics+0x10/0x10 [ 15.490015] ? __pfx_read_tsc+0x10/0x10 [ 15.490038] ? ktime_get_ts64+0x86/0x230 [ 15.490064] kunit_try_run_case+0x1a5/0x480 [ 15.490090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490114] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.490140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.490166] ? __kthread_parkme+0x82/0x180 [ 15.490188] ? preempt_count_sub+0x50/0x80 [ 15.490214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.490265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.490292] kthread+0x337/0x6f0 [ 15.490311] ? trace_preempt_on+0x20/0xc0 [ 15.490337] ? __pfx_kthread+0x10/0x10 [ 15.490358] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.490381] ? calculate_sigpending+0x7b/0xa0 [ 15.490407] ? __pfx_kthread+0x10/0x10 [ 15.490429] ret_from_fork+0x116/0x1d0 [ 15.490449] ? __pfx_kthread+0x10/0x10 [ 15.490470] ret_from_fork_asm+0x1a/0x30 [ 15.490504] </TASK> [ 15.490522] [ 15.498399] Allocated by task 283: [ 15.498616] kasan_save_stack+0x45/0x70 [ 15.498821] kasan_save_track+0x18/0x40 [ 15.499031] kasan_save_alloc_info+0x3b/0x50 [ 15.499230] __kasan_kmalloc+0xb7/0xc0 [ 15.499363] __kmalloc_cache_noprof+0x189/0x420 [ 15.499626] kasan_atomics+0x95/0x310 [ 15.499816] kunit_try_run_case+0x1a5/0x480 [ 15.500041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.500237] kthread+0x337/0x6f0 [ 15.500359] ret_from_fork+0x116/0x1d0 [ 15.500492] ret_from_fork_asm+0x1a/0x30 [ 15.500713] [ 15.500809] The buggy address belongs to the object at ffff888102ba6080 [ 15.500809] which belongs to the cache kmalloc-64 of size 64 [ 15.501328] The buggy address is located 0 bytes to the right of [ 15.501328] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.502045] [ 15.502168] The buggy address belongs to the physical page: [ 15.502415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.502743] flags: 0x200000000000000(node=0|zone=2) [ 15.502909] page_type: f5(slab) [ 15.503034] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.503311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.503658] page dumped because: kasan: bad access detected [ 15.503931] [ 15.504024] Memory state around the buggy address: [ 15.504450] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504722] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.504936] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.505144] ^ [ 15.505336] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.505847] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.506188] ================================================================== [ 15.235379] ================================================================== [ 15.235854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.236572] Write of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.237308] [ 15.237531] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.237584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.237597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.237634] Call Trace: [ 15.237649] <TASK> [ 15.237709] dump_stack_lvl+0x73/0xb0 [ 15.237748] print_report+0xd1/0x650 [ 15.237772] ? __virt_addr_valid+0x1db/0x2d0 [ 15.237797] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.237819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.237844] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.237868] kasan_report+0x141/0x180 [ 15.237891] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.237919] kasan_check_range+0x10c/0x1c0 [ 15.237943] __kasan_check_write+0x18/0x20 [ 15.237963] kasan_atomics_helper+0x8f9/0x5450 [ 15.237988] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.238011] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.238039] ? kasan_atomics+0x152/0x310 [ 15.238066] kasan_atomics+0x1dc/0x310 [ 15.238090] ? __pfx_kasan_atomics+0x10/0x10 [ 15.238115] ? __pfx_read_tsc+0x10/0x10 [ 15.238137] ? ktime_get_ts64+0x86/0x230 [ 15.238163] kunit_try_run_case+0x1a5/0x480 [ 15.238191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.238214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.238241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.238266] ? __kthread_parkme+0x82/0x180 [ 15.238288] ? preempt_count_sub+0x50/0x80 [ 15.238314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.238340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.238364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.238391] kthread+0x337/0x6f0 [ 15.238411] ? trace_preempt_on+0x20/0xc0 [ 15.238436] ? __pfx_kthread+0x10/0x10 [ 15.238458] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.238479] ? calculate_sigpending+0x7b/0xa0 [ 15.238515] ? __pfx_kthread+0x10/0x10 [ 15.238537] ret_from_fork+0x116/0x1d0 [ 15.238556] ? __pfx_kthread+0x10/0x10 [ 15.238578] ret_from_fork_asm+0x1a/0x30 [ 15.238621] </TASK> [ 15.238632] [ 15.249288] Allocated by task 283: [ 15.249671] kasan_save_stack+0x45/0x70 [ 15.249871] kasan_save_track+0x18/0x40 [ 15.250059] kasan_save_alloc_info+0x3b/0x50 [ 15.250264] __kasan_kmalloc+0xb7/0xc0 [ 15.250447] __kmalloc_cache_noprof+0x189/0x420 [ 15.251130] kasan_atomics+0x95/0x310 [ 15.251334] kunit_try_run_case+0x1a5/0x480 [ 15.251725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.252133] kthread+0x337/0x6f0 [ 15.252430] ret_from_fork+0x116/0x1d0 [ 15.252887] ret_from_fork_asm+0x1a/0x30 [ 15.253138] [ 15.253387] The buggy address belongs to the object at ffff888102ba6080 [ 15.253387] which belongs to the cache kmalloc-64 of size 64 [ 15.254316] The buggy address is located 0 bytes to the right of [ 15.254316] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.255290] [ 15.255389] The buggy address belongs to the physical page: [ 15.255860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.256404] flags: 0x200000000000000(node=0|zone=2) [ 15.256764] page_type: f5(slab) [ 15.256930] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.257248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.257854] page dumped because: kasan: bad access detected [ 15.258153] [ 15.258375] Memory state around the buggy address: [ 15.258855] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259298] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.259822] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.260130] ^ [ 15.260336] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260889] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261364] ================================================================== [ 15.507156] ================================================================== [ 15.507478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.508148] Read of size 4 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 15.508376] [ 15.508502] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.508549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.508562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.508585] Call Trace: [ 15.508616] <TASK> [ 15.508635] dump_stack_lvl+0x73/0xb0 [ 15.508667] print_report+0xd1/0x650 [ 15.508690] ? __virt_addr_valid+0x1db/0x2d0 [ 15.508713] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.508734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.508757] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.508778] kasan_report+0x141/0x180 [ 15.508800] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.508827] __asan_report_load4_noabort+0x18/0x20 [ 15.508852] kasan_atomics_helper+0x4a36/0x5450 [ 15.508874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.508897] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.508948] ? kasan_atomics+0x152/0x310 [ 15.508974] kasan_atomics+0x1dc/0x310 [ 15.509009] ? __pfx_kasan_atomics+0x10/0x10 [ 15.509034] ? __pfx_read_tsc+0x10/0x10 [ 15.509072] ? ktime_get_ts64+0x86/0x230 [ 15.509110] kunit_try_run_case+0x1a5/0x480 [ 15.509135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.509159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.509186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.509211] ? __kthread_parkme+0x82/0x180 [ 15.509233] ? preempt_count_sub+0x50/0x80 [ 15.509259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.509284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.509310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.509337] kthread+0x337/0x6f0 [ 15.509357] ? trace_preempt_on+0x20/0xc0 [ 15.509383] ? __pfx_kthread+0x10/0x10 [ 15.509404] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.509444] ? calculate_sigpending+0x7b/0xa0 [ 15.509470] ? __pfx_kthread+0x10/0x10 [ 15.509493] ret_from_fork+0x116/0x1d0 [ 15.509513] ? __pfx_kthread+0x10/0x10 [ 15.509544] ret_from_fork_asm+0x1a/0x30 [ 15.509578] </TASK> [ 15.509590] [ 15.518918] Allocated by task 283: [ 15.519065] kasan_save_stack+0x45/0x70 [ 15.519277] kasan_save_track+0x18/0x40 [ 15.519483] kasan_save_alloc_info+0x3b/0x50 [ 15.519971] __kasan_kmalloc+0xb7/0xc0 [ 15.520140] __kmalloc_cache_noprof+0x189/0x420 [ 15.520495] kasan_atomics+0x95/0x310 [ 15.520876] kunit_try_run_case+0x1a5/0x480 [ 15.521159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.521518] kthread+0x337/0x6f0 [ 15.521694] ret_from_fork+0x116/0x1d0 [ 15.521978] ret_from_fork_asm+0x1a/0x30 [ 15.522139] [ 15.522240] The buggy address belongs to the object at ffff888102ba6080 [ 15.522240] which belongs to the cache kmalloc-64 of size 64 [ 15.523055] The buggy address is located 0 bytes to the right of [ 15.523055] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 15.523849] [ 15.523938] The buggy address belongs to the physical page: [ 15.524304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 15.524741] flags: 0x200000000000000(node=0|zone=2) [ 15.525036] page_type: f5(slab) [ 15.525216] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.525726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.526070] page dumped because: kasan: bad access detected [ 15.526306] [ 15.526388] Memory state around the buggy address: [ 15.526824] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527082] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.527483] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.527965] ^ [ 15.528127] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528540] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528934] ================================================================== [ 16.244592] ================================================================== [ 16.244963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.245307] Read of size 8 at addr ffff888102ba60b0 by task kunit_try_catch/283 [ 16.245680] [ 16.245774] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.245820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.245832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.245855] Call Trace: [ 16.245873] <TASK> [ 16.245888] dump_stack_lvl+0x73/0xb0 [ 16.245919] print_report+0xd1/0x650 [ 16.245944] ? __virt_addr_valid+0x1db/0x2d0 [ 16.245969] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.245995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.246021] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.246047] kasan_report+0x141/0x180 [ 16.246070] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.246099] __asan_report_load8_noabort+0x18/0x20 [ 16.246125] kasan_atomics_helper+0x4fb2/0x5450 [ 16.246149] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.246173] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.246199] ? kasan_atomics+0x152/0x310 [ 16.246227] kasan_atomics+0x1dc/0x310 [ 16.246250] ? __pfx_kasan_atomics+0x10/0x10 [ 16.246276] ? __pfx_read_tsc+0x10/0x10 [ 16.246297] ? ktime_get_ts64+0x86/0x230 [ 16.246322] kunit_try_run_case+0x1a5/0x480 [ 16.246347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.246371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.246397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.246422] ? __kthread_parkme+0x82/0x180 [ 16.246443] ? preempt_count_sub+0x50/0x80 [ 16.246468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.246494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.247370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.247443] kthread+0x337/0x6f0 [ 16.247466] ? trace_preempt_on+0x20/0xc0 [ 16.247523] ? __pfx_kthread+0x10/0x10 [ 16.247546] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.247570] ? calculate_sigpending+0x7b/0xa0 [ 16.247597] ? __pfx_kthread+0x10/0x10 [ 16.247632] ret_from_fork+0x116/0x1d0 [ 16.247652] ? __pfx_kthread+0x10/0x10 [ 16.247675] ret_from_fork_asm+0x1a/0x30 [ 16.247709] </TASK> [ 16.247721] [ 16.264506] Allocated by task 283: [ 16.264654] kasan_save_stack+0x45/0x70 [ 16.264808] kasan_save_track+0x18/0x40 [ 16.264946] kasan_save_alloc_info+0x3b/0x50 [ 16.265096] __kasan_kmalloc+0xb7/0xc0 [ 16.265228] __kmalloc_cache_noprof+0x189/0x420 [ 16.265386] kasan_atomics+0x95/0x310 [ 16.265519] kunit_try_run_case+0x1a5/0x480 [ 16.265807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.266264] kthread+0x337/0x6f0 [ 16.266586] ret_from_fork+0x116/0x1d0 [ 16.266923] ret_from_fork_asm+0x1a/0x30 [ 16.267327] [ 16.267485] The buggy address belongs to the object at ffff888102ba6080 [ 16.267485] which belongs to the cache kmalloc-64 of size 64 [ 16.268828] The buggy address is located 0 bytes to the right of [ 16.268828] allocated 48-byte region [ffff888102ba6080, ffff888102ba60b0) [ 16.269961] [ 16.270132] The buggy address belongs to the physical page: [ 16.270651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba6 [ 16.271459] flags: 0x200000000000000(node=0|zone=2) [ 16.272032] page_type: f5(slab) [ 16.272377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.273108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.273939] page dumped because: kasan: bad access detected [ 16.274454] [ 16.274596] Memory state around the buggy address: [ 16.274999] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275476] ffff888102ba6000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.275926] >ffff888102ba6080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.276138] ^ [ 16.276290] ffff888102ba6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.276525] ffff888102ba6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.277141] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.733090] ================================================================== [ 14.734028] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.734501] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.734789] [ 14.734873] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.734915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.734926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.734946] Call Trace: [ 14.734962] <TASK> [ 14.734977] dump_stack_lvl+0x73/0xb0 [ 14.735007] print_report+0xd1/0x650 [ 14.735030] ? __virt_addr_valid+0x1db/0x2d0 [ 14.735054] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.735084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.735108] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.735160] kasan_report+0x141/0x180 [ 14.735182] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.735217] kasan_check_range+0x10c/0x1c0 [ 14.735241] __kasan_check_write+0x18/0x20 [ 14.735260] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.735306] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.735350] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.735389] ? trace_hardirqs_on+0x37/0xe0 [ 14.735411] ? kasan_bitops_generic+0x92/0x1c0 [ 14.735439] kasan_bitops_generic+0x121/0x1c0 [ 14.735463] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.735487] ? trace_hardirqs_on+0x37/0xe0 [ 14.735519] ? __pfx_read_tsc+0x10/0x10 [ 14.735540] ? ktime_get_ts64+0x86/0x230 [ 14.735562] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.735589] kunit_try_run_case+0x1a5/0x480 [ 14.735625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735651] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.735697] ? __kthread_parkme+0x82/0x180 [ 14.735717] ? preempt_count_sub+0x50/0x80 [ 14.735742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.735791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.735817] kthread+0x337/0x6f0 [ 14.735898] ? trace_preempt_on+0x20/0xc0 [ 14.735921] ? __pfx_kthread+0x10/0x10 [ 14.735942] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.735964] ? calculate_sigpending+0x7b/0xa0 [ 14.735988] ? __pfx_kthread+0x10/0x10 [ 14.736010] ret_from_fork+0x116/0x1d0 [ 14.736066] ? __pfx_kthread+0x10/0x10 [ 14.736090] ret_from_fork_asm+0x1a/0x30 [ 14.736123] </TASK> [ 14.736133] [ 14.744471] Allocated by task 279: [ 14.744717] kasan_save_stack+0x45/0x70 [ 14.744910] kasan_save_track+0x18/0x40 [ 14.745104] kasan_save_alloc_info+0x3b/0x50 [ 14.745279] __kasan_kmalloc+0xb7/0xc0 [ 14.745468] __kmalloc_cache_noprof+0x189/0x420 [ 14.745725] kasan_bitops_generic+0x92/0x1c0 [ 14.745910] kunit_try_run_case+0x1a5/0x480 [ 14.746050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.746230] kthread+0x337/0x6f0 [ 14.746387] ret_from_fork+0x116/0x1d0 [ 14.746564] ret_from_fork_asm+0x1a/0x30 [ 14.746763] [ 14.746884] The buggy address belongs to the object at ffff8881026260e0 [ 14.746884] which belongs to the cache kmalloc-16 of size 16 [ 14.747359] The buggy address is located 8 bytes inside of [ 14.747359] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.747827] [ 14.748013] The buggy address belongs to the physical page: [ 14.748289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.748659] flags: 0x200000000000000(node=0|zone=2) [ 14.748938] page_type: f5(slab) [ 14.749154] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.749527] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.750061] page dumped because: kasan: bad access detected [ 14.750306] [ 14.750393] Memory state around the buggy address: [ 14.750754] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.750974] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.751179] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.751380] ^ [ 14.751751] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752073] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752418] ================================================================== [ 14.860694] ================================================================== [ 14.861154] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.861661] Read of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.862003] [ 14.862108] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.862150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.862162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.862182] Call Trace: [ 14.862196] <TASK> [ 14.862214] dump_stack_lvl+0x73/0xb0 [ 14.862242] print_report+0xd1/0x650 [ 14.862265] ? __virt_addr_valid+0x1db/0x2d0 [ 14.862288] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.862329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.862361] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.862390] kasan_report+0x141/0x180 [ 14.862412] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.862447] kasan_check_range+0x10c/0x1c0 [ 14.862471] __kasan_check_read+0x15/0x20 [ 14.862490] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.862529] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.862560] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.862584] ? trace_hardirqs_on+0x37/0xe0 [ 14.862617] ? kasan_bitops_generic+0x92/0x1c0 [ 14.862645] kasan_bitops_generic+0x121/0x1c0 [ 14.862669] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.862694] ? trace_hardirqs_on+0x37/0xe0 [ 14.862717] ? __pfx_read_tsc+0x10/0x10 [ 14.862738] ? ktime_get_ts64+0x86/0x230 [ 14.862761] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.862788] kunit_try_run_case+0x1a5/0x480 [ 14.862812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.862837] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.862863] ? __kthread_parkme+0x82/0x180 [ 14.862883] ? preempt_count_sub+0x50/0x80 [ 14.862907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.862931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.862981] kthread+0x337/0x6f0 [ 14.863000] ? trace_preempt_on+0x20/0xc0 [ 14.863022] ? __pfx_kthread+0x10/0x10 [ 14.863043] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.863064] ? calculate_sigpending+0x7b/0xa0 [ 14.863089] ? __pfx_kthread+0x10/0x10 [ 14.863112] ret_from_fork+0x116/0x1d0 [ 14.863130] ? __pfx_kthread+0x10/0x10 [ 14.863150] ret_from_fork_asm+0x1a/0x30 [ 14.863182] </TASK> [ 14.863192] [ 14.871048] Allocated by task 279: [ 14.871222] kasan_save_stack+0x45/0x70 [ 14.871416] kasan_save_track+0x18/0x40 [ 14.871611] kasan_save_alloc_info+0x3b/0x50 [ 14.871821] __kasan_kmalloc+0xb7/0xc0 [ 14.872005] __kmalloc_cache_noprof+0x189/0x420 [ 14.872222] kasan_bitops_generic+0x92/0x1c0 [ 14.872430] kunit_try_run_case+0x1a5/0x480 [ 14.872786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872962] kthread+0x337/0x6f0 [ 14.873081] ret_from_fork+0x116/0x1d0 [ 14.873211] ret_from_fork_asm+0x1a/0x30 [ 14.873366] [ 14.873461] The buggy address belongs to the object at ffff8881026260e0 [ 14.873461] which belongs to the cache kmalloc-16 of size 16 [ 14.874508] The buggy address is located 8 bytes inside of [ 14.874508] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.874994] [ 14.875083] The buggy address belongs to the physical page: [ 14.875302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.876315] flags: 0x200000000000000(node=0|zone=2) [ 14.876750] page_type: f5(slab) [ 14.876895] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.877126] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.877388] page dumped because: kasan: bad access detected [ 14.877827] [ 14.877923] Memory state around the buggy address: [ 14.878145] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.878425] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.878853] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.879063] ^ [ 14.879256] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.879820] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.880061] ================================================================== [ 14.842409] ================================================================== [ 14.842712] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843143] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.843591] [ 14.843691] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.843734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843766] Call Trace: [ 14.843782] <TASK> [ 14.843797] dump_stack_lvl+0x73/0xb0 [ 14.843826] print_report+0xd1/0x650 [ 14.843851] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843888] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843942] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843972] kasan_report+0x141/0x180 [ 14.843995] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.844029] kasan_check_range+0x10c/0x1c0 [ 14.844053] __kasan_check_write+0x18/0x20 [ 14.844072] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.844101] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.844132] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.844157] ? trace_hardirqs_on+0x37/0xe0 [ 14.844180] ? kasan_bitops_generic+0x92/0x1c0 [ 14.844208] kasan_bitops_generic+0x121/0x1c0 [ 14.844232] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.844256] ? trace_hardirqs_on+0x37/0xe0 [ 14.844277] ? __pfx_read_tsc+0x10/0x10 [ 14.844298] ? ktime_get_ts64+0x86/0x230 [ 14.844320] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.844347] kunit_try_run_case+0x1a5/0x480 [ 14.844372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844396] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.844422] ? __kthread_parkme+0x82/0x180 [ 14.844442] ? preempt_count_sub+0x50/0x80 [ 14.844467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844550] kthread+0x337/0x6f0 [ 14.844568] ? trace_preempt_on+0x20/0xc0 [ 14.844590] ? __pfx_kthread+0x10/0x10 [ 14.844621] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844642] ? calculate_sigpending+0x7b/0xa0 [ 14.844666] ? __pfx_kthread+0x10/0x10 [ 14.844687] ret_from_fork+0x116/0x1d0 [ 14.844706] ? __pfx_kthread+0x10/0x10 [ 14.844726] ret_from_fork_asm+0x1a/0x30 [ 14.844758] </TASK> [ 14.844768] [ 14.852942] Allocated by task 279: [ 14.853072] kasan_save_stack+0x45/0x70 [ 14.853214] kasan_save_track+0x18/0x40 [ 14.853406] kasan_save_alloc_info+0x3b/0x50 [ 14.853690] __kasan_kmalloc+0xb7/0xc0 [ 14.854039] __kmalloc_cache_noprof+0x189/0x420 [ 14.854197] kasan_bitops_generic+0x92/0x1c0 [ 14.854345] kunit_try_run_case+0x1a5/0x480 [ 14.854571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854838] kthread+0x337/0x6f0 [ 14.855010] ret_from_fork+0x116/0x1d0 [ 14.855202] ret_from_fork_asm+0x1a/0x30 [ 14.855398] [ 14.855481] The buggy address belongs to the object at ffff8881026260e0 [ 14.855481] which belongs to the cache kmalloc-16 of size 16 [ 14.855924] The buggy address is located 8 bytes inside of [ 14.855924] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.856452] [ 14.856543] The buggy address belongs to the physical page: [ 14.856749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.857096] flags: 0x200000000000000(node=0|zone=2) [ 14.857301] page_type: f5(slab) [ 14.857461] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.857778] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.858120] page dumped because: kasan: bad access detected [ 14.858296] [ 14.858370] Memory state around the buggy address: [ 14.858525] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.858751] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.859024] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.859347] ^ [ 14.859816] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860051] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860262] ================================================================== [ 14.772204] ================================================================== [ 14.772537] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.772965] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.773283] [ 14.773388] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.773430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.773441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.773460] Call Trace: [ 14.773475] <TASK> [ 14.773489] dump_stack_lvl+0x73/0xb0 [ 14.773517] print_report+0xd1/0x650 [ 14.773539] ? __virt_addr_valid+0x1db/0x2d0 [ 14.773562] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.773592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.773626] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.773655] kasan_report+0x141/0x180 [ 14.773676] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.773714] kasan_check_range+0x10c/0x1c0 [ 14.773738] __kasan_check_write+0x18/0x20 [ 14.773757] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.773787] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.773845] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.773869] ? trace_hardirqs_on+0x37/0xe0 [ 14.773910] ? kasan_bitops_generic+0x92/0x1c0 [ 14.773938] kasan_bitops_generic+0x121/0x1c0 [ 14.773962] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.773985] ? trace_hardirqs_on+0x37/0xe0 [ 14.774007] ? __pfx_read_tsc+0x10/0x10 [ 14.774028] ? ktime_get_ts64+0x86/0x230 [ 14.774051] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.774077] kunit_try_run_case+0x1a5/0x480 [ 14.774101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774126] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.774151] ? __kthread_parkme+0x82/0x180 [ 14.774171] ? preempt_count_sub+0x50/0x80 [ 14.774196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.774262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.774288] kthread+0x337/0x6f0 [ 14.774306] ? trace_preempt_on+0x20/0xc0 [ 14.774328] ? __pfx_kthread+0x10/0x10 [ 14.774350] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.774373] ? calculate_sigpending+0x7b/0xa0 [ 14.774397] ? __pfx_kthread+0x10/0x10 [ 14.774438] ret_from_fork+0x116/0x1d0 [ 14.774456] ? __pfx_kthread+0x10/0x10 [ 14.774477] ret_from_fork_asm+0x1a/0x30 [ 14.774509] </TASK> [ 14.774518] [ 14.783026] Allocated by task 279: [ 14.783267] kasan_save_stack+0x45/0x70 [ 14.783483] kasan_save_track+0x18/0x40 [ 14.783692] kasan_save_alloc_info+0x3b/0x50 [ 14.784118] __kasan_kmalloc+0xb7/0xc0 [ 14.784302] __kmalloc_cache_noprof+0x189/0x420 [ 14.784521] kasan_bitops_generic+0x92/0x1c0 [ 14.784738] kunit_try_run_case+0x1a5/0x480 [ 14.784942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785188] kthread+0x337/0x6f0 [ 14.785351] ret_from_fork+0x116/0x1d0 [ 14.785556] ret_from_fork_asm+0x1a/0x30 [ 14.785761] [ 14.785857] The buggy address belongs to the object at ffff8881026260e0 [ 14.785857] which belongs to the cache kmalloc-16 of size 16 [ 14.786339] The buggy address is located 8 bytes inside of [ 14.786339] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.786944] [ 14.787015] The buggy address belongs to the physical page: [ 14.787201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.787614] flags: 0x200000000000000(node=0|zone=2) [ 14.787843] page_type: f5(slab) [ 14.788007] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.788323] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.788659] page dumped because: kasan: bad access detected [ 14.788926] [ 14.788999] Memory state around the buggy address: [ 14.789215] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.789507] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.789797] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.790095] ^ [ 14.790362] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.790673] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.790969] ================================================================== [ 14.753428] ================================================================== [ 14.753803] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.754070] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.754352] [ 14.754484] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.754527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.754539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.754559] Call Trace: [ 14.754575] <TASK> [ 14.754590] dump_stack_lvl+0x73/0xb0 [ 14.754630] print_report+0xd1/0x650 [ 14.754652] ? __virt_addr_valid+0x1db/0x2d0 [ 14.754674] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.754703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.754725] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.754755] kasan_report+0x141/0x180 [ 14.754797] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.754831] kasan_check_range+0x10c/0x1c0 [ 14.754854] __kasan_check_write+0x18/0x20 [ 14.754874] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.754902] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.754933] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.754974] ? trace_hardirqs_on+0x37/0xe0 [ 14.754996] ? kasan_bitops_generic+0x92/0x1c0 [ 14.755024] kasan_bitops_generic+0x121/0x1c0 [ 14.755048] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.755071] ? trace_hardirqs_on+0x37/0xe0 [ 14.755093] ? __pfx_read_tsc+0x10/0x10 [ 14.755130] ? ktime_get_ts64+0x86/0x230 [ 14.755152] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.755179] kunit_try_run_case+0x1a5/0x480 [ 14.755203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755228] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.755253] ? __kthread_parkme+0x82/0x180 [ 14.755273] ? preempt_count_sub+0x50/0x80 [ 14.755316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.755378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.755417] kthread+0x337/0x6f0 [ 14.755449] ? trace_preempt_on+0x20/0xc0 [ 14.755484] ? __pfx_kthread+0x10/0x10 [ 14.755518] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.755552] ? calculate_sigpending+0x7b/0xa0 [ 14.755589] ? __pfx_kthread+0x10/0x10 [ 14.755634] ret_from_fork+0x116/0x1d0 [ 14.755666] ? __pfx_kthread+0x10/0x10 [ 14.755686] ret_from_fork_asm+0x1a/0x30 [ 14.755718] </TASK> [ 14.755729] [ 14.763769] Allocated by task 279: [ 14.763893] kasan_save_stack+0x45/0x70 [ 14.764031] kasan_save_track+0x18/0x40 [ 14.764161] kasan_save_alloc_info+0x3b/0x50 [ 14.764305] __kasan_kmalloc+0xb7/0xc0 [ 14.764433] __kmalloc_cache_noprof+0x189/0x420 [ 14.764664] kasan_bitops_generic+0x92/0x1c0 [ 14.764898] kunit_try_run_case+0x1a5/0x480 [ 14.765145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.765394] kthread+0x337/0x6f0 [ 14.765641] ret_from_fork+0x116/0x1d0 [ 14.765849] ret_from_fork_asm+0x1a/0x30 [ 14.766060] [ 14.766154] The buggy address belongs to the object at ffff8881026260e0 [ 14.766154] which belongs to the cache kmalloc-16 of size 16 [ 14.766680] The buggy address is located 8 bytes inside of [ 14.766680] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.767092] [ 14.767181] The buggy address belongs to the physical page: [ 14.767442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.767835] flags: 0x200000000000000(node=0|zone=2) [ 14.768063] page_type: f5(slab) [ 14.768233] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.768559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.768869] page dumped because: kasan: bad access detected [ 14.769105] [ 14.769186] Memory state around the buggy address: [ 14.769399] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.769722] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.770044] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.770313] ^ [ 14.770657] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.770959] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.771286] ================================================================== [ 14.813709] ================================================================== [ 14.814490] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.815304] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.815782] [ 14.815875] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.815921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.815933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.815954] Call Trace: [ 14.815972] <TASK> [ 14.815988] dump_stack_lvl+0x73/0xb0 [ 14.816019] print_report+0xd1/0x650 [ 14.816042] ? __virt_addr_valid+0x1db/0x2d0 [ 14.816066] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.816095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.816118] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.816147] kasan_report+0x141/0x180 [ 14.816169] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.816203] kasan_check_range+0x10c/0x1c0 [ 14.816227] __kasan_check_write+0x18/0x20 [ 14.816247] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.816276] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.816306] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.816331] ? trace_hardirqs_on+0x37/0xe0 [ 14.816354] ? kasan_bitops_generic+0x92/0x1c0 [ 14.816382] kasan_bitops_generic+0x121/0x1c0 [ 14.816406] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.816429] ? trace_hardirqs_on+0x37/0xe0 [ 14.816451] ? __pfx_read_tsc+0x10/0x10 [ 14.816472] ? ktime_get_ts64+0x86/0x230 [ 14.816494] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.816554] kunit_try_run_case+0x1a5/0x480 [ 14.816579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.816636] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.816663] ? __kthread_parkme+0x82/0x180 [ 14.816684] ? preempt_count_sub+0x50/0x80 [ 14.816708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.816733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.816783] kthread+0x337/0x6f0 [ 14.816802] ? trace_preempt_on+0x20/0xc0 [ 14.816824] ? __pfx_kthread+0x10/0x10 [ 14.816845] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.816898] ? calculate_sigpending+0x7b/0xa0 [ 14.816923] ? __pfx_kthread+0x10/0x10 [ 14.816955] ret_from_fork+0x116/0x1d0 [ 14.816973] ? __pfx_kthread+0x10/0x10 [ 14.816993] ret_from_fork_asm+0x1a/0x30 [ 14.817026] </TASK> [ 14.817036] [ 14.831110] Allocated by task 279: [ 14.831623] kasan_save_stack+0x45/0x70 [ 14.832172] kasan_save_track+0x18/0x40 [ 14.832720] kasan_save_alloc_info+0x3b/0x50 [ 14.833152] __kasan_kmalloc+0xb7/0xc0 [ 14.833423] __kmalloc_cache_noprof+0x189/0x420 [ 14.833910] kasan_bitops_generic+0x92/0x1c0 [ 14.834427] kunit_try_run_case+0x1a5/0x480 [ 14.834889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835110] kthread+0x337/0x6f0 [ 14.835642] ret_from_fork+0x116/0x1d0 [ 14.836096] ret_from_fork_asm+0x1a/0x30 [ 14.836241] [ 14.836313] The buggy address belongs to the object at ffff8881026260e0 [ 14.836313] which belongs to the cache kmalloc-16 of size 16 [ 14.836733] The buggy address is located 8 bytes inside of [ 14.836733] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.837364] [ 14.837467] The buggy address belongs to the physical page: [ 14.838046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.838428] flags: 0x200000000000000(node=0|zone=2) [ 14.838666] page_type: f5(slab) [ 14.838880] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.839162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.839468] page dumped because: kasan: bad access detected [ 14.839715] [ 14.839810] Memory state around the buggy address: [ 14.839979] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.840278] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.840558] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.840877] ^ [ 14.841112] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841406] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841662] ================================================================== [ 14.880513] ================================================================== [ 14.880875] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881254] Read of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.881541] [ 14.881662] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.881708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881739] Call Trace: [ 14.881751] <TASK> [ 14.881767] dump_stack_lvl+0x73/0xb0 [ 14.881796] print_report+0xd1/0x650 [ 14.881819] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881841] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881893] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881923] kasan_report+0x141/0x180 [ 14.881945] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881979] __asan_report_load8_noabort+0x18/0x20 [ 14.882005] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.882034] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.882065] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.882090] ? trace_hardirqs_on+0x37/0xe0 [ 14.882112] ? kasan_bitops_generic+0x92/0x1c0 [ 14.882140] kasan_bitops_generic+0x121/0x1c0 [ 14.882164] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.882188] ? trace_hardirqs_on+0x37/0xe0 [ 14.882210] ? __pfx_read_tsc+0x10/0x10 [ 14.882231] ? ktime_get_ts64+0x86/0x230 [ 14.882253] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.882280] kunit_try_run_case+0x1a5/0x480 [ 14.882304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882329] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.882354] ? __kthread_parkme+0x82/0x180 [ 14.882375] ? preempt_count_sub+0x50/0x80 [ 14.882398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882473] kthread+0x337/0x6f0 [ 14.882492] ? trace_preempt_on+0x20/0xc0 [ 14.882515] ? __pfx_kthread+0x10/0x10 [ 14.882535] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882557] ? calculate_sigpending+0x7b/0xa0 [ 14.882582] ? __pfx_kthread+0x10/0x10 [ 14.882612] ret_from_fork+0x116/0x1d0 [ 14.882631] ? __pfx_kthread+0x10/0x10 [ 14.882651] ret_from_fork_asm+0x1a/0x30 [ 14.882683] </TASK> [ 14.882703] [ 14.890702] Allocated by task 279: [ 14.890836] kasan_save_stack+0x45/0x70 [ 14.891034] kasan_save_track+0x18/0x40 [ 14.891239] kasan_save_alloc_info+0x3b/0x50 [ 14.891456] __kasan_kmalloc+0xb7/0xc0 [ 14.891659] __kmalloc_cache_noprof+0x189/0x420 [ 14.891891] kasan_bitops_generic+0x92/0x1c0 [ 14.892108] kunit_try_run_case+0x1a5/0x480 [ 14.892316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892573] kthread+0x337/0x6f0 [ 14.892700] ret_from_fork+0x116/0x1d0 [ 14.892831] ret_from_fork_asm+0x1a/0x30 [ 14.892968] [ 14.893059] The buggy address belongs to the object at ffff8881026260e0 [ 14.893059] which belongs to the cache kmalloc-16 of size 16 [ 14.893654] The buggy address is located 8 bytes inside of [ 14.893654] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.894157] [ 14.894248] The buggy address belongs to the physical page: [ 14.894419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.894845] flags: 0x200000000000000(node=0|zone=2) [ 14.895075] page_type: f5(slab) [ 14.895188] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.895405] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.896057] page dumped because: kasan: bad access detected [ 14.896239] [ 14.896306] Memory state around the buggy address: [ 14.896457] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.897051] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.897327] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.897673] ^ [ 14.897939] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.898243] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.899551] ================================================================== [ 14.791656] ================================================================== [ 14.792171] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.792522] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.792815] [ 14.792904] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.792949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.792960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.792983] Call Trace: [ 14.793001] <TASK> [ 14.793019] dump_stack_lvl+0x73/0xb0 [ 14.793049] print_report+0xd1/0x650 [ 14.793071] ? __virt_addr_valid+0x1db/0x2d0 [ 14.793095] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.793124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.793147] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.793176] kasan_report+0x141/0x180 [ 14.793197] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.793231] kasan_check_range+0x10c/0x1c0 [ 14.793255] __kasan_check_write+0x18/0x20 [ 14.793274] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.793303] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.793334] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.793358] ? trace_hardirqs_on+0x37/0xe0 [ 14.793381] ? kasan_bitops_generic+0x92/0x1c0 [ 14.793409] kasan_bitops_generic+0x121/0x1c0 [ 14.793432] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.793456] ? trace_hardirqs_on+0x37/0xe0 [ 14.793478] ? __pfx_read_tsc+0x10/0x10 [ 14.793499] ? ktime_get_ts64+0x86/0x230 [ 14.793522] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.793549] kunit_try_run_case+0x1a5/0x480 [ 14.793573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.793608] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.793635] ? __kthread_parkme+0x82/0x180 [ 14.793655] ? preempt_count_sub+0x50/0x80 [ 14.793680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.793709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.793733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.793759] kthread+0x337/0x6f0 [ 14.793778] ? trace_preempt_on+0x20/0xc0 [ 14.793801] ? __pfx_kthread+0x10/0x10 [ 14.793821] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.793842] ? calculate_sigpending+0x7b/0xa0 [ 14.793867] ? __pfx_kthread+0x10/0x10 [ 14.793888] ret_from_fork+0x116/0x1d0 [ 14.793906] ? __pfx_kthread+0x10/0x10 [ 14.793927] ret_from_fork_asm+0x1a/0x30 [ 14.793959] </TASK> [ 14.793970] [ 14.802052] Allocated by task 279: [ 14.802237] kasan_save_stack+0x45/0x70 [ 14.802437] kasan_save_track+0x18/0x40 [ 14.802802] kasan_save_alloc_info+0x3b/0x50 [ 14.803012] __kasan_kmalloc+0xb7/0xc0 [ 14.803197] __kmalloc_cache_noprof+0x189/0x420 [ 14.803418] kasan_bitops_generic+0x92/0x1c0 [ 14.803729] kunit_try_run_case+0x1a5/0x480 [ 14.803891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.804067] kthread+0x337/0x6f0 [ 14.804186] ret_from_fork+0x116/0x1d0 [ 14.804322] ret_from_fork_asm+0x1a/0x30 [ 14.804464] [ 14.805545] The buggy address belongs to the object at ffff8881026260e0 [ 14.805545] which belongs to the cache kmalloc-16 of size 16 [ 14.806120] The buggy address is located 8 bytes inside of [ 14.806120] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.807082] [ 14.807188] The buggy address belongs to the physical page: [ 14.807865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.808475] flags: 0x200000000000000(node=0|zone=2) [ 14.808856] page_type: f5(slab) [ 14.809230] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.809766] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.810169] page dumped because: kasan: bad access detected [ 14.810401] [ 14.810493] Memory state around the buggy address: [ 14.810962] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.811450] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.811778] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.812077] ^ [ 14.812353] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.812875] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.813110] ================================================================== [ 14.712084] ================================================================== [ 14.712943] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.713801] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.714172] [ 14.714309] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.714355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.714366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.714387] Call Trace: [ 14.714405] <TASK> [ 14.714444] dump_stack_lvl+0x73/0xb0 [ 14.714475] print_report+0xd1/0x650 [ 14.714498] ? __virt_addr_valid+0x1db/0x2d0 [ 14.714522] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.714551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.714585] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.714625] kasan_report+0x141/0x180 [ 14.714664] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.714699] kasan_check_range+0x10c/0x1c0 [ 14.714722] __kasan_check_write+0x18/0x20 [ 14.714742] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.714770] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.714800] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.714826] ? trace_hardirqs_on+0x37/0xe0 [ 14.714848] ? kasan_bitops_generic+0x92/0x1c0 [ 14.714877] kasan_bitops_generic+0x121/0x1c0 [ 14.714901] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.714925] ? trace_hardirqs_on+0x37/0xe0 [ 14.714946] ? __pfx_read_tsc+0x10/0x10 [ 14.714966] ? ktime_get_ts64+0x86/0x230 [ 14.714988] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.715016] kunit_try_run_case+0x1a5/0x480 [ 14.715041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715066] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.715091] ? __kthread_parkme+0x82/0x180 [ 14.715112] ? preempt_count_sub+0x50/0x80 [ 14.715136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.715161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.715186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.715210] kthread+0x337/0x6f0 [ 14.715229] ? trace_preempt_on+0x20/0xc0 [ 14.715251] ? __pfx_kthread+0x10/0x10 [ 14.715272] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.715293] ? calculate_sigpending+0x7b/0xa0 [ 14.715318] ? __pfx_kthread+0x10/0x10 [ 14.715338] ret_from_fork+0x116/0x1d0 [ 14.715356] ? __pfx_kthread+0x10/0x10 [ 14.715376] ret_from_fork_asm+0x1a/0x30 [ 14.715408] </TASK> [ 14.715418] [ 14.724317] Allocated by task 279: [ 14.724497] kasan_save_stack+0x45/0x70 [ 14.724702] kasan_save_track+0x18/0x40 [ 14.724892] kasan_save_alloc_info+0x3b/0x50 [ 14.725125] __kasan_kmalloc+0xb7/0xc0 [ 14.725269] __kmalloc_cache_noprof+0x189/0x420 [ 14.725420] kasan_bitops_generic+0x92/0x1c0 [ 14.725562] kunit_try_run_case+0x1a5/0x480 [ 14.725716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.725980] kthread+0x337/0x6f0 [ 14.726150] ret_from_fork+0x116/0x1d0 [ 14.726358] ret_from_fork_asm+0x1a/0x30 [ 14.726680] [ 14.726804] The buggy address belongs to the object at ffff8881026260e0 [ 14.726804] which belongs to the cache kmalloc-16 of size 16 [ 14.727396] The buggy address is located 8 bytes inside of [ 14.727396] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.727962] [ 14.728055] The buggy address belongs to the physical page: [ 14.728296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.728818] flags: 0x200000000000000(node=0|zone=2) [ 14.729050] page_type: f5(slab) [ 14.729190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.729486] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.729847] page dumped because: kasan: bad access detected [ 14.730042] [ 14.730108] Memory state around the buggy address: [ 14.730255] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.730459] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.730673] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.731019] ^ [ 14.731333] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.731708] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732041] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.622078] ================================================================== [ 14.622401] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.622872] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.623118] [ 14.623356] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.623405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.623417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.623438] Call Trace: [ 14.623458] <TASK> [ 14.623475] dump_stack_lvl+0x73/0xb0 [ 14.623507] print_report+0xd1/0x650 [ 14.623530] ? __virt_addr_valid+0x1db/0x2d0 [ 14.623552] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.623626] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623653] kasan_report+0x141/0x180 [ 14.623675] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623707] kasan_check_range+0x10c/0x1c0 [ 14.623730] __kasan_check_write+0x18/0x20 [ 14.623750] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623777] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.623805] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.623830] ? trace_hardirqs_on+0x37/0xe0 [ 14.623853] ? kasan_bitops_generic+0x92/0x1c0 [ 14.623881] kasan_bitops_generic+0x116/0x1c0 [ 14.623905] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.623929] ? trace_hardirqs_on+0x37/0xe0 [ 14.623951] ? __pfx_read_tsc+0x10/0x10 [ 14.623972] ? ktime_get_ts64+0x86/0x230 [ 14.623995] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.624024] kunit_try_run_case+0x1a5/0x480 [ 14.624049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.624074] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.624100] ? __kthread_parkme+0x82/0x180 [ 14.624120] ? preempt_count_sub+0x50/0x80 [ 14.624145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.624170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.624194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.624219] kthread+0x337/0x6f0 [ 14.624238] ? trace_preempt_on+0x20/0xc0 [ 14.624260] ? __pfx_kthread+0x10/0x10 [ 14.624280] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.624302] ? calculate_sigpending+0x7b/0xa0 [ 14.624327] ? __pfx_kthread+0x10/0x10 [ 14.624348] ret_from_fork+0x116/0x1d0 [ 14.624366] ? __pfx_kthread+0x10/0x10 [ 14.624387] ret_from_fork_asm+0x1a/0x30 [ 14.624419] </TASK> [ 14.624428] [ 14.633612] Allocated by task 279: [ 14.633765] kasan_save_stack+0x45/0x70 [ 14.634037] kasan_save_track+0x18/0x40 [ 14.634333] kasan_save_alloc_info+0x3b/0x50 [ 14.634677] __kasan_kmalloc+0xb7/0xc0 [ 14.634863] __kmalloc_cache_noprof+0x189/0x420 [ 14.635020] kasan_bitops_generic+0x92/0x1c0 [ 14.635170] kunit_try_run_case+0x1a5/0x480 [ 14.635429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.635712] kthread+0x337/0x6f0 [ 14.635890] ret_from_fork+0x116/0x1d0 [ 14.636087] ret_from_fork_asm+0x1a/0x30 [ 14.636227] [ 14.636300] The buggy address belongs to the object at ffff8881026260e0 [ 14.636300] which belongs to the cache kmalloc-16 of size 16 [ 14.637086] The buggy address is located 8 bytes inside of [ 14.637086] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.638067] [ 14.638144] The buggy address belongs to the physical page: [ 14.638311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.638762] flags: 0x200000000000000(node=0|zone=2) [ 14.639009] page_type: f5(slab) [ 14.639239] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.639568] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.639888] page dumped because: kasan: bad access detected [ 14.640215] [ 14.640317] Memory state around the buggy address: [ 14.640533] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.640884] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.641199] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.641483] ^ [ 14.641738] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642121] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642399] ================================================================== [ 14.578546] ================================================================== [ 14.578875] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579410] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.579740] [ 14.579828] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.579869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579901] Call Trace: [ 14.579918] <TASK> [ 14.579932] dump_stack_lvl+0x73/0xb0 [ 14.579962] print_report+0xd1/0x650 [ 14.579984] ? __virt_addr_valid+0x1db/0x2d0 [ 14.580008] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.580059] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580086] kasan_report+0x141/0x180 [ 14.580108] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580140] kasan_check_range+0x10c/0x1c0 [ 14.580164] __kasan_check_write+0x18/0x20 [ 14.580238] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580267] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.580296] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.580321] ? trace_hardirqs_on+0x37/0xe0 [ 14.580343] ? kasan_bitops_generic+0x92/0x1c0 [ 14.580373] kasan_bitops_generic+0x116/0x1c0 [ 14.580397] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.580422] ? trace_hardirqs_on+0x37/0xe0 [ 14.580444] ? __pfx_read_tsc+0x10/0x10 [ 14.580465] ? ktime_get_ts64+0x86/0x230 [ 14.580489] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.580516] kunit_try_run_case+0x1a5/0x480 [ 14.580542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580568] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.580593] ? __kthread_parkme+0x82/0x180 [ 14.580624] ? preempt_count_sub+0x50/0x80 [ 14.580649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580733] kthread+0x337/0x6f0 [ 14.580752] ? trace_preempt_on+0x20/0xc0 [ 14.580775] ? __pfx_kthread+0x10/0x10 [ 14.580796] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580817] ? calculate_sigpending+0x7b/0xa0 [ 14.580842] ? __pfx_kthread+0x10/0x10 [ 14.580863] ret_from_fork+0x116/0x1d0 [ 14.580882] ? __pfx_kthread+0x10/0x10 [ 14.580902] ret_from_fork_asm+0x1a/0x30 [ 14.580969] </TASK> [ 14.580979] [ 14.591682] Allocated by task 279: [ 14.591846] kasan_save_stack+0x45/0x70 [ 14.592056] kasan_save_track+0x18/0x40 [ 14.592769] kasan_save_alloc_info+0x3b/0x50 [ 14.592938] __kasan_kmalloc+0xb7/0xc0 [ 14.593270] __kmalloc_cache_noprof+0x189/0x420 [ 14.593502] kasan_bitops_generic+0x92/0x1c0 [ 14.594105] kunit_try_run_case+0x1a5/0x480 [ 14.594313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.594774] kthread+0x337/0x6f0 [ 14.594940] ret_from_fork+0x116/0x1d0 [ 14.595219] ret_from_fork_asm+0x1a/0x30 [ 14.595406] [ 14.595492] The buggy address belongs to the object at ffff8881026260e0 [ 14.595492] which belongs to the cache kmalloc-16 of size 16 [ 14.596270] The buggy address is located 8 bytes inside of [ 14.596270] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.597015] [ 14.597110] The buggy address belongs to the physical page: [ 14.597343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.597668] flags: 0x200000000000000(node=0|zone=2) [ 14.597969] page_type: f5(slab) [ 14.598138] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.598426] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.598746] page dumped because: kasan: bad access detected [ 14.599002] [ 14.599084] Memory state around the buggy address: [ 14.599271] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.599594] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.599835] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.600152] ^ [ 14.600367] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600699] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601014] ================================================================== [ 14.537362] ================================================================== [ 14.537918] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538411] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.538775] [ 14.538896] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.538944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.538956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.538978] Call Trace: [ 14.538991] <TASK> [ 14.539008] dump_stack_lvl+0x73/0xb0 [ 14.539042] print_report+0xd1/0x650 [ 14.539065] ? __virt_addr_valid+0x1db/0x2d0 [ 14.539090] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.539141] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539168] kasan_report+0x141/0x180 [ 14.539189] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539221] kasan_check_range+0x10c/0x1c0 [ 14.539246] __kasan_check_write+0x18/0x20 [ 14.539266] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539293] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.539322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.539347] ? trace_hardirqs_on+0x37/0xe0 [ 14.539380] ? kasan_bitops_generic+0x92/0x1c0 [ 14.539420] kasan_bitops_generic+0x116/0x1c0 [ 14.539445] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.539469] ? trace_hardirqs_on+0x37/0xe0 [ 14.539491] ? __pfx_read_tsc+0x10/0x10 [ 14.539522] ? ktime_get_ts64+0x86/0x230 [ 14.539545] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.539574] kunit_try_run_case+0x1a5/0x480 [ 14.539610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539635] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.539661] ? __kthread_parkme+0x82/0x180 [ 14.539683] ? preempt_count_sub+0x50/0x80 [ 14.539708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.539758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.539784] kthread+0x337/0x6f0 [ 14.539802] ? trace_preempt_on+0x20/0xc0 [ 14.539824] ? __pfx_kthread+0x10/0x10 [ 14.539844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.539866] ? calculate_sigpending+0x7b/0xa0 [ 14.539890] ? __pfx_kthread+0x10/0x10 [ 14.539911] ret_from_fork+0x116/0x1d0 [ 14.539930] ? __pfx_kthread+0x10/0x10 [ 14.539952] ret_from_fork_asm+0x1a/0x30 [ 14.540035] </TASK> [ 14.540046] [ 14.548344] Allocated by task 279: [ 14.548503] kasan_save_stack+0x45/0x70 [ 14.548704] kasan_save_track+0x18/0x40 [ 14.548858] kasan_save_alloc_info+0x3b/0x50 [ 14.549047] __kasan_kmalloc+0xb7/0xc0 [ 14.549231] __kmalloc_cache_noprof+0x189/0x420 [ 14.549434] kasan_bitops_generic+0x92/0x1c0 [ 14.549837] kunit_try_run_case+0x1a5/0x480 [ 14.550037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.550363] kthread+0x337/0x6f0 [ 14.550557] ret_from_fork+0x116/0x1d0 [ 14.550704] ret_from_fork_asm+0x1a/0x30 [ 14.550844] [ 14.550916] The buggy address belongs to the object at ffff8881026260e0 [ 14.550916] which belongs to the cache kmalloc-16 of size 16 [ 14.551305] The buggy address is located 8 bytes inside of [ 14.551305] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.552223] [ 14.552328] The buggy address belongs to the physical page: [ 14.552502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.552757] flags: 0x200000000000000(node=0|zone=2) [ 14.552926] page_type: f5(slab) [ 14.553047] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.553392] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.554246] page dumped because: kasan: bad access detected [ 14.554539] [ 14.554649] Memory state around the buggy address: [ 14.554880] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.555179] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.555471] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.556125] ^ [ 14.556326] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556742] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557071] ================================================================== [ 14.642880] ================================================================== [ 14.643241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.643776] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.644086] [ 14.644174] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.644218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.644230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.644252] Call Trace: [ 14.644270] <TASK> [ 14.644289] dump_stack_lvl+0x73/0xb0 [ 14.644319] print_report+0xd1/0x650 [ 14.644342] ? __virt_addr_valid+0x1db/0x2d0 [ 14.644366] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.644649] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644678] kasan_report+0x141/0x180 [ 14.644701] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644734] kasan_check_range+0x10c/0x1c0 [ 14.644758] __kasan_check_write+0x18/0x20 [ 14.644778] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644805] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.644834] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.644859] ? trace_hardirqs_on+0x37/0xe0 [ 14.644883] ? kasan_bitops_generic+0x92/0x1c0 [ 14.644910] kasan_bitops_generic+0x116/0x1c0 [ 14.644981] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.645005] ? trace_hardirqs_on+0x37/0xe0 [ 14.645027] ? __pfx_read_tsc+0x10/0x10 [ 14.645049] ? ktime_get_ts64+0x86/0x230 [ 14.645072] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.645099] kunit_try_run_case+0x1a5/0x480 [ 14.645124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645149] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.645175] ? __kthread_parkme+0x82/0x180 [ 14.645196] ? preempt_count_sub+0x50/0x80 [ 14.645220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.645269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.645295] kthread+0x337/0x6f0 [ 14.645314] ? trace_preempt_on+0x20/0xc0 [ 14.645336] ? __pfx_kthread+0x10/0x10 [ 14.645356] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.645378] ? calculate_sigpending+0x7b/0xa0 [ 14.645402] ? __pfx_kthread+0x10/0x10 [ 14.645423] ret_from_fork+0x116/0x1d0 [ 14.645441] ? __pfx_kthread+0x10/0x10 [ 14.645462] ret_from_fork_asm+0x1a/0x30 [ 14.645494] </TASK> [ 14.645504] [ 14.657761] Allocated by task 279: [ 14.657971] kasan_save_stack+0x45/0x70 [ 14.658408] kasan_save_track+0x18/0x40 [ 14.658642] kasan_save_alloc_info+0x3b/0x50 [ 14.658836] __kasan_kmalloc+0xb7/0xc0 [ 14.659260] __kmalloc_cache_noprof+0x189/0x420 [ 14.659479] kasan_bitops_generic+0x92/0x1c0 [ 14.659856] kunit_try_run_case+0x1a5/0x480 [ 14.660396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660676] kthread+0x337/0x6f0 [ 14.660849] ret_from_fork+0x116/0x1d0 [ 14.661139] ret_from_fork_asm+0x1a/0x30 [ 14.661330] [ 14.661430] The buggy address belongs to the object at ffff8881026260e0 [ 14.661430] which belongs to the cache kmalloc-16 of size 16 [ 14.661902] The buggy address is located 8 bytes inside of [ 14.661902] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.662357] [ 14.662450] The buggy address belongs to the physical page: [ 14.662792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.663134] flags: 0x200000000000000(node=0|zone=2) [ 14.663377] page_type: f5(slab) [ 14.663549] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.663900] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.664285] page dumped because: kasan: bad access detected [ 14.664496] [ 14.664614] Memory state around the buggy address: [ 14.664796] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.665394] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.665748] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.666054] ^ [ 14.666459] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666780] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.667234] ================================================================== [ 14.601501] ================================================================== [ 14.601842] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.602110] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.602767] [ 14.602863] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.602907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.602918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.602939] Call Trace: [ 14.602956] <TASK> [ 14.602971] dump_stack_lvl+0x73/0xb0 [ 14.603002] print_report+0xd1/0x650 [ 14.603026] ? __virt_addr_valid+0x1db/0x2d0 [ 14.603106] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.603157] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603184] kasan_report+0x141/0x180 [ 14.603206] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603238] kasan_check_range+0x10c/0x1c0 [ 14.603262] __kasan_check_write+0x18/0x20 [ 14.603281] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603308] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.603337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.603362] ? trace_hardirqs_on+0x37/0xe0 [ 14.603384] ? kasan_bitops_generic+0x92/0x1c0 [ 14.603413] kasan_bitops_generic+0x116/0x1c0 [ 14.603438] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.603462] ? trace_hardirqs_on+0x37/0xe0 [ 14.603485] ? __pfx_read_tsc+0x10/0x10 [ 14.603517] ? ktime_get_ts64+0x86/0x230 [ 14.603539] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.603567] kunit_try_run_case+0x1a5/0x480 [ 14.603591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603628] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.603655] ? __kthread_parkme+0x82/0x180 [ 14.603675] ? preempt_count_sub+0x50/0x80 [ 14.603700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.603750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.603776] kthread+0x337/0x6f0 [ 14.603794] ? trace_preempt_on+0x20/0xc0 [ 14.603817] ? __pfx_kthread+0x10/0x10 [ 14.603838] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.603860] ? calculate_sigpending+0x7b/0xa0 [ 14.603885] ? __pfx_kthread+0x10/0x10 [ 14.603906] ret_from_fork+0x116/0x1d0 [ 14.603924] ? __pfx_kthread+0x10/0x10 [ 14.603988] ret_from_fork_asm+0x1a/0x30 [ 14.604021] </TASK> [ 14.604030] [ 14.612870] Allocated by task 279: [ 14.613027] kasan_save_stack+0x45/0x70 [ 14.613520] kasan_save_track+0x18/0x40 [ 14.613784] kasan_save_alloc_info+0x3b/0x50 [ 14.613974] __kasan_kmalloc+0xb7/0xc0 [ 14.614107] __kmalloc_cache_noprof+0x189/0x420 [ 14.614294] kasan_bitops_generic+0x92/0x1c0 [ 14.614552] kunit_try_run_case+0x1a5/0x480 [ 14.614743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.614919] kthread+0x337/0x6f0 [ 14.615294] ret_from_fork+0x116/0x1d0 [ 14.615493] ret_from_fork_asm+0x1a/0x30 [ 14.615703] [ 14.615791] The buggy address belongs to the object at ffff8881026260e0 [ 14.615791] which belongs to the cache kmalloc-16 of size 16 [ 14.616341] The buggy address is located 8 bytes inside of [ 14.616341] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.616877] [ 14.616950] The buggy address belongs to the physical page: [ 14.617174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.617637] flags: 0x200000000000000(node=0|zone=2) [ 14.617928] page_type: f5(slab) [ 14.618130] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.618361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.618583] page dumped because: kasan: bad access detected [ 14.618845] [ 14.618938] Memory state around the buggy address: [ 14.619161] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.619465] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.619975] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.620301] ^ [ 14.620502] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.620891] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621457] ================================================================== [ 14.557622] ================================================================== [ 14.557990] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558269] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.558706] [ 14.558816] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.558857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558888] Call Trace: [ 14.558904] <TASK> [ 14.558919] dump_stack_lvl+0x73/0xb0 [ 14.558947] print_report+0xd1/0x650 [ 14.558969] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558992] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559043] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559070] kasan_report+0x141/0x180 [ 14.559092] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559124] kasan_check_range+0x10c/0x1c0 [ 14.559148] __kasan_check_write+0x18/0x20 [ 14.559167] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559194] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.559223] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559246] ? trace_hardirqs_on+0x37/0xe0 [ 14.559268] ? kasan_bitops_generic+0x92/0x1c0 [ 14.559297] kasan_bitops_generic+0x116/0x1c0 [ 14.559321] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.559345] ? trace_hardirqs_on+0x37/0xe0 [ 14.559367] ? __pfx_read_tsc+0x10/0x10 [ 14.559387] ? ktime_get_ts64+0x86/0x230 [ 14.559409] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.559438] kunit_try_run_case+0x1a5/0x480 [ 14.559461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559487] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.559564] ? __kthread_parkme+0x82/0x180 [ 14.559587] ? preempt_count_sub+0x50/0x80 [ 14.559624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559701] kthread+0x337/0x6f0 [ 14.559720] ? trace_preempt_on+0x20/0xc0 [ 14.559742] ? __pfx_kthread+0x10/0x10 [ 14.559763] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559785] ? calculate_sigpending+0x7b/0xa0 [ 14.559810] ? __pfx_kthread+0x10/0x10 [ 14.559832] ret_from_fork+0x116/0x1d0 [ 14.559850] ? __pfx_kthread+0x10/0x10 [ 14.559870] ret_from_fork_asm+0x1a/0x30 [ 14.559901] </TASK> [ 14.559911] [ 14.569651] Allocated by task 279: [ 14.569862] kasan_save_stack+0x45/0x70 [ 14.570285] kasan_save_track+0x18/0x40 [ 14.570488] kasan_save_alloc_info+0x3b/0x50 [ 14.570716] __kasan_kmalloc+0xb7/0xc0 [ 14.570911] __kmalloc_cache_noprof+0x189/0x420 [ 14.571116] kasan_bitops_generic+0x92/0x1c0 [ 14.571292] kunit_try_run_case+0x1a5/0x480 [ 14.571450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571941] kthread+0x337/0x6f0 [ 14.572179] ret_from_fork+0x116/0x1d0 [ 14.572350] ret_from_fork_asm+0x1a/0x30 [ 14.572517] [ 14.572629] The buggy address belongs to the object at ffff8881026260e0 [ 14.572629] which belongs to the cache kmalloc-16 of size 16 [ 14.573163] The buggy address is located 8 bytes inside of [ 14.573163] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.573680] [ 14.573778] The buggy address belongs to the physical page: [ 14.574055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.574378] flags: 0x200000000000000(node=0|zone=2) [ 14.574614] page_type: f5(slab) [ 14.574735] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574982] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.575375] page dumped because: kasan: bad access detected [ 14.575655] [ 14.575751] Memory state around the buggy address: [ 14.575930] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.576143] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.576462] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.576985] ^ [ 14.577259] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577524] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577809] ================================================================== [ 14.667826] ================================================================== [ 14.668196] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668581] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.668891] [ 14.669015] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.669062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669096] Call Trace: [ 14.669169] <TASK> [ 14.669187] dump_stack_lvl+0x73/0xb0 [ 14.669219] print_report+0xd1/0x650 [ 14.669241] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669265] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669314] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669341] kasan_report+0x141/0x180 [ 14.669363] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669395] kasan_check_range+0x10c/0x1c0 [ 14.669418] __kasan_check_write+0x18/0x20 [ 14.669437] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669464] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.669492] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669517] ? trace_hardirqs_on+0x37/0xe0 [ 14.669548] ? kasan_bitops_generic+0x92/0x1c0 [ 14.669576] kasan_bitops_generic+0x116/0x1c0 [ 14.669612] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669636] ? trace_hardirqs_on+0x37/0xe0 [ 14.669659] ? __pfx_read_tsc+0x10/0x10 [ 14.669680] ? ktime_get_ts64+0x86/0x230 [ 14.669728] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.669758] kunit_try_run_case+0x1a5/0x480 [ 14.669782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669807] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.669834] ? __kthread_parkme+0x82/0x180 [ 14.669855] ? preempt_count_sub+0x50/0x80 [ 14.669880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669996] kthread+0x337/0x6f0 [ 14.670014] ? trace_preempt_on+0x20/0xc0 [ 14.670037] ? __pfx_kthread+0x10/0x10 [ 14.670057] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.670079] ? calculate_sigpending+0x7b/0xa0 [ 14.670103] ? __pfx_kthread+0x10/0x10 [ 14.670125] ret_from_fork+0x116/0x1d0 [ 14.670143] ? __pfx_kthread+0x10/0x10 [ 14.670163] ret_from_fork_asm+0x1a/0x30 [ 14.670195] </TASK> [ 14.670205] [ 14.678848] Allocated by task 279: [ 14.679029] kasan_save_stack+0x45/0x70 [ 14.679179] kasan_save_track+0x18/0x40 [ 14.679314] kasan_save_alloc_info+0x3b/0x50 [ 14.679529] __kasan_kmalloc+0xb7/0xc0 [ 14.679803] __kmalloc_cache_noprof+0x189/0x420 [ 14.680104] kasan_bitops_generic+0x92/0x1c0 [ 14.680328] kunit_try_run_case+0x1a5/0x480 [ 14.680571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680796] kthread+0x337/0x6f0 [ 14.681141] ret_from_fork+0x116/0x1d0 [ 14.681345] ret_from_fork_asm+0x1a/0x30 [ 14.681571] [ 14.681679] The buggy address belongs to the object at ffff8881026260e0 [ 14.681679] which belongs to the cache kmalloc-16 of size 16 [ 14.682289] The buggy address is located 8 bytes inside of [ 14.682289] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.682707] [ 14.682805] The buggy address belongs to the physical page: [ 14.683133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.683490] flags: 0x200000000000000(node=0|zone=2) [ 14.683752] page_type: f5(slab) [ 14.683981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.684298] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684621] page dumped because: kasan: bad access detected [ 14.684855] [ 14.684996] Memory state around the buggy address: [ 14.685201] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.685445] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.685745] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.686268] ^ [ 14.686498] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686833] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687217] ================================================================== [ 14.689202] ================================================================== [ 14.689926] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.691204] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.691654] [ 14.691886] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.691954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.691966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.691988] Call Trace: [ 14.692004] <TASK> [ 14.692020] dump_stack_lvl+0x73/0xb0 [ 14.692055] print_report+0xd1/0x650 [ 14.692077] ? __virt_addr_valid+0x1db/0x2d0 [ 14.692101] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.692150] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692178] kasan_report+0x141/0x180 [ 14.692201] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692232] kasan_check_range+0x10c/0x1c0 [ 14.692255] __kasan_check_write+0x18/0x20 [ 14.692275] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692301] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.692329] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.692354] ? trace_hardirqs_on+0x37/0xe0 [ 14.692377] ? kasan_bitops_generic+0x92/0x1c0 [ 14.692405] kasan_bitops_generic+0x116/0x1c0 [ 14.692429] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.692452] ? trace_hardirqs_on+0x37/0xe0 [ 14.692473] ? __pfx_read_tsc+0x10/0x10 [ 14.692496] ? ktime_get_ts64+0x86/0x230 [ 14.692597] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.692639] kunit_try_run_case+0x1a5/0x480 [ 14.692663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692689] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.692714] ? __kthread_parkme+0x82/0x180 [ 14.692735] ? preempt_count_sub+0x50/0x80 [ 14.692759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.692808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.692833] kthread+0x337/0x6f0 [ 14.692853] ? trace_preempt_on+0x20/0xc0 [ 14.692875] ? __pfx_kthread+0x10/0x10 [ 14.692895] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.692916] ? calculate_sigpending+0x7b/0xa0 [ 14.692941] ? __pfx_kthread+0x10/0x10 [ 14.692962] ret_from_fork+0x116/0x1d0 [ 14.692981] ? __pfx_kthread+0x10/0x10 [ 14.693002] ret_from_fork_asm+0x1a/0x30 [ 14.693033] </TASK> [ 14.693043] [ 14.703246] Allocated by task 279: [ 14.703379] kasan_save_stack+0x45/0x70 [ 14.703696] kasan_save_track+0x18/0x40 [ 14.703909] kasan_save_alloc_info+0x3b/0x50 [ 14.704122] __kasan_kmalloc+0xb7/0xc0 [ 14.704319] __kmalloc_cache_noprof+0x189/0x420 [ 14.704566] kasan_bitops_generic+0x92/0x1c0 [ 14.704796] kunit_try_run_case+0x1a5/0x480 [ 14.705004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.705431] kthread+0x337/0x6f0 [ 14.705548] ret_from_fork+0x116/0x1d0 [ 14.705684] ret_from_fork_asm+0x1a/0x30 [ 14.705821] [ 14.705958] The buggy address belongs to the object at ffff8881026260e0 [ 14.705958] which belongs to the cache kmalloc-16 of size 16 [ 14.706511] The buggy address is located 8 bytes inside of [ 14.706511] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.706986] [ 14.707056] The buggy address belongs to the physical page: [ 14.707341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.707936] flags: 0x200000000000000(node=0|zone=2) [ 14.708175] page_type: f5(slab) [ 14.708316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.708538] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.708773] page dumped because: kasan: bad access detected [ 14.709123] [ 14.709238] Memory state around the buggy address: [ 14.709459] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.709799] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710112] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.710422] ^ [ 14.710661] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711003] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.503786] ================================================================== [ 14.504297] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.504716] Read of size 1 at addr ffff88810267d890 by task kunit_try_catch/277 [ 14.505383] [ 14.505668] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.505727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.505738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.505761] Call Trace: [ 14.505780] <TASK> [ 14.505835] dump_stack_lvl+0x73/0xb0 [ 14.505870] print_report+0xd1/0x650 [ 14.505894] ? __virt_addr_valid+0x1db/0x2d0 [ 14.505986] ? strnlen+0x73/0x80 [ 14.506005] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.506031] ? strnlen+0x73/0x80 [ 14.506048] kasan_report+0x141/0x180 [ 14.506070] ? strnlen+0x73/0x80 [ 14.506092] __asan_report_load1_noabort+0x18/0x20 [ 14.506118] strnlen+0x73/0x80 [ 14.506136] kasan_strings+0x615/0xe80 [ 14.506156] ? trace_hardirqs_on+0x37/0xe0 [ 14.506180] ? __pfx_kasan_strings+0x10/0x10 [ 14.506201] ? finish_task_switch.isra.0+0x153/0x700 [ 14.506225] ? __switch_to+0x47/0xf50 [ 14.506251] ? __schedule+0x10cc/0x2b60 [ 14.506273] ? __pfx_read_tsc+0x10/0x10 [ 14.506293] ? ktime_get_ts64+0x86/0x230 [ 14.506319] kunit_try_run_case+0x1a5/0x480 [ 14.506343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.506367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.506392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.506416] ? __kthread_parkme+0x82/0x180 [ 14.506438] ? preempt_count_sub+0x50/0x80 [ 14.506461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.506504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.506530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.506555] kthread+0x337/0x6f0 [ 14.506574] ? trace_preempt_on+0x20/0xc0 [ 14.506597] ? __pfx_kthread+0x10/0x10 [ 14.506626] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.506663] ? calculate_sigpending+0x7b/0xa0 [ 14.506687] ? __pfx_kthread+0x10/0x10 [ 14.506709] ret_from_fork+0x116/0x1d0 [ 14.506728] ? __pfx_kthread+0x10/0x10 [ 14.506747] ret_from_fork_asm+0x1a/0x30 [ 14.506779] </TASK> [ 14.506789] [ 14.519433] Allocated by task 277: [ 14.519671] kasan_save_stack+0x45/0x70 [ 14.519828] kasan_save_track+0x18/0x40 [ 14.520140] kasan_save_alloc_info+0x3b/0x50 [ 14.520365] __kasan_kmalloc+0xb7/0xc0 [ 14.520521] __kmalloc_cache_noprof+0x189/0x420 [ 14.520760] kasan_strings+0xc0/0xe80 [ 14.520981] kunit_try_run_case+0x1a5/0x480 [ 14.521167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521404] kthread+0x337/0x6f0 [ 14.521579] ret_from_fork+0x116/0x1d0 [ 14.521731] ret_from_fork_asm+0x1a/0x30 [ 14.521908] [ 14.522003] Freed by task 277: [ 14.522184] kasan_save_stack+0x45/0x70 [ 14.522335] kasan_save_track+0x18/0x40 [ 14.522468] kasan_save_free_info+0x3f/0x60 [ 14.522940] __kasan_slab_free+0x56/0x70 [ 14.523143] kfree+0x222/0x3f0 [ 14.523362] kasan_strings+0x2aa/0xe80 [ 14.523538] kunit_try_run_case+0x1a5/0x480 [ 14.523702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524178] kthread+0x337/0x6f0 [ 14.524358] ret_from_fork+0x116/0x1d0 [ 14.524529] ret_from_fork_asm+0x1a/0x30 [ 14.524684] [ 14.524758] The buggy address belongs to the object at ffff88810267d880 [ 14.524758] which belongs to the cache kmalloc-32 of size 32 [ 14.525545] The buggy address is located 16 bytes inside of [ 14.525545] freed 32-byte region [ffff88810267d880, ffff88810267d8a0) [ 14.525919] [ 14.526129] The buggy address belongs to the physical page: [ 14.526385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267d [ 14.526798] flags: 0x200000000000000(node=0|zone=2) [ 14.527088] page_type: f5(slab) [ 14.527212] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.527455] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.528132] page dumped because: kasan: bad access detected [ 14.528357] [ 14.528505] Memory state around the buggy address: [ 14.528675] ffff88810267d780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.529365] ffff88810267d800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.529733] >ffff88810267d880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.529961] ^ [ 14.530114] ffff88810267d900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.530448] ffff88810267d980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.530889] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.478258] ================================================================== [ 14.478572] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.478870] Read of size 1 at addr ffff88810267d890 by task kunit_try_catch/277 [ 14.479200] [ 14.479290] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.479332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.479344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.479389] Call Trace: [ 14.479407] <TASK> [ 14.479424] dump_stack_lvl+0x73/0xb0 [ 14.479453] print_report+0xd1/0x650 [ 14.479476] ? __virt_addr_valid+0x1db/0x2d0 [ 14.479499] ? strlen+0x8f/0xb0 [ 14.479515] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.479555] ? strlen+0x8f/0xb0 [ 14.479573] kasan_report+0x141/0x180 [ 14.479595] ? strlen+0x8f/0xb0 [ 14.479629] __asan_report_load1_noabort+0x18/0x20 [ 14.479654] strlen+0x8f/0xb0 [ 14.479671] kasan_strings+0x57b/0xe80 [ 14.479705] ? trace_hardirqs_on+0x37/0xe0 [ 14.479729] ? __pfx_kasan_strings+0x10/0x10 [ 14.479750] ? finish_task_switch.isra.0+0x153/0x700 [ 14.479773] ? __switch_to+0x47/0xf50 [ 14.479799] ? __schedule+0x10cc/0x2b60 [ 14.479821] ? __pfx_read_tsc+0x10/0x10 [ 14.479841] ? ktime_get_ts64+0x86/0x230 [ 14.479866] kunit_try_run_case+0x1a5/0x480 [ 14.479891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.479939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.479963] ? __kthread_parkme+0x82/0x180 [ 14.479984] ? preempt_count_sub+0x50/0x80 [ 14.480007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.480032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.480057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.480081] kthread+0x337/0x6f0 [ 14.480100] ? trace_preempt_on+0x20/0xc0 [ 14.480122] ? __pfx_kthread+0x10/0x10 [ 14.480143] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.480164] ? calculate_sigpending+0x7b/0xa0 [ 14.480189] ? __pfx_kthread+0x10/0x10 [ 14.480211] ret_from_fork+0x116/0x1d0 [ 14.480228] ? __pfx_kthread+0x10/0x10 [ 14.480248] ret_from_fork_asm+0x1a/0x30 [ 14.480280] </TASK> [ 14.480290] [ 14.488547] Allocated by task 277: [ 14.488909] kasan_save_stack+0x45/0x70 [ 14.489076] kasan_save_track+0x18/0x40 [ 14.489212] kasan_save_alloc_info+0x3b/0x50 [ 14.489360] __kasan_kmalloc+0xb7/0xc0 [ 14.489751] __kmalloc_cache_noprof+0x189/0x420 [ 14.490147] kasan_strings+0xc0/0xe80 [ 14.490363] kunit_try_run_case+0x1a5/0x480 [ 14.490636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.490881] kthread+0x337/0x6f0 [ 14.491114] ret_from_fork+0x116/0x1d0 [ 14.491314] ret_from_fork_asm+0x1a/0x30 [ 14.491494] [ 14.491614] Freed by task 277: [ 14.491771] kasan_save_stack+0x45/0x70 [ 14.491972] kasan_save_track+0x18/0x40 [ 14.492239] kasan_save_free_info+0x3f/0x60 [ 14.492443] __kasan_slab_free+0x56/0x70 [ 14.492657] kfree+0x222/0x3f0 [ 14.492886] kasan_strings+0x2aa/0xe80 [ 14.493058] kunit_try_run_case+0x1a5/0x480 [ 14.493290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.493457] kthread+0x337/0x6f0 [ 14.493571] ret_from_fork+0x116/0x1d0 [ 14.494021] ret_from_fork_asm+0x1a/0x30 [ 14.494224] [ 14.494318] The buggy address belongs to the object at ffff88810267d880 [ 14.494318] which belongs to the cache kmalloc-32 of size 32 [ 14.494896] The buggy address is located 16 bytes inside of [ 14.494896] freed 32-byte region [ffff88810267d880, ffff88810267d8a0) [ 14.495968] [ 14.496079] The buggy address belongs to the physical page: [ 14.496293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267d [ 14.496668] flags: 0x200000000000000(node=0|zone=2) [ 14.496882] page_type: f5(slab) [ 14.497195] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.497469] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.497867] page dumped because: kasan: bad access detected [ 14.498164] [ 14.498230] Memory state around the buggy address: [ 14.498379] ffff88810267d780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.498584] ffff88810267d800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.498934] >ffff88810267d880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.499247] ^ [ 14.499425] ffff88810267d900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.500184] ffff88810267d980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.501193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.455749] ================================================================== [ 14.456310] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.456633] Read of size 1 at addr ffff88810267d890 by task kunit_try_catch/277 [ 14.456852] [ 14.457088] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.457136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.457147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.457187] Call Trace: [ 14.457203] <TASK> [ 14.457220] dump_stack_lvl+0x73/0xb0 [ 14.457249] print_report+0xd1/0x650 [ 14.457272] ? __virt_addr_valid+0x1db/0x2d0 [ 14.457295] ? kasan_strings+0xcbc/0xe80 [ 14.457316] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.457339] ? kasan_strings+0xcbc/0xe80 [ 14.457379] kasan_report+0x141/0x180 [ 14.457400] ? kasan_strings+0xcbc/0xe80 [ 14.457426] __asan_report_load1_noabort+0x18/0x20 [ 14.457451] kasan_strings+0xcbc/0xe80 [ 14.457470] ? trace_hardirqs_on+0x37/0xe0 [ 14.457494] ? __pfx_kasan_strings+0x10/0x10 [ 14.457514] ? finish_task_switch.isra.0+0x153/0x700 [ 14.457537] ? __switch_to+0x47/0xf50 [ 14.457563] ? __schedule+0x10cc/0x2b60 [ 14.457612] ? __pfx_read_tsc+0x10/0x10 [ 14.457633] ? ktime_get_ts64+0x86/0x230 [ 14.457659] kunit_try_run_case+0x1a5/0x480 [ 14.457684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.457711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.457736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.457760] ? __kthread_parkme+0x82/0x180 [ 14.457780] ? preempt_count_sub+0x50/0x80 [ 14.457803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.457828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.457853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.457878] kthread+0x337/0x6f0 [ 14.457897] ? trace_preempt_on+0x20/0xc0 [ 14.457920] ? __pfx_kthread+0x10/0x10 [ 14.457941] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.457962] ? calculate_sigpending+0x7b/0xa0 [ 14.457986] ? __pfx_kthread+0x10/0x10 [ 14.458007] ret_from_fork+0x116/0x1d0 [ 14.458025] ? __pfx_kthread+0x10/0x10 [ 14.458045] ret_from_fork_asm+0x1a/0x30 [ 14.458076] </TASK> [ 14.458087] [ 14.466244] Allocated by task 277: [ 14.466396] kasan_save_stack+0x45/0x70 [ 14.466660] kasan_save_track+0x18/0x40 [ 14.466856] kasan_save_alloc_info+0x3b/0x50 [ 14.467056] __kasan_kmalloc+0xb7/0xc0 [ 14.467321] __kmalloc_cache_noprof+0x189/0x420 [ 14.467565] kasan_strings+0xc0/0xe80 [ 14.467768] kunit_try_run_case+0x1a5/0x480 [ 14.467995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.468252] kthread+0x337/0x6f0 [ 14.468410] ret_from_fork+0x116/0x1d0 [ 14.468595] ret_from_fork_asm+0x1a/0x30 [ 14.468780] [ 14.468914] Freed by task 277: [ 14.469133] kasan_save_stack+0x45/0x70 [ 14.469277] kasan_save_track+0x18/0x40 [ 14.469443] kasan_save_free_info+0x3f/0x60 [ 14.469842] __kasan_slab_free+0x56/0x70 [ 14.470096] kfree+0x222/0x3f0 [ 14.470217] kasan_strings+0x2aa/0xe80 [ 14.470348] kunit_try_run_case+0x1a5/0x480 [ 14.470499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.470785] kthread+0x337/0x6f0 [ 14.470953] ret_from_fork+0x116/0x1d0 [ 14.471136] ret_from_fork_asm+0x1a/0x30 [ 14.471681] [ 14.471773] The buggy address belongs to the object at ffff88810267d880 [ 14.471773] which belongs to the cache kmalloc-32 of size 32 [ 14.472310] The buggy address is located 16 bytes inside of [ 14.472310] freed 32-byte region [ffff88810267d880, ffff88810267d8a0) [ 14.473214] [ 14.473324] The buggy address belongs to the physical page: [ 14.473547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267d [ 14.473914] flags: 0x200000000000000(node=0|zone=2) [ 14.474196] page_type: f5(slab) [ 14.474363] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.474721] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.475126] page dumped because: kasan: bad access detected [ 14.475352] [ 14.475422] Memory state around the buggy address: [ 14.475711] ffff88810267d780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.476017] ffff88810267d800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.476304] >ffff88810267d880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.476660] ^ [ 14.476791] ffff88810267d900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.477004] ffff88810267d980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.477288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.432821] ================================================================== [ 14.434044] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.434333] Read of size 1 at addr ffff88810267d890 by task kunit_try_catch/277 [ 14.434761] [ 14.434895] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.434985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.434999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.435021] Call Trace: [ 14.435033] <TASK> [ 14.435048] dump_stack_lvl+0x73/0xb0 [ 14.435102] print_report+0xd1/0x650 [ 14.435126] ? __virt_addr_valid+0x1db/0x2d0 [ 14.435150] ? strcmp+0xb0/0xc0 [ 14.435179] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.435203] ? strcmp+0xb0/0xc0 [ 14.435220] kasan_report+0x141/0x180 [ 14.435242] ? strcmp+0xb0/0xc0 [ 14.435264] __asan_report_load1_noabort+0x18/0x20 [ 14.435289] strcmp+0xb0/0xc0 [ 14.435308] kasan_strings+0x431/0xe80 [ 14.435328] ? trace_hardirqs_on+0x37/0xe0 [ 14.435352] ? __pfx_kasan_strings+0x10/0x10 [ 14.435374] ? finish_task_switch.isra.0+0x153/0x700 [ 14.435398] ? __switch_to+0x47/0xf50 [ 14.435424] ? __schedule+0x10cc/0x2b60 [ 14.435446] ? __pfx_read_tsc+0x10/0x10 [ 14.435469] ? ktime_get_ts64+0x86/0x230 [ 14.435494] kunit_try_run_case+0x1a5/0x480 [ 14.435519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.435567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.435591] ? __kthread_parkme+0x82/0x180 [ 14.435624] ? preempt_count_sub+0x50/0x80 [ 14.435658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.435728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.435754] kthread+0x337/0x6f0 [ 14.435772] ? trace_preempt_on+0x20/0xc0 [ 14.435795] ? __pfx_kthread+0x10/0x10 [ 14.435815] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.435836] ? calculate_sigpending+0x7b/0xa0 [ 14.435860] ? __pfx_kthread+0x10/0x10 [ 14.435881] ret_from_fork+0x116/0x1d0 [ 14.435899] ? __pfx_kthread+0x10/0x10 [ 14.435920] ret_from_fork_asm+0x1a/0x30 [ 14.435994] </TASK> [ 14.436004] [ 14.443674] Allocated by task 277: [ 14.443807] kasan_save_stack+0x45/0x70 [ 14.444343] kasan_save_track+0x18/0x40 [ 14.444810] kasan_save_alloc_info+0x3b/0x50 [ 14.445100] __kasan_kmalloc+0xb7/0xc0 [ 14.445253] __kmalloc_cache_noprof+0x189/0x420 [ 14.445481] kasan_strings+0xc0/0xe80 [ 14.445695] kunit_try_run_case+0x1a5/0x480 [ 14.445890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.446181] kthread+0x337/0x6f0 [ 14.446373] ret_from_fork+0x116/0x1d0 [ 14.446540] ret_from_fork_asm+0x1a/0x30 [ 14.446686] [ 14.446756] Freed by task 277: [ 14.446862] kasan_save_stack+0x45/0x70 [ 14.446993] kasan_save_track+0x18/0x40 [ 14.447241] kasan_save_free_info+0x3f/0x60 [ 14.447448] __kasan_slab_free+0x56/0x70 [ 14.447651] kfree+0x222/0x3f0 [ 14.448017] kasan_strings+0x2aa/0xe80 [ 14.448212] kunit_try_run_case+0x1a5/0x480 [ 14.448398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448731] kthread+0x337/0x6f0 [ 14.449049] ret_from_fork+0x116/0x1d0 [ 14.449202] ret_from_fork_asm+0x1a/0x30 [ 14.449401] [ 14.449496] The buggy address belongs to the object at ffff88810267d880 [ 14.449496] which belongs to the cache kmalloc-32 of size 32 [ 14.450045] The buggy address is located 16 bytes inside of [ 14.450045] freed 32-byte region [ffff88810267d880, ffff88810267d8a0) [ 14.450654] [ 14.450726] The buggy address belongs to the physical page: [ 14.450896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267d [ 14.451341] flags: 0x200000000000000(node=0|zone=2) [ 14.451583] page_type: f5(slab) [ 14.451762] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.452089] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.452311] page dumped because: kasan: bad access detected [ 14.452834] [ 14.452931] Memory state around the buggy address: [ 14.453219] ffff88810267d780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.453505] ffff88810267d800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.453802] >ffff88810267d880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.454148] ^ [ 14.454307] ffff88810267d900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.454564] ffff88810267d980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.455334] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.407789] ================================================================== [ 14.408239] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.408547] Read of size 1 at addr ffff88810267d758 by task kunit_try_catch/275 [ 14.408845] [ 14.408957] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.409005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.409018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.409040] Call Trace: [ 14.409053] <TASK> [ 14.409072] dump_stack_lvl+0x73/0xb0 [ 14.409104] print_report+0xd1/0x650 [ 14.409132] ? __virt_addr_valid+0x1db/0x2d0 [ 14.409158] ? memcmp+0x1b4/0x1d0 [ 14.409176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.409201] ? memcmp+0x1b4/0x1d0 [ 14.409219] kasan_report+0x141/0x180 [ 14.409241] ? memcmp+0x1b4/0x1d0 [ 14.409264] __asan_report_load1_noabort+0x18/0x20 [ 14.409289] memcmp+0x1b4/0x1d0 [ 14.409310] kasan_memcmp+0x18f/0x390 [ 14.409331] ? trace_hardirqs_on+0x37/0xe0 [ 14.409358] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.409379] ? finish_task_switch.isra.0+0x153/0x700 [ 14.409404] ? __switch_to+0x47/0xf50 [ 14.409435] ? __pfx_read_tsc+0x10/0x10 [ 14.409457] ? ktime_get_ts64+0x86/0x230 [ 14.409483] kunit_try_run_case+0x1a5/0x480 [ 14.409512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.409561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.409586] ? __kthread_parkme+0x82/0x180 [ 14.409632] ? preempt_count_sub+0x50/0x80 [ 14.409657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.409712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.409738] kthread+0x337/0x6f0 [ 14.409757] ? trace_preempt_on+0x20/0xc0 [ 14.409781] ? __pfx_kthread+0x10/0x10 [ 14.409803] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.409826] ? calculate_sigpending+0x7b/0xa0 [ 14.409851] ? __pfx_kthread+0x10/0x10 [ 14.409873] ret_from_fork+0x116/0x1d0 [ 14.409892] ? __pfx_kthread+0x10/0x10 [ 14.409912] ret_from_fork_asm+0x1a/0x30 [ 14.409957] </TASK> [ 14.409970] [ 14.417677] Allocated by task 275: [ 14.417854] kasan_save_stack+0x45/0x70 [ 14.418003] kasan_save_track+0x18/0x40 [ 14.418167] kasan_save_alloc_info+0x3b/0x50 [ 14.418553] __kasan_kmalloc+0xb7/0xc0 [ 14.418777] __kmalloc_cache_noprof+0x189/0x420 [ 14.418986] kasan_memcmp+0xb7/0x390 [ 14.419205] kunit_try_run_case+0x1a5/0x480 [ 14.419465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.419707] kthread+0x337/0x6f0 [ 14.419829] ret_from_fork+0x116/0x1d0 [ 14.420031] ret_from_fork_asm+0x1a/0x30 [ 14.420294] [ 14.420490] The buggy address belongs to the object at ffff88810267d740 [ 14.420490] which belongs to the cache kmalloc-32 of size 32 [ 14.421050] The buggy address is located 0 bytes to the right of [ 14.421050] allocated 24-byte region [ffff88810267d740, ffff88810267d758) [ 14.421589] [ 14.421705] The buggy address belongs to the physical page: [ 14.421881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10267d [ 14.422125] flags: 0x200000000000000(node=0|zone=2) [ 14.422421] page_type: f5(slab) [ 14.422688] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.423297] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.423691] page dumped because: kasan: bad access detected [ 14.424044] [ 14.424133] Memory state around the buggy address: [ 14.424285] ffff88810267d600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.424496] ffff88810267d680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.424791] >ffff88810267d700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.425196] ^ [ 14.425482] ffff88810267d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.425937] ffff88810267d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.426300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.385117] ================================================================== [ 14.385592] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.385948] Read of size 1 at addr ffff888103abfc4a by task kunit_try_catch/271 [ 14.386368] [ 14.386477] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.386525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.386537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.386558] Call Trace: [ 14.386574] <TASK> [ 14.386591] dump_stack_lvl+0x73/0xb0 [ 14.386636] print_report+0xd1/0x650 [ 14.386659] ? __virt_addr_valid+0x1db/0x2d0 [ 14.386684] ? kasan_alloca_oob_right+0x329/0x390 [ 14.386708] ? kasan_addr_to_slab+0x11/0xa0 [ 14.386728] ? kasan_alloca_oob_right+0x329/0x390 [ 14.386752] kasan_report+0x141/0x180 [ 14.386774] ? kasan_alloca_oob_right+0x329/0x390 [ 14.386801] __asan_report_load1_noabort+0x18/0x20 [ 14.386828] kasan_alloca_oob_right+0x329/0x390 [ 14.386851] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.386875] ? finish_task_switch.isra.0+0x153/0x700 [ 14.386899] ? preempt_schedule_common+0xbe/0x110 [ 14.386975] ? trace_hardirqs_on+0x37/0xe0 [ 14.387004] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.387032] ? __schedule+0x10cc/0x2b60 [ 14.387054] ? __pfx_read_tsc+0x10/0x10 [ 14.387077] ? ktime_get_ts64+0x86/0x230 [ 14.387103] kunit_try_run_case+0x1a5/0x480 [ 14.387129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.387177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.387201] ? __kthread_parkme+0x82/0x180 [ 14.387223] ? preempt_count_sub+0x50/0x80 [ 14.387247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.387321] kthread+0x337/0x6f0 [ 14.387340] ? trace_preempt_on+0x20/0xc0 [ 14.387362] ? __pfx_kthread+0x10/0x10 [ 14.387382] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.387404] ? calculate_sigpending+0x7b/0xa0 [ 14.387429] ? __pfx_kthread+0x10/0x10 [ 14.387450] ret_from_fork+0x116/0x1d0 [ 14.387469] ? __pfx_kthread+0x10/0x10 [ 14.387489] ret_from_fork_asm+0x1a/0x30 [ 14.387535] </TASK> [ 14.387546] [ 14.395712] The buggy address belongs to stack of task kunit_try_catch/271 [ 14.396241] [ 14.396329] The buggy address belongs to the physical page: [ 14.396578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abf [ 14.396838] flags: 0x200000000000000(node=0|zone=2) [ 14.397337] raw: 0200000000000000 ffffea00040eafc8 ffffea00040eafc8 0000000000000000 [ 14.397625] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.398046] page dumped because: kasan: bad access detected [ 14.398235] [ 14.398305] Memory state around the buggy address: [ 14.398461] ffff888103abfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.398725] ffff888103abfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.399040] >ffff888103abfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.399358] ^ [ 14.399673] ffff888103abfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.400139] ffff888103abfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.400359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.364440] ================================================================== [ 14.365732] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.366320] Read of size 1 at addr ffff888103b87c3f by task kunit_try_catch/269 [ 14.366997] [ 14.367138] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.367187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.367200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.367222] Call Trace: [ 14.367237] <TASK> [ 14.367255] dump_stack_lvl+0x73/0xb0 [ 14.367290] print_report+0xd1/0x650 [ 14.367315] ? __virt_addr_valid+0x1db/0x2d0 [ 14.367342] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367366] ? kasan_addr_to_slab+0x11/0xa0 [ 14.367388] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367412] kasan_report+0x141/0x180 [ 14.367434] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367463] __asan_report_load1_noabort+0x18/0x20 [ 14.367488] kasan_alloca_oob_left+0x320/0x380 [ 14.367511] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.367537] ? finish_task_switch.isra.0+0x153/0x700 [ 14.367561] ? preempt_schedule_common+0xbe/0x110 [ 14.367587] ? trace_hardirqs_on+0x37/0xe0 [ 14.367624] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.367651] ? __schedule+0x10cc/0x2b60 [ 14.367673] ? __pfx_read_tsc+0x10/0x10 [ 14.367695] ? ktime_get_ts64+0x86/0x230 [ 14.367722] kunit_try_run_case+0x1a5/0x480 [ 14.367749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.367772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.367797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.367822] ? __kthread_parkme+0x82/0x180 [ 14.367844] ? preempt_count_sub+0x50/0x80 [ 14.367869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.367894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.367919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.368000] kthread+0x337/0x6f0 [ 14.368020] ? trace_preempt_on+0x20/0xc0 [ 14.368044] ? __pfx_kthread+0x10/0x10 [ 14.368065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.368087] ? calculate_sigpending+0x7b/0xa0 [ 14.368112] ? __pfx_kthread+0x10/0x10 [ 14.368134] ret_from_fork+0x116/0x1d0 [ 14.368153] ? __pfx_kthread+0x10/0x10 [ 14.368173] ret_from_fork_asm+0x1a/0x30 [ 14.368207] </TASK> [ 14.368217] [ 14.376093] The buggy address belongs to stack of task kunit_try_catch/269 [ 14.376467] [ 14.376628] The buggy address belongs to the physical page: [ 14.376879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b87 [ 14.377216] flags: 0x200000000000000(node=0|zone=2) [ 14.377396] raw: 0200000000000000 ffffea00040ee1c8 ffffea00040ee1c8 0000000000000000 [ 14.377832] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.378443] page dumped because: kasan: bad access detected [ 14.378666] [ 14.378752] Memory state around the buggy address: [ 14.379078] ffff888103b87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.379353] ffff888103b87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.379785] >ffff888103b87c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.380053] ^ [ 14.380277] ffff888103b87c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.380596] ffff888103b87d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.380935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.343261] ================================================================== [ 14.343911] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.344432] Read of size 1 at addr ffff888103abfd02 by task kunit_try_catch/267 [ 14.344934] [ 14.345049] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.345102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.345115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.345138] Call Trace: [ 14.345152] <TASK> [ 14.345171] dump_stack_lvl+0x73/0xb0 [ 14.345208] print_report+0xd1/0x650 [ 14.345233] ? __virt_addr_valid+0x1db/0x2d0 [ 14.345260] ? kasan_stack_oob+0x2b5/0x300 [ 14.345280] ? kasan_addr_to_slab+0x11/0xa0 [ 14.345301] ? kasan_stack_oob+0x2b5/0x300 [ 14.345321] kasan_report+0x141/0x180 [ 14.345344] ? kasan_stack_oob+0x2b5/0x300 [ 14.345368] __asan_report_load1_noabort+0x18/0x20 [ 14.345394] kasan_stack_oob+0x2b5/0x300 [ 14.345415] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.345435] ? finish_task_switch.isra.0+0x153/0x700 [ 14.345460] ? __switch_to+0x47/0xf50 [ 14.345488] ? __schedule+0x10cc/0x2b60 [ 14.345626] ? __pfx_read_tsc+0x10/0x10 [ 14.345650] ? ktime_get_ts64+0x86/0x230 [ 14.345677] kunit_try_run_case+0x1a5/0x480 [ 14.345709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.345733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.345759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.345784] ? __kthread_parkme+0x82/0x180 [ 14.345807] ? preempt_count_sub+0x50/0x80 [ 14.345831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.345855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.345880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.345906] kthread+0x337/0x6f0 [ 14.345971] ? trace_preempt_on+0x20/0xc0 [ 14.345998] ? __pfx_kthread+0x10/0x10 [ 14.346019] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.346041] ? calculate_sigpending+0x7b/0xa0 [ 14.346067] ? __pfx_kthread+0x10/0x10 [ 14.346088] ret_from_fork+0x116/0x1d0 [ 14.346107] ? __pfx_kthread+0x10/0x10 [ 14.346127] ret_from_fork_asm+0x1a/0x30 [ 14.346159] </TASK> [ 14.346171] [ 14.353873] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.354465] and is located at offset 138 in frame: [ 14.354714] kasan_stack_oob+0x0/0x300 [ 14.355006] [ 14.355132] This frame has 4 objects: [ 14.355391] [48, 49) '__assertion' [ 14.355414] [64, 72) 'array' [ 14.355663] [96, 112) '__assertion' [ 14.355819] [128, 138) 'stack_array' [ 14.355962] [ 14.356186] The buggy address belongs to the physical page: [ 14.356454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abf [ 14.356821] flags: 0x200000000000000(node=0|zone=2) [ 14.357049] raw: 0200000000000000 ffffea00040eafc8 ffffea00040eafc8 0000000000000000 [ 14.357365] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.357692] page dumped because: kasan: bad access detected [ 14.357965] [ 14.358036] Memory state around the buggy address: [ 14.358191] ffff888103abfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.358404] ffff888103abfc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.358763] >ffff888103abfd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.359076] ^ [ 14.359238] ffff888103abfd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.359507] ffff888103abfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.359729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.311386] ================================================================== [ 14.312257] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.312784] Read of size 1 at addr ffffffff90e63e8d by task kunit_try_catch/263 [ 14.313385] [ 14.313517] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.313564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.313577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.313771] Call Trace: [ 14.313794] <TASK> [ 14.313812] dump_stack_lvl+0x73/0xb0 [ 14.313848] print_report+0xd1/0x650 [ 14.313872] ? __virt_addr_valid+0x1db/0x2d0 [ 14.313897] ? kasan_global_oob_right+0x286/0x2d0 [ 14.313959] ? kasan_addr_to_slab+0x11/0xa0 [ 14.313984] ? kasan_global_oob_right+0x286/0x2d0 [ 14.314010] kasan_report+0x141/0x180 [ 14.314035] ? kasan_global_oob_right+0x286/0x2d0 [ 14.314063] __asan_report_load1_noabort+0x18/0x20 [ 14.314088] kasan_global_oob_right+0x286/0x2d0 [ 14.314111] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.314137] ? __schedule+0x10cc/0x2b60 [ 14.314161] ? __pfx_read_tsc+0x10/0x10 [ 14.314182] ? ktime_get_ts64+0x86/0x230 [ 14.314208] kunit_try_run_case+0x1a5/0x480 [ 14.314234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.314257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.314281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.314305] ? __kthread_parkme+0x82/0x180 [ 14.314326] ? preempt_count_sub+0x50/0x80 [ 14.314351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.314375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.314401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.314426] kthread+0x337/0x6f0 [ 14.314445] ? trace_preempt_on+0x20/0xc0 [ 14.314470] ? __pfx_kthread+0x10/0x10 [ 14.314491] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.314528] ? calculate_sigpending+0x7b/0xa0 [ 14.314552] ? __pfx_kthread+0x10/0x10 [ 14.314574] ret_from_fork+0x116/0x1d0 [ 14.314592] ? __pfx_kthread+0x10/0x10 [ 14.314624] ret_from_fork_asm+0x1a/0x30 [ 14.314656] </TASK> [ 14.314667] [ 14.326340] The buggy address belongs to the variable: [ 14.326874] global_array+0xd/0x40 [ 14.327335] [ 14.327467] The buggy address belongs to the physical page: [ 14.327746] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44c63 [ 14.328438] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.328896] raw: 0100000000002000 ffffea00011318c8 ffffea00011318c8 0000000000000000 [ 14.329408] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.330300] page dumped because: kasan: bad access detected [ 14.330695] [ 14.330788] Memory state around the buggy address: [ 14.331263] ffffffff90e63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.331837] ffffffff90e63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.332398] >ffffffff90e63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.332887] ^ [ 14.333248] ffffffff90e63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.333787] ffffffff90e63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.334595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.279906] ================================================================== [ 14.281717] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.282690] Free of addr ffff88810298c001 by task kunit_try_catch/261 [ 14.282889] [ 14.282980] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.283028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.283040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.283061] Call Trace: [ 14.283075] <TASK> [ 14.283092] dump_stack_lvl+0x73/0xb0 [ 14.283124] print_report+0xd1/0x650 [ 14.283147] ? __virt_addr_valid+0x1db/0x2d0 [ 14.283171] ? kasan_addr_to_slab+0x11/0xa0 [ 14.283192] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.283219] kasan_report_invalid_free+0x10a/0x130 [ 14.283244] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.283274] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.283300] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.283326] mempool_free+0x2ec/0x380 [ 14.283353] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.283380] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.283410] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.283432] ? finish_task_switch.isra.0+0x153/0x700 [ 14.283459] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.283485] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.283514] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.283537] ? __pfx_mempool_kfree+0x10/0x10 [ 14.283562] ? __pfx_read_tsc+0x10/0x10 [ 14.283583] ? ktime_get_ts64+0x86/0x230 [ 14.283647] kunit_try_run_case+0x1a5/0x480 [ 14.283851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.284127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.284160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.284186] ? __kthread_parkme+0x82/0x180 [ 14.284209] ? preempt_count_sub+0x50/0x80 [ 14.284233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.284267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.284293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.284319] kthread+0x337/0x6f0 [ 14.284337] ? trace_preempt_on+0x20/0xc0 [ 14.284384] ? __pfx_kthread+0x10/0x10 [ 14.284405] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.284427] ? calculate_sigpending+0x7b/0xa0 [ 14.284452] ? __pfx_kthread+0x10/0x10 [ 14.284474] ret_from_fork+0x116/0x1d0 [ 14.284493] ? __pfx_kthread+0x10/0x10 [ 14.284530] ret_from_fork_asm+0x1a/0x30 [ 14.284563] </TASK> [ 14.284592] [ 14.297246] The buggy address belongs to the physical page: [ 14.297677] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298c [ 14.298096] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.298412] flags: 0x200000000000040(head|node=0|zone=2) [ 14.299150] page_type: f8(unknown) [ 14.299408] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.300197] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.300677] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.301393] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.302234] head: 0200000000000002 ffffea00040a6301 00000000ffffffff 00000000ffffffff [ 14.302779] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.303369] page dumped because: kasan: bad access detected [ 14.303755] [ 14.303858] Memory state around the buggy address: [ 14.304165] ffff88810298bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.304477] ffff88810298bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.305644] >ffff88810298c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.306088] ^ [ 14.306401] ffff88810298c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.307200] ffff88810298c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.307729] ================================================================== [ 14.255400] ================================================================== [ 14.256072] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.256418] Free of addr ffff888102b9f501 by task kunit_try_catch/259 [ 14.256732] [ 14.256846] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.256889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.256901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.256922] Call Trace: [ 14.256949] <TASK> [ 14.256966] dump_stack_lvl+0x73/0xb0 [ 14.256997] print_report+0xd1/0x650 [ 14.257019] ? __virt_addr_valid+0x1db/0x2d0 [ 14.257043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.257067] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.257094] kasan_report_invalid_free+0x10a/0x130 [ 14.257119] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.257148] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.257174] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.257200] check_slab_allocation+0x11f/0x130 [ 14.257222] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.257248] mempool_free+0x2ec/0x380 [ 14.257275] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.257303] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.257329] ? update_load_avg+0x1be/0x21b0 [ 14.257353] ? update_load_avg+0x1be/0x21b0 [ 14.257373] ? update_curr+0x80/0x810 [ 14.257396] ? finish_task_switch.isra.0+0x153/0x700 [ 14.257423] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.257448] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.257476] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.257499] ? __pfx_mempool_kfree+0x10/0x10 [ 14.257579] ? __pfx_read_tsc+0x10/0x10 [ 14.257614] ? ktime_get_ts64+0x86/0x230 [ 14.257639] kunit_try_run_case+0x1a5/0x480 [ 14.257663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.257687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.257714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.257738] ? __kthread_parkme+0x82/0x180 [ 14.257760] ? preempt_count_sub+0x50/0x80 [ 14.257784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.257808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.257833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.257858] kthread+0x337/0x6f0 [ 14.257878] ? trace_preempt_on+0x20/0xc0 [ 14.257902] ? __pfx_kthread+0x10/0x10 [ 14.257987] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.258013] ? calculate_sigpending+0x7b/0xa0 [ 14.258040] ? __pfx_kthread+0x10/0x10 [ 14.258062] ret_from_fork+0x116/0x1d0 [ 14.258081] ? __pfx_kthread+0x10/0x10 [ 14.258102] ret_from_fork_asm+0x1a/0x30 [ 14.258134] </TASK> [ 14.258145] [ 14.267466] Allocated by task 259: [ 14.267646] kasan_save_stack+0x45/0x70 [ 14.267796] kasan_save_track+0x18/0x40 [ 14.267929] kasan_save_alloc_info+0x3b/0x50 [ 14.268076] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.268315] remove_element+0x11e/0x190 [ 14.268505] mempool_alloc_preallocated+0x4d/0x90 [ 14.268848] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.269112] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.269558] kunit_try_run_case+0x1a5/0x480 [ 14.269727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.269902] kthread+0x337/0x6f0 [ 14.270072] ret_from_fork+0x116/0x1d0 [ 14.270264] ret_from_fork_asm+0x1a/0x30 [ 14.270516] [ 14.270629] The buggy address belongs to the object at ffff888102b9f500 [ 14.270629] which belongs to the cache kmalloc-128 of size 128 [ 14.271192] The buggy address is located 1 bytes inside of [ 14.271192] 128-byte region [ffff888102b9f500, ffff888102b9f580) [ 14.271688] [ 14.271788] The buggy address belongs to the physical page: [ 14.272085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9f [ 14.272418] flags: 0x200000000000000(node=0|zone=2) [ 14.272684] page_type: f5(slab) [ 14.272807] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.273101] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.273587] page dumped because: kasan: bad access detected [ 14.273808] [ 14.273879] Memory state around the buggy address: [ 14.274034] ffff888102b9f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.274584] ffff888102b9f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.274884] >ffff888102b9f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.275166] ^ [ 14.275299] ffff888102b9f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.275741] ffff888102b9f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.276131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.183016] ================================================================== [ 14.183571] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.183965] Free of addr ffff888102b9f100 by task kunit_try_catch/253 [ 14.184211] [ 14.184396] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.184443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.184454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.184476] Call Trace: [ 14.184487] <TASK> [ 14.184502] dump_stack_lvl+0x73/0xb0 [ 14.184572] print_report+0xd1/0x650 [ 14.184595] ? __virt_addr_valid+0x1db/0x2d0 [ 14.184635] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.184676] ? mempool_double_free_helper+0x184/0x370 [ 14.184702] kasan_report_invalid_free+0x10a/0x130 [ 14.184727] ? mempool_double_free_helper+0x184/0x370 [ 14.184752] ? mempool_double_free_helper+0x184/0x370 [ 14.184776] ? mempool_double_free_helper+0x184/0x370 [ 14.184800] check_slab_allocation+0x101/0x130 [ 14.184842] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.184868] mempool_free+0x2ec/0x380 [ 14.184892] ? __wake_up+0x49/0x60 [ 14.184918] mempool_double_free_helper+0x184/0x370 [ 14.184943] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.184967] ? update_load_avg+0x1be/0x21b0 [ 14.184990] ? update_load_avg+0x1be/0x21b0 [ 14.185089] ? update_curr+0x80/0x810 [ 14.185138] ? finish_task_switch.isra.0+0x153/0x700 [ 14.185178] mempool_kmalloc_double_free+0xed/0x140 [ 14.185203] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.185231] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.185255] ? __pfx_mempool_kfree+0x10/0x10 [ 14.185280] ? __pfx_read_tsc+0x10/0x10 [ 14.185303] ? ktime_get_ts64+0x86/0x230 [ 14.185328] kunit_try_run_case+0x1a5/0x480 [ 14.185354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.185377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.185402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.185426] ? __kthread_parkme+0x82/0x180 [ 14.185447] ? preempt_count_sub+0x50/0x80 [ 14.185471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.185495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.185530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.185555] kthread+0x337/0x6f0 [ 14.185574] ? trace_preempt_on+0x20/0xc0 [ 14.185610] ? __pfx_kthread+0x10/0x10 [ 14.185631] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.185652] ? calculate_sigpending+0x7b/0xa0 [ 14.185678] ? __pfx_kthread+0x10/0x10 [ 14.185699] ret_from_fork+0x116/0x1d0 [ 14.185723] ? __pfx_kthread+0x10/0x10 [ 14.185743] ret_from_fork_asm+0x1a/0x30 [ 14.185776] </TASK> [ 14.185787] [ 14.198316] Allocated by task 253: [ 14.198522] kasan_save_stack+0x45/0x70 [ 14.198702] kasan_save_track+0x18/0x40 [ 14.198890] kasan_save_alloc_info+0x3b/0x50 [ 14.199169] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.199393] remove_element+0x11e/0x190 [ 14.199612] mempool_alloc_preallocated+0x4d/0x90 [ 14.199771] mempool_double_free_helper+0x8a/0x370 [ 14.200058] mempool_kmalloc_double_free+0xed/0x140 [ 14.200296] kunit_try_run_case+0x1a5/0x480 [ 14.200499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.200735] kthread+0x337/0x6f0 [ 14.200962] ret_from_fork+0x116/0x1d0 [ 14.201145] ret_from_fork_asm+0x1a/0x30 [ 14.201327] [ 14.201397] Freed by task 253: [ 14.201506] kasan_save_stack+0x45/0x70 [ 14.201872] kasan_save_track+0x18/0x40 [ 14.202242] kasan_save_free_info+0x3f/0x60 [ 14.202450] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.202693] mempool_free+0x2ec/0x380 [ 14.202825] mempool_double_free_helper+0x109/0x370 [ 14.203183] mempool_kmalloc_double_free+0xed/0x140 [ 14.203426] kunit_try_run_case+0x1a5/0x480 [ 14.203642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.204017] kthread+0x337/0x6f0 [ 14.204157] ret_from_fork+0x116/0x1d0 [ 14.204290] ret_from_fork_asm+0x1a/0x30 [ 14.204486] [ 14.204583] The buggy address belongs to the object at ffff888102b9f100 [ 14.204583] which belongs to the cache kmalloc-128 of size 128 [ 14.205151] The buggy address is located 0 bytes inside of [ 14.205151] 128-byte region [ffff888102b9f100, ffff888102b9f180) [ 14.205576] [ 14.205661] The buggy address belongs to the physical page: [ 14.205860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9f [ 14.206419] flags: 0x200000000000000(node=0|zone=2) [ 14.206653] page_type: f5(slab) [ 14.206780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.207460] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.207849] page dumped because: kasan: bad access detected [ 14.208049] [ 14.208181] Memory state around the buggy address: [ 14.208440] ffff888102b9f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.208707] ffff888102b9f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.209077] >ffff888102b9f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.209313] ^ [ 14.209425] ffff888102b9f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.210195] ffff888102b9f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.210416] ================================================================== [ 14.235437] ================================================================== [ 14.236057] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.236550] Free of addr ffff88810298c000 by task kunit_try_catch/257 [ 14.236802] [ 14.236913] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.237013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.237025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.237046] Call Trace: [ 14.237057] <TASK> [ 14.237072] dump_stack_lvl+0x73/0xb0 [ 14.237102] print_report+0xd1/0x650 [ 14.237124] ? __virt_addr_valid+0x1db/0x2d0 [ 14.237149] ? kasan_addr_to_slab+0x11/0xa0 [ 14.237169] ? mempool_double_free_helper+0x184/0x370 [ 14.237195] kasan_report_invalid_free+0x10a/0x130 [ 14.237220] ? mempool_double_free_helper+0x184/0x370 [ 14.237247] ? mempool_double_free_helper+0x184/0x370 [ 14.237271] __kasan_mempool_poison_pages+0x115/0x130 [ 14.237297] mempool_free+0x290/0x380 [ 14.237324] mempool_double_free_helper+0x184/0x370 [ 14.237348] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.237374] ? __kasan_check_write+0x18/0x20 [ 14.237395] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.237418] ? finish_task_switch.isra.0+0x153/0x700 [ 14.237444] mempool_page_alloc_double_free+0xe8/0x140 [ 14.237470] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.237500] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.237524] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.237551] ? __pfx_read_tsc+0x10/0x10 [ 14.237573] ? ktime_get_ts64+0x86/0x230 [ 14.237610] kunit_try_run_case+0x1a5/0x480 [ 14.237635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.237682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.237709] ? __kthread_parkme+0x82/0x180 [ 14.237730] ? preempt_count_sub+0x50/0x80 [ 14.237753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.237828] kthread+0x337/0x6f0 [ 14.237847] ? trace_preempt_on+0x20/0xc0 [ 14.237869] ? __pfx_kthread+0x10/0x10 [ 14.237889] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.237911] ? calculate_sigpending+0x7b/0xa0 [ 14.237945] ? __pfx_kthread+0x10/0x10 [ 14.237966] ret_from_fork+0x116/0x1d0 [ 14.237985] ? __pfx_kthread+0x10/0x10 [ 14.238005] ret_from_fork_asm+0x1a/0x30 [ 14.238037] </TASK> [ 14.238047] [ 14.246700] The buggy address belongs to the physical page: [ 14.247037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298c [ 14.247311] flags: 0x200000000000000(node=0|zone=2) [ 14.247487] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.247846] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.248574] page dumped because: kasan: bad access detected [ 14.248810] [ 14.248883] Memory state around the buggy address: [ 14.249199] ffff88810298bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.249488] ffff88810298bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.249820] >ffff88810298c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.250171] ^ [ 14.250312] ffff88810298c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.250627] ffff88810298c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.250901] ================================================================== [ 14.213902] ================================================================== [ 14.214405] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.214762] Free of addr ffff888103b34000 by task kunit_try_catch/255 [ 14.215088] [ 14.215194] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.215242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.215254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.215276] Call Trace: [ 14.215290] <TASK> [ 14.215308] dump_stack_lvl+0x73/0xb0 [ 14.215341] print_report+0xd1/0x650 [ 14.215364] ? __virt_addr_valid+0x1db/0x2d0 [ 14.215390] ? kasan_addr_to_slab+0x11/0xa0 [ 14.215410] ? mempool_double_free_helper+0x184/0x370 [ 14.215436] kasan_report_invalid_free+0x10a/0x130 [ 14.215462] ? mempool_double_free_helper+0x184/0x370 [ 14.215490] ? mempool_double_free_helper+0x184/0x370 [ 14.215530] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.215556] mempool_free+0x2ec/0x380 [ 14.215584] mempool_double_free_helper+0x184/0x370 [ 14.215622] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.215647] ? update_load_avg+0x1be/0x21b0 [ 14.215675] ? finish_task_switch.isra.0+0x153/0x700 [ 14.215704] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.215731] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.215761] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.215786] ? __pfx_mempool_kfree+0x10/0x10 [ 14.215812] ? __pfx_read_tsc+0x10/0x10 [ 14.215834] ? ktime_get_ts64+0x86/0x230 [ 14.215860] kunit_try_run_case+0x1a5/0x480 [ 14.215887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.215910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.215947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.215971] ? __kthread_parkme+0x82/0x180 [ 14.215992] ? preempt_count_sub+0x50/0x80 [ 14.216016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.216093] kthread+0x337/0x6f0 [ 14.216112] ? trace_preempt_on+0x20/0xc0 [ 14.216137] ? __pfx_kthread+0x10/0x10 [ 14.216157] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.216179] ? calculate_sigpending+0x7b/0xa0 [ 14.216206] ? __pfx_kthread+0x10/0x10 [ 14.216229] ret_from_fork+0x116/0x1d0 [ 14.216248] ? __pfx_kthread+0x10/0x10 [ 14.216269] ret_from_fork_asm+0x1a/0x30 [ 14.216303] </TASK> [ 14.216314] [ 14.225043] The buggy address belongs to the physical page: [ 14.225310] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b34 [ 14.225722] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.226096] flags: 0x200000000000040(head|node=0|zone=2) [ 14.226300] page_type: f8(unknown) [ 14.226426] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.226731] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.227144] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.227471] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.227824] head: 0200000000000002 ffffea00040ecd01 00000000ffffffff 00000000ffffffff [ 14.228288] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.228521] page dumped because: kasan: bad access detected [ 14.228806] [ 14.228899] Memory state around the buggy address: [ 14.229143] ffff888103b33f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.229460] ffff888103b33f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.229866] >ffff888103b34000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.230203] ^ [ 14.230329] ffff888103b34080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.230581] ffff888103b34100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.230962] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.162721] ================================================================== [ 14.164005] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.164818] Read of size 1 at addr ffff888103b34000 by task kunit_try_catch/251 [ 14.165141] [ 14.165250] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.165295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.165308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.165330] Call Trace: [ 14.165342] <TASK> [ 14.165358] dump_stack_lvl+0x73/0xb0 [ 14.165390] print_report+0xd1/0x650 [ 14.165413] ? __virt_addr_valid+0x1db/0x2d0 [ 14.165438] ? mempool_uaf_helper+0x392/0x400 [ 14.165461] ? kasan_addr_to_slab+0x11/0xa0 [ 14.165481] ? mempool_uaf_helper+0x392/0x400 [ 14.165504] kasan_report+0x141/0x180 [ 14.165526] ? mempool_uaf_helper+0x392/0x400 [ 14.165554] __asan_report_load1_noabort+0x18/0x20 [ 14.165579] mempool_uaf_helper+0x392/0x400 [ 14.165616] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.166051] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.166078] ? finish_task_switch.isra.0+0x153/0x700 [ 14.166116] mempool_page_alloc_uaf+0xed/0x140 [ 14.166141] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.166169] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.166194] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.166221] ? __pfx_read_tsc+0x10/0x10 [ 14.166242] ? ktime_get_ts64+0x86/0x230 [ 14.166267] kunit_try_run_case+0x1a5/0x480 [ 14.166292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.166315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.166340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.166364] ? __kthread_parkme+0x82/0x180 [ 14.166386] ? preempt_count_sub+0x50/0x80 [ 14.166409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.166435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.166460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.166487] kthread+0x337/0x6f0 [ 14.166505] ? trace_preempt_on+0x20/0xc0 [ 14.166530] ? __pfx_kthread+0x10/0x10 [ 14.166550] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.166571] ? calculate_sigpending+0x7b/0xa0 [ 14.166596] ? __pfx_kthread+0x10/0x10 [ 14.166629] ret_from_fork+0x116/0x1d0 [ 14.166647] ? __pfx_kthread+0x10/0x10 [ 14.166667] ret_from_fork_asm+0x1a/0x30 [ 14.166699] </TASK> [ 14.166710] [ 14.175411] The buggy address belongs to the physical page: [ 14.175786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b34 [ 14.176212] flags: 0x200000000000000(node=0|zone=2) [ 14.176476] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.176852] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.177271] page dumped because: kasan: bad access detected [ 14.177456] [ 14.177528] Memory state around the buggy address: [ 14.177696] ffff888103b33f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.178012] ffff888103b33f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.178355] >ffff888103b34000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.178771] ^ [ 14.179015] ffff888103b34080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.179272] ffff888103b34100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.179513] ================================================================== [ 14.101571] ================================================================== [ 14.102047] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.102342] Read of size 1 at addr ffff888103b34000 by task kunit_try_catch/247 [ 14.102680] [ 14.102779] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.102824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.102836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.102857] Call Trace: [ 14.102868] <TASK> [ 14.102885] dump_stack_lvl+0x73/0xb0 [ 14.102914] print_report+0xd1/0x650 [ 14.102936] ? __virt_addr_valid+0x1db/0x2d0 [ 14.102959] ? mempool_uaf_helper+0x392/0x400 [ 14.102980] ? kasan_addr_to_slab+0x11/0xa0 [ 14.103001] ? mempool_uaf_helper+0x392/0x400 [ 14.103022] kasan_report+0x141/0x180 [ 14.103043] ? mempool_uaf_helper+0x392/0x400 [ 14.103070] __asan_report_load1_noabort+0x18/0x20 [ 14.103489] mempool_uaf_helper+0x392/0x400 [ 14.103525] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.103553] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.103579] ? finish_task_switch.isra.0+0x153/0x700 [ 14.103619] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.103644] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.103672] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.103697] ? __pfx_mempool_kfree+0x10/0x10 [ 14.103722] ? __pfx_read_tsc+0x10/0x10 [ 14.103744] ? ktime_get_ts64+0x86/0x230 [ 14.103770] kunit_try_run_case+0x1a5/0x480 [ 14.103794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.103866] ? __kthread_parkme+0x82/0x180 [ 14.103887] ? preempt_count_sub+0x50/0x80 [ 14.103910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.104059] kthread+0x337/0x6f0 [ 14.104077] ? trace_preempt_on+0x20/0xc0 [ 14.104102] ? __pfx_kthread+0x10/0x10 [ 14.104123] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.104144] ? calculate_sigpending+0x7b/0xa0 [ 14.104169] ? __pfx_kthread+0x10/0x10 [ 14.104191] ret_from_fork+0x116/0x1d0 [ 14.104209] ? __pfx_kthread+0x10/0x10 [ 14.104229] ret_from_fork_asm+0x1a/0x30 [ 14.104261] </TASK> [ 14.104272] [ 14.116686] The buggy address belongs to the physical page: [ 14.117273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b34 [ 14.117810] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.118317] flags: 0x200000000000040(head|node=0|zone=2) [ 14.118748] page_type: f8(unknown) [ 14.118940] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.119558] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.120012] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.120572] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.120914] head: 0200000000000002 ffffea00040ecd01 00000000ffffffff 00000000ffffffff [ 14.121233] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.121596] page dumped because: kasan: bad access detected [ 14.121981] [ 14.122050] Memory state around the buggy address: [ 14.122494] ffff888103b33f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.122787] ffff888103b33f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.123318] >ffff888103b34000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.123630] ^ [ 14.123782] ffff888103b34080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.124206] ffff888103b34100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.124509] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.130260] ================================================================== [ 14.130948] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.131372] Read of size 1 at addr ffff888102b9f240 by task kunit_try_catch/249 [ 14.131738] [ 14.131840] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.131908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.131920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.131944] Call Trace: [ 14.131956] <TASK> [ 14.132150] dump_stack_lvl+0x73/0xb0 [ 14.132189] print_report+0xd1/0x650 [ 14.132213] ? __virt_addr_valid+0x1db/0x2d0 [ 14.132239] ? mempool_uaf_helper+0x392/0x400 [ 14.132260] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.132284] ? mempool_uaf_helper+0x392/0x400 [ 14.132308] kasan_report+0x141/0x180 [ 14.132333] ? mempool_uaf_helper+0x392/0x400 [ 14.132363] __asan_report_load1_noabort+0x18/0x20 [ 14.132388] mempool_uaf_helper+0x392/0x400 [ 14.132411] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.132444] mempool_slab_uaf+0xea/0x140 [ 14.132466] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.132490] ? schedule+0x7c/0x2e0 [ 14.132627] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.132659] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.132685] ? __pfx_read_tsc+0x10/0x10 [ 14.132707] ? ktime_get_ts64+0x86/0x230 [ 14.132733] kunit_try_run_case+0x1a5/0x480 [ 14.132759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.132807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.132831] ? __kthread_parkme+0x82/0x180 [ 14.132853] ? preempt_count_sub+0x50/0x80 [ 14.132878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.132986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.133015] kthread+0x337/0x6f0 [ 14.133034] ? trace_preempt_on+0x20/0xc0 [ 14.133059] ? __pfx_kthread+0x10/0x10 [ 14.133079] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.133101] ? calculate_sigpending+0x7b/0xa0 [ 14.133125] ? __pfx_kthread+0x10/0x10 [ 14.133149] ret_from_fork+0x116/0x1d0 [ 14.133171] ? __pfx_kthread+0x10/0x10 [ 14.133193] ret_from_fork_asm+0x1a/0x30 [ 14.133225] </TASK> [ 14.133237] [ 14.142118] Allocated by task 249: [ 14.142348] kasan_save_stack+0x45/0x70 [ 14.142550] kasan_save_track+0x18/0x40 [ 14.142741] kasan_save_alloc_info+0x3b/0x50 [ 14.142933] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.143282] remove_element+0x11e/0x190 [ 14.143487] mempool_alloc_preallocated+0x4d/0x90 [ 14.143652] mempool_uaf_helper+0x96/0x400 [ 14.143874] mempool_slab_uaf+0xea/0x140 [ 14.144321] kunit_try_run_case+0x1a5/0x480 [ 14.144638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144868] kthread+0x337/0x6f0 [ 14.145130] ret_from_fork+0x116/0x1d0 [ 14.145289] ret_from_fork_asm+0x1a/0x30 [ 14.145724] [ 14.145853] Freed by task 249: [ 14.146017] kasan_save_stack+0x45/0x70 [ 14.146242] kasan_save_track+0x18/0x40 [ 14.146437] kasan_save_free_info+0x3f/0x60 [ 14.146658] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.147042] mempool_free+0x2ec/0x380 [ 14.147302] mempool_uaf_helper+0x11a/0x400 [ 14.147458] mempool_slab_uaf+0xea/0x140 [ 14.147826] kunit_try_run_case+0x1a5/0x480 [ 14.148123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.148362] kthread+0x337/0x6f0 [ 14.148548] ret_from_fork+0x116/0x1d0 [ 14.148769] ret_from_fork_asm+0x1a/0x30 [ 14.148970] [ 14.149063] The buggy address belongs to the object at ffff888102b9f240 [ 14.149063] which belongs to the cache test_cache of size 123 [ 14.149594] The buggy address is located 0 bytes inside of [ 14.149594] freed 123-byte region [ffff888102b9f240, ffff888102b9f2bb) [ 14.149952] [ 14.150238] The buggy address belongs to the physical page: [ 14.150562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9f [ 14.151067] flags: 0x200000000000000(node=0|zone=2) [ 14.151364] page_type: f5(slab) [ 14.151508] raw: 0200000000000000 ffff888102b91500 dead000000000122 0000000000000000 [ 14.151871] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.152252] page dumped because: kasan: bad access detected [ 14.152485] [ 14.152649] Memory state around the buggy address: [ 14.152804] ffff888102b9f100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.153085] ffff888102b9f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.153632] >ffff888102b9f200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.153943] ^ [ 14.154212] ffff888102b9f280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.154738] ffff888102b9f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.154959] ================================================================== [ 14.061046] ================================================================== [ 14.061499] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.062230] Read of size 1 at addr ffff888102675700 by task kunit_try_catch/245 [ 14.063060] [ 14.063423] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.063475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.063487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.063522] Call Trace: [ 14.063536] <TASK> [ 14.063553] dump_stack_lvl+0x73/0xb0 [ 14.063633] print_report+0xd1/0x650 [ 14.063658] ? __virt_addr_valid+0x1db/0x2d0 [ 14.063683] ? mempool_uaf_helper+0x392/0x400 [ 14.063706] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.063729] ? mempool_uaf_helper+0x392/0x400 [ 14.063752] kasan_report+0x141/0x180 [ 14.063774] ? mempool_uaf_helper+0x392/0x400 [ 14.063801] __asan_report_load1_noabort+0x18/0x20 [ 14.063826] mempool_uaf_helper+0x392/0x400 [ 14.063848] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.063873] ? __kasan_check_write+0x18/0x20 [ 14.063893] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.063917] ? finish_task_switch.isra.0+0x153/0x700 [ 14.064072] mempool_kmalloc_uaf+0xef/0x140 [ 14.064098] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.064125] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.064149] ? __pfx_mempool_kfree+0x10/0x10 [ 14.064175] ? __pfx_read_tsc+0x10/0x10 [ 14.064197] ? ktime_get_ts64+0x86/0x230 [ 14.064222] kunit_try_run_case+0x1a5/0x480 [ 14.064247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.064270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.064296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.064321] ? __kthread_parkme+0x82/0x180 [ 14.064342] ? preempt_count_sub+0x50/0x80 [ 14.064365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.064390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.064414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.064438] kthread+0x337/0x6f0 [ 14.064457] ? trace_preempt_on+0x20/0xc0 [ 14.064482] ? __pfx_kthread+0x10/0x10 [ 14.064515] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.064539] ? calculate_sigpending+0x7b/0xa0 [ 14.064564] ? __pfx_kthread+0x10/0x10 [ 14.064586] ret_from_fork+0x116/0x1d0 [ 14.064614] ? __pfx_kthread+0x10/0x10 [ 14.064634] ret_from_fork_asm+0x1a/0x30 [ 14.064667] </TASK> [ 14.064678] [ 14.077740] Allocated by task 245: [ 14.078216] kasan_save_stack+0x45/0x70 [ 14.078428] kasan_save_track+0x18/0x40 [ 14.078581] kasan_save_alloc_info+0x3b/0x50 [ 14.079097] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.079453] remove_element+0x11e/0x190 [ 14.079782] mempool_alloc_preallocated+0x4d/0x90 [ 14.079997] mempool_uaf_helper+0x96/0x400 [ 14.080337] mempool_kmalloc_uaf+0xef/0x140 [ 14.080544] kunit_try_run_case+0x1a5/0x480 [ 14.081152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.081403] kthread+0x337/0x6f0 [ 14.081770] ret_from_fork+0x116/0x1d0 [ 14.082103] ret_from_fork_asm+0x1a/0x30 [ 14.082397] [ 14.082501] Freed by task 245: [ 14.082667] kasan_save_stack+0x45/0x70 [ 14.083091] kasan_save_track+0x18/0x40 [ 14.083293] kasan_save_free_info+0x3f/0x60 [ 14.083493] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.083741] mempool_free+0x2ec/0x380 [ 14.083921] mempool_uaf_helper+0x11a/0x400 [ 14.084114] mempool_kmalloc_uaf+0xef/0x140 [ 14.084304] kunit_try_run_case+0x1a5/0x480 [ 14.085034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.085299] kthread+0x337/0x6f0 [ 14.085427] ret_from_fork+0x116/0x1d0 [ 14.085567] ret_from_fork_asm+0x1a/0x30 [ 14.086305] [ 14.086782] The buggy address belongs to the object at ffff888102675700 [ 14.086782] which belongs to the cache kmalloc-128 of size 128 [ 14.088473] The buggy address is located 0 bytes inside of [ 14.088473] freed 128-byte region [ffff888102675700, ffff888102675780) [ 14.089764] [ 14.089847] The buggy address belongs to the physical page: [ 14.090468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 14.091458] flags: 0x200000000000000(node=0|zone=2) [ 14.091739] page_type: f5(slab) [ 14.091883] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.092659] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.093563] page dumped because: kasan: bad access detected [ 14.093760] [ 14.093830] Memory state around the buggy address: [ 14.094176] ffff888102675600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.094958] ffff888102675680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.095766] >ffff888102675700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.096684] ^ [ 14.096940] ffff888102675780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.097424] ffff888102675800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.097692] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.020321] ================================================================== [ 14.021339] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.022228] Read of size 1 at addr ffff888102b9c2bb by task kunit_try_catch/243 [ 14.023158] [ 14.023269] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.023502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.023517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.023539] Call Trace: [ 14.023553] <TASK> [ 14.023571] dump_stack_lvl+0x73/0xb0 [ 14.023619] print_report+0xd1/0x650 [ 14.023643] ? __virt_addr_valid+0x1db/0x2d0 [ 14.023667] ? mempool_oob_right_helper+0x318/0x380 [ 14.023691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.023715] ? mempool_oob_right_helper+0x318/0x380 [ 14.023739] kasan_report+0x141/0x180 [ 14.023761] ? mempool_oob_right_helper+0x318/0x380 [ 14.023790] __asan_report_load1_noabort+0x18/0x20 [ 14.023815] mempool_oob_right_helper+0x318/0x380 [ 14.023843] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.023871] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.023894] ? finish_task_switch.isra.0+0x153/0x700 [ 14.023920] mempool_slab_oob_right+0xed/0x140 [ 14.023946] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.023973] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.023999] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.024026] ? __pfx_read_tsc+0x10/0x10 [ 14.024047] ? ktime_get_ts64+0x86/0x230 [ 14.024073] kunit_try_run_case+0x1a5/0x480 [ 14.024098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.024146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.024170] ? __kthread_parkme+0x82/0x180 [ 14.024191] ? preempt_count_sub+0x50/0x80 [ 14.024215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.024288] kthread+0x337/0x6f0 [ 14.024307] ? trace_preempt_on+0x20/0xc0 [ 14.024333] ? __pfx_kthread+0x10/0x10 [ 14.024353] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.024375] ? calculate_sigpending+0x7b/0xa0 [ 14.024400] ? __pfx_kthread+0x10/0x10 [ 14.024421] ret_from_fork+0x116/0x1d0 [ 14.024439] ? __pfx_kthread+0x10/0x10 [ 14.024460] ret_from_fork_asm+0x1a/0x30 [ 14.024492] </TASK> [ 14.024503] [ 14.037649] Allocated by task 243: [ 14.037789] kasan_save_stack+0x45/0x70 [ 14.038108] kasan_save_track+0x18/0x40 [ 14.038623] kasan_save_alloc_info+0x3b/0x50 [ 14.039181] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.039762] remove_element+0x11e/0x190 [ 14.040241] mempool_alloc_preallocated+0x4d/0x90 [ 14.040728] mempool_oob_right_helper+0x8a/0x380 [ 14.041217] mempool_slab_oob_right+0xed/0x140 [ 14.041653] kunit_try_run_case+0x1a5/0x480 [ 14.042195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.042788] kthread+0x337/0x6f0 [ 14.043031] ret_from_fork+0x116/0x1d0 [ 14.043255] ret_from_fork_asm+0x1a/0x30 [ 14.043396] [ 14.043466] The buggy address belongs to the object at ffff888102b9c240 [ 14.043466] which belongs to the cache test_cache of size 123 [ 14.044439] The buggy address is located 0 bytes to the right of [ 14.044439] allocated 123-byte region [ffff888102b9c240, ffff888102b9c2bb) [ 14.045733] [ 14.045968] The buggy address belongs to the physical page: [ 14.046321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9c [ 14.046596] flags: 0x200000000000000(node=0|zone=2) [ 14.047135] page_type: f5(slab) [ 14.047464] raw: 0200000000000000 ffff888102b913c0 dead000000000122 0000000000000000 [ 14.048296] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.048809] page dumped because: kasan: bad access detected [ 14.049189] [ 14.049368] Memory state around the buggy address: [ 14.049846] ffff888102b9c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.050394] ffff888102b9c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.050883] >ffff888102b9c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.051631] ^ [ 14.052039] ffff888102b9c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.052442] ffff888102b9c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053016] ================================================================== [ 13.995681] ================================================================== [ 13.996208] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.996520] Read of size 1 at addr ffff88810298a001 by task kunit_try_catch/241 [ 13.996871] [ 13.996974] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.997022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.997034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.997056] Call Trace: [ 13.997070] <TASK> [ 13.997087] dump_stack_lvl+0x73/0xb0 [ 13.997119] print_report+0xd1/0x650 [ 13.997143] ? __virt_addr_valid+0x1db/0x2d0 [ 13.997168] ? mempool_oob_right_helper+0x318/0x380 [ 13.997191] ? kasan_addr_to_slab+0x11/0xa0 [ 13.997212] ? mempool_oob_right_helper+0x318/0x380 [ 13.997236] kasan_report+0x141/0x180 [ 13.997258] ? mempool_oob_right_helper+0x318/0x380 [ 13.997287] __asan_report_load1_noabort+0x18/0x20 [ 13.997312] mempool_oob_right_helper+0x318/0x380 [ 13.997337] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.997362] ? __kasan_check_write+0x18/0x20 [ 13.997382] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.997406] ? finish_task_switch.isra.0+0x153/0x700 [ 13.997434] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.997461] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.997490] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.997554] ? __pfx_mempool_kfree+0x10/0x10 [ 13.997580] ? __pfx_read_tsc+0x10/0x10 [ 13.997614] ? ktime_get_ts64+0x86/0x230 [ 13.997640] kunit_try_run_case+0x1a5/0x480 [ 13.997665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.997715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.997739] ? __kthread_parkme+0x82/0x180 [ 13.997761] ? preempt_count_sub+0x50/0x80 [ 13.997784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.997832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.997858] kthread+0x337/0x6f0 [ 13.997877] ? trace_preempt_on+0x20/0xc0 [ 13.997901] ? __pfx_kthread+0x10/0x10 [ 13.997922] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.998300] ? calculate_sigpending+0x7b/0xa0 [ 13.998327] ? __pfx_kthread+0x10/0x10 [ 13.998350] ret_from_fork+0x116/0x1d0 [ 13.998368] ? __pfx_kthread+0x10/0x10 [ 13.998389] ret_from_fork_asm+0x1a/0x30 [ 13.998422] </TASK> [ 13.998434] [ 14.009393] The buggy address belongs to the physical page: [ 14.009777] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 14.010176] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.010525] flags: 0x200000000000040(head|node=0|zone=2) [ 14.010737] page_type: f8(unknown) [ 14.010891] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.011323] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.011689] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.012143] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.012456] head: 0200000000000002 ffffea00040a6201 00000000ffffffff 00000000ffffffff [ 14.012840] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.013256] page dumped because: kasan: bad access detected [ 14.013511] [ 14.013633] Memory state around the buggy address: [ 14.013855] ffff888102989f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.014237] ffff888102989f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.014576] >ffff88810298a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.014901] ^ [ 14.015139] ffff88810298a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.015452] ffff88810298a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.015758] ================================================================== [ 13.969219] ================================================================== [ 13.969797] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.970190] Read of size 1 at addr ffff888102675373 by task kunit_try_catch/239 [ 13.970997] [ 13.971197] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.971247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.971259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.971282] Call Trace: [ 13.971308] <TASK> [ 13.971327] dump_stack_lvl+0x73/0xb0 [ 13.971375] print_report+0xd1/0x650 [ 13.971399] ? __virt_addr_valid+0x1db/0x2d0 [ 13.971424] ? mempool_oob_right_helper+0x318/0x380 [ 13.971447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.971471] ? mempool_oob_right_helper+0x318/0x380 [ 13.971497] kasan_report+0x141/0x180 [ 13.971539] ? mempool_oob_right_helper+0x318/0x380 [ 13.971569] __asan_report_load1_noabort+0x18/0x20 [ 13.971594] mempool_oob_right_helper+0x318/0x380 [ 13.971630] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.971653] ? update_load_avg+0x1be/0x21b0 [ 13.971678] ? dequeue_entities+0x27e/0x1740 [ 13.971703] ? finish_task_switch.isra.0+0x153/0x700 [ 13.971730] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.971754] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.971782] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.971807] ? __pfx_mempool_kfree+0x10/0x10 [ 13.971832] ? __pfx_read_tsc+0x10/0x10 [ 13.971854] ? ktime_get_ts64+0x86/0x230 [ 13.971880] kunit_try_run_case+0x1a5/0x480 [ 13.971907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.971986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.972015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.972039] ? __kthread_parkme+0x82/0x180 [ 13.972062] ? preempt_count_sub+0x50/0x80 [ 13.972085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.972160] kthread+0x337/0x6f0 [ 13.972178] ? trace_preempt_on+0x20/0xc0 [ 13.972202] ? __pfx_kthread+0x10/0x10 [ 13.972223] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.972244] ? calculate_sigpending+0x7b/0xa0 [ 13.972269] ? __pfx_kthread+0x10/0x10 [ 13.972290] ret_from_fork+0x116/0x1d0 [ 13.972308] ? __pfx_kthread+0x10/0x10 [ 13.972328] ret_from_fork_asm+0x1a/0x30 [ 13.972361] </TASK> [ 13.972372] [ 13.981947] Allocated by task 239: [ 13.982355] kasan_save_stack+0x45/0x70 [ 13.982510] kasan_save_track+0x18/0x40 [ 13.982709] kasan_save_alloc_info+0x3b/0x50 [ 13.982862] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.983384] remove_element+0x11e/0x190 [ 13.983684] mempool_alloc_preallocated+0x4d/0x90 [ 13.984000] mempool_oob_right_helper+0x8a/0x380 [ 13.984283] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.984509] kunit_try_run_case+0x1a5/0x480 [ 13.984750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.984950] kthread+0x337/0x6f0 [ 13.985069] ret_from_fork+0x116/0x1d0 [ 13.985365] ret_from_fork_asm+0x1a/0x30 [ 13.985653] [ 13.985882] The buggy address belongs to the object at ffff888102675300 [ 13.985882] which belongs to the cache kmalloc-128 of size 128 [ 13.986339] The buggy address is located 0 bytes to the right of [ 13.986339] allocated 115-byte region [ffff888102675300, ffff888102675373) [ 13.987313] [ 13.987409] The buggy address belongs to the physical page: [ 13.987692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 13.988131] flags: 0x200000000000000(node=0|zone=2) [ 13.988343] page_type: f5(slab) [ 13.988535] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.988795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.989222] page dumped because: kasan: bad access detected [ 13.989414] [ 13.989483] Memory state around the buggy address: [ 13.989771] ffff888102675200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.990177] ffff888102675280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.990655] >ffff888102675300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.990907] ^ [ 13.991427] ffff888102675380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.991761] ffff888102675400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.992084] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.397331] ================================================================== [ 13.398173] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.398450] Read of size 1 at addr ffff888101d19c80 by task kunit_try_catch/233 [ 13.399832] [ 13.399941] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.399992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.400003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.400026] Call Trace: [ 13.400040] <TASK> [ 13.400060] dump_stack_lvl+0x73/0xb0 [ 13.400096] print_report+0xd1/0x650 [ 13.400121] ? __virt_addr_valid+0x1db/0x2d0 [ 13.400148] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.400173] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.400197] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.400222] kasan_report+0x141/0x180 [ 13.400244] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.400272] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.400298] __kasan_check_byte+0x3d/0x50 [ 13.400319] kmem_cache_destroy+0x25/0x1d0 [ 13.400343] kmem_cache_double_destroy+0x1bf/0x380 [ 13.400368] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.400392] ? finish_task_switch.isra.0+0x153/0x700 [ 13.400416] ? __switch_to+0x47/0xf50 [ 13.400447] ? __pfx_read_tsc+0x10/0x10 [ 13.400470] ? ktime_get_ts64+0x86/0x230 [ 13.400495] kunit_try_run_case+0x1a5/0x480 [ 13.400522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.400546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.400572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.400596] ? __kthread_parkme+0x82/0x180 [ 13.400633] ? preempt_count_sub+0x50/0x80 [ 13.400656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.400681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.400948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.400983] kthread+0x337/0x6f0 [ 13.401005] ? trace_preempt_on+0x20/0xc0 [ 13.401030] ? __pfx_kthread+0x10/0x10 [ 13.401050] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.401073] ? calculate_sigpending+0x7b/0xa0 [ 13.401098] ? __pfx_kthread+0x10/0x10 [ 13.401119] ret_from_fork+0x116/0x1d0 [ 13.401138] ? __pfx_kthread+0x10/0x10 [ 13.401158] ret_from_fork_asm+0x1a/0x30 [ 13.401191] </TASK> [ 13.401202] [ 13.413490] Allocated by task 233: [ 13.413826] kasan_save_stack+0x45/0x70 [ 13.414392] kasan_save_track+0x18/0x40 [ 13.414827] kasan_save_alloc_info+0x3b/0x50 [ 13.415233] __kasan_slab_alloc+0x91/0xa0 [ 13.415416] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.415825] __kmem_cache_create_args+0x169/0x240 [ 13.416414] kmem_cache_double_destroy+0xd5/0x380 [ 13.416863] kunit_try_run_case+0x1a5/0x480 [ 13.417197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.417710] kthread+0x337/0x6f0 [ 13.417867] ret_from_fork+0x116/0x1d0 [ 13.418540] ret_from_fork_asm+0x1a/0x30 [ 13.418764] [ 13.418842] Freed by task 233: [ 13.419116] kasan_save_stack+0x45/0x70 [ 13.419308] kasan_save_track+0x18/0x40 [ 13.419506] kasan_save_free_info+0x3f/0x60 [ 13.420300] __kasan_slab_free+0x56/0x70 [ 13.421114] kmem_cache_free+0x249/0x420 [ 13.421734] slab_kmem_cache_release+0x2e/0x40 [ 13.422330] kmem_cache_release+0x16/0x20 [ 13.422493] kobject_put+0x181/0x450 [ 13.422646] sysfs_slab_release+0x16/0x20 [ 13.422789] kmem_cache_destroy+0xf0/0x1d0 [ 13.422988] kmem_cache_double_destroy+0x14e/0x380 [ 13.423369] kunit_try_run_case+0x1a5/0x480 [ 13.424002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.424248] kthread+0x337/0x6f0 [ 13.424399] ret_from_fork+0x116/0x1d0 [ 13.425029] ret_from_fork_asm+0x1a/0x30 [ 13.425360] [ 13.425503] The buggy address belongs to the object at ffff888101d19c80 [ 13.425503] which belongs to the cache kmem_cache of size 208 [ 13.426262] The buggy address is located 0 bytes inside of [ 13.426262] freed 208-byte region [ffff888101d19c80, ffff888101d19d50) [ 13.427196] [ 13.427296] The buggy address belongs to the physical page: [ 13.427778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d19 [ 13.428172] flags: 0x200000000000000(node=0|zone=2) [ 13.428405] page_type: f5(slab) [ 13.429179] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.429487] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.430050] page dumped because: kasan: bad access detected [ 13.430303] [ 13.430389] Memory state around the buggy address: [ 13.430833] ffff888101d19b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.431301] ffff888101d19c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.431609] >ffff888101d19c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.431913] ^ [ 13.432260] ffff888101d19d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.432547] ffff888101d19d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.433089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.337123] ================================================================== [ 13.337655] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.337983] Read of size 1 at addr ffff888102b96000 by task kunit_try_catch/231 [ 13.338284] [ 13.338388] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.338439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.338450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.338474] Call Trace: [ 13.338487] <TASK> [ 13.338507] dump_stack_lvl+0x73/0xb0 [ 13.338541] print_report+0xd1/0x650 [ 13.338564] ? __virt_addr_valid+0x1db/0x2d0 [ 13.338590] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.338647] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.338670] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.338694] kasan_report+0x141/0x180 [ 13.338716] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.338744] __asan_report_load1_noabort+0x18/0x20 [ 13.338769] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.338792] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.338815] ? finish_task_switch.isra.0+0x153/0x700 [ 13.338840] ? __switch_to+0x47/0xf50 [ 13.338870] ? __pfx_read_tsc+0x10/0x10 [ 13.338893] ? ktime_get_ts64+0x86/0x230 [ 13.338918] kunit_try_run_case+0x1a5/0x480 [ 13.339228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.339254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.339280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.339305] ? __kthread_parkme+0x82/0x180 [ 13.339327] ? preempt_count_sub+0x50/0x80 [ 13.339351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.339375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.339400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.339426] kthread+0x337/0x6f0 [ 13.339444] ? trace_preempt_on+0x20/0xc0 [ 13.339469] ? __pfx_kthread+0x10/0x10 [ 13.339498] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.339545] ? calculate_sigpending+0x7b/0xa0 [ 13.339570] ? __pfx_kthread+0x10/0x10 [ 13.339592] ret_from_fork+0x116/0x1d0 [ 13.339621] ? __pfx_kthread+0x10/0x10 [ 13.339641] ret_from_fork_asm+0x1a/0x30 [ 13.339674] </TASK> [ 13.339685] [ 13.351051] Allocated by task 231: [ 13.351244] kasan_save_stack+0x45/0x70 [ 13.351472] kasan_save_track+0x18/0x40 [ 13.351848] kasan_save_alloc_info+0x3b/0x50 [ 13.352367] __kasan_slab_alloc+0x91/0xa0 [ 13.352709] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.352898] kmem_cache_rcu_uaf+0x155/0x510 [ 13.353431] kunit_try_run_case+0x1a5/0x480 [ 13.353723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.354167] kthread+0x337/0x6f0 [ 13.354340] ret_from_fork+0x116/0x1d0 [ 13.354698] ret_from_fork_asm+0x1a/0x30 [ 13.355073] [ 13.355171] Freed by task 0: [ 13.355292] kasan_save_stack+0x45/0x70 [ 13.355762] kasan_save_track+0x18/0x40 [ 13.356096] kasan_save_free_info+0x3f/0x60 [ 13.356268] __kasan_slab_free+0x56/0x70 [ 13.356469] slab_free_after_rcu_debug+0xe4/0x310 [ 13.356832] rcu_core+0x66f/0x1c40 [ 13.356971] rcu_core_si+0x12/0x20 [ 13.357240] handle_softirqs+0x209/0x730 [ 13.357445] __irq_exit_rcu+0xc9/0x110 [ 13.357903] irq_exit_rcu+0x12/0x20 [ 13.358138] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.358367] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.358593] [ 13.358685] Last potentially related work creation: [ 13.358887] kasan_save_stack+0x45/0x70 [ 13.359384] kasan_record_aux_stack+0xb2/0xc0 [ 13.359559] kmem_cache_free+0x131/0x420 [ 13.359963] kmem_cache_rcu_uaf+0x194/0x510 [ 13.360335] kunit_try_run_case+0x1a5/0x480 [ 13.360531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.361125] kthread+0x337/0x6f0 [ 13.361392] ret_from_fork+0x116/0x1d0 [ 13.361682] ret_from_fork_asm+0x1a/0x30 [ 13.361919] [ 13.362223] The buggy address belongs to the object at ffff888102b96000 [ 13.362223] which belongs to the cache test_cache of size 200 [ 13.362903] The buggy address is located 0 bytes inside of [ 13.362903] freed 200-byte region [ffff888102b96000, ffff888102b960c8) [ 13.363753] [ 13.364055] The buggy address belongs to the physical page: [ 13.364373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b96 [ 13.365105] flags: 0x200000000000000(node=0|zone=2) [ 13.365333] page_type: f5(slab) [ 13.365505] raw: 0200000000000000 ffff888102b91140 dead000000000122 0000000000000000 [ 13.365896] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.366418] page dumped because: kasan: bad access detected [ 13.366752] [ 13.366852] Memory state around the buggy address: [ 13.367050] ffff888102b95f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.367455] ffff888102b95f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.367807] >ffff888102b96000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.368122] ^ [ 13.368235] ffff888102b96080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.368820] ffff888102b96100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.369222] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.263184] ================================================================== [ 13.264001] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.264807] Free of addr ffff888102677001 by task kunit_try_catch/229 [ 13.265494] [ 13.265801] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.265852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.265863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.265885] Call Trace: [ 13.265898] <TASK> [ 13.265918] dump_stack_lvl+0x73/0xb0 [ 13.265954] print_report+0xd1/0x650 [ 13.265978] ? __virt_addr_valid+0x1db/0x2d0 [ 13.266004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.266027] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.266054] kasan_report_invalid_free+0x10a/0x130 [ 13.266078] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.266105] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.266130] check_slab_allocation+0x11f/0x130 [ 13.266152] __kasan_slab_pre_free+0x28/0x40 [ 13.266173] kmem_cache_free+0xed/0x420 [ 13.266193] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.266213] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.266241] kmem_cache_invalid_free+0x1d8/0x460 [ 13.266265] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.266289] ? finish_task_switch.isra.0+0x153/0x700 [ 13.266314] ? __switch_to+0x47/0xf50 [ 13.266343] ? __pfx_read_tsc+0x10/0x10 [ 13.266365] ? ktime_get_ts64+0x86/0x230 [ 13.266390] kunit_try_run_case+0x1a5/0x480 [ 13.266416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.266439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.266464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.266487] ? __kthread_parkme+0x82/0x180 [ 13.266509] ? preempt_count_sub+0x50/0x80 [ 13.266531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.266623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.266648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.266678] kthread+0x337/0x6f0 [ 13.266696] ? trace_preempt_on+0x20/0xc0 [ 13.266721] ? __pfx_kthread+0x10/0x10 [ 13.266741] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.266762] ? calculate_sigpending+0x7b/0xa0 [ 13.266787] ? __pfx_kthread+0x10/0x10 [ 13.266807] ret_from_fork+0x116/0x1d0 [ 13.266825] ? __pfx_kthread+0x10/0x10 [ 13.266845] ret_from_fork_asm+0x1a/0x30 [ 13.266878] </TASK> [ 13.266889] [ 13.282483] Allocated by task 229: [ 13.282755] kasan_save_stack+0x45/0x70 [ 13.283167] kasan_save_track+0x18/0x40 [ 13.283647] kasan_save_alloc_info+0x3b/0x50 [ 13.283929] __kasan_slab_alloc+0x91/0xa0 [ 13.284361] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.284536] kmem_cache_invalid_free+0x157/0x460 [ 13.285020] kunit_try_run_case+0x1a5/0x480 [ 13.285404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.285636] kthread+0x337/0x6f0 [ 13.285763] ret_from_fork+0x116/0x1d0 [ 13.285896] ret_from_fork_asm+0x1a/0x30 [ 13.286405] [ 13.286587] The buggy address belongs to the object at ffff888102677000 [ 13.286587] which belongs to the cache test_cache of size 200 [ 13.287944] The buggy address is located 1 bytes inside of [ 13.287944] 200-byte region [ffff888102677000, ffff8881026770c8) [ 13.288464] [ 13.288621] The buggy address belongs to the physical page: [ 13.289108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102677 [ 13.290023] flags: 0x200000000000000(node=0|zone=2) [ 13.290224] page_type: f5(slab) [ 13.290346] raw: 0200000000000000 ffff888101d19b40 dead000000000122 0000000000000000 [ 13.290616] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.291269] page dumped because: kasan: bad access detected [ 13.291877] [ 13.292069] Memory state around the buggy address: [ 13.292483] ffff888102676f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.293342] ffff888102676f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.293720] >ffff888102677000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.293994] ^ [ 13.294298] ffff888102677080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.294986] ffff888102677100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.295621] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.213656] ================================================================== [ 13.214632] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.215474] Free of addr ffff888102b94000 by task kunit_try_catch/227 [ 13.216284] [ 13.216479] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.216527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.216538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.216559] Call Trace: [ 13.216573] <TASK> [ 13.216591] dump_stack_lvl+0x73/0xb0 [ 13.216655] print_report+0xd1/0x650 [ 13.216680] ? __virt_addr_valid+0x1db/0x2d0 [ 13.216705] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.216728] ? kmem_cache_double_free+0x1e5/0x480 [ 13.216754] kasan_report_invalid_free+0x10a/0x130 [ 13.216779] ? kmem_cache_double_free+0x1e5/0x480 [ 13.216806] ? kmem_cache_double_free+0x1e5/0x480 [ 13.216830] check_slab_allocation+0x101/0x130 [ 13.216852] __kasan_slab_pre_free+0x28/0x40 [ 13.216873] kmem_cache_free+0xed/0x420 [ 13.216894] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.216915] ? kmem_cache_double_free+0x1e5/0x480 [ 13.216958] kmem_cache_double_free+0x1e5/0x480 [ 13.216984] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.217021] ? finish_task_switch.isra.0+0x153/0x700 [ 13.217045] ? __switch_to+0x47/0xf50 [ 13.217075] ? __pfx_read_tsc+0x10/0x10 [ 13.217123] ? ktime_get_ts64+0x86/0x230 [ 13.217150] kunit_try_run_case+0x1a5/0x480 [ 13.217366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.217416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.217440] ? __kthread_parkme+0x82/0x180 [ 13.217462] ? preempt_count_sub+0x50/0x80 [ 13.217486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.217534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.217559] kthread+0x337/0x6f0 [ 13.217578] ? trace_preempt_on+0x20/0xc0 [ 13.217614] ? __pfx_kthread+0x10/0x10 [ 13.217635] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.217656] ? calculate_sigpending+0x7b/0xa0 [ 13.217682] ? __pfx_kthread+0x10/0x10 [ 13.217708] ret_from_fork+0x116/0x1d0 [ 13.217727] ? __pfx_kthread+0x10/0x10 [ 13.217747] ret_from_fork_asm+0x1a/0x30 [ 13.217779] </TASK> [ 13.217790] [ 13.235272] Allocated by task 227: [ 13.235420] kasan_save_stack+0x45/0x70 [ 13.235718] kasan_save_track+0x18/0x40 [ 13.236485] kasan_save_alloc_info+0x3b/0x50 [ 13.237049] __kasan_slab_alloc+0x91/0xa0 [ 13.237732] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.238305] kmem_cache_double_free+0x14f/0x480 [ 13.238619] kunit_try_run_case+0x1a5/0x480 [ 13.238893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.239407] kthread+0x337/0x6f0 [ 13.239630] ret_from_fork+0x116/0x1d0 [ 13.240117] ret_from_fork_asm+0x1a/0x30 [ 13.240436] [ 13.240518] Freed by task 227: [ 13.240889] kasan_save_stack+0x45/0x70 [ 13.241357] kasan_save_track+0x18/0x40 [ 13.241517] kasan_save_free_info+0x3f/0x60 [ 13.242092] __kasan_slab_free+0x56/0x70 [ 13.242335] kmem_cache_free+0x249/0x420 [ 13.242477] kmem_cache_double_free+0x16a/0x480 [ 13.242937] kunit_try_run_case+0x1a5/0x480 [ 13.243457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243953] kthread+0x337/0x6f0 [ 13.244279] ret_from_fork+0x116/0x1d0 [ 13.244420] ret_from_fork_asm+0x1a/0x30 [ 13.244695] [ 13.244885] The buggy address belongs to the object at ffff888102b94000 [ 13.244885] which belongs to the cache test_cache of size 200 [ 13.246314] The buggy address is located 0 bytes inside of [ 13.246314] 200-byte region [ffff888102b94000, ffff888102b940c8) [ 13.247121] [ 13.247323] The buggy address belongs to the physical page: [ 13.247773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b94 [ 13.248360] flags: 0x200000000000000(node=0|zone=2) [ 13.248550] page_type: f5(slab) [ 13.248903] raw: 0200000000000000 ffff888102b91000 dead000000000122 0000000000000000 [ 13.249820] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.250441] page dumped because: kasan: bad access detected [ 13.250753] [ 13.250823] Memory state around the buggy address: [ 13.251037] ffff888102b93f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.251771] ffff888102b93f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.252571] >ffff888102b94000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.252809] ^ [ 13.253093] ffff888102b94080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.253757] ffff888102b94100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.254448] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.179627] ================================================================== [ 13.180305] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.180670] Read of size 1 at addr ffff888102b8f0c8 by task kunit_try_catch/225 [ 13.181075] [ 13.181187] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.181233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.181244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.181266] Call Trace: [ 13.181279] <TASK> [ 13.181297] dump_stack_lvl+0x73/0xb0 [ 13.181331] print_report+0xd1/0x650 [ 13.181354] ? __virt_addr_valid+0x1db/0x2d0 [ 13.181379] ? kmem_cache_oob+0x402/0x530 [ 13.181402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.181425] ? kmem_cache_oob+0x402/0x530 [ 13.181447] kasan_report+0x141/0x180 [ 13.181469] ? kmem_cache_oob+0x402/0x530 [ 13.181496] __asan_report_load1_noabort+0x18/0x20 [ 13.181521] kmem_cache_oob+0x402/0x530 [ 13.181542] ? trace_hardirqs_on+0x37/0xe0 [ 13.181567] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.181594] ? __kasan_check_write+0x18/0x20 [ 13.181626] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.181662] ? irqentry_exit+0x2a/0x60 [ 13.181686] ? trace_hardirqs_on+0x37/0xe0 [ 13.181715] ? __pfx_read_tsc+0x10/0x10 [ 13.181738] ? ktime_get_ts64+0x86/0x230 [ 13.181764] kunit_try_run_case+0x1a5/0x480 [ 13.181790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.181815] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.181838] ? __kthread_parkme+0x82/0x180 [ 13.181861] ? preempt_count_sub+0x50/0x80 [ 13.181886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.181910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.181960] kthread+0x337/0x6f0 [ 13.181987] ? trace_preempt_on+0x20/0xc0 [ 13.182009] ? __pfx_kthread+0x10/0x10 [ 13.182029] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.182050] ? calculate_sigpending+0x7b/0xa0 [ 13.182075] ? __pfx_kthread+0x10/0x10 [ 13.182096] ret_from_fork+0x116/0x1d0 [ 13.182114] ? __pfx_kthread+0x10/0x10 [ 13.182134] ret_from_fork_asm+0x1a/0x30 [ 13.182168] </TASK> [ 13.182178] [ 13.189808] Allocated by task 225: [ 13.190012] kasan_save_stack+0x45/0x70 [ 13.190200] kasan_save_track+0x18/0x40 [ 13.190380] kasan_save_alloc_info+0x3b/0x50 [ 13.190622] __kasan_slab_alloc+0x91/0xa0 [ 13.190764] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.190919] kmem_cache_oob+0x157/0x530 [ 13.191120] kunit_try_run_case+0x1a5/0x480 [ 13.191537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.191773] kthread+0x337/0x6f0 [ 13.191937] ret_from_fork+0x116/0x1d0 [ 13.192112] ret_from_fork_asm+0x1a/0x30 [ 13.192251] [ 13.192321] The buggy address belongs to the object at ffff888102b8f000 [ 13.192321] which belongs to the cache test_cache of size 200 [ 13.192688] The buggy address is located 0 bytes to the right of [ 13.192688] allocated 200-byte region [ffff888102b8f000, ffff888102b8f0c8) [ 13.193230] [ 13.193327] The buggy address belongs to the physical page: [ 13.193819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8f [ 13.194281] flags: 0x200000000000000(node=0|zone=2) [ 13.194448] page_type: f5(slab) [ 13.194569] raw: 0200000000000000 ffff888101270dc0 dead000000000122 0000000000000000 [ 13.194810] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.195035] page dumped because: kasan: bad access detected [ 13.195293] [ 13.195384] Memory state around the buggy address: [ 13.195620] ffff888102b8ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.195946] ffff888102b8f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.196270] >ffff888102b8f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.196918] ^ [ 13.197091] ffff888102b8f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.197382] ffff888102b8f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.197713] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.138049] ================================================================== [ 13.138453] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.138827] Read of size 8 at addr ffff888102b87bc0 by task kunit_try_catch/218 [ 13.139739] [ 13.139876] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.139924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.139936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.139957] Call Trace: [ 13.139971] <TASK> [ 13.139989] dump_stack_lvl+0x73/0xb0 [ 13.140023] print_report+0xd1/0x650 [ 13.140047] ? __virt_addr_valid+0x1db/0x2d0 [ 13.140071] ? workqueue_uaf+0x4d6/0x560 [ 13.140092] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.140115] ? workqueue_uaf+0x4d6/0x560 [ 13.140301] kasan_report+0x141/0x180 [ 13.140324] ? workqueue_uaf+0x4d6/0x560 [ 13.140350] __asan_report_load8_noabort+0x18/0x20 [ 13.140374] workqueue_uaf+0x4d6/0x560 [ 13.140395] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.140417] ? __schedule+0x10cc/0x2b60 [ 13.140440] ? __pfx_read_tsc+0x10/0x10 [ 13.140462] ? ktime_get_ts64+0x86/0x230 [ 13.140488] kunit_try_run_case+0x1a5/0x480 [ 13.140512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.140559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.140583] ? __kthread_parkme+0x82/0x180 [ 13.140615] ? preempt_count_sub+0x50/0x80 [ 13.140639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.140663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.140687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.140711] kthread+0x337/0x6f0 [ 13.140730] ? trace_preempt_on+0x20/0xc0 [ 13.140754] ? __pfx_kthread+0x10/0x10 [ 13.140774] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.140795] ? calculate_sigpending+0x7b/0xa0 [ 13.140819] ? __pfx_kthread+0x10/0x10 [ 13.140840] ret_from_fork+0x116/0x1d0 [ 13.140858] ? __pfx_kthread+0x10/0x10 [ 13.140878] ret_from_fork_asm+0x1a/0x30 [ 13.140911] </TASK> [ 13.140981] [ 13.150641] Allocated by task 218: [ 13.151037] kasan_save_stack+0x45/0x70 [ 13.151226] kasan_save_track+0x18/0x40 [ 13.151400] kasan_save_alloc_info+0x3b/0x50 [ 13.151852] __kasan_kmalloc+0xb7/0xc0 [ 13.152188] __kmalloc_cache_noprof+0x189/0x420 [ 13.152412] workqueue_uaf+0x152/0x560 [ 13.152577] kunit_try_run_case+0x1a5/0x480 [ 13.152777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153015] kthread+0x337/0x6f0 [ 13.153164] ret_from_fork+0x116/0x1d0 [ 13.153348] ret_from_fork_asm+0x1a/0x30 [ 13.153520] [ 13.154095] Freed by task 9: [ 13.154245] kasan_save_stack+0x45/0x70 [ 13.154425] kasan_save_track+0x18/0x40 [ 13.154610] kasan_save_free_info+0x3f/0x60 [ 13.155129] __kasan_slab_free+0x56/0x70 [ 13.155322] kfree+0x222/0x3f0 [ 13.155621] workqueue_uaf_work+0x12/0x20 [ 13.155875] process_one_work+0x5ee/0xf60 [ 13.156162] worker_thread+0x758/0x1220 [ 13.156416] kthread+0x337/0x6f0 [ 13.156550] ret_from_fork+0x116/0x1d0 [ 13.156934] ret_from_fork_asm+0x1a/0x30 [ 13.157274] [ 13.157379] Last potentially related work creation: [ 13.157651] kasan_save_stack+0x45/0x70 [ 13.158228] kasan_record_aux_stack+0xb2/0xc0 [ 13.158526] __queue_work+0x626/0xeb0 [ 13.158870] queue_work_on+0xb6/0xc0 [ 13.159086] workqueue_uaf+0x26d/0x560 [ 13.159395] kunit_try_run_case+0x1a5/0x480 [ 13.159593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.159848] kthread+0x337/0x6f0 [ 13.160235] ret_from_fork+0x116/0x1d0 [ 13.160427] ret_from_fork_asm+0x1a/0x30 [ 13.160808] [ 13.160898] The buggy address belongs to the object at ffff888102b87bc0 [ 13.160898] which belongs to the cache kmalloc-32 of size 32 [ 13.161446] The buggy address is located 0 bytes inside of [ 13.161446] freed 32-byte region [ffff888102b87bc0, ffff888102b87be0) [ 13.162354] [ 13.162511] The buggy address belongs to the physical page: [ 13.162774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b87 [ 13.163514] flags: 0x200000000000000(node=0|zone=2) [ 13.163841] page_type: f5(slab) [ 13.164149] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.164503] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.164912] page dumped because: kasan: bad access detected [ 13.165151] [ 13.165222] Memory state around the buggy address: [ 13.165426] ffff888102b87a80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.166104] ffff888102b87b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.166357] >ffff888102b87b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.166934] ^ [ 13.167229] ffff888102b87c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.167724] ffff888102b87c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.168097] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.098313] ================================================================== [ 13.098852] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.099161] Read of size 4 at addr ffff888102b87b00 by task swapper/0/0 [ 13.099458] [ 13.099701] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.099751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.099762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.099783] Call Trace: [ 13.099820] <IRQ> [ 13.099840] dump_stack_lvl+0x73/0xb0 [ 13.099896] print_report+0xd1/0x650 [ 13.099921] ? __virt_addr_valid+0x1db/0x2d0 [ 13.099946] ? rcu_uaf_reclaim+0x50/0x60 [ 13.100015] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.100040] ? rcu_uaf_reclaim+0x50/0x60 [ 13.100061] kasan_report+0x141/0x180 [ 13.100083] ? rcu_uaf_reclaim+0x50/0x60 [ 13.100109] __asan_report_load4_noabort+0x18/0x20 [ 13.100134] rcu_uaf_reclaim+0x50/0x60 [ 13.100166] rcu_core+0x66f/0x1c40 [ 13.100196] ? __pfx_rcu_core+0x10/0x10 [ 13.100217] ? ktime_get+0x6b/0x150 [ 13.100252] ? handle_softirqs+0x18e/0x730 [ 13.100277] rcu_core_si+0x12/0x20 [ 13.100297] handle_softirqs+0x209/0x730 [ 13.100327] ? hrtimer_interrupt+0x2fe/0x780 [ 13.100350] ? __pfx_handle_softirqs+0x10/0x10 [ 13.100376] __irq_exit_rcu+0xc9/0x110 [ 13.100406] irq_exit_rcu+0x12/0x20 [ 13.100425] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.100451] </IRQ> [ 13.100478] <TASK> [ 13.100488] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.100607] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.100819] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.100896] RSP: 0000:ffffffff8fa07dd8 EFLAGS: 00010206 [ 13.100984] RAX: ffff8881ca272000 RBX: ffffffff8fa1cac0 RCX: ffffffff8e874105 [ 13.101030] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000006a04 [ 13.101073] RBP: ffffffff8fa07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.101116] R10: ffff88815b030c53 R11: 0000000000061800 R12: 0000000000000000 [ 13.101158] R13: fffffbfff1f43958 R14: ffffffff905b1390 R15: 0000000000000000 [ 13.101215] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.101270] ? default_idle+0xd/0x20 [ 13.101291] arch_cpu_idle+0xd/0x20 [ 13.101313] default_idle_call+0x48/0x80 [ 13.101332] do_idle+0x379/0x4f0 [ 13.101358] ? __pfx_do_idle+0x10/0x10 [ 13.101385] cpu_startup_entry+0x5c/0x70 [ 13.101405] rest_init+0x11a/0x140 [ 13.101421] ? acpi_subsystem_init+0x5d/0x150 [ 13.101447] start_kernel+0x330/0x410 [ 13.101472] x86_64_start_reservations+0x1c/0x30 [ 13.101497] x86_64_start_kernel+0x10d/0x120 [ 13.101521] common_startup_64+0x13e/0x148 [ 13.101554] </TASK> [ 13.101565] [ 13.115727] Allocated by task 216: [ 13.115876] kasan_save_stack+0x45/0x70 [ 13.116092] kasan_save_track+0x18/0x40 [ 13.116266] kasan_save_alloc_info+0x3b/0x50 [ 13.116476] __kasan_kmalloc+0xb7/0xc0 [ 13.117057] __kmalloc_cache_noprof+0x189/0x420 [ 13.117458] rcu_uaf+0xb0/0x330 [ 13.117718] kunit_try_run_case+0x1a5/0x480 [ 13.118098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118513] kthread+0x337/0x6f0 [ 13.118674] ret_from_fork+0x116/0x1d0 [ 13.118999] ret_from_fork_asm+0x1a/0x30 [ 13.119288] [ 13.119424] Freed by task 0: [ 13.119617] kasan_save_stack+0x45/0x70 [ 13.120047] kasan_save_track+0x18/0x40 [ 13.120231] kasan_save_free_info+0x3f/0x60 [ 13.120547] __kasan_slab_free+0x56/0x70 [ 13.120740] kfree+0x222/0x3f0 [ 13.121193] rcu_uaf_reclaim+0x1f/0x60 [ 13.121349] rcu_core+0x66f/0x1c40 [ 13.121544] rcu_core_si+0x12/0x20 [ 13.121718] handle_softirqs+0x209/0x730 [ 13.121924] __irq_exit_rcu+0xc9/0x110 [ 13.122434] irq_exit_rcu+0x12/0x20 [ 13.122570] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.123010] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.123227] [ 13.123473] Last potentially related work creation: [ 13.123686] kasan_save_stack+0x45/0x70 [ 13.124025] kasan_record_aux_stack+0xb2/0xc0 [ 13.124231] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.124449] call_rcu+0x12/0x20 [ 13.124763] rcu_uaf+0x168/0x330 [ 13.124937] kunit_try_run_case+0x1a5/0x480 [ 13.125332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125632] kthread+0x337/0x6f0 [ 13.125867] ret_from_fork+0x116/0x1d0 [ 13.126011] ret_from_fork_asm+0x1a/0x30 [ 13.126444] [ 13.126623] The buggy address belongs to the object at ffff888102b87b00 [ 13.126623] which belongs to the cache kmalloc-32 of size 32 [ 13.127525] The buggy address is located 0 bytes inside of [ 13.127525] freed 32-byte region [ffff888102b87b00, ffff888102b87b20) [ 13.128248] [ 13.128353] The buggy address belongs to the physical page: [ 13.128580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b87 [ 13.129172] flags: 0x200000000000000(node=0|zone=2) [ 13.129403] page_type: f5(slab) [ 13.129772] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.130182] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.130536] page dumped because: kasan: bad access detected [ 13.130789] [ 13.130887] Memory state around the buggy address: [ 13.131272] ffff888102b87a00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.131679] ffff888102b87a80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.132080] >ffff888102b87b00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132368] ^ [ 13.132508] ffff888102b87b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132810] ffff888102b87c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.133113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.031591] ================================================================== [ 13.032199] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.032466] Read of size 1 at addr ffff888102675000 by task kunit_try_catch/214 [ 13.033087] [ 13.033452] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.033506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.033517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.033538] Call Trace: [ 13.033550] <TASK> [ 13.033567] dump_stack_lvl+0x73/0xb0 [ 13.033607] print_report+0xd1/0x650 [ 13.033629] ? __virt_addr_valid+0x1db/0x2d0 [ 13.033651] ? ksize_uaf+0x5fe/0x6c0 [ 13.033671] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.033693] ? ksize_uaf+0x5fe/0x6c0 [ 13.033717] kasan_report+0x141/0x180 [ 13.033738] ? ksize_uaf+0x5fe/0x6c0 [ 13.033763] __asan_report_load1_noabort+0x18/0x20 [ 13.033787] ksize_uaf+0x5fe/0x6c0 [ 13.033808] ? __pfx_ksize_uaf+0x10/0x10 [ 13.033829] ? __schedule+0x10cc/0x2b60 [ 13.033851] ? __pfx_read_tsc+0x10/0x10 [ 13.033871] ? ktime_get_ts64+0x86/0x230 [ 13.033897] kunit_try_run_case+0x1a5/0x480 [ 13.034098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.034130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.034170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.034194] ? __kthread_parkme+0x82/0x180 [ 13.034214] ? preempt_count_sub+0x50/0x80 [ 13.034278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.034302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.034327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.034351] kthread+0x337/0x6f0 [ 13.034369] ? trace_preempt_on+0x20/0xc0 [ 13.034392] ? __pfx_kthread+0x10/0x10 [ 13.034412] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.034433] ? calculate_sigpending+0x7b/0xa0 [ 13.034457] ? __pfx_kthread+0x10/0x10 [ 13.034478] ret_from_fork+0x116/0x1d0 [ 13.034495] ? __pfx_kthread+0x10/0x10 [ 13.034515] ret_from_fork_asm+0x1a/0x30 [ 13.034547] </TASK> [ 13.034557] [ 13.046870] Allocated by task 214: [ 13.047279] kasan_save_stack+0x45/0x70 [ 13.047635] kasan_save_track+0x18/0x40 [ 13.047826] kasan_save_alloc_info+0x3b/0x50 [ 13.048380] __kasan_kmalloc+0xb7/0xc0 [ 13.048738] __kmalloc_cache_noprof+0x189/0x420 [ 13.049215] ksize_uaf+0xaa/0x6c0 [ 13.049405] kunit_try_run_case+0x1a5/0x480 [ 13.049742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.050398] kthread+0x337/0x6f0 [ 13.050658] ret_from_fork+0x116/0x1d0 [ 13.050978] ret_from_fork_asm+0x1a/0x30 [ 13.051173] [ 13.051264] Freed by task 214: [ 13.051411] kasan_save_stack+0x45/0x70 [ 13.051967] kasan_save_track+0x18/0x40 [ 13.052283] kasan_save_free_info+0x3f/0x60 [ 13.052872] __kasan_slab_free+0x56/0x70 [ 13.053137] kfree+0x222/0x3f0 [ 13.053295] ksize_uaf+0x12c/0x6c0 [ 13.053456] kunit_try_run_case+0x1a5/0x480 [ 13.054015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.054283] kthread+0x337/0x6f0 [ 13.054441] ret_from_fork+0x116/0x1d0 [ 13.054941] ret_from_fork_asm+0x1a/0x30 [ 13.055267] [ 13.055512] The buggy address belongs to the object at ffff888102675000 [ 13.055512] which belongs to the cache kmalloc-128 of size 128 [ 13.056488] The buggy address is located 0 bytes inside of [ 13.056488] freed 128-byte region [ffff888102675000, ffff888102675080) [ 13.057327] [ 13.057500] The buggy address belongs to the physical page: [ 13.057757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 13.058549] flags: 0x200000000000000(node=0|zone=2) [ 13.058868] page_type: f5(slab) [ 13.059083] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.059393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.059768] page dumped because: kasan: bad access detected [ 13.060408] [ 13.060500] Memory state around the buggy address: [ 13.060711] ffff888102674f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.061067] ffff888102674f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.061357] >ffff888102675000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.062123] ^ [ 13.062446] ffff888102675080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.062771] ffff888102675100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.063424] ================================================================== [ 13.064881] ================================================================== [ 13.065627] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.065980] Read of size 1 at addr ffff888102675078 by task kunit_try_catch/214 [ 13.066288] [ 13.066395] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.066437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.066448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.066469] Call Trace: [ 13.066482] <TASK> [ 13.066500] dump_stack_lvl+0x73/0xb0 [ 13.066530] print_report+0xd1/0x650 [ 13.066553] ? __virt_addr_valid+0x1db/0x2d0 [ 13.066577] ? ksize_uaf+0x5e4/0x6c0 [ 13.066596] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.066630] ? ksize_uaf+0x5e4/0x6c0 [ 13.066650] kasan_report+0x141/0x180 [ 13.066671] ? ksize_uaf+0x5e4/0x6c0 [ 13.066695] __asan_report_load1_noabort+0x18/0x20 [ 13.066720] ksize_uaf+0x5e4/0x6c0 [ 13.066739] ? __pfx_ksize_uaf+0x10/0x10 [ 13.066760] ? __schedule+0x10cc/0x2b60 [ 13.066782] ? __pfx_read_tsc+0x10/0x10 [ 13.066814] ? ktime_get_ts64+0x86/0x230 [ 13.066840] kunit_try_run_case+0x1a5/0x480 [ 13.066863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.066897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.066921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.066945] ? __kthread_parkme+0x82/0x180 [ 13.066965] ? preempt_count_sub+0x50/0x80 [ 13.066989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.067012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.067036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.067122] kthread+0x337/0x6f0 [ 13.067142] ? trace_preempt_on+0x20/0xc0 [ 13.067166] ? __pfx_kthread+0x10/0x10 [ 13.067187] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.067208] ? calculate_sigpending+0x7b/0xa0 [ 13.067232] ? __pfx_kthread+0x10/0x10 [ 13.067253] ret_from_fork+0x116/0x1d0 [ 13.067270] ? __pfx_kthread+0x10/0x10 [ 13.067302] ret_from_fork_asm+0x1a/0x30 [ 13.067333] </TASK> [ 13.067343] [ 13.075252] Allocated by task 214: [ 13.075456] kasan_save_stack+0x45/0x70 [ 13.075679] kasan_save_track+0x18/0x40 [ 13.075862] kasan_save_alloc_info+0x3b/0x50 [ 13.076217] __kasan_kmalloc+0xb7/0xc0 [ 13.076423] __kmalloc_cache_noprof+0x189/0x420 [ 13.076582] ksize_uaf+0xaa/0x6c0 [ 13.076714] kunit_try_run_case+0x1a5/0x480 [ 13.076860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077137] kthread+0x337/0x6f0 [ 13.077302] ret_from_fork+0x116/0x1d0 [ 13.077485] ret_from_fork_asm+0x1a/0x30 [ 13.077898] [ 13.078050] Freed by task 214: [ 13.078211] kasan_save_stack+0x45/0x70 [ 13.078355] kasan_save_track+0x18/0x40 [ 13.078518] kasan_save_free_info+0x3f/0x60 [ 13.078740] __kasan_slab_free+0x56/0x70 [ 13.079020] kfree+0x222/0x3f0 [ 13.079173] ksize_uaf+0x12c/0x6c0 [ 13.079352] kunit_try_run_case+0x1a5/0x480 [ 13.079612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.079855] kthread+0x337/0x6f0 [ 13.080105] ret_from_fork+0x116/0x1d0 [ 13.080305] ret_from_fork_asm+0x1a/0x30 [ 13.080523] [ 13.080607] The buggy address belongs to the object at ffff888102675000 [ 13.080607] which belongs to the cache kmalloc-128 of size 128 [ 13.080980] The buggy address is located 120 bytes inside of [ 13.080980] freed 128-byte region [ffff888102675000, ffff888102675080) [ 13.081986] [ 13.082094] The buggy address belongs to the physical page: [ 13.082397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 13.082763] flags: 0x200000000000000(node=0|zone=2) [ 13.082941] page_type: f5(slab) [ 13.083217] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.083630] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.083938] page dumped because: kasan: bad access detected [ 13.084107] [ 13.084175] Memory state around the buggy address: [ 13.084328] ffff888102674f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.084648] ffff888102674f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.084980] >ffff888102675000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.085570] ^ [ 13.085809] ffff888102675080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.086398] ffff888102675100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.086786] ================================================================== [ 12.998509] ================================================================== [ 12.999607] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.999827] Read of size 1 at addr ffff888102675000 by task kunit_try_catch/214 [ 13.000047] [ 13.000135] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.000185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.000196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.000216] Call Trace: [ 13.000228] <TASK> [ 13.000242] dump_stack_lvl+0x73/0xb0 [ 13.000271] print_report+0xd1/0x650 [ 13.000293] ? __virt_addr_valid+0x1db/0x2d0 [ 13.000316] ? ksize_uaf+0x19d/0x6c0 [ 13.000335] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.000357] ? ksize_uaf+0x19d/0x6c0 [ 13.000377] kasan_report+0x141/0x180 [ 13.000398] ? ksize_uaf+0x19d/0x6c0 [ 13.000421] ? ksize_uaf+0x19d/0x6c0 [ 13.000441] __kasan_check_byte+0x3d/0x50 [ 13.000463] ksize+0x20/0x60 [ 13.000482] ksize_uaf+0x19d/0x6c0 [ 13.000502] ? __pfx_ksize_uaf+0x10/0x10 [ 13.000523] ? __schedule+0x10cc/0x2b60 [ 13.000544] ? __pfx_read_tsc+0x10/0x10 [ 13.000564] ? ktime_get_ts64+0x86/0x230 [ 13.000588] kunit_try_run_case+0x1a5/0x480 [ 13.000620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.000642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.000665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.000689] ? __kthread_parkme+0x82/0x180 [ 13.000709] ? preempt_count_sub+0x50/0x80 [ 13.000733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.000758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.000782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.000806] kthread+0x337/0x6f0 [ 13.000824] ? trace_preempt_on+0x20/0xc0 [ 13.000847] ? __pfx_kthread+0x10/0x10 [ 13.000903] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.000924] ? calculate_sigpending+0x7b/0xa0 [ 13.000948] ? __pfx_kthread+0x10/0x10 [ 13.000983] ret_from_fork+0x116/0x1d0 [ 13.001000] ? __pfx_kthread+0x10/0x10 [ 13.001020] ret_from_fork_asm+0x1a/0x30 [ 13.001063] </TASK> [ 13.001072] [ 13.012269] Allocated by task 214: [ 13.012823] kasan_save_stack+0x45/0x70 [ 13.013270] kasan_save_track+0x18/0x40 [ 13.013560] kasan_save_alloc_info+0x3b/0x50 [ 13.013920] __kasan_kmalloc+0xb7/0xc0 [ 13.014280] __kmalloc_cache_noprof+0x189/0x420 [ 13.014680] ksize_uaf+0xaa/0x6c0 [ 13.014844] kunit_try_run_case+0x1a5/0x480 [ 13.015262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.015658] kthread+0x337/0x6f0 [ 13.015953] ret_from_fork+0x116/0x1d0 [ 13.016297] ret_from_fork_asm+0x1a/0x30 [ 13.016477] [ 13.016876] Freed by task 214: [ 13.017130] kasan_save_stack+0x45/0x70 [ 13.017440] kasan_save_track+0x18/0x40 [ 13.017846] kasan_save_free_info+0x3f/0x60 [ 13.018215] __kasan_slab_free+0x56/0x70 [ 13.018398] kfree+0x222/0x3f0 [ 13.018621] ksize_uaf+0x12c/0x6c0 [ 13.018787] kunit_try_run_case+0x1a5/0x480 [ 13.019287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.019700] kthread+0x337/0x6f0 [ 13.019873] ret_from_fork+0x116/0x1d0 [ 13.020385] ret_from_fork_asm+0x1a/0x30 [ 13.020784] [ 13.020889] The buggy address belongs to the object at ffff888102675000 [ 13.020889] which belongs to the cache kmalloc-128 of size 128 [ 13.021745] The buggy address is located 0 bytes inside of [ 13.021745] freed 128-byte region [ffff888102675000, ffff888102675080) [ 13.022796] [ 13.023059] The buggy address belongs to the physical page: [ 13.023383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675 [ 13.024081] flags: 0x200000000000000(node=0|zone=2) [ 13.024509] page_type: f5(slab) [ 13.024826] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.025441] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.026037] page dumped because: kasan: bad access detected [ 13.026281] [ 13.026372] Memory state around the buggy address: [ 13.026816] ffff888102674f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.027519] ffff888102674f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.028191] >ffff888102675000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.028663] ^ [ 13.028968] ffff888102675080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.029641] ffff888102675100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.030374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.939456] ================================================================== [ 12.940441] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.941062] Read of size 1 at addr ffff888102662f78 by task kunit_try_catch/212 [ 12.941538] [ 12.941839] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.941970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.941985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.942006] Call Trace: [ 12.942027] <TASK> [ 12.942048] dump_stack_lvl+0x73/0xb0 [ 12.942082] print_report+0xd1/0x650 [ 12.942105] ? __virt_addr_valid+0x1db/0x2d0 [ 12.942128] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.942152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.942174] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.942198] kasan_report+0x141/0x180 [ 12.942220] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.942248] __asan_report_load1_noabort+0x18/0x20 [ 12.942272] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.942296] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.942319] ? finish_task_switch.isra.0+0x153/0x700 [ 12.942341] ? __switch_to+0x47/0xf50 [ 12.942367] ? __schedule+0x10cc/0x2b60 [ 12.942389] ? __pfx_read_tsc+0x10/0x10 [ 12.942410] ? ktime_get_ts64+0x86/0x230 [ 12.942435] kunit_try_run_case+0x1a5/0x480 [ 12.942460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.942695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.942724] ? __kthread_parkme+0x82/0x180 [ 12.942746] ? preempt_count_sub+0x50/0x80 [ 12.942771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.942821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.942846] kthread+0x337/0x6f0 [ 12.942864] ? trace_preempt_on+0x20/0xc0 [ 12.942888] ? __pfx_kthread+0x10/0x10 [ 12.942908] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.942978] ? calculate_sigpending+0x7b/0xa0 [ 12.943005] ? __pfx_kthread+0x10/0x10 [ 12.943029] ret_from_fork+0x116/0x1d0 [ 12.943047] ? __pfx_kthread+0x10/0x10 [ 12.943067] ret_from_fork_asm+0x1a/0x30 [ 12.943099] </TASK> [ 12.943109] [ 12.956035] Allocated by task 212: [ 12.956202] kasan_save_stack+0x45/0x70 [ 12.956440] kasan_save_track+0x18/0x40 [ 12.956888] kasan_save_alloc_info+0x3b/0x50 [ 12.957272] __kasan_kmalloc+0xb7/0xc0 [ 12.957673] __kmalloc_cache_noprof+0x189/0x420 [ 12.957904] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.958494] kunit_try_run_case+0x1a5/0x480 [ 12.958810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959243] kthread+0x337/0x6f0 [ 12.959511] ret_from_fork+0x116/0x1d0 [ 12.959699] ret_from_fork_asm+0x1a/0x30 [ 12.959897] [ 12.960271] The buggy address belongs to the object at ffff888102662f00 [ 12.960271] which belongs to the cache kmalloc-128 of size 128 [ 12.960895] The buggy address is located 5 bytes to the right of [ 12.960895] allocated 115-byte region [ffff888102662f00, ffff888102662f73) [ 12.961551] [ 12.961886] The buggy address belongs to the physical page: [ 12.962273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.962870] flags: 0x200000000000000(node=0|zone=2) [ 12.963308] page_type: f5(slab) [ 12.963466] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.963924] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.964278] page dumped because: kasan: bad access detected [ 12.964638] [ 12.964742] Memory state around the buggy address: [ 12.964901] ffff888102662e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.965219] ffff888102662e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.965849] >ffff888102662f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.966365] ^ [ 12.967124] ffff888102662f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.967542] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.968021] ================================================================== [ 12.909420] ================================================================== [ 12.910380] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.910774] Read of size 1 at addr ffff888102662f73 by task kunit_try_catch/212 [ 12.911148] [ 12.911271] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.911317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.911328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.911348] Call Trace: [ 12.911361] <TASK> [ 12.911378] dump_stack_lvl+0x73/0xb0 [ 12.911409] print_report+0xd1/0x650 [ 12.911432] ? __virt_addr_valid+0x1db/0x2d0 [ 12.911455] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.911611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.911635] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.911659] kasan_report+0x141/0x180 [ 12.911680] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.911710] __asan_report_load1_noabort+0x18/0x20 [ 12.911735] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.911759] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.911781] ? finish_task_switch.isra.0+0x153/0x700 [ 12.911805] ? __switch_to+0x47/0xf50 [ 12.911832] ? __schedule+0x10cc/0x2b60 [ 12.911855] ? __pfx_read_tsc+0x10/0x10 [ 12.911876] ? ktime_get_ts64+0x86/0x230 [ 12.911900] kunit_try_run_case+0x1a5/0x480 [ 12.911980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.912007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.912032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.912055] ? __kthread_parkme+0x82/0x180 [ 12.912076] ? preempt_count_sub+0x50/0x80 [ 12.912099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.912123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.912173] kthread+0x337/0x6f0 [ 12.912191] ? trace_preempt_on+0x20/0xc0 [ 12.912215] ? __pfx_kthread+0x10/0x10 [ 12.912236] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.912257] ? calculate_sigpending+0x7b/0xa0 [ 12.912281] ? __pfx_kthread+0x10/0x10 [ 12.912302] ret_from_fork+0x116/0x1d0 [ 12.912320] ? __pfx_kthread+0x10/0x10 [ 12.912341] ret_from_fork_asm+0x1a/0x30 [ 12.912372] </TASK> [ 12.912383] [ 12.924017] Allocated by task 212: [ 12.924410] kasan_save_stack+0x45/0x70 [ 12.924656] kasan_save_track+0x18/0x40 [ 12.925038] kasan_save_alloc_info+0x3b/0x50 [ 12.925256] __kasan_kmalloc+0xb7/0xc0 [ 12.925443] __kmalloc_cache_noprof+0x189/0x420 [ 12.925951] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.926435] kunit_try_run_case+0x1a5/0x480 [ 12.926759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.927216] kthread+0x337/0x6f0 [ 12.927349] ret_from_fork+0x116/0x1d0 [ 12.927703] ret_from_fork_asm+0x1a/0x30 [ 12.928034] [ 12.928141] The buggy address belongs to the object at ffff888102662f00 [ 12.928141] which belongs to the cache kmalloc-128 of size 128 [ 12.928928] The buggy address is located 0 bytes to the right of [ 12.928928] allocated 115-byte region [ffff888102662f00, ffff888102662f73) [ 12.929801] [ 12.929908] The buggy address belongs to the physical page: [ 12.930366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.930941] flags: 0x200000000000000(node=0|zone=2) [ 12.931347] page_type: f5(slab) [ 12.931674] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.932282] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.932765] page dumped because: kasan: bad access detected [ 12.933132] [ 12.933231] Memory state around the buggy address: [ 12.933435] ffff888102662e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.934148] ffff888102662e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.934825] >ffff888102662f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.936261] ^ [ 12.936715] ffff888102662f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.937411] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.938350] ================================================================== [ 12.969560] ================================================================== [ 12.969918] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.970511] Read of size 1 at addr ffff888102662f7f by task kunit_try_catch/212 [ 12.971090] [ 12.971206] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.971251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.971262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.971283] Call Trace: [ 12.971301] <TASK> [ 12.971319] dump_stack_lvl+0x73/0xb0 [ 12.971351] print_report+0xd1/0x650 [ 12.971374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.971397] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.971420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.971442] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.971466] kasan_report+0x141/0x180 [ 12.971487] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.971968] __asan_report_load1_noabort+0x18/0x20 [ 12.972001] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.972027] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.972051] ? finish_task_switch.isra.0+0x153/0x700 [ 12.972073] ? __switch_to+0x47/0xf50 [ 12.972099] ? __schedule+0x10cc/0x2b60 [ 12.972121] ? __pfx_read_tsc+0x10/0x10 [ 12.972142] ? ktime_get_ts64+0x86/0x230 [ 12.972167] kunit_try_run_case+0x1a5/0x480 [ 12.972192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.972214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.972238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.972263] ? __kthread_parkme+0x82/0x180 [ 12.972283] ? preempt_count_sub+0x50/0x80 [ 12.972306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.972330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.972355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.972379] kthread+0x337/0x6f0 [ 12.972397] ? trace_preempt_on+0x20/0xc0 [ 12.972421] ? __pfx_kthread+0x10/0x10 [ 12.972441] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.972462] ? calculate_sigpending+0x7b/0xa0 [ 12.972487] ? __pfx_kthread+0x10/0x10 [ 12.972508] ret_from_fork+0x116/0x1d0 [ 12.972537] ? __pfx_kthread+0x10/0x10 [ 12.972557] ret_from_fork_asm+0x1a/0x30 [ 12.972614] </TASK> [ 12.972624] [ 12.983591] Allocated by task 212: [ 12.983747] kasan_save_stack+0x45/0x70 [ 12.984190] kasan_save_track+0x18/0x40 [ 12.984374] kasan_save_alloc_info+0x3b/0x50 [ 12.984797] __kasan_kmalloc+0xb7/0xc0 [ 12.985072] __kmalloc_cache_noprof+0x189/0x420 [ 12.985367] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.985678] kunit_try_run_case+0x1a5/0x480 [ 12.986034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.986350] kthread+0x337/0x6f0 [ 12.986618] ret_from_fork+0x116/0x1d0 [ 12.986811] ret_from_fork_asm+0x1a/0x30 [ 12.987279] [ 12.987377] The buggy address belongs to the object at ffff888102662f00 [ 12.987377] which belongs to the cache kmalloc-128 of size 128 [ 12.988180] The buggy address is located 12 bytes to the right of [ 12.988180] allocated 115-byte region [ffff888102662f00, ffff888102662f73) [ 12.988756] [ 12.988985] The buggy address belongs to the physical page: [ 12.989338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.989791] flags: 0x200000000000000(node=0|zone=2) [ 12.990154] page_type: f5(slab) [ 12.990284] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.990778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.991273] page dumped because: kasan: bad access detected [ 12.991534] [ 12.991620] Memory state around the buggy address: [ 12.991820] ffff888102662e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.992193] ffff888102662e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.992490] >ffff888102662f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.992780] ^ [ 12.993066] ffff888102662f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.993358] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.994174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.881591] ================================================================== [ 12.881938] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.882315] Free of addr ffff8881026260c0 by task kunit_try_catch/210 [ 12.883315] [ 12.883445] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.883489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.883500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.883521] Call Trace: [ 12.883533] <TASK> [ 12.883551] dump_stack_lvl+0x73/0xb0 [ 12.883582] print_report+0xd1/0x650 [ 12.883620] ? __virt_addr_valid+0x1db/0x2d0 [ 12.883644] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.883667] ? kfree_sensitive+0x2e/0x90 [ 12.883689] kasan_report_invalid_free+0x10a/0x130 [ 12.883714] ? kfree_sensitive+0x2e/0x90 [ 12.883735] ? kfree_sensitive+0x2e/0x90 [ 12.883754] check_slab_allocation+0x101/0x130 [ 12.883776] __kasan_slab_pre_free+0x28/0x40 [ 12.883797] kfree+0xf0/0x3f0 [ 12.883818] ? kfree_sensitive+0x2e/0x90 [ 12.883840] kfree_sensitive+0x2e/0x90 [ 12.883859] kmalloc_double_kzfree+0x19c/0x350 [ 12.883882] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.883907] ? __schedule+0x10cc/0x2b60 [ 12.883929] ? __pfx_read_tsc+0x10/0x10 [ 12.883950] ? ktime_get_ts64+0x86/0x230 [ 12.884041] kunit_try_run_case+0x1a5/0x480 [ 12.884067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.884115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.884138] ? __kthread_parkme+0x82/0x180 [ 12.884159] ? preempt_count_sub+0x50/0x80 [ 12.884183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.884256] kthread+0x337/0x6f0 [ 12.884274] ? trace_preempt_on+0x20/0xc0 [ 12.884297] ? __pfx_kthread+0x10/0x10 [ 12.884317] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.884338] ? calculate_sigpending+0x7b/0xa0 [ 12.884362] ? __pfx_kthread+0x10/0x10 [ 12.884383] ret_from_fork+0x116/0x1d0 [ 12.884401] ? __pfx_kthread+0x10/0x10 [ 12.884421] ret_from_fork_asm+0x1a/0x30 [ 12.884452] </TASK> [ 12.884462] [ 12.892609] Allocated by task 210: [ 12.892757] kasan_save_stack+0x45/0x70 [ 12.892912] kasan_save_track+0x18/0x40 [ 12.893045] kasan_save_alloc_info+0x3b/0x50 [ 12.893449] __kasan_kmalloc+0xb7/0xc0 [ 12.893686] __kmalloc_cache_noprof+0x189/0x420 [ 12.893958] kmalloc_double_kzfree+0xa9/0x350 [ 12.894377] kunit_try_run_case+0x1a5/0x480 [ 12.894637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.894809] kthread+0x337/0x6f0 [ 12.895053] ret_from_fork+0x116/0x1d0 [ 12.895264] ret_from_fork_asm+0x1a/0x30 [ 12.895464] [ 12.895560] Freed by task 210: [ 12.895731] kasan_save_stack+0x45/0x70 [ 12.895874] kasan_save_track+0x18/0x40 [ 12.896003] kasan_save_free_info+0x3f/0x60 [ 12.896144] __kasan_slab_free+0x56/0x70 [ 12.896583] kfree+0x222/0x3f0 [ 12.896757] kfree_sensitive+0x67/0x90 [ 12.896942] kmalloc_double_kzfree+0x12b/0x350 [ 12.897137] kunit_try_run_case+0x1a5/0x480 [ 12.897277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.897444] kthread+0x337/0x6f0 [ 12.897878] ret_from_fork+0x116/0x1d0 [ 12.898283] ret_from_fork_asm+0x1a/0x30 [ 12.898485] [ 12.898588] The buggy address belongs to the object at ffff8881026260c0 [ 12.898588] which belongs to the cache kmalloc-16 of size 16 [ 12.899200] The buggy address is located 0 bytes inside of [ 12.899200] 16-byte region [ffff8881026260c0, ffff8881026260d0) [ 12.899622] [ 12.899694] The buggy address belongs to the physical page: [ 12.900070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 12.900432] flags: 0x200000000000000(node=0|zone=2) [ 12.900660] page_type: f5(slab) [ 12.900824] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.901252] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.901734] page dumped because: kasan: bad access detected [ 12.902048] [ 12.902155] Memory state around the buggy address: [ 12.902350] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.902682] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.903069] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.903369] ^ [ 12.903611] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.903920] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.904250] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.848147] ================================================================== [ 12.848615] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.849127] Read of size 1 at addr ffff8881026260c0 by task kunit_try_catch/210 [ 12.850303] [ 12.850535] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.850626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.850638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.850660] Call Trace: [ 12.850674] <TASK> [ 12.850694] dump_stack_lvl+0x73/0xb0 [ 12.850733] print_report+0xd1/0x650 [ 12.850758] ? __virt_addr_valid+0x1db/0x2d0 [ 12.850783] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.850806] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.850829] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.850852] kasan_report+0x141/0x180 [ 12.850873] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.850899] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.850922] __kasan_check_byte+0x3d/0x50 [ 12.851019] kfree_sensitive+0x22/0x90 [ 12.851042] kmalloc_double_kzfree+0x19c/0x350 [ 12.851065] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.851089] ? __schedule+0x10cc/0x2b60 [ 12.851112] ? __pfx_read_tsc+0x10/0x10 [ 12.851134] ? ktime_get_ts64+0x86/0x230 [ 12.851160] kunit_try_run_case+0x1a5/0x480 [ 12.851187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.851209] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.851234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.851257] ? __kthread_parkme+0x82/0x180 [ 12.851279] ? preempt_count_sub+0x50/0x80 [ 12.851304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.851327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.851351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.851376] kthread+0x337/0x6f0 [ 12.851395] ? trace_preempt_on+0x20/0xc0 [ 12.851420] ? __pfx_kthread+0x10/0x10 [ 12.851439] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.851460] ? calculate_sigpending+0x7b/0xa0 [ 12.851485] ? __pfx_kthread+0x10/0x10 [ 12.851505] ret_from_fork+0x116/0x1d0 [ 12.851523] ? __pfx_kthread+0x10/0x10 [ 12.851542] ret_from_fork_asm+0x1a/0x30 [ 12.851575] </TASK> [ 12.851586] [ 12.863630] Allocated by task 210: [ 12.864104] kasan_save_stack+0x45/0x70 [ 12.864540] kasan_save_track+0x18/0x40 [ 12.864981] kasan_save_alloc_info+0x3b/0x50 [ 12.865375] __kasan_kmalloc+0xb7/0xc0 [ 12.865786] __kmalloc_cache_noprof+0x189/0x420 [ 12.866330] kmalloc_double_kzfree+0xa9/0x350 [ 12.866826] kunit_try_run_case+0x1a5/0x480 [ 12.867003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.867543] kthread+0x337/0x6f0 [ 12.867789] ret_from_fork+0x116/0x1d0 [ 12.867965] ret_from_fork_asm+0x1a/0x30 [ 12.868340] [ 12.868497] Freed by task 210: [ 12.868805] kasan_save_stack+0x45/0x70 [ 12.869031] kasan_save_track+0x18/0x40 [ 12.869413] kasan_save_free_info+0x3f/0x60 [ 12.869837] __kasan_slab_free+0x56/0x70 [ 12.870242] kfree+0x222/0x3f0 [ 12.870648] kfree_sensitive+0x67/0x90 [ 12.870832] kmalloc_double_kzfree+0x12b/0x350 [ 12.871149] kunit_try_run_case+0x1a5/0x480 [ 12.871571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.872198] kthread+0x337/0x6f0 [ 12.872531] ret_from_fork+0x116/0x1d0 [ 12.872773] ret_from_fork_asm+0x1a/0x30 [ 12.872914] [ 12.873126] The buggy address belongs to the object at ffff8881026260c0 [ 12.873126] which belongs to the cache kmalloc-16 of size 16 [ 12.874238] The buggy address is located 0 bytes inside of [ 12.874238] freed 16-byte region [ffff8881026260c0, ffff8881026260d0) [ 12.874761] [ 12.874928] The buggy address belongs to the physical page: [ 12.875472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 12.876307] flags: 0x200000000000000(node=0|zone=2) [ 12.876858] page_type: f5(slab) [ 12.877050] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.877741] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.878059] page dumped because: kasan: bad access detected [ 12.878549] [ 12.878771] Memory state around the buggy address: [ 12.879283] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.879521] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.879747] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.879981] ^ [ 12.880246] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.880619] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.880871] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.817802] ================================================================== [ 12.819177] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.819419] Read of size 1 at addr ffff888102b88528 by task kunit_try_catch/206 [ 12.819677] [ 12.819771] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.819819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.819830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.819851] Call Trace: [ 12.819863] <TASK> [ 12.819901] dump_stack_lvl+0x73/0xb0 [ 12.819935] print_report+0xd1/0x650 [ 12.819971] ? __virt_addr_valid+0x1db/0x2d0 [ 12.820103] ? kmalloc_uaf2+0x4a8/0x520 [ 12.820124] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.820147] ? kmalloc_uaf2+0x4a8/0x520 [ 12.820167] kasan_report+0x141/0x180 [ 12.820189] ? kmalloc_uaf2+0x4a8/0x520 [ 12.820214] __asan_report_load1_noabort+0x18/0x20 [ 12.820238] kmalloc_uaf2+0x4a8/0x520 [ 12.820257] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.820277] ? finish_task_switch.isra.0+0x153/0x700 [ 12.820301] ? __switch_to+0x47/0xf50 [ 12.820327] ? __schedule+0x10cc/0x2b60 [ 12.820349] ? __pfx_read_tsc+0x10/0x10 [ 12.820380] ? ktime_get_ts64+0x86/0x230 [ 12.820405] kunit_try_run_case+0x1a5/0x480 [ 12.820430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.820463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.820488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.820520] ? __kthread_parkme+0x82/0x180 [ 12.820541] ? preempt_count_sub+0x50/0x80 [ 12.820563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.820606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.820631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.820655] kthread+0x337/0x6f0 [ 12.820673] ? trace_preempt_on+0x20/0xc0 [ 12.820697] ? __pfx_kthread+0x10/0x10 [ 12.820717] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.820738] ? calculate_sigpending+0x7b/0xa0 [ 12.820763] ? __pfx_kthread+0x10/0x10 [ 12.820784] ret_from_fork+0x116/0x1d0 [ 12.820801] ? __pfx_kthread+0x10/0x10 [ 12.820821] ret_from_fork_asm+0x1a/0x30 [ 12.820853] </TASK> [ 12.820864] [ 12.829086] Allocated by task 206: [ 12.829377] kasan_save_stack+0x45/0x70 [ 12.829634] kasan_save_track+0x18/0x40 [ 12.829831] kasan_save_alloc_info+0x3b/0x50 [ 12.830023] __kasan_kmalloc+0xb7/0xc0 [ 12.830155] __kmalloc_cache_noprof+0x189/0x420 [ 12.830416] kmalloc_uaf2+0xc6/0x520 [ 12.830627] kunit_try_run_case+0x1a5/0x480 [ 12.830834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.831011] kthread+0x337/0x6f0 [ 12.831242] ret_from_fork+0x116/0x1d0 [ 12.831439] ret_from_fork_asm+0x1a/0x30 [ 12.831678] [ 12.831785] Freed by task 206: [ 12.831916] kasan_save_stack+0x45/0x70 [ 12.832121] kasan_save_track+0x18/0x40 [ 12.832269] kasan_save_free_info+0x3f/0x60 [ 12.832481] __kasan_slab_free+0x56/0x70 [ 12.832761] kfree+0x222/0x3f0 [ 12.833086] kmalloc_uaf2+0x14c/0x520 [ 12.833306] kunit_try_run_case+0x1a5/0x480 [ 12.833517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.833770] kthread+0x337/0x6f0 [ 12.833993] ret_from_fork+0x116/0x1d0 [ 12.834177] ret_from_fork_asm+0x1a/0x30 [ 12.834373] [ 12.834488] The buggy address belongs to the object at ffff888102b88500 [ 12.834488] which belongs to the cache kmalloc-64 of size 64 [ 12.834868] The buggy address is located 40 bytes inside of [ 12.834868] freed 64-byte region [ffff888102b88500, ffff888102b88540) [ 12.835216] [ 12.835323] The buggy address belongs to the physical page: [ 12.835873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b88 [ 12.836230] flags: 0x200000000000000(node=0|zone=2) [ 12.836622] page_type: f5(slab) [ 12.836794] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.837051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.837275] page dumped because: kasan: bad access detected [ 12.837467] [ 12.837786] Memory state around the buggy address: [ 12.838234] ffff888102b88400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.838643] ffff888102b88480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.838935] >ffff888102b88500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.839260] ^ [ 12.839501] ffff888102b88580: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.839810] ffff888102b88600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.840215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.778153] ================================================================== [ 12.779314] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.780013] Write of size 33 at addr ffff888102b88400 by task kunit_try_catch/204 [ 12.780762] [ 12.780927] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.780989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.781000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.781022] Call Trace: [ 12.781036] <TASK> [ 12.781081] dump_stack_lvl+0x73/0xb0 [ 12.781114] print_report+0xd1/0x650 [ 12.781148] ? __virt_addr_valid+0x1db/0x2d0 [ 12.781172] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.781192] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.781216] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.781237] kasan_report+0x141/0x180 [ 12.781258] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.781284] kasan_check_range+0x10c/0x1c0 [ 12.781307] __asan_memset+0x27/0x50 [ 12.781326] kmalloc_uaf_memset+0x1a3/0x360 [ 12.781347] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.781371] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.781397] kunit_try_run_case+0x1a5/0x480 [ 12.781421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.781443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.781467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.781492] ? __kthread_parkme+0x82/0x180 [ 12.781519] ? preempt_count_sub+0x50/0x80 [ 12.781545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.781569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.781592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.781626] kthread+0x337/0x6f0 [ 12.781644] ? trace_preempt_on+0x20/0xc0 [ 12.781668] ? __pfx_kthread+0x10/0x10 [ 12.781688] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.781713] ? calculate_sigpending+0x7b/0xa0 [ 12.781737] ? __pfx_kthread+0x10/0x10 [ 12.781758] ret_from_fork+0x116/0x1d0 [ 12.781778] ? __pfx_kthread+0x10/0x10 [ 12.781798] ret_from_fork_asm+0x1a/0x30 [ 12.781830] </TASK> [ 12.781841] [ 12.795000] Allocated by task 204: [ 12.795267] kasan_save_stack+0x45/0x70 [ 12.795427] kasan_save_track+0x18/0x40 [ 12.795667] kasan_save_alloc_info+0x3b/0x50 [ 12.796079] __kasan_kmalloc+0xb7/0xc0 [ 12.796491] __kmalloc_cache_noprof+0x189/0x420 [ 12.797045] kmalloc_uaf_memset+0xa9/0x360 [ 12.797503] kunit_try_run_case+0x1a5/0x480 [ 12.798068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.798575] kthread+0x337/0x6f0 [ 12.798739] ret_from_fork+0x116/0x1d0 [ 12.798940] ret_from_fork_asm+0x1a/0x30 [ 12.799331] [ 12.799518] Freed by task 204: [ 12.799829] kasan_save_stack+0x45/0x70 [ 12.800265] kasan_save_track+0x18/0x40 [ 12.800677] kasan_save_free_info+0x3f/0x60 [ 12.800955] __kasan_slab_free+0x56/0x70 [ 12.801325] kfree+0x222/0x3f0 [ 12.801442] kmalloc_uaf_memset+0x12b/0x360 [ 12.801855] kunit_try_run_case+0x1a5/0x480 [ 12.802300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.802901] kthread+0x337/0x6f0 [ 12.803268] ret_from_fork+0x116/0x1d0 [ 12.803415] ret_from_fork_asm+0x1a/0x30 [ 12.803819] [ 12.804007] The buggy address belongs to the object at ffff888102b88400 [ 12.804007] which belongs to the cache kmalloc-64 of size 64 [ 12.804993] The buggy address is located 0 bytes inside of [ 12.804993] freed 64-byte region [ffff888102b88400, ffff888102b88440) [ 12.806019] [ 12.806186] The buggy address belongs to the physical page: [ 12.806724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b88 [ 12.807333] flags: 0x200000000000000(node=0|zone=2) [ 12.807890] page_type: f5(slab) [ 12.808102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.808817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.809455] page dumped because: kasan: bad access detected [ 12.810082] [ 12.810206] Memory state around the buggy address: [ 12.810584] ffff888102b88300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.811027] ffff888102b88380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.811243] >ffff888102b88400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.811454] ^ [ 12.811657] ffff888102b88480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.812310] ffff888102b88500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.813089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.740936] ================================================================== [ 12.741695] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.742393] Read of size 1 at addr ffff8881026260a8 by task kunit_try_catch/202 [ 12.743266] [ 12.743573] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.743637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.743649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.743672] Call Trace: [ 12.743686] <TASK> [ 12.743706] dump_stack_lvl+0x73/0xb0 [ 12.743741] print_report+0xd1/0x650 [ 12.743765] ? __virt_addr_valid+0x1db/0x2d0 [ 12.743790] ? kmalloc_uaf+0x320/0x380 [ 12.743810] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.743833] ? kmalloc_uaf+0x320/0x380 [ 12.743853] kasan_report+0x141/0x180 [ 12.743874] ? kmalloc_uaf+0x320/0x380 [ 12.743899] __asan_report_load1_noabort+0x18/0x20 [ 12.743923] kmalloc_uaf+0x320/0x380 [ 12.743942] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.743963] ? __schedule+0x10cc/0x2b60 [ 12.743985] ? __pfx_read_tsc+0x10/0x10 [ 12.744006] ? ktime_get_ts64+0x86/0x230 [ 12.744033] kunit_try_run_case+0x1a5/0x480 [ 12.744058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.744105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.744128] ? __kthread_parkme+0x82/0x180 [ 12.744150] ? preempt_count_sub+0x50/0x80 [ 12.744175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.744234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.744270] kthread+0x337/0x6f0 [ 12.744289] ? trace_preempt_on+0x20/0xc0 [ 12.744313] ? __pfx_kthread+0x10/0x10 [ 12.744332] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.744353] ? calculate_sigpending+0x7b/0xa0 [ 12.744377] ? __pfx_kthread+0x10/0x10 [ 12.744398] ret_from_fork+0x116/0x1d0 [ 12.744416] ? __pfx_kthread+0x10/0x10 [ 12.744435] ret_from_fork_asm+0x1a/0x30 [ 12.744468] </TASK> [ 12.744479] [ 12.756790] Allocated by task 202: [ 12.756982] kasan_save_stack+0x45/0x70 [ 12.757380] kasan_save_track+0x18/0x40 [ 12.757793] kasan_save_alloc_info+0x3b/0x50 [ 12.758252] __kasan_kmalloc+0xb7/0xc0 [ 12.758678] __kmalloc_cache_noprof+0x189/0x420 [ 12.759159] kmalloc_uaf+0xaa/0x380 [ 12.759351] kunit_try_run_case+0x1a5/0x480 [ 12.759811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.760199] kthread+0x337/0x6f0 [ 12.760326] ret_from_fork+0x116/0x1d0 [ 12.760457] ret_from_fork_asm+0x1a/0x30 [ 12.760723] [ 12.760894] Freed by task 202: [ 12.761220] kasan_save_stack+0x45/0x70 [ 12.761840] kasan_save_track+0x18/0x40 [ 12.762283] kasan_save_free_info+0x3f/0x60 [ 12.762789] __kasan_slab_free+0x56/0x70 [ 12.763347] kfree+0x222/0x3f0 [ 12.763551] kmalloc_uaf+0x12c/0x380 [ 12.763849] kunit_try_run_case+0x1a5/0x480 [ 12.764293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764737] kthread+0x337/0x6f0 [ 12.764858] ret_from_fork+0x116/0x1d0 [ 12.765149] ret_from_fork_asm+0x1a/0x30 [ 12.765537] [ 12.765736] The buggy address belongs to the object at ffff8881026260a0 [ 12.765736] which belongs to the cache kmalloc-16 of size 16 [ 12.766988] The buggy address is located 8 bytes inside of [ 12.766988] freed 16-byte region [ffff8881026260a0, ffff8881026260b0) [ 12.767514] [ 12.767594] The buggy address belongs to the physical page: [ 12.767778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 12.768275] flags: 0x200000000000000(node=0|zone=2) [ 12.768795] page_type: f5(slab) [ 12.769156] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.769980] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.770775] page dumped because: kasan: bad access detected [ 12.771472] [ 12.771668] Memory state around the buggy address: [ 12.771829] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.772378] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.773156] >ffff888102626080: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.773679] ^ [ 12.773834] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.774097] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.774801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.701864] ================================================================== [ 12.702366] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.702727] Read of size 64 at addr ffff888102b88184 by task kunit_try_catch/200 [ 12.703038] [ 12.703155] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.703203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.703214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.703235] Call Trace: [ 12.703249] <TASK> [ 12.703266] dump_stack_lvl+0x73/0xb0 [ 12.703299] print_report+0xd1/0x650 [ 12.703322] ? __virt_addr_valid+0x1db/0x2d0 [ 12.703347] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.703372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.703395] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.703419] kasan_report+0x141/0x180 [ 12.703441] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.703470] kasan_check_range+0x10c/0x1c0 [ 12.703493] __asan_memmove+0x27/0x70 [ 12.703512] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.703537] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.703563] ? __schedule+0x10cc/0x2b60 [ 12.703585] ? __pfx_read_tsc+0x10/0x10 [ 12.704160] ? ktime_get_ts64+0x86/0x230 [ 12.704194] kunit_try_run_case+0x1a5/0x480 [ 12.704221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.704244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.704268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.704292] ? __kthread_parkme+0x82/0x180 [ 12.704314] ? preempt_count_sub+0x50/0x80 [ 12.704338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.704362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.704386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.704411] kthread+0x337/0x6f0 [ 12.704429] ? trace_preempt_on+0x20/0xc0 [ 12.704453] ? __pfx_kthread+0x10/0x10 [ 12.704474] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.704515] ? calculate_sigpending+0x7b/0xa0 [ 12.704540] ? __pfx_kthread+0x10/0x10 [ 12.704561] ret_from_fork+0x116/0x1d0 [ 12.704579] ? __pfx_kthread+0x10/0x10 [ 12.704610] ret_from_fork_asm+0x1a/0x30 [ 12.704643] </TASK> [ 12.704654] [ 12.717153] Allocated by task 200: [ 12.717478] kasan_save_stack+0x45/0x70 [ 12.717880] kasan_save_track+0x18/0x40 [ 12.718330] kasan_save_alloc_info+0x3b/0x50 [ 12.718501] __kasan_kmalloc+0xb7/0xc0 [ 12.718677] __kmalloc_cache_noprof+0x189/0x420 [ 12.719138] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.719567] kunit_try_run_case+0x1a5/0x480 [ 12.720192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.720736] kthread+0x337/0x6f0 [ 12.720942] ret_from_fork+0x116/0x1d0 [ 12.721742] ret_from_fork_asm+0x1a/0x30 [ 12.722178] [ 12.722658] The buggy address belongs to the object at ffff888102b88180 [ 12.722658] which belongs to the cache kmalloc-64 of size 64 [ 12.723950] The buggy address is located 4 bytes inside of [ 12.723950] allocated 64-byte region [ffff888102b88180, ffff888102b881c0) [ 12.725368] [ 12.725545] The buggy address belongs to the physical page: [ 12.726575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b88 [ 12.727511] flags: 0x200000000000000(node=0|zone=2) [ 12.727959] page_type: f5(slab) [ 12.728546] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.728804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.729671] page dumped because: kasan: bad access detected [ 12.730937] [ 12.731098] Memory state around the buggy address: [ 12.731528] ffff888102b88080: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.732798] ffff888102b88100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.733223] >ffff888102b88180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.733435] ^ [ 12.734621] ffff888102b88200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.735290] ffff888102b88280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.736276] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.677739] ================================================================== [ 12.678247] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.678596] Read of size 18446744073709551614 at addr ffff88810266af84 by task kunit_try_catch/198 [ 12.678992] [ 12.679105] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.679150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.679163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.679184] Call Trace: [ 12.679196] <TASK> [ 12.679215] dump_stack_lvl+0x73/0xb0 [ 12.679246] print_report+0xd1/0x650 [ 12.679269] ? __virt_addr_valid+0x1db/0x2d0 [ 12.679292] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.679317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.679340] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.679382] kasan_report+0x141/0x180 [ 12.679404] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.679434] kasan_check_range+0x10c/0x1c0 [ 12.679458] __asan_memmove+0x27/0x70 [ 12.679477] kmalloc_memmove_negative_size+0x171/0x330 [ 12.679503] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.679529] ? __schedule+0x10cc/0x2b60 [ 12.679551] ? __pfx_read_tsc+0x10/0x10 [ 12.679573] ? ktime_get_ts64+0x86/0x230 [ 12.679610] kunit_try_run_case+0x1a5/0x480 [ 12.679635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.679657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.679681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.679880] ? __kthread_parkme+0x82/0x180 [ 12.679907] ? preempt_count_sub+0x50/0x80 [ 12.679984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.680010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.680035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.680059] kthread+0x337/0x6f0 [ 12.680080] ? trace_preempt_on+0x20/0xc0 [ 12.680104] ? __pfx_kthread+0x10/0x10 [ 12.680124] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.680145] ? calculate_sigpending+0x7b/0xa0 [ 12.680170] ? __pfx_kthread+0x10/0x10 [ 12.680191] ret_from_fork+0x116/0x1d0 [ 12.680210] ? __pfx_kthread+0x10/0x10 [ 12.680229] ret_from_fork_asm+0x1a/0x30 [ 12.680261] </TASK> [ 12.680272] [ 12.687992] Allocated by task 198: [ 12.688222] kasan_save_stack+0x45/0x70 [ 12.688773] kasan_save_track+0x18/0x40 [ 12.689068] kasan_save_alloc_info+0x3b/0x50 [ 12.689258] __kasan_kmalloc+0xb7/0xc0 [ 12.689423] __kmalloc_cache_noprof+0x189/0x420 [ 12.689689] kmalloc_memmove_negative_size+0xac/0x330 [ 12.689861] kunit_try_run_case+0x1a5/0x480 [ 12.690299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.690566] kthread+0x337/0x6f0 [ 12.690731] ret_from_fork+0x116/0x1d0 [ 12.690895] ret_from_fork_asm+0x1a/0x30 [ 12.691087] [ 12.691165] The buggy address belongs to the object at ffff88810266af80 [ 12.691165] which belongs to the cache kmalloc-64 of size 64 [ 12.691700] The buggy address is located 4 bytes inside of [ 12.691700] 64-byte region [ffff88810266af80, ffff88810266afc0) [ 12.692027] [ 12.692099] The buggy address belongs to the physical page: [ 12.692330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10266a [ 12.692693] flags: 0x200000000000000(node=0|zone=2) [ 12.693036] page_type: f5(slab) [ 12.693162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.693389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.693663] page dumped because: kasan: bad access detected [ 12.694075] [ 12.694169] Memory state around the buggy address: [ 12.694394] ffff88810266ae80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.695282] ffff88810266af00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.695647] >ffff88810266af80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.695882] ^ [ 12.696069] ffff88810266b000: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.696396] ffff88810266b080: 00 00 00 03 fc fc fc fc fa fb fb fb fc fc fc fc [ 12.696733] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.641749] ================================================================== [ 12.642433] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.642690] Write of size 16 at addr ffff888102b79e69 by task kunit_try_catch/196 [ 12.642915] [ 12.643002] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.643046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.643057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.643077] Call Trace: [ 12.643089] <TASK> [ 12.643105] dump_stack_lvl+0x73/0xb0 [ 12.643134] print_report+0xd1/0x650 [ 12.643155] ? __virt_addr_valid+0x1db/0x2d0 [ 12.643177] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.643197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.643219] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.643240] kasan_report+0x141/0x180 [ 12.643260] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.643286] kasan_check_range+0x10c/0x1c0 [ 12.643308] __asan_memset+0x27/0x50 [ 12.643326] kmalloc_oob_memset_16+0x166/0x330 [ 12.643347] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.643369] ? __schedule+0x10cc/0x2b60 [ 12.643391] ? __pfx_read_tsc+0x10/0x10 [ 12.643412] ? ktime_get_ts64+0x86/0x230 [ 12.643437] kunit_try_run_case+0x1a5/0x480 [ 12.643460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.643481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.643504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.643525] ? __kthread_parkme+0x82/0x180 [ 12.643545] ? preempt_count_sub+0x50/0x80 [ 12.643568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.643591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.643971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.643997] kthread+0x337/0x6f0 [ 12.644017] ? trace_preempt_on+0x20/0xc0 [ 12.644042] ? __pfx_kthread+0x10/0x10 [ 12.644062] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.644272] ? calculate_sigpending+0x7b/0xa0 [ 12.644298] ? __pfx_kthread+0x10/0x10 [ 12.644320] ret_from_fork+0x116/0x1d0 [ 12.644341] ? __pfx_kthread+0x10/0x10 [ 12.644361] ret_from_fork_asm+0x1a/0x30 [ 12.644393] </TASK> [ 12.644404] [ 12.661375] Allocated by task 196: [ 12.661624] kasan_save_stack+0x45/0x70 [ 12.661799] kasan_save_track+0x18/0x40 [ 12.661948] kasan_save_alloc_info+0x3b/0x50 [ 12.662364] __kasan_kmalloc+0xb7/0xc0 [ 12.662793] __kmalloc_cache_noprof+0x189/0x420 [ 12.663309] kmalloc_oob_memset_16+0xac/0x330 [ 12.663668] kunit_try_run_case+0x1a5/0x480 [ 12.663816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.664100] kthread+0x337/0x6f0 [ 12.664397] ret_from_fork+0x116/0x1d0 [ 12.664776] ret_from_fork_asm+0x1a/0x30 [ 12.665205] [ 12.665369] The buggy address belongs to the object at ffff888102b79e00 [ 12.665369] which belongs to the cache kmalloc-128 of size 128 [ 12.666435] The buggy address is located 105 bytes inside of [ 12.666435] allocated 120-byte region [ffff888102b79e00, ffff888102b79e78) [ 12.667378] [ 12.667576] The buggy address belongs to the physical page: [ 12.668122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b79 [ 12.668771] flags: 0x200000000000000(node=0|zone=2) [ 12.669119] page_type: f5(slab) [ 12.669246] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.669472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.670122] page dumped because: kasan: bad access detected [ 12.670655] [ 12.670809] Memory state around the buggy address: [ 12.671246] ffff888102b79d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.672029] ffff888102b79d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.672704] >ffff888102b79e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.672925] ^ [ 12.673135] ffff888102b79e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673346] ffff888102b79f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.617342] ================================================================== [ 12.617974] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.618495] Write of size 8 at addr ffff888102662e71 by task kunit_try_catch/194 [ 12.618806] [ 12.618968] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.619018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.619029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.619049] Call Trace: [ 12.619063] <TASK> [ 12.619081] dump_stack_lvl+0x73/0xb0 [ 12.619114] print_report+0xd1/0x650 [ 12.619137] ? __virt_addr_valid+0x1db/0x2d0 [ 12.619161] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.619182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.619206] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.619228] kasan_report+0x141/0x180 [ 12.619250] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.619277] kasan_check_range+0x10c/0x1c0 [ 12.619300] __asan_memset+0x27/0x50 [ 12.619319] kmalloc_oob_memset_8+0x166/0x330 [ 12.619342] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.619365] ? __schedule+0x10cc/0x2b60 [ 12.619387] ? __pfx_read_tsc+0x10/0x10 [ 12.619408] ? ktime_get_ts64+0x86/0x230 [ 12.619433] kunit_try_run_case+0x1a5/0x480 [ 12.619458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.619481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.619505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.619528] ? __kthread_parkme+0x82/0x180 [ 12.619549] ? preempt_count_sub+0x50/0x80 [ 12.619573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.619608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.619633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.619658] kthread+0x337/0x6f0 [ 12.619677] ? trace_preempt_on+0x20/0xc0 [ 12.619701] ? __pfx_kthread+0x10/0x10 [ 12.619721] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.619742] ? calculate_sigpending+0x7b/0xa0 [ 12.619766] ? __pfx_kthread+0x10/0x10 [ 12.619787] ret_from_fork+0x116/0x1d0 [ 12.619805] ? __pfx_kthread+0x10/0x10 [ 12.619825] ret_from_fork_asm+0x1a/0x30 [ 12.619856] </TASK> [ 12.619867] [ 12.627380] Allocated by task 194: [ 12.627617] kasan_save_stack+0x45/0x70 [ 12.627774] kasan_save_track+0x18/0x40 [ 12.628059] kasan_save_alloc_info+0x3b/0x50 [ 12.628237] __kasan_kmalloc+0xb7/0xc0 [ 12.628418] __kmalloc_cache_noprof+0x189/0x420 [ 12.628575] kmalloc_oob_memset_8+0xac/0x330 [ 12.628742] kunit_try_run_case+0x1a5/0x480 [ 12.628948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.629213] kthread+0x337/0x6f0 [ 12.629384] ret_from_fork+0x116/0x1d0 [ 12.629681] ret_from_fork_asm+0x1a/0x30 [ 12.629869] [ 12.629993] The buggy address belongs to the object at ffff888102662e00 [ 12.629993] which belongs to the cache kmalloc-128 of size 128 [ 12.630471] The buggy address is located 113 bytes inside of [ 12.630471] allocated 120-byte region [ffff888102662e00, ffff888102662e78) [ 12.631059] [ 12.631155] The buggy address belongs to the physical page: [ 12.631346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.631584] flags: 0x200000000000000(node=0|zone=2) [ 12.631758] page_type: f5(slab) [ 12.631879] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.632376] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.632882] page dumped because: kasan: bad access detected [ 12.633338] [ 12.633438] Memory state around the buggy address: [ 12.634113] ffff888102662d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.634624] ffff888102662d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.635583] >ffff888102662e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.635821] ^ [ 12.636569] ffff888102662e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.637618] ffff888102662f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.638358] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.591111] ================================================================== [ 12.591546] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.591842] Write of size 4 at addr ffff888102b79d75 by task kunit_try_catch/192 [ 12.592218] [ 12.592339] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.592383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.592394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.592414] Call Trace: [ 12.592426] <TASK> [ 12.592444] dump_stack_lvl+0x73/0xb0 [ 12.592475] print_report+0xd1/0x650 [ 12.592499] ? __virt_addr_valid+0x1db/0x2d0 [ 12.592523] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.592545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.592583] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.592616] kasan_report+0x141/0x180 [ 12.592638] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.592665] kasan_check_range+0x10c/0x1c0 [ 12.592689] __asan_memset+0x27/0x50 [ 12.592708] kmalloc_oob_memset_4+0x166/0x330 [ 12.592730] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.592753] ? ret_from_fork_asm+0x1a/0x30 [ 12.592777] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.592803] kunit_try_run_case+0x1a5/0x480 [ 12.592829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.592851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.592875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.592899] ? __kthread_parkme+0x82/0x180 [ 12.592920] ? preempt_count_sub+0x50/0x80 [ 12.593004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.593030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.593054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.593079] kthread+0x337/0x6f0 [ 12.593097] ? trace_preempt_on+0x20/0xc0 [ 12.593121] ? __pfx_kthread+0x10/0x10 [ 12.593142] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.593163] ? calculate_sigpending+0x7b/0xa0 [ 12.593187] ? __pfx_kthread+0x10/0x10 [ 12.593208] ret_from_fork+0x116/0x1d0 [ 12.593228] ? __pfx_kthread+0x10/0x10 [ 12.593248] ret_from_fork_asm+0x1a/0x30 [ 12.593279] </TASK> [ 12.593291] [ 12.601160] Allocated by task 192: [ 12.601345] kasan_save_stack+0x45/0x70 [ 12.601557] kasan_save_track+0x18/0x40 [ 12.601708] kasan_save_alloc_info+0x3b/0x50 [ 12.601858] __kasan_kmalloc+0xb7/0xc0 [ 12.602029] __kmalloc_cache_noprof+0x189/0x420 [ 12.602255] kmalloc_oob_memset_4+0xac/0x330 [ 12.602466] kunit_try_run_case+0x1a5/0x480 [ 12.602670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.603126] kthread+0x337/0x6f0 [ 12.603272] ret_from_fork+0x116/0x1d0 [ 12.603449] ret_from_fork_asm+0x1a/0x30 [ 12.603654] [ 12.603725] The buggy address belongs to the object at ffff888102b79d00 [ 12.603725] which belongs to the cache kmalloc-128 of size 128 [ 12.604371] The buggy address is located 117 bytes inside of [ 12.604371] allocated 120-byte region [ffff888102b79d00, ffff888102b79d78) [ 12.604878] [ 12.604966] The buggy address belongs to the physical page: [ 12.605273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b79 [ 12.605656] flags: 0x200000000000000(node=0|zone=2) [ 12.605825] page_type: f5(slab) [ 12.605946] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.606223] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.606551] page dumped because: kasan: bad access detected [ 12.606814] [ 12.607020] Memory state around the buggy address: [ 12.607241] ffff888102b79c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.607515] ffff888102b79c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.607812] >ffff888102b79d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.608085] ^ [ 12.608430] ffff888102b79d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.608805] ffff888102b79e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.609016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.568662] ================================================================== [ 12.569285] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.569585] Write of size 2 at addr ffff888102662d77 by task kunit_try_catch/190 [ 12.570219] [ 12.570316] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.570359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.570371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.570391] Call Trace: [ 12.570402] <TASK> [ 12.570418] dump_stack_lvl+0x73/0xb0 [ 12.570450] print_report+0xd1/0x650 [ 12.570473] ? __virt_addr_valid+0x1db/0x2d0 [ 12.570498] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.570519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.570556] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.570579] kasan_report+0x141/0x180 [ 12.570612] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.570639] kasan_check_range+0x10c/0x1c0 [ 12.570662] __asan_memset+0x27/0x50 [ 12.570681] kmalloc_oob_memset_2+0x166/0x330 [ 12.570702] ? __kasan_check_write+0x18/0x20 [ 12.570722] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.570744] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.570770] ? trace_hardirqs_on+0x37/0xe0 [ 12.570795] ? __pfx_read_tsc+0x10/0x10 [ 12.570816] ? ktime_get_ts64+0x86/0x230 [ 12.570841] kunit_try_run_case+0x1a5/0x480 [ 12.570866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.570891] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.570915] ? __kthread_parkme+0x82/0x180 [ 12.570935] ? preempt_count_sub+0x50/0x80 [ 12.570960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.570984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.571008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.571032] kthread+0x337/0x6f0 [ 12.571100] ? trace_preempt_on+0x20/0xc0 [ 12.571123] ? __pfx_kthread+0x10/0x10 [ 12.571143] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.571164] ? calculate_sigpending+0x7b/0xa0 [ 12.571188] ? __pfx_kthread+0x10/0x10 [ 12.571209] ret_from_fork+0x116/0x1d0 [ 12.571226] ? __pfx_kthread+0x10/0x10 [ 12.571247] ret_from_fork_asm+0x1a/0x30 [ 12.571278] </TASK> [ 12.571288] [ 12.578909] Allocated by task 190: [ 12.579103] kasan_save_stack+0x45/0x70 [ 12.579312] kasan_save_track+0x18/0x40 [ 12.579522] kasan_save_alloc_info+0x3b/0x50 [ 12.579913] __kasan_kmalloc+0xb7/0xc0 [ 12.580160] __kmalloc_cache_noprof+0x189/0x420 [ 12.580356] kmalloc_oob_memset_2+0xac/0x330 [ 12.580518] kunit_try_run_case+0x1a5/0x480 [ 12.580747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.581045] kthread+0x337/0x6f0 [ 12.581208] ret_from_fork+0x116/0x1d0 [ 12.581383] ret_from_fork_asm+0x1a/0x30 [ 12.581524] [ 12.581593] The buggy address belongs to the object at ffff888102662d00 [ 12.581593] which belongs to the cache kmalloc-128 of size 128 [ 12.582009] The buggy address is located 119 bytes inside of [ 12.582009] allocated 120-byte region [ffff888102662d00, ffff888102662d78) [ 12.582567] [ 12.582676] The buggy address belongs to the physical page: [ 12.582926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.583282] flags: 0x200000000000000(node=0|zone=2) [ 12.583478] page_type: f5(slab) [ 12.583674] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.584072] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.584298] page dumped because: kasan: bad access detected [ 12.584466] [ 12.584533] Memory state around the buggy address: [ 12.584760] ffff888102662c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.585079] ffff888102662c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.585399] >ffff888102662d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.586164] ^ [ 12.586458] ffff888102662d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.586686] ffff888102662e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.587107] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.538225] ================================================================== [ 12.538742] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.539310] Write of size 128 at addr ffff888102b79c00 by task kunit_try_catch/188 [ 12.539764] [ 12.539858] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.539902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.539913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.539933] Call Trace: [ 12.539946] <TASK> [ 12.539972] dump_stack_lvl+0x73/0xb0 [ 12.540003] print_report+0xd1/0x650 [ 12.540025] ? __virt_addr_valid+0x1db/0x2d0 [ 12.540059] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.540119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.540143] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.540166] kasan_report+0x141/0x180 [ 12.540273] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.540301] kasan_check_range+0x10c/0x1c0 [ 12.540325] __asan_memset+0x27/0x50 [ 12.540344] kmalloc_oob_in_memset+0x15f/0x320 [ 12.540367] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.540392] ? __schedule+0x10cc/0x2b60 [ 12.540414] ? __pfx_read_tsc+0x10/0x10 [ 12.540436] ? ktime_get_ts64+0x86/0x230 [ 12.540461] kunit_try_run_case+0x1a5/0x480 [ 12.540486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.540508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.540532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.540556] ? __kthread_parkme+0x82/0x180 [ 12.540576] ? preempt_count_sub+0x50/0x80 [ 12.540611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.540635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.540660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.540685] kthread+0x337/0x6f0 [ 12.540703] ? trace_preempt_on+0x20/0xc0 [ 12.540727] ? __pfx_kthread+0x10/0x10 [ 12.540747] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.540768] ? calculate_sigpending+0x7b/0xa0 [ 12.540792] ? __pfx_kthread+0x10/0x10 [ 12.540813] ret_from_fork+0x116/0x1d0 [ 12.540831] ? __pfx_kthread+0x10/0x10 [ 12.540851] ret_from_fork_asm+0x1a/0x30 [ 12.540882] </TASK> [ 12.540892] [ 12.550884] Allocated by task 188: [ 12.551285] kasan_save_stack+0x45/0x70 [ 12.551733] kasan_save_track+0x18/0x40 [ 12.552164] kasan_save_alloc_info+0x3b/0x50 [ 12.552451] __kasan_kmalloc+0xb7/0xc0 [ 12.552824] __kmalloc_cache_noprof+0x189/0x420 [ 12.553312] kmalloc_oob_in_memset+0xac/0x320 [ 12.553683] kunit_try_run_case+0x1a5/0x480 [ 12.554116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.554366] kthread+0x337/0x6f0 [ 12.554785] ret_from_fork+0x116/0x1d0 [ 12.555262] ret_from_fork_asm+0x1a/0x30 [ 12.555463] [ 12.555627] The buggy address belongs to the object at ffff888102b79c00 [ 12.555627] which belongs to the cache kmalloc-128 of size 128 [ 12.556648] The buggy address is located 0 bytes inside of [ 12.556648] allocated 120-byte region [ffff888102b79c00, ffff888102b79c78) [ 12.557742] [ 12.557898] The buggy address belongs to the physical page: [ 12.558388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b79 [ 12.558904] flags: 0x200000000000000(node=0|zone=2) [ 12.559362] page_type: f5(slab) [ 12.559907] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.560377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.560890] page dumped because: kasan: bad access detected [ 12.561416] [ 12.561706] Memory state around the buggy address: [ 12.561929] ffff888102b79b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.562212] ffff888102b79b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.562490] >ffff888102b79c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.562779] ^ [ 12.563057] ffff888102b79c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.563341] ffff888102b79d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.564245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.512336] ================================================================== [ 12.512883] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.513324] Read of size 16 at addr ffff88810233af60 by task kunit_try_catch/186 [ 12.513648] [ 12.513797] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.513842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.513853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.513875] Call Trace: [ 12.513888] <TASK> [ 12.513917] dump_stack_lvl+0x73/0xb0 [ 12.513950] print_report+0xd1/0x650 [ 12.513985] ? __virt_addr_valid+0x1db/0x2d0 [ 12.514073] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.514105] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.514128] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.514149] kasan_report+0x141/0x180 [ 12.514182] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.514207] __asan_report_load16_noabort+0x18/0x20 [ 12.514232] kmalloc_uaf_16+0x47b/0x4c0 [ 12.514253] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.514274] ? __schedule+0x10cc/0x2b60 [ 12.514297] ? __pfx_read_tsc+0x10/0x10 [ 12.514319] ? ktime_get_ts64+0x86/0x230 [ 12.514346] kunit_try_run_case+0x1a5/0x480 [ 12.514372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.514394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.514419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.514442] ? __kthread_parkme+0x82/0x180 [ 12.514463] ? preempt_count_sub+0x50/0x80 [ 12.514489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.514513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.514544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.514568] kthread+0x337/0x6f0 [ 12.514587] ? trace_preempt_on+0x20/0xc0 [ 12.514628] ? __pfx_kthread+0x10/0x10 [ 12.514648] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.514669] ? calculate_sigpending+0x7b/0xa0 [ 12.514693] ? __pfx_kthread+0x10/0x10 [ 12.514714] ret_from_fork+0x116/0x1d0 [ 12.514732] ? __pfx_kthread+0x10/0x10 [ 12.514751] ret_from_fork_asm+0x1a/0x30 [ 12.514783] </TASK> [ 12.514794] [ 12.522347] Allocated by task 186: [ 12.522476] kasan_save_stack+0x45/0x70 [ 12.522795] kasan_save_track+0x18/0x40 [ 12.523199] kasan_save_alloc_info+0x3b/0x50 [ 12.523469] __kasan_kmalloc+0xb7/0xc0 [ 12.523707] __kmalloc_cache_noprof+0x189/0x420 [ 12.523917] kmalloc_uaf_16+0x15b/0x4c0 [ 12.524197] kunit_try_run_case+0x1a5/0x480 [ 12.524348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.524767] kthread+0x337/0x6f0 [ 12.525018] ret_from_fork+0x116/0x1d0 [ 12.525180] ret_from_fork_asm+0x1a/0x30 [ 12.525350] [ 12.525469] Freed by task 186: [ 12.525636] kasan_save_stack+0x45/0x70 [ 12.525856] kasan_save_track+0x18/0x40 [ 12.526098] kasan_save_free_info+0x3f/0x60 [ 12.526249] __kasan_slab_free+0x56/0x70 [ 12.526384] kfree+0x222/0x3f0 [ 12.526502] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.526724] kunit_try_run_case+0x1a5/0x480 [ 12.526932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.527184] kthread+0x337/0x6f0 [ 12.527675] ret_from_fork+0x116/0x1d0 [ 12.527884] ret_from_fork_asm+0x1a/0x30 [ 12.528204] [ 12.528279] The buggy address belongs to the object at ffff88810233af60 [ 12.528279] which belongs to the cache kmalloc-16 of size 16 [ 12.529016] The buggy address is located 0 bytes inside of [ 12.529016] freed 16-byte region [ffff88810233af60, ffff88810233af70) [ 12.529629] [ 12.529712] The buggy address belongs to the physical page: [ 12.529886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10233a [ 12.530484] flags: 0x200000000000000(node=0|zone=2) [ 12.530745] page_type: f5(slab) [ 12.530907] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.531380] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.531690] page dumped because: kasan: bad access detected [ 12.531911] [ 12.532062] Memory state around the buggy address: [ 12.532287] ffff88810233ae00: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.532675] ffff88810233ae80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.532969] >ffff88810233af00: 00 05 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.533249] ^ [ 12.533580] ffff88810233af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.533889] ffff88810233b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.534300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.487747] ================================================================== [ 12.488226] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.488641] Write of size 16 at addr ffff888102626060 by task kunit_try_catch/184 [ 12.488911] [ 12.489121] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.489170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.489182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.489202] Call Trace: [ 12.489214] <TASK> [ 12.489232] dump_stack_lvl+0x73/0xb0 [ 12.489263] print_report+0xd1/0x650 [ 12.489286] ? __virt_addr_valid+0x1db/0x2d0 [ 12.489310] ? kmalloc_oob_16+0x452/0x4a0 [ 12.489330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.489366] ? kmalloc_oob_16+0x452/0x4a0 [ 12.489386] kasan_report+0x141/0x180 [ 12.489408] ? kmalloc_oob_16+0x452/0x4a0 [ 12.489445] __asan_report_store16_noabort+0x1b/0x30 [ 12.489471] kmalloc_oob_16+0x452/0x4a0 [ 12.489491] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.489513] ? __schedule+0x10cc/0x2b60 [ 12.489535] ? __pfx_read_tsc+0x10/0x10 [ 12.489556] ? ktime_get_ts64+0x86/0x230 [ 12.489582] kunit_try_run_case+0x1a5/0x480 [ 12.489623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.489646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.489680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.489707] ? __kthread_parkme+0x82/0x180 [ 12.489728] ? preempt_count_sub+0x50/0x80 [ 12.489752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.489776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.489800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.489834] kthread+0x337/0x6f0 [ 12.489852] ? trace_preempt_on+0x20/0xc0 [ 12.489877] ? __pfx_kthread+0x10/0x10 [ 12.489907] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.489971] ? calculate_sigpending+0x7b/0xa0 [ 12.489998] ? __pfx_kthread+0x10/0x10 [ 12.490019] ret_from_fork+0x116/0x1d0 [ 12.490038] ? __pfx_kthread+0x10/0x10 [ 12.490058] ret_from_fork_asm+0x1a/0x30 [ 12.490090] </TASK> [ 12.490100] [ 12.498038] Allocated by task 184: [ 12.498219] kasan_save_stack+0x45/0x70 [ 12.498644] kasan_save_track+0x18/0x40 [ 12.498847] kasan_save_alloc_info+0x3b/0x50 [ 12.499105] __kasan_kmalloc+0xb7/0xc0 [ 12.499244] __kmalloc_cache_noprof+0x189/0x420 [ 12.499453] kmalloc_oob_16+0xa8/0x4a0 [ 12.499667] kunit_try_run_case+0x1a5/0x480 [ 12.499930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.500165] kthread+0x337/0x6f0 [ 12.500284] ret_from_fork+0x116/0x1d0 [ 12.500474] ret_from_fork_asm+0x1a/0x30 [ 12.500729] [ 12.500855] The buggy address belongs to the object at ffff888102626060 [ 12.500855] which belongs to the cache kmalloc-16 of size 16 [ 12.501391] The buggy address is located 0 bytes inside of [ 12.501391] allocated 13-byte region [ffff888102626060, ffff88810262606d) [ 12.502135] [ 12.502249] The buggy address belongs to the physical page: [ 12.502485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 12.502854] flags: 0x200000000000000(node=0|zone=2) [ 12.503076] page_type: f5(slab) [ 12.503198] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.503425] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.503718] page dumped because: kasan: bad access detected [ 12.504140] [ 12.504384] Memory state around the buggy address: [ 12.504698] ffff888102625f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.505014] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.505249] >ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.505459] ^ [ 12.505872] ffff888102626080: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.506372] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.506755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.426208] ================================================================== [ 12.426847] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.427554] Read of size 1 at addr ffff888100aab200 by task kunit_try_catch/182 [ 12.428324] [ 12.428455] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.428506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.428571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.428594] Call Trace: [ 12.428615] <TASK> [ 12.428632] dump_stack_lvl+0x73/0xb0 [ 12.428665] print_report+0xd1/0x650 [ 12.428687] ? __virt_addr_valid+0x1db/0x2d0 [ 12.428711] ? krealloc_uaf+0x1b8/0x5e0 [ 12.428732] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.428754] ? krealloc_uaf+0x1b8/0x5e0 [ 12.428775] kasan_report+0x141/0x180 [ 12.428796] ? krealloc_uaf+0x1b8/0x5e0 [ 12.428820] ? krealloc_uaf+0x1b8/0x5e0 [ 12.428840] __kasan_check_byte+0x3d/0x50 [ 12.428863] krealloc_noprof+0x3f/0x340 [ 12.428882] ? stack_depot_save_flags+0x48b/0x840 [ 12.428913] krealloc_uaf+0x1b8/0x5e0 [ 12.428972] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.429006] ? finish_task_switch.isra.0+0x153/0x700 [ 12.429030] ? __switch_to+0x47/0xf50 [ 12.429056] ? __schedule+0x10cc/0x2b60 [ 12.429078] ? __pfx_read_tsc+0x10/0x10 [ 12.429099] ? ktime_get_ts64+0x86/0x230 [ 12.429124] kunit_try_run_case+0x1a5/0x480 [ 12.429149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.429171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.429195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.429218] ? __kthread_parkme+0x82/0x180 [ 12.429239] ? preempt_count_sub+0x50/0x80 [ 12.429261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.429285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.429308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.429332] kthread+0x337/0x6f0 [ 12.429350] ? trace_preempt_on+0x20/0xc0 [ 12.429374] ? __pfx_kthread+0x10/0x10 [ 12.429394] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.429415] ? calculate_sigpending+0x7b/0xa0 [ 12.429439] ? __pfx_kthread+0x10/0x10 [ 12.429460] ret_from_fork+0x116/0x1d0 [ 12.429477] ? __pfx_kthread+0x10/0x10 [ 12.429497] ret_from_fork_asm+0x1a/0x30 [ 12.429528] </TASK> [ 12.429538] [ 12.438031] Allocated by task 182: [ 12.438336] kasan_save_stack+0x45/0x70 [ 12.438487] kasan_save_track+0x18/0x40 [ 12.438801] kasan_save_alloc_info+0x3b/0x50 [ 12.439035] __kasan_kmalloc+0xb7/0xc0 [ 12.439300] __kmalloc_cache_noprof+0x189/0x420 [ 12.439582] krealloc_uaf+0xbb/0x5e0 [ 12.439770] kunit_try_run_case+0x1a5/0x480 [ 12.439918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.440279] kthread+0x337/0x6f0 [ 12.440639] ret_from_fork+0x116/0x1d0 [ 12.440883] ret_from_fork_asm+0x1a/0x30 [ 12.441047] [ 12.441165] Freed by task 182: [ 12.441412] kasan_save_stack+0x45/0x70 [ 12.441691] kasan_save_track+0x18/0x40 [ 12.441884] kasan_save_free_info+0x3f/0x60 [ 12.442190] __kasan_slab_free+0x56/0x70 [ 12.442336] kfree+0x222/0x3f0 [ 12.442452] krealloc_uaf+0x13d/0x5e0 [ 12.442580] kunit_try_run_case+0x1a5/0x480 [ 12.442736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.442909] kthread+0x337/0x6f0 [ 12.443109] ret_from_fork+0x116/0x1d0 [ 12.443293] ret_from_fork_asm+0x1a/0x30 [ 12.443504] [ 12.443616] The buggy address belongs to the object at ffff888100aab200 [ 12.443616] which belongs to the cache kmalloc-256 of size 256 [ 12.444644] The buggy address is located 0 bytes inside of [ 12.444644] freed 256-byte region [ffff888100aab200, ffff888100aab300) [ 12.444985] [ 12.445057] The buggy address belongs to the physical page: [ 12.445315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.445988] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.446354] flags: 0x200000000000040(head|node=0|zone=2) [ 12.446741] page_type: f5(slab) [ 12.446864] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.447300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.447789] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.448320] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.448713] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.449121] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.449453] page dumped because: kasan: bad access detected [ 12.449771] [ 12.449859] Memory state around the buggy address: [ 12.450213] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450633] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.451003] >ffff888100aab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.451316] ^ [ 12.451479] ffff888100aab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.451838] ffff888100aab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.452158] ================================================================== [ 12.452574] ================================================================== [ 12.452968] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.453648] Read of size 1 at addr ffff888100aab200 by task kunit_try_catch/182 [ 12.453876] [ 12.453959] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.453998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.454009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.454027] Call Trace: [ 12.454039] <TASK> [ 12.454053] dump_stack_lvl+0x73/0xb0 [ 12.454081] print_report+0xd1/0x650 [ 12.454103] ? __virt_addr_valid+0x1db/0x2d0 [ 12.454125] ? krealloc_uaf+0x53c/0x5e0 [ 12.454145] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.454168] ? krealloc_uaf+0x53c/0x5e0 [ 12.454189] kasan_report+0x141/0x180 [ 12.454211] ? krealloc_uaf+0x53c/0x5e0 [ 12.454295] __asan_report_load1_noabort+0x18/0x20 [ 12.454336] krealloc_uaf+0x53c/0x5e0 [ 12.454358] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.454378] ? finish_task_switch.isra.0+0x153/0x700 [ 12.454400] ? __switch_to+0x47/0xf50 [ 12.454424] ? __schedule+0x10cc/0x2b60 [ 12.454445] ? __pfx_read_tsc+0x10/0x10 [ 12.454474] ? ktime_get_ts64+0x86/0x230 [ 12.454499] kunit_try_run_case+0x1a5/0x480 [ 12.454544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.454591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.454625] ? __kthread_parkme+0x82/0x180 [ 12.454645] ? preempt_count_sub+0x50/0x80 [ 12.454668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.454716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.454741] kthread+0x337/0x6f0 [ 12.454760] ? trace_preempt_on+0x20/0xc0 [ 12.454784] ? __pfx_kthread+0x10/0x10 [ 12.454806] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.454828] ? calculate_sigpending+0x7b/0xa0 [ 12.454851] ? __pfx_kthread+0x10/0x10 [ 12.454872] ret_from_fork+0x116/0x1d0 [ 12.454890] ? __pfx_kthread+0x10/0x10 [ 12.454909] ret_from_fork_asm+0x1a/0x30 [ 12.454981] </TASK> [ 12.454991] [ 12.467083] Allocated by task 182: [ 12.467400] kasan_save_stack+0x45/0x70 [ 12.467789] kasan_save_track+0x18/0x40 [ 12.468230] kasan_save_alloc_info+0x3b/0x50 [ 12.468608] __kasan_kmalloc+0xb7/0xc0 [ 12.468997] __kmalloc_cache_noprof+0x189/0x420 [ 12.469417] krealloc_uaf+0xbb/0x5e0 [ 12.469571] kunit_try_run_case+0x1a5/0x480 [ 12.469733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.469909] kthread+0x337/0x6f0 [ 12.470289] ret_from_fork+0x116/0x1d0 [ 12.470674] ret_from_fork_asm+0x1a/0x30 [ 12.471130] [ 12.471303] Freed by task 182: [ 12.471626] kasan_save_stack+0x45/0x70 [ 12.472050] kasan_save_track+0x18/0x40 [ 12.472420] kasan_save_free_info+0x3f/0x60 [ 12.472835] __kasan_slab_free+0x56/0x70 [ 12.473318] kfree+0x222/0x3f0 [ 12.473661] krealloc_uaf+0x13d/0x5e0 [ 12.474153] kunit_try_run_case+0x1a5/0x480 [ 12.474532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.474726] kthread+0x337/0x6f0 [ 12.475125] ret_from_fork+0x116/0x1d0 [ 12.475498] ret_from_fork_asm+0x1a/0x30 [ 12.475920] [ 12.476002] The buggy address belongs to the object at ffff888100aab200 [ 12.476002] which belongs to the cache kmalloc-256 of size 256 [ 12.476372] The buggy address is located 0 bytes inside of [ 12.476372] freed 256-byte region [ffff888100aab200, ffff888100aab300) [ 12.476836] [ 12.476907] The buggy address belongs to the physical page: [ 12.477141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.477465] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.478010] flags: 0x200000000000040(head|node=0|zone=2) [ 12.478268] page_type: f5(slab) [ 12.478460] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.478737] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.479116] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.479444] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.479787] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.480090] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.480721] page dumped because: kasan: bad access detected [ 12.480954] [ 12.481054] Memory state around the buggy address: [ 12.481271] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481635] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.482064] >ffff888100aab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.482372] ^ [ 12.482500] ffff888100aab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.482830] ffff888100aab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.483169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.398182] ================================================================== [ 12.398473] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.399000] Write of size 1 at addr ffff8881029760eb by task kunit_try_catch/180 [ 12.399679] [ 12.399797] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.399838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.399849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.399868] Call Trace: [ 12.399882] <TASK> [ 12.399896] dump_stack_lvl+0x73/0xb0 [ 12.399924] print_report+0xd1/0x650 [ 12.400271] ? __virt_addr_valid+0x1db/0x2d0 [ 12.400298] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.400322] ? kasan_addr_to_slab+0x11/0xa0 [ 12.400342] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.400367] kasan_report+0x141/0x180 [ 12.400388] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.400417] __asan_report_store1_noabort+0x1b/0x30 [ 12.400442] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.400468] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.400492] ? finish_task_switch.isra.0+0x153/0x700 [ 12.400647] ? __switch_to+0x47/0xf50 [ 12.400672] ? __schedule+0x10cc/0x2b60 [ 12.400693] ? __pfx_read_tsc+0x10/0x10 [ 12.400717] krealloc_large_less_oob+0x1c/0x30 [ 12.400740] kunit_try_run_case+0x1a5/0x480 [ 12.400764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.400786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.400808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.400831] ? __kthread_parkme+0x82/0x180 [ 12.400851] ? preempt_count_sub+0x50/0x80 [ 12.400873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.400897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.400954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.400997] kthread+0x337/0x6f0 [ 12.401018] ? trace_preempt_on+0x20/0xc0 [ 12.401043] ? __pfx_kthread+0x10/0x10 [ 12.401064] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.401086] ? calculate_sigpending+0x7b/0xa0 [ 12.401110] ? __pfx_kthread+0x10/0x10 [ 12.401131] ret_from_fork+0x116/0x1d0 [ 12.401149] ? __pfx_kthread+0x10/0x10 [ 12.401169] ret_from_fork_asm+0x1a/0x30 [ 12.401200] </TASK> [ 12.401210] [ 12.414322] The buggy address belongs to the physical page: [ 12.414541] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.415326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.416056] flags: 0x200000000000040(head|node=0|zone=2) [ 12.416565] page_type: f8(unknown) [ 12.416815] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.417464] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.418007] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.418622] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.418856] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.419358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.420065] page dumped because: kasan: bad access detected [ 12.420467] [ 12.420703] Memory state around the buggy address: [ 12.421089] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.421415] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.422212] >ffff888102976080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.422671] ^ [ 12.422871] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423084] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423315] ================================================================== [ 12.375524] ================================================================== [ 12.375771] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.376993] Write of size 1 at addr ffff8881029760ea by task kunit_try_catch/180 [ 12.377317] [ 12.377429] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.377554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.377566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.377585] Call Trace: [ 12.377679] <TASK> [ 12.377696] dump_stack_lvl+0x73/0xb0 [ 12.377732] print_report+0xd1/0x650 [ 12.377754] ? __virt_addr_valid+0x1db/0x2d0 [ 12.377776] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.377801] ? kasan_addr_to_slab+0x11/0xa0 [ 12.377821] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.377845] kasan_report+0x141/0x180 [ 12.377866] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.377895] __asan_report_store1_noabort+0x1b/0x30 [ 12.377979] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.378008] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.378033] ? finish_task_switch.isra.0+0x153/0x700 [ 12.378055] ? __switch_to+0x47/0xf50 [ 12.378080] ? __schedule+0x10cc/0x2b60 [ 12.378101] ? __pfx_read_tsc+0x10/0x10 [ 12.378125] krealloc_large_less_oob+0x1c/0x30 [ 12.378148] kunit_try_run_case+0x1a5/0x480 [ 12.378172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.378194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.378257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.378281] ? __kthread_parkme+0x82/0x180 [ 12.378301] ? preempt_count_sub+0x50/0x80 [ 12.378324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.378347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.378371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.378396] kthread+0x337/0x6f0 [ 12.378414] ? trace_preempt_on+0x20/0xc0 [ 12.378437] ? __pfx_kthread+0x10/0x10 [ 12.378457] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.378477] ? calculate_sigpending+0x7b/0xa0 [ 12.378500] ? __pfx_kthread+0x10/0x10 [ 12.378521] ret_from_fork+0x116/0x1d0 [ 12.378539] ? __pfx_kthread+0x10/0x10 [ 12.378558] ret_from_fork_asm+0x1a/0x30 [ 12.378589] </TASK> [ 12.378609] [ 12.389452] The buggy address belongs to the physical page: [ 12.389851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.390303] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.390792] flags: 0x200000000000040(head|node=0|zone=2) [ 12.391075] page_type: f8(unknown) [ 12.391377] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.391742] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.392223] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.392851] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.393321] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.393806] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.394288] page dumped because: kasan: bad access detected [ 12.394586] [ 12.394696] Memory state around the buggy address: [ 12.394861] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.395465] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.395817] >ffff888102976080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.396464] ^ [ 12.396810] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.397265] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.397547] ================================================================== [ 12.182582] ================================================================== [ 12.182838] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.183178] Write of size 1 at addr ffff8881003454da by task kunit_try_catch/176 [ 12.183514] [ 12.183725] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.183785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.183797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.183816] Call Trace: [ 12.183830] <TASK> [ 12.183855] dump_stack_lvl+0x73/0xb0 [ 12.183884] print_report+0xd1/0x650 [ 12.183965] ? __virt_addr_valid+0x1db/0x2d0 [ 12.184008] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.184033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.184056] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.184091] kasan_report+0x141/0x180 [ 12.184113] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.184142] __asan_report_store1_noabort+0x1b/0x30 [ 12.184178] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.184205] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.184256] ? finish_task_switch.isra.0+0x153/0x700 [ 12.184292] ? __switch_to+0x47/0xf50 [ 12.184329] ? __schedule+0x10cc/0x2b60 [ 12.184364] ? __pfx_read_tsc+0x10/0x10 [ 12.184388] krealloc_less_oob+0x1c/0x30 [ 12.184421] kunit_try_run_case+0x1a5/0x480 [ 12.184445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.184467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.184508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.184532] ? __kthread_parkme+0x82/0x180 [ 12.184552] ? preempt_count_sub+0x50/0x80 [ 12.184575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.184610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.184634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.184659] kthread+0x337/0x6f0 [ 12.184677] ? trace_preempt_on+0x20/0xc0 [ 12.184700] ? __pfx_kthread+0x10/0x10 [ 12.184721] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.184742] ? calculate_sigpending+0x7b/0xa0 [ 12.184765] ? __pfx_kthread+0x10/0x10 [ 12.184786] ret_from_fork+0x116/0x1d0 [ 12.184804] ? __pfx_kthread+0x10/0x10 [ 12.184824] ret_from_fork_asm+0x1a/0x30 [ 12.184855] </TASK> [ 12.184864] [ 12.196544] Allocated by task 176: [ 12.197394] kasan_save_stack+0x45/0x70 [ 12.197740] kasan_save_track+0x18/0x40 [ 12.198257] kasan_save_alloc_info+0x3b/0x50 [ 12.198635] __kasan_krealloc+0x190/0x1f0 [ 12.199024] krealloc_noprof+0xf3/0x340 [ 12.199415] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.199682] krealloc_less_oob+0x1c/0x30 [ 12.199887] kunit_try_run_case+0x1a5/0x480 [ 12.200339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.200737] kthread+0x337/0x6f0 [ 12.201167] ret_from_fork+0x116/0x1d0 [ 12.201505] ret_from_fork_asm+0x1a/0x30 [ 12.201870] [ 12.201980] The buggy address belongs to the object at ffff888100345400 [ 12.201980] which belongs to the cache kmalloc-256 of size 256 [ 12.202461] The buggy address is located 17 bytes to the right of [ 12.202461] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 12.203620] [ 12.203729] The buggy address belongs to the physical page: [ 12.204298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.204809] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.205336] flags: 0x200000000000040(head|node=0|zone=2) [ 12.205773] page_type: f5(slab) [ 12.206174] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.206654] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.207323] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.207801] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.208333] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.208849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.209268] page dumped because: kasan: bad access detected [ 12.209520] [ 12.209649] Memory state around the buggy address: [ 12.209849] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.210235] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.210576] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.211088] ^ [ 12.211376] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.211723] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.212118] ================================================================== [ 12.157022] ================================================================== [ 12.157414] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.157764] Write of size 1 at addr ffff8881003454d0 by task kunit_try_catch/176 [ 12.158279] [ 12.158373] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.158412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.158469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.158510] Call Trace: [ 12.158521] <TASK> [ 12.158576] dump_stack_lvl+0x73/0xb0 [ 12.158662] print_report+0xd1/0x650 [ 12.158683] ? __virt_addr_valid+0x1db/0x2d0 [ 12.158717] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.158741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.158764] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.158788] kasan_report+0x141/0x180 [ 12.158809] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.158838] __asan_report_store1_noabort+0x1b/0x30 [ 12.158863] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.158889] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.158913] ? finish_task_switch.isra.0+0x153/0x700 [ 12.159149] ? __switch_to+0x47/0xf50 [ 12.159177] ? __schedule+0x10cc/0x2b60 [ 12.159199] ? __pfx_read_tsc+0x10/0x10 [ 12.159223] krealloc_less_oob+0x1c/0x30 [ 12.159245] kunit_try_run_case+0x1a5/0x480 [ 12.159268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.159291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.159314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.159337] ? __kthread_parkme+0x82/0x180 [ 12.159357] ? preempt_count_sub+0x50/0x80 [ 12.159379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.159404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.159427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.159452] kthread+0x337/0x6f0 [ 12.159470] ? trace_preempt_on+0x20/0xc0 [ 12.159493] ? __pfx_kthread+0x10/0x10 [ 12.159526] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.159547] ? calculate_sigpending+0x7b/0xa0 [ 12.159571] ? __pfx_kthread+0x10/0x10 [ 12.159592] ret_from_fork+0x116/0x1d0 [ 12.159622] ? __pfx_kthread+0x10/0x10 [ 12.159642] ret_from_fork_asm+0x1a/0x30 [ 12.159673] </TASK> [ 12.159683] [ 12.169541] Allocated by task 176: [ 12.169710] kasan_save_stack+0x45/0x70 [ 12.169868] kasan_save_track+0x18/0x40 [ 12.170401] kasan_save_alloc_info+0x3b/0x50 [ 12.170701] __kasan_krealloc+0x190/0x1f0 [ 12.170874] krealloc_noprof+0xf3/0x340 [ 12.171157] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.171531] krealloc_less_oob+0x1c/0x30 [ 12.171824] kunit_try_run_case+0x1a5/0x480 [ 12.172280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.172572] kthread+0x337/0x6f0 [ 12.172796] ret_from_fork+0x116/0x1d0 [ 12.172988] ret_from_fork_asm+0x1a/0x30 [ 12.173245] [ 12.173418] The buggy address belongs to the object at ffff888100345400 [ 12.173418] which belongs to the cache kmalloc-256 of size 256 [ 12.173912] The buggy address is located 7 bytes to the right of [ 12.173912] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 12.174440] [ 12.174808] The buggy address belongs to the physical page: [ 12.175050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.175550] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.176025] flags: 0x200000000000040(head|node=0|zone=2) [ 12.176228] page_type: f5(slab) [ 12.176445] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.176807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.177286] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.177670] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.178134] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.178631] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.179094] page dumped because: kasan: bad access detected [ 12.179302] [ 12.179426] Memory state around the buggy address: [ 12.179726] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.180083] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.180473] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.180765] ^ [ 12.181179] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.181549] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.181847] ================================================================== [ 12.329311] ================================================================== [ 12.330147] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.330560] Write of size 1 at addr ffff8881029760d0 by task kunit_try_catch/180 [ 12.331254] [ 12.331684] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.331732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.331745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.331766] Call Trace: [ 12.331777] <TASK> [ 12.331792] dump_stack_lvl+0x73/0xb0 [ 12.331824] print_report+0xd1/0x650 [ 12.331847] ? __virt_addr_valid+0x1db/0x2d0 [ 12.331870] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.331894] ? kasan_addr_to_slab+0x11/0xa0 [ 12.331915] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.331954] kasan_report+0x141/0x180 [ 12.331975] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.332003] __asan_report_store1_noabort+0x1b/0x30 [ 12.332029] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.332055] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.332079] ? finish_task_switch.isra.0+0x153/0x700 [ 12.332102] ? __switch_to+0x47/0xf50 [ 12.332127] ? __schedule+0x10cc/0x2b60 [ 12.332148] ? __pfx_read_tsc+0x10/0x10 [ 12.332172] krealloc_large_less_oob+0x1c/0x30 [ 12.332194] kunit_try_run_case+0x1a5/0x480 [ 12.332219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.332241] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.332264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.332287] ? __kthread_parkme+0x82/0x180 [ 12.332307] ? preempt_count_sub+0x50/0x80 [ 12.332329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.332353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.332379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.332404] kthread+0x337/0x6f0 [ 12.332422] ? trace_preempt_on+0x20/0xc0 [ 12.332445] ? __pfx_kthread+0x10/0x10 [ 12.332465] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.332486] ? calculate_sigpending+0x7b/0xa0 [ 12.332578] ? __pfx_kthread+0x10/0x10 [ 12.332613] ret_from_fork+0x116/0x1d0 [ 12.332631] ? __pfx_kthread+0x10/0x10 [ 12.332651] ret_from_fork_asm+0x1a/0x30 [ 12.332683] </TASK> [ 12.332693] [ 12.344678] The buggy address belongs to the physical page: [ 12.345211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.345553] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.346202] flags: 0x200000000000040(head|node=0|zone=2) [ 12.346453] page_type: f8(unknown) [ 12.346669] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.347007] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.347339] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.347994] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.348478] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.348892] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.349322] page dumped because: kasan: bad access detected [ 12.349564] [ 12.349782] Memory state around the buggy address: [ 12.350225] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.350700] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.351070] >ffff888102976080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.351497] ^ [ 12.351809] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.352318] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.352699] ================================================================== [ 12.353233] ================================================================== [ 12.353549] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.353855] Write of size 1 at addr ffff8881029760da by task kunit_try_catch/180 [ 12.354661] [ 12.354942] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.354987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.354999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.355181] Call Trace: [ 12.355201] <TASK> [ 12.355219] dump_stack_lvl+0x73/0xb0 [ 12.355251] print_report+0xd1/0x650 [ 12.355274] ? __virt_addr_valid+0x1db/0x2d0 [ 12.355296] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.355319] ? kasan_addr_to_slab+0x11/0xa0 [ 12.355339] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.355363] kasan_report+0x141/0x180 [ 12.355384] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.355413] __asan_report_store1_noabort+0x1b/0x30 [ 12.355438] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.355463] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.355487] ? finish_task_switch.isra.0+0x153/0x700 [ 12.355510] ? __switch_to+0x47/0xf50 [ 12.355535] ? __schedule+0x10cc/0x2b60 [ 12.355556] ? __pfx_read_tsc+0x10/0x10 [ 12.355581] krealloc_large_less_oob+0x1c/0x30 [ 12.355617] kunit_try_run_case+0x1a5/0x480 [ 12.355641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.355664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.355687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.355710] ? __kthread_parkme+0x82/0x180 [ 12.355730] ? preempt_count_sub+0x50/0x80 [ 12.355753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.355777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.355803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.355828] kthread+0x337/0x6f0 [ 12.355846] ? trace_preempt_on+0x20/0xc0 [ 12.355870] ? __pfx_kthread+0x10/0x10 [ 12.355890] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.355910] ? calculate_sigpending+0x7b/0xa0 [ 12.355979] ? __pfx_kthread+0x10/0x10 [ 12.356001] ret_from_fork+0x116/0x1d0 [ 12.356019] ? __pfx_kthread+0x10/0x10 [ 12.356039] ret_from_fork_asm+0x1a/0x30 [ 12.356070] </TASK> [ 12.356079] [ 12.366911] The buggy address belongs to the physical page: [ 12.367281] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.367734] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.368333] flags: 0x200000000000040(head|node=0|zone=2) [ 12.368550] page_type: f8(unknown) [ 12.368752] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.369060] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.369383] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.370247] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.370723] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.371195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.371488] page dumped because: kasan: bad access detected [ 12.371907] [ 12.372272] Memory state around the buggy address: [ 12.372479] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.372917] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.373394] >ffff888102976080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.373752] ^ [ 12.374180] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.374548] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.374942] ================================================================== [ 12.304522] ================================================================== [ 12.305306] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.305877] Write of size 1 at addr ffff8881029760c9 by task kunit_try_catch/180 [ 12.306329] [ 12.306450] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.306492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.306542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.306562] Call Trace: [ 12.306574] <TASK> [ 12.306589] dump_stack_lvl+0x73/0xb0 [ 12.306632] print_report+0xd1/0x650 [ 12.306654] ? __virt_addr_valid+0x1db/0x2d0 [ 12.306676] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.306699] ? kasan_addr_to_slab+0x11/0xa0 [ 12.306719] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.306743] kasan_report+0x141/0x180 [ 12.306764] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.306793] __asan_report_store1_noabort+0x1b/0x30 [ 12.306818] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.306844] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.306868] ? finish_task_switch.isra.0+0x153/0x700 [ 12.306891] ? __switch_to+0x47/0xf50 [ 12.306915] ? __schedule+0x10cc/0x2b60 [ 12.306936] ? __pfx_read_tsc+0x10/0x10 [ 12.306959] krealloc_large_less_oob+0x1c/0x30 [ 12.306982] kunit_try_run_case+0x1a5/0x480 [ 12.307005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.307027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.307050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.307073] ? __kthread_parkme+0x82/0x180 [ 12.307093] ? preempt_count_sub+0x50/0x80 [ 12.307116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.307139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.307163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.307188] kthread+0x337/0x6f0 [ 12.307206] ? trace_preempt_on+0x20/0xc0 [ 12.307229] ? __pfx_kthread+0x10/0x10 [ 12.307248] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.307269] ? calculate_sigpending+0x7b/0xa0 [ 12.307293] ? __pfx_kthread+0x10/0x10 [ 12.307545] ret_from_fork+0x116/0x1d0 [ 12.307564] ? __pfx_kthread+0x10/0x10 [ 12.307584] ret_from_fork_asm+0x1a/0x30 [ 12.307626] </TASK> [ 12.307636] [ 12.319613] The buggy address belongs to the physical page: [ 12.319881] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.320428] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.320995] flags: 0x200000000000040(head|node=0|zone=2) [ 12.321353] page_type: f8(unknown) [ 12.321685] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.322195] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.322527] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.322872] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.323430] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.324019] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.324333] page dumped because: kasan: bad access detected [ 12.324785] [ 12.324903] Memory state around the buggy address: [ 12.325359] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.325893] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.326235] >ffff888102976080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.326762] ^ [ 12.327181] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.327538] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.327852] ================================================================== [ 12.212634] ================================================================== [ 12.213026] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.213409] Write of size 1 at addr ffff8881003454ea by task kunit_try_catch/176 [ 12.213771] [ 12.213881] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.213983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.213996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.214015] Call Trace: [ 12.214031] <TASK> [ 12.214046] dump_stack_lvl+0x73/0xb0 [ 12.214075] print_report+0xd1/0x650 [ 12.214109] ? __virt_addr_valid+0x1db/0x2d0 [ 12.214131] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.214155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.214190] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.214214] kasan_report+0x141/0x180 [ 12.214235] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.214273] __asan_report_store1_noabort+0x1b/0x30 [ 12.214297] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.214335] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.214359] ? finish_task_switch.isra.0+0x153/0x700 [ 12.214381] ? __switch_to+0x47/0xf50 [ 12.214406] ? __schedule+0x10cc/0x2b60 [ 12.214427] ? __pfx_read_tsc+0x10/0x10 [ 12.214451] krealloc_less_oob+0x1c/0x30 [ 12.214472] kunit_try_run_case+0x1a5/0x480 [ 12.214513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.214542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.214566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.214589] ? __kthread_parkme+0x82/0x180 [ 12.214625] ? preempt_count_sub+0x50/0x80 [ 12.214648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.214672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.214696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.214729] kthread+0x337/0x6f0 [ 12.214747] ? trace_preempt_on+0x20/0xc0 [ 12.214770] ? __pfx_kthread+0x10/0x10 [ 12.214801] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.214822] ? calculate_sigpending+0x7b/0xa0 [ 12.214845] ? __pfx_kthread+0x10/0x10 [ 12.214866] ret_from_fork+0x116/0x1d0 [ 12.214884] ? __pfx_kthread+0x10/0x10 [ 12.214904] ret_from_fork_asm+0x1a/0x30 [ 12.215110] </TASK> [ 12.215120] [ 12.223262] Allocated by task 176: [ 12.223452] kasan_save_stack+0x45/0x70 [ 12.223718] kasan_save_track+0x18/0x40 [ 12.224013] kasan_save_alloc_info+0x3b/0x50 [ 12.224261] __kasan_krealloc+0x190/0x1f0 [ 12.224464] krealloc_noprof+0xf3/0x340 [ 12.224683] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.224903] krealloc_less_oob+0x1c/0x30 [ 12.225164] kunit_try_run_case+0x1a5/0x480 [ 12.225389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.225566] kthread+0x337/0x6f0 [ 12.225726] ret_from_fork+0x116/0x1d0 [ 12.225981] ret_from_fork_asm+0x1a/0x30 [ 12.226185] [ 12.226278] The buggy address belongs to the object at ffff888100345400 [ 12.226278] which belongs to the cache kmalloc-256 of size 256 [ 12.226776] The buggy address is located 33 bytes to the right of [ 12.226776] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 12.227479] [ 12.227632] The buggy address belongs to the physical page: [ 12.227888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.228337] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.228659] flags: 0x200000000000040(head|node=0|zone=2) [ 12.229005] page_type: f5(slab) [ 12.229172] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.229515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.229856] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.230257] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.230625] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.231196] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.231567] page dumped because: kasan: bad access detected [ 12.231818] [ 12.231887] Memory state around the buggy address: [ 12.232206] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.232535] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.232838] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.233084] ^ [ 12.233440] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.233802] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234160] ================================================================== [ 12.234726] ================================================================== [ 12.235359] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.235748] Write of size 1 at addr ffff8881003454eb by task kunit_try_catch/176 [ 12.236048] [ 12.236218] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.236266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.236277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.236297] Call Trace: [ 12.236317] <TASK> [ 12.236337] dump_stack_lvl+0x73/0xb0 [ 12.236369] print_report+0xd1/0x650 [ 12.236392] ? __virt_addr_valid+0x1db/0x2d0 [ 12.236415] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.236439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.236463] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.236513] kasan_report+0x141/0x180 [ 12.236535] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.236564] __asan_report_store1_noabort+0x1b/0x30 [ 12.236609] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.236635] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.236660] ? finish_task_switch.isra.0+0x153/0x700 [ 12.236683] ? __switch_to+0x47/0xf50 [ 12.236709] ? __schedule+0x10cc/0x2b60 [ 12.236731] ? __pfx_read_tsc+0x10/0x10 [ 12.236756] krealloc_less_oob+0x1c/0x30 [ 12.236777] kunit_try_run_case+0x1a5/0x480 [ 12.236802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.236825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.236849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.236872] ? __kthread_parkme+0x82/0x180 [ 12.236893] ? preempt_count_sub+0x50/0x80 [ 12.236977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.237042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.237066] kthread+0x337/0x6f0 [ 12.237085] ? trace_preempt_on+0x20/0xc0 [ 12.237109] ? __pfx_kthread+0x10/0x10 [ 12.237130] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.237152] ? calculate_sigpending+0x7b/0xa0 [ 12.237176] ? __pfx_kthread+0x10/0x10 [ 12.237197] ret_from_fork+0x116/0x1d0 [ 12.237215] ? __pfx_kthread+0x10/0x10 [ 12.237235] ret_from_fork_asm+0x1a/0x30 [ 12.237266] </TASK> [ 12.237276] [ 12.245154] Allocated by task 176: [ 12.245335] kasan_save_stack+0x45/0x70 [ 12.245584] kasan_save_track+0x18/0x40 [ 12.245820] kasan_save_alloc_info+0x3b/0x50 [ 12.246107] __kasan_krealloc+0x190/0x1f0 [ 12.246268] krealloc_noprof+0xf3/0x340 [ 12.246476] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.246713] krealloc_less_oob+0x1c/0x30 [ 12.247007] kunit_try_run_case+0x1a5/0x480 [ 12.247196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247457] kthread+0x337/0x6f0 [ 12.247673] ret_from_fork+0x116/0x1d0 [ 12.247835] ret_from_fork_asm+0x1a/0x30 [ 12.248206] [ 12.248331] The buggy address belongs to the object at ffff888100345400 [ 12.248331] which belongs to the cache kmalloc-256 of size 256 [ 12.248859] The buggy address is located 34 bytes to the right of [ 12.248859] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 12.249384] [ 12.249460] The buggy address belongs to the physical page: [ 12.249751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.250191] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.250507] flags: 0x200000000000040(head|node=0|zone=2) [ 12.250725] page_type: f5(slab) [ 12.250892] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.251321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.251647] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.252004] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.252518] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.252881] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.253265] page dumped because: kasan: bad access detected [ 12.253527] [ 12.253634] Memory state around the buggy address: [ 12.253845] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.254216] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.254552] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.254781] ^ [ 12.255102] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255423] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255710] ================================================================== [ 12.130405] ================================================================== [ 12.131226] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.131610] Write of size 1 at addr ffff8881003454c9 by task kunit_try_catch/176 [ 12.132023] [ 12.132125] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.132268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.132280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.132300] Call Trace: [ 12.132312] <TASK> [ 12.132341] dump_stack_lvl+0x73/0xb0 [ 12.132374] print_report+0xd1/0x650 [ 12.132397] ? __virt_addr_valid+0x1db/0x2d0 [ 12.132420] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.132475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.132498] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.132558] kasan_report+0x141/0x180 [ 12.132579] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.132625] __asan_report_store1_noabort+0x1b/0x30 [ 12.132651] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.132677] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.132701] ? finish_task_switch.isra.0+0x153/0x700 [ 12.132724] ? __switch_to+0x47/0xf50 [ 12.132751] ? __schedule+0x10cc/0x2b60 [ 12.132773] ? __pfx_read_tsc+0x10/0x10 [ 12.132797] krealloc_less_oob+0x1c/0x30 [ 12.132818] kunit_try_run_case+0x1a5/0x480 [ 12.132843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.132865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.132889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.132913] ? __kthread_parkme+0x82/0x180 [ 12.132994] ? preempt_count_sub+0x50/0x80 [ 12.133018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.133042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.133067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.133092] kthread+0x337/0x6f0 [ 12.133110] ? trace_preempt_on+0x20/0xc0 [ 12.133135] ? __pfx_kthread+0x10/0x10 [ 12.133156] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.133177] ? calculate_sigpending+0x7b/0xa0 [ 12.133201] ? __pfx_kthread+0x10/0x10 [ 12.133222] ret_from_fork+0x116/0x1d0 [ 12.133241] ? __pfx_kthread+0x10/0x10 [ 12.133260] ret_from_fork_asm+0x1a/0x30 [ 12.133292] </TASK> [ 12.133302] [ 12.142691] Allocated by task 176: [ 12.142925] kasan_save_stack+0x45/0x70 [ 12.143356] kasan_save_track+0x18/0x40 [ 12.143497] kasan_save_alloc_info+0x3b/0x50 [ 12.143770] __kasan_krealloc+0x190/0x1f0 [ 12.143966] krealloc_noprof+0xf3/0x340 [ 12.144393] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.144834] krealloc_less_oob+0x1c/0x30 [ 12.145185] kunit_try_run_case+0x1a5/0x480 [ 12.145340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.145722] kthread+0x337/0x6f0 [ 12.146050] ret_from_fork+0x116/0x1d0 [ 12.146222] ret_from_fork_asm+0x1a/0x30 [ 12.146388] [ 12.146488] The buggy address belongs to the object at ffff888100345400 [ 12.146488] which belongs to the cache kmalloc-256 of size 256 [ 12.147654] The buggy address is located 0 bytes to the right of [ 12.147654] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 12.148278] [ 12.148512] The buggy address belongs to the physical page: [ 12.148869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.149505] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.149972] flags: 0x200000000000040(head|node=0|zone=2) [ 12.150222] page_type: f5(slab) [ 12.150488] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.150841] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.151327] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.151771] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.152273] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.152595] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.152940] page dumped because: kasan: bad access detected [ 12.153524] [ 12.153674] Memory state around the buggy address: [ 12.153913] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.154381] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.154778] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.155231] ^ [ 12.155522] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.155822] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.156185] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.281812] ================================================================== [ 12.282410] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.282800] Write of size 1 at addr ffff8881029760f0 by task kunit_try_catch/178 [ 12.283063] [ 12.283293] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.283334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.283345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.283363] Call Trace: [ 12.283375] <TASK> [ 12.283388] dump_stack_lvl+0x73/0xb0 [ 12.283415] print_report+0xd1/0x650 [ 12.283437] ? __virt_addr_valid+0x1db/0x2d0 [ 12.283459] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.283481] ? kasan_addr_to_slab+0x11/0xa0 [ 12.283511] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.283535] kasan_report+0x141/0x180 [ 12.283556] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.283585] __asan_report_store1_noabort+0x1b/0x30 [ 12.283622] krealloc_more_oob_helper+0x7eb/0x930 [ 12.283644] ? __schedule+0x10cc/0x2b60 [ 12.283665] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.283690] ? finish_task_switch.isra.0+0x153/0x700 [ 12.283712] ? __switch_to+0x47/0xf50 [ 12.283736] ? __schedule+0x10cc/0x2b60 [ 12.283757] ? __pfx_read_tsc+0x10/0x10 [ 12.283780] krealloc_large_more_oob+0x1c/0x30 [ 12.283803] kunit_try_run_case+0x1a5/0x480 [ 12.283826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.283849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.283871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.283895] ? __kthread_parkme+0x82/0x180 [ 12.283916] ? preempt_count_sub+0x50/0x80 [ 12.283988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.284012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.284037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.284061] kthread+0x337/0x6f0 [ 12.284080] ? trace_preempt_on+0x20/0xc0 [ 12.284103] ? __pfx_kthread+0x10/0x10 [ 12.284123] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.284144] ? calculate_sigpending+0x7b/0xa0 [ 12.284167] ? __pfx_kthread+0x10/0x10 [ 12.284188] ret_from_fork+0x116/0x1d0 [ 12.284206] ? __pfx_kthread+0x10/0x10 [ 12.284227] ret_from_fork_asm+0x1a/0x30 [ 12.284258] </TASK> [ 12.284267] [ 12.292736] The buggy address belongs to the physical page: [ 12.292968] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.293427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.293816] flags: 0x200000000000040(head|node=0|zone=2) [ 12.294318] page_type: f8(unknown) [ 12.294533] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.294804] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.295335] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.295848] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.296196] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.296531] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.296868] page dumped because: kasan: bad access detected [ 12.297162] [ 12.297306] Memory state around the buggy address: [ 12.297464] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.297792] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.298058] >ffff888102976080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.298566] ^ [ 12.298907] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.299181] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.299497] ================================================================== [ 12.078461] ================================================================== [ 12.079042] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.079383] Write of size 1 at addr ffff888100aab0eb by task kunit_try_catch/174 [ 12.079908] [ 12.080023] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.080067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.080079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.080098] Call Trace: [ 12.080109] <TASK> [ 12.080222] dump_stack_lvl+0x73/0xb0 [ 12.080255] print_report+0xd1/0x650 [ 12.080307] ? __virt_addr_valid+0x1db/0x2d0 [ 12.080330] ? krealloc_more_oob_helper+0x821/0x930 [ 12.080354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.080387] ? krealloc_more_oob_helper+0x821/0x930 [ 12.080411] kasan_report+0x141/0x180 [ 12.080433] ? krealloc_more_oob_helper+0x821/0x930 [ 12.080462] __asan_report_store1_noabort+0x1b/0x30 [ 12.080487] krealloc_more_oob_helper+0x821/0x930 [ 12.080520] ? __schedule+0x10cc/0x2b60 [ 12.080541] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.080566] ? finish_task_switch.isra.0+0x153/0x700 [ 12.080588] ? __switch_to+0x47/0xf50 [ 12.080624] ? __schedule+0x10cc/0x2b60 [ 12.080645] ? __pfx_read_tsc+0x10/0x10 [ 12.080668] krealloc_more_oob+0x1c/0x30 [ 12.080689] kunit_try_run_case+0x1a5/0x480 [ 12.080713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.080759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.080782] ? __kthread_parkme+0x82/0x180 [ 12.080801] ? preempt_count_sub+0x50/0x80 [ 12.080824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.080871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.080895] kthread+0x337/0x6f0 [ 12.080913] ? trace_preempt_on+0x20/0xc0 [ 12.080974] ? __pfx_kthread+0x10/0x10 [ 12.080994] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.081015] ? calculate_sigpending+0x7b/0xa0 [ 12.081038] ? __pfx_kthread+0x10/0x10 [ 12.081059] ret_from_fork+0x116/0x1d0 [ 12.081077] ? __pfx_kthread+0x10/0x10 [ 12.081097] ret_from_fork_asm+0x1a/0x30 [ 12.081128] </TASK> [ 12.081138] [ 12.090303] Allocated by task 174: [ 12.090439] kasan_save_stack+0x45/0x70 [ 12.090586] kasan_save_track+0x18/0x40 [ 12.090790] kasan_save_alloc_info+0x3b/0x50 [ 12.091152] __kasan_krealloc+0x190/0x1f0 [ 12.091392] krealloc_noprof+0xf3/0x340 [ 12.091533] krealloc_more_oob_helper+0x1a9/0x930 [ 12.091821] krealloc_more_oob+0x1c/0x30 [ 12.092234] kunit_try_run_case+0x1a5/0x480 [ 12.092444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.092739] kthread+0x337/0x6f0 [ 12.092868] ret_from_fork+0x116/0x1d0 [ 12.092999] ret_from_fork_asm+0x1a/0x30 [ 12.093152] [ 12.093248] The buggy address belongs to the object at ffff888100aab000 [ 12.093248] which belongs to the cache kmalloc-256 of size 256 [ 12.094146] The buggy address is located 0 bytes to the right of [ 12.094146] allocated 235-byte region [ffff888100aab000, ffff888100aab0eb) [ 12.094725] [ 12.094886] The buggy address belongs to the physical page: [ 12.095195] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.095588] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.095825] flags: 0x200000000000040(head|node=0|zone=2) [ 12.096000] page_type: f5(slab) [ 12.096147] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.096780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.097229] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.097709] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.098112] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.098537] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.098862] page dumped because: kasan: bad access detected [ 12.099032] [ 12.099100] Memory state around the buggy address: [ 12.099578] ffff888100aaaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.099902] ffff888100aab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.100254] >ffff888100aab080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.100607] ^ [ 12.100963] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.101308] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.101686] ================================================================== [ 12.260663] ================================================================== [ 12.261391] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.261913] Write of size 1 at addr ffff8881029760eb by task kunit_try_catch/178 [ 12.262330] [ 12.262517] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.262562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.262573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.262592] Call Trace: [ 12.262616] <TASK> [ 12.262633] dump_stack_lvl+0x73/0xb0 [ 12.262664] print_report+0xd1/0x650 [ 12.262686] ? __virt_addr_valid+0x1db/0x2d0 [ 12.262708] ? krealloc_more_oob_helper+0x821/0x930 [ 12.262731] ? kasan_addr_to_slab+0x11/0xa0 [ 12.262751] ? krealloc_more_oob_helper+0x821/0x930 [ 12.262775] kasan_report+0x141/0x180 [ 12.262796] ? krealloc_more_oob_helper+0x821/0x930 [ 12.262824] __asan_report_store1_noabort+0x1b/0x30 [ 12.262849] krealloc_more_oob_helper+0x821/0x930 [ 12.262871] ? __schedule+0x10cc/0x2b60 [ 12.262894] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.262918] ? finish_task_switch.isra.0+0x153/0x700 [ 12.262942] ? __switch_to+0x47/0xf50 [ 12.262967] ? __schedule+0x10cc/0x2b60 [ 12.262987] ? __pfx_read_tsc+0x10/0x10 [ 12.263201] krealloc_large_more_oob+0x1c/0x30 [ 12.263227] kunit_try_run_case+0x1a5/0x480 [ 12.263253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.263299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.263323] ? __kthread_parkme+0x82/0x180 [ 12.263343] ? preempt_count_sub+0x50/0x80 [ 12.263365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.263412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.263437] kthread+0x337/0x6f0 [ 12.263455] ? trace_preempt_on+0x20/0xc0 [ 12.263479] ? __pfx_kthread+0x10/0x10 [ 12.263501] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.263522] ? calculate_sigpending+0x7b/0xa0 [ 12.263546] ? __pfx_kthread+0x10/0x10 [ 12.263567] ret_from_fork+0x116/0x1d0 [ 12.263585] ? __pfx_kthread+0x10/0x10 [ 12.263616] ret_from_fork_asm+0x1a/0x30 [ 12.263646] </TASK> [ 12.263656] [ 12.274401] The buggy address belongs to the physical page: [ 12.275255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.275574] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.276105] flags: 0x200000000000040(head|node=0|zone=2) [ 12.276396] page_type: f8(unknown) [ 12.276575] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.276980] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.277402] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.277765] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.278076] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.278591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.278903] page dumped because: kasan: bad access detected [ 12.279175] [ 12.279276] Memory state around the buggy address: [ 12.279460] ffff888102975f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.279717] ffff888102976000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.280040] >ffff888102976080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.280374] ^ [ 12.280720] ffff888102976100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.280961] ffff888102976180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.281321] ================================================================== [ 12.102161] ================================================================== [ 12.102432] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.102928] Write of size 1 at addr ffff888100aab0f0 by task kunit_try_catch/174 [ 12.103363] [ 12.103454] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.103496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.103508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.103528] Call Trace: [ 12.103546] <TASK> [ 12.103563] dump_stack_lvl+0x73/0xb0 [ 12.103592] print_report+0xd1/0x650 [ 12.103626] ? __virt_addr_valid+0x1db/0x2d0 [ 12.103648] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.103671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.103694] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.103720] kasan_report+0x141/0x180 [ 12.103741] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.103770] __asan_report_store1_noabort+0x1b/0x30 [ 12.103830] krealloc_more_oob_helper+0x7eb/0x930 [ 12.103853] ? __schedule+0x10cc/0x2b60 [ 12.103912] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.103993] ? finish_task_switch.isra.0+0x153/0x700 [ 12.104018] ? __switch_to+0x47/0xf50 [ 12.104043] ? __schedule+0x10cc/0x2b60 [ 12.104064] ? __pfx_read_tsc+0x10/0x10 [ 12.104089] krealloc_more_oob+0x1c/0x30 [ 12.104111] kunit_try_run_case+0x1a5/0x480 [ 12.104137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.104161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.104186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.104239] ? __kthread_parkme+0x82/0x180 [ 12.104259] ? preempt_count_sub+0x50/0x80 [ 12.104282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.104316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.104340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.104365] kthread+0x337/0x6f0 [ 12.104383] ? trace_preempt_on+0x20/0xc0 [ 12.104405] ? __pfx_kthread+0x10/0x10 [ 12.104425] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.104446] ? calculate_sigpending+0x7b/0xa0 [ 12.104470] ? __pfx_kthread+0x10/0x10 [ 12.104491] ret_from_fork+0x116/0x1d0 [ 12.104518] ? __pfx_kthread+0x10/0x10 [ 12.104538] ret_from_fork_asm+0x1a/0x30 [ 12.104569] </TASK> [ 12.104578] [ 12.114074] Allocated by task 174: [ 12.114344] kasan_save_stack+0x45/0x70 [ 12.114571] kasan_save_track+0x18/0x40 [ 12.114776] kasan_save_alloc_info+0x3b/0x50 [ 12.114992] __kasan_krealloc+0x190/0x1f0 [ 12.115253] krealloc_noprof+0xf3/0x340 [ 12.115483] krealloc_more_oob_helper+0x1a9/0x930 [ 12.115717] krealloc_more_oob+0x1c/0x30 [ 12.115878] kunit_try_run_case+0x1a5/0x480 [ 12.116237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.116514] kthread+0x337/0x6f0 [ 12.116682] ret_from_fork+0x116/0x1d0 [ 12.116881] ret_from_fork_asm+0x1a/0x30 [ 12.117366] [ 12.117452] The buggy address belongs to the object at ffff888100aab000 [ 12.117452] which belongs to the cache kmalloc-256 of size 256 [ 12.117947] The buggy address is located 5 bytes to the right of [ 12.117947] allocated 235-byte region [ffff888100aab000, ffff888100aab0eb) [ 12.118527] [ 12.118689] The buggy address belongs to the physical page: [ 12.118950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.119311] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.119640] flags: 0x200000000000040(head|node=0|zone=2) [ 12.120076] page_type: f5(slab) [ 12.120259] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.120495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.120864] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.121282] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.121577] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.121975] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.122778] page dumped because: kasan: bad access detected [ 12.123129] [ 12.123201] Memory state around the buggy address: [ 12.123431] ffff888100aaaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.124103] ffff888100aab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.124463] >ffff888100aab080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.124898] ^ [ 12.125185] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125491] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125825] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.056073] ================================================================== [ 12.056791] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.057225] Read of size 1 at addr ffff888103a80000 by task kunit_try_catch/172 [ 12.057544] [ 12.057798] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.057882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.057894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.057913] Call Trace: [ 12.057974] <TASK> [ 12.057992] dump_stack_lvl+0x73/0xb0 [ 12.058024] print_report+0xd1/0x650 [ 12.058047] ? __virt_addr_valid+0x1db/0x2d0 [ 12.058071] ? page_alloc_uaf+0x356/0x3d0 [ 12.058092] ? kasan_addr_to_slab+0x11/0xa0 [ 12.058112] ? page_alloc_uaf+0x356/0x3d0 [ 12.058133] kasan_report+0x141/0x180 [ 12.058154] ? page_alloc_uaf+0x356/0x3d0 [ 12.058181] __asan_report_load1_noabort+0x18/0x20 [ 12.058205] page_alloc_uaf+0x356/0x3d0 [ 12.058226] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.058249] ? __schedule+0x10cc/0x2b60 [ 12.058270] ? __pfx_read_tsc+0x10/0x10 [ 12.058292] ? ktime_get_ts64+0x86/0x230 [ 12.058317] kunit_try_run_case+0x1a5/0x480 [ 12.058343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.058365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.058388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.058412] ? __kthread_parkme+0x82/0x180 [ 12.058433] ? preempt_count_sub+0x50/0x80 [ 12.058457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.058481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.058505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.058529] kthread+0x337/0x6f0 [ 12.058547] ? trace_preempt_on+0x20/0xc0 [ 12.058571] ? __pfx_kthread+0x10/0x10 [ 12.058591] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.058623] ? calculate_sigpending+0x7b/0xa0 [ 12.058647] ? __pfx_kthread+0x10/0x10 [ 12.058667] ret_from_fork+0x116/0x1d0 [ 12.058685] ? __pfx_kthread+0x10/0x10 [ 12.058705] ret_from_fork_asm+0x1a/0x30 [ 12.058736] </TASK> [ 12.058746] [ 12.067795] The buggy address belongs to the physical page: [ 12.068283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a80 [ 12.068817] flags: 0x200000000000000(node=0|zone=2) [ 12.068984] page_type: f0(buddy) [ 12.069223] raw: 0200000000000000 ffff88817fffb538 ffff88817fffb538 0000000000000000 [ 12.069563] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 12.070128] page dumped because: kasan: bad access detected [ 12.070412] [ 12.070516] Memory state around the buggy address: [ 12.070693] ffff888103a7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.071336] ffff888103a7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.071665] >ffff888103a80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.072056] ^ [ 12.072206] ffff888103a80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.072567] ffff888103a80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.072983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.022474] ================================================================== [ 12.023010] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.023223] Free of addr ffff888102974001 by task kunit_try_catch/168 [ 12.023423] [ 12.023510] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.023554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.023565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.023584] Call Trace: [ 12.023610] <TASK> [ 12.023625] dump_stack_lvl+0x73/0xb0 [ 12.023653] print_report+0xd1/0x650 [ 12.023674] ? __virt_addr_valid+0x1db/0x2d0 [ 12.023697] ? kasan_addr_to_slab+0x11/0xa0 [ 12.023716] ? kfree+0x274/0x3f0 [ 12.023736] kasan_report_invalid_free+0x10a/0x130 [ 12.023759] ? kfree+0x274/0x3f0 [ 12.023781] ? kfree+0x274/0x3f0 [ 12.023799] __kasan_kfree_large+0x86/0xd0 [ 12.023819] free_large_kmalloc+0x4b/0x110 [ 12.023842] kfree+0x274/0x3f0 [ 12.023866] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.023889] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.023912] ? __schedule+0x10cc/0x2b60 [ 12.023932] ? __pfx_read_tsc+0x10/0x10 [ 12.023952] ? ktime_get_ts64+0x86/0x230 [ 12.023976] kunit_try_run_case+0x1a5/0x480 [ 12.023999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.024042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.024064] ? __kthread_parkme+0x82/0x180 [ 12.024084] ? preempt_count_sub+0x50/0x80 [ 12.024109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.024177] kthread+0x337/0x6f0 [ 12.024194] ? trace_preempt_on+0x20/0xc0 [ 12.024217] ? __pfx_kthread+0x10/0x10 [ 12.024236] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.024259] ? calculate_sigpending+0x7b/0xa0 [ 12.024282] ? __pfx_kthread+0x10/0x10 [ 12.024302] ret_from_fork+0x116/0x1d0 [ 12.024319] ? __pfx_kthread+0x10/0x10 [ 12.024338] ret_from_fork_asm+0x1a/0x30 [ 12.024369] </TASK> [ 12.024378] [ 12.040003] The buggy address belongs to the physical page: [ 12.040233] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102974 [ 12.041097] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.041838] flags: 0x200000000000040(head|node=0|zone=2) [ 12.042045] page_type: f8(unknown) [ 12.042173] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.042404] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.042885] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.043606] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.044338] head: 0200000000000002 ffffea00040a5d01 00000000ffffffff 00000000ffffffff [ 12.045100] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.045861] page dumped because: kasan: bad access detected [ 12.046327] [ 12.046487] Memory state around the buggy address: [ 12.046961] ffff888102973f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.047675] ffff888102973f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.048109] >ffff888102974000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.048854] ^ [ 12.049200] ffff888102974080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.049795] ffff888102974100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.050428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.000683] ================================================================== [ 12.001556] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.002054] Read of size 1 at addr ffff888102a4c000 by task kunit_try_catch/166 [ 12.002691] [ 12.002881] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.002926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.002937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.002957] Call Trace: [ 12.002970] <TASK> [ 12.002985] dump_stack_lvl+0x73/0xb0 [ 12.003033] print_report+0xd1/0x650 [ 12.003056] ? __virt_addr_valid+0x1db/0x2d0 [ 12.003079] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.003100] ? kasan_addr_to_slab+0x11/0xa0 [ 12.003120] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.003141] kasan_report+0x141/0x180 [ 12.003162] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.003188] __asan_report_load1_noabort+0x18/0x20 [ 12.003212] kmalloc_large_uaf+0x2f1/0x340 [ 12.003233] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.003255] ? __schedule+0x10cc/0x2b60 [ 12.003276] ? __pfx_read_tsc+0x10/0x10 [ 12.003297] ? ktime_get_ts64+0x86/0x230 [ 12.003322] kunit_try_run_case+0x1a5/0x480 [ 12.003347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.003369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.003393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.003416] ? __kthread_parkme+0x82/0x180 [ 12.003436] ? preempt_count_sub+0x50/0x80 [ 12.003461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.003484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.003508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.003585] kthread+0x337/0x6f0 [ 12.003614] ? trace_preempt_on+0x20/0xc0 [ 12.003638] ? __pfx_kthread+0x10/0x10 [ 12.003658] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.003679] ? calculate_sigpending+0x7b/0xa0 [ 12.003702] ? __pfx_kthread+0x10/0x10 [ 12.003723] ret_from_fork+0x116/0x1d0 [ 12.003741] ? __pfx_kthread+0x10/0x10 [ 12.003761] ret_from_fork_asm+0x1a/0x30 [ 12.003792] </TASK> [ 12.003802] [ 12.014176] The buggy address belongs to the physical page: [ 12.014644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 12.015207] flags: 0x200000000000000(node=0|zone=2) [ 12.015404] raw: 0200000000000000 ffffea00040a9408 ffff88815b139f80 0000000000000000 [ 12.016002] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.016320] page dumped because: kasan: bad access detected [ 12.016545] [ 12.016654] Memory state around the buggy address: [ 12.017290] ffff888102a4bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.017553] ffff888102a4bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.018178] >ffff888102a4c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.018484] ^ [ 12.018785] ffff888102a4c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.019179] ffff888102a4c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.019437] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.971053] ================================================================== [ 11.971452] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.971969] Write of size 1 at addr ffff888102a4e00a by task kunit_try_catch/164 [ 11.973275] [ 11.973732] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.973781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.973793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.973821] Call Trace: [ 11.973834] <TASK> [ 11.973849] dump_stack_lvl+0x73/0xb0 [ 11.973882] print_report+0xd1/0x650 [ 11.973905] ? __virt_addr_valid+0x1db/0x2d0 [ 11.974150] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.974186] ? kasan_addr_to_slab+0x11/0xa0 [ 11.974207] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.974230] kasan_report+0x141/0x180 [ 11.974252] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.974279] __asan_report_store1_noabort+0x1b/0x30 [ 11.974304] kmalloc_large_oob_right+0x2e9/0x330 [ 11.974328] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.974353] ? __schedule+0x10cc/0x2b60 [ 11.974374] ? __pfx_read_tsc+0x10/0x10 [ 11.974395] ? ktime_get_ts64+0x86/0x230 [ 11.974421] kunit_try_run_case+0x1a5/0x480 [ 11.974446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.974468] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.974492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.974515] ? __kthread_parkme+0x82/0x180 [ 11.974536] ? preempt_count_sub+0x50/0x80 [ 11.974560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.974584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.974618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.974643] kthread+0x337/0x6f0 [ 11.974661] ? trace_preempt_on+0x20/0xc0 [ 11.974685] ? __pfx_kthread+0x10/0x10 [ 11.974705] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.974726] ? calculate_sigpending+0x7b/0xa0 [ 11.974750] ? __pfx_kthread+0x10/0x10 [ 11.974771] ret_from_fork+0x116/0x1d0 [ 11.974789] ? __pfx_kthread+0x10/0x10 [ 11.974808] ret_from_fork_asm+0x1a/0x30 [ 11.974839] </TASK> [ 11.974850] [ 11.986846] The buggy address belongs to the physical page: [ 11.987264] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 11.987784] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.988119] flags: 0x200000000000040(head|node=0|zone=2) [ 11.988590] page_type: f8(unknown) [ 11.988879] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.989355] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.989813] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.990454] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.991074] head: 0200000000000002 ffffea00040a9301 00000000ffffffff 00000000ffffffff [ 11.991494] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.991735] page dumped because: kasan: bad access detected [ 11.991906] [ 11.992219] Memory state around the buggy address: [ 11.992693] ffff888102a4df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.993454] ffff888102a4df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.994273] >ffff888102a4e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.994908] ^ [ 11.995269] ffff888102a4e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.995486] ffff888102a4e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.996218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.941213] ================================================================== [ 11.942738] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.943779] Write of size 1 at addr ffff888103a11f00 by task kunit_try_catch/162 [ 11.944971] [ 11.945325] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.945373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.945385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.945502] Call Trace: [ 11.945519] <TASK> [ 11.945535] dump_stack_lvl+0x73/0xb0 [ 11.945567] print_report+0xd1/0x650 [ 11.945589] ? __virt_addr_valid+0x1db/0x2d0 [ 11.946188] ? kmalloc_big_oob_right+0x316/0x370 [ 11.946214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.946238] ? kmalloc_big_oob_right+0x316/0x370 [ 11.946262] kasan_report+0x141/0x180 [ 11.946284] ? kmalloc_big_oob_right+0x316/0x370 [ 11.946312] __asan_report_store1_noabort+0x1b/0x30 [ 11.946337] kmalloc_big_oob_right+0x316/0x370 [ 11.946360] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.946385] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.946412] kunit_try_run_case+0x1a5/0x480 [ 11.946436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.946482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.946512] ? __kthread_parkme+0x82/0x180 [ 11.946542] ? preempt_count_sub+0x50/0x80 [ 11.946566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.946625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.946649] kthread+0x337/0x6f0 [ 11.946669] ? trace_preempt_on+0x20/0xc0 [ 11.946695] ? __pfx_kthread+0x10/0x10 [ 11.946716] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.946737] ? calculate_sigpending+0x7b/0xa0 [ 11.946760] ? __pfx_kthread+0x10/0x10 [ 11.946781] ret_from_fork+0x116/0x1d0 [ 11.946800] ? __pfx_kthread+0x10/0x10 [ 11.946820] ret_from_fork_asm+0x1a/0x30 [ 11.946850] </TASK> [ 11.946860] [ 11.957102] Allocated by task 162: [ 11.957331] kasan_save_stack+0x45/0x70 [ 11.957503] kasan_save_track+0x18/0x40 [ 11.957709] kasan_save_alloc_info+0x3b/0x50 [ 11.957906] __kasan_kmalloc+0xb7/0xc0 [ 11.958204] __kmalloc_cache_noprof+0x189/0x420 [ 11.958434] kmalloc_big_oob_right+0xa9/0x370 [ 11.958585] kunit_try_run_case+0x1a5/0x480 [ 11.958816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.959193] kthread+0x337/0x6f0 [ 11.959391] ret_from_fork+0x116/0x1d0 [ 11.959584] ret_from_fork_asm+0x1a/0x30 [ 11.959873] [ 11.960070] The buggy address belongs to the object at ffff888103a10000 [ 11.960070] which belongs to the cache kmalloc-8k of size 8192 [ 11.960444] The buggy address is located 0 bytes to the right of [ 11.960444] allocated 7936-byte region [ffff888103a10000, ffff888103a11f00) [ 11.961087] [ 11.961186] The buggy address belongs to the physical page: [ 11.961442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a10 [ 11.961914] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.962387] flags: 0x200000000000040(head|node=0|zone=2) [ 11.962611] page_type: f5(slab) [ 11.962850] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.963186] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.963822] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.964227] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.964643] head: 0200000000000003 ffffea00040e8401 00000000ffffffff 00000000ffffffff [ 11.965108] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.965445] page dumped because: kasan: bad access detected [ 11.965724] [ 11.965828] Memory state around the buggy address: [ 11.966110] ffff888103a11e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.966388] ffff888103a11e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.966847] >ffff888103a11f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.967083] ^ [ 11.967333] ffff888103a11f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.967755] ffff888103a12000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.968131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.888372] ================================================================== [ 11.889036] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.889294] Write of size 1 at addr ffff888102662b78 by task kunit_try_catch/160 [ 11.889514] [ 11.889610] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.889650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.889661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.889680] Call Trace: [ 11.889691] <TASK> [ 11.889711] dump_stack_lvl+0x73/0xb0 [ 11.889739] print_report+0xd1/0x650 [ 11.889760] ? __virt_addr_valid+0x1db/0x2d0 [ 11.889781] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.889805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.889826] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.889849] kasan_report+0x141/0x180 [ 11.889870] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.889899] __asan_report_store1_noabort+0x1b/0x30 [ 11.889922] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.889946] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.889971] ? __schedule+0x10cc/0x2b60 [ 11.889991] ? __pfx_read_tsc+0x10/0x10 [ 11.890010] ? ktime_get_ts64+0x86/0x230 [ 11.890033] kunit_try_run_case+0x1a5/0x480 [ 11.890056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.890076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.890098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.890120] ? __kthread_parkme+0x82/0x180 [ 11.890139] ? preempt_count_sub+0x50/0x80 [ 11.890162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.890184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.890206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.890229] kthread+0x337/0x6f0 [ 11.890246] ? trace_preempt_on+0x20/0xc0 [ 11.890268] ? __pfx_kthread+0x10/0x10 [ 11.890287] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.890307] ? calculate_sigpending+0x7b/0xa0 [ 11.890330] ? __pfx_kthread+0x10/0x10 [ 11.890350] ret_from_fork+0x116/0x1d0 [ 11.890367] ? __pfx_kthread+0x10/0x10 [ 11.890386] ret_from_fork_asm+0x1a/0x30 [ 11.890416] </TASK> [ 11.890425] [ 11.906204] Allocated by task 160: [ 11.906382] kasan_save_stack+0x45/0x70 [ 11.906725] kasan_save_track+0x18/0x40 [ 11.907217] kasan_save_alloc_info+0x3b/0x50 [ 11.907428] __kasan_kmalloc+0xb7/0xc0 [ 11.907789] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.908408] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.908827] kunit_try_run_case+0x1a5/0x480 [ 11.909327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.909765] kthread+0x337/0x6f0 [ 11.910054] ret_from_fork+0x116/0x1d0 [ 11.910237] ret_from_fork_asm+0x1a/0x30 [ 11.910425] [ 11.910707] The buggy address belongs to the object at ffff888102662b00 [ 11.910707] which belongs to the cache kmalloc-128 of size 128 [ 11.911332] The buggy address is located 0 bytes to the right of [ 11.911332] allocated 120-byte region [ffff888102662b00, ffff888102662b78) [ 11.912236] [ 11.912352] The buggy address belongs to the physical page: [ 11.912849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.913565] flags: 0x200000000000000(node=0|zone=2) [ 11.913810] page_type: f5(slab) [ 11.914149] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.914835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.915325] page dumped because: kasan: bad access detected [ 11.915797] [ 11.915900] Memory state around the buggy address: [ 11.916256] ffff888102662a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.916693] ffff888102662a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.917127] >ffff888102662b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.917640] ^ [ 11.918092] ffff888102662b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.918633] ffff888102662c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.919063] ================================================================== [ 11.919775] ================================================================== [ 11.920024] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.920429] Write of size 1 at addr ffff888102662c78 by task kunit_try_catch/160 [ 11.920803] [ 11.920914] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.920954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.920965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.920983] Call Trace: [ 11.920994] <TASK> [ 11.921007] dump_stack_lvl+0x73/0xb0 [ 11.921034] print_report+0xd1/0x650 [ 11.921055] ? __virt_addr_valid+0x1db/0x2d0 [ 11.921077] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.921117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.921140] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.921167] kasan_report+0x141/0x180 [ 11.921188] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.921218] __asan_report_store1_noabort+0x1b/0x30 [ 11.921245] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.921270] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.921297] ? __schedule+0x10cc/0x2b60 [ 11.921319] ? __pfx_read_tsc+0x10/0x10 [ 11.921338] ? ktime_get_ts64+0x86/0x230 [ 11.921363] kunit_try_run_case+0x1a5/0x480 [ 11.921387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.921409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.921432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.921455] ? __kthread_parkme+0x82/0x180 [ 11.921475] ? preempt_count_sub+0x50/0x80 [ 11.921499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.921523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.921546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.921570] kthread+0x337/0x6f0 [ 11.921589] ? trace_preempt_on+0x20/0xc0 [ 11.921621] ? __pfx_kthread+0x10/0x10 [ 11.921641] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.921662] ? calculate_sigpending+0x7b/0xa0 [ 11.921685] ? __pfx_kthread+0x10/0x10 [ 11.921712] ret_from_fork+0x116/0x1d0 [ 11.921730] ? __pfx_kthread+0x10/0x10 [ 11.921750] ret_from_fork_asm+0x1a/0x30 [ 11.921780] </TASK> [ 11.921790] [ 11.929539] Allocated by task 160: [ 11.929744] kasan_save_stack+0x45/0x70 [ 11.929969] kasan_save_track+0x18/0x40 [ 11.930317] kasan_save_alloc_info+0x3b/0x50 [ 11.930517] __kasan_kmalloc+0xb7/0xc0 [ 11.930693] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.930937] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.931162] kunit_try_run_case+0x1a5/0x480 [ 11.931415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.931590] kthread+0x337/0x6f0 [ 11.931717] ret_from_fork+0x116/0x1d0 [ 11.931847] ret_from_fork_asm+0x1a/0x30 [ 11.932033] [ 11.932126] The buggy address belongs to the object at ffff888102662c00 [ 11.932126] which belongs to the cache kmalloc-128 of size 128 [ 11.932736] The buggy address is located 0 bytes to the right of [ 11.932736] allocated 120-byte region [ffff888102662c00, ffff888102662c78) [ 11.933127] [ 11.933221] The buggy address belongs to the physical page: [ 11.933470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.934014] flags: 0x200000000000000(node=0|zone=2) [ 11.934249] page_type: f5(slab) [ 11.934396] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.934707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.935044] page dumped because: kasan: bad access detected [ 11.935273] [ 11.935341] Memory state around the buggy address: [ 11.935575] ffff888102662b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.935858] ffff888102662b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.936209] >ffff888102662c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.936428] ^ [ 11.936720] ffff888102662c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.937144] ffff888102662d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.937353] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.865410] ================================================================== [ 11.866070] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.866476] Read of size 1 at addr ffff888102bfb000 by task kunit_try_catch/158 [ 11.866800] [ 11.866930] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.866975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.866986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.867007] Call Trace: [ 11.867020] <TASK> [ 11.867036] dump_stack_lvl+0x73/0xb0 [ 11.867066] print_report+0xd1/0x650 [ 11.867088] ? __virt_addr_valid+0x1db/0x2d0 [ 11.867111] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.867134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.867157] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.867180] kasan_report+0x141/0x180 [ 11.867202] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.867230] __asan_report_load1_noabort+0x18/0x20 [ 11.867255] kmalloc_node_oob_right+0x369/0x3c0 [ 11.867279] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.867303] ? __schedule+0x10cc/0x2b60 [ 11.867325] ? __pfx_read_tsc+0x10/0x10 [ 11.867345] ? ktime_get_ts64+0x86/0x230 [ 11.867371] kunit_try_run_case+0x1a5/0x480 [ 11.867397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.867444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.867467] ? __kthread_parkme+0x82/0x180 [ 11.867487] ? preempt_count_sub+0x50/0x80 [ 11.867525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.867575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.867611] kthread+0x337/0x6f0 [ 11.867630] ? trace_preempt_on+0x20/0xc0 [ 11.867653] ? __pfx_kthread+0x10/0x10 [ 11.867673] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.867694] ? calculate_sigpending+0x7b/0xa0 [ 11.867717] ? __pfx_kthread+0x10/0x10 [ 11.867738] ret_from_fork+0x116/0x1d0 [ 11.867756] ? __pfx_kthread+0x10/0x10 [ 11.867775] ret_from_fork_asm+0x1a/0x30 [ 11.867806] </TASK> [ 11.867817] [ 11.875022] Allocated by task 158: [ 11.875209] kasan_save_stack+0x45/0x70 [ 11.875409] kasan_save_track+0x18/0x40 [ 11.875724] kasan_save_alloc_info+0x3b/0x50 [ 11.875964] __kasan_kmalloc+0xb7/0xc0 [ 11.876126] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.876351] kmalloc_node_oob_right+0xab/0x3c0 [ 11.876571] kunit_try_run_case+0x1a5/0x480 [ 11.876765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.876987] kthread+0x337/0x6f0 [ 11.877105] ret_from_fork+0x116/0x1d0 [ 11.877280] ret_from_fork_asm+0x1a/0x30 [ 11.877484] [ 11.877575] The buggy address belongs to the object at ffff888102bfa000 [ 11.877575] which belongs to the cache kmalloc-4k of size 4096 [ 11.878176] The buggy address is located 0 bytes to the right of [ 11.878176] allocated 4096-byte region [ffff888102bfa000, ffff888102bfb000) [ 11.878539] [ 11.878617] The buggy address belongs to the physical page: [ 11.878889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8 [ 11.879612] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.880034] flags: 0x200000000000040(head|node=0|zone=2) [ 11.880390] page_type: f5(slab) [ 11.880627] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.880949] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.881226] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.881464] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.881935] head: 0200000000000003 ffffea00040afe01 00000000ffffffff 00000000ffffffff [ 11.882453] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.882810] page dumped because: kasan: bad access detected [ 11.883070] [ 11.883166] Memory state around the buggy address: [ 11.883356] ffff888102bfaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.883711] ffff888102bfaf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.884104] >ffff888102bfb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.884373] ^ [ 11.884529] ffff888102bfb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.884776] ffff888102bfb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.885317] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.826069] ================================================================== [ 11.827042] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.827969] Read of size 1 at addr ffff88810233af1f by task kunit_try_catch/156 [ 11.828451] [ 11.828862] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.828969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.828982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.829003] Call Trace: [ 11.829017] <TASK> [ 11.829034] dump_stack_lvl+0x73/0xb0 [ 11.829069] print_report+0xd1/0x650 [ 11.829091] ? __virt_addr_valid+0x1db/0x2d0 [ 11.829115] ? kmalloc_oob_left+0x361/0x3c0 [ 11.829136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.829158] ? kmalloc_oob_left+0x361/0x3c0 [ 11.829179] kasan_report+0x141/0x180 [ 11.829200] ? kmalloc_oob_left+0x361/0x3c0 [ 11.829226] __asan_report_load1_noabort+0x18/0x20 [ 11.829250] kmalloc_oob_left+0x361/0x3c0 [ 11.829271] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.829293] ? __schedule+0x10cc/0x2b60 [ 11.829314] ? __pfx_read_tsc+0x10/0x10 [ 11.829335] ? ktime_get_ts64+0x86/0x230 [ 11.829359] kunit_try_run_case+0x1a5/0x480 [ 11.829384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.829406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.829429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.829452] ? __kthread_parkme+0x82/0x180 [ 11.829472] ? preempt_count_sub+0x50/0x80 [ 11.829515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.829539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.829563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.829588] kthread+0x337/0x6f0 [ 11.829617] ? trace_preempt_on+0x20/0xc0 [ 11.829639] ? __pfx_kthread+0x10/0x10 [ 11.829659] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.829681] ? calculate_sigpending+0x7b/0xa0 [ 11.829710] ? __pfx_kthread+0x10/0x10 [ 11.829731] ret_from_fork+0x116/0x1d0 [ 11.829749] ? __pfx_kthread+0x10/0x10 [ 11.829769] ret_from_fork_asm+0x1a/0x30 [ 11.829801] </TASK> [ 11.829812] [ 11.844631] Allocated by task 1: [ 11.844766] kasan_save_stack+0x45/0x70 [ 11.845181] kasan_save_track+0x18/0x40 [ 11.845529] kasan_save_alloc_info+0x3b/0x50 [ 11.846039] __kasan_kmalloc+0xb7/0xc0 [ 11.846415] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.847060] kvasprintf+0xc5/0x150 [ 11.847421] __kthread_create_on_node+0x18b/0x3a0 [ 11.847879] kthread_create_on_node+0xab/0xe0 [ 11.848322] create_worker+0x3e5/0x7b0 [ 11.848742] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.849234] apply_wqattrs_prepare+0x332/0xd20 [ 11.849741] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.850039] alloc_workqueue+0xcc7/0x1ad0 [ 11.850176] latency_fsnotify_init+0x1b/0x50 [ 11.850320] do_one_initcall+0xd8/0x370 [ 11.851007] kernel_init_freeable+0x420/0x6f0 [ 11.851510] kernel_init+0x23/0x1e0 [ 11.851955] ret_from_fork+0x116/0x1d0 [ 11.852095] ret_from_fork_asm+0x1a/0x30 [ 11.852665] [ 11.853007] The buggy address belongs to the object at ffff88810233af00 [ 11.853007] which belongs to the cache kmalloc-16 of size 16 [ 11.854269] The buggy address is located 18 bytes to the right of [ 11.854269] allocated 13-byte region [ffff88810233af00, ffff88810233af0d) [ 11.855116] [ 11.855336] The buggy address belongs to the physical page: [ 11.856133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10233a [ 11.857054] flags: 0x200000000000000(node=0|zone=2) [ 11.857232] page_type: f5(slab) [ 11.857357] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.857868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.858718] page dumped because: kasan: bad access detected [ 11.859356] [ 11.859519] Memory state around the buggy address: [ 11.860060] ffff88810233ae00: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.860273] ffff88810233ae80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.860479] >ffff88810233af00: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 11.860905] ^ [ 11.861069] ffff88810233af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861819] ffff88810233b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.862237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.799788] ================================================================== [ 11.800321] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.800645] Read of size 1 at addr ffff888102662a80 by task kunit_try_catch/154 [ 11.800992] [ 11.801077] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.801132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.801143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.801162] Call Trace: [ 11.801177] <TASK> [ 11.801192] dump_stack_lvl+0x73/0xb0 [ 11.801218] print_report+0xd1/0x650 [ 11.801239] ? __virt_addr_valid+0x1db/0x2d0 [ 11.801260] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.801281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.801303] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.801324] kasan_report+0x141/0x180 [ 11.801345] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.801371] __asan_report_load1_noabort+0x18/0x20 [ 11.801396] kmalloc_oob_right+0x68a/0x7f0 [ 11.801417] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.801440] ? __schedule+0x10cc/0x2b60 [ 11.801461] ? __pfx_read_tsc+0x10/0x10 [ 11.801481] ? ktime_get_ts64+0x86/0x230 [ 11.801504] kunit_try_run_case+0x1a5/0x480 [ 11.801527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.801550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.801573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.801607] ? __kthread_parkme+0x82/0x180 [ 11.801627] ? preempt_count_sub+0x50/0x80 [ 11.801650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.801674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.801697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.801725] kthread+0x337/0x6f0 [ 11.801743] ? trace_preempt_on+0x20/0xc0 [ 11.801766] ? __pfx_kthread+0x10/0x10 [ 11.801786] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.801806] ? calculate_sigpending+0x7b/0xa0 [ 11.801830] ? __pfx_kthread+0x10/0x10 [ 11.801850] ret_from_fork+0x116/0x1d0 [ 11.801868] ? __pfx_kthread+0x10/0x10 [ 11.801888] ret_from_fork_asm+0x1a/0x30 [ 11.801919] </TASK> [ 11.801928] [ 11.811941] Allocated by task 154: [ 11.812127] kasan_save_stack+0x45/0x70 [ 11.812323] kasan_save_track+0x18/0x40 [ 11.812774] kasan_save_alloc_info+0x3b/0x50 [ 11.812949] __kasan_kmalloc+0xb7/0xc0 [ 11.813416] __kmalloc_cache_noprof+0x189/0x420 [ 11.813626] kmalloc_oob_right+0xa9/0x7f0 [ 11.813921] kunit_try_run_case+0x1a5/0x480 [ 11.814327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.814738] kthread+0x337/0x6f0 [ 11.814935] ret_from_fork+0x116/0x1d0 [ 11.815288] ret_from_fork_asm+0x1a/0x30 [ 11.815519] [ 11.815634] The buggy address belongs to the object at ffff888102662a00 [ 11.815634] which belongs to the cache kmalloc-128 of size 128 [ 11.816375] The buggy address is located 13 bytes to the right of [ 11.816375] allocated 115-byte region [ffff888102662a00, ffff888102662a73) [ 11.817154] [ 11.817297] The buggy address belongs to the physical page: [ 11.817871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.818426] flags: 0x200000000000000(node=0|zone=2) [ 11.818663] page_type: f5(slab) [ 11.818829] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.819206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.819834] page dumped because: kasan: bad access detected [ 11.820049] [ 11.820367] Memory state around the buggy address: [ 11.820612] ffff888102662980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.821171] ffff888102662a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.821494] >ffff888102662a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.821798] ^ [ 11.821949] ffff888102662b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.822494] ffff888102662b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.822883] ================================================================== [ 11.772441] ================================================================== [ 11.773201] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.773857] Write of size 1 at addr ffff888102662a78 by task kunit_try_catch/154 [ 11.774564] [ 11.774810] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.774854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.774866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.774887] Call Trace: [ 11.774900] <TASK> [ 11.774916] dump_stack_lvl+0x73/0xb0 [ 11.774956] print_report+0xd1/0x650 [ 11.774978] ? __virt_addr_valid+0x1db/0x2d0 [ 11.775001] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.775023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.775045] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.775067] kasan_report+0x141/0x180 [ 11.775088] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.775114] __asan_report_store1_noabort+0x1b/0x30 [ 11.775138] kmalloc_oob_right+0x6bd/0x7f0 [ 11.775160] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.775182] ? __schedule+0x10cc/0x2b60 [ 11.775205] ? __pfx_read_tsc+0x10/0x10 [ 11.775225] ? ktime_get_ts64+0x86/0x230 [ 11.775250] kunit_try_run_case+0x1a5/0x480 [ 11.775273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.775296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.775319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.775342] ? __kthread_parkme+0x82/0x180 [ 11.775362] ? preempt_count_sub+0x50/0x80 [ 11.775386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.775410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.775434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.775458] kthread+0x337/0x6f0 [ 11.775477] ? trace_preempt_on+0x20/0xc0 [ 11.775500] ? __pfx_kthread+0x10/0x10 [ 11.775520] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.775541] ? calculate_sigpending+0x7b/0xa0 [ 11.775565] ? __pfx_kthread+0x10/0x10 [ 11.775586] ret_from_fork+0x116/0x1d0 [ 11.775615] ? __pfx_kthread+0x10/0x10 [ 11.775635] ret_from_fork_asm+0x1a/0x30 [ 11.775666] </TASK> [ 11.775676] [ 11.787266] Allocated by task 154: [ 11.787583] kasan_save_stack+0x45/0x70 [ 11.788009] kasan_save_track+0x18/0x40 [ 11.788148] kasan_save_alloc_info+0x3b/0x50 [ 11.788295] __kasan_kmalloc+0xb7/0xc0 [ 11.788426] __kmalloc_cache_noprof+0x189/0x420 [ 11.788616] kmalloc_oob_right+0xa9/0x7f0 [ 11.788756] kunit_try_run_case+0x1a5/0x480 [ 11.789038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789555] kthread+0x337/0x6f0 [ 11.789944] ret_from_fork+0x116/0x1d0 [ 11.790304] ret_from_fork_asm+0x1a/0x30 [ 11.790705] [ 11.790881] The buggy address belongs to the object at ffff888102662a00 [ 11.790881] which belongs to the cache kmalloc-128 of size 128 [ 11.792101] The buggy address is located 5 bytes to the right of [ 11.792101] allocated 115-byte region [ffff888102662a00, ffff888102662a73) [ 11.792863] [ 11.793044] The buggy address belongs to the physical page: [ 11.793560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.794229] flags: 0x200000000000000(node=0|zone=2) [ 11.794392] page_type: f5(slab) [ 11.794717] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.795443] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.796172] page dumped because: kasan: bad access detected [ 11.796354] [ 11.796422] Memory state around the buggy address: [ 11.796642] ffff888102662900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.796928] ffff888102662980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.797512] >ffff888102662a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.798174] ^ [ 11.798871] ffff888102662a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799153] ffff888102662b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799362] ================================================================== [ 11.736569] ================================================================== [ 11.737383] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.738288] Write of size 1 at addr ffff888102662a73 by task kunit_try_catch/154 [ 11.738745] [ 11.739997] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.740340] Tainted: [N]=TEST [ 11.740371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.740629] Call Trace: [ 11.740698] <TASK> [ 11.740837] dump_stack_lvl+0x73/0xb0 [ 11.741218] print_report+0xd1/0x650 [ 11.741263] ? __virt_addr_valid+0x1db/0x2d0 [ 11.741289] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.741310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.741333] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.741354] kasan_report+0x141/0x180 [ 11.741376] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.741402] __asan_report_store1_noabort+0x1b/0x30 [ 11.741427] kmalloc_oob_right+0x6f0/0x7f0 [ 11.741449] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.741471] ? __schedule+0x10cc/0x2b60 [ 11.741493] ? __pfx_read_tsc+0x10/0x10 [ 11.741516] ? ktime_get_ts64+0x86/0x230 [ 11.741542] kunit_try_run_case+0x1a5/0x480 [ 11.741568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.741590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.741631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.741654] ? __kthread_parkme+0x82/0x180 [ 11.741676] ? preempt_count_sub+0x50/0x80 [ 11.741704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.741728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.741752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.741776] kthread+0x337/0x6f0 [ 11.741794] ? trace_preempt_on+0x20/0xc0 [ 11.741818] ? __pfx_kthread+0x10/0x10 [ 11.741838] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.741860] ? calculate_sigpending+0x7b/0xa0 [ 11.741884] ? __pfx_kthread+0x10/0x10 [ 11.741904] ret_from_fork+0x116/0x1d0 [ 11.741982] ? __pfx_kthread+0x10/0x10 [ 11.742004] ret_from_fork_asm+0x1a/0x30 [ 11.742066] </TASK> [ 11.742134] [ 11.754878] Allocated by task 154: [ 11.755545] kasan_save_stack+0x45/0x70 [ 11.755972] kasan_save_track+0x18/0x40 [ 11.756405] kasan_save_alloc_info+0x3b/0x50 [ 11.756585] __kasan_kmalloc+0xb7/0xc0 [ 11.756959] __kmalloc_cache_noprof+0x189/0x420 [ 11.757476] kmalloc_oob_right+0xa9/0x7f0 [ 11.757888] kunit_try_run_case+0x1a5/0x480 [ 11.758124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.758622] kthread+0x337/0x6f0 [ 11.758744] ret_from_fork+0x116/0x1d0 [ 11.758874] ret_from_fork_asm+0x1a/0x30 [ 11.759351] [ 11.759670] The buggy address belongs to the object at ffff888102662a00 [ 11.759670] which belongs to the cache kmalloc-128 of size 128 [ 11.760480] The buggy address is located 0 bytes to the right of [ 11.760480] allocated 115-byte region [ffff888102662a00, ffff888102662a73) [ 11.761826] [ 11.762100] The buggy address belongs to the physical page: [ 11.762819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.763546] flags: 0x200000000000000(node=0|zone=2) [ 11.764416] page_type: f5(slab) [ 11.765108] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.765824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.766501] page dumped because: kasan: bad access detected [ 11.766856] [ 11.767042] Memory state around the buggy address: [ 11.767811] ffff888102662900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.768251] ffff888102662980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.768486] >ffff888102662a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.768734] ^ [ 11.769085] ffff888102662a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.769841] ffff888102662b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.770622] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.113306] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.113756] Modules linked in: [ 141.113959] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.114455] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.114748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.115216] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.115455] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.116438] RSP: 0000:ffff8881031afc78 EFLAGS: 00010286 [ 141.116705] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.117078] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8ee337f4 [ 141.117362] RBP: ffff8881031afca0 R08: 0000000000000000 R09: ffffed1020b0d8e0 [ 141.117632] R10: ffff88810586c707 R11: 0000000000000000 R12: ffffffff8ee337e0 [ 141.118070] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881031afd38 [ 141.118361] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 141.118686] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.119001] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 141.119259] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 141.119554] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.119937] Call Trace: [ 141.120234] <TASK> [ 141.120340] drm_test_rect_calc_vscale+0x108/0x270 [ 141.120581] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.120868] ? __schedule+0x10cc/0x2b60 [ 141.121052] ? __pfx_read_tsc+0x10/0x10 [ 141.121258] ? ktime_get_ts64+0x86/0x230 [ 141.121408] kunit_try_run_case+0x1a5/0x480 [ 141.121626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.122046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.122239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.122446] ? __kthread_parkme+0x82/0x180 [ 141.122691] ? preempt_count_sub+0x50/0x80 [ 141.122908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.123224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.123448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.123726] kthread+0x337/0x6f0 [ 141.123906] ? trace_preempt_on+0x20/0xc0 [ 141.124306] ? __pfx_kthread+0x10/0x10 [ 141.124487] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.124710] ? calculate_sigpending+0x7b/0xa0 [ 141.125031] ? __pfx_kthread+0x10/0x10 [ 141.125221] ret_from_fork+0x116/0x1d0 [ 141.125396] ? __pfx_kthread+0x10/0x10 [ 141.125614] ret_from_fork_asm+0x1a/0x30 [ 141.125797] </TASK> [ 141.126004] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.094070] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.094967] Modules linked in: [ 141.095226] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.095780] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.096114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.096450] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.096766] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.097543] RSP: 0000:ffff8881034d7c78 EFLAGS: 00010286 [ 141.098037] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.098416] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8ee337bc [ 141.098810] RBP: ffff8881034d7ca0 R08: 0000000000000000 R09: ffffed1020991560 [ 141.099198] R10: ffff888104c8ab07 R11: 0000000000000000 R12: ffffffff8ee337a8 [ 141.099473] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881034d7d38 [ 141.099778] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 141.100213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.100477] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 141.100749] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 141.101209] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.101518] Call Trace: [ 141.101658] <TASK> [ 141.101806] drm_test_rect_calc_vscale+0x108/0x270 [ 141.102143] ? __kasan_check_write+0x18/0x20 [ 141.102350] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.102574] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 141.102792] ? __pfx_read_tsc+0x10/0x10 [ 141.103144] ? ktime_get_ts64+0x86/0x230 [ 141.103352] kunit_try_run_case+0x1a5/0x480 [ 141.103518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.103765] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 141.104105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.104319] ? __kthread_parkme+0x82/0x180 [ 141.104504] ? preempt_count_sub+0x50/0x80 [ 141.104681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.105127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.105381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.105683] kthread+0x337/0x6f0 [ 141.105817] ? trace_preempt_on+0x20/0xc0 [ 141.106164] ? __pfx_kthread+0x10/0x10 [ 141.106376] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.106597] ? calculate_sigpending+0x7b/0xa0 [ 141.106826] ? __pfx_kthread+0x10/0x10 [ 141.107117] ret_from_fork+0x116/0x1d0 [ 141.107261] ? __pfx_kthread+0x10/0x10 [ 141.107457] ret_from_fork_asm+0x1a/0x30 [ 141.107689] </TASK> [ 141.107792] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.029776] WARNING: CPU: 1 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.030234] Modules linked in: [ 141.030569] CPU: 1 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.031405] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.031699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.032449] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.032745] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.033868] RSP: 0000:ffff8881034d7c78 EFLAGS: 00010286 [ 141.034265] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.034855] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8ee337c0 [ 141.035321] RBP: ffff8881034d7ca0 R08: 0000000000000000 R09: ffffed1020991480 [ 141.035825] R10: ffff888104c8a407 R11: 0000000000000000 R12: ffffffff8ee337a8 [ 141.036248] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881034d7d38 [ 141.036696] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 141.037554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.037746] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 141.037994] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 141.038995] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.039837] Call Trace: [ 141.040261] <TASK> [ 141.040710] drm_test_rect_calc_hscale+0x108/0x270 [ 141.041369] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.041945] ? __schedule+0x10cc/0x2b60 [ 141.042485] ? __pfx_read_tsc+0x10/0x10 [ 141.042815] ? ktime_get_ts64+0x86/0x230 [ 141.043158] kunit_try_run_case+0x1a5/0x480 [ 141.043764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.044391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.044997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.045317] ? __kthread_parkme+0x82/0x180 [ 141.045471] ? preempt_count_sub+0x50/0x80 [ 141.045658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.045916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.046475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.046896] kthread+0x337/0x6f0 [ 141.047243] ? trace_preempt_on+0x20/0xc0 [ 141.047584] ? __pfx_kthread+0x10/0x10 [ 141.047885] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.048279] ? calculate_sigpending+0x7b/0xa0 [ 141.048520] ? __pfx_kthread+0x10/0x10 [ 141.049142] ret_from_fork+0x116/0x1d0 [ 141.049351] ? __pfx_kthread+0x10/0x10 [ 141.049512] ret_from_fork_asm+0x1a/0x30 [ 141.050029] </TASK> [ 141.050258] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.053872] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.055252] Modules linked in: [ 141.055423] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.056691] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.057628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.058331] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.058921] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.059815] RSP: 0000:ffff88810355fc78 EFLAGS: 00010286 [ 141.060417] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.061211] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8ee337f8 [ 141.061624] RBP: ffff88810355fca0 R08: 0000000000000000 R09: ffffed1020b0d840 [ 141.061851] R10: ffff88810586c207 R11: 0000000000000000 R12: ffffffff8ee337e0 [ 141.062338] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810355fd38 [ 141.063102] FS: 0000000000000000(0000) GS:ffff8881ca272000(0000) knlGS:0000000000000000 [ 141.063824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.064374] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 141.064610] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52442 [ 141.065304] DR3: ffffffff90e52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.065756] Call Trace: [ 141.065863] <TASK> [ 141.066126] drm_test_rect_calc_hscale+0x108/0x270 [ 141.066623] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.067214] ? __schedule+0x10cc/0x2b60 [ 141.067680] ? __pfx_read_tsc+0x10/0x10 [ 141.067837] ? ktime_get_ts64+0x86/0x230 [ 141.068207] kunit_try_run_case+0x1a5/0x480 [ 141.068630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.069194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.069651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.069848] ? __kthread_parkme+0x82/0x180 [ 141.070310] ? preempt_count_sub+0x50/0x80 [ 141.070747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.071222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.071719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.071916] kthread+0x337/0x6f0 [ 141.072037] ? trace_preempt_on+0x20/0xc0 [ 141.072184] ? __pfx_kthread+0x10/0x10 [ 141.072317] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.072465] ? calculate_sigpending+0x7b/0xa0 [ 141.072617] ? __pfx_kthread+0x10/0x10 [ 141.072974] ret_from_fork+0x116/0x1d0 [ 141.073427] ? __pfx_kthread+0x10/0x10 [ 141.073796] ret_from_fork_asm+0x1a/0x30 [ 141.074327] </TASK> [ 141.074547] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.375961] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.376129] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.377256] Modules linked in: [ 140.377482] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.377965] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.378270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.378736] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.379120] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 de 8e 4c 89 f2 48 c7 c7 60 83 de 8e 48 89 c6 e8 34 cf 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.380114] RSP: 0000:ffff8881028c7d18 EFLAGS: 00010286 [ 140.380331] RAX: 0000000000000000 RBX: ffff88810a36c400 RCX: 1ffffffff1f64ce8 [ 140.380596] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.381255] RBP: ffff8881028c7d48 R08: 0000000000000000 R09: fffffbfff1f64ce8 [ 140.381729] R10: 0000000000000003 R11: 0000000000039940 R12: ffff888101ca3800 [ 140.382188] R13: ffff88810a36c4f8 R14: ffff8881058d9100 R15: ffff88810039fb40 [ 140.382591] FS: 0000000000000000(0000) GS:ffff8881ca272000(0000) knlGS:0000000000000000 [ 140.383110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.383455] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 140.383923] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52442 [ 140.384453] DR3: ffffffff90e52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.384794] Call Trace: [ 140.385081] <TASK> [ 140.385195] ? trace_preempt_on+0x20/0xc0 [ 140.385388] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.385626] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.385876] __kunit_action_free+0x57/0x70 [ 140.386164] kunit_remove_resource+0x133/0x200 [ 140.386327] ? preempt_count_sub+0x50/0x80 [ 140.386526] kunit_cleanup+0x7a/0x120 [ 140.386801] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.387056] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.387379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.387586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.387907] kthread+0x337/0x6f0 [ 140.388189] ? trace_preempt_on+0x20/0xc0 [ 140.388434] ? __pfx_kthread+0x10/0x10 [ 140.388664] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.388919] ? calculate_sigpending+0x7b/0xa0 [ 140.389976] ? __pfx_kthread+0x10/0x10 [ 140.390195] ret_from_fork+0x116/0x1d0 [ 140.390383] ? __pfx_kthread+0x10/0x10 [ 140.390567] ret_from_fork_asm+0x1a/0x30 [ 140.390779] </TASK> [ 140.390897] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.247242] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.247639] Modules linked in: [ 140.248080] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.248521] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.248788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.249241] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.249596] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.250551] RSP: 0000:ffff88810284fb30 EFLAGS: 00010246 [ 140.250921] RAX: dffffc0000000000 RBX: ffff88810284fc28 RCX: 0000000000000000 [ 140.251252] RDX: 1ffff11020509f8e RSI: ffff88810284fc28 RDI: ffff88810284fc70 [ 140.251794] RBP: ffff88810284fb70 R08: ffff888102da7000 R09: ffffffff8edd89e0 [ 140.252205] R10: 0000000000000003 R11: 00000000b608e2e2 R12: ffff888102da7000 [ 140.252525] R13: ffff88810039fae8 R14: ffff88810284fba8 R15: 0000000000000000 [ 140.252914] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 140.253355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.253714] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 140.254056] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 140.254600] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.254905] Call Trace: [ 140.255164] <TASK> [ 140.255318] ? add_dr+0xc1/0x1d0 [ 140.255524] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.255850] ? add_dr+0x148/0x1d0 [ 140.256124] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.256486] ? __drmm_add_action+0x1a4/0x280 [ 140.256710] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.257294] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.257636] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.257929] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 140.258228] ? __pfx_read_tsc+0x10/0x10 [ 140.258474] ? ktime_get_ts64+0x86/0x230 [ 140.258800] kunit_try_run_case+0x1a5/0x480 [ 140.259008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.259394] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 140.259831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.260169] ? __kthread_parkme+0x82/0x180 [ 140.260387] ? preempt_count_sub+0x50/0x80 [ 140.260716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.260991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.261396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.261749] kthread+0x337/0x6f0 [ 140.261883] ? trace_preempt_on+0x20/0xc0 [ 140.262246] ? __pfx_kthread+0x10/0x10 [ 140.262491] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.262681] ? calculate_sigpending+0x7b/0xa0 [ 140.263040] ? __pfx_kthread+0x10/0x10 [ 140.263278] ret_from_fork+0x116/0x1d0 [ 140.263486] ? __pfx_kthread+0x10/0x10 [ 140.263713] ret_from_fork_asm+0x1a/0x30 [ 140.264071] </TASK> [ 140.264239] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.212103] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.212254] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.213394] Modules linked in: [ 140.213879] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.214919] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.215756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.216421] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.217054] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 dd 8e 4c 89 fa 48 c7 c7 20 39 dd 8e 48 89 c6 e8 02 ec 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.217539] RSP: 0000:ffff888101ca7b68 EFLAGS: 00010282 [ 140.217838] RAX: 0000000000000000 RBX: ffff888101ca7c40 RCX: 1ffffffff1f64ce8 [ 140.218048] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.218248] RBP: ffff888101ca7b90 R08: 0000000000000000 R09: fffffbfff1f64ce8 [ 140.218448] R10: 0000000000000003 R11: 0000000000037fe0 R12: ffff888101ca7c18 [ 140.218648] R13: ffff888102d0c800 R14: ffff888102da5000 R15: ffff88810a81c780 [ 140.218863] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 140.220107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.220384] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 140.221701] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 140.222300] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.222522] Call Trace: [ 140.222636] <TASK> [ 140.222753] drm_test_framebuffer_free+0x1ab/0x610 [ 140.222933] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.223109] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.224267] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.225727] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.226259] ? __schedule+0x10cc/0x2b60 [ 140.226459] ? __pfx_read_tsc+0x10/0x10 [ 140.226679] ? ktime_get_ts64+0x86/0x230 [ 140.226921] kunit_try_run_case+0x1a5/0x480 [ 140.227329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.227615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.227915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.228303] ? __kthread_parkme+0x82/0x180 [ 140.228506] ? preempt_count_sub+0x50/0x80 [ 140.228794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.229000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.229565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.229856] kthread+0x337/0x6f0 [ 140.230144] ? trace_preempt_on+0x20/0xc0 [ 140.230382] ? __pfx_kthread+0x10/0x10 [ 140.230576] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.230909] ? calculate_sigpending+0x7b/0xa0 [ 140.231299] ? __pfx_kthread+0x10/0x10 [ 140.231504] ret_from_fork+0x116/0x1d0 [ 140.231641] ? __pfx_kthread+0x10/0x10 [ 140.232028] ret_from_fork_asm+0x1a/0x30 [ 140.232257] </TASK> [ 140.232470] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.988057] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.988604] Modules linked in: [ 138.988829] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.989434] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.989700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.990211] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.990462] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.991437] RSP: 0000:ffff88810a6f7c90 EFLAGS: 00010246 [ 138.991857] RAX: dffffc0000000000 RBX: ffff88810a874000 RCX: 0000000000000000 [ 138.992274] RDX: 1ffff1102150e832 RSI: ffffffff8c005938 RDI: ffff88810a874190 [ 138.992567] RBP: ffff88810a6f7ca0 R08: 1ffff11020073f69 R09: ffffed10214def65 [ 138.992866] R10: 0000000000000003 R11: ffffffff8b585b48 R12: 0000000000000000 [ 138.993241] R13: ffff88810a6f7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.993538] FS: 0000000000000000(0000) GS:ffff8881ca272000(0000) knlGS:0000000000000000 [ 138.993876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.994206] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 138.994698] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52442 [ 138.995597] DR3: ffffffff90e52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.995924] Call Trace: [ 138.996274] <TASK> [ 138.996533] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.997040] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.997485] ? __schedule+0x10cc/0x2b60 [ 138.997851] ? __pfx_read_tsc+0x10/0x10 [ 138.998142] ? ktime_get_ts64+0x86/0x230 [ 138.998332] kunit_try_run_case+0x1a5/0x480 [ 138.998543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.999257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.999620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.000166] ? __kthread_parkme+0x82/0x180 [ 139.000379] ? preempt_count_sub+0x50/0x80 [ 139.000677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.001120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.001494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.001893] kthread+0x337/0x6f0 [ 139.002217] ? trace_preempt_on+0x20/0xc0 [ 139.002387] ? __pfx_kthread+0x10/0x10 [ 139.002586] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.003181] ? calculate_sigpending+0x7b/0xa0 [ 139.003492] ? __pfx_kthread+0x10/0x10 [ 139.003686] ret_from_fork+0x116/0x1d0 [ 139.004164] ? __pfx_kthread+0x10/0x10 [ 139.004504] ret_from_fork_asm+0x1a/0x30 [ 139.004787] </TASK> [ 139.004911] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.913491] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.914256] Modules linked in: [ 138.914745] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.915283] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.915721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.916571] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.917077] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.917585] RSP: 0000:ffff88810a6f7c90 EFLAGS: 00010246 [ 138.917917] RAX: dffffc0000000000 RBX: ffff88810ab5a000 RCX: 0000000000000000 [ 138.918346] RDX: 1ffff1102156b432 RSI: ffffffff8c005938 RDI: ffff88810ab5a190 [ 138.918722] RBP: ffff88810a6f7ca0 R08: 1ffff11020073f69 R09: ffffed10214def65 [ 138.919030] R10: 0000000000000003 R11: ffffffff8b585b48 R12: 0000000000000000 [ 138.919455] R13: ffff88810a6f7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.919860] FS: 0000000000000000(0000) GS:ffff8881ca272000(0000) knlGS:0000000000000000 [ 138.920457] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.920782] CR2: 00007ffff7ffe000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 138.921198] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52442 [ 138.921941] DR3: ffffffff90e52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.922158] Call Trace: [ 138.922257] <TASK> [ 138.922360] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.922595] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.922844] ? __schedule+0x10cc/0x2b60 [ 138.922990] ? __pfx_read_tsc+0x10/0x10 [ 138.923131] ? ktime_get_ts64+0x86/0x230 [ 138.923277] kunit_try_run_case+0x1a5/0x480 [ 138.923428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.924229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.924415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.924853] ? __kthread_parkme+0x82/0x180 [ 138.925055] ? preempt_count_sub+0x50/0x80 [ 138.925326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.925654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.926131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.926882] kthread+0x337/0x6f0 [ 138.927834] ? trace_preempt_on+0x20/0xc0 [ 138.928417] ? __pfx_kthread+0x10/0x10 [ 138.929489] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.930124] ? calculate_sigpending+0x7b/0xa0 [ 138.930305] ? __pfx_kthread+0x10/0x10 [ 138.930448] ret_from_fork+0x116/0x1d0 [ 138.930598] ? __pfx_kthread+0x10/0x10 [ 138.931838] ret_from_fork_asm+0x1a/0x30 [ 138.932441] </TASK> [ 138.932868] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.304966] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.305309] Modules linked in: [ 107.306127] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.307047] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.307290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.307636] RIP: 0010:intlog10+0x2a/0x40 [ 107.307828] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 c7 a8 86 02 90 <0f> 0b 90 31 c0 e9 bc a8 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.308601] RSP: 0000:ffff8881086ffcb0 EFLAGS: 00010246 [ 107.308851] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110210dffb4 [ 107.309175] RDX: 1ffffffff1d92db4 RSI: 1ffff110210dffb3 RDI: 0000000000000000 [ 107.309669] RBP: ffff8881086ffd60 R08: 0000000000000000 R09: ffffed10210f6860 [ 107.310001] R10: ffff8881087b4307 R11: 0000000000000000 R12: 1ffff110210dff97 [ 107.310264] R13: ffffffff8ec96da0 R14: 0000000000000000 R15: ffff8881086ffd38 [ 107.310529] FS: 0000000000000000(0000) GS:ffff8881ca272000(0000) knlGS:0000000000000000 [ 107.311171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.311400] CR2: ffff88815a8f9009 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 107.311710] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52442 [ 107.311984] DR3: ffffffff90e52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.312348] Call Trace: [ 107.312494] <TASK> [ 107.312626] ? intlog10_test+0xf2/0x220 [ 107.312813] ? __pfx_intlog10_test+0x10/0x10 [ 107.313019] ? __schedule+0x10cc/0x2b60 [ 107.313378] ? __pfx_read_tsc+0x10/0x10 [ 107.313585] ? ktime_get_ts64+0x86/0x230 [ 107.313787] kunit_try_run_case+0x1a5/0x480 [ 107.313962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.314279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.314449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.314699] ? __kthread_parkme+0x82/0x180 [ 107.315057] ? preempt_count_sub+0x50/0x80 [ 107.315304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.315531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.315782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.316304] kthread+0x337/0x6f0 [ 107.316502] ? trace_preempt_on+0x20/0xc0 [ 107.316690] ? __pfx_kthread+0x10/0x10 [ 107.316857] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.317138] ? calculate_sigpending+0x7b/0xa0 [ 107.317293] ? __pfx_kthread+0x10/0x10 [ 107.317703] ret_from_fork+0x116/0x1d0 [ 107.318124] ? __pfx_kthread+0x10/0x10 [ 107.318366] ret_from_fork_asm+0x1a/0x30 [ 107.318621] </TASK> [ 107.318752] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.267383] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.267784] Modules linked in: [ 107.268004] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.269037] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.269368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.269800] RIP: 0010:intlog2+0xdf/0x110 [ 107.270029] Code: c9 8e c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 bf e8 55 ff 8b 45 e4 eb [ 107.270869] RSP: 0000:ffff888102bbfcb0 EFLAGS: 00010246 [ 107.271210] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020577fb4 [ 107.271672] RDX: 1ffffffff1d92e08 RSI: 1ffff11020577fb3 RDI: 0000000000000000 [ 107.271911] RBP: ffff888102bbfd60 R08: 0000000000000000 R09: ffffed1021117f40 [ 107.272240] R10: ffff8881088bfa07 R11: 0000000000000000 R12: 1ffff11020577f97 [ 107.272564] R13: ffffffff8ec97040 R14: 0000000000000000 R15: ffff888102bbfd38 [ 107.272855] FS: 0000000000000000(0000) GS:ffff8881ca372000(0000) knlGS:0000000000000000 [ 107.273206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.273475] CR2: dffffc0000000000 CR3: 00000000438bc000 CR4: 00000000000006f0 [ 107.273767] DR0: ffffffff90e52440 DR1: ffffffff90e52441 DR2: ffffffff90e52443 [ 107.274071] DR3: ffffffff90e52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.274627] Call Trace: [ 107.274782] <TASK> [ 107.274892] ? intlog2_test+0xf2/0x220 [ 107.275462] ? __pfx_intlog2_test+0x10/0x10 [ 107.275635] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 107.276053] ? trace_hardirqs_on+0x37/0xe0 [ 107.276437] ? __pfx_read_tsc+0x10/0x10 [ 107.276685] ? ktime_get_ts64+0x86/0x230 [ 107.276866] kunit_try_run_case+0x1a5/0x480 [ 107.277290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.277606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.277910] ? __kthread_parkme+0x82/0x180 [ 107.278166] ? preempt_count_sub+0x50/0x80 [ 107.278502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.279251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.280056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.280848] kthread+0x337/0x6f0 [ 107.281408] ? trace_preempt_on+0x20/0xc0 [ 107.281807] ? __pfx_kthread+0x10/0x10 [ 107.282174] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.282810] ? calculate_sigpending+0x7b/0xa0 [ 107.283478] ? __pfx_kthread+0x10/0x10 [ 107.284035] ret_from_fork+0x116/0x1d0 [ 107.284454] ? __pfx_kthread+0x10/0x10 [ 107.284612] ret_from_fork_asm+0x1a/0x30 [ 107.284775] </TASK> [ 107.284891] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.698288] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI