Date
July 9, 2025, 11:07 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.004029] ================================================================== [ 49.004411] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.004411] [ 49.004860] Use-after-free read at 0x(____ptrval____) (in kfence-#133): [ 49.005193] test_krealloc+0x6fc/0xbe0 [ 49.005420] kunit_try_run_case+0x1a5/0x480 [ 49.005580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.005901] kthread+0x337/0x6f0 [ 49.006086] ret_from_fork+0x116/0x1d0 [ 49.006308] ret_from_fork_asm+0x1a/0x30 [ 49.006541] [ 49.006675] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.006675] [ 49.007031] allocated by task 354 on cpu 1 at 49.003331s (0.003698s ago): [ 49.007483] test_alloc+0x364/0x10f0 [ 49.007613] test_krealloc+0xad/0xbe0 [ 49.007809] kunit_try_run_case+0x1a5/0x480 [ 49.008014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.008248] kthread+0x337/0x6f0 [ 49.008372] ret_from_fork+0x116/0x1d0 [ 49.008563] ret_from_fork_asm+0x1a/0x30 [ 49.008826] [ 49.008923] freed by task 354 on cpu 1 at 49.003599s (0.005321s ago): [ 49.009234] krealloc_noprof+0x108/0x340 [ 49.009463] test_krealloc+0x226/0xbe0 [ 49.009636] kunit_try_run_case+0x1a5/0x480 [ 49.009868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.010134] kthread+0x337/0x6f0 [ 49.010325] ret_from_fork+0x116/0x1d0 [ 49.010517] ret_from_fork_asm+0x1a/0x30 [ 49.010735] [ 49.010886] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.011418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.011616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.012027] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.919265] ================================================================== [ 48.919669] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.919669] [ 48.920061] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 48.920475] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.920705] kunit_try_run_case+0x1a5/0x480 [ 48.920985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.921563] kthread+0x337/0x6f0 [ 48.921759] ret_from_fork+0x116/0x1d0 [ 48.921900] ret_from_fork_asm+0x1a/0x30 [ 48.922523] [ 48.922634] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.922634] [ 48.923045] allocated by task 352 on cpu 0 at 48.899269s (0.023774s ago): [ 48.923348] test_alloc+0x2a6/0x10f0 [ 48.923526] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.923759] kunit_try_run_case+0x1a5/0x480 [ 48.923952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.924498] kthread+0x337/0x6f0 [ 48.924838] ret_from_fork+0x116/0x1d0 [ 48.925157] ret_from_fork_asm+0x1a/0x30 [ 48.925504] [ 48.925603] freed by task 352 on cpu 0 at 48.899374s (0.026222s ago): [ 48.925880] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.926090] kunit_try_run_case+0x1a5/0x480 [ 48.926287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.926516] kthread+0x337/0x6f0 [ 48.926658] ret_from_fork+0x116/0x1d0 [ 48.926850] ret_from_fork_asm+0x1a/0x30 [ 48.927005] [ 48.927139] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 48.927487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.927690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.928303] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.055424] ================================================================== [ 24.055967] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.055967] [ 24.057144] Invalid read at 0x(____ptrval____): [ 24.057634] test_invalid_access+0xf0/0x210 [ 24.057975] kunit_try_run_case+0x1a5/0x480 [ 24.058142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.058514] kthread+0x337/0x6f0 [ 24.058688] ret_from_fork+0x116/0x1d0 [ 24.058875] ret_from_fork_asm+0x1a/0x30 [ 24.059421] [ 24.059559] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.060324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.060523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.061218] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.835550] ================================================================== [ 23.835965] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.835965] [ 23.836394] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#128): [ 23.837074] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.837310] kunit_try_run_case+0x1a5/0x480 [ 23.837510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.837731] kthread+0x337/0x6f0 [ 23.837930] ret_from_fork+0x116/0x1d0 [ 23.838141] ret_from_fork_asm+0x1a/0x30 [ 23.838335] [ 23.838424] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.838424] [ 23.838850] allocated by task 342 on cpu 1 at 23.835300s (0.003548s ago): [ 23.839185] test_alloc+0x364/0x10f0 [ 23.839380] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.839595] kunit_try_run_case+0x1a5/0x480 [ 23.839835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.840069] kthread+0x337/0x6f0 [ 23.840294] ret_from_fork+0x116/0x1d0 [ 23.840460] ret_from_fork_asm+0x1a/0x30 [ 23.840679] [ 23.840769] freed by task 342 on cpu 1 at 23.835433s (0.005333s ago): [ 23.841044] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.841296] kunit_try_run_case+0x1a5/0x480 [ 23.841498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.841767] kthread+0x337/0x6f0 [ 23.841939] ret_from_fork+0x116/0x1d0 [ 23.842161] ret_from_fork_asm+0x1a/0x30 [ 23.842306] [ 23.842413] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.842936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.843178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.843545] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.627554] ================================================================== [ 23.627946] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.627946] [ 23.628434] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 23.628695] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.628884] kunit_try_run_case+0x1a5/0x480 [ 23.629031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.629570] kthread+0x337/0x6f0 [ 23.629741] ret_from_fork+0x116/0x1d0 [ 23.629875] ret_from_fork_asm+0x1a/0x30 [ 23.630027] [ 23.630155] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.630155] [ 23.630743] allocated by task 340 on cpu 0 at 23.627334s (0.003406s ago): [ 23.631601] test_alloc+0x364/0x10f0 [ 23.631811] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.632028] kunit_try_run_case+0x1a5/0x480 [ 23.632175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.632349] kthread+0x337/0x6f0 [ 23.632468] ret_from_fork+0x116/0x1d0 [ 23.632808] ret_from_fork_asm+0x1a/0x30 [ 23.633363] [ 23.633480] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.634131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.634344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.634882] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.155621] ================================================================== [ 19.156037] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.156037] [ 19.156388] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 19.157265] test_corruption+0x2df/0x3e0 [ 19.157483] kunit_try_run_case+0x1a5/0x480 [ 19.157823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.158196] kthread+0x337/0x6f0 [ 19.158379] ret_from_fork+0x116/0x1d0 [ 19.158727] ret_from_fork_asm+0x1a/0x30 [ 19.159032] [ 19.159241] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.159241] [ 19.159630] allocated by task 328 on cpu 0 at 19.155372s (0.004256s ago): [ 19.159960] test_alloc+0x364/0x10f0 [ 19.160201] test_corruption+0x1cb/0x3e0 [ 19.160753] kunit_try_run_case+0x1a5/0x480 [ 19.161057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.161395] kthread+0x337/0x6f0 [ 19.161646] ret_from_fork+0x116/0x1d0 [ 19.161928] ret_from_fork_asm+0x1a/0x30 [ 19.162255] [ 19.162347] freed by task 328 on cpu 0 at 19.155461s (0.006884s ago): [ 19.162803] test_corruption+0x2df/0x3e0 [ 19.162998] kunit_try_run_case+0x1a5/0x480 [ 19.163344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.163683] kthread+0x337/0x6f0 [ 19.163884] ret_from_fork+0x116/0x1d0 [ 19.164237] ret_from_fork_asm+0x1a/0x30 [ 19.164542] [ 19.164655] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.165339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.165622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.166147] ================================================================== [ 19.363504] ================================================================== [ 19.363881] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.363881] [ 19.364477] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#85): [ 19.365437] test_corruption+0x131/0x3e0 [ 19.365623] kunit_try_run_case+0x1a5/0x480 [ 19.365860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.366064] kthread+0x337/0x6f0 [ 19.366352] ret_from_fork+0x116/0x1d0 [ 19.366545] ret_from_fork_asm+0x1a/0x30 [ 19.366773] [ 19.366879] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.366879] [ 19.367244] allocated by task 330 on cpu 1 at 19.363371s (0.003871s ago): [ 19.367624] test_alloc+0x2a6/0x10f0 [ 19.367862] test_corruption+0xe6/0x3e0 [ 19.368074] kunit_try_run_case+0x1a5/0x480 [ 19.368290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.368544] kthread+0x337/0x6f0 [ 19.368716] ret_from_fork+0x116/0x1d0 [ 19.368849] ret_from_fork_asm+0x1a/0x30 [ 19.369059] [ 19.369158] freed by task 330 on cpu 1 at 19.363426s (0.005730s ago): [ 19.369469] test_corruption+0x131/0x3e0 [ 19.369610] kunit_try_run_case+0x1a5/0x480 [ 19.369826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.370100] kthread+0x337/0x6f0 [ 19.370268] ret_from_fork+0x116/0x1d0 [ 19.370424] ret_from_fork_asm+0x1a/0x30 [ 19.370651] [ 19.370765] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.372563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.372747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.373019] ================================================================== [ 19.051502] ================================================================== [ 19.051920] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.051920] [ 19.052306] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 19.053475] test_corruption+0x2d2/0x3e0 [ 19.053691] kunit_try_run_case+0x1a5/0x480 [ 19.054055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.054335] kthread+0x337/0x6f0 [ 19.054502] ret_from_fork+0x116/0x1d0 [ 19.054687] ret_from_fork_asm+0x1a/0x30 [ 19.054881] [ 19.054955] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.054955] [ 19.055695] allocated by task 328 on cpu 0 at 19.051333s (0.004359s ago): [ 19.056176] test_alloc+0x364/0x10f0 [ 19.056480] test_corruption+0xe6/0x3e0 [ 19.056784] kunit_try_run_case+0x1a5/0x480 [ 19.057098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.057353] kthread+0x337/0x6f0 [ 19.057717] ret_from_fork+0x116/0x1d0 [ 19.058001] ret_from_fork_asm+0x1a/0x30 [ 19.058242] [ 19.058459] freed by task 328 on cpu 0 at 19.051425s (0.007032s ago): [ 19.058833] test_corruption+0x2d2/0x3e0 [ 19.059028] kunit_try_run_case+0x1a5/0x480 [ 19.059387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.059726] kthread+0x337/0x6f0 [ 19.060020] ret_from_fork+0x116/0x1d0 [ 19.060243] ret_from_fork_asm+0x1a/0x30 [ 19.060565] [ 19.060723] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.061279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.061573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.061969] ================================================================== [ 19.467464] ================================================================== [ 19.467857] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.467857] [ 19.468213] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 19.468560] test_corruption+0x216/0x3e0 [ 19.468739] kunit_try_run_case+0x1a5/0x480 [ 19.468967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.469206] kthread+0x337/0x6f0 [ 19.469410] ret_from_fork+0x116/0x1d0 [ 19.469615] ret_from_fork_asm+0x1a/0x30 [ 19.469777] [ 19.469852] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.469852] [ 19.470458] allocated by task 330 on cpu 1 at 19.467347s (0.003110s ago): [ 19.470810] test_alloc+0x2a6/0x10f0 [ 19.470951] test_corruption+0x1cb/0x3e0 [ 19.471132] kunit_try_run_case+0x1a5/0x480 [ 19.471350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.471613] kthread+0x337/0x6f0 [ 19.471769] ret_from_fork+0x116/0x1d0 [ 19.471945] ret_from_fork_asm+0x1a/0x30 [ 19.472087] [ 19.472161] freed by task 330 on cpu 1 at 19.467399s (0.004761s ago): [ 19.472525] test_corruption+0x216/0x3e0 [ 19.472723] kunit_try_run_case+0x1a5/0x480 [ 19.472937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.473180] kthread+0x337/0x6f0 [ 19.473359] ret_from_fork+0x116/0x1d0 [ 19.473543] ret_from_fork_asm+0x1a/0x30 [ 19.473686] [ 19.473795] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.474272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.474451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.474918] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.635449] ================================================================== [ 18.635843] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.635843] [ 18.636235] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.636520] test_invalid_addr_free+0x1e1/0x260 [ 18.636750] kunit_try_run_case+0x1a5/0x480 [ 18.636964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.637249] kthread+0x337/0x6f0 [ 18.637442] ret_from_fork+0x116/0x1d0 [ 18.637599] ret_from_fork_asm+0x1a/0x30 [ 18.637753] [ 18.637826] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.637826] [ 18.638505] allocated by task 324 on cpu 0 at 18.635330s (0.003173s ago): [ 18.638809] test_alloc+0x364/0x10f0 [ 18.638940] test_invalid_addr_free+0xdb/0x260 [ 18.639171] kunit_try_run_case+0x1a5/0x480 [ 18.639446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.639633] kthread+0x337/0x6f0 [ 18.639764] ret_from_fork+0x116/0x1d0 [ 18.639973] ret_from_fork_asm+0x1a/0x30 [ 18.640170] [ 18.640308] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.640768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.640973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.641304] ================================================================== [ 18.739493] ================================================================== [ 18.739890] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.739890] [ 18.740217] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 18.740490] test_invalid_addr_free+0xfb/0x260 [ 18.740695] kunit_try_run_case+0x1a5/0x480 [ 18.740880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.741131] kthread+0x337/0x6f0 [ 18.741301] ret_from_fork+0x116/0x1d0 [ 18.741438] ret_from_fork_asm+0x1a/0x30 [ 18.741639] [ 18.741748] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.741748] [ 18.742132] allocated by task 326 on cpu 0 at 18.739386s (0.002745s ago): [ 18.742417] test_alloc+0x2a6/0x10f0 [ 18.742550] test_invalid_addr_free+0xdb/0x260 [ 18.742779] kunit_try_run_case+0x1a5/0x480 [ 18.742991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.743214] kthread+0x337/0x6f0 [ 18.743336] ret_from_fork+0x116/0x1d0 [ 18.743515] ret_from_fork_asm+0x1a/0x30 [ 18.743739] [ 18.743861] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.744377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.744557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.744877] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.427559] ================================================================== [ 18.428012] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.428012] [ 18.428435] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.428719] test_double_free+0x1d3/0x260 [ 18.428908] kunit_try_run_case+0x1a5/0x480 [ 18.429151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.429333] kthread+0x337/0x6f0 [ 18.429457] ret_from_fork+0x116/0x1d0 [ 18.429632] ret_from_fork_asm+0x1a/0x30 [ 18.429861] [ 18.429979] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.429979] [ 18.430454] allocated by task 320 on cpu 1 at 18.427352s (0.003100s ago): [ 18.430718] test_alloc+0x364/0x10f0 [ 18.430862] test_double_free+0xdb/0x260 [ 18.431079] kunit_try_run_case+0x1a5/0x480 [ 18.431430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.431674] kthread+0x337/0x6f0 [ 18.431834] ret_from_fork+0x116/0x1d0 [ 18.432000] ret_from_fork_asm+0x1a/0x30 [ 18.432215] [ 18.432337] freed by task 320 on cpu 1 at 18.427412s (0.004923s ago): [ 18.432604] test_double_free+0x1e0/0x260 [ 18.432800] kunit_try_run_case+0x1a5/0x480 [ 18.432999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.433325] kthread+0x337/0x6f0 [ 18.433486] ret_from_fork+0x116/0x1d0 [ 18.433641] ret_from_fork_asm+0x1a/0x30 [ 18.433881] [ 18.434029] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.434483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.434695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.435091] ================================================================== [ 18.531546] ================================================================== [ 18.531955] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.531955] [ 18.532404] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.532693] test_double_free+0x112/0x260 [ 18.532885] kunit_try_run_case+0x1a5/0x480 [ 18.533084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.533340] kthread+0x337/0x6f0 [ 18.533480] ret_from_fork+0x116/0x1d0 [ 18.533614] ret_from_fork_asm+0x1a/0x30 [ 18.533834] [ 18.533934] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.533934] [ 18.534386] allocated by task 322 on cpu 0 at 18.531380s (0.003004s ago): [ 18.534678] test_alloc+0x2a6/0x10f0 [ 18.534822] test_double_free+0xdb/0x260 [ 18.535021] kunit_try_run_case+0x1a5/0x480 [ 18.535324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.535554] kthread+0x337/0x6f0 [ 18.535725] ret_from_fork+0x116/0x1d0 [ 18.535901] ret_from_fork_asm+0x1a/0x30 [ 18.536062] [ 18.536159] freed by task 322 on cpu 0 at 18.531425s (0.004732s ago): [ 18.536401] test_double_free+0xfa/0x260 [ 18.536560] kunit_try_run_case+0x1a5/0x480 [ 18.536778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.537033] kthread+0x337/0x6f0 [ 18.537223] ret_from_fork+0x116/0x1d0 [ 18.537392] ret_from_fork_asm+0x1a/0x30 [ 18.537536] [ 18.537631] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.538033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.538235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.538648] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.011520] ================================================================== [ 18.011964] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.011964] [ 18.012476] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 18.012735] test_use_after_free_read+0x129/0x270 [ 18.012919] kunit_try_run_case+0x1a5/0x480 [ 18.013127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.013500] kthread+0x337/0x6f0 [ 18.013678] ret_from_fork+0x116/0x1d0 [ 18.013897] ret_from_fork_asm+0x1a/0x30 [ 18.014131] [ 18.014208] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.014208] [ 18.014602] allocated by task 312 on cpu 0 at 18.011304s (0.003296s ago): [ 18.014952] test_alloc+0x364/0x10f0 [ 18.015178] test_use_after_free_read+0xdc/0x270 [ 18.015331] kunit_try_run_case+0x1a5/0x480 [ 18.015525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.015818] kthread+0x337/0x6f0 [ 18.016019] ret_from_fork+0x116/0x1d0 [ 18.016299] ret_from_fork_asm+0x1a/0x30 [ 18.016501] [ 18.016573] freed by task 312 on cpu 0 at 18.011361s (0.005210s ago): [ 18.016870] test_use_after_free_read+0x1e7/0x270 [ 18.017079] kunit_try_run_case+0x1a5/0x480 [ 18.017341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.017538] kthread+0x337/0x6f0 [ 18.017741] ret_from_fork+0x116/0x1d0 [ 18.017954] ret_from_fork_asm+0x1a/0x30 [ 18.018148] [ 18.018246] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.018771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.018976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.019361] ================================================================== [ 18.115467] ================================================================== [ 18.115915] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.115915] [ 18.116423] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 18.116656] test_use_after_free_read+0x129/0x270 [ 18.116833] kunit_try_run_case+0x1a5/0x480 [ 18.117061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.117346] kthread+0x337/0x6f0 [ 18.117525] ret_from_fork+0x116/0x1d0 [ 18.117662] ret_from_fork_asm+0x1a/0x30 [ 18.117891] [ 18.117987] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.117987] [ 18.118442] allocated by task 314 on cpu 1 at 18.115327s (0.003113s ago): [ 18.118672] test_alloc+0x2a6/0x10f0 [ 18.118868] test_use_after_free_read+0xdc/0x270 [ 18.119121] kunit_try_run_case+0x1a5/0x480 [ 18.119454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.119691] kthread+0x337/0x6f0 [ 18.119860] ret_from_fork+0x116/0x1d0 [ 18.120075] ret_from_fork_asm+0x1a/0x30 [ 18.120252] [ 18.120329] freed by task 314 on cpu 1 at 18.115387s (0.004939s ago): [ 18.120574] test_use_after_free_read+0xfb/0x270 [ 18.120838] kunit_try_run_case+0x1a5/0x480 [ 18.121044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.121381] kthread+0x337/0x6f0 [ 18.121504] ret_from_fork+0x116/0x1d0 [ 18.121695] ret_from_fork_asm+0x1a/0x30 [ 18.121903] [ 18.122029] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.122527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.122667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.123044] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.907394] ================================================================== [ 17.907801] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.907801] [ 17.908295] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 17.908997] test_out_of_bounds_write+0x10d/0x260 [ 17.909245] kunit_try_run_case+0x1a5/0x480 [ 17.909450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.909692] kthread+0x337/0x6f0 [ 17.909868] ret_from_fork+0x116/0x1d0 [ 17.910418] ret_from_fork_asm+0x1a/0x30 [ 17.910612] [ 17.910714] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.910714] [ 17.911286] allocated by task 310 on cpu 1 at 17.907337s (0.003947s ago): [ 17.911691] test_alloc+0x2a6/0x10f0 [ 17.911880] test_out_of_bounds_write+0xd4/0x260 [ 17.912083] kunit_try_run_case+0x1a5/0x480 [ 17.912507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.912738] kthread+0x337/0x6f0 [ 17.913032] ret_from_fork+0x116/0x1d0 [ 17.913343] ret_from_fork_asm+0x1a/0x30 [ 17.913612] [ 17.913736] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.914363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.914555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.914927] ================================================================== [ 17.491400] ================================================================== [ 17.491805] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.491805] [ 17.492308] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.492962] test_out_of_bounds_write+0x10d/0x260 [ 17.493484] kunit_try_run_case+0x1a5/0x480 [ 17.493749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.494054] kthread+0x337/0x6f0 [ 17.494240] ret_from_fork+0x116/0x1d0 [ 17.494408] ret_from_fork_asm+0x1a/0x30 [ 17.494589] [ 17.494672] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.494672] [ 17.495385] allocated by task 308 on cpu 1 at 17.491270s (0.004112s ago): [ 17.495688] test_alloc+0x364/0x10f0 [ 17.495870] test_out_of_bounds_write+0xd4/0x260 [ 17.496273] kunit_try_run_case+0x1a5/0x480 [ 17.496558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.496789] kthread+0x337/0x6f0 [ 17.497070] ret_from_fork+0x116/0x1d0 [ 17.497322] ret_from_fork_asm+0x1a/0x30 [ 17.497486] [ 17.497611] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.498267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.498454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.498830] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.972384] ================================================================== [ 16.972898] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.972898] [ 16.973430] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.973746] test_out_of_bounds_read+0x126/0x4e0 [ 16.973976] kunit_try_run_case+0x1a5/0x480 [ 16.974801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.975073] kthread+0x337/0x6f0 [ 16.975356] ret_from_fork+0x116/0x1d0 [ 16.975609] ret_from_fork_asm+0x1a/0x30 [ 16.975861] [ 16.976076] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.976076] [ 16.976461] allocated by task 304 on cpu 0 at 16.971326s (0.005133s ago): [ 16.977012] test_alloc+0x364/0x10f0 [ 16.977337] test_out_of_bounds_read+0xed/0x4e0 [ 16.977651] kunit_try_run_case+0x1a5/0x480 [ 16.977880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.978289] kthread+0x337/0x6f0 [ 16.978553] ret_from_fork+0x116/0x1d0 [ 16.978803] ret_from_fork_asm+0x1a/0x30 [ 16.979052] [ 16.979333] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.979821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.980259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.980757] ================================================================== [ 17.387389] ================================================================== [ 17.387771] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.387771] [ 17.388249] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 17.388518] test_out_of_bounds_read+0x216/0x4e0 [ 17.388758] kunit_try_run_case+0x1a5/0x480 [ 17.388963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.389185] kthread+0x337/0x6f0 [ 17.389374] ret_from_fork+0x116/0x1d0 [ 17.389513] ret_from_fork_asm+0x1a/0x30 [ 17.389671] [ 17.389779] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.389779] [ 17.390209] allocated by task 306 on cpu 1 at 17.387342s (0.002864s ago): [ 17.390508] test_alloc+0x2a6/0x10f0 [ 17.390647] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.390815] kunit_try_run_case+0x1a5/0x480 [ 17.391022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.391278] kthread+0x337/0x6f0 [ 17.391449] ret_from_fork+0x116/0x1d0 [ 17.391629] ret_from_fork_asm+0x1a/0x30 [ 17.391816] [ 17.391938] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.392380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.392562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.392902] ================================================================== [ 17.283434] ================================================================== [ 17.283815] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.283815] [ 17.284263] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.284570] test_out_of_bounds_read+0x126/0x4e0 [ 17.284756] kunit_try_run_case+0x1a5/0x480 [ 17.284985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.285286] kthread+0x337/0x6f0 [ 17.285432] ret_from_fork+0x116/0x1d0 [ 17.285622] ret_from_fork_asm+0x1a/0x30 [ 17.285816] [ 17.285890] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.285890] [ 17.286269] allocated by task 306 on cpu 1 at 17.283375s (0.002892s ago): [ 17.286623] test_alloc+0x2a6/0x10f0 [ 17.286815] test_out_of_bounds_read+0xed/0x4e0 [ 17.287000] kunit_try_run_case+0x1a5/0x480 [ 17.287262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.287437] kthread+0x337/0x6f0 [ 17.287718] ret_from_fork+0x116/0x1d0 [ 17.287908] ret_from_fork_asm+0x1a/0x30 [ 17.288143] [ 17.288242] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.288656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.288870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.289231] ================================================================== [ 17.179518] ================================================================== [ 17.179940] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.179940] [ 17.180637] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 17.181488] test_out_of_bounds_read+0x216/0x4e0 [ 17.181770] kunit_try_run_case+0x1a5/0x480 [ 17.182157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.182415] kthread+0x337/0x6f0 [ 17.182602] ret_from_fork+0x116/0x1d0 [ 17.182925] ret_from_fork_asm+0x1a/0x30 [ 17.183209] [ 17.183324] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.183324] [ 17.183958] allocated by task 304 on cpu 0 at 17.179354s (0.004601s ago): [ 17.184303] test_alloc+0x364/0x10f0 [ 17.184587] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.184826] kunit_try_run_case+0x1a5/0x480 [ 17.185210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.185545] kthread+0x337/0x6f0 [ 17.185807] ret_from_fork+0x116/0x1d0 [ 17.185996] ret_from_fork_asm+0x1a/0x30 [ 17.186394] [ 17.186513] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.187079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.187326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.187836] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 12.006387] ================================================================== [ 12.008180] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 12.008180] [ 12.009074] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#31): [ 12.010259] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.010671] kunit_try_run_case+0x1a5/0x480 [ 12.010851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.011424] kthread+0x337/0x6f0 [ 12.011749] ret_from_fork+0x116/0x1d0 [ 12.012137] ret_from_fork_asm+0x1a/0x30 [ 12.012523] [ 12.012776] kfence-#31: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.012776] [ 12.013352] allocated by task 159 on cpu 0 at 12.004609s (0.008685s ago): [ 12.014055] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.014650] kunit_try_run_case+0x1a5/0x480 [ 12.015133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.015597] kthread+0x337/0x6f0 [ 12.016155] ret_from_fork+0x116/0x1d0 [ 12.016505] ret_from_fork_asm+0x1a/0x30 [ 12.016921] [ 12.017256] freed by task 159 on cpu 0 at 12.005908s (0.011273s ago): [ 12.017855] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.018425] kunit_try_run_case+0x1a5/0x480 [ 12.018575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.018761] kthread+0x337/0x6f0 [ 12.018881] ret_from_fork+0x116/0x1d0 [ 12.019012] ret_from_fork_asm+0x1a/0x30 [ 12.019467] [ 12.019697] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.020760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.021181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.021975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.710068] ================================================================== [ 16.710423] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.710862] Write of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.711141] [ 16.711225] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.711276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.711298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.711318] Call Trace: [ 16.711334] <TASK> [ 16.711361] dump_stack_lvl+0x73/0xb0 [ 16.711391] print_report+0xd1/0x650 [ 16.711414] ? __virt_addr_valid+0x1db/0x2d0 [ 16.711438] ? strncpy_from_user+0x2e/0x1d0 [ 16.711462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.711487] ? strncpy_from_user+0x2e/0x1d0 [ 16.711511] kasan_report+0x141/0x180 [ 16.711533] ? strncpy_from_user+0x2e/0x1d0 [ 16.711562] kasan_check_range+0x10c/0x1c0 [ 16.711586] __kasan_check_write+0x18/0x20 [ 16.711607] strncpy_from_user+0x2e/0x1d0 [ 16.711630] ? __kasan_check_read+0x15/0x20 [ 16.711652] copy_user_test_oob+0x760/0x10f0 [ 16.711680] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.711714] ? finish_task_switch.isra.0+0x153/0x700 [ 16.711737] ? __switch_to+0x47/0xf50 [ 16.711763] ? __schedule+0x10cc/0x2b60 [ 16.711785] ? __pfx_read_tsc+0x10/0x10 [ 16.711816] ? ktime_get_ts64+0x86/0x230 [ 16.711841] kunit_try_run_case+0x1a5/0x480 [ 16.711866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.711901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.711928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.711954] ? __kthread_parkme+0x82/0x180 [ 16.711975] ? preempt_count_sub+0x50/0x80 [ 16.712008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.712079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.712106] kthread+0x337/0x6f0 [ 16.712126] ? trace_preempt_on+0x20/0xc0 [ 16.712150] ? __pfx_kthread+0x10/0x10 [ 16.712172] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.712195] ? calculate_sigpending+0x7b/0xa0 [ 16.712220] ? __pfx_kthread+0x10/0x10 [ 16.712242] ret_from_fork+0x116/0x1d0 [ 16.712261] ? __pfx_kthread+0x10/0x10 [ 16.712282] ret_from_fork_asm+0x1a/0x30 [ 16.712324] </TASK> [ 16.712335] [ 16.720479] Allocated by task 302: [ 16.720654] kasan_save_stack+0x45/0x70 [ 16.720809] kasan_save_track+0x18/0x40 [ 16.720997] kasan_save_alloc_info+0x3b/0x50 [ 16.721248] __kasan_kmalloc+0xb7/0xc0 [ 16.721408] __kmalloc_noprof+0x1c9/0x500 [ 16.721622] kunit_kmalloc_array+0x25/0x60 [ 16.721818] copy_user_test_oob+0xab/0x10f0 [ 16.722030] kunit_try_run_case+0x1a5/0x480 [ 16.722223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722479] kthread+0x337/0x6f0 [ 16.722627] ret_from_fork+0x116/0x1d0 [ 16.722810] ret_from_fork_asm+0x1a/0x30 [ 16.723018] [ 16.723113] The buggy address belongs to the object at ffff8881031fd400 [ 16.723113] which belongs to the cache kmalloc-128 of size 128 [ 16.723580] The buggy address is located 0 bytes inside of [ 16.723580] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.724115] [ 16.724215] The buggy address belongs to the physical page: [ 16.724456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.724806] flags: 0x200000000000000(node=0|zone=2) [ 16.725036] page_type: f5(slab) [ 16.725159] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.725390] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.725616] page dumped because: kasan: bad access detected [ 16.725840] [ 16.725962] Memory state around the buggy address: [ 16.726400] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.726724] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.726948] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.727459] ^ [ 16.727722] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.727936] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728177] ================================================================== [ 16.728753] ================================================================== [ 16.729413] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.729792] Write of size 1 at addr ffff8881031fd478 by task kunit_try_catch/302 [ 16.730065] [ 16.730175] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.730225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.730238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.730259] Call Trace: [ 16.730272] <TASK> [ 16.730298] dump_stack_lvl+0x73/0xb0 [ 16.730327] print_report+0xd1/0x650 [ 16.730351] ? __virt_addr_valid+0x1db/0x2d0 [ 16.730374] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.730422] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730446] kasan_report+0x141/0x180 [ 16.730468] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730498] __asan_report_store1_noabort+0x1b/0x30 [ 16.730524] strncpy_from_user+0x1a5/0x1d0 [ 16.730551] copy_user_test_oob+0x760/0x10f0 [ 16.730578] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.730602] ? finish_task_switch.isra.0+0x153/0x700 [ 16.730627] ? __switch_to+0x47/0xf50 [ 16.730652] ? __schedule+0x10cc/0x2b60 [ 16.730675] ? __pfx_read_tsc+0x10/0x10 [ 16.730697] ? ktime_get_ts64+0x86/0x230 [ 16.730733] kunit_try_run_case+0x1a5/0x480 [ 16.730758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.730783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.730808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.730835] ? __kthread_parkme+0x82/0x180 [ 16.730859] ? preempt_count_sub+0x50/0x80 [ 16.730895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.730921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.730958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.730986] kthread+0x337/0x6f0 [ 16.731006] ? trace_preempt_on+0x20/0xc0 [ 16.731031] ? __pfx_kthread+0x10/0x10 [ 16.731066] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.731088] ? calculate_sigpending+0x7b/0xa0 [ 16.731112] ? __pfx_kthread+0x10/0x10 [ 16.731135] ret_from_fork+0x116/0x1d0 [ 16.731154] ? __pfx_kthread+0x10/0x10 [ 16.731175] ret_from_fork_asm+0x1a/0x30 [ 16.731207] </TASK> [ 16.731218] [ 16.738663] Allocated by task 302: [ 16.738852] kasan_save_stack+0x45/0x70 [ 16.739031] kasan_save_track+0x18/0x40 [ 16.739167] kasan_save_alloc_info+0x3b/0x50 [ 16.739399] __kasan_kmalloc+0xb7/0xc0 [ 16.739587] __kmalloc_noprof+0x1c9/0x500 [ 16.739749] kunit_kmalloc_array+0x25/0x60 [ 16.739892] copy_user_test_oob+0xab/0x10f0 [ 16.740040] kunit_try_run_case+0x1a5/0x480 [ 16.740186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.740367] kthread+0x337/0x6f0 [ 16.740488] ret_from_fork+0x116/0x1d0 [ 16.740621] ret_from_fork_asm+0x1a/0x30 [ 16.740809] [ 16.740903] The buggy address belongs to the object at ffff8881031fd400 [ 16.740903] which belongs to the cache kmalloc-128 of size 128 [ 16.741808] The buggy address is located 0 bytes to the right of [ 16.741808] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.742345] [ 16.742438] The buggy address belongs to the physical page: [ 16.742683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.743014] flags: 0x200000000000000(node=0|zone=2) [ 16.743174] page_type: f5(slab) [ 16.743294] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.743520] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.743752] page dumped because: kasan: bad access detected [ 16.744136] [ 16.744230] Memory state around the buggy address: [ 16.744466] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.744820] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.745199] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.745413] ^ [ 16.745749] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746073] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746304] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.642934] ================================================================== [ 16.643626] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.643954] Read of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.644258] [ 16.644392] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.644432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.644444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.644465] Call Trace: [ 16.644478] <TASK> [ 16.644492] dump_stack_lvl+0x73/0xb0 [ 16.644532] print_report+0xd1/0x650 [ 16.644555] ? __virt_addr_valid+0x1db/0x2d0 [ 16.644578] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.644614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.644639] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.644664] kasan_report+0x141/0x180 [ 16.644687] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.644735] kasan_check_range+0x10c/0x1c0 [ 16.644760] __kasan_check_read+0x15/0x20 [ 16.644781] copy_user_test_oob+0x4aa/0x10f0 [ 16.644817] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.644841] ? finish_task_switch.isra.0+0x153/0x700 [ 16.644865] ? __switch_to+0x47/0xf50 [ 16.644891] ? __schedule+0x10cc/0x2b60 [ 16.644922] ? __pfx_read_tsc+0x10/0x10 [ 16.644944] ? ktime_get_ts64+0x86/0x230 [ 16.644968] kunit_try_run_case+0x1a5/0x480 [ 16.645005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.645030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.645067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.645101] ? __kthread_parkme+0x82/0x180 [ 16.645123] ? preempt_count_sub+0x50/0x80 [ 16.645148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.645184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.645210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.645237] kthread+0x337/0x6f0 [ 16.645256] ? trace_preempt_on+0x20/0xc0 [ 16.645280] ? __pfx_kthread+0x10/0x10 [ 16.645301] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.645324] ? calculate_sigpending+0x7b/0xa0 [ 16.645350] ? __pfx_kthread+0x10/0x10 [ 16.645372] ret_from_fork+0x116/0x1d0 [ 16.645392] ? __pfx_kthread+0x10/0x10 [ 16.645422] ret_from_fork_asm+0x1a/0x30 [ 16.645454] </TASK> [ 16.645464] [ 16.652918] Allocated by task 302: [ 16.653047] kasan_save_stack+0x45/0x70 [ 16.653191] kasan_save_track+0x18/0x40 [ 16.653366] kasan_save_alloc_info+0x3b/0x50 [ 16.653618] __kasan_kmalloc+0xb7/0xc0 [ 16.653830] __kmalloc_noprof+0x1c9/0x500 [ 16.654036] kunit_kmalloc_array+0x25/0x60 [ 16.654318] copy_user_test_oob+0xab/0x10f0 [ 16.654496] kunit_try_run_case+0x1a5/0x480 [ 16.654643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.654830] kthread+0x337/0x6f0 [ 16.654950] ret_from_fork+0x116/0x1d0 [ 16.655247] ret_from_fork_asm+0x1a/0x30 [ 16.655445] [ 16.655539] The buggy address belongs to the object at ffff8881031fd400 [ 16.655539] which belongs to the cache kmalloc-128 of size 128 [ 16.656242] The buggy address is located 0 bytes inside of [ 16.656242] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.656733] [ 16.656830] The buggy address belongs to the physical page: [ 16.657143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.657384] flags: 0x200000000000000(node=0|zone=2) [ 16.657546] page_type: f5(slab) [ 16.657667] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.657909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.658288] page dumped because: kasan: bad access detected [ 16.658537] [ 16.658628] Memory state around the buggy address: [ 16.658858] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.659344] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.659628] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.659928] ^ [ 16.660257] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.660479] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.660693] ================================================================== [ 16.625117] ================================================================== [ 16.625461] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.625798] Write of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.626111] [ 16.626238] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.626281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.626294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.626316] Call Trace: [ 16.626330] <TASK> [ 16.626347] dump_stack_lvl+0x73/0xb0 [ 16.626390] print_report+0xd1/0x650 [ 16.626414] ? __virt_addr_valid+0x1db/0x2d0 [ 16.626451] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.626476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.626502] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.626538] kasan_report+0x141/0x180 [ 16.626560] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.626590] kasan_check_range+0x10c/0x1c0 [ 16.626616] __kasan_check_write+0x18/0x20 [ 16.626637] copy_user_test_oob+0x3fd/0x10f0 [ 16.626664] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.626696] ? finish_task_switch.isra.0+0x153/0x700 [ 16.626739] ? __switch_to+0x47/0xf50 [ 16.626765] ? __schedule+0x10cc/0x2b60 [ 16.626801] ? __pfx_read_tsc+0x10/0x10 [ 16.626823] ? ktime_get_ts64+0x86/0x230 [ 16.626848] kunit_try_run_case+0x1a5/0x480 [ 16.626883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.626908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.626934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.626959] ? __kthread_parkme+0x82/0x180 [ 16.626981] ? preempt_count_sub+0x50/0x80 [ 16.627006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.627032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.627067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.627094] kthread+0x337/0x6f0 [ 16.627114] ? trace_preempt_on+0x20/0xc0 [ 16.627139] ? __pfx_kthread+0x10/0x10 [ 16.627160] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.627183] ? calculate_sigpending+0x7b/0xa0 [ 16.627209] ? __pfx_kthread+0x10/0x10 [ 16.627231] ret_from_fork+0x116/0x1d0 [ 16.627251] ? __pfx_kthread+0x10/0x10 [ 16.627273] ret_from_fork_asm+0x1a/0x30 [ 16.627305] </TASK> [ 16.627316] [ 16.634757] Allocated by task 302: [ 16.634932] kasan_save_stack+0x45/0x70 [ 16.635157] kasan_save_track+0x18/0x40 [ 16.635295] kasan_save_alloc_info+0x3b/0x50 [ 16.635466] __kasan_kmalloc+0xb7/0xc0 [ 16.635668] __kmalloc_noprof+0x1c9/0x500 [ 16.635887] kunit_kmalloc_array+0x25/0x60 [ 16.636142] copy_user_test_oob+0xab/0x10f0 [ 16.636322] kunit_try_run_case+0x1a5/0x480 [ 16.636528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636778] kthread+0x337/0x6f0 [ 16.636900] ret_from_fork+0x116/0x1d0 [ 16.637112] ret_from_fork_asm+0x1a/0x30 [ 16.637323] [ 16.637433] The buggy address belongs to the object at ffff8881031fd400 [ 16.637433] which belongs to the cache kmalloc-128 of size 128 [ 16.637945] The buggy address is located 0 bytes inside of [ 16.637945] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.638435] [ 16.638508] The buggy address belongs to the physical page: [ 16.638681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.639071] flags: 0x200000000000000(node=0|zone=2) [ 16.639285] page_type: f5(slab) [ 16.639406] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.639767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.640139] page dumped because: kasan: bad access detected [ 16.640426] [ 16.640522] Memory state around the buggy address: [ 16.640748] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.640965] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641181] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.641499] ^ [ 16.641819] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.642304] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.642517] ================================================================== [ 16.690324] ================================================================== [ 16.690796] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.691435] Read of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.692166] [ 16.692300] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.692352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.692366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.692387] Call Trace: [ 16.692401] <TASK> [ 16.692416] dump_stack_lvl+0x73/0xb0 [ 16.692448] print_report+0xd1/0x650 [ 16.692471] ? __virt_addr_valid+0x1db/0x2d0 [ 16.692495] ? copy_user_test_oob+0x604/0x10f0 [ 16.692521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.692545] ? copy_user_test_oob+0x604/0x10f0 [ 16.692570] kasan_report+0x141/0x180 [ 16.692593] ? copy_user_test_oob+0x604/0x10f0 [ 16.692623] kasan_check_range+0x10c/0x1c0 [ 16.692648] __kasan_check_read+0x15/0x20 [ 16.692670] copy_user_test_oob+0x604/0x10f0 [ 16.692696] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.692735] ? finish_task_switch.isra.0+0x153/0x700 [ 16.692758] ? __switch_to+0x47/0xf50 [ 16.692784] ? __schedule+0x10cc/0x2b60 [ 16.692806] ? __pfx_read_tsc+0x10/0x10 [ 16.692828] ? ktime_get_ts64+0x86/0x230 [ 16.692853] kunit_try_run_case+0x1a5/0x480 [ 16.692878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.692902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.692939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.692964] ? __kthread_parkme+0x82/0x180 [ 16.692986] ? preempt_count_sub+0x50/0x80 [ 16.693022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.693049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.693075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.693111] kthread+0x337/0x6f0 [ 16.693131] ? trace_preempt_on+0x20/0xc0 [ 16.693155] ? __pfx_kthread+0x10/0x10 [ 16.693177] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.693199] ? calculate_sigpending+0x7b/0xa0 [ 16.693225] ? __pfx_kthread+0x10/0x10 [ 16.693248] ret_from_fork+0x116/0x1d0 [ 16.693267] ? __pfx_kthread+0x10/0x10 [ 16.693289] ret_from_fork_asm+0x1a/0x30 [ 16.693320] </TASK> [ 16.693332] [ 16.700725] Allocated by task 302: [ 16.700907] kasan_save_stack+0x45/0x70 [ 16.701129] kasan_save_track+0x18/0x40 [ 16.701333] kasan_save_alloc_info+0x3b/0x50 [ 16.701732] __kasan_kmalloc+0xb7/0xc0 [ 16.701947] __kmalloc_noprof+0x1c9/0x500 [ 16.702094] kunit_kmalloc_array+0x25/0x60 [ 16.702253] copy_user_test_oob+0xab/0x10f0 [ 16.702500] kunit_try_run_case+0x1a5/0x480 [ 16.702719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702977] kthread+0x337/0x6f0 [ 16.703165] ret_from_fork+0x116/0x1d0 [ 16.703353] ret_from_fork_asm+0x1a/0x30 [ 16.703541] [ 16.703642] The buggy address belongs to the object at ffff8881031fd400 [ 16.703642] which belongs to the cache kmalloc-128 of size 128 [ 16.704071] The buggy address is located 0 bytes inside of [ 16.704071] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.704432] [ 16.704521] The buggy address belongs to the physical page: [ 16.704816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.705160] flags: 0x200000000000000(node=0|zone=2) [ 16.705429] page_type: f5(slab) [ 16.705550] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.705790] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.706319] page dumped because: kasan: bad access detected [ 16.706573] [ 16.706679] Memory state around the buggy address: [ 16.706918] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.707292] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707504] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.707993] ^ [ 16.708671] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.708941] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709456] ================================================================== [ 16.661340] ================================================================== [ 16.662802] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.663580] Write of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.664530] [ 16.664891] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.665084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.665099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.665158] Call Trace: [ 16.665176] <TASK> [ 16.665192] dump_stack_lvl+0x73/0xb0 [ 16.665225] print_report+0xd1/0x650 [ 16.665249] ? __virt_addr_valid+0x1db/0x2d0 [ 16.665273] ? copy_user_test_oob+0x557/0x10f0 [ 16.665298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.665323] ? copy_user_test_oob+0x557/0x10f0 [ 16.665348] kasan_report+0x141/0x180 [ 16.665370] ? copy_user_test_oob+0x557/0x10f0 [ 16.665399] kasan_check_range+0x10c/0x1c0 [ 16.665424] __kasan_check_write+0x18/0x20 [ 16.665445] copy_user_test_oob+0x557/0x10f0 [ 16.665471] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.665495] ? finish_task_switch.isra.0+0x153/0x700 [ 16.665519] ? __switch_to+0x47/0xf50 [ 16.665546] ? __schedule+0x10cc/0x2b60 [ 16.665569] ? __pfx_read_tsc+0x10/0x10 [ 16.665591] ? ktime_get_ts64+0x86/0x230 [ 16.665616] kunit_try_run_case+0x1a5/0x480 [ 16.665641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.665666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.665692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.665729] ? __kthread_parkme+0x82/0x180 [ 16.665752] ? preempt_count_sub+0x50/0x80 [ 16.665777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.665802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.665828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.665855] kthread+0x337/0x6f0 [ 16.665875] ? trace_preempt_on+0x20/0xc0 [ 16.665900] ? __pfx_kthread+0x10/0x10 [ 16.665922] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.665945] ? calculate_sigpending+0x7b/0xa0 [ 16.665970] ? __pfx_kthread+0x10/0x10 [ 16.665993] ret_from_fork+0x116/0x1d0 [ 16.666013] ? __pfx_kthread+0x10/0x10 [ 16.666034] ret_from_fork_asm+0x1a/0x30 [ 16.666079] </TASK> [ 16.666090] [ 16.676643] Allocated by task 302: [ 16.677105] kasan_save_stack+0x45/0x70 [ 16.677380] kasan_save_track+0x18/0x40 [ 16.677808] kasan_save_alloc_info+0x3b/0x50 [ 16.678103] __kasan_kmalloc+0xb7/0xc0 [ 16.678426] __kmalloc_noprof+0x1c9/0x500 [ 16.678611] kunit_kmalloc_array+0x25/0x60 [ 16.678815] copy_user_test_oob+0xab/0x10f0 [ 16.679014] kunit_try_run_case+0x1a5/0x480 [ 16.679504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.679983] kthread+0x337/0x6f0 [ 16.680257] ret_from_fork+0x116/0x1d0 [ 16.680549] ret_from_fork_asm+0x1a/0x30 [ 16.680959] [ 16.681202] The buggy address belongs to the object at ffff8881031fd400 [ 16.681202] which belongs to the cache kmalloc-128 of size 128 [ 16.682018] The buggy address is located 0 bytes inside of [ 16.682018] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.682510] [ 16.682604] The buggy address belongs to the physical page: [ 16.683232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.683710] flags: 0x200000000000000(node=0|zone=2) [ 16.684140] page_type: f5(slab) [ 16.684459] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.684805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.685328] page dumped because: kasan: bad access detected [ 16.685774] [ 16.685872] Memory state around the buggy address: [ 16.686497] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.686840] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687279] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.687873] ^ [ 16.688321] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688619] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688919] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.602460] ================================================================== [ 16.602794] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.603118] Read of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.603441] [ 16.603556] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.603611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.603624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.603646] Call Trace: [ 16.603660] <TASK> [ 16.603686] dump_stack_lvl+0x73/0xb0 [ 16.603727] print_report+0xd1/0x650 [ 16.603750] ? __virt_addr_valid+0x1db/0x2d0 [ 16.603774] ? _copy_to_user+0x3c/0x70 [ 16.603803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.603828] ? _copy_to_user+0x3c/0x70 [ 16.603849] kasan_report+0x141/0x180 [ 16.603881] ? _copy_to_user+0x3c/0x70 [ 16.603906] kasan_check_range+0x10c/0x1c0 [ 16.603931] __kasan_check_read+0x15/0x20 [ 16.603952] _copy_to_user+0x3c/0x70 [ 16.603973] copy_user_test_oob+0x364/0x10f0 [ 16.604000] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.604024] ? finish_task_switch.isra.0+0x153/0x700 [ 16.604059] ? __switch_to+0x47/0xf50 [ 16.604086] ? __schedule+0x10cc/0x2b60 [ 16.604109] ? __pfx_read_tsc+0x10/0x10 [ 16.604132] ? ktime_get_ts64+0x86/0x230 [ 16.604166] kunit_try_run_case+0x1a5/0x480 [ 16.604191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.604216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.604252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.604278] ? __kthread_parkme+0x82/0x180 [ 16.604300] ? preempt_count_sub+0x50/0x80 [ 16.604331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.604357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.604392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.604419] kthread+0x337/0x6f0 [ 16.604450] ? trace_preempt_on+0x20/0xc0 [ 16.604475] ? __pfx_kthread+0x10/0x10 [ 16.604496] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.604519] ? calculate_sigpending+0x7b/0xa0 [ 16.604544] ? __pfx_kthread+0x10/0x10 [ 16.604567] ret_from_fork+0x116/0x1d0 [ 16.604587] ? __pfx_kthread+0x10/0x10 [ 16.604609] ret_from_fork_asm+0x1a/0x30 [ 16.604641] </TASK> [ 16.604651] [ 16.612365] Allocated by task 302: [ 16.612543] kasan_save_stack+0x45/0x70 [ 16.612751] kasan_save_track+0x18/0x40 [ 16.612939] kasan_save_alloc_info+0x3b/0x50 [ 16.613289] __kasan_kmalloc+0xb7/0xc0 [ 16.613458] __kmalloc_noprof+0x1c9/0x500 [ 16.613599] kunit_kmalloc_array+0x25/0x60 [ 16.613788] copy_user_test_oob+0xab/0x10f0 [ 16.613997] kunit_try_run_case+0x1a5/0x480 [ 16.614321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.614563] kthread+0x337/0x6f0 [ 16.614757] ret_from_fork+0x116/0x1d0 [ 16.614941] ret_from_fork_asm+0x1a/0x30 [ 16.615162] [ 16.615268] The buggy address belongs to the object at ffff8881031fd400 [ 16.615268] which belongs to the cache kmalloc-128 of size 128 [ 16.615788] The buggy address is located 0 bytes inside of [ 16.615788] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.616427] [ 16.616516] The buggy address belongs to the physical page: [ 16.616800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.617158] flags: 0x200000000000000(node=0|zone=2) [ 16.617323] page_type: f5(slab) [ 16.617445] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.617676] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.618021] page dumped because: kasan: bad access detected [ 16.618350] [ 16.618455] Memory state around the buggy address: [ 16.618669] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.618899] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.619113] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.619818] ^ [ 16.620229] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620512] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.580036] ================================================================== [ 16.580654] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.580965] Write of size 121 at addr ffff8881031fd400 by task kunit_try_catch/302 [ 16.581320] [ 16.581464] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.581513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.581526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.581564] Call Trace: [ 16.581579] <TASK> [ 16.581599] dump_stack_lvl+0x73/0xb0 [ 16.581634] print_report+0xd1/0x650 [ 16.581669] ? __virt_addr_valid+0x1db/0x2d0 [ 16.581695] ? _copy_from_user+0x32/0x90 [ 16.581734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.581760] ? _copy_from_user+0x32/0x90 [ 16.581781] kasan_report+0x141/0x180 [ 16.581804] ? _copy_from_user+0x32/0x90 [ 16.581829] kasan_check_range+0x10c/0x1c0 [ 16.581864] __kasan_check_write+0x18/0x20 [ 16.581885] _copy_from_user+0x32/0x90 [ 16.581906] copy_user_test_oob+0x2be/0x10f0 [ 16.581945] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.581970] ? finish_task_switch.isra.0+0x153/0x700 [ 16.581995] ? __switch_to+0x47/0xf50 [ 16.582022] ? __schedule+0x10cc/0x2b60 [ 16.582067] ? __pfx_read_tsc+0x10/0x10 [ 16.582091] ? ktime_get_ts64+0x86/0x230 [ 16.582117] kunit_try_run_case+0x1a5/0x480 [ 16.582143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.582167] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.582192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.582217] ? __kthread_parkme+0x82/0x180 [ 16.582240] ? preempt_count_sub+0x50/0x80 [ 16.582265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.582300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.582364] kthread+0x337/0x6f0 [ 16.582383] ? trace_preempt_on+0x20/0xc0 [ 16.582409] ? __pfx_kthread+0x10/0x10 [ 16.582431] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.582455] ? calculate_sigpending+0x7b/0xa0 [ 16.582482] ? __pfx_kthread+0x10/0x10 [ 16.582504] ret_from_fork+0x116/0x1d0 [ 16.582524] ? __pfx_kthread+0x10/0x10 [ 16.582546] ret_from_fork_asm+0x1a/0x30 [ 16.582578] </TASK> [ 16.582591] [ 16.590840] Allocated by task 302: [ 16.590978] kasan_save_stack+0x45/0x70 [ 16.591350] kasan_save_track+0x18/0x40 [ 16.591558] kasan_save_alloc_info+0x3b/0x50 [ 16.591774] __kasan_kmalloc+0xb7/0xc0 [ 16.591942] __kmalloc_noprof+0x1c9/0x500 [ 16.592273] kunit_kmalloc_array+0x25/0x60 [ 16.592473] copy_user_test_oob+0xab/0x10f0 [ 16.592635] kunit_try_run_case+0x1a5/0x480 [ 16.592792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.592969] kthread+0x337/0x6f0 [ 16.593102] ret_from_fork+0x116/0x1d0 [ 16.593423] ret_from_fork_asm+0x1a/0x30 [ 16.593733] [ 16.593830] The buggy address belongs to the object at ffff8881031fd400 [ 16.593830] which belongs to the cache kmalloc-128 of size 128 [ 16.594468] The buggy address is located 0 bytes inside of [ 16.594468] allocated 120-byte region [ffff8881031fd400, ffff8881031fd478) [ 16.594977] [ 16.595133] The buggy address belongs to the physical page: [ 16.595320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.595640] flags: 0x200000000000000(node=0|zone=2) [ 16.595898] page_type: f5(slab) [ 16.596096] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.596413] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.596737] page dumped because: kasan: bad access detected [ 16.596957] [ 16.597077] Memory state around the buggy address: [ 16.597279] ffff8881031fd300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597546] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597773] >ffff8881031fd400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.597987] ^ [ 16.598198] ffff8881031fd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598445] ffff8881031fd500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598775] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.516866] ================================================================== [ 16.517666] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.518060] Read of size 8 at addr ffff8881031fd378 by task kunit_try_catch/298 [ 16.518490] [ 16.518609] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.518659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.518691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.518726] Call Trace: [ 16.518763] <TASK> [ 16.518784] dump_stack_lvl+0x73/0xb0 [ 16.518819] print_report+0xd1/0x650 [ 16.518858] ? __virt_addr_valid+0x1db/0x2d0 [ 16.518883] ? copy_to_kernel_nofault+0x225/0x260 [ 16.518909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.518935] ? copy_to_kernel_nofault+0x225/0x260 [ 16.518960] kasan_report+0x141/0x180 [ 16.518983] ? copy_to_kernel_nofault+0x225/0x260 [ 16.519039] __asan_report_load8_noabort+0x18/0x20 [ 16.519066] copy_to_kernel_nofault+0x225/0x260 [ 16.519093] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.519130] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.519155] ? finish_task_switch.isra.0+0x153/0x700 [ 16.519182] ? __schedule+0x10cc/0x2b60 [ 16.519231] ? trace_hardirqs_on+0x37/0xe0 [ 16.519265] ? __pfx_read_tsc+0x10/0x10 [ 16.519309] ? ktime_get_ts64+0x86/0x230 [ 16.519438] kunit_try_run_case+0x1a5/0x480 [ 16.519466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.519516] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.519542] ? __kthread_parkme+0x82/0x180 [ 16.519565] ? preempt_count_sub+0x50/0x80 [ 16.519589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.519668] kthread+0x337/0x6f0 [ 16.519688] ? trace_preempt_on+0x20/0xc0 [ 16.519722] ? __pfx_kthread+0x10/0x10 [ 16.519744] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.519767] ? calculate_sigpending+0x7b/0xa0 [ 16.519793] ? __pfx_kthread+0x10/0x10 [ 16.519815] ret_from_fork+0x116/0x1d0 [ 16.519835] ? __pfx_kthread+0x10/0x10 [ 16.519857] ret_from_fork_asm+0x1a/0x30 [ 16.519890] </TASK> [ 16.519902] [ 16.528450] Allocated by task 298: [ 16.528699] kasan_save_stack+0x45/0x70 [ 16.528990] kasan_save_track+0x18/0x40 [ 16.529332] kasan_save_alloc_info+0x3b/0x50 [ 16.529718] __kasan_kmalloc+0xb7/0xc0 [ 16.529853] __kmalloc_cache_noprof+0x189/0x420 [ 16.530007] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.530519] kunit_try_run_case+0x1a5/0x480 [ 16.530805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.531060] kthread+0x337/0x6f0 [ 16.531289] ret_from_fork+0x116/0x1d0 [ 16.531613] ret_from_fork_asm+0x1a/0x30 [ 16.531818] [ 16.531925] The buggy address belongs to the object at ffff8881031fd300 [ 16.531925] which belongs to the cache kmalloc-128 of size 128 [ 16.532594] The buggy address is located 0 bytes to the right of [ 16.532594] allocated 120-byte region [ffff8881031fd300, ffff8881031fd378) [ 16.533154] [ 16.533309] The buggy address belongs to the physical page: [ 16.533604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.533979] flags: 0x200000000000000(node=0|zone=2) [ 16.534317] page_type: f5(slab) [ 16.534445] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.534810] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.535204] page dumped because: kasan: bad access detected [ 16.535475] [ 16.535637] Memory state around the buggy address: [ 16.535961] ffff8881031fd200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.536285] ffff8881031fd280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.536660] >ffff8881031fd300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.537000] ^ [ 16.537394] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.538099] ffff8881031fd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.538488] ================================================================== [ 16.539202] ================================================================== [ 16.539520] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.539889] Write of size 8 at addr ffff8881031fd378 by task kunit_try_catch/298 [ 16.540202] [ 16.540311] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.540402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.540416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.540437] Call Trace: [ 16.540462] <TASK> [ 16.540478] dump_stack_lvl+0x73/0xb0 [ 16.540509] print_report+0xd1/0x650 [ 16.540532] ? __virt_addr_valid+0x1db/0x2d0 [ 16.540556] ? copy_to_kernel_nofault+0x99/0x260 [ 16.540581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.540607] ? copy_to_kernel_nofault+0x99/0x260 [ 16.540652] kasan_report+0x141/0x180 [ 16.540675] ? copy_to_kernel_nofault+0x99/0x260 [ 16.540715] kasan_check_range+0x10c/0x1c0 [ 16.540741] __kasan_check_write+0x18/0x20 [ 16.540761] copy_to_kernel_nofault+0x99/0x260 [ 16.540788] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.540814] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.540841] ? finish_task_switch.isra.0+0x153/0x700 [ 16.540866] ? __schedule+0x10cc/0x2b60 [ 16.540888] ? trace_hardirqs_on+0x37/0xe0 [ 16.540920] ? __pfx_read_tsc+0x10/0x10 [ 16.540942] ? ktime_get_ts64+0x86/0x230 [ 16.540967] kunit_try_run_case+0x1a5/0x480 [ 16.540992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.541016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.541072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.541099] ? __kthread_parkme+0x82/0x180 [ 16.541135] ? preempt_count_sub+0x50/0x80 [ 16.541173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.541212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.541252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.541279] kthread+0x337/0x6f0 [ 16.541313] ? trace_preempt_on+0x20/0xc0 [ 16.541350] ? __pfx_kthread+0x10/0x10 [ 16.541385] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.541434] ? calculate_sigpending+0x7b/0xa0 [ 16.541484] ? __pfx_kthread+0x10/0x10 [ 16.541507] ret_from_fork+0x116/0x1d0 [ 16.541528] ? __pfx_kthread+0x10/0x10 [ 16.542093] ret_from_fork_asm+0x1a/0x30 [ 16.542353] </TASK> [ 16.542369] [ 16.555159] Allocated by task 298: [ 16.555527] kasan_save_stack+0x45/0x70 [ 16.555744] kasan_save_track+0x18/0x40 [ 16.555921] kasan_save_alloc_info+0x3b/0x50 [ 16.556471] __kasan_kmalloc+0xb7/0xc0 [ 16.556758] __kmalloc_cache_noprof+0x189/0x420 [ 16.557370] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.557651] kunit_try_run_case+0x1a5/0x480 [ 16.557858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.558303] kthread+0x337/0x6f0 [ 16.558611] ret_from_fork+0x116/0x1d0 [ 16.558948] ret_from_fork_asm+0x1a/0x30 [ 16.559470] [ 16.559578] The buggy address belongs to the object at ffff8881031fd300 [ 16.559578] which belongs to the cache kmalloc-128 of size 128 [ 16.560327] The buggy address is located 0 bytes to the right of [ 16.560327] allocated 120-byte region [ffff8881031fd300, ffff8881031fd378) [ 16.560956] [ 16.561272] The buggy address belongs to the physical page: [ 16.561553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031fd [ 16.561898] flags: 0x200000000000000(node=0|zone=2) [ 16.562388] page_type: f5(slab) [ 16.562605] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.563227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.563567] page dumped because: kasan: bad access detected [ 16.563816] [ 16.563905] Memory state around the buggy address: [ 16.564416] ffff8881031fd200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.564887] ffff8881031fd280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565434] >ffff8881031fd300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.565740] ^ [ 16.566237] ffff8881031fd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566779] ffff8881031fd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.340379] ================================================================== [ 15.340778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.341220] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.341487] [ 15.341653] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.341696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.341720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.341740] Call Trace: [ 15.341755] <TASK> [ 15.341771] dump_stack_lvl+0x73/0xb0 [ 15.341800] print_report+0xd1/0x650 [ 15.341857] ? __virt_addr_valid+0x1db/0x2d0 [ 15.341881] ? kasan_atomics_helper+0x992/0x5450 [ 15.341904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.341939] ? kasan_atomics_helper+0x992/0x5450 [ 15.341962] kasan_report+0x141/0x180 [ 15.341985] ? kasan_atomics_helper+0x992/0x5450 [ 15.342012] kasan_check_range+0x10c/0x1c0 [ 15.342037] __kasan_check_write+0x18/0x20 [ 15.342058] kasan_atomics_helper+0x992/0x5450 [ 15.342082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.342171] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.342198] ? kasan_atomics+0x152/0x310 [ 15.342261] kasan_atomics+0x1dc/0x310 [ 15.342308] ? __pfx_kasan_atomics+0x10/0x10 [ 15.342332] ? trace_hardirqs_on+0x37/0xe0 [ 15.342356] ? __pfx_read_tsc+0x10/0x10 [ 15.342377] ? ktime_get_ts64+0x86/0x230 [ 15.342402] kunit_try_run_case+0x1a5/0x480 [ 15.342427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342454] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.342481] ? __kthread_parkme+0x82/0x180 [ 15.342503] ? preempt_count_sub+0x50/0x80 [ 15.342528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.342607] kthread+0x337/0x6f0 [ 15.342627] ? trace_preempt_on+0x20/0xc0 [ 15.342651] ? __pfx_kthread+0x10/0x10 [ 15.342673] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.342695] ? calculate_sigpending+0x7b/0xa0 [ 15.342730] ? __pfx_kthread+0x10/0x10 [ 15.342752] ret_from_fork+0x116/0x1d0 [ 15.342772] ? __pfx_kthread+0x10/0x10 [ 15.342794] ret_from_fork_asm+0x1a/0x30 [ 15.342827] </TASK> [ 15.342837] [ 15.351639] Allocated by task 282: [ 15.351826] kasan_save_stack+0x45/0x70 [ 15.352032] kasan_save_track+0x18/0x40 [ 15.352218] kasan_save_alloc_info+0x3b/0x50 [ 15.352591] __kasan_kmalloc+0xb7/0xc0 [ 15.352741] __kmalloc_cache_noprof+0x189/0x420 [ 15.352990] kasan_atomics+0x95/0x310 [ 15.353424] kunit_try_run_case+0x1a5/0x480 [ 15.353587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.353800] kthread+0x337/0x6f0 [ 15.354010] ret_from_fork+0x116/0x1d0 [ 15.354385] ret_from_fork_asm+0x1a/0x30 [ 15.354649] [ 15.354757] The buggy address belongs to the object at ffff8881038e3c00 [ 15.354757] which belongs to the cache kmalloc-64 of size 64 [ 15.355394] The buggy address is located 0 bytes to the right of [ 15.355394] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.355886] [ 15.355986] The buggy address belongs to the physical page: [ 15.356465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.356743] flags: 0x200000000000000(node=0|zone=2) [ 15.357029] page_type: f5(slab) [ 15.357198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.357648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.357978] page dumped because: kasan: bad access detected [ 15.358286] [ 15.358385] Memory state around the buggy address: [ 15.358657] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358985] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.359328] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.359793] ^ [ 15.360000] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360376] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360649] ================================================================== [ 15.629640] ================================================================== [ 15.630312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.631102] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.631654] [ 15.632048] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.632097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.632110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.632132] Call Trace: [ 15.632150] <TASK> [ 15.632168] dump_stack_lvl+0x73/0xb0 [ 15.632200] print_report+0xd1/0x650 [ 15.632223] ? __virt_addr_valid+0x1db/0x2d0 [ 15.632248] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.632272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.632296] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.632325] kasan_report+0x141/0x180 [ 15.632347] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.632375] __asan_report_load4_noabort+0x18/0x20 [ 15.632401] kasan_atomics_helper+0x4a36/0x5450 [ 15.632425] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.632449] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.632476] ? kasan_atomics+0x152/0x310 [ 15.632504] kasan_atomics+0x1dc/0x310 [ 15.632527] ? __pfx_kasan_atomics+0x10/0x10 [ 15.632551] ? trace_hardirqs_on+0x37/0xe0 [ 15.632576] ? __pfx_read_tsc+0x10/0x10 [ 15.632598] ? ktime_get_ts64+0x86/0x230 [ 15.632624] kunit_try_run_case+0x1a5/0x480 [ 15.632650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632676] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.632717] ? __kthread_parkme+0x82/0x180 [ 15.632748] ? preempt_count_sub+0x50/0x80 [ 15.632774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.632851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.632878] kthread+0x337/0x6f0 [ 15.632898] ? trace_preempt_on+0x20/0xc0 [ 15.632921] ? __pfx_kthread+0x10/0x10 [ 15.632943] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.632965] ? calculate_sigpending+0x7b/0xa0 [ 15.632990] ? __pfx_kthread+0x10/0x10 [ 15.633013] ret_from_fork+0x116/0x1d0 [ 15.633040] ? __pfx_kthread+0x10/0x10 [ 15.633073] ret_from_fork_asm+0x1a/0x30 [ 15.633106] </TASK> [ 15.633117] [ 15.647101] Allocated by task 282: [ 15.647379] kasan_save_stack+0x45/0x70 [ 15.647772] kasan_save_track+0x18/0x40 [ 15.648071] kasan_save_alloc_info+0x3b/0x50 [ 15.648293] __kasan_kmalloc+0xb7/0xc0 [ 15.648479] __kmalloc_cache_noprof+0x189/0x420 [ 15.648637] kasan_atomics+0x95/0x310 [ 15.648783] kunit_try_run_case+0x1a5/0x480 [ 15.648931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.649126] kthread+0x337/0x6f0 [ 15.649248] ret_from_fork+0x116/0x1d0 [ 15.649390] ret_from_fork_asm+0x1a/0x30 [ 15.649584] [ 15.649687] The buggy address belongs to the object at ffff8881038e3c00 [ 15.649687] which belongs to the cache kmalloc-64 of size 64 [ 15.650804] The buggy address is located 0 bytes to the right of [ 15.650804] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.651401] [ 15.651476] The buggy address belongs to the physical page: [ 15.651650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.652212] flags: 0x200000000000000(node=0|zone=2) [ 15.652714] page_type: f5(slab) [ 15.653074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.654020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.654796] page dumped because: kasan: bad access detected [ 15.655345] [ 15.655504] Memory state around the buggy address: [ 15.656024] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.656734] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.657182] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.657399] ^ [ 15.657553] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.657790] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658134] ================================================================== [ 15.600110] ================================================================== [ 15.600639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.601042] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.601670] [ 15.601783] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.601828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.601840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.601868] Call Trace: [ 15.601884] <TASK> [ 15.601899] dump_stack_lvl+0x73/0xb0 [ 15.601928] print_report+0xd1/0x650 [ 15.601951] ? __virt_addr_valid+0x1db/0x2d0 [ 15.601975] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.601997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.602022] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.602073] kasan_report+0x141/0x180 [ 15.602106] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.602133] kasan_check_range+0x10c/0x1c0 [ 15.602158] __kasan_check_write+0x18/0x20 [ 15.602179] kasan_atomics_helper+0xfa9/0x5450 [ 15.602213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.602238] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.602264] ? kasan_atomics+0x152/0x310 [ 15.602292] kasan_atomics+0x1dc/0x310 [ 15.602315] ? __pfx_kasan_atomics+0x10/0x10 [ 15.602339] ? trace_hardirqs_on+0x37/0xe0 [ 15.602364] ? __pfx_read_tsc+0x10/0x10 [ 15.602385] ? ktime_get_ts64+0x86/0x230 [ 15.602410] kunit_try_run_case+0x1a5/0x480 [ 15.602435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602461] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.602488] ? __kthread_parkme+0x82/0x180 [ 15.602509] ? preempt_count_sub+0x50/0x80 [ 15.602533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.602611] kthread+0x337/0x6f0 [ 15.602632] ? trace_preempt_on+0x20/0xc0 [ 15.602655] ? __pfx_kthread+0x10/0x10 [ 15.602677] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.602699] ? calculate_sigpending+0x7b/0xa0 [ 15.602735] ? __pfx_kthread+0x10/0x10 [ 15.602758] ret_from_fork+0x116/0x1d0 [ 15.602778] ? __pfx_kthread+0x10/0x10 [ 15.602800] ret_from_fork_asm+0x1a/0x30 [ 15.602832] </TASK> [ 15.602843] [ 15.615477] Allocated by task 282: [ 15.615811] kasan_save_stack+0x45/0x70 [ 15.616185] kasan_save_track+0x18/0x40 [ 15.616691] kasan_save_alloc_info+0x3b/0x50 [ 15.616933] __kasan_kmalloc+0xb7/0xc0 [ 15.617200] __kmalloc_cache_noprof+0x189/0x420 [ 15.617635] kasan_atomics+0x95/0x310 [ 15.617991] kunit_try_run_case+0x1a5/0x480 [ 15.618354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.618542] kthread+0x337/0x6f0 [ 15.618665] ret_from_fork+0x116/0x1d0 [ 15.618815] ret_from_fork_asm+0x1a/0x30 [ 15.618958] [ 15.619088] The buggy address belongs to the object at ffff8881038e3c00 [ 15.619088] which belongs to the cache kmalloc-64 of size 64 [ 15.620287] The buggy address is located 0 bytes to the right of [ 15.620287] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.621461] [ 15.621693] The buggy address belongs to the physical page: [ 15.622267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.623173] flags: 0x200000000000000(node=0|zone=2) [ 15.623606] page_type: f5(slab) [ 15.623921] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.624529] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.624963] page dumped because: kasan: bad access detected [ 15.625468] [ 15.625640] Memory state around the buggy address: [ 15.626201] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.626503] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.626735] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.626948] ^ [ 15.627437] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628113] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628789] ================================================================== [ 15.795105] ================================================================== [ 15.795757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.796169] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.796557] [ 15.796674] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.796726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.796739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.796760] Call Trace: [ 15.796774] <TASK> [ 15.796790] dump_stack_lvl+0x73/0xb0 [ 15.796821] print_report+0xd1/0x650 [ 15.796843] ? __virt_addr_valid+0x1db/0x2d0 [ 15.796866] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.796889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.796913] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.796936] kasan_report+0x141/0x180 [ 15.796958] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.796988] kasan_check_range+0x10c/0x1c0 [ 15.797015] __kasan_check_write+0x18/0x20 [ 15.797035] kasan_atomics_helper+0x12e6/0x5450 [ 15.797282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.797307] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.797334] ? kasan_atomics+0x152/0x310 [ 15.797361] kasan_atomics+0x1dc/0x310 [ 15.797385] ? __pfx_kasan_atomics+0x10/0x10 [ 15.797408] ? trace_hardirqs_on+0x37/0xe0 [ 15.797433] ? __pfx_read_tsc+0x10/0x10 [ 15.797454] ? ktime_get_ts64+0x86/0x230 [ 15.797479] kunit_try_run_case+0x1a5/0x480 [ 15.797504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797530] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.797557] ? __kthread_parkme+0x82/0x180 [ 15.797579] ? preempt_count_sub+0x50/0x80 [ 15.797605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.797657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.797684] kthread+0x337/0x6f0 [ 15.797715] ? trace_preempt_on+0x20/0xc0 [ 15.797739] ? __pfx_kthread+0x10/0x10 [ 15.797760] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.797783] ? calculate_sigpending+0x7b/0xa0 [ 15.797808] ? __pfx_kthread+0x10/0x10 [ 15.797831] ret_from_fork+0x116/0x1d0 [ 15.797850] ? __pfx_kthread+0x10/0x10 [ 15.797872] ret_from_fork_asm+0x1a/0x30 [ 15.797904] </TASK> [ 15.797915] [ 15.808426] Allocated by task 282: [ 15.808592] kasan_save_stack+0x45/0x70 [ 15.808933] kasan_save_track+0x18/0x40 [ 15.809257] kasan_save_alloc_info+0x3b/0x50 [ 15.809557] __kasan_kmalloc+0xb7/0xc0 [ 15.809845] __kmalloc_cache_noprof+0x189/0x420 [ 15.810193] kasan_atomics+0x95/0x310 [ 15.810391] kunit_try_run_case+0x1a5/0x480 [ 15.810590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.810849] kthread+0x337/0x6f0 [ 15.811011] ret_from_fork+0x116/0x1d0 [ 15.811447] ret_from_fork_asm+0x1a/0x30 [ 15.811769] [ 15.811864] The buggy address belongs to the object at ffff8881038e3c00 [ 15.811864] which belongs to the cache kmalloc-64 of size 64 [ 15.812664] The buggy address is located 0 bytes to the right of [ 15.812664] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.813344] [ 15.813465] The buggy address belongs to the physical page: [ 15.813857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.814300] flags: 0x200000000000000(node=0|zone=2) [ 15.814589] page_type: f5(slab) [ 15.814781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.815289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.815627] page dumped because: kasan: bad access detected [ 15.815883] [ 15.815971] Memory state around the buggy address: [ 15.816421] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.816824] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.817293] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.817715] ^ [ 15.818032] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.818472] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.818794] ================================================================== [ 15.181162] ================================================================== [ 15.181401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.181636] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.181972] [ 15.182061] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.182105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.182118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.182140] Call Trace: [ 15.182155] <TASK> [ 15.182170] dump_stack_lvl+0x73/0xb0 [ 15.182199] print_report+0xd1/0x650 [ 15.182221] ? __virt_addr_valid+0x1db/0x2d0 [ 15.182243] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.182265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.182288] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.182309] kasan_report+0x141/0x180 [ 15.182331] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.182357] __asan_report_store4_noabort+0x1b/0x30 [ 15.182383] kasan_atomics_helper+0x4b3a/0x5450 [ 15.182407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.182429] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.182455] ? kasan_atomics+0x152/0x310 [ 15.182482] kasan_atomics+0x1dc/0x310 [ 15.183054] ? __pfx_kasan_atomics+0x10/0x10 [ 15.183095] ? trace_hardirqs_on+0x37/0xe0 [ 15.183121] ? __pfx_read_tsc+0x10/0x10 [ 15.183145] ? ktime_get_ts64+0x86/0x230 [ 15.183169] kunit_try_run_case+0x1a5/0x480 [ 15.183195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183220] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.183247] ? __kthread_parkme+0x82/0x180 [ 15.183269] ? preempt_count_sub+0x50/0x80 [ 15.183294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.183743] kthread+0x337/0x6f0 [ 15.183763] ? trace_preempt_on+0x20/0xc0 [ 15.183799] ? __pfx_kthread+0x10/0x10 [ 15.183821] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.183844] ? calculate_sigpending+0x7b/0xa0 [ 15.183871] ? __pfx_kthread+0x10/0x10 [ 15.183903] ret_from_fork+0x116/0x1d0 [ 15.183924] ? __pfx_kthread+0x10/0x10 [ 15.183947] ret_from_fork_asm+0x1a/0x30 [ 15.183991] </TASK> [ 15.184002] [ 15.194917] Allocated by task 282: [ 15.195363] kasan_save_stack+0x45/0x70 [ 15.195777] kasan_save_track+0x18/0x40 [ 15.195953] kasan_save_alloc_info+0x3b/0x50 [ 15.196532] __kasan_kmalloc+0xb7/0xc0 [ 15.196741] __kmalloc_cache_noprof+0x189/0x420 [ 15.196929] kasan_atomics+0x95/0x310 [ 15.197290] kunit_try_run_case+0x1a5/0x480 [ 15.197464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.197732] kthread+0x337/0x6f0 [ 15.197873] ret_from_fork+0x116/0x1d0 [ 15.198136] ret_from_fork_asm+0x1a/0x30 [ 15.198295] [ 15.198369] The buggy address belongs to the object at ffff8881038e3c00 [ 15.198369] which belongs to the cache kmalloc-64 of size 64 [ 15.198894] The buggy address is located 0 bytes to the right of [ 15.198894] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.199516] [ 15.199637] The buggy address belongs to the physical page: [ 15.199890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.200170] flags: 0x200000000000000(node=0|zone=2) [ 15.200336] page_type: f5(slab) [ 15.200505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.200867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.201174] page dumped because: kasan: bad access detected [ 15.201622] [ 15.201747] Memory state around the buggy address: [ 15.201971] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.202290] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.202598] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.202932] ^ [ 15.203087] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203487] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203757] ================================================================== [ 15.658565] ================================================================== [ 15.658905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.659426] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.659685] [ 15.659812] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.659857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.659870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.659891] Call Trace: [ 15.659906] <TASK> [ 15.659923] dump_stack_lvl+0x73/0xb0 [ 15.659952] print_report+0xd1/0x650 [ 15.659974] ? __virt_addr_valid+0x1db/0x2d0 [ 15.659998] ? kasan_atomics_helper+0x1079/0x5450 [ 15.660020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.660055] ? kasan_atomics_helper+0x1079/0x5450 [ 15.660079] kasan_report+0x141/0x180 [ 15.660111] ? kasan_atomics_helper+0x1079/0x5450 [ 15.660139] kasan_check_range+0x10c/0x1c0 [ 15.660163] __kasan_check_write+0x18/0x20 [ 15.660184] kasan_atomics_helper+0x1079/0x5450 [ 15.660208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.660232] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.660257] ? kasan_atomics+0x152/0x310 [ 15.660285] kasan_atomics+0x1dc/0x310 [ 15.660309] ? __pfx_kasan_atomics+0x10/0x10 [ 15.660336] ? trace_hardirqs_on+0x37/0xe0 [ 15.660362] ? __pfx_read_tsc+0x10/0x10 [ 15.660384] ? ktime_get_ts64+0x86/0x230 [ 15.660410] kunit_try_run_case+0x1a5/0x480 [ 15.660436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.660462] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.660489] ? __kthread_parkme+0x82/0x180 [ 15.660510] ? preempt_count_sub+0x50/0x80 [ 15.660543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.660569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.660604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.660630] kthread+0x337/0x6f0 [ 15.660650] ? trace_preempt_on+0x20/0xc0 [ 15.660673] ? __pfx_kthread+0x10/0x10 [ 15.660695] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.660729] ? calculate_sigpending+0x7b/0xa0 [ 15.660755] ? __pfx_kthread+0x10/0x10 [ 15.660778] ret_from_fork+0x116/0x1d0 [ 15.660797] ? __pfx_kthread+0x10/0x10 [ 15.660818] ret_from_fork_asm+0x1a/0x30 [ 15.660852] </TASK> [ 15.660863] [ 15.669113] Allocated by task 282: [ 15.669244] kasan_save_stack+0x45/0x70 [ 15.669390] kasan_save_track+0x18/0x40 [ 15.669594] kasan_save_alloc_info+0x3b/0x50 [ 15.669820] __kasan_kmalloc+0xb7/0xc0 [ 15.670020] __kmalloc_cache_noprof+0x189/0x420 [ 15.670242] kasan_atomics+0x95/0x310 [ 15.670442] kunit_try_run_case+0x1a5/0x480 [ 15.670687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.670987] kthread+0x337/0x6f0 [ 15.671295] ret_from_fork+0x116/0x1d0 [ 15.671442] ret_from_fork_asm+0x1a/0x30 [ 15.671681] [ 15.671762] The buggy address belongs to the object at ffff8881038e3c00 [ 15.671762] which belongs to the cache kmalloc-64 of size 64 [ 15.672113] The buggy address is located 0 bytes to the right of [ 15.672113] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.672857] [ 15.673057] The buggy address belongs to the physical page: [ 15.673380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.673740] flags: 0x200000000000000(node=0|zone=2) [ 15.673902] page_type: f5(slab) [ 15.674023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.674251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.674472] page dumped because: kasan: bad access detected [ 15.674719] [ 15.674854] Memory state around the buggy address: [ 15.675316] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.675643] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.675905] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.676373] ^ [ 15.676614] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676917] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.677360] ================================================================== [ 14.990700] ================================================================== [ 14.991636] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.992163] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 14.992751] [ 14.992866] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.992912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.992924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.992945] Call Trace: [ 14.992958] <TASK> [ 14.992974] dump_stack_lvl+0x73/0xb0 [ 14.993005] print_report+0xd1/0x650 [ 14.993186] ? __virt_addr_valid+0x1db/0x2d0 [ 14.993214] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.993237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.993260] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.993282] kasan_report+0x141/0x180 [ 14.993305] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.993331] __asan_report_load4_noabort+0x18/0x20 [ 14.993357] kasan_atomics_helper+0x4bbc/0x5450 [ 14.993379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.993402] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.993428] ? kasan_atomics+0x152/0x310 [ 14.993455] kasan_atomics+0x1dc/0x310 [ 14.993478] ? __pfx_kasan_atomics+0x10/0x10 [ 14.993501] ? trace_hardirqs_on+0x37/0xe0 [ 14.993526] ? __pfx_read_tsc+0x10/0x10 [ 14.993547] ? ktime_get_ts64+0x86/0x230 [ 14.993571] kunit_try_run_case+0x1a5/0x480 [ 14.993595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993621] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.993647] ? __kthread_parkme+0x82/0x180 [ 14.993668] ? preempt_count_sub+0x50/0x80 [ 14.993691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.993756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.993782] kthread+0x337/0x6f0 [ 14.993801] ? trace_preempt_on+0x20/0xc0 [ 14.993824] ? __pfx_kthread+0x10/0x10 [ 14.993844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.993866] ? calculate_sigpending+0x7b/0xa0 [ 14.993890] ? __pfx_kthread+0x10/0x10 [ 14.993913] ret_from_fork+0x116/0x1d0 [ 14.993932] ? __pfx_kthread+0x10/0x10 [ 14.993953] ret_from_fork_asm+0x1a/0x30 [ 14.993985] </TASK> [ 14.993995] [ 15.006206] Allocated by task 282: [ 15.006367] kasan_save_stack+0x45/0x70 [ 15.006567] kasan_save_track+0x18/0x40 [ 15.006960] kasan_save_alloc_info+0x3b/0x50 [ 15.007212] __kasan_kmalloc+0xb7/0xc0 [ 15.007571] __kmalloc_cache_noprof+0x189/0x420 [ 15.007899] kasan_atomics+0x95/0x310 [ 15.008353] kunit_try_run_case+0x1a5/0x480 [ 15.008540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.008932] kthread+0x337/0x6f0 [ 15.009285] ret_from_fork+0x116/0x1d0 [ 15.009553] ret_from_fork_asm+0x1a/0x30 [ 15.009777] [ 15.009870] The buggy address belongs to the object at ffff8881038e3c00 [ 15.009870] which belongs to the cache kmalloc-64 of size 64 [ 15.010776] The buggy address is located 0 bytes to the right of [ 15.010776] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.011587] [ 15.011695] The buggy address belongs to the physical page: [ 15.012184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.012668] flags: 0x200000000000000(node=0|zone=2) [ 15.012986] page_type: f5(slab) [ 15.013437] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.013802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.014423] page dumped because: kasan: bad access detected [ 15.014675] [ 15.014783] Memory state around the buggy address: [ 15.015030] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.015427] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.015747] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.016437] ^ [ 15.016666] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017159] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017527] ================================================================== [ 15.819831] ================================================================== [ 15.820181] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.820627] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.821162] [ 15.821289] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.821333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.821429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.821450] Call Trace: [ 15.821466] <TASK> [ 15.821480] dump_stack_lvl+0x73/0xb0 [ 15.821512] print_report+0xd1/0x650 [ 15.821535] ? __virt_addr_valid+0x1db/0x2d0 [ 15.821558] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.821581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.821605] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.821628] kasan_report+0x141/0x180 [ 15.821650] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.821678] __asan_report_load4_noabort+0x18/0x20 [ 15.821716] kasan_atomics_helper+0x49ce/0x5450 [ 15.821740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.821764] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.821790] ? kasan_atomics+0x152/0x310 [ 15.821817] kasan_atomics+0x1dc/0x310 [ 15.821841] ? __pfx_kasan_atomics+0x10/0x10 [ 15.821864] ? trace_hardirqs_on+0x37/0xe0 [ 15.821889] ? __pfx_read_tsc+0x10/0x10 [ 15.821911] ? ktime_get_ts64+0x86/0x230 [ 15.821936] kunit_try_run_case+0x1a5/0x480 [ 15.821960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.821986] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.822013] ? __kthread_parkme+0x82/0x180 [ 15.822033] ? preempt_count_sub+0x50/0x80 [ 15.822071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.822148] kthread+0x337/0x6f0 [ 15.822170] ? trace_preempt_on+0x20/0xc0 [ 15.822192] ? __pfx_kthread+0x10/0x10 [ 15.822214] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.822237] ? calculate_sigpending+0x7b/0xa0 [ 15.822262] ? __pfx_kthread+0x10/0x10 [ 15.822284] ret_from_fork+0x116/0x1d0 [ 15.822303] ? __pfx_kthread+0x10/0x10 [ 15.822325] ret_from_fork_asm+0x1a/0x30 [ 15.822359] </TASK> [ 15.822371] [ 15.832287] Allocated by task 282: [ 15.832451] kasan_save_stack+0x45/0x70 [ 15.832644] kasan_save_track+0x18/0x40 [ 15.832823] kasan_save_alloc_info+0x3b/0x50 [ 15.833343] __kasan_kmalloc+0xb7/0xc0 [ 15.833533] __kmalloc_cache_noprof+0x189/0x420 [ 15.833724] kasan_atomics+0x95/0x310 [ 15.834060] kunit_try_run_case+0x1a5/0x480 [ 15.834378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.834731] kthread+0x337/0x6f0 [ 15.834862] ret_from_fork+0x116/0x1d0 [ 15.835322] ret_from_fork_asm+0x1a/0x30 [ 15.835667] [ 15.835767] The buggy address belongs to the object at ffff8881038e3c00 [ 15.835767] which belongs to the cache kmalloc-64 of size 64 [ 15.836486] The buggy address is located 0 bytes to the right of [ 15.836486] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.837008] [ 15.837187] The buggy address belongs to the physical page: [ 15.837566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.837933] flags: 0x200000000000000(node=0|zone=2) [ 15.838310] page_type: f5(slab) [ 15.838584] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.838928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.839479] page dumped because: kasan: bad access detected [ 15.839816] [ 15.839917] Memory state around the buggy address: [ 15.840296] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840640] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840949] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.841461] ^ [ 15.841783] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842219] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842616] ================================================================== [ 15.921044] ================================================================== [ 15.921358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.921675] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.921989] [ 15.922100] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.922141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922174] Call Trace: [ 15.922189] <TASK> [ 15.922204] dump_stack_lvl+0x73/0xb0 [ 15.922233] print_report+0xd1/0x650 [ 15.922255] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922279] ? kasan_atomics_helper+0x151d/0x5450 [ 15.922301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922326] ? kasan_atomics_helper+0x151d/0x5450 [ 15.922350] kasan_report+0x141/0x180 [ 15.922372] ? kasan_atomics_helper+0x151d/0x5450 [ 15.922400] kasan_check_range+0x10c/0x1c0 [ 15.922425] __kasan_check_write+0x18/0x20 [ 15.922445] kasan_atomics_helper+0x151d/0x5450 [ 15.922470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.922494] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.922520] ? kasan_atomics+0x152/0x310 [ 15.922547] kasan_atomics+0x1dc/0x310 [ 15.922571] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922594] ? trace_hardirqs_on+0x37/0xe0 [ 15.922619] ? __pfx_read_tsc+0x10/0x10 [ 15.922641] ? ktime_get_ts64+0x86/0x230 [ 15.922667] kunit_try_run_case+0x1a5/0x480 [ 15.922692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922729] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.922756] ? __kthread_parkme+0x82/0x180 [ 15.922778] ? preempt_count_sub+0x50/0x80 [ 15.922803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.922856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.922883] kthread+0x337/0x6f0 [ 15.922902] ? trace_preempt_on+0x20/0xc0 [ 15.922926] ? __pfx_kthread+0x10/0x10 [ 15.922948] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.922971] ? calculate_sigpending+0x7b/0xa0 [ 15.922996] ? __pfx_kthread+0x10/0x10 [ 15.923019] ret_from_fork+0x116/0x1d0 [ 15.923057] ? __pfx_kthread+0x10/0x10 [ 15.923078] ret_from_fork_asm+0x1a/0x30 [ 15.923110] </TASK> [ 15.923121] [ 15.930243] Allocated by task 282: [ 15.930366] kasan_save_stack+0x45/0x70 [ 15.930506] kasan_save_track+0x18/0x40 [ 15.930637] kasan_save_alloc_info+0x3b/0x50 [ 15.932153] __kasan_kmalloc+0xb7/0xc0 [ 15.932813] __kmalloc_cache_noprof+0x189/0x420 [ 15.933618] kasan_atomics+0x95/0x310 [ 15.934275] kunit_try_run_case+0x1a5/0x480 [ 15.935083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.935751] kthread+0x337/0x6f0 [ 15.936399] ret_from_fork+0x116/0x1d0 [ 15.936923] ret_from_fork_asm+0x1a/0x30 [ 15.937567] [ 15.938008] The buggy address belongs to the object at ffff8881038e3c00 [ 15.938008] which belongs to the cache kmalloc-64 of size 64 [ 15.939285] The buggy address is located 0 bytes to the right of [ 15.939285] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.940545] [ 15.940631] The buggy address belongs to the physical page: [ 15.940818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.941324] flags: 0x200000000000000(node=0|zone=2) [ 15.942019] page_type: f5(slab) [ 15.942490] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.943391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.944283] page dumped because: kasan: bad access detected [ 15.944474] [ 15.944546] Memory state around the buggy address: [ 15.944713] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.944931] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.945788] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.946618] ^ [ 15.947301] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.948148] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.948976] ================================================================== [ 16.056826] ================================================================== [ 16.057176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.057476] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.057805] [ 16.057889] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.057950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.057962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.057983] Call Trace: [ 16.057996] <TASK> [ 16.058010] dump_stack_lvl+0x73/0xb0 [ 16.058037] print_report+0xd1/0x650 [ 16.058062] ? __virt_addr_valid+0x1db/0x2d0 [ 16.058084] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.058108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.058132] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.058155] kasan_report+0x141/0x180 [ 16.058178] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.058205] kasan_check_range+0x10c/0x1c0 [ 16.058230] __kasan_check_write+0x18/0x20 [ 16.058251] kasan_atomics_helper+0x18b1/0x5450 [ 16.058274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.058298] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.058324] ? kasan_atomics+0x152/0x310 [ 16.058352] kasan_atomics+0x1dc/0x310 [ 16.058375] ? __pfx_kasan_atomics+0x10/0x10 [ 16.058398] ? trace_hardirqs_on+0x37/0xe0 [ 16.058422] ? __pfx_read_tsc+0x10/0x10 [ 16.058444] ? ktime_get_ts64+0x86/0x230 [ 16.058468] kunit_try_run_case+0x1a5/0x480 [ 16.058493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.058537] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.058563] ? __kthread_parkme+0x82/0x180 [ 16.058585] ? preempt_count_sub+0x50/0x80 [ 16.058609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.058635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.058661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.058688] kthread+0x337/0x6f0 [ 16.058717] ? trace_preempt_on+0x20/0xc0 [ 16.058740] ? __pfx_kthread+0x10/0x10 [ 16.058762] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.058785] ? calculate_sigpending+0x7b/0xa0 [ 16.058809] ? __pfx_kthread+0x10/0x10 [ 16.058832] ret_from_fork+0x116/0x1d0 [ 16.058852] ? __pfx_kthread+0x10/0x10 [ 16.058873] ret_from_fork_asm+0x1a/0x30 [ 16.058906] </TASK> [ 16.058917] [ 16.066478] Allocated by task 282: [ 16.066674] kasan_save_stack+0x45/0x70 [ 16.066879] kasan_save_track+0x18/0x40 [ 16.067088] kasan_save_alloc_info+0x3b/0x50 [ 16.067280] __kasan_kmalloc+0xb7/0xc0 [ 16.067466] __kmalloc_cache_noprof+0x189/0x420 [ 16.067622] kasan_atomics+0x95/0x310 [ 16.067810] kunit_try_run_case+0x1a5/0x480 [ 16.068015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.068265] kthread+0x337/0x6f0 [ 16.068429] ret_from_fork+0x116/0x1d0 [ 16.068579] ret_from_fork_asm+0x1a/0x30 [ 16.068786] [ 16.068876] The buggy address belongs to the object at ffff8881038e3c00 [ 16.068876] which belongs to the cache kmalloc-64 of size 64 [ 16.069225] The buggy address is located 0 bytes to the right of [ 16.069225] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.069906] [ 16.070026] The buggy address belongs to the physical page: [ 16.070314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.070680] flags: 0x200000000000000(node=0|zone=2) [ 16.070934] page_type: f5(slab) [ 16.071128] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.071355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.071574] page dumped because: kasan: bad access detected [ 16.071768] [ 16.071861] Memory state around the buggy address: [ 16.072085] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.072411] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.072743] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.073150] ^ [ 16.073300] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073629] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073893] ================================================================== [ 16.293667] ================================================================== [ 16.293978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.294566] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.294905] [ 16.295097] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.295137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.295149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.295170] Call Trace: [ 16.295185] <TASK> [ 16.295201] dump_stack_lvl+0x73/0xb0 [ 16.295230] print_report+0xd1/0x650 [ 16.295253] ? __virt_addr_valid+0x1db/0x2d0 [ 16.295276] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.295299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.295324] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.295347] kasan_report+0x141/0x180 [ 16.295370] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.295398] __asan_report_load8_noabort+0x18/0x20 [ 16.295424] kasan_atomics_helper+0x4f71/0x5450 [ 16.295470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.295495] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.295521] ? kasan_atomics+0x152/0x310 [ 16.295549] kasan_atomics+0x1dc/0x310 [ 16.295573] ? __pfx_kasan_atomics+0x10/0x10 [ 16.295596] ? trace_hardirqs_on+0x37/0xe0 [ 16.295621] ? __pfx_read_tsc+0x10/0x10 [ 16.295642] ? ktime_get_ts64+0x86/0x230 [ 16.295667] kunit_try_run_case+0x1a5/0x480 [ 16.295693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295730] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.295757] ? __kthread_parkme+0x82/0x180 [ 16.295779] ? preempt_count_sub+0x50/0x80 [ 16.295804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.295856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.295883] kthread+0x337/0x6f0 [ 16.295903] ? trace_preempt_on+0x20/0xc0 [ 16.295926] ? __pfx_kthread+0x10/0x10 [ 16.295948] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.295971] ? calculate_sigpending+0x7b/0xa0 [ 16.295996] ? __pfx_kthread+0x10/0x10 [ 16.296018] ret_from_fork+0x116/0x1d0 [ 16.296038] ? __pfx_kthread+0x10/0x10 [ 16.296069] ret_from_fork_asm+0x1a/0x30 [ 16.296101] </TASK> [ 16.296112] [ 16.303388] Allocated by task 282: [ 16.303602] kasan_save_stack+0x45/0x70 [ 16.303812] kasan_save_track+0x18/0x40 [ 16.303951] kasan_save_alloc_info+0x3b/0x50 [ 16.304642] __kasan_kmalloc+0xb7/0xc0 [ 16.305348] __kmalloc_cache_noprof+0x189/0x420 [ 16.305621] kasan_atomics+0x95/0x310 [ 16.305771] kunit_try_run_case+0x1a5/0x480 [ 16.305920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.306558] kthread+0x337/0x6f0 [ 16.306816] ret_from_fork+0x116/0x1d0 [ 16.307142] ret_from_fork_asm+0x1a/0x30 [ 16.307510] [ 16.307606] The buggy address belongs to the object at ffff8881038e3c00 [ 16.307606] which belongs to the cache kmalloc-64 of size 64 [ 16.308346] The buggy address is located 0 bytes to the right of [ 16.308346] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.308866] [ 16.308959] The buggy address belongs to the physical page: [ 16.309491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.310138] flags: 0x200000000000000(node=0|zone=2) [ 16.310583] page_type: f5(slab) [ 16.310836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.311523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.311872] page dumped because: kasan: bad access detected [ 16.312284] [ 16.312374] Memory state around the buggy address: [ 16.312820] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.313342] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.313635] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.313941] ^ [ 16.314367] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314864] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.315494] ================================================================== [ 16.468839] ================================================================== [ 16.469114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.469504] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.469849] [ 16.469954] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.469994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.470006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.470027] Call Trace: [ 16.470041] <TASK> [ 16.470057] dump_stack_lvl+0x73/0xb0 [ 16.470086] print_report+0xd1/0x650 [ 16.470108] ? __virt_addr_valid+0x1db/0x2d0 [ 16.470131] ? kasan_atomics_helper+0x5115/0x5450 [ 16.470154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.470179] ? kasan_atomics_helper+0x5115/0x5450 [ 16.470211] kasan_report+0x141/0x180 [ 16.470235] ? kasan_atomics_helper+0x5115/0x5450 [ 16.470263] __asan_report_load8_noabort+0x18/0x20 [ 16.470289] kasan_atomics_helper+0x5115/0x5450 [ 16.470313] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.470337] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.470364] ? kasan_atomics+0x152/0x310 [ 16.470391] kasan_atomics+0x1dc/0x310 [ 16.470415] ? __pfx_kasan_atomics+0x10/0x10 [ 16.470438] ? trace_hardirqs_on+0x37/0xe0 [ 16.470462] ? __pfx_read_tsc+0x10/0x10 [ 16.470484] ? ktime_get_ts64+0x86/0x230 [ 16.470510] kunit_try_run_case+0x1a5/0x480 [ 16.470535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.470561] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.470587] ? __kthread_parkme+0x82/0x180 [ 16.470609] ? preempt_count_sub+0x50/0x80 [ 16.470634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.470660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.470686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.470723] kthread+0x337/0x6f0 [ 16.470743] ? trace_preempt_on+0x20/0xc0 [ 16.470768] ? __pfx_kthread+0x10/0x10 [ 16.470790] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.470813] ? calculate_sigpending+0x7b/0xa0 [ 16.470838] ? __pfx_kthread+0x10/0x10 [ 16.470860] ret_from_fork+0x116/0x1d0 [ 16.470879] ? __pfx_kthread+0x10/0x10 [ 16.470900] ret_from_fork_asm+0x1a/0x30 [ 16.470933] </TASK> [ 16.470944] [ 16.478240] Allocated by task 282: [ 16.478412] kasan_save_stack+0x45/0x70 [ 16.478587] kasan_save_track+0x18/0x40 [ 16.478785] kasan_save_alloc_info+0x3b/0x50 [ 16.478972] __kasan_kmalloc+0xb7/0xc0 [ 16.479207] __kmalloc_cache_noprof+0x189/0x420 [ 16.479405] kasan_atomics+0x95/0x310 [ 16.479595] kunit_try_run_case+0x1a5/0x480 [ 16.479770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.480006] kthread+0x337/0x6f0 [ 16.480247] ret_from_fork+0x116/0x1d0 [ 16.480437] ret_from_fork_asm+0x1a/0x30 [ 16.480599] [ 16.480693] The buggy address belongs to the object at ffff8881038e3c00 [ 16.480693] which belongs to the cache kmalloc-64 of size 64 [ 16.481201] The buggy address is located 0 bytes to the right of [ 16.481201] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.481672] [ 16.481775] The buggy address belongs to the physical page: [ 16.482007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.482289] flags: 0x200000000000000(node=0|zone=2) [ 16.482520] page_type: f5(slab) [ 16.482640] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.482986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.483359] page dumped because: kasan: bad access detected [ 16.483584] [ 16.483676] Memory state around the buggy address: [ 16.483844] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.484202] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.484498] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.484723] ^ [ 16.484879] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485094] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485307] ================================================================== [ 15.746308] ================================================================== [ 15.746549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.746831] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.748138] [ 15.748249] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.748460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.748498] Call Trace: [ 15.748513] <TASK> [ 15.748529] dump_stack_lvl+0x73/0xb0 [ 15.748560] print_report+0xd1/0x650 [ 15.748582] ? __virt_addr_valid+0x1db/0x2d0 [ 15.748606] ? kasan_atomics_helper+0x1217/0x5450 [ 15.748628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.748654] ? kasan_atomics_helper+0x1217/0x5450 [ 15.748677] kasan_report+0x141/0x180 [ 15.748700] ? kasan_atomics_helper+0x1217/0x5450 [ 15.748742] kasan_check_range+0x10c/0x1c0 [ 15.748767] __kasan_check_write+0x18/0x20 [ 15.748787] kasan_atomics_helper+0x1217/0x5450 [ 15.748811] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.748835] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.748861] ? kasan_atomics+0x152/0x310 [ 15.748890] kasan_atomics+0x1dc/0x310 [ 15.748914] ? __pfx_kasan_atomics+0x10/0x10 [ 15.748939] ? trace_hardirqs_on+0x37/0xe0 [ 15.748964] ? __pfx_read_tsc+0x10/0x10 [ 15.748986] ? ktime_get_ts64+0x86/0x230 [ 15.749010] kunit_try_run_case+0x1a5/0x480 [ 15.749035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749070] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.749097] ? __kthread_parkme+0x82/0x180 [ 15.749118] ? preempt_count_sub+0x50/0x80 [ 15.749144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.749223] kthread+0x337/0x6f0 [ 15.749242] ? trace_preempt_on+0x20/0xc0 [ 15.749265] ? __pfx_kthread+0x10/0x10 [ 15.749288] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.749310] ? calculate_sigpending+0x7b/0xa0 [ 15.749335] ? __pfx_kthread+0x10/0x10 [ 15.749358] ret_from_fork+0x116/0x1d0 [ 15.749378] ? __pfx_kthread+0x10/0x10 [ 15.749399] ret_from_fork_asm+0x1a/0x30 [ 15.749430] </TASK> [ 15.749443] [ 15.759440] Allocated by task 282: [ 15.759610] kasan_save_stack+0x45/0x70 [ 15.760346] kasan_save_track+0x18/0x40 [ 15.760513] kasan_save_alloc_info+0x3b/0x50 [ 15.760872] __kasan_kmalloc+0xb7/0xc0 [ 15.761238] __kmalloc_cache_noprof+0x189/0x420 [ 15.761582] kasan_atomics+0x95/0x310 [ 15.761748] kunit_try_run_case+0x1a5/0x480 [ 15.762135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.762459] kthread+0x337/0x6f0 [ 15.762734] ret_from_fork+0x116/0x1d0 [ 15.763066] ret_from_fork_asm+0x1a/0x30 [ 15.763260] [ 15.763356] The buggy address belongs to the object at ffff8881038e3c00 [ 15.763356] which belongs to the cache kmalloc-64 of size 64 [ 15.764176] The buggy address is located 0 bytes to the right of [ 15.764176] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.764909] [ 15.765012] The buggy address belongs to the physical page: [ 15.765472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.765826] flags: 0x200000000000000(node=0|zone=2) [ 15.766152] page_type: f5(slab) [ 15.766325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.766821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.767290] page dumped because: kasan: bad access detected [ 15.767490] [ 15.767731] Memory state around the buggy address: [ 15.768012] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.768460] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.768829] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.769238] ^ [ 15.769475] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769793] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.770088] ================================================================== [ 16.257385] ================================================================== [ 16.257883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.258293] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.258581] [ 16.258712] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.258753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.258766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.258788] Call Trace: [ 16.258803] <TASK> [ 16.258817] dump_stack_lvl+0x73/0xb0 [ 16.258846] print_report+0xd1/0x650 [ 16.258869] ? __virt_addr_valid+0x1db/0x2d0 [ 16.258892] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.258914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.258939] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.258962] kasan_report+0x141/0x180 [ 16.258985] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.259013] kasan_check_range+0x10c/0x1c0 [ 16.259037] __kasan_check_write+0x18/0x20 [ 16.259058] kasan_atomics_helper+0x1eaa/0x5450 [ 16.259082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.259106] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.259132] ? kasan_atomics+0x152/0x310 [ 16.259160] kasan_atomics+0x1dc/0x310 [ 16.259184] ? __pfx_kasan_atomics+0x10/0x10 [ 16.259208] ? trace_hardirqs_on+0x37/0xe0 [ 16.259233] ? __pfx_read_tsc+0x10/0x10 [ 16.259255] ? ktime_get_ts64+0x86/0x230 [ 16.259279] kunit_try_run_case+0x1a5/0x480 [ 16.259304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259330] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.259356] ? __kthread_parkme+0x82/0x180 [ 16.259378] ? preempt_count_sub+0x50/0x80 [ 16.259403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.259492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.259519] kthread+0x337/0x6f0 [ 16.259539] ? trace_preempt_on+0x20/0xc0 [ 16.259562] ? __pfx_kthread+0x10/0x10 [ 16.259584] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.259606] ? calculate_sigpending+0x7b/0xa0 [ 16.259631] ? __pfx_kthread+0x10/0x10 [ 16.259653] ret_from_fork+0x116/0x1d0 [ 16.259673] ? __pfx_kthread+0x10/0x10 [ 16.259694] ret_from_fork_asm+0x1a/0x30 [ 16.259735] </TASK> [ 16.259746] [ 16.267423] Allocated by task 282: [ 16.267617] kasan_save_stack+0x45/0x70 [ 16.267837] kasan_save_track+0x18/0x40 [ 16.267974] kasan_save_alloc_info+0x3b/0x50 [ 16.268123] __kasan_kmalloc+0xb7/0xc0 [ 16.268256] __kmalloc_cache_noprof+0x189/0x420 [ 16.268525] kasan_atomics+0x95/0x310 [ 16.268747] kunit_try_run_case+0x1a5/0x480 [ 16.268960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269272] kthread+0x337/0x6f0 [ 16.269441] ret_from_fork+0x116/0x1d0 [ 16.269592] ret_from_fork_asm+0x1a/0x30 [ 16.269741] [ 16.269812] The buggy address belongs to the object at ffff8881038e3c00 [ 16.269812] which belongs to the cache kmalloc-64 of size 64 [ 16.270506] The buggy address is located 0 bytes to the right of [ 16.270506] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.271057] [ 16.271183] The buggy address belongs to the physical page: [ 16.271356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.271593] flags: 0x200000000000000(node=0|zone=2) [ 16.271766] page_type: f5(slab) [ 16.271887] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.272455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.272830] page dumped because: kasan: bad access detected [ 16.273100] [ 16.273195] Memory state around the buggy address: [ 16.273602] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.273881] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.274311] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.274562] ^ [ 16.274729] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.274993] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275338] ================================================================== [ 15.382732] ================================================================== [ 15.383126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.383363] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.383731] [ 15.383844] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.383885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.383898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.383918] Call Trace: [ 15.383932] <TASK> [ 15.383947] dump_stack_lvl+0x73/0xb0 [ 15.383975] print_report+0xd1/0x650 [ 15.383998] ? __virt_addr_valid+0x1db/0x2d0 [ 15.384022] ? kasan_atomics_helper+0xac7/0x5450 [ 15.384064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.384089] ? kasan_atomics_helper+0xac7/0x5450 [ 15.384112] kasan_report+0x141/0x180 [ 15.384135] ? kasan_atomics_helper+0xac7/0x5450 [ 15.384162] kasan_check_range+0x10c/0x1c0 [ 15.384186] __kasan_check_write+0x18/0x20 [ 15.384207] kasan_atomics_helper+0xac7/0x5450 [ 15.384299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.384350] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.384376] ? kasan_atomics+0x152/0x310 [ 15.384404] kasan_atomics+0x1dc/0x310 [ 15.384428] ? __pfx_kasan_atomics+0x10/0x10 [ 15.384453] ? trace_hardirqs_on+0x37/0xe0 [ 15.384477] ? __pfx_read_tsc+0x10/0x10 [ 15.384501] ? ktime_get_ts64+0x86/0x230 [ 15.384526] kunit_try_run_case+0x1a5/0x480 [ 15.384561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.384586] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.384624] ? __kthread_parkme+0x82/0x180 [ 15.384646] ? preempt_count_sub+0x50/0x80 [ 15.384670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.384711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.384738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.384764] kthread+0x337/0x6f0 [ 15.384794] ? trace_preempt_on+0x20/0xc0 [ 15.384818] ? __pfx_kthread+0x10/0x10 [ 15.384840] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.384862] ? calculate_sigpending+0x7b/0xa0 [ 15.384888] ? __pfx_kthread+0x10/0x10 [ 15.384911] ret_from_fork+0x116/0x1d0 [ 15.384930] ? __pfx_kthread+0x10/0x10 [ 15.384951] ret_from_fork_asm+0x1a/0x30 [ 15.384983] </TASK> [ 15.384994] [ 15.393797] Allocated by task 282: [ 15.393986] kasan_save_stack+0x45/0x70 [ 15.394354] kasan_save_track+0x18/0x40 [ 15.394568] kasan_save_alloc_info+0x3b/0x50 [ 15.394764] __kasan_kmalloc+0xb7/0xc0 [ 15.394973] __kmalloc_cache_noprof+0x189/0x420 [ 15.395251] kasan_atomics+0x95/0x310 [ 15.395436] kunit_try_run_case+0x1a5/0x480 [ 15.395590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.395784] kthread+0x337/0x6f0 [ 15.395906] ret_from_fork+0x116/0x1d0 [ 15.396137] ret_from_fork_asm+0x1a/0x30 [ 15.396417] [ 15.396520] The buggy address belongs to the object at ffff8881038e3c00 [ 15.396520] which belongs to the cache kmalloc-64 of size 64 [ 15.397142] The buggy address is located 0 bytes to the right of [ 15.397142] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.397566] [ 15.397640] The buggy address belongs to the physical page: [ 15.397904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.398412] flags: 0x200000000000000(node=0|zone=2) [ 15.398760] page_type: f5(slab) [ 15.398890] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.399446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.399836] page dumped because: kasan: bad access detected [ 15.400009] [ 15.400078] Memory state around the buggy address: [ 15.400348] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401026] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401361] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.401636] ^ [ 15.401885] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402466] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402782] ================================================================== [ 16.421734] ================================================================== [ 16.422120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.422435] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.422903] [ 16.423019] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.423092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.423104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.423124] Call Trace: [ 16.423139] <TASK> [ 16.423154] dump_stack_lvl+0x73/0xb0 [ 16.423204] print_report+0xd1/0x650 [ 16.423228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.423250] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.423272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.423297] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.423319] kasan_report+0x141/0x180 [ 16.423365] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.423394] __asan_report_load8_noabort+0x18/0x20 [ 16.423437] kasan_atomics_helper+0x4fa5/0x5450 [ 16.423461] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.423485] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.423512] ? kasan_atomics+0x152/0x310 [ 16.423541] kasan_atomics+0x1dc/0x310 [ 16.423581] ? __pfx_kasan_atomics+0x10/0x10 [ 16.423604] ? trace_hardirqs_on+0x37/0xe0 [ 16.423629] ? __pfx_read_tsc+0x10/0x10 [ 16.423650] ? ktime_get_ts64+0x86/0x230 [ 16.423693] kunit_try_run_case+0x1a5/0x480 [ 16.423729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.423755] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.423782] ? __kthread_parkme+0x82/0x180 [ 16.423804] ? preempt_count_sub+0x50/0x80 [ 16.423846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.423886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.423965] kthread+0x337/0x6f0 [ 16.423998] ? trace_preempt_on+0x20/0xc0 [ 16.424066] ? __pfx_kthread+0x10/0x10 [ 16.424088] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.424111] ? calculate_sigpending+0x7b/0xa0 [ 16.424135] ? __pfx_kthread+0x10/0x10 [ 16.424158] ret_from_fork+0x116/0x1d0 [ 16.424177] ? __pfx_kthread+0x10/0x10 [ 16.424198] ret_from_fork_asm+0x1a/0x30 [ 16.424230] </TASK> [ 16.424242] [ 16.433836] Allocated by task 282: [ 16.434009] kasan_save_stack+0x45/0x70 [ 16.434512] kasan_save_track+0x18/0x40 [ 16.434816] kasan_save_alloc_info+0x3b/0x50 [ 16.435286] __kasan_kmalloc+0xb7/0xc0 [ 16.435481] __kmalloc_cache_noprof+0x189/0x420 [ 16.435687] kasan_atomics+0x95/0x310 [ 16.436139] kunit_try_run_case+0x1a5/0x480 [ 16.436417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.436668] kthread+0x337/0x6f0 [ 16.436838] ret_from_fork+0x116/0x1d0 [ 16.437016] ret_from_fork_asm+0x1a/0x30 [ 16.437389] [ 16.437592] The buggy address belongs to the object at ffff8881038e3c00 [ 16.437592] which belongs to the cache kmalloc-64 of size 64 [ 16.438374] The buggy address is located 0 bytes to the right of [ 16.438374] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.438886] [ 16.438980] The buggy address belongs to the physical page: [ 16.439732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.440219] flags: 0x200000000000000(node=0|zone=2) [ 16.440558] page_type: f5(slab) [ 16.440937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.441458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.442087] page dumped because: kasan: bad access detected [ 16.442399] [ 16.442503] Memory state around the buggy address: [ 16.442722] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.443015] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.443600] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.444193] ^ [ 16.444546] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.444864] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.445471] ================================================================== [ 15.978476] ================================================================== [ 15.978840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.979667] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.980389] [ 15.980590] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.980635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.980648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.980669] Call Trace: [ 15.980686] <TASK> [ 15.980716] dump_stack_lvl+0x73/0xb0 [ 15.980748] print_report+0xd1/0x650 [ 15.980793] ? __virt_addr_valid+0x1db/0x2d0 [ 15.980818] ? kasan_atomics_helper+0x164f/0x5450 [ 15.980840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.980866] ? kasan_atomics_helper+0x164f/0x5450 [ 15.980889] kasan_report+0x141/0x180 [ 15.980912] ? kasan_atomics_helper+0x164f/0x5450 [ 15.980940] kasan_check_range+0x10c/0x1c0 [ 15.980966] __kasan_check_write+0x18/0x20 [ 15.980986] kasan_atomics_helper+0x164f/0x5450 [ 15.981011] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.981035] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.981071] ? kasan_atomics+0x152/0x310 [ 15.981099] kasan_atomics+0x1dc/0x310 [ 15.981122] ? __pfx_kasan_atomics+0x10/0x10 [ 15.981146] ? trace_hardirqs_on+0x37/0xe0 [ 15.981170] ? __pfx_read_tsc+0x10/0x10 [ 15.981192] ? ktime_get_ts64+0x86/0x230 [ 15.981218] kunit_try_run_case+0x1a5/0x480 [ 15.981244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.981270] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.981298] ? __kthread_parkme+0x82/0x180 [ 15.981320] ? preempt_count_sub+0x50/0x80 [ 15.981346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.981372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.981398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.981425] kthread+0x337/0x6f0 [ 15.981445] ? trace_preempt_on+0x20/0xc0 [ 15.981469] ? __pfx_kthread+0x10/0x10 [ 15.981490] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.981513] ? calculate_sigpending+0x7b/0xa0 [ 15.981538] ? __pfx_kthread+0x10/0x10 [ 15.981561] ret_from_fork+0x116/0x1d0 [ 15.981580] ? __pfx_kthread+0x10/0x10 [ 15.981601] ret_from_fork_asm+0x1a/0x30 [ 15.981634] </TASK> [ 15.981646] [ 15.993594] Allocated by task 282: [ 15.993797] kasan_save_stack+0x45/0x70 [ 15.993996] kasan_save_track+0x18/0x40 [ 15.994460] kasan_save_alloc_info+0x3b/0x50 [ 15.994645] __kasan_kmalloc+0xb7/0xc0 [ 15.995000] __kmalloc_cache_noprof+0x189/0x420 [ 15.995430] kasan_atomics+0x95/0x310 [ 15.995627] kunit_try_run_case+0x1a5/0x480 [ 15.995848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.996374] kthread+0x337/0x6f0 [ 15.996540] ret_from_fork+0x116/0x1d0 [ 15.996721] ret_from_fork_asm+0x1a/0x30 [ 15.996911] [ 15.997035] The buggy address belongs to the object at ffff8881038e3c00 [ 15.997035] which belongs to the cache kmalloc-64 of size 64 [ 15.997550] The buggy address is located 0 bytes to the right of [ 15.997550] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.998022] [ 15.998114] The buggy address belongs to the physical page: [ 15.998362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.998664] flags: 0x200000000000000(node=0|zone=2) [ 15.998931] page_type: f5(slab) [ 15.999150] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.999474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.999795] page dumped because: kasan: bad access detected [ 15.999987] [ 16.000075] Memory state around the buggy address: [ 16.000292] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.000845] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.001159] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.001481] ^ [ 16.001727] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.002048] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.002296] ================================================================== [ 16.021204] ================================================================== [ 16.021549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.021926] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.022573] [ 16.022684] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.022739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.022751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.022772] Call Trace: [ 16.022785] <TASK> [ 16.022800] dump_stack_lvl+0x73/0xb0 [ 16.022829] print_report+0xd1/0x650 [ 16.022853] ? __virt_addr_valid+0x1db/0x2d0 [ 16.022876] ? kasan_atomics_helper+0x177f/0x5450 [ 16.022899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.022924] ? kasan_atomics_helper+0x177f/0x5450 [ 16.022948] kasan_report+0x141/0x180 [ 16.022970] ? kasan_atomics_helper+0x177f/0x5450 [ 16.022999] kasan_check_range+0x10c/0x1c0 [ 16.023023] __kasan_check_write+0x18/0x20 [ 16.023077] kasan_atomics_helper+0x177f/0x5450 [ 16.023102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.023126] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.023151] ? kasan_atomics+0x152/0x310 [ 16.023179] kasan_atomics+0x1dc/0x310 [ 16.023202] ? __pfx_kasan_atomics+0x10/0x10 [ 16.023225] ? trace_hardirqs_on+0x37/0xe0 [ 16.023250] ? __pfx_read_tsc+0x10/0x10 [ 16.023307] ? ktime_get_ts64+0x86/0x230 [ 16.023332] kunit_try_run_case+0x1a5/0x480 [ 16.023356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.023383] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.023431] ? __kthread_parkme+0x82/0x180 [ 16.023453] ? preempt_count_sub+0x50/0x80 [ 16.023478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.023504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.023557] kthread+0x337/0x6f0 [ 16.023596] ? trace_preempt_on+0x20/0xc0 [ 16.023620] ? __pfx_kthread+0x10/0x10 [ 16.023642] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.023665] ? calculate_sigpending+0x7b/0xa0 [ 16.023691] ? __pfx_kthread+0x10/0x10 [ 16.023721] ret_from_fork+0x116/0x1d0 [ 16.023741] ? __pfx_kthread+0x10/0x10 [ 16.023783] ret_from_fork_asm+0x1a/0x30 [ 16.023815] </TASK> [ 16.023826] [ 16.031596] Allocated by task 282: [ 16.031734] kasan_save_stack+0x45/0x70 [ 16.032057] kasan_save_track+0x18/0x40 [ 16.032276] kasan_save_alloc_info+0x3b/0x50 [ 16.032495] __kasan_kmalloc+0xb7/0xc0 [ 16.032684] __kmalloc_cache_noprof+0x189/0x420 [ 16.032926] kasan_atomics+0x95/0x310 [ 16.033129] kunit_try_run_case+0x1a5/0x480 [ 16.033336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.033577] kthread+0x337/0x6f0 [ 16.033756] ret_from_fork+0x116/0x1d0 [ 16.033931] ret_from_fork_asm+0x1a/0x30 [ 16.034131] [ 16.034201] The buggy address belongs to the object at ffff8881038e3c00 [ 16.034201] which belongs to the cache kmalloc-64 of size 64 [ 16.034542] The buggy address is located 0 bytes to the right of [ 16.034542] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.035032] [ 16.035128] The buggy address belongs to the physical page: [ 16.035372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.035709] flags: 0x200000000000000(node=0|zone=2) [ 16.035866] page_type: f5(slab) [ 16.035984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.036206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.036578] page dumped because: kasan: bad access detected [ 16.036861] [ 16.036976] Memory state around the buggy address: [ 16.037390] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.037734] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.038028] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.038247] ^ [ 16.038464] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.038795] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.039089] ================================================================== [ 15.721551] ================================================================== [ 15.722100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.722377] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.722740] [ 15.722848] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.722911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.722924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.722945] Call Trace: [ 15.722960] <TASK> [ 15.722975] dump_stack_lvl+0x73/0xb0 [ 15.723005] print_report+0xd1/0x650 [ 15.723027] ? __virt_addr_valid+0x1db/0x2d0 [ 15.723062] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.723107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.723132] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.723155] kasan_report+0x141/0x180 [ 15.723178] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.723207] __asan_report_load4_noabort+0x18/0x20 [ 15.723232] kasan_atomics_helper+0x4a02/0x5450 [ 15.723256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.723297] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.723324] ? kasan_atomics+0x152/0x310 [ 15.723351] kasan_atomics+0x1dc/0x310 [ 15.723375] ? __pfx_kasan_atomics+0x10/0x10 [ 15.723399] ? trace_hardirqs_on+0x37/0xe0 [ 15.723422] ? __pfx_read_tsc+0x10/0x10 [ 15.723444] ? ktime_get_ts64+0x86/0x230 [ 15.723470] kunit_try_run_case+0x1a5/0x480 [ 15.723495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723521] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.723549] ? __kthread_parkme+0x82/0x180 [ 15.723570] ? preempt_count_sub+0x50/0x80 [ 15.723594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.723646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.723673] kthread+0x337/0x6f0 [ 15.723693] ? trace_preempt_on+0x20/0xc0 [ 15.723727] ? __pfx_kthread+0x10/0x10 [ 15.723748] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.723788] ? calculate_sigpending+0x7b/0xa0 [ 15.723813] ? __pfx_kthread+0x10/0x10 [ 15.723836] ret_from_fork+0x116/0x1d0 [ 15.723856] ? __pfx_kthread+0x10/0x10 [ 15.723877] ret_from_fork_asm+0x1a/0x30 [ 15.723909] </TASK> [ 15.723920] [ 15.734162] Allocated by task 282: [ 15.734486] kasan_save_stack+0x45/0x70 [ 15.734654] kasan_save_track+0x18/0x40 [ 15.735014] kasan_save_alloc_info+0x3b/0x50 [ 15.735324] __kasan_kmalloc+0xb7/0xc0 [ 15.735491] __kmalloc_cache_noprof+0x189/0x420 [ 15.735728] kasan_atomics+0x95/0x310 [ 15.735900] kunit_try_run_case+0x1a5/0x480 [ 15.736372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.736618] kthread+0x337/0x6f0 [ 15.736925] ret_from_fork+0x116/0x1d0 [ 15.737122] ret_from_fork_asm+0x1a/0x30 [ 15.737443] [ 15.737544] The buggy address belongs to the object at ffff8881038e3c00 [ 15.737544] which belongs to the cache kmalloc-64 of size 64 [ 15.738304] The buggy address is located 0 bytes to the right of [ 15.738304] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.738943] [ 15.739027] The buggy address belongs to the physical page: [ 15.739519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.739951] flags: 0x200000000000000(node=0|zone=2) [ 15.740275] page_type: f5(slab) [ 15.740412] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.740870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.741388] page dumped because: kasan: bad access detected [ 15.741966] [ 15.742236] Memory state around the buggy address: [ 15.742639] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.742876] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.743335] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.744027] ^ [ 15.744539] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.745279] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.745767] ================================================================== [ 16.238975] ================================================================== [ 16.239726] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.240226] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.240766] [ 16.240887] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.240932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.240946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.240968] Call Trace: [ 16.240984] <TASK> [ 16.241001] dump_stack_lvl+0x73/0xb0 [ 16.241033] print_report+0xd1/0x650 [ 16.241082] ? __virt_addr_valid+0x1db/0x2d0 [ 16.241106] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.241129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.241154] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.241178] kasan_report+0x141/0x180 [ 16.241201] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.241228] kasan_check_range+0x10c/0x1c0 [ 16.241254] __kasan_check_write+0x18/0x20 [ 16.241275] kasan_atomics_helper+0x1e12/0x5450 [ 16.241299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.241323] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.241349] ? kasan_atomics+0x152/0x310 [ 16.241395] kasan_atomics+0x1dc/0x310 [ 16.241419] ? __pfx_kasan_atomics+0x10/0x10 [ 16.241443] ? trace_hardirqs_on+0x37/0xe0 [ 16.241468] ? __pfx_read_tsc+0x10/0x10 [ 16.241491] ? ktime_get_ts64+0x86/0x230 [ 16.241516] kunit_try_run_case+0x1a5/0x480 [ 16.241542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241569] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.241595] ? __kthread_parkme+0x82/0x180 [ 16.241617] ? preempt_count_sub+0x50/0x80 [ 16.241642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.241693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.241732] kthread+0x337/0x6f0 [ 16.241752] ? trace_preempt_on+0x20/0xc0 [ 16.241777] ? __pfx_kthread+0x10/0x10 [ 16.241798] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.241821] ? calculate_sigpending+0x7b/0xa0 [ 16.241846] ? __pfx_kthread+0x10/0x10 [ 16.241869] ret_from_fork+0x116/0x1d0 [ 16.241888] ? __pfx_kthread+0x10/0x10 [ 16.241909] ret_from_fork_asm+0x1a/0x30 [ 16.241941] </TASK> [ 16.241952] [ 16.248952] Allocated by task 282: [ 16.249228] kasan_save_stack+0x45/0x70 [ 16.249453] kasan_save_track+0x18/0x40 [ 16.249648] kasan_save_alloc_info+0x3b/0x50 [ 16.249893] __kasan_kmalloc+0xb7/0xc0 [ 16.250082] __kmalloc_cache_noprof+0x189/0x420 [ 16.250293] kasan_atomics+0x95/0x310 [ 16.250480] kunit_try_run_case+0x1a5/0x480 [ 16.250694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250945] kthread+0x337/0x6f0 [ 16.251127] ret_from_fork+0x116/0x1d0 [ 16.251298] ret_from_fork_asm+0x1a/0x30 [ 16.251436] [ 16.251507] The buggy address belongs to the object at ffff8881038e3c00 [ 16.251507] which belongs to the cache kmalloc-64 of size 64 [ 16.251865] The buggy address is located 0 bytes to the right of [ 16.251865] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.252496] [ 16.252689] The buggy address belongs to the physical page: [ 16.252953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.253430] flags: 0x200000000000000(node=0|zone=2) [ 16.253654] page_type: f5(slab) [ 16.253837] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.254200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.254428] page dumped because: kasan: bad access detected [ 16.254601] [ 16.254670] Memory state around the buggy address: [ 16.254856] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.255332] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.255672] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.256019] ^ [ 16.256276] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256510] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256824] ================================================================== [ 15.261809] ================================================================== [ 15.262223] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.262563] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.262901] [ 15.263015] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.263058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.263071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.263094] Call Trace: [ 15.263109] <TASK> [ 15.263125] dump_stack_lvl+0x73/0xb0 [ 15.263154] print_report+0xd1/0x650 [ 15.263177] ? __virt_addr_valid+0x1db/0x2d0 [ 15.263201] ? kasan_atomics_helper+0x72f/0x5450 [ 15.263223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.263248] ? kasan_atomics_helper+0x72f/0x5450 [ 15.263271] kasan_report+0x141/0x180 [ 15.263294] ? kasan_atomics_helper+0x72f/0x5450 [ 15.263323] kasan_check_range+0x10c/0x1c0 [ 15.263347] __kasan_check_write+0x18/0x20 [ 15.263367] kasan_atomics_helper+0x72f/0x5450 [ 15.263391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.263415] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.263442] ? kasan_atomics+0x152/0x310 [ 15.263470] kasan_atomics+0x1dc/0x310 [ 15.263494] ? __pfx_kasan_atomics+0x10/0x10 [ 15.263517] ? trace_hardirqs_on+0x37/0xe0 [ 15.263541] ? __pfx_read_tsc+0x10/0x10 [ 15.263562] ? ktime_get_ts64+0x86/0x230 [ 15.263587] kunit_try_run_case+0x1a5/0x480 [ 15.263612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.263638] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.263664] ? __kthread_parkme+0x82/0x180 [ 15.263686] ? preempt_count_sub+0x50/0x80 [ 15.263722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.263748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.263773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.263799] kthread+0x337/0x6f0 [ 15.263820] ? trace_preempt_on+0x20/0xc0 [ 15.263843] ? __pfx_kthread+0x10/0x10 [ 15.263866] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.263888] ? calculate_sigpending+0x7b/0xa0 [ 15.263915] ? __pfx_kthread+0x10/0x10 [ 15.263937] ret_from_fork+0x116/0x1d0 [ 15.263957] ? __pfx_kthread+0x10/0x10 [ 15.263978] ret_from_fork_asm+0x1a/0x30 [ 15.264011] </TASK> [ 15.264021] [ 15.271828] Allocated by task 282: [ 15.272010] kasan_save_stack+0x45/0x70 [ 15.272306] kasan_save_track+0x18/0x40 [ 15.272474] kasan_save_alloc_info+0x3b/0x50 [ 15.272625] __kasan_kmalloc+0xb7/0xc0 [ 15.272770] __kmalloc_cache_noprof+0x189/0x420 [ 15.272927] kasan_atomics+0x95/0x310 [ 15.273085] kunit_try_run_case+0x1a5/0x480 [ 15.273292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.273541] kthread+0x337/0x6f0 [ 15.273777] ret_from_fork+0x116/0x1d0 [ 15.274154] ret_from_fork_asm+0x1a/0x30 [ 15.274298] [ 15.274370] The buggy address belongs to the object at ffff8881038e3c00 [ 15.274370] which belongs to the cache kmalloc-64 of size 64 [ 15.275346] The buggy address is located 0 bytes to the right of [ 15.275346] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.275909] [ 15.276007] The buggy address belongs to the physical page: [ 15.276297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.276620] flags: 0x200000000000000(node=0|zone=2) [ 15.276835] page_type: f5(slab) [ 15.276958] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.277470] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.277862] page dumped because: kasan: bad access detected [ 15.278038] [ 15.278108] Memory state around the buggy address: [ 15.278471] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.278817] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.279082] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.279408] ^ [ 15.279572] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.279796] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280010] ================================================================== [ 15.484430] ================================================================== [ 15.484770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.485224] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.485650] [ 15.485786] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.485831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.485938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.485961] Call Trace: [ 15.485977] <TASK> [ 15.485993] dump_stack_lvl+0x73/0xb0 [ 15.486025] print_report+0xd1/0x650 [ 15.486049] ? __virt_addr_valid+0x1db/0x2d0 [ 15.486272] ? kasan_atomics_helper+0xd47/0x5450 [ 15.486314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.486341] ? kasan_atomics_helper+0xd47/0x5450 [ 15.486365] kasan_report+0x141/0x180 [ 15.486388] ? kasan_atomics_helper+0xd47/0x5450 [ 15.486416] kasan_check_range+0x10c/0x1c0 [ 15.486440] __kasan_check_write+0x18/0x20 [ 15.486461] kasan_atomics_helper+0xd47/0x5450 [ 15.486485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.486509] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.486535] ? kasan_atomics+0x152/0x310 [ 15.486564] kasan_atomics+0x1dc/0x310 [ 15.486587] ? __pfx_kasan_atomics+0x10/0x10 [ 15.486611] ? trace_hardirqs_on+0x37/0xe0 [ 15.486636] ? __pfx_read_tsc+0x10/0x10 [ 15.486658] ? ktime_get_ts64+0x86/0x230 [ 15.486683] kunit_try_run_case+0x1a5/0x480 [ 15.486722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.486748] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.486777] ? __kthread_parkme+0x82/0x180 [ 15.486801] ? preempt_count_sub+0x50/0x80 [ 15.486825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.486851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.486877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.486902] kthread+0x337/0x6f0 [ 15.486922] ? trace_preempt_on+0x20/0xc0 [ 15.486946] ? __pfx_kthread+0x10/0x10 [ 15.486968] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.486990] ? calculate_sigpending+0x7b/0xa0 [ 15.487016] ? __pfx_kthread+0x10/0x10 [ 15.487048] ret_from_fork+0x116/0x1d0 [ 15.487068] ? __pfx_kthread+0x10/0x10 [ 15.487091] ret_from_fork_asm+0x1a/0x30 [ 15.487124] </TASK> [ 15.487135] [ 15.498090] Allocated by task 282: [ 15.498286] kasan_save_stack+0x45/0x70 [ 15.498802] kasan_save_track+0x18/0x40 [ 15.499268] kasan_save_alloc_info+0x3b/0x50 [ 15.499626] __kasan_kmalloc+0xb7/0xc0 [ 15.499787] __kmalloc_cache_noprof+0x189/0x420 [ 15.500013] kasan_atomics+0x95/0x310 [ 15.500434] kunit_try_run_case+0x1a5/0x480 [ 15.500604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.501222] kthread+0x337/0x6f0 [ 15.501419] ret_from_fork+0x116/0x1d0 [ 15.501606] ret_from_fork_asm+0x1a/0x30 [ 15.501819] [ 15.501905] The buggy address belongs to the object at ffff8881038e3c00 [ 15.501905] which belongs to the cache kmalloc-64 of size 64 [ 15.502962] The buggy address is located 0 bytes to the right of [ 15.502962] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.503878] [ 15.503990] The buggy address belongs to the physical page: [ 15.504526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.504933] flags: 0x200000000000000(node=0|zone=2) [ 15.505332] page_type: f5(slab) [ 15.505624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.505985] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.506614] page dumped because: kasan: bad access detected [ 15.506993] [ 15.507291] Memory state around the buggy address: [ 15.507510] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.507842] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.508451] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.508818] ^ [ 15.509290] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509605] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509920] ================================================================== [ 15.533812] ================================================================== [ 15.534851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.535402] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.536265] [ 15.536568] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.536614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.536628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.536650] Call Trace: [ 15.536766] <TASK> [ 15.536788] dump_stack_lvl+0x73/0xb0 [ 15.536821] print_report+0xd1/0x650 [ 15.536843] ? __virt_addr_valid+0x1db/0x2d0 [ 15.536867] ? kasan_atomics_helper+0xe78/0x5450 [ 15.536889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.536914] ? kasan_atomics_helper+0xe78/0x5450 [ 15.536938] kasan_report+0x141/0x180 [ 15.536960] ? kasan_atomics_helper+0xe78/0x5450 [ 15.536987] kasan_check_range+0x10c/0x1c0 [ 15.537043] __kasan_check_write+0x18/0x20 [ 15.537064] kasan_atomics_helper+0xe78/0x5450 [ 15.537099] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.537123] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.537150] ? kasan_atomics+0x152/0x310 [ 15.537178] kasan_atomics+0x1dc/0x310 [ 15.537201] ? __pfx_kasan_atomics+0x10/0x10 [ 15.537225] ? trace_hardirqs_on+0x37/0xe0 [ 15.537250] ? __pfx_read_tsc+0x10/0x10 [ 15.537272] ? ktime_get_ts64+0x86/0x230 [ 15.537297] kunit_try_run_case+0x1a5/0x480 [ 15.537322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537348] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.537374] ? __kthread_parkme+0x82/0x180 [ 15.537395] ? preempt_count_sub+0x50/0x80 [ 15.537419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.537499] kthread+0x337/0x6f0 [ 15.537519] ? trace_preempt_on+0x20/0xc0 [ 15.537543] ? __pfx_kthread+0x10/0x10 [ 15.537565] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.537588] ? calculate_sigpending+0x7b/0xa0 [ 15.537614] ? __pfx_kthread+0x10/0x10 [ 15.537636] ret_from_fork+0x116/0x1d0 [ 15.537656] ? __pfx_kthread+0x10/0x10 [ 15.537680] ret_from_fork_asm+0x1a/0x30 [ 15.537725] </TASK> [ 15.537745] [ 15.553778] Allocated by task 282: [ 15.554374] kasan_save_stack+0x45/0x70 [ 15.554810] kasan_save_track+0x18/0x40 [ 15.555328] kasan_save_alloc_info+0x3b/0x50 [ 15.555659] __kasan_kmalloc+0xb7/0xc0 [ 15.556126] __kmalloc_cache_noprof+0x189/0x420 [ 15.556298] kasan_atomics+0x95/0x310 [ 15.556811] kunit_try_run_case+0x1a5/0x480 [ 15.557357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.557763] kthread+0x337/0x6f0 [ 15.557894] ret_from_fork+0x116/0x1d0 [ 15.558037] ret_from_fork_asm+0x1a/0x30 [ 15.558732] [ 15.558908] The buggy address belongs to the object at ffff8881038e3c00 [ 15.558908] which belongs to the cache kmalloc-64 of size 64 [ 15.560281] The buggy address is located 0 bytes to the right of [ 15.560281] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.561273] [ 15.561366] The buggy address belongs to the physical page: [ 15.561930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.562567] flags: 0x200000000000000(node=0|zone=2) [ 15.563116] page_type: f5(slab) [ 15.563260] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.563965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.564579] page dumped because: kasan: bad access detected [ 15.565047] [ 15.565257] Memory state around the buggy address: [ 15.565863] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.566399] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.566812] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.567585] ^ [ 15.567993] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568697] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569191] ================================================================== [ 16.092478] ================================================================== [ 16.092983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.093357] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.093725] [ 16.093838] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.093879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.093892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.093913] Call Trace: [ 16.093926] <TASK> [ 16.093940] dump_stack_lvl+0x73/0xb0 [ 16.093969] print_report+0xd1/0x650 [ 16.093992] ? __virt_addr_valid+0x1db/0x2d0 [ 16.094015] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.094037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.094072] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.094097] kasan_report+0x141/0x180 [ 16.094120] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.094147] kasan_check_range+0x10c/0x1c0 [ 16.094172] __kasan_check_write+0x18/0x20 [ 16.094193] kasan_atomics_helper+0x19e3/0x5450 [ 16.094217] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.094241] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.094267] ? kasan_atomics+0x152/0x310 [ 16.094294] kasan_atomics+0x1dc/0x310 [ 16.094318] ? __pfx_kasan_atomics+0x10/0x10 [ 16.094342] ? trace_hardirqs_on+0x37/0xe0 [ 16.094366] ? __pfx_read_tsc+0x10/0x10 [ 16.094387] ? ktime_get_ts64+0x86/0x230 [ 16.094411] kunit_try_run_case+0x1a5/0x480 [ 16.094436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094463] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.094489] ? __kthread_parkme+0x82/0x180 [ 16.094511] ? preempt_count_sub+0x50/0x80 [ 16.094536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.094638] kthread+0x337/0x6f0 [ 16.094658] ? trace_preempt_on+0x20/0xc0 [ 16.094681] ? __pfx_kthread+0x10/0x10 [ 16.094712] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.094736] ? calculate_sigpending+0x7b/0xa0 [ 16.094761] ? __pfx_kthread+0x10/0x10 [ 16.094783] ret_from_fork+0x116/0x1d0 [ 16.094802] ? __pfx_kthread+0x10/0x10 [ 16.094823] ret_from_fork_asm+0x1a/0x30 [ 16.094856] </TASK> [ 16.094868] [ 16.102397] Allocated by task 282: [ 16.102518] kasan_save_stack+0x45/0x70 [ 16.102692] kasan_save_track+0x18/0x40 [ 16.102899] kasan_save_alloc_info+0x3b/0x50 [ 16.103133] __kasan_kmalloc+0xb7/0xc0 [ 16.103515] __kmalloc_cache_noprof+0x189/0x420 [ 16.103725] kasan_atomics+0x95/0x310 [ 16.103857] kunit_try_run_case+0x1a5/0x480 [ 16.103999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.104219] kthread+0x337/0x6f0 [ 16.104397] ret_from_fork+0x116/0x1d0 [ 16.104584] ret_from_fork_asm+0x1a/0x30 [ 16.104812] [ 16.104908] The buggy address belongs to the object at ffff8881038e3c00 [ 16.104908] which belongs to the cache kmalloc-64 of size 64 [ 16.105558] The buggy address is located 0 bytes to the right of [ 16.105558] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.105921] [ 16.105991] The buggy address belongs to the physical page: [ 16.106219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.106589] flags: 0x200000000000000(node=0|zone=2) [ 16.106849] page_type: f5(slab) [ 16.107122] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.107342] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.107779] page dumped because: kasan: bad access detected [ 16.108027] [ 16.108125] Memory state around the buggy address: [ 16.108313] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.108529] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.108754] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.109084] ^ [ 16.109330] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109658] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109996] ================================================================== [ 16.367863] ================================================================== [ 16.368255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.368567] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.368877] [ 16.368964] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.369006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.369019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.369039] Call Trace: [ 16.369054] <TASK> [ 16.369071] dump_stack_lvl+0x73/0xb0 [ 16.369099] print_report+0xd1/0x650 [ 16.369123] ? __virt_addr_valid+0x1db/0x2d0 [ 16.369147] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.369170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.369203] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.369226] kasan_report+0x141/0x180 [ 16.369249] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.369277] kasan_check_range+0x10c/0x1c0 [ 16.369302] __kasan_check_write+0x18/0x20 [ 16.369323] kasan_atomics_helper+0x20c8/0x5450 [ 16.369347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.369370] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.369396] ? kasan_atomics+0x152/0x310 [ 16.369424] kasan_atomics+0x1dc/0x310 [ 16.369447] ? __pfx_kasan_atomics+0x10/0x10 [ 16.369471] ? trace_hardirqs_on+0x37/0xe0 [ 16.369495] ? __pfx_read_tsc+0x10/0x10 [ 16.369517] ? ktime_get_ts64+0x86/0x230 [ 16.369542] kunit_try_run_case+0x1a5/0x480 [ 16.369567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.369593] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.369619] ? __kthread_parkme+0x82/0x180 [ 16.369641] ? preempt_count_sub+0x50/0x80 [ 16.369666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.369693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.369731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.369757] kthread+0x337/0x6f0 [ 16.369777] ? trace_preempt_on+0x20/0xc0 [ 16.369801] ? __pfx_kthread+0x10/0x10 [ 16.369824] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.369848] ? calculate_sigpending+0x7b/0xa0 [ 16.369874] ? __pfx_kthread+0x10/0x10 [ 16.369896] ret_from_fork+0x116/0x1d0 [ 16.369916] ? __pfx_kthread+0x10/0x10 [ 16.369937] ret_from_fork_asm+0x1a/0x30 [ 16.369970] </TASK> [ 16.369981] [ 16.377461] Allocated by task 282: [ 16.377589] kasan_save_stack+0x45/0x70 [ 16.377743] kasan_save_track+0x18/0x40 [ 16.377935] kasan_save_alloc_info+0x3b/0x50 [ 16.378147] __kasan_kmalloc+0xb7/0xc0 [ 16.378377] __kmalloc_cache_noprof+0x189/0x420 [ 16.378613] kasan_atomics+0x95/0x310 [ 16.378816] kunit_try_run_case+0x1a5/0x480 [ 16.378992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379277] kthread+0x337/0x6f0 [ 16.379402] ret_from_fork+0x116/0x1d0 [ 16.379593] ret_from_fork_asm+0x1a/0x30 [ 16.379802] [ 16.379894] The buggy address belongs to the object at ffff8881038e3c00 [ 16.379894] which belongs to the cache kmalloc-64 of size 64 [ 16.380245] The buggy address is located 0 bytes to the right of [ 16.380245] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.380723] [ 16.380820] The buggy address belongs to the physical page: [ 16.381083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.381326] flags: 0x200000000000000(node=0|zone=2) [ 16.381805] page_type: f5(slab) [ 16.381949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.382235] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.382461] page dumped because: kasan: bad access detected [ 16.382630] [ 16.382721] Memory state around the buggy address: [ 16.382947] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.383460] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.383792] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.384215] ^ [ 16.384444] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384728] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.385009] ================================================================== [ 15.361175] ================================================================== [ 15.361448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.361788] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.362335] [ 15.362476] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.362521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.362535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.362556] Call Trace: [ 15.362572] <TASK> [ 15.362589] dump_stack_lvl+0x73/0xb0 [ 15.362620] print_report+0xd1/0x650 [ 15.362643] ? __virt_addr_valid+0x1db/0x2d0 [ 15.362666] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.362688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.362724] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.362748] kasan_report+0x141/0x180 [ 15.362770] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.362798] kasan_check_range+0x10c/0x1c0 [ 15.362823] __kasan_check_write+0x18/0x20 [ 15.362844] kasan_atomics_helper+0xa2b/0x5450 [ 15.362893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.362918] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.362944] ? kasan_atomics+0x152/0x310 [ 15.362983] kasan_atomics+0x1dc/0x310 [ 15.363007] ? __pfx_kasan_atomics+0x10/0x10 [ 15.363030] ? trace_hardirqs_on+0x37/0xe0 [ 15.363492] ? __pfx_read_tsc+0x10/0x10 [ 15.363530] ? ktime_get_ts64+0x86/0x230 [ 15.363556] kunit_try_run_case+0x1a5/0x480 [ 15.363582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363610] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.363636] ? __kthread_parkme+0x82/0x180 [ 15.363658] ? preempt_count_sub+0x50/0x80 [ 15.363684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.363771] kthread+0x337/0x6f0 [ 15.363791] ? trace_preempt_on+0x20/0xc0 [ 15.363814] ? __pfx_kthread+0x10/0x10 [ 15.363836] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.363858] ? calculate_sigpending+0x7b/0xa0 [ 15.363883] ? __pfx_kthread+0x10/0x10 [ 15.363906] ret_from_fork+0x116/0x1d0 [ 15.363925] ? __pfx_kthread+0x10/0x10 [ 15.363947] ret_from_fork_asm+0x1a/0x30 [ 15.363980] </TASK> [ 15.363991] [ 15.373296] Allocated by task 282: [ 15.373430] kasan_save_stack+0x45/0x70 [ 15.373632] kasan_save_track+0x18/0x40 [ 15.373818] kasan_save_alloc_info+0x3b/0x50 [ 15.374007] __kasan_kmalloc+0xb7/0xc0 [ 15.374374] __kmalloc_cache_noprof+0x189/0x420 [ 15.374676] kasan_atomics+0x95/0x310 [ 15.374872] kunit_try_run_case+0x1a5/0x480 [ 15.375217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.375471] kthread+0x337/0x6f0 [ 15.375699] ret_from_fork+0x116/0x1d0 [ 15.375893] ret_from_fork_asm+0x1a/0x30 [ 15.376157] [ 15.376297] The buggy address belongs to the object at ffff8881038e3c00 [ 15.376297] which belongs to the cache kmalloc-64 of size 64 [ 15.376740] The buggy address is located 0 bytes to the right of [ 15.376740] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.377295] [ 15.377394] The buggy address belongs to the physical page: [ 15.377650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.378194] flags: 0x200000000000000(node=0|zone=2) [ 15.378464] page_type: f5(slab) [ 15.378626] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.379011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.379324] page dumped because: kasan: bad access detected [ 15.379512] [ 15.379584] Memory state around the buggy address: [ 15.379804] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.380327] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.380695] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.380963] ^ [ 15.381446] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381842] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.382146] ================================================================== [ 15.843296] ================================================================== [ 15.843558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.843928] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.844678] [ 15.844932] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.844979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.844992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.845012] Call Trace: [ 15.845028] <TASK> [ 15.845055] dump_stack_lvl+0x73/0xb0 [ 15.845086] print_report+0xd1/0x650 [ 15.845108] ? __virt_addr_valid+0x1db/0x2d0 [ 15.845132] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.845155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.845180] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.845203] kasan_report+0x141/0x180 [ 15.845226] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.845254] kasan_check_range+0x10c/0x1c0 [ 15.845279] __kasan_check_read+0x15/0x20 [ 15.845298] kasan_atomics_helper+0x13b5/0x5450 [ 15.845322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.845346] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.845371] ? kasan_atomics+0x152/0x310 [ 15.845399] kasan_atomics+0x1dc/0x310 [ 15.845423] ? __pfx_kasan_atomics+0x10/0x10 [ 15.845446] ? trace_hardirqs_on+0x37/0xe0 [ 15.845470] ? __pfx_read_tsc+0x10/0x10 [ 15.845491] ? ktime_get_ts64+0x86/0x230 [ 15.845516] kunit_try_run_case+0x1a5/0x480 [ 15.845541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.845567] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.845593] ? __kthread_parkme+0x82/0x180 [ 15.845614] ? preempt_count_sub+0x50/0x80 [ 15.845639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.845664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.845690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.845728] kthread+0x337/0x6f0 [ 15.845747] ? trace_preempt_on+0x20/0xc0 [ 15.845770] ? __pfx_kthread+0x10/0x10 [ 15.845792] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.845814] ? calculate_sigpending+0x7b/0xa0 [ 15.845840] ? __pfx_kthread+0x10/0x10 [ 15.845862] ret_from_fork+0x116/0x1d0 [ 15.845883] ? __pfx_kthread+0x10/0x10 [ 15.845905] ret_from_fork_asm+0x1a/0x30 [ 15.845937] </TASK> [ 15.845947] [ 15.856139] Allocated by task 282: [ 15.856310] kasan_save_stack+0x45/0x70 [ 15.856586] kasan_save_track+0x18/0x40 [ 15.856802] kasan_save_alloc_info+0x3b/0x50 [ 15.857003] __kasan_kmalloc+0xb7/0xc0 [ 15.857419] __kmalloc_cache_noprof+0x189/0x420 [ 15.857725] kasan_atomics+0x95/0x310 [ 15.858064] kunit_try_run_case+0x1a5/0x480 [ 15.858272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.858592] kthread+0x337/0x6f0 [ 15.858857] ret_from_fork+0x116/0x1d0 [ 15.859005] ret_from_fork_asm+0x1a/0x30 [ 15.859416] [ 15.859655] The buggy address belongs to the object at ffff8881038e3c00 [ 15.859655] which belongs to the cache kmalloc-64 of size 64 [ 15.860326] The buggy address is located 0 bytes to the right of [ 15.860326] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.860909] [ 15.861006] The buggy address belongs to the physical page: [ 15.861259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.861602] flags: 0x200000000000000(node=0|zone=2) [ 15.861842] page_type: f5(slab) [ 15.862005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.862662] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.863078] page dumped because: kasan: bad access detected [ 15.863405] [ 15.863505] Memory state around the buggy address: [ 15.863862] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.864338] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.864743] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.865176] ^ [ 15.865528] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.865848] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.866325] ================================================================== [ 15.299342] ================================================================== [ 15.299628] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.299869] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.300369] [ 15.300483] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.300524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.300536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.300557] Call Trace: [ 15.300570] <TASK> [ 15.300584] dump_stack_lvl+0x73/0xb0 [ 15.300614] print_report+0xd1/0x650 [ 15.300636] ? __virt_addr_valid+0x1db/0x2d0 [ 15.300660] ? kasan_atomics_helper+0x860/0x5450 [ 15.300682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.300718] ? kasan_atomics_helper+0x860/0x5450 [ 15.300741] kasan_report+0x141/0x180 [ 15.300765] ? kasan_atomics_helper+0x860/0x5450 [ 15.300793] kasan_check_range+0x10c/0x1c0 [ 15.300818] __kasan_check_write+0x18/0x20 [ 15.300838] kasan_atomics_helper+0x860/0x5450 [ 15.300863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.300887] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.300913] ? kasan_atomics+0x152/0x310 [ 15.300941] kasan_atomics+0x1dc/0x310 [ 15.300964] ? __pfx_kasan_atomics+0x10/0x10 [ 15.300989] ? trace_hardirqs_on+0x37/0xe0 [ 15.301013] ? __pfx_read_tsc+0x10/0x10 [ 15.301034] ? ktime_get_ts64+0x86/0x230 [ 15.301059] kunit_try_run_case+0x1a5/0x480 [ 15.301083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301166] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.301195] ? __kthread_parkme+0x82/0x180 [ 15.301217] ? preempt_count_sub+0x50/0x80 [ 15.301242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.301294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.301322] kthread+0x337/0x6f0 [ 15.301342] ? trace_preempt_on+0x20/0xc0 [ 15.301366] ? __pfx_kthread+0x10/0x10 [ 15.301387] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.301410] ? calculate_sigpending+0x7b/0xa0 [ 15.301435] ? __pfx_kthread+0x10/0x10 [ 15.301458] ret_from_fork+0x116/0x1d0 [ 15.301478] ? __pfx_kthread+0x10/0x10 [ 15.301499] ret_from_fork_asm+0x1a/0x30 [ 15.301531] </TASK> [ 15.301542] [ 15.309587] Allocated by task 282: [ 15.309732] kasan_save_stack+0x45/0x70 [ 15.309878] kasan_save_track+0x18/0x40 [ 15.310015] kasan_save_alloc_info+0x3b/0x50 [ 15.310175] __kasan_kmalloc+0xb7/0xc0 [ 15.310363] __kmalloc_cache_noprof+0x189/0x420 [ 15.310587] kasan_atomics+0x95/0x310 [ 15.310786] kunit_try_run_case+0x1a5/0x480 [ 15.311053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311321] kthread+0x337/0x6f0 [ 15.311491] ret_from_fork+0x116/0x1d0 [ 15.311684] ret_from_fork_asm+0x1a/0x30 [ 15.311901] [ 15.311996] The buggy address belongs to the object at ffff8881038e3c00 [ 15.311996] which belongs to the cache kmalloc-64 of size 64 [ 15.312533] The buggy address is located 0 bytes to the right of [ 15.312533] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.312956] [ 15.313066] The buggy address belongs to the physical page: [ 15.313325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.313642] flags: 0x200000000000000(node=0|zone=2) [ 15.313855] page_type: f5(slab) [ 15.313998] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.314439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.314666] page dumped because: kasan: bad access detected [ 15.314849] [ 15.314920] Memory state around the buggy address: [ 15.315075] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.315347] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.315754] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.316070] ^ [ 15.316289] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316924] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.317973] ================================================================== [ 15.157744] ================================================================== [ 15.158123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.158425] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.158671] [ 15.158788] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.158829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.158873] Call Trace: [ 15.158887] <TASK> [ 15.158901] dump_stack_lvl+0x73/0xb0 [ 15.158941] print_report+0xd1/0x650 [ 15.158964] ? __virt_addr_valid+0x1db/0x2d0 [ 15.158987] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.159009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.159040] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.159079] kasan_report+0x141/0x180 [ 15.159101] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.159129] kasan_check_range+0x10c/0x1c0 [ 15.159154] __kasan_check_write+0x18/0x20 [ 15.159175] kasan_atomics_helper+0x4a0/0x5450 [ 15.159210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.159235] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.159262] ? kasan_atomics+0x152/0x310 [ 15.159289] kasan_atomics+0x1dc/0x310 [ 15.159313] ? __pfx_kasan_atomics+0x10/0x10 [ 15.159337] ? trace_hardirqs_on+0x37/0xe0 [ 15.159361] ? __pfx_read_tsc+0x10/0x10 [ 15.159392] ? ktime_get_ts64+0x86/0x230 [ 15.159416] kunit_try_run_case+0x1a5/0x480 [ 15.159441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159478] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.159504] ? __kthread_parkme+0x82/0x180 [ 15.159526] ? preempt_count_sub+0x50/0x80 [ 15.159550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.159601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.159627] kthread+0x337/0x6f0 [ 15.159647] ? trace_preempt_on+0x20/0xc0 [ 15.159671] ? __pfx_kthread+0x10/0x10 [ 15.159693] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.159724] ? calculate_sigpending+0x7b/0xa0 [ 15.159758] ? __pfx_kthread+0x10/0x10 [ 15.159781] ret_from_fork+0x116/0x1d0 [ 15.159800] ? __pfx_kthread+0x10/0x10 [ 15.159832] ret_from_fork_asm+0x1a/0x30 [ 15.159864] </TASK> [ 15.159875] [ 15.169012] Allocated by task 282: [ 15.169272] kasan_save_stack+0x45/0x70 [ 15.169484] kasan_save_track+0x18/0x40 [ 15.169687] kasan_save_alloc_info+0x3b/0x50 [ 15.169885] __kasan_kmalloc+0xb7/0xc0 [ 15.170052] __kmalloc_cache_noprof+0x189/0x420 [ 15.170310] kasan_atomics+0x95/0x310 [ 15.170500] kunit_try_run_case+0x1a5/0x480 [ 15.170699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.170942] kthread+0x337/0x6f0 [ 15.171115] ret_from_fork+0x116/0x1d0 [ 15.171459] ret_from_fork_asm+0x1a/0x30 [ 15.171617] [ 15.171688] The buggy address belongs to the object at ffff8881038e3c00 [ 15.171688] which belongs to the cache kmalloc-64 of size 64 [ 15.172796] The buggy address is located 0 bytes to the right of [ 15.172796] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.173827] [ 15.174073] The buggy address belongs to the physical page: [ 15.174542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.174887] flags: 0x200000000000000(node=0|zone=2) [ 15.175339] page_type: f5(slab) [ 15.175686] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.176391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.176718] page dumped because: kasan: bad access detected [ 15.176952] [ 15.177296] Memory state around the buggy address: [ 15.177596] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.177912] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178495] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.178952] ^ [ 15.179361] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179661] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179966] ================================================================== [ 16.039733] ================================================================== [ 16.040085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.040396] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.040659] [ 16.040779] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.040819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.040832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.040851] Call Trace: [ 16.040866] <TASK> [ 16.040904] dump_stack_lvl+0x73/0xb0 [ 16.040933] print_report+0xd1/0x650 [ 16.040957] ? __virt_addr_valid+0x1db/0x2d0 [ 16.040979] ? kasan_atomics_helper+0x1818/0x5450 [ 16.041002] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.041027] ? kasan_atomics_helper+0x1818/0x5450 [ 16.041063] kasan_report+0x141/0x180 [ 16.041085] ? kasan_atomics_helper+0x1818/0x5450 [ 16.041113] kasan_check_range+0x10c/0x1c0 [ 16.041139] __kasan_check_write+0x18/0x20 [ 16.041160] kasan_atomics_helper+0x1818/0x5450 [ 16.041185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.041208] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.041234] ? kasan_atomics+0x152/0x310 [ 16.041261] kasan_atomics+0x1dc/0x310 [ 16.041285] ? __pfx_kasan_atomics+0x10/0x10 [ 16.041308] ? trace_hardirqs_on+0x37/0xe0 [ 16.041332] ? __pfx_read_tsc+0x10/0x10 [ 16.041353] ? ktime_get_ts64+0x86/0x230 [ 16.041379] kunit_try_run_case+0x1a5/0x480 [ 16.041404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.041430] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.041456] ? __kthread_parkme+0x82/0x180 [ 16.041477] ? preempt_count_sub+0x50/0x80 [ 16.041502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.041527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.041553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.041579] kthread+0x337/0x6f0 [ 16.041599] ? trace_preempt_on+0x20/0xc0 [ 16.041643] ? __pfx_kthread+0x10/0x10 [ 16.041666] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.041689] ? calculate_sigpending+0x7b/0xa0 [ 16.041724] ? __pfx_kthread+0x10/0x10 [ 16.041747] ret_from_fork+0x116/0x1d0 [ 16.041766] ? __pfx_kthread+0x10/0x10 [ 16.041787] ret_from_fork_asm+0x1a/0x30 [ 16.041820] </TASK> [ 16.041831] [ 16.049120] Allocated by task 282: [ 16.049307] kasan_save_stack+0x45/0x70 [ 16.049526] kasan_save_track+0x18/0x40 [ 16.049723] kasan_save_alloc_info+0x3b/0x50 [ 16.049890] __kasan_kmalloc+0xb7/0xc0 [ 16.050022] __kmalloc_cache_noprof+0x189/0x420 [ 16.050257] kasan_atomics+0x95/0x310 [ 16.050446] kunit_try_run_case+0x1a5/0x480 [ 16.050622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.050804] kthread+0x337/0x6f0 [ 16.050923] ret_from_fork+0x116/0x1d0 [ 16.051083] ret_from_fork_asm+0x1a/0x30 [ 16.051283] [ 16.051378] The buggy address belongs to the object at ffff8881038e3c00 [ 16.051378] which belongs to the cache kmalloc-64 of size 64 [ 16.051954] The buggy address is located 0 bytes to the right of [ 16.051954] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.052564] [ 16.052661] The buggy address belongs to the physical page: [ 16.052861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.053095] flags: 0x200000000000000(node=0|zone=2) [ 16.053308] page_type: f5(slab) [ 16.053478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.053854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.054195] page dumped because: kasan: bad access detected [ 16.054448] [ 16.054519] Memory state around the buggy address: [ 16.054673] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.054924] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.055240] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.055592] ^ [ 16.055801] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.056018] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.056347] ================================================================== [ 15.423585] ================================================================== [ 15.423916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.424360] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.424716] [ 15.424821] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.424876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.424889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.424910] Call Trace: [ 15.424925] <TASK> [ 15.424951] dump_stack_lvl+0x73/0xb0 [ 15.424982] print_report+0xd1/0x650 [ 15.425004] ? __virt_addr_valid+0x1db/0x2d0 [ 15.425027] ? kasan_atomics_helper+0xc70/0x5450 [ 15.425059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.425083] ? kasan_atomics_helper+0xc70/0x5450 [ 15.425106] kasan_report+0x141/0x180 [ 15.425290] ? kasan_atomics_helper+0xc70/0x5450 [ 15.425323] kasan_check_range+0x10c/0x1c0 [ 15.425349] __kasan_check_write+0x18/0x20 [ 15.425370] kasan_atomics_helper+0xc70/0x5450 [ 15.425395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.425420] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.425446] ? kasan_atomics+0x152/0x310 [ 15.425488] kasan_atomics+0x1dc/0x310 [ 15.425512] ? __pfx_kasan_atomics+0x10/0x10 [ 15.425535] ? trace_hardirqs_on+0x37/0xe0 [ 15.425573] ? __pfx_read_tsc+0x10/0x10 [ 15.425595] ? ktime_get_ts64+0x86/0x230 [ 15.425620] kunit_try_run_case+0x1a5/0x480 [ 15.425645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.425672] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.425699] ? __kthread_parkme+0x82/0x180 [ 15.425730] ? preempt_count_sub+0x50/0x80 [ 15.425755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.425780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.425807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.425833] kthread+0x337/0x6f0 [ 15.425852] ? trace_preempt_on+0x20/0xc0 [ 15.425876] ? __pfx_kthread+0x10/0x10 [ 15.425897] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.425921] ? calculate_sigpending+0x7b/0xa0 [ 15.425945] ? __pfx_kthread+0x10/0x10 [ 15.425967] ret_from_fork+0x116/0x1d0 [ 15.425996] ? __pfx_kthread+0x10/0x10 [ 15.426018] ret_from_fork_asm+0x1a/0x30 [ 15.426049] </TASK> [ 15.426072] [ 15.439449] Allocated by task 282: [ 15.439638] kasan_save_stack+0x45/0x70 [ 15.439847] kasan_save_track+0x18/0x40 [ 15.440002] kasan_save_alloc_info+0x3b/0x50 [ 15.440504] __kasan_kmalloc+0xb7/0xc0 [ 15.440679] __kmalloc_cache_noprof+0x189/0x420 [ 15.440870] kasan_atomics+0x95/0x310 [ 15.441370] kunit_try_run_case+0x1a5/0x480 [ 15.441578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.441797] kthread+0x337/0x6f0 [ 15.441941] ret_from_fork+0x116/0x1d0 [ 15.442362] ret_from_fork_asm+0x1a/0x30 [ 15.442537] [ 15.442617] The buggy address belongs to the object at ffff8881038e3c00 [ 15.442617] which belongs to the cache kmalloc-64 of size 64 [ 15.443018] The buggy address is located 0 bytes to the right of [ 15.443018] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.443368] [ 15.443441] The buggy address belongs to the physical page: [ 15.443607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.443850] flags: 0x200000000000000(node=0|zone=2) [ 15.444010] page_type: f5(slab) [ 15.444130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.444798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.445038] page dumped because: kasan: bad access detected [ 15.445244] [ 15.445360] Memory state around the buggy address: [ 15.446519] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.446844] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.447665] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.448477] ^ [ 15.448642] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449202] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449533] ================================================================== [ 16.128202] ================================================================== [ 16.128542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.128914] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.129216] [ 16.129299] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.129340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.129352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.129373] Call Trace: [ 16.129389] <TASK> [ 16.129405] dump_stack_lvl+0x73/0xb0 [ 16.129433] print_report+0xd1/0x650 [ 16.129456] ? __virt_addr_valid+0x1db/0x2d0 [ 16.129479] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.129502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.129527] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.129550] kasan_report+0x141/0x180 [ 16.129572] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.129600] kasan_check_range+0x10c/0x1c0 [ 16.129624] __kasan_check_write+0x18/0x20 [ 16.129645] kasan_atomics_helper+0x1b22/0x5450 [ 16.129669] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.129693] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.129756] ? kasan_atomics+0x152/0x310 [ 16.129783] kasan_atomics+0x1dc/0x310 [ 16.129808] ? __pfx_kasan_atomics+0x10/0x10 [ 16.129832] ? trace_hardirqs_on+0x37/0xe0 [ 16.129856] ? __pfx_read_tsc+0x10/0x10 [ 16.129877] ? ktime_get_ts64+0x86/0x230 [ 16.129902] kunit_try_run_case+0x1a5/0x480 [ 16.129927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.129954] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.129981] ? __kthread_parkme+0x82/0x180 [ 16.130002] ? preempt_count_sub+0x50/0x80 [ 16.130027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.130062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.130087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.130114] kthread+0x337/0x6f0 [ 16.130134] ? trace_preempt_on+0x20/0xc0 [ 16.130157] ? __pfx_kthread+0x10/0x10 [ 16.130179] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.130202] ? calculate_sigpending+0x7b/0xa0 [ 16.130227] ? __pfx_kthread+0x10/0x10 [ 16.130249] ret_from_fork+0x116/0x1d0 [ 16.130268] ? __pfx_kthread+0x10/0x10 [ 16.130290] ret_from_fork_asm+0x1a/0x30 [ 16.130354] </TASK> [ 16.130365] [ 16.137796] Allocated by task 282: [ 16.137977] kasan_save_stack+0x45/0x70 [ 16.138270] kasan_save_track+0x18/0x40 [ 16.138410] kasan_save_alloc_info+0x3b/0x50 [ 16.138555] __kasan_kmalloc+0xb7/0xc0 [ 16.138755] __kmalloc_cache_noprof+0x189/0x420 [ 16.138973] kasan_atomics+0x95/0x310 [ 16.139156] kunit_try_run_case+0x1a5/0x480 [ 16.139469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.139641] kthread+0x337/0x6f0 [ 16.139780] ret_from_fork+0x116/0x1d0 [ 16.139967] ret_from_fork_asm+0x1a/0x30 [ 16.140275] [ 16.140376] The buggy address belongs to the object at ffff8881038e3c00 [ 16.140376] which belongs to the cache kmalloc-64 of size 64 [ 16.140783] The buggy address is located 0 bytes to the right of [ 16.140783] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.141223] [ 16.141318] The buggy address belongs to the physical page: [ 16.141563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.141915] flags: 0x200000000000000(node=0|zone=2) [ 16.142172] page_type: f5(slab) [ 16.142329] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.142647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.142876] page dumped because: kasan: bad access detected [ 16.143044] [ 16.143137] Memory state around the buggy address: [ 16.143501] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.144466] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.144691] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.144909] ^ [ 16.145057] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.145566] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.145897] ================================================================== [ 16.403309] ================================================================== [ 16.403660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.404060] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.404377] [ 16.404489] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.404530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.404542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.404583] Call Trace: [ 16.404595] <TASK> [ 16.404610] dump_stack_lvl+0x73/0xb0 [ 16.404638] print_report+0xd1/0x650 [ 16.404661] ? __virt_addr_valid+0x1db/0x2d0 [ 16.404685] ? kasan_atomics_helper+0x218a/0x5450 [ 16.404716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.404740] ? kasan_atomics_helper+0x218a/0x5450 [ 16.404782] kasan_report+0x141/0x180 [ 16.404805] ? kasan_atomics_helper+0x218a/0x5450 [ 16.404833] kasan_check_range+0x10c/0x1c0 [ 16.404858] __kasan_check_write+0x18/0x20 [ 16.404879] kasan_atomics_helper+0x218a/0x5450 [ 16.404903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.404927] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.404971] ? kasan_atomics+0x152/0x310 [ 16.404999] kasan_atomics+0x1dc/0x310 [ 16.405022] ? __pfx_kasan_atomics+0x10/0x10 [ 16.405066] ? trace_hardirqs_on+0x37/0xe0 [ 16.405091] ? __pfx_read_tsc+0x10/0x10 [ 16.405130] ? ktime_get_ts64+0x86/0x230 [ 16.405155] kunit_try_run_case+0x1a5/0x480 [ 16.405180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.405206] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.405232] ? __kthread_parkme+0x82/0x180 [ 16.405253] ? preempt_count_sub+0x50/0x80 [ 16.405278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.405304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.405330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.405356] kthread+0x337/0x6f0 [ 16.405376] ? trace_preempt_on+0x20/0xc0 [ 16.405416] ? __pfx_kthread+0x10/0x10 [ 16.405439] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.405462] ? calculate_sigpending+0x7b/0xa0 [ 16.405488] ? __pfx_kthread+0x10/0x10 [ 16.405510] ret_from_fork+0x116/0x1d0 [ 16.405529] ? __pfx_kthread+0x10/0x10 [ 16.405551] ret_from_fork_asm+0x1a/0x30 [ 16.405598] </TASK> [ 16.405609] [ 16.413384] Allocated by task 282: [ 16.413603] kasan_save_stack+0x45/0x70 [ 16.413855] kasan_save_track+0x18/0x40 [ 16.414094] kasan_save_alloc_info+0x3b/0x50 [ 16.414265] __kasan_kmalloc+0xb7/0xc0 [ 16.414398] __kmalloc_cache_noprof+0x189/0x420 [ 16.414599] kasan_atomics+0x95/0x310 [ 16.414798] kunit_try_run_case+0x1a5/0x480 [ 16.415045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.415335] kthread+0x337/0x6f0 [ 16.415508] ret_from_fork+0x116/0x1d0 [ 16.415661] ret_from_fork_asm+0x1a/0x30 [ 16.415811] [ 16.415884] The buggy address belongs to the object at ffff8881038e3c00 [ 16.415884] which belongs to the cache kmalloc-64 of size 64 [ 16.416390] The buggy address is located 0 bytes to the right of [ 16.416390] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.416946] [ 16.417057] The buggy address belongs to the physical page: [ 16.417271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.417508] flags: 0x200000000000000(node=0|zone=2) [ 16.417691] page_type: f5(slab) [ 16.417867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.418255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.418609] page dumped because: kasan: bad access detected [ 16.418872] [ 16.418985] Memory state around the buggy address: [ 16.419203] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.419518] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.419835] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.420169] ^ [ 16.420400] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.420695] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421013] ================================================================== [ 16.446458] ================================================================== [ 16.446800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.447361] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.447843] [ 16.448086] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.448134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.448148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.448168] Call Trace: [ 16.448182] <TASK> [ 16.448197] dump_stack_lvl+0x73/0xb0 [ 16.448263] print_report+0xd1/0x650 [ 16.448288] ? __virt_addr_valid+0x1db/0x2d0 [ 16.448311] ? kasan_atomics_helper+0x224c/0x5450 [ 16.448338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.448363] ? kasan_atomics_helper+0x224c/0x5450 [ 16.448385] kasan_report+0x141/0x180 [ 16.448409] ? kasan_atomics_helper+0x224c/0x5450 [ 16.448437] kasan_check_range+0x10c/0x1c0 [ 16.448462] __kasan_check_write+0x18/0x20 [ 16.448483] kasan_atomics_helper+0x224c/0x5450 [ 16.448507] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.448531] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.448558] ? kasan_atomics+0x152/0x310 [ 16.448586] kasan_atomics+0x1dc/0x310 [ 16.448609] ? __pfx_kasan_atomics+0x10/0x10 [ 16.448633] ? trace_hardirqs_on+0x37/0xe0 [ 16.448657] ? __pfx_read_tsc+0x10/0x10 [ 16.448678] ? ktime_get_ts64+0x86/0x230 [ 16.448714] kunit_try_run_case+0x1a5/0x480 [ 16.448739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.448765] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.448792] ? __kthread_parkme+0x82/0x180 [ 16.448814] ? preempt_count_sub+0x50/0x80 [ 16.448839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.448865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.448891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.448919] kthread+0x337/0x6f0 [ 16.448943] ? trace_preempt_on+0x20/0xc0 [ 16.448967] ? __pfx_kthread+0x10/0x10 [ 16.448989] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.449011] ? calculate_sigpending+0x7b/0xa0 [ 16.449036] ? __pfx_kthread+0x10/0x10 [ 16.449068] ret_from_fork+0x116/0x1d0 [ 16.449088] ? __pfx_kthread+0x10/0x10 [ 16.449109] ret_from_fork_asm+0x1a/0x30 [ 16.449141] </TASK> [ 16.449154] [ 16.460844] Allocated by task 282: [ 16.461030] kasan_save_stack+0x45/0x70 [ 16.461374] kasan_save_track+0x18/0x40 [ 16.461551] kasan_save_alloc_info+0x3b/0x50 [ 16.461747] __kasan_kmalloc+0xb7/0xc0 [ 16.461889] __kmalloc_cache_noprof+0x189/0x420 [ 16.462125] kasan_atomics+0x95/0x310 [ 16.462292] kunit_try_run_case+0x1a5/0x480 [ 16.462436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.462684] kthread+0x337/0x6f0 [ 16.462854] ret_from_fork+0x116/0x1d0 [ 16.463015] ret_from_fork_asm+0x1a/0x30 [ 16.463198] [ 16.463295] The buggy address belongs to the object at ffff8881038e3c00 [ 16.463295] which belongs to the cache kmalloc-64 of size 64 [ 16.463812] The buggy address is located 0 bytes to the right of [ 16.463812] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.464323] [ 16.464410] The buggy address belongs to the physical page: [ 16.464576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.465012] flags: 0x200000000000000(node=0|zone=2) [ 16.465286] page_type: f5(slab) [ 16.465425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.465651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.465984] page dumped because: kasan: bad access detected [ 16.466483] [ 16.466575] Memory state around the buggy address: [ 16.466761] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.466970] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.467273] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.467625] ^ [ 16.467785] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.468051] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.468370] ================================================================== [ 15.696133] ================================================================== [ 15.696410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.696641] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.696878] [ 15.696962] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.697003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.697015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.697035] Call Trace: [ 15.697049] <TASK> [ 15.697064] dump_stack_lvl+0x73/0xb0 [ 15.697091] print_report+0xd1/0x650 [ 15.697113] ? __virt_addr_valid+0x1db/0x2d0 [ 15.697135] ? kasan_atomics_helper+0x1148/0x5450 [ 15.697156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.697180] ? kasan_atomics_helper+0x1148/0x5450 [ 15.697201] kasan_report+0x141/0x180 [ 15.697223] ? kasan_atomics_helper+0x1148/0x5450 [ 15.697250] kasan_check_range+0x10c/0x1c0 [ 15.697274] __kasan_check_write+0x18/0x20 [ 15.697293] kasan_atomics_helper+0x1148/0x5450 [ 15.697753] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.697786] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.697821] ? kasan_atomics+0x152/0x310 [ 15.697849] kasan_atomics+0x1dc/0x310 [ 15.697873] ? __pfx_kasan_atomics+0x10/0x10 [ 15.697897] ? trace_hardirqs_on+0x37/0xe0 [ 15.697921] ? __pfx_read_tsc+0x10/0x10 [ 15.697943] ? ktime_get_ts64+0x86/0x230 [ 15.697968] kunit_try_run_case+0x1a5/0x480 [ 15.697993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.698019] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.698057] ? __kthread_parkme+0x82/0x180 [ 15.698080] ? preempt_count_sub+0x50/0x80 [ 15.698105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.698130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.698157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.698182] kthread+0x337/0x6f0 [ 15.698203] ? trace_preempt_on+0x20/0xc0 [ 15.698226] ? __pfx_kthread+0x10/0x10 [ 15.698248] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.698271] ? calculate_sigpending+0x7b/0xa0 [ 15.698296] ? __pfx_kthread+0x10/0x10 [ 15.698319] ret_from_fork+0x116/0x1d0 [ 15.698338] ? __pfx_kthread+0x10/0x10 [ 15.698359] ret_from_fork_asm+0x1a/0x30 [ 15.698391] </TASK> [ 15.698402] [ 15.712686] Allocated by task 282: [ 15.712864] kasan_save_stack+0x45/0x70 [ 15.713364] kasan_save_track+0x18/0x40 [ 15.713577] kasan_save_alloc_info+0x3b/0x50 [ 15.713745] __kasan_kmalloc+0xb7/0xc0 [ 15.714061] __kmalloc_cache_noprof+0x189/0x420 [ 15.714286] kasan_atomics+0x95/0x310 [ 15.714512] kunit_try_run_case+0x1a5/0x480 [ 15.714678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.714968] kthread+0x337/0x6f0 [ 15.715109] ret_from_fork+0x116/0x1d0 [ 15.715285] ret_from_fork_asm+0x1a/0x30 [ 15.715495] [ 15.715593] The buggy address belongs to the object at ffff8881038e3c00 [ 15.715593] which belongs to the cache kmalloc-64 of size 64 [ 15.716118] The buggy address is located 0 bytes to the right of [ 15.716118] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.716572] [ 15.716669] The buggy address belongs to the physical page: [ 15.716957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.717290] flags: 0x200000000000000(node=0|zone=2) [ 15.717766] page_type: f5(slab) [ 15.717942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.718371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.718659] page dumped because: kasan: bad access detected [ 15.718916] [ 15.719013] Memory state around the buggy address: [ 15.719192] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.719547] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.719978] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.720276] ^ [ 15.720499] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.720740] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.720963] ================================================================== [ 15.677794] ================================================================== [ 15.678209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.678473] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.678694] [ 15.678818] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.678860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.678872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.678893] Call Trace: [ 15.678907] <TASK> [ 15.678922] dump_stack_lvl+0x73/0xb0 [ 15.678950] print_report+0xd1/0x650 [ 15.678974] ? __virt_addr_valid+0x1db/0x2d0 [ 15.678996] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.679019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.679044] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.679091] kasan_report+0x141/0x180 [ 15.679123] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.679151] __asan_report_load4_noabort+0x18/0x20 [ 15.679177] kasan_atomics_helper+0x4a1c/0x5450 [ 15.679202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.679225] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.679252] ? kasan_atomics+0x152/0x310 [ 15.679281] kasan_atomics+0x1dc/0x310 [ 15.679304] ? __pfx_kasan_atomics+0x10/0x10 [ 15.679328] ? trace_hardirqs_on+0x37/0xe0 [ 15.679353] ? __pfx_read_tsc+0x10/0x10 [ 15.679375] ? ktime_get_ts64+0x86/0x230 [ 15.679399] kunit_try_run_case+0x1a5/0x480 [ 15.679425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.679451] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.679478] ? __kthread_parkme+0x82/0x180 [ 15.679499] ? preempt_count_sub+0x50/0x80 [ 15.679524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.679550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.679582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.679608] kthread+0x337/0x6f0 [ 15.679629] ? trace_preempt_on+0x20/0xc0 [ 15.679651] ? __pfx_kthread+0x10/0x10 [ 15.679674] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.679696] ? calculate_sigpending+0x7b/0xa0 [ 15.679732] ? __pfx_kthread+0x10/0x10 [ 15.679755] ret_from_fork+0x116/0x1d0 [ 15.679775] ? __pfx_kthread+0x10/0x10 [ 15.679796] ret_from_fork_asm+0x1a/0x30 [ 15.679828] </TASK> [ 15.679839] [ 15.687676] Allocated by task 282: [ 15.687813] kasan_save_stack+0x45/0x70 [ 15.687958] kasan_save_track+0x18/0x40 [ 15.688094] kasan_save_alloc_info+0x3b/0x50 [ 15.688244] __kasan_kmalloc+0xb7/0xc0 [ 15.688431] __kmalloc_cache_noprof+0x189/0x420 [ 15.688755] kasan_atomics+0x95/0x310 [ 15.688945] kunit_try_run_case+0x1a5/0x480 [ 15.689382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.689646] kthread+0x337/0x6f0 [ 15.689824] ret_from_fork+0x116/0x1d0 [ 15.690002] ret_from_fork_asm+0x1a/0x30 [ 15.690211] [ 15.690282] The buggy address belongs to the object at ffff8881038e3c00 [ 15.690282] which belongs to the cache kmalloc-64 of size 64 [ 15.690631] The buggy address is located 0 bytes to the right of [ 15.690631] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.691007] [ 15.691080] The buggy address belongs to the physical page: [ 15.691331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.691694] flags: 0x200000000000000(node=0|zone=2) [ 15.691942] page_type: f5(slab) [ 15.692111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.692466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.692818] page dumped because: kasan: bad access detected [ 15.693076] [ 15.693171] Memory state around the buggy address: [ 15.693401] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.693772] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.694149] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.694460] ^ [ 15.694712] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694928] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.695419] ================================================================== [ 15.223733] ================================================================== [ 15.224036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.224886] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.225238] [ 15.225360] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.225403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.225416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.225437] Call Trace: [ 15.225451] <TASK> [ 15.225465] dump_stack_lvl+0x73/0xb0 [ 15.225494] print_report+0xd1/0x650 [ 15.225517] ? __virt_addr_valid+0x1db/0x2d0 [ 15.225540] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.225562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.225587] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.225610] kasan_report+0x141/0x180 [ 15.225633] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.225662] kasan_check_range+0x10c/0x1c0 [ 15.225687] __kasan_check_write+0x18/0x20 [ 15.225719] kasan_atomics_helper+0x5fe/0x5450 [ 15.225742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.225766] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.225792] ? kasan_atomics+0x152/0x310 [ 15.225819] kasan_atomics+0x1dc/0x310 [ 15.225843] ? __pfx_kasan_atomics+0x10/0x10 [ 15.225866] ? trace_hardirqs_on+0x37/0xe0 [ 15.225891] ? __pfx_read_tsc+0x10/0x10 [ 15.225912] ? ktime_get_ts64+0x86/0x230 [ 15.225936] kunit_try_run_case+0x1a5/0x480 [ 15.225962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.225988] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.226014] ? __kthread_parkme+0x82/0x180 [ 15.226099] ? preempt_count_sub+0x50/0x80 [ 15.226125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.226151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.226177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.226204] kthread+0x337/0x6f0 [ 15.226223] ? trace_preempt_on+0x20/0xc0 [ 15.226247] ? __pfx_kthread+0x10/0x10 [ 15.226268] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.226291] ? calculate_sigpending+0x7b/0xa0 [ 15.226315] ? __pfx_kthread+0x10/0x10 [ 15.226339] ret_from_fork+0x116/0x1d0 [ 15.226358] ? __pfx_kthread+0x10/0x10 [ 15.226381] ret_from_fork_asm+0x1a/0x30 [ 15.226414] </TASK> [ 15.226426] [ 15.234287] Allocated by task 282: [ 15.234468] kasan_save_stack+0x45/0x70 [ 15.234666] kasan_save_track+0x18/0x40 [ 15.234845] kasan_save_alloc_info+0x3b/0x50 [ 15.234995] __kasan_kmalloc+0xb7/0xc0 [ 15.235450] __kmalloc_cache_noprof+0x189/0x420 [ 15.235695] kasan_atomics+0x95/0x310 [ 15.235842] kunit_try_run_case+0x1a5/0x480 [ 15.235990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236243] kthread+0x337/0x6f0 [ 15.236419] ret_from_fork+0x116/0x1d0 [ 15.236763] ret_from_fork_asm+0x1a/0x30 [ 15.237315] [ 15.237404] The buggy address belongs to the object at ffff8881038e3c00 [ 15.237404] which belongs to the cache kmalloc-64 of size 64 [ 15.237799] The buggy address is located 0 bytes to the right of [ 15.237799] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.238346] [ 15.238493] The buggy address belongs to the physical page: [ 15.238753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.239142] flags: 0x200000000000000(node=0|zone=2) [ 15.239345] page_type: f5(slab) [ 15.239466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.239721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.240055] page dumped because: kasan: bad access detected [ 15.240328] [ 15.240416] Memory state around the buggy address: [ 15.240598] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.240890] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.241217] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.241558] ^ [ 15.241761] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.241977] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.242567] ================================================================== [ 15.570071] ================================================================== [ 15.570580] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.570866] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.571694] [ 15.571878] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.571921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.571934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.571957] Call Trace: [ 15.571971] <TASK> [ 15.571986] dump_stack_lvl+0x73/0xb0 [ 15.572016] print_report+0xd1/0x650 [ 15.572052] ? __virt_addr_valid+0x1db/0x2d0 [ 15.572076] ? kasan_atomics_helper+0xf10/0x5450 [ 15.572110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.572146] ? kasan_atomics_helper+0xf10/0x5450 [ 15.572169] kasan_report+0x141/0x180 [ 15.572192] ? kasan_atomics_helper+0xf10/0x5450 [ 15.572219] kasan_check_range+0x10c/0x1c0 [ 15.572244] __kasan_check_write+0x18/0x20 [ 15.572265] kasan_atomics_helper+0xf10/0x5450 [ 15.572288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.572312] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.572345] ? kasan_atomics+0x152/0x310 [ 15.572373] kasan_atomics+0x1dc/0x310 [ 15.572396] ? __pfx_kasan_atomics+0x10/0x10 [ 15.572420] ? trace_hardirqs_on+0x37/0xe0 [ 15.572445] ? __pfx_read_tsc+0x10/0x10 [ 15.572468] ? ktime_get_ts64+0x86/0x230 [ 15.572493] kunit_try_run_case+0x1a5/0x480 [ 15.572518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572544] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.572571] ? __kthread_parkme+0x82/0x180 [ 15.572592] ? preempt_count_sub+0x50/0x80 [ 15.572617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.572694] kthread+0x337/0x6f0 [ 15.572725] ? trace_preempt_on+0x20/0xc0 [ 15.572748] ? __pfx_kthread+0x10/0x10 [ 15.572771] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.572794] ? calculate_sigpending+0x7b/0xa0 [ 15.572821] ? __pfx_kthread+0x10/0x10 [ 15.572845] ret_from_fork+0x116/0x1d0 [ 15.572865] ? __pfx_kthread+0x10/0x10 [ 15.572887] ret_from_fork_asm+0x1a/0x30 [ 15.572920] </TASK> [ 15.572932] [ 15.585685] Allocated by task 282: [ 15.585961] kasan_save_stack+0x45/0x70 [ 15.586338] kasan_save_track+0x18/0x40 [ 15.586757] kasan_save_alloc_info+0x3b/0x50 [ 15.586918] __kasan_kmalloc+0xb7/0xc0 [ 15.587092] __kmalloc_cache_noprof+0x189/0x420 [ 15.587516] kasan_atomics+0x95/0x310 [ 15.587884] kunit_try_run_case+0x1a5/0x480 [ 15.588369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.588919] kthread+0x337/0x6f0 [ 15.589251] ret_from_fork+0x116/0x1d0 [ 15.589606] ret_from_fork_asm+0x1a/0x30 [ 15.589832] [ 15.589923] The buggy address belongs to the object at ffff8881038e3c00 [ 15.589923] which belongs to the cache kmalloc-64 of size 64 [ 15.591020] The buggy address is located 0 bytes to the right of [ 15.591020] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.591905] [ 15.592065] The buggy address belongs to the physical page: [ 15.592681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.593279] flags: 0x200000000000000(node=0|zone=2) [ 15.593595] page_type: f5(slab) [ 15.593887] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.594137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.594976] page dumped because: kasan: bad access detected [ 15.595172] [ 15.595349] Memory state around the buggy address: [ 15.595846] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.596739] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.597211] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.597807] ^ [ 15.598291] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598876] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.599350] ================================================================== [ 16.074492] ================================================================== [ 16.074751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.075092] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.075653] [ 16.075848] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.075889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.075901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.075921] Call Trace: [ 16.075934] <TASK> [ 16.075948] dump_stack_lvl+0x73/0xb0 [ 16.075976] print_report+0xd1/0x650 [ 16.076000] ? __virt_addr_valid+0x1db/0x2d0 [ 16.076023] ? kasan_atomics_helper+0x194a/0x5450 [ 16.076045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.076090] ? kasan_atomics_helper+0x194a/0x5450 [ 16.076114] kasan_report+0x141/0x180 [ 16.076137] ? kasan_atomics_helper+0x194a/0x5450 [ 16.076166] kasan_check_range+0x10c/0x1c0 [ 16.076191] __kasan_check_write+0x18/0x20 [ 16.076212] kasan_atomics_helper+0x194a/0x5450 [ 16.076235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.076260] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.076286] ? kasan_atomics+0x152/0x310 [ 16.076330] kasan_atomics+0x1dc/0x310 [ 16.076355] ? __pfx_kasan_atomics+0x10/0x10 [ 16.076379] ? trace_hardirqs_on+0x37/0xe0 [ 16.076403] ? __pfx_read_tsc+0x10/0x10 [ 16.076426] ? ktime_get_ts64+0x86/0x230 [ 16.076449] kunit_try_run_case+0x1a5/0x480 [ 16.076475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.076501] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.076526] ? __kthread_parkme+0x82/0x180 [ 16.076548] ? preempt_count_sub+0x50/0x80 [ 16.076574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.076600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.076626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.076653] kthread+0x337/0x6f0 [ 16.076672] ? trace_preempt_on+0x20/0xc0 [ 16.076695] ? __pfx_kthread+0x10/0x10 [ 16.076728] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.076750] ? calculate_sigpending+0x7b/0xa0 [ 16.076775] ? __pfx_kthread+0x10/0x10 [ 16.076798] ret_from_fork+0x116/0x1d0 [ 16.076817] ? __pfx_kthread+0x10/0x10 [ 16.076839] ret_from_fork_asm+0x1a/0x30 [ 16.076871] </TASK> [ 16.076882] [ 16.084198] Allocated by task 282: [ 16.084402] kasan_save_stack+0x45/0x70 [ 16.084621] kasan_save_track+0x18/0x40 [ 16.084829] kasan_save_alloc_info+0x3b/0x50 [ 16.085037] __kasan_kmalloc+0xb7/0xc0 [ 16.085267] __kmalloc_cache_noprof+0x189/0x420 [ 16.085454] kasan_atomics+0x95/0x310 [ 16.085664] kunit_try_run_case+0x1a5/0x480 [ 16.085890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.086163] kthread+0x337/0x6f0 [ 16.086339] ret_from_fork+0x116/0x1d0 [ 16.086514] ret_from_fork_asm+0x1a/0x30 [ 16.086720] [ 16.086811] The buggy address belongs to the object at ffff8881038e3c00 [ 16.086811] which belongs to the cache kmalloc-64 of size 64 [ 16.087282] The buggy address is located 0 bytes to the right of [ 16.087282] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.087795] [ 16.087895] The buggy address belongs to the physical page: [ 16.088160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.088398] flags: 0x200000000000000(node=0|zone=2) [ 16.088555] page_type: f5(slab) [ 16.088672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.088938] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.089286] page dumped because: kasan: bad access detected [ 16.089747] [ 16.089840] Memory state around the buggy address: [ 16.090061] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.090374] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.090650] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.090867] ^ [ 16.091017] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.091224] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.091472] ================================================================== [ 16.213396] ================================================================== [ 16.214094] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.214951] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.215423] [ 16.215647] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.215815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.215834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.215856] Call Trace: [ 16.215873] <TASK> [ 16.215902] dump_stack_lvl+0x73/0xb0 [ 16.215936] print_report+0xd1/0x650 [ 16.215996] ? __virt_addr_valid+0x1db/0x2d0 [ 16.216021] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.216055] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.216080] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.216104] kasan_report+0x141/0x180 [ 16.216127] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.216155] kasan_check_range+0x10c/0x1c0 [ 16.216180] __kasan_check_write+0x18/0x20 [ 16.216201] kasan_atomics_helper+0x1d7a/0x5450 [ 16.216225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.216249] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.216276] ? kasan_atomics+0x152/0x310 [ 16.216303] kasan_atomics+0x1dc/0x310 [ 16.216331] ? __pfx_kasan_atomics+0x10/0x10 [ 16.216355] ? trace_hardirqs_on+0x37/0xe0 [ 16.216380] ? __pfx_read_tsc+0x10/0x10 [ 16.216402] ? ktime_get_ts64+0x86/0x230 [ 16.216427] kunit_try_run_case+0x1a5/0x480 [ 16.216453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216478] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.216506] ? __kthread_parkme+0x82/0x180 [ 16.216527] ? preempt_count_sub+0x50/0x80 [ 16.216553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.216631] kthread+0x337/0x6f0 [ 16.216651] ? trace_preempt_on+0x20/0xc0 [ 16.216675] ? __pfx_kthread+0x10/0x10 [ 16.216696] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.216730] ? calculate_sigpending+0x7b/0xa0 [ 16.216754] ? __pfx_kthread+0x10/0x10 [ 16.216777] ret_from_fork+0x116/0x1d0 [ 16.216796] ? __pfx_kthread+0x10/0x10 [ 16.216818] ret_from_fork_asm+0x1a/0x30 [ 16.216850] </TASK> [ 16.216862] [ 16.226504] Allocated by task 282: [ 16.226634] kasan_save_stack+0x45/0x70 [ 16.226789] kasan_save_track+0x18/0x40 [ 16.226923] kasan_save_alloc_info+0x3b/0x50 [ 16.227125] __kasan_kmalloc+0xb7/0xc0 [ 16.227845] __kmalloc_cache_noprof+0x189/0x420 [ 16.228298] kasan_atomics+0x95/0x310 [ 16.228688] kunit_try_run_case+0x1a5/0x480 [ 16.229181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.229688] kthread+0x337/0x6f0 [ 16.230157] ret_from_fork+0x116/0x1d0 [ 16.230408] ret_from_fork_asm+0x1a/0x30 [ 16.230580] [ 16.230669] The buggy address belongs to the object at ffff8881038e3c00 [ 16.230669] which belongs to the cache kmalloc-64 of size 64 [ 16.231315] The buggy address is located 0 bytes to the right of [ 16.231315] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.231766] [ 16.231856] The buggy address belongs to the physical page: [ 16.232175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.233097] flags: 0x200000000000000(node=0|zone=2) [ 16.233401] page_type: f5(slab) [ 16.233531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.233774] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.234015] page dumped because: kasan: bad access detected [ 16.234187] [ 16.234256] Memory state around the buggy address: [ 16.234408] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.234621] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.235571] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.236466] ^ [ 16.236843] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.237525] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.237978] ================================================================== [ 15.129278] ================================================================== [ 15.129647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.130521] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.131117] [ 15.131324] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.131367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.131402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.131424] Call Trace: [ 15.131441] <TASK> [ 15.131456] dump_stack_lvl+0x73/0xb0 [ 15.131499] print_report+0xd1/0x650 [ 15.131523] ? __virt_addr_valid+0x1db/0x2d0 [ 15.131546] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.131569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.131594] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.131617] kasan_report+0x141/0x180 [ 15.131669] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.131697] __asan_report_load4_noabort+0x18/0x20 [ 15.131739] kasan_atomics_helper+0x4b54/0x5450 [ 15.131763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.131787] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.131813] ? kasan_atomics+0x152/0x310 [ 15.131841] kasan_atomics+0x1dc/0x310 [ 15.131864] ? __pfx_kasan_atomics+0x10/0x10 [ 15.131887] ? trace_hardirqs_on+0x37/0xe0 [ 15.131912] ? __pfx_read_tsc+0x10/0x10 [ 15.131934] ? ktime_get_ts64+0x86/0x230 [ 15.131959] kunit_try_run_case+0x1a5/0x480 [ 15.131985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.132017] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.132045] ? __kthread_parkme+0x82/0x180 [ 15.132066] ? preempt_count_sub+0x50/0x80 [ 15.132090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.132116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.132142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.132169] kthread+0x337/0x6f0 [ 15.132189] ? trace_preempt_on+0x20/0xc0 [ 15.132212] ? __pfx_kthread+0x10/0x10 [ 15.132234] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.132257] ? calculate_sigpending+0x7b/0xa0 [ 15.132283] ? __pfx_kthread+0x10/0x10 [ 15.132305] ret_from_fork+0x116/0x1d0 [ 15.132331] ? __pfx_kthread+0x10/0x10 [ 15.132352] ret_from_fork_asm+0x1a/0x30 [ 15.132384] </TASK> [ 15.132395] [ 15.147084] Allocated by task 282: [ 15.147450] kasan_save_stack+0x45/0x70 [ 15.147841] kasan_save_track+0x18/0x40 [ 15.148261] kasan_save_alloc_info+0x3b/0x50 [ 15.148719] __kasan_kmalloc+0xb7/0xc0 [ 15.148889] __kmalloc_cache_noprof+0x189/0x420 [ 15.149069] kasan_atomics+0x95/0x310 [ 15.149485] kunit_try_run_case+0x1a5/0x480 [ 15.149897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.150558] kthread+0x337/0x6f0 [ 15.150923] ret_from_fork+0x116/0x1d0 [ 15.151261] ret_from_fork_asm+0x1a/0x30 [ 15.151405] [ 15.151477] The buggy address belongs to the object at ffff8881038e3c00 [ 15.151477] which belongs to the cache kmalloc-64 of size 64 [ 15.151848] The buggy address is located 0 bytes to the right of [ 15.151848] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.152476] [ 15.152549] The buggy address belongs to the physical page: [ 15.152785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.153181] flags: 0x200000000000000(node=0|zone=2) [ 15.153438] page_type: f5(slab) [ 15.153679] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.153939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.154557] page dumped because: kasan: bad access detected [ 15.154821] [ 15.154959] Memory state around the buggy address: [ 15.155186] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.155559] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.155829] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.156153] ^ [ 15.156409] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.156772] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157051] ================================================================== [ 15.018967] ================================================================== [ 15.019428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.019904] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.020582] [ 15.020714] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.020761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.020797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.020882] Call Trace: [ 15.020896] <TASK> [ 15.020913] dump_stack_lvl+0x73/0xb0 [ 15.020946] print_report+0xd1/0x650 [ 15.020968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.020993] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.021014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.021037] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.021227] kasan_report+0x141/0x180 [ 15.021251] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.021279] __asan_report_store4_noabort+0x1b/0x30 [ 15.021305] kasan_atomics_helper+0x4ba2/0x5450 [ 15.021328] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.021351] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.021377] ? kasan_atomics+0x152/0x310 [ 15.021404] kasan_atomics+0x1dc/0x310 [ 15.021426] ? __pfx_kasan_atomics+0x10/0x10 [ 15.021448] ? trace_hardirqs_on+0x37/0xe0 [ 15.021473] ? __pfx_read_tsc+0x10/0x10 [ 15.021496] ? ktime_get_ts64+0x86/0x230 [ 15.021521] kunit_try_run_case+0x1a5/0x480 [ 15.021546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.021571] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.021598] ? __kthread_parkme+0x82/0x180 [ 15.021619] ? preempt_count_sub+0x50/0x80 [ 15.021644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.021668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.021694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.021733] kthread+0x337/0x6f0 [ 15.021752] ? trace_preempt_on+0x20/0xc0 [ 15.021775] ? __pfx_kthread+0x10/0x10 [ 15.021795] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.021817] ? calculate_sigpending+0x7b/0xa0 [ 15.021841] ? __pfx_kthread+0x10/0x10 [ 15.021863] ret_from_fork+0x116/0x1d0 [ 15.021881] ? __pfx_kthread+0x10/0x10 [ 15.021902] ret_from_fork_asm+0x1a/0x30 [ 15.021933] </TASK> [ 15.021944] [ 15.033868] Allocated by task 282: [ 15.034414] kasan_save_stack+0x45/0x70 [ 15.034630] kasan_save_track+0x18/0x40 [ 15.034825] kasan_save_alloc_info+0x3b/0x50 [ 15.035169] __kasan_kmalloc+0xb7/0xc0 [ 15.035516] __kmalloc_cache_noprof+0x189/0x420 [ 15.035764] kasan_atomics+0x95/0x310 [ 15.036145] kunit_try_run_case+0x1a5/0x480 [ 15.036326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.036742] kthread+0x337/0x6f0 [ 15.036929] ret_from_fork+0x116/0x1d0 [ 15.037391] ret_from_fork_asm+0x1a/0x30 [ 15.037589] [ 15.037669] The buggy address belongs to the object at ffff8881038e3c00 [ 15.037669] which belongs to the cache kmalloc-64 of size 64 [ 15.038312] The buggy address is located 0 bytes to the right of [ 15.038312] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.039364] [ 15.039712] The buggy address belongs to the physical page: [ 15.039961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.040483] flags: 0x200000000000000(node=0|zone=2) [ 15.040742] page_type: f5(slab) [ 15.040916] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.041552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.041910] page dumped because: kasan: bad access detected [ 15.042616] [ 15.042730] Memory state around the buggy address: [ 15.042926] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.043503] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.044004] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.044366] ^ [ 15.044597] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.044909] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.045498] ================================================================== [ 15.280456] ================================================================== [ 15.281080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.281424] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.281761] [ 15.281869] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.281910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.281923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.281944] Call Trace: [ 15.281958] <TASK> [ 15.281974] dump_stack_lvl+0x73/0xb0 [ 15.282003] print_report+0xd1/0x650 [ 15.282086] ? __virt_addr_valid+0x1db/0x2d0 [ 15.282115] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.282137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.282162] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.282186] kasan_report+0x141/0x180 [ 15.282209] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.282236] kasan_check_range+0x10c/0x1c0 [ 15.282262] __kasan_check_write+0x18/0x20 [ 15.282283] kasan_atomics_helper+0x7c7/0x5450 [ 15.282306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.282331] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.282358] ? kasan_atomics+0x152/0x310 [ 15.282386] kasan_atomics+0x1dc/0x310 [ 15.282409] ? __pfx_kasan_atomics+0x10/0x10 [ 15.282433] ? trace_hardirqs_on+0x37/0xe0 [ 15.282457] ? __pfx_read_tsc+0x10/0x10 [ 15.282478] ? ktime_get_ts64+0x86/0x230 [ 15.282502] kunit_try_run_case+0x1a5/0x480 [ 15.282527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282553] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.282580] ? __kthread_parkme+0x82/0x180 [ 15.282601] ? preempt_count_sub+0x50/0x80 [ 15.282625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.282677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.282714] kthread+0x337/0x6f0 [ 15.282735] ? trace_preempt_on+0x20/0xc0 [ 15.282757] ? __pfx_kthread+0x10/0x10 [ 15.282780] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.282802] ? calculate_sigpending+0x7b/0xa0 [ 15.282827] ? __pfx_kthread+0x10/0x10 [ 15.282850] ret_from_fork+0x116/0x1d0 [ 15.282869] ? __pfx_kthread+0x10/0x10 [ 15.282891] ret_from_fork_asm+0x1a/0x30 [ 15.282922] </TASK> [ 15.282934] [ 15.290594] Allocated by task 282: [ 15.290782] kasan_save_stack+0x45/0x70 [ 15.290961] kasan_save_track+0x18/0x40 [ 15.291201] kasan_save_alloc_info+0x3b/0x50 [ 15.291387] __kasan_kmalloc+0xb7/0xc0 [ 15.291521] __kmalloc_cache_noprof+0x189/0x420 [ 15.291678] kasan_atomics+0x95/0x310 [ 15.291858] kunit_try_run_case+0x1a5/0x480 [ 15.292065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292455] kthread+0x337/0x6f0 [ 15.292779] ret_from_fork+0x116/0x1d0 [ 15.292948] ret_from_fork_asm+0x1a/0x30 [ 15.293191] [ 15.293282] The buggy address belongs to the object at ffff8881038e3c00 [ 15.293282] which belongs to the cache kmalloc-64 of size 64 [ 15.293698] The buggy address is located 0 bytes to the right of [ 15.293698] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.294070] [ 15.294164] The buggy address belongs to the physical page: [ 15.294422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.295001] flags: 0x200000000000000(node=0|zone=2) [ 15.295391] page_type: f5(slab) [ 15.295513] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.295757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.295983] page dumped because: kasan: bad access detected [ 15.296153] [ 15.296352] Memory state around the buggy address: [ 15.296584] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.296915] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.297234] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.297712] ^ [ 15.298012] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298569] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298881] ================================================================== [ 15.318652] ================================================================== [ 15.318999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.319446] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.319807] [ 15.319920] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.319962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.320006] Call Trace: [ 15.320020] <TASK> [ 15.320034] dump_stack_lvl+0x73/0xb0 [ 15.320075] print_report+0xd1/0x650 [ 15.320245] ? __virt_addr_valid+0x1db/0x2d0 [ 15.320270] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.320292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.320323] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.320346] kasan_report+0x141/0x180 [ 15.320369] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.320409] kasan_check_range+0x10c/0x1c0 [ 15.320434] __kasan_check_write+0x18/0x20 [ 15.320455] kasan_atomics_helper+0x8f9/0x5450 [ 15.320491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.320515] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.320541] ? kasan_atomics+0x152/0x310 [ 15.320569] kasan_atomics+0x1dc/0x310 [ 15.320593] ? __pfx_kasan_atomics+0x10/0x10 [ 15.320616] ? trace_hardirqs_on+0x37/0xe0 [ 15.320641] ? __pfx_read_tsc+0x10/0x10 [ 15.320663] ? ktime_get_ts64+0x86/0x230 [ 15.320688] kunit_try_run_case+0x1a5/0x480 [ 15.320740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320767] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.320793] ? __kthread_parkme+0x82/0x180 [ 15.320816] ? preempt_count_sub+0x50/0x80 [ 15.320840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.320927] kthread+0x337/0x6f0 [ 15.320958] ? trace_preempt_on+0x20/0xc0 [ 15.320981] ? __pfx_kthread+0x10/0x10 [ 15.321003] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.321025] ? calculate_sigpending+0x7b/0xa0 [ 15.321097] ? __pfx_kthread+0x10/0x10 [ 15.321119] ret_from_fork+0x116/0x1d0 [ 15.321139] ? __pfx_kthread+0x10/0x10 [ 15.321204] ret_from_fork_asm+0x1a/0x30 [ 15.321237] </TASK> [ 15.321248] [ 15.329809] Allocated by task 282: [ 15.329942] kasan_save_stack+0x45/0x70 [ 15.330089] kasan_save_track+0x18/0x40 [ 15.330512] kasan_save_alloc_info+0x3b/0x50 [ 15.330970] __kasan_kmalloc+0xb7/0xc0 [ 15.331314] __kmalloc_cache_noprof+0x189/0x420 [ 15.331779] kasan_atomics+0x95/0x310 [ 15.332068] kunit_try_run_case+0x1a5/0x480 [ 15.332575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.332775] kthread+0x337/0x6f0 [ 15.332901] ret_from_fork+0x116/0x1d0 [ 15.333253] ret_from_fork_asm+0x1a/0x30 [ 15.333629] [ 15.333783] The buggy address belongs to the object at ffff8881038e3c00 [ 15.333783] which belongs to the cache kmalloc-64 of size 64 [ 15.334551] The buggy address is located 0 bytes to the right of [ 15.334551] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.335173] [ 15.335289] The buggy address belongs to the physical page: [ 15.335507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.335758] flags: 0x200000000000000(node=0|zone=2) [ 15.335993] page_type: f5(slab) [ 15.336476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.336838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.337071] page dumped because: kasan: bad access detected [ 15.337307] [ 15.337509] Memory state around the buggy address: [ 15.337810] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.338138] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.338541] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.338888] ^ [ 15.339174] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339405] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339741] ================================================================== [ 15.073116] ================================================================== [ 15.073763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.074475] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.074847] [ 15.075226] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.075271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.075283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.075304] Call Trace: [ 15.075317] <TASK> [ 15.075480] dump_stack_lvl+0x73/0xb0 [ 15.075516] print_report+0xd1/0x650 [ 15.075652] ? __virt_addr_valid+0x1db/0x2d0 [ 15.075677] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.075732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.075758] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.075782] kasan_report+0x141/0x180 [ 15.075805] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.075834] __asan_report_store4_noabort+0x1b/0x30 [ 15.075860] kasan_atomics_helper+0x4b6e/0x5450 [ 15.075885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.075909] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.075935] ? kasan_atomics+0x152/0x310 [ 15.075962] kasan_atomics+0x1dc/0x310 [ 15.075986] ? __pfx_kasan_atomics+0x10/0x10 [ 15.076010] ? trace_hardirqs_on+0x37/0xe0 [ 15.076099] ? __pfx_read_tsc+0x10/0x10 [ 15.076124] ? ktime_get_ts64+0x86/0x230 [ 15.076150] kunit_try_run_case+0x1a5/0x480 [ 15.076176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.076202] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.076230] ? __kthread_parkme+0x82/0x180 [ 15.076251] ? preempt_count_sub+0x50/0x80 [ 15.076277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.076302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.076336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.076363] kthread+0x337/0x6f0 [ 15.076383] ? trace_preempt_on+0x20/0xc0 [ 15.076407] ? __pfx_kthread+0x10/0x10 [ 15.076428] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.076451] ? calculate_sigpending+0x7b/0xa0 [ 15.076476] ? __pfx_kthread+0x10/0x10 [ 15.076499] ret_from_fork+0x116/0x1d0 [ 15.076519] ? __pfx_kthread+0x10/0x10 [ 15.076540] ret_from_fork_asm+0x1a/0x30 [ 15.076573] </TASK> [ 15.076584] [ 15.088259] Allocated by task 282: [ 15.088633] kasan_save_stack+0x45/0x70 [ 15.088859] kasan_save_track+0x18/0x40 [ 15.089188] kasan_save_alloc_info+0x3b/0x50 [ 15.089428] __kasan_kmalloc+0xb7/0xc0 [ 15.089771] __kmalloc_cache_noprof+0x189/0x420 [ 15.090083] kasan_atomics+0x95/0x310 [ 15.090439] kunit_try_run_case+0x1a5/0x480 [ 15.090626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090868] kthread+0x337/0x6f0 [ 15.091407] ret_from_fork+0x116/0x1d0 [ 15.091613] ret_from_fork_asm+0x1a/0x30 [ 15.091880] [ 15.091988] The buggy address belongs to the object at ffff8881038e3c00 [ 15.091988] which belongs to the cache kmalloc-64 of size 64 [ 15.092948] The buggy address is located 0 bytes to the right of [ 15.092948] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.093748] [ 15.094055] The buggy address belongs to the physical page: [ 15.094422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.095013] flags: 0x200000000000000(node=0|zone=2) [ 15.095431] page_type: f5(slab) [ 15.095600] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.096024] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.096386] page dumped because: kasan: bad access detected [ 15.096633] [ 15.096735] Memory state around the buggy address: [ 15.096955] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.097662] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.097975] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.098796] ^ [ 15.099017] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.099559] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.099990] ================================================================== [ 15.510827] ================================================================== [ 15.511521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.511987] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.512669] [ 15.513024] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.513153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.513167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.513189] Call Trace: [ 15.513208] <TASK> [ 15.513225] dump_stack_lvl+0x73/0xb0 [ 15.513258] print_report+0xd1/0x650 [ 15.513281] ? __virt_addr_valid+0x1db/0x2d0 [ 15.513305] ? kasan_atomics_helper+0xde0/0x5450 [ 15.513329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.513354] ? kasan_atomics_helper+0xde0/0x5450 [ 15.513378] kasan_report+0x141/0x180 [ 15.513401] ? kasan_atomics_helper+0xde0/0x5450 [ 15.513429] kasan_check_range+0x10c/0x1c0 [ 15.513455] __kasan_check_write+0x18/0x20 [ 15.513475] kasan_atomics_helper+0xde0/0x5450 [ 15.513499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.513523] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.513550] ? kasan_atomics+0x152/0x310 [ 15.513578] kasan_atomics+0x1dc/0x310 [ 15.513602] ? __pfx_kasan_atomics+0x10/0x10 [ 15.513626] ? trace_hardirqs_on+0x37/0xe0 [ 15.513652] ? __pfx_read_tsc+0x10/0x10 [ 15.513674] ? ktime_get_ts64+0x86/0x230 [ 15.513699] kunit_try_run_case+0x1a5/0x480 [ 15.513742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.513769] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.513797] ? __kthread_parkme+0x82/0x180 [ 15.513819] ? preempt_count_sub+0x50/0x80 [ 15.513844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.513871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.513896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.513923] kthread+0x337/0x6f0 [ 15.513943] ? trace_preempt_on+0x20/0xc0 [ 15.513967] ? __pfx_kthread+0x10/0x10 [ 15.513989] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.514012] ? calculate_sigpending+0x7b/0xa0 [ 15.514177] ? __pfx_kthread+0x10/0x10 [ 15.514202] ret_from_fork+0x116/0x1d0 [ 15.514224] ? __pfx_kthread+0x10/0x10 [ 15.514246] ret_from_fork_asm+0x1a/0x30 [ 15.514278] </TASK> [ 15.514291] [ 15.523530] Allocated by task 282: [ 15.523658] kasan_save_stack+0x45/0x70 [ 15.523813] kasan_save_track+0x18/0x40 [ 15.524019] kasan_save_alloc_info+0x3b/0x50 [ 15.524330] __kasan_kmalloc+0xb7/0xc0 [ 15.524521] __kmalloc_cache_noprof+0x189/0x420 [ 15.524791] kasan_atomics+0x95/0x310 [ 15.525074] kunit_try_run_case+0x1a5/0x480 [ 15.525307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.525540] kthread+0x337/0x6f0 [ 15.525725] ret_from_fork+0x116/0x1d0 [ 15.525932] ret_from_fork_asm+0x1a/0x30 [ 15.526266] [ 15.526376] The buggy address belongs to the object at ffff8881038e3c00 [ 15.526376] which belongs to the cache kmalloc-64 of size 64 [ 15.526777] The buggy address is located 0 bytes to the right of [ 15.526777] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.527620] [ 15.527884] The buggy address belongs to the physical page: [ 15.528202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.528588] flags: 0x200000000000000(node=0|zone=2) [ 15.528853] page_type: f5(slab) [ 15.529023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.529373] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.529684] page dumped because: kasan: bad access detected [ 15.529984] [ 15.530328] Memory state around the buggy address: [ 15.530523] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.530759] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.531089] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.531615] ^ [ 15.531887] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532254] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532609] ================================================================== [ 16.002834] ================================================================== [ 16.003476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.003730] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.004055] [ 16.004190] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.004233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.004246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.004266] Call Trace: [ 16.004281] <TASK> [ 16.004296] dump_stack_lvl+0x73/0xb0 [ 16.004330] print_report+0xd1/0x650 [ 16.004353] ? __virt_addr_valid+0x1db/0x2d0 [ 16.004388] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.004436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.004461] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.004518] kasan_report+0x141/0x180 [ 16.004541] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.004568] kasan_check_range+0x10c/0x1c0 [ 16.004605] __kasan_check_write+0x18/0x20 [ 16.004626] kasan_atomics_helper+0x16e7/0x5450 [ 16.004650] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.004685] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.004811] ? kasan_atomics+0x152/0x310 [ 16.004840] kasan_atomics+0x1dc/0x310 [ 16.004864] ? __pfx_kasan_atomics+0x10/0x10 [ 16.004889] ? trace_hardirqs_on+0x37/0xe0 [ 16.004914] ? __pfx_read_tsc+0x10/0x10 [ 16.004936] ? ktime_get_ts64+0x86/0x230 [ 16.004961] kunit_try_run_case+0x1a5/0x480 [ 16.004987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.005106] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.005135] ? __kthread_parkme+0x82/0x180 [ 16.005157] ? preempt_count_sub+0x50/0x80 [ 16.005182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.005208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.005235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.005262] kthread+0x337/0x6f0 [ 16.005282] ? trace_preempt_on+0x20/0xc0 [ 16.005305] ? __pfx_kthread+0x10/0x10 [ 16.005327] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.005349] ? calculate_sigpending+0x7b/0xa0 [ 16.005375] ? __pfx_kthread+0x10/0x10 [ 16.005398] ret_from_fork+0x116/0x1d0 [ 16.005417] ? __pfx_kthread+0x10/0x10 [ 16.005439] ret_from_fork_asm+0x1a/0x30 [ 16.005472] </TASK> [ 16.005483] [ 16.013087] Allocated by task 282: [ 16.013253] kasan_save_stack+0x45/0x70 [ 16.013433] kasan_save_track+0x18/0x40 [ 16.013570] kasan_save_alloc_info+0x3b/0x50 [ 16.013773] __kasan_kmalloc+0xb7/0xc0 [ 16.013963] __kmalloc_cache_noprof+0x189/0x420 [ 16.014183] kasan_atomics+0x95/0x310 [ 16.014356] kunit_try_run_case+0x1a5/0x480 [ 16.014504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.014959] kthread+0x337/0x6f0 [ 16.015246] ret_from_fork+0x116/0x1d0 [ 16.015387] ret_from_fork_asm+0x1a/0x30 [ 16.015528] [ 16.015600] The buggy address belongs to the object at ffff8881038e3c00 [ 16.015600] which belongs to the cache kmalloc-64 of size 64 [ 16.016028] The buggy address is located 0 bytes to the right of [ 16.016028] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.016801] [ 16.016885] The buggy address belongs to the physical page: [ 16.017107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.017347] flags: 0x200000000000000(node=0|zone=2) [ 16.017510] page_type: f5(slab) [ 16.017632] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.017909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.018252] page dumped because: kasan: bad access detected [ 16.018508] [ 16.018622] Memory state around the buggy address: [ 16.019031] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.019364] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.019646] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.019994] ^ [ 16.020247] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.020472] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.020685] ================================================================== [ 16.275741] ================================================================== [ 16.276327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.276616] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.276850] [ 16.276934] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.276976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.276989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.277009] Call Trace: [ 16.277023] <TASK> [ 16.277038] dump_stack_lvl+0x73/0xb0 [ 16.277066] print_report+0xd1/0x650 [ 16.277089] ? __virt_addr_valid+0x1db/0x2d0 [ 16.277112] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.277134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.277158] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.277181] kasan_report+0x141/0x180 [ 16.277204] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.277232] kasan_check_range+0x10c/0x1c0 [ 16.277256] __kasan_check_write+0x18/0x20 [ 16.277277] kasan_atomics_helper+0x1f43/0x5450 [ 16.277300] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.277324] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.277350] ? kasan_atomics+0x152/0x310 [ 16.277378] kasan_atomics+0x1dc/0x310 [ 16.277428] ? __pfx_kasan_atomics+0x10/0x10 [ 16.277452] ? trace_hardirqs_on+0x37/0xe0 [ 16.277476] ? __pfx_read_tsc+0x10/0x10 [ 16.277498] ? ktime_get_ts64+0x86/0x230 [ 16.277523] kunit_try_run_case+0x1a5/0x480 [ 16.277548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277575] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.277601] ? __kthread_parkme+0x82/0x180 [ 16.277623] ? preempt_count_sub+0x50/0x80 [ 16.277647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.277699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.277735] kthread+0x337/0x6f0 [ 16.277755] ? trace_preempt_on+0x20/0xc0 [ 16.277778] ? __pfx_kthread+0x10/0x10 [ 16.277799] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.277823] ? calculate_sigpending+0x7b/0xa0 [ 16.277848] ? __pfx_kthread+0x10/0x10 [ 16.277870] ret_from_fork+0x116/0x1d0 [ 16.277890] ? __pfx_kthread+0x10/0x10 [ 16.277929] ret_from_fork_asm+0x1a/0x30 [ 16.277960] </TASK> [ 16.277971] [ 16.285684] Allocated by task 282: [ 16.285824] kasan_save_stack+0x45/0x70 [ 16.285972] kasan_save_track+0x18/0x40 [ 16.286357] kasan_save_alloc_info+0x3b/0x50 [ 16.286571] __kasan_kmalloc+0xb7/0xc0 [ 16.286771] __kmalloc_cache_noprof+0x189/0x420 [ 16.286994] kasan_atomics+0x95/0x310 [ 16.287214] kunit_try_run_case+0x1a5/0x480 [ 16.287362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.287577] kthread+0x337/0x6f0 [ 16.287756] ret_from_fork+0x116/0x1d0 [ 16.287958] ret_from_fork_asm+0x1a/0x30 [ 16.288283] [ 16.288372] The buggy address belongs to the object at ffff8881038e3c00 [ 16.288372] which belongs to the cache kmalloc-64 of size 64 [ 16.288735] The buggy address is located 0 bytes to the right of [ 16.288735] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.289136] [ 16.289232] The buggy address belongs to the physical page: [ 16.289486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.289854] flags: 0x200000000000000(node=0|zone=2) [ 16.290018] page_type: f5(slab) [ 16.290137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.290756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.291074] page dumped because: kasan: bad access detected [ 16.291323] [ 16.291410] Memory state around the buggy address: [ 16.291567] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.291859] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.292151] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.292475] ^ [ 16.292728] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.293022] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.293284] ================================================================== [ 15.403444] ================================================================== [ 15.403685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.404031] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.404291] [ 15.404484] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.404530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.404563] Call Trace: [ 15.404577] <TASK> [ 15.404592] dump_stack_lvl+0x73/0xb0 [ 15.404622] print_report+0xd1/0x650 [ 15.404645] ? __virt_addr_valid+0x1db/0x2d0 [ 15.404668] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.404725] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404748] kasan_report+0x141/0x180 [ 15.404770] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404798] kasan_check_range+0x10c/0x1c0 [ 15.404822] __kasan_check_write+0x18/0x20 [ 15.404842] kasan_atomics_helper+0xb6a/0x5450 [ 15.404866] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.404890] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.404917] ? kasan_atomics+0x152/0x310 [ 15.404944] kasan_atomics+0x1dc/0x310 [ 15.404968] ? __pfx_kasan_atomics+0x10/0x10 [ 15.404992] ? trace_hardirqs_on+0x37/0xe0 [ 15.405017] ? __pfx_read_tsc+0x10/0x10 [ 15.405100] ? ktime_get_ts64+0x86/0x230 [ 15.405133] kunit_try_run_case+0x1a5/0x480 [ 15.405158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.405184] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.405212] ? __kthread_parkme+0x82/0x180 [ 15.405234] ? preempt_count_sub+0x50/0x80 [ 15.405260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.405287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.405314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.405341] kthread+0x337/0x6f0 [ 15.405361] ? trace_preempt_on+0x20/0xc0 [ 15.405385] ? __pfx_kthread+0x10/0x10 [ 15.405407] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.405430] ? calculate_sigpending+0x7b/0xa0 [ 15.405455] ? __pfx_kthread+0x10/0x10 [ 15.405478] ret_from_fork+0x116/0x1d0 [ 15.405497] ? __pfx_kthread+0x10/0x10 [ 15.405519] ret_from_fork_asm+0x1a/0x30 [ 15.405552] </TASK> [ 15.405563] [ 15.413885] Allocated by task 282: [ 15.414063] kasan_save_stack+0x45/0x70 [ 15.414267] kasan_save_track+0x18/0x40 [ 15.414623] kasan_save_alloc_info+0x3b/0x50 [ 15.414804] __kasan_kmalloc+0xb7/0xc0 [ 15.415241] __kmalloc_cache_noprof+0x189/0x420 [ 15.415604] kasan_atomics+0x95/0x310 [ 15.415771] kunit_try_run_case+0x1a5/0x480 [ 15.416013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.416259] kthread+0x337/0x6f0 [ 15.416583] ret_from_fork+0x116/0x1d0 [ 15.416761] ret_from_fork_asm+0x1a/0x30 [ 15.416978] [ 15.417162] The buggy address belongs to the object at ffff8881038e3c00 [ 15.417162] which belongs to the cache kmalloc-64 of size 64 [ 15.417644] The buggy address is located 0 bytes to the right of [ 15.417644] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.418070] [ 15.418142] The buggy address belongs to the physical page: [ 15.418314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.418612] flags: 0x200000000000000(node=0|zone=2) [ 15.418948] page_type: f5(slab) [ 15.419119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.419466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.419690] page dumped because: kasan: bad access detected [ 15.419870] [ 15.419940] Memory state around the buggy address: [ 15.420505] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.420863] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.421402] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.422020] ^ [ 15.422270] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.422488] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.422863] ================================================================== [ 15.887330] ================================================================== [ 15.887643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.887960] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.888269] [ 15.888364] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.888403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.888416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.888436] Call Trace: [ 15.888449] <TASK> [ 15.888463] dump_stack_lvl+0x73/0xb0 [ 15.888492] print_report+0xd1/0x650 [ 15.888515] ? __virt_addr_valid+0x1db/0x2d0 [ 15.888538] ? kasan_atomics_helper+0x1467/0x5450 [ 15.888561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.888586] ? kasan_atomics_helper+0x1467/0x5450 [ 15.888609] kasan_report+0x141/0x180 [ 15.888632] ? kasan_atomics_helper+0x1467/0x5450 [ 15.888660] kasan_check_range+0x10c/0x1c0 [ 15.888685] __kasan_check_write+0x18/0x20 [ 15.888716] kasan_atomics_helper+0x1467/0x5450 [ 15.888741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.888765] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.888792] ? kasan_atomics+0x152/0x310 [ 15.888819] kasan_atomics+0x1dc/0x310 [ 15.888843] ? __pfx_kasan_atomics+0x10/0x10 [ 15.888869] ? trace_hardirqs_on+0x37/0xe0 [ 15.888893] ? __pfx_read_tsc+0x10/0x10 [ 15.888915] ? ktime_get_ts64+0x86/0x230 [ 15.888940] kunit_try_run_case+0x1a5/0x480 [ 15.888965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.888992] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.889019] ? __kthread_parkme+0x82/0x180 [ 15.889062] ? preempt_count_sub+0x50/0x80 [ 15.889087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.889113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.889139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.889166] kthread+0x337/0x6f0 [ 15.889185] ? trace_preempt_on+0x20/0xc0 [ 15.889209] ? __pfx_kthread+0x10/0x10 [ 15.889230] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.889253] ? calculate_sigpending+0x7b/0xa0 [ 15.889278] ? __pfx_kthread+0x10/0x10 [ 15.889301] ret_from_fork+0x116/0x1d0 [ 15.889320] ? __pfx_kthread+0x10/0x10 [ 15.889342] ret_from_fork_asm+0x1a/0x30 [ 15.889374] </TASK> [ 15.889384] [ 15.896440] Allocated by task 282: [ 15.896621] kasan_save_stack+0x45/0x70 [ 15.896831] kasan_save_track+0x18/0x40 [ 15.897015] kasan_save_alloc_info+0x3b/0x50 [ 15.897224] __kasan_kmalloc+0xb7/0xc0 [ 15.897413] __kmalloc_cache_noprof+0x189/0x420 [ 15.897622] kasan_atomics+0x95/0x310 [ 15.897818] kunit_try_run_case+0x1a5/0x480 [ 15.898007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.898249] kthread+0x337/0x6f0 [ 15.898394] ret_from_fork+0x116/0x1d0 [ 15.898551] ret_from_fork_asm+0x1a/0x30 [ 15.898751] [ 15.898825] The buggy address belongs to the object at ffff8881038e3c00 [ 15.898825] which belongs to the cache kmalloc-64 of size 64 [ 15.899211] The buggy address is located 0 bytes to the right of [ 15.899211] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.899773] [ 15.899869] The buggy address belongs to the physical page: [ 15.900129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.900483] flags: 0x200000000000000(node=0|zone=2) [ 15.900675] page_type: f5(slab) [ 15.900863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.901192] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.901465] page dumped because: kasan: bad access detected [ 15.901636] [ 15.901737] Memory state around the buggy address: [ 15.901967] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.902324] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.902648] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.902883] ^ [ 15.903139] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903435] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903727] ================================================================== [ 16.110493] ================================================================== [ 16.110887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.111275] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.111552] [ 16.111638] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.111679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.111692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.111723] Call Trace: [ 16.111737] <TASK> [ 16.111752] dump_stack_lvl+0x73/0xb0 [ 16.111781] print_report+0xd1/0x650 [ 16.111804] ? __virt_addr_valid+0x1db/0x2d0 [ 16.111828] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.111850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.111874] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.111897] kasan_report+0x141/0x180 [ 16.111920] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.111947] kasan_check_range+0x10c/0x1c0 [ 16.111972] __kasan_check_write+0x18/0x20 [ 16.111992] kasan_atomics_helper+0x1a7f/0x5450 [ 16.112016] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.112041] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.112067] ? kasan_atomics+0x152/0x310 [ 16.112095] kasan_atomics+0x1dc/0x310 [ 16.112118] ? __pfx_kasan_atomics+0x10/0x10 [ 16.112165] ? trace_hardirqs_on+0x37/0xe0 [ 16.112189] ? __pfx_read_tsc+0x10/0x10 [ 16.112213] ? ktime_get_ts64+0x86/0x230 [ 16.112238] kunit_try_run_case+0x1a5/0x480 [ 16.112285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112312] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.112342] ? __kthread_parkme+0x82/0x180 [ 16.112363] ? preempt_count_sub+0x50/0x80 [ 16.112388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.112466] kthread+0x337/0x6f0 [ 16.112486] ? trace_preempt_on+0x20/0xc0 [ 16.112509] ? __pfx_kthread+0x10/0x10 [ 16.112531] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.112553] ? calculate_sigpending+0x7b/0xa0 [ 16.112578] ? __pfx_kthread+0x10/0x10 [ 16.112600] ret_from_fork+0x116/0x1d0 [ 16.112620] ? __pfx_kthread+0x10/0x10 [ 16.112641] ret_from_fork_asm+0x1a/0x30 [ 16.112673] </TASK> [ 16.112684] [ 16.120401] Allocated by task 282: [ 16.120562] kasan_save_stack+0x45/0x70 [ 16.120754] kasan_save_track+0x18/0x40 [ 16.120943] kasan_save_alloc_info+0x3b/0x50 [ 16.121179] __kasan_kmalloc+0xb7/0xc0 [ 16.121314] __kmalloc_cache_noprof+0x189/0x420 [ 16.121727] kasan_atomics+0x95/0x310 [ 16.121928] kunit_try_run_case+0x1a5/0x480 [ 16.122152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.122362] kthread+0x337/0x6f0 [ 16.122534] ret_from_fork+0x116/0x1d0 [ 16.122731] ret_from_fork_asm+0x1a/0x30 [ 16.122872] [ 16.122943] The buggy address belongs to the object at ffff8881038e3c00 [ 16.122943] which belongs to the cache kmalloc-64 of size 64 [ 16.123293] The buggy address is located 0 bytes to the right of [ 16.123293] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.123820] [ 16.123942] The buggy address belongs to the physical page: [ 16.124232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.124544] flags: 0x200000000000000(node=0|zone=2) [ 16.124717] page_type: f5(slab) [ 16.124839] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.125119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.125455] page dumped because: kasan: bad access detected [ 16.125722] [ 16.125818] Memory state around the buggy address: [ 16.125999] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126459] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126778] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.127003] ^ [ 16.127177] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127509] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127810] ================================================================== [ 16.147396] ================================================================== [ 16.147742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.148176] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.148746] [ 16.148957] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.149005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.149019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.149050] Call Trace: [ 16.149064] <TASK> [ 16.149079] dump_stack_lvl+0x73/0xb0 [ 16.149111] print_report+0xd1/0x650 [ 16.149134] ? __virt_addr_valid+0x1db/0x2d0 [ 16.149158] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.149181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.149206] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.149230] kasan_report+0x141/0x180 [ 16.149252] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.149281] kasan_check_range+0x10c/0x1c0 [ 16.149305] __kasan_check_write+0x18/0x20 [ 16.149325] kasan_atomics_helper+0x1c18/0x5450 [ 16.149349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.149373] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.149400] ? kasan_atomics+0x152/0x310 [ 16.149427] kasan_atomics+0x1dc/0x310 [ 16.149450] ? __pfx_kasan_atomics+0x10/0x10 [ 16.149473] ? trace_hardirqs_on+0x37/0xe0 [ 16.149497] ? __pfx_read_tsc+0x10/0x10 [ 16.149519] ? ktime_get_ts64+0x86/0x230 [ 16.149544] kunit_try_run_case+0x1a5/0x480 [ 16.149569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.149594] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.149621] ? __kthread_parkme+0x82/0x180 [ 16.149642] ? preempt_count_sub+0x50/0x80 [ 16.149667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.149692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.149728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.149754] kthread+0x337/0x6f0 [ 16.149775] ? trace_preempt_on+0x20/0xc0 [ 16.149798] ? __pfx_kthread+0x10/0x10 [ 16.149819] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.149842] ? calculate_sigpending+0x7b/0xa0 [ 16.149866] ? __pfx_kthread+0x10/0x10 [ 16.149889] ret_from_fork+0x116/0x1d0 [ 16.149908] ? __pfx_kthread+0x10/0x10 [ 16.149929] ret_from_fork_asm+0x1a/0x30 [ 16.149961] </TASK> [ 16.149972] [ 16.157438] Allocated by task 282: [ 16.157568] kasan_save_stack+0x45/0x70 [ 16.157723] kasan_save_track+0x18/0x40 [ 16.157916] kasan_save_alloc_info+0x3b/0x50 [ 16.158124] __kasan_kmalloc+0xb7/0xc0 [ 16.158311] __kmalloc_cache_noprof+0x189/0x420 [ 16.158519] kasan_atomics+0x95/0x310 [ 16.158653] kunit_try_run_case+0x1a5/0x480 [ 16.158862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.159194] kthread+0x337/0x6f0 [ 16.159369] ret_from_fork+0x116/0x1d0 [ 16.159520] ret_from_fork_asm+0x1a/0x30 [ 16.159710] [ 16.159810] The buggy address belongs to the object at ffff8881038e3c00 [ 16.159810] which belongs to the cache kmalloc-64 of size 64 [ 16.160260] The buggy address is located 0 bytes to the right of [ 16.160260] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.160764] [ 16.160861] The buggy address belongs to the physical page: [ 16.161139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.161378] flags: 0x200000000000000(node=0|zone=2) [ 16.161541] page_type: f5(slab) [ 16.161662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.162002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.162332] page dumped because: kasan: bad access detected [ 16.162624] [ 16.162783] Memory state around the buggy address: [ 16.162974] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.163190] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.163514] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.163843] ^ [ 16.164075] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.164406] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.164711] ================================================================== [ 15.451099] ================================================================== [ 15.451336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.451573] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.451819] [ 15.451990] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.452035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.452048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.452069] Call Trace: [ 15.452086] <TASK> [ 15.452104] dump_stack_lvl+0x73/0xb0 [ 15.452133] print_report+0xd1/0x650 [ 15.452155] ? __virt_addr_valid+0x1db/0x2d0 [ 15.452177] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.452198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.452221] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.452244] kasan_report+0x141/0x180 [ 15.452266] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.452293] __asan_report_load4_noabort+0x18/0x20 [ 15.452322] kasan_atomics_helper+0x4a84/0x5450 [ 15.452346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.452368] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.452393] ? kasan_atomics+0x152/0x310 [ 15.452419] kasan_atomics+0x1dc/0x310 [ 15.452442] ? __pfx_kasan_atomics+0x10/0x10 [ 15.452816] ? trace_hardirqs_on+0x37/0xe0 [ 15.452844] ? __pfx_read_tsc+0x10/0x10 [ 15.452867] ? ktime_get_ts64+0x86/0x230 [ 15.452892] kunit_try_run_case+0x1a5/0x480 [ 15.452918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.452945] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.452971] ? __kthread_parkme+0x82/0x180 [ 15.452993] ? preempt_count_sub+0x50/0x80 [ 15.453017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.453463] kthread+0x337/0x6f0 [ 15.453582] ? trace_preempt_on+0x20/0xc0 [ 15.453609] ? __pfx_kthread+0x10/0x10 [ 15.453630] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.453654] ? calculate_sigpending+0x7b/0xa0 [ 15.453679] ? __pfx_kthread+0x10/0x10 [ 15.453724] ret_from_fork+0x116/0x1d0 [ 15.453746] ? __pfx_kthread+0x10/0x10 [ 15.453768] ret_from_fork_asm+0x1a/0x30 [ 15.453800] </TASK> [ 15.453811] [ 15.468093] Allocated by task 282: [ 15.468532] kasan_save_stack+0x45/0x70 [ 15.468997] kasan_save_track+0x18/0x40 [ 15.469658] kasan_save_alloc_info+0x3b/0x50 [ 15.470235] __kasan_kmalloc+0xb7/0xc0 [ 15.470574] __kmalloc_cache_noprof+0x189/0x420 [ 15.470975] kasan_atomics+0x95/0x310 [ 15.471323] kunit_try_run_case+0x1a5/0x480 [ 15.471960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.472638] kthread+0x337/0x6f0 [ 15.473234] ret_from_fork+0x116/0x1d0 [ 15.473697] ret_from_fork_asm+0x1a/0x30 [ 15.474176] [ 15.474284] The buggy address belongs to the object at ffff8881038e3c00 [ 15.474284] which belongs to the cache kmalloc-64 of size 64 [ 15.475405] The buggy address is located 0 bytes to the right of [ 15.475405] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.475793] [ 15.475870] The buggy address belongs to the physical page: [ 15.476098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.477137] flags: 0x200000000000000(node=0|zone=2) [ 15.477695] page_type: f5(slab) [ 15.478050] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.478931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.479804] page dumped because: kasan: bad access detected [ 15.480405] [ 15.480678] Memory state around the buggy address: [ 15.481069] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.481792] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.482287] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.482516] ^ [ 15.482673] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.482966] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.483237] ================================================================== [ 15.100843] ================================================================== [ 15.101589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.101934] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.102343] [ 15.102867] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.102916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.102931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.102952] Call Trace: [ 15.102971] <TASK> [ 15.102988] dump_stack_lvl+0x73/0xb0 [ 15.103020] print_report+0xd1/0x650 [ 15.103042] ? __virt_addr_valid+0x1db/0x2d0 [ 15.103274] ? kasan_atomics_helper+0x3df/0x5450 [ 15.103300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.103326] ? kasan_atomics_helper+0x3df/0x5450 [ 15.103348] kasan_report+0x141/0x180 [ 15.103371] ? kasan_atomics_helper+0x3df/0x5450 [ 15.103399] kasan_check_range+0x10c/0x1c0 [ 15.103424] __kasan_check_read+0x15/0x20 [ 15.103444] kasan_atomics_helper+0x3df/0x5450 [ 15.103469] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.103493] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.103520] ? kasan_atomics+0x152/0x310 [ 15.103548] kasan_atomics+0x1dc/0x310 [ 15.103571] ? __pfx_kasan_atomics+0x10/0x10 [ 15.103595] ? trace_hardirqs_on+0x37/0xe0 [ 15.103620] ? __pfx_read_tsc+0x10/0x10 [ 15.103642] ? ktime_get_ts64+0x86/0x230 [ 15.103667] kunit_try_run_case+0x1a5/0x480 [ 15.103693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.103734] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.103762] ? __kthread_parkme+0x82/0x180 [ 15.103784] ? preempt_count_sub+0x50/0x80 [ 15.103809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.103836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.103861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.103888] kthread+0x337/0x6f0 [ 15.103908] ? trace_preempt_on+0x20/0xc0 [ 15.103931] ? __pfx_kthread+0x10/0x10 [ 15.103953] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.103975] ? calculate_sigpending+0x7b/0xa0 [ 15.104001] ? __pfx_kthread+0x10/0x10 [ 15.104046] ret_from_fork+0x116/0x1d0 [ 15.104128] ? __pfx_kthread+0x10/0x10 [ 15.104151] ret_from_fork_asm+0x1a/0x30 [ 15.104184] </TASK> [ 15.104196] [ 15.116895] Allocated by task 282: [ 15.117151] kasan_save_stack+0x45/0x70 [ 15.117362] kasan_save_track+0x18/0x40 [ 15.117557] kasan_save_alloc_info+0x3b/0x50 [ 15.117782] __kasan_kmalloc+0xb7/0xc0 [ 15.117968] __kmalloc_cache_noprof+0x189/0x420 [ 15.118487] kasan_atomics+0x95/0x310 [ 15.119001] kunit_try_run_case+0x1a5/0x480 [ 15.119168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119350] kthread+0x337/0x6f0 [ 15.119477] ret_from_fork+0x116/0x1d0 [ 15.119614] ret_from_fork_asm+0x1a/0x30 [ 15.119888] [ 15.119965] The buggy address belongs to the object at ffff8881038e3c00 [ 15.119965] which belongs to the cache kmalloc-64 of size 64 [ 15.121176] The buggy address is located 0 bytes to the right of [ 15.121176] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.122199] [ 15.122278] The buggy address belongs to the physical page: [ 15.122452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.123354] flags: 0x200000000000000(node=0|zone=2) [ 15.123894] page_type: f5(slab) [ 15.124262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.124854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.125668] page dumped because: kasan: bad access detected [ 15.125894] [ 15.125966] Memory state around the buggy address: [ 15.126507] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.127280] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.127801] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.128026] ^ [ 15.128181] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128403] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128617] ================================================================== [ 16.185901] ================================================================== [ 16.186612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.186947] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.187665] [ 16.188026] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.188080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.188115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.188137] Call Trace: [ 16.188152] <TASK> [ 16.188202] dump_stack_lvl+0x73/0xb0 [ 16.188234] print_report+0xd1/0x650 [ 16.188257] ? __virt_addr_valid+0x1db/0x2d0 [ 16.188281] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.188305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.188336] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.188360] kasan_report+0x141/0x180 [ 16.188384] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.188413] kasan_check_range+0x10c/0x1c0 [ 16.188438] __kasan_check_write+0x18/0x20 [ 16.188459] kasan_atomics_helper+0x1ce1/0x5450 [ 16.188484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.188508] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.188535] ? kasan_atomics+0x152/0x310 [ 16.188562] kasan_atomics+0x1dc/0x310 [ 16.188586] ? __pfx_kasan_atomics+0x10/0x10 [ 16.188609] ? trace_hardirqs_on+0x37/0xe0 [ 16.188633] ? __pfx_read_tsc+0x10/0x10 [ 16.188655] ? ktime_get_ts64+0x86/0x230 [ 16.188679] kunit_try_run_case+0x1a5/0x480 [ 16.188716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188743] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.188769] ? __kthread_parkme+0x82/0x180 [ 16.188790] ? preempt_count_sub+0x50/0x80 [ 16.188815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.188866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.188893] kthread+0x337/0x6f0 [ 16.188913] ? trace_preempt_on+0x20/0xc0 [ 16.188936] ? __pfx_kthread+0x10/0x10 [ 16.188958] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.188981] ? calculate_sigpending+0x7b/0xa0 [ 16.189005] ? __pfx_kthread+0x10/0x10 [ 16.189028] ret_from_fork+0x116/0x1d0 [ 16.189056] ? __pfx_kthread+0x10/0x10 [ 16.189078] ret_from_fork_asm+0x1a/0x30 [ 16.189110] </TASK> [ 16.189120] [ 16.199956] Allocated by task 282: [ 16.200573] kasan_save_stack+0x45/0x70 [ 16.200875] kasan_save_track+0x18/0x40 [ 16.201285] kasan_save_alloc_info+0x3b/0x50 [ 16.201621] __kasan_kmalloc+0xb7/0xc0 [ 16.201813] __kmalloc_cache_noprof+0x189/0x420 [ 16.202021] kasan_atomics+0x95/0x310 [ 16.202455] kunit_try_run_case+0x1a5/0x480 [ 16.202789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.203413] kthread+0x337/0x6f0 [ 16.203652] ret_from_fork+0x116/0x1d0 [ 16.203950] ret_from_fork_asm+0x1a/0x30 [ 16.204465] [ 16.204584] The buggy address belongs to the object at ffff8881038e3c00 [ 16.204584] which belongs to the cache kmalloc-64 of size 64 [ 16.205558] The buggy address is located 0 bytes to the right of [ 16.205558] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.206206] [ 16.206301] The buggy address belongs to the physical page: [ 16.206513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.206838] flags: 0x200000000000000(node=0|zone=2) [ 16.207345] page_type: f5(slab) [ 16.207610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.208333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.208674] page dumped because: kasan: bad access detected [ 16.208922] [ 16.209013] Memory state around the buggy address: [ 16.209647] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.210150] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.210582] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.210877] ^ [ 16.211335] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.211644] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.211948] ================================================================== [ 16.342769] ================================================================== [ 16.343584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.343918] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.344578] [ 16.344679] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.344937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.344976] Call Trace: [ 16.344992] <TASK> [ 16.345008] dump_stack_lvl+0x73/0xb0 [ 16.345090] print_report+0xd1/0x650 [ 16.345116] ? __virt_addr_valid+0x1db/0x2d0 [ 16.345140] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.345188] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345212] kasan_report+0x141/0x180 [ 16.345234] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345262] __asan_report_load8_noabort+0x18/0x20 [ 16.345288] kasan_atomics_helper+0x4f98/0x5450 [ 16.345312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.345336] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.345362] ? kasan_atomics+0x152/0x310 [ 16.345390] kasan_atomics+0x1dc/0x310 [ 16.345414] ? __pfx_kasan_atomics+0x10/0x10 [ 16.345438] ? trace_hardirqs_on+0x37/0xe0 [ 16.345463] ? __pfx_read_tsc+0x10/0x10 [ 16.345485] ? ktime_get_ts64+0x86/0x230 [ 16.345509] kunit_try_run_case+0x1a5/0x480 [ 16.345534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345560] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.345587] ? __kthread_parkme+0x82/0x180 [ 16.345608] ? preempt_count_sub+0x50/0x80 [ 16.345633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.345684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.345723] kthread+0x337/0x6f0 [ 16.345744] ? trace_preempt_on+0x20/0xc0 [ 16.345769] ? __pfx_kthread+0x10/0x10 [ 16.345791] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.345814] ? calculate_sigpending+0x7b/0xa0 [ 16.345839] ? __pfx_kthread+0x10/0x10 [ 16.345862] ret_from_fork+0x116/0x1d0 [ 16.345882] ? __pfx_kthread+0x10/0x10 [ 16.345904] ret_from_fork_asm+0x1a/0x30 [ 16.345937] </TASK> [ 16.345947] [ 16.356916] Allocated by task 282: [ 16.357231] kasan_save_stack+0x45/0x70 [ 16.357602] kasan_save_track+0x18/0x40 [ 16.357803] kasan_save_alloc_info+0x3b/0x50 [ 16.358002] __kasan_kmalloc+0xb7/0xc0 [ 16.358531] __kmalloc_cache_noprof+0x189/0x420 [ 16.358790] kasan_atomics+0x95/0x310 [ 16.359104] kunit_try_run_case+0x1a5/0x480 [ 16.359479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.359901] kthread+0x337/0x6f0 [ 16.360261] ret_from_fork+0x116/0x1d0 [ 16.360443] ret_from_fork_asm+0x1a/0x30 [ 16.360627] [ 16.360726] The buggy address belongs to the object at ffff8881038e3c00 [ 16.360726] which belongs to the cache kmalloc-64 of size 64 [ 16.361727] The buggy address is located 0 bytes to the right of [ 16.361727] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.362529] [ 16.362763] The buggy address belongs to the physical page: [ 16.363378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.363846] flags: 0x200000000000000(node=0|zone=2) [ 16.364217] page_type: f5(slab) [ 16.364392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.364717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.364949] page dumped because: kasan: bad access detected [ 16.365226] [ 16.365326] Memory state around the buggy address: [ 16.365522] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.365826] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.366152] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.366381] ^ [ 16.366606] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.366859] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.367302] ================================================================== [ 15.771069] ================================================================== [ 15.771556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.771995] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.772398] [ 15.772694] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.772753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.772766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.772873] Call Trace: [ 15.772894] <TASK> [ 15.772910] dump_stack_lvl+0x73/0xb0 [ 15.772942] print_report+0xd1/0x650 [ 15.772965] ? __virt_addr_valid+0x1db/0x2d0 [ 15.772989] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.773013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.773047] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.773071] kasan_report+0x141/0x180 [ 15.773094] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.773121] __asan_report_load4_noabort+0x18/0x20 [ 15.773147] kasan_atomics_helper+0x49e8/0x5450 [ 15.773173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.773197] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.773223] ? kasan_atomics+0x152/0x310 [ 15.773251] kasan_atomics+0x1dc/0x310 [ 15.773274] ? __pfx_kasan_atomics+0x10/0x10 [ 15.773298] ? trace_hardirqs_on+0x37/0xe0 [ 15.773322] ? __pfx_read_tsc+0x10/0x10 [ 15.773344] ? ktime_get_ts64+0x86/0x230 [ 15.773368] kunit_try_run_case+0x1a5/0x480 [ 15.773393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.773420] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.773446] ? __kthread_parkme+0x82/0x180 [ 15.773468] ? preempt_count_sub+0x50/0x80 [ 15.773493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.773518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.773543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.773570] kthread+0x337/0x6f0 [ 15.773591] ? trace_preempt_on+0x20/0xc0 [ 15.773614] ? __pfx_kthread+0x10/0x10 [ 15.773636] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.773659] ? calculate_sigpending+0x7b/0xa0 [ 15.773685] ? __pfx_kthread+0x10/0x10 [ 15.773720] ret_from_fork+0x116/0x1d0 [ 15.773739] ? __pfx_kthread+0x10/0x10 [ 15.773761] ret_from_fork_asm+0x1a/0x30 [ 15.773795] </TASK> [ 15.773805] [ 15.783897] Allocated by task 282: [ 15.784214] kasan_save_stack+0x45/0x70 [ 15.784425] kasan_save_track+0x18/0x40 [ 15.784695] kasan_save_alloc_info+0x3b/0x50 [ 15.785060] __kasan_kmalloc+0xb7/0xc0 [ 15.785246] __kmalloc_cache_noprof+0x189/0x420 [ 15.785550] kasan_atomics+0x95/0x310 [ 15.785832] kunit_try_run_case+0x1a5/0x480 [ 15.786007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.786553] kthread+0x337/0x6f0 [ 15.786733] ret_from_fork+0x116/0x1d0 [ 15.787010] ret_from_fork_asm+0x1a/0x30 [ 15.787249] [ 15.787504] The buggy address belongs to the object at ffff8881038e3c00 [ 15.787504] which belongs to the cache kmalloc-64 of size 64 [ 15.788093] The buggy address is located 0 bytes to the right of [ 15.788093] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.788823] [ 15.788907] The buggy address belongs to the physical page: [ 15.789239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.789582] flags: 0x200000000000000(node=0|zone=2) [ 15.789814] page_type: f5(slab) [ 15.789974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.790726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.791150] page dumped because: kasan: bad access detected [ 15.791413] [ 15.791604] Memory state around the buggy address: [ 15.791961] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792423] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792793] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.793246] ^ [ 15.793474] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793965] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.794379] ================================================================== [ 16.316118] ================================================================== [ 16.316945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.317405] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.317717] [ 16.317825] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.317869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.317882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.317904] Call Trace: [ 16.317919] <TASK> [ 16.317934] dump_stack_lvl+0x73/0xb0 [ 16.317965] print_report+0xd1/0x650 [ 16.317989] ? __virt_addr_valid+0x1db/0x2d0 [ 16.318014] ? kasan_atomics_helper+0x2006/0x5450 [ 16.318318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.318358] ? kasan_atomics_helper+0x2006/0x5450 [ 16.318383] kasan_report+0x141/0x180 [ 16.318408] ? kasan_atomics_helper+0x2006/0x5450 [ 16.318436] kasan_check_range+0x10c/0x1c0 [ 16.318501] __kasan_check_write+0x18/0x20 [ 16.318525] kasan_atomics_helper+0x2006/0x5450 [ 16.318549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.318573] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.318600] ? kasan_atomics+0x152/0x310 [ 16.318628] kasan_atomics+0x1dc/0x310 [ 16.318652] ? __pfx_kasan_atomics+0x10/0x10 [ 16.318676] ? trace_hardirqs_on+0x37/0xe0 [ 16.318711] ? __pfx_read_tsc+0x10/0x10 [ 16.318734] ? ktime_get_ts64+0x86/0x230 [ 16.318758] kunit_try_run_case+0x1a5/0x480 [ 16.318784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.318810] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.318837] ? __kthread_parkme+0x82/0x180 [ 16.318859] ? preempt_count_sub+0x50/0x80 [ 16.318883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.318909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.318935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.318962] kthread+0x337/0x6f0 [ 16.318982] ? trace_preempt_on+0x20/0xc0 [ 16.319005] ? __pfx_kthread+0x10/0x10 [ 16.319027] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.319064] ? calculate_sigpending+0x7b/0xa0 [ 16.319089] ? __pfx_kthread+0x10/0x10 [ 16.319112] ret_from_fork+0x116/0x1d0 [ 16.319132] ? __pfx_kthread+0x10/0x10 [ 16.319153] ret_from_fork_asm+0x1a/0x30 [ 16.319187] </TASK> [ 16.319198] [ 16.330621] Allocated by task 282: [ 16.330808] kasan_save_stack+0x45/0x70 [ 16.331001] kasan_save_track+0x18/0x40 [ 16.331354] kasan_save_alloc_info+0x3b/0x50 [ 16.331682] __kasan_kmalloc+0xb7/0xc0 [ 16.331856] __kmalloc_cache_noprof+0x189/0x420 [ 16.332275] kasan_atomics+0x95/0x310 [ 16.332513] kunit_try_run_case+0x1a5/0x480 [ 16.332833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.333260] kthread+0x337/0x6f0 [ 16.333438] ret_from_fork+0x116/0x1d0 [ 16.333619] ret_from_fork_asm+0x1a/0x30 [ 16.333813] [ 16.333904] The buggy address belongs to the object at ffff8881038e3c00 [ 16.333904] which belongs to the cache kmalloc-64 of size 64 [ 16.334889] The buggy address is located 0 bytes to the right of [ 16.334889] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.335743] [ 16.335969] The buggy address belongs to the physical page: [ 16.336438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.336902] flags: 0x200000000000000(node=0|zone=2) [ 16.337367] page_type: f5(slab) [ 16.337595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.338160] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.338492] page dumped because: kasan: bad access detected [ 16.338735] [ 16.338824] Memory state around the buggy address: [ 16.339030] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339744] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.340244] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.340742] ^ [ 16.340969] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341537] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342160] ================================================================== [ 15.242948] ================================================================== [ 15.243621] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.243959] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.244343] [ 15.244453] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.244494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.244507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.244527] Call Trace: [ 15.244540] <TASK> [ 15.244554] dump_stack_lvl+0x73/0xb0 [ 15.244584] print_report+0xd1/0x650 [ 15.244607] ? __virt_addr_valid+0x1db/0x2d0 [ 15.244630] ? kasan_atomics_helper+0x697/0x5450 [ 15.244653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.244677] ? kasan_atomics_helper+0x697/0x5450 [ 15.244700] kasan_report+0x141/0x180 [ 15.244736] ? kasan_atomics_helper+0x697/0x5450 [ 15.244764] kasan_check_range+0x10c/0x1c0 [ 15.244790] __kasan_check_write+0x18/0x20 [ 15.244811] kasan_atomics_helper+0x697/0x5450 [ 15.244834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.244859] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.244885] ? kasan_atomics+0x152/0x310 [ 15.244913] kasan_atomics+0x1dc/0x310 [ 15.244936] ? __pfx_kasan_atomics+0x10/0x10 [ 15.244960] ? trace_hardirqs_on+0x37/0xe0 [ 15.244984] ? __pfx_read_tsc+0x10/0x10 [ 15.245006] ? ktime_get_ts64+0x86/0x230 [ 15.245083] kunit_try_run_case+0x1a5/0x480 [ 15.245111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.245136] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.245163] ? __kthread_parkme+0x82/0x180 [ 15.245184] ? preempt_count_sub+0x50/0x80 [ 15.245209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.245235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.245260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.245287] kthread+0x337/0x6f0 [ 15.245306] ? trace_preempt_on+0x20/0xc0 [ 15.245330] ? __pfx_kthread+0x10/0x10 [ 15.245351] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.245375] ? calculate_sigpending+0x7b/0xa0 [ 15.245400] ? __pfx_kthread+0x10/0x10 [ 15.245424] ret_from_fork+0x116/0x1d0 [ 15.245443] ? __pfx_kthread+0x10/0x10 [ 15.245464] ret_from_fork_asm+0x1a/0x30 [ 15.245496] </TASK> [ 15.245507] [ 15.253628] Allocated by task 282: [ 15.253847] kasan_save_stack+0x45/0x70 [ 15.254095] kasan_save_track+0x18/0x40 [ 15.254294] kasan_save_alloc_info+0x3b/0x50 [ 15.254503] __kasan_kmalloc+0xb7/0xc0 [ 15.254638] __kmalloc_cache_noprof+0x189/0x420 [ 15.254807] kasan_atomics+0x95/0x310 [ 15.254984] kunit_try_run_case+0x1a5/0x480 [ 15.255221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.255454] kthread+0x337/0x6f0 [ 15.255612] ret_from_fork+0x116/0x1d0 [ 15.255781] ret_from_fork_asm+0x1a/0x30 [ 15.255968] [ 15.256072] The buggy address belongs to the object at ffff8881038e3c00 [ 15.256072] which belongs to the cache kmalloc-64 of size 64 [ 15.256540] The buggy address is located 0 bytes to the right of [ 15.256540] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.257018] [ 15.257333] The buggy address belongs to the physical page: [ 15.257556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.257889] flags: 0x200000000000000(node=0|zone=2) [ 15.258202] page_type: f5(slab) [ 15.258346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.258657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.258953] page dumped because: kasan: bad access detected [ 15.259181] [ 15.259334] Memory state around the buggy address: [ 15.259564] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.259793] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.260011] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.260328] ^ [ 15.260553] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260946] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261384] ================================================================== [ 15.204269] ================================================================== [ 15.204622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.204932] Write of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.205268] [ 15.205382] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.205424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.205437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.205459] Call Trace: [ 15.205475] <TASK> [ 15.205489] dump_stack_lvl+0x73/0xb0 [ 15.205519] print_report+0xd1/0x650 [ 15.205543] ? __virt_addr_valid+0x1db/0x2d0 [ 15.205567] ? kasan_atomics_helper+0x565/0x5450 [ 15.205591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.205615] ? kasan_atomics_helper+0x565/0x5450 [ 15.205638] kasan_report+0x141/0x180 [ 15.205661] ? kasan_atomics_helper+0x565/0x5450 [ 15.205689] kasan_check_range+0x10c/0x1c0 [ 15.205725] __kasan_check_write+0x18/0x20 [ 15.205747] kasan_atomics_helper+0x565/0x5450 [ 15.205770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.205794] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.205820] ? kasan_atomics+0x152/0x310 [ 15.205847] kasan_atomics+0x1dc/0x310 [ 15.205871] ? __pfx_kasan_atomics+0x10/0x10 [ 15.205894] ? trace_hardirqs_on+0x37/0xe0 [ 15.205919] ? __pfx_read_tsc+0x10/0x10 [ 15.205941] ? ktime_get_ts64+0x86/0x230 [ 15.205967] kunit_try_run_case+0x1a5/0x480 [ 15.205992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.206018] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.206190] ? __kthread_parkme+0x82/0x180 [ 15.206220] ? preempt_count_sub+0x50/0x80 [ 15.206248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.206274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.206301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.206327] kthread+0x337/0x6f0 [ 15.206347] ? trace_preempt_on+0x20/0xc0 [ 15.206370] ? __pfx_kthread+0x10/0x10 [ 15.206392] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.206415] ? calculate_sigpending+0x7b/0xa0 [ 15.206440] ? __pfx_kthread+0x10/0x10 [ 15.206463] ret_from_fork+0x116/0x1d0 [ 15.206482] ? __pfx_kthread+0x10/0x10 [ 15.206504] ret_from_fork_asm+0x1a/0x30 [ 15.206536] </TASK> [ 15.206548] [ 15.214866] Allocated by task 282: [ 15.215173] kasan_save_stack+0x45/0x70 [ 15.215403] kasan_save_track+0x18/0x40 [ 15.215576] kasan_save_alloc_info+0x3b/0x50 [ 15.215776] __kasan_kmalloc+0xb7/0xc0 [ 15.215913] __kmalloc_cache_noprof+0x189/0x420 [ 15.216173] kasan_atomics+0x95/0x310 [ 15.216396] kunit_try_run_case+0x1a5/0x480 [ 15.216583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.216770] kthread+0x337/0x6f0 [ 15.216940] ret_from_fork+0x116/0x1d0 [ 15.217254] ret_from_fork_asm+0x1a/0x30 [ 15.217456] [ 15.217555] The buggy address belongs to the object at ffff8881038e3c00 [ 15.217555] which belongs to the cache kmalloc-64 of size 64 [ 15.218082] The buggy address is located 0 bytes to the right of [ 15.218082] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.218587] [ 15.218668] The buggy address belongs to the physical page: [ 15.218883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.219261] flags: 0x200000000000000(node=0|zone=2) [ 15.219423] page_type: f5(slab) [ 15.219544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.220086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.220435] page dumped because: kasan: bad access detected [ 15.220685] [ 15.220775] Memory state around the buggy address: [ 15.220934] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.221416] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.221757] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.221997] ^ [ 15.222312] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.222638] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.222954] ================================================================== [ 15.046381] ================================================================== [ 15.046932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.047425] Read of size 4 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.047866] [ 15.048282] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.048336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.048349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.048370] Call Trace: [ 15.048386] <TASK> [ 15.048402] dump_stack_lvl+0x73/0xb0 [ 15.048431] print_report+0xd1/0x650 [ 15.048454] ? __virt_addr_valid+0x1db/0x2d0 [ 15.048476] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.048497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.048522] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.048545] kasan_report+0x141/0x180 [ 15.048567] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.048594] __asan_report_load4_noabort+0x18/0x20 [ 15.048620] kasan_atomics_helper+0x4b88/0x5450 [ 15.048643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.048666] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.048692] ? kasan_atomics+0x152/0x310 [ 15.048730] kasan_atomics+0x1dc/0x310 [ 15.048752] ? __pfx_kasan_atomics+0x10/0x10 [ 15.048776] ? trace_hardirqs_on+0x37/0xe0 [ 15.048799] ? __pfx_read_tsc+0x10/0x10 [ 15.048821] ? ktime_get_ts64+0x86/0x230 [ 15.048845] kunit_try_run_case+0x1a5/0x480 [ 15.048870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.048895] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.048923] ? __kthread_parkme+0x82/0x180 [ 15.048945] ? preempt_count_sub+0x50/0x80 [ 15.048969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.048994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.049122] kthread+0x337/0x6f0 [ 15.049142] ? trace_preempt_on+0x20/0xc0 [ 15.049165] ? __pfx_kthread+0x10/0x10 [ 15.049185] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.049207] ? calculate_sigpending+0x7b/0xa0 [ 15.049232] ? __pfx_kthread+0x10/0x10 [ 15.049253] ret_from_fork+0x116/0x1d0 [ 15.049272] ? __pfx_kthread+0x10/0x10 [ 15.049293] ret_from_fork_asm+0x1a/0x30 [ 15.049324] </TASK> [ 15.049333] [ 15.060909] Allocated by task 282: [ 15.061475] kasan_save_stack+0x45/0x70 [ 15.061679] kasan_save_track+0x18/0x40 [ 15.061950] kasan_save_alloc_info+0x3b/0x50 [ 15.062349] __kasan_kmalloc+0xb7/0xc0 [ 15.062529] __kmalloc_cache_noprof+0x189/0x420 [ 15.062936] kasan_atomics+0x95/0x310 [ 15.063179] kunit_try_run_case+0x1a5/0x480 [ 15.063566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.063856] kthread+0x337/0x6f0 [ 15.064192] ret_from_fork+0x116/0x1d0 [ 15.064504] ret_from_fork_asm+0x1a/0x30 [ 15.064806] [ 15.064932] The buggy address belongs to the object at ffff8881038e3c00 [ 15.064932] which belongs to the cache kmalloc-64 of size 64 [ 15.065552] The buggy address is located 0 bytes to the right of [ 15.065552] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.066066] [ 15.066361] The buggy address belongs to the physical page: [ 15.066877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.067376] flags: 0x200000000000000(node=0|zone=2) [ 15.067604] page_type: f5(slab) [ 15.067984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.068390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.068882] page dumped because: kasan: bad access detected [ 15.069207] [ 15.069326] Memory state around the buggy address: [ 15.069692] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.070040] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.070745] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.071171] ^ [ 15.071379] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.071880] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.072442] ================================================================== [ 16.165228] ================================================================== [ 16.165547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.166263] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.166575] [ 16.166681] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.166734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.166747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.166767] Call Trace: [ 16.166781] <TASK> [ 16.166797] dump_stack_lvl+0x73/0xb0 [ 16.166827] print_report+0xd1/0x650 [ 16.166851] ? __virt_addr_valid+0x1db/0x2d0 [ 16.166874] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.166896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.166921] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.166944] kasan_report+0x141/0x180 [ 16.166967] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.166994] __asan_report_load8_noabort+0x18/0x20 [ 16.167022] kasan_atomics_helper+0x4f30/0x5450 [ 16.167045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.167082] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.167109] ? kasan_atomics+0x152/0x310 [ 16.167137] kasan_atomics+0x1dc/0x310 [ 16.167160] ? __pfx_kasan_atomics+0x10/0x10 [ 16.167183] ? trace_hardirqs_on+0x37/0xe0 [ 16.167208] ? __pfx_read_tsc+0x10/0x10 [ 16.167229] ? ktime_get_ts64+0x86/0x230 [ 16.167254] kunit_try_run_case+0x1a5/0x480 [ 16.167278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.167304] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.167331] ? __kthread_parkme+0x82/0x180 [ 16.167352] ? preempt_count_sub+0x50/0x80 [ 16.167377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.167402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.167455] kthread+0x337/0x6f0 [ 16.167475] ? trace_preempt_on+0x20/0xc0 [ 16.167497] ? __pfx_kthread+0x10/0x10 [ 16.167519] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.167542] ? calculate_sigpending+0x7b/0xa0 [ 16.167567] ? __pfx_kthread+0x10/0x10 [ 16.167590] ret_from_fork+0x116/0x1d0 [ 16.167609] ? __pfx_kthread+0x10/0x10 [ 16.167631] ret_from_fork_asm+0x1a/0x30 [ 16.167662] </TASK> [ 16.167673] [ 16.175043] Allocated by task 282: [ 16.175213] kasan_save_stack+0x45/0x70 [ 16.175393] kasan_save_track+0x18/0x40 [ 16.175559] kasan_save_alloc_info+0x3b/0x50 [ 16.175772] __kasan_kmalloc+0xb7/0xc0 [ 16.175949] __kmalloc_cache_noprof+0x189/0x420 [ 16.176165] kasan_atomics+0x95/0x310 [ 16.176300] kunit_try_run_case+0x1a5/0x480 [ 16.176453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.176627] kthread+0x337/0x6f0 [ 16.176759] ret_from_fork+0x116/0x1d0 [ 16.176891] ret_from_fork_asm+0x1a/0x30 [ 16.177080] [ 16.177173] The buggy address belongs to the object at ffff8881038e3c00 [ 16.177173] which belongs to the cache kmalloc-64 of size 64 [ 16.177693] The buggy address is located 0 bytes to the right of [ 16.177693] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.178501] [ 16.178581] The buggy address belongs to the physical page: [ 16.178780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.179030] flags: 0x200000000000000(node=0|zone=2) [ 16.179193] page_type: f5(slab) [ 16.179313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.180351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.180813] page dumped because: kasan: bad access detected [ 16.181465] [ 16.181574] Memory state around the buggy address: [ 16.182154] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.182608] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.183136] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.183436] ^ [ 16.183650] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.184473] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.184941] ================================================================== [ 16.385421] ================================================================== [ 16.385731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.386073] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 16.386358] [ 16.386442] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.386482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.386495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.386516] Call Trace: [ 16.386529] <TASK> [ 16.386544] dump_stack_lvl+0x73/0xb0 [ 16.386571] print_report+0xd1/0x650 [ 16.386594] ? __virt_addr_valid+0x1db/0x2d0 [ 16.386618] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.386640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.386665] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.386688] kasan_report+0x141/0x180 [ 16.386722] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.386750] __asan_report_load8_noabort+0x18/0x20 [ 16.386783] kasan_atomics_helper+0x4fb2/0x5450 [ 16.386808] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.386831] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.386858] ? kasan_atomics+0x152/0x310 [ 16.386887] kasan_atomics+0x1dc/0x310 [ 16.386910] ? __pfx_kasan_atomics+0x10/0x10 [ 16.386933] ? trace_hardirqs_on+0x37/0xe0 [ 16.386958] ? __pfx_read_tsc+0x10/0x10 [ 16.386980] ? ktime_get_ts64+0x86/0x230 [ 16.387005] kunit_try_run_case+0x1a5/0x480 [ 16.387030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.387056] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.387092] ? __kthread_parkme+0x82/0x180 [ 16.387114] ? preempt_count_sub+0x50/0x80 [ 16.387139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.387164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.387190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.387217] kthread+0x337/0x6f0 [ 16.387237] ? trace_preempt_on+0x20/0xc0 [ 16.387260] ? __pfx_kthread+0x10/0x10 [ 16.387281] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.387304] ? calculate_sigpending+0x7b/0xa0 [ 16.387329] ? __pfx_kthread+0x10/0x10 [ 16.387351] ret_from_fork+0x116/0x1d0 [ 16.387371] ? __pfx_kthread+0x10/0x10 [ 16.387392] ret_from_fork_asm+0x1a/0x30 [ 16.387425] </TASK> [ 16.387437] [ 16.394816] Allocated by task 282: [ 16.394992] kasan_save_stack+0x45/0x70 [ 16.395252] kasan_save_track+0x18/0x40 [ 16.395398] kasan_save_alloc_info+0x3b/0x50 [ 16.395548] __kasan_kmalloc+0xb7/0xc0 [ 16.395680] __kmalloc_cache_noprof+0x189/0x420 [ 16.395844] kasan_atomics+0x95/0x310 [ 16.395977] kunit_try_run_case+0x1a5/0x480 [ 16.396122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.396296] kthread+0x337/0x6f0 [ 16.396467] ret_from_fork+0x116/0x1d0 [ 16.396654] ret_from_fork_asm+0x1a/0x30 [ 16.396868] [ 16.396961] The buggy address belongs to the object at ffff8881038e3c00 [ 16.396961] which belongs to the cache kmalloc-64 of size 64 [ 16.397479] The buggy address is located 0 bytes to the right of [ 16.397479] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 16.398385] [ 16.398495] The buggy address belongs to the physical page: [ 16.398672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 16.398930] flags: 0x200000000000000(node=0|zone=2) [ 16.399676] page_type: f5(slab) [ 16.399829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.400089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.400340] page dumped because: kasan: bad access detected [ 16.400583] [ 16.400677] Memory state around the buggy address: [ 16.400915] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.401288] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.401586] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.401913] ^ [ 16.402169] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.402405] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.402758] ================================================================== [ 15.904265] ================================================================== [ 15.904583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.904914] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.905229] [ 15.905317] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.905359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.905372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.905393] Call Trace: [ 15.905409] <TASK> [ 15.905424] dump_stack_lvl+0x73/0xb0 [ 15.905453] print_report+0xd1/0x650 [ 15.905475] ? __virt_addr_valid+0x1db/0x2d0 [ 15.905498] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.905522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.905546] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.905569] kasan_report+0x141/0x180 [ 15.905592] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.905620] __asan_report_store8_noabort+0x1b/0x30 [ 15.905646] kasan_atomics_helper+0x50d4/0x5450 [ 15.905670] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.905694] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.905732] ? kasan_atomics+0x152/0x310 [ 15.905759] kasan_atomics+0x1dc/0x310 [ 15.905783] ? __pfx_kasan_atomics+0x10/0x10 [ 15.905807] ? trace_hardirqs_on+0x37/0xe0 [ 15.905833] ? __pfx_read_tsc+0x10/0x10 [ 15.905855] ? ktime_get_ts64+0x86/0x230 [ 15.905880] kunit_try_run_case+0x1a5/0x480 [ 15.905906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.905932] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.905958] ? __kthread_parkme+0x82/0x180 [ 15.905979] ? preempt_count_sub+0x50/0x80 [ 15.906004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.906050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.906077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.906104] kthread+0x337/0x6f0 [ 15.906124] ? trace_preempt_on+0x20/0xc0 [ 15.906148] ? __pfx_kthread+0x10/0x10 [ 15.906169] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.906192] ? calculate_sigpending+0x7b/0xa0 [ 15.906217] ? __pfx_kthread+0x10/0x10 [ 15.906241] ret_from_fork+0x116/0x1d0 [ 15.906261] ? __pfx_kthread+0x10/0x10 [ 15.906282] ret_from_fork_asm+0x1a/0x30 [ 15.906316] </TASK> [ 15.906327] [ 15.913459] Allocated by task 282: [ 15.913587] kasan_save_stack+0x45/0x70 [ 15.913745] kasan_save_track+0x18/0x40 [ 15.913939] kasan_save_alloc_info+0x3b/0x50 [ 15.914173] __kasan_kmalloc+0xb7/0xc0 [ 15.914359] __kmalloc_cache_noprof+0x189/0x420 [ 15.914580] kasan_atomics+0x95/0x310 [ 15.914727] kunit_try_run_case+0x1a5/0x480 [ 15.914874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.915157] kthread+0x337/0x6f0 [ 15.915336] ret_from_fork+0x116/0x1d0 [ 15.915522] ret_from_fork_asm+0x1a/0x30 [ 15.915689] [ 15.915772] The buggy address belongs to the object at ffff8881038e3c00 [ 15.915772] which belongs to the cache kmalloc-64 of size 64 [ 15.916268] The buggy address is located 0 bytes to the right of [ 15.916268] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.916763] [ 15.916847] The buggy address belongs to the physical page: [ 15.917085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.917386] flags: 0x200000000000000(node=0|zone=2) [ 15.917623] page_type: f5(slab) [ 15.917766] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.918002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.918245] page dumped because: kasan: bad access detected [ 15.918418] [ 15.918488] Memory state around the buggy address: [ 15.918642] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.918957] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.919298] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.919615] ^ [ 15.919847] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.920188] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.920520] ================================================================== [ 15.866918] ================================================================== [ 15.868078] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.868733] Read of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.869321] [ 15.869427] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.869471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.869484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.869505] Call Trace: [ 15.869519] <TASK> [ 15.869536] dump_stack_lvl+0x73/0xb0 [ 15.869566] print_report+0xd1/0x650 [ 15.869590] ? __virt_addr_valid+0x1db/0x2d0 [ 15.869613] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.869636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.869661] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.869683] kasan_report+0x141/0x180 [ 15.869720] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.869750] __asan_report_load8_noabort+0x18/0x20 [ 15.869777] kasan_atomics_helper+0x4eae/0x5450 [ 15.869801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.869826] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.869851] ? kasan_atomics+0x152/0x310 [ 15.869880] kasan_atomics+0x1dc/0x310 [ 15.869903] ? __pfx_kasan_atomics+0x10/0x10 [ 15.869926] ? trace_hardirqs_on+0x37/0xe0 [ 15.869950] ? __pfx_read_tsc+0x10/0x10 [ 15.869973] ? ktime_get_ts64+0x86/0x230 [ 15.869998] kunit_try_run_case+0x1a5/0x480 [ 15.870023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.870055] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.870082] ? __kthread_parkme+0x82/0x180 [ 15.870103] ? preempt_count_sub+0x50/0x80 [ 15.870128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.870154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.870179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.870239] kthread+0x337/0x6f0 [ 15.870259] ? trace_preempt_on+0x20/0xc0 [ 15.870283] ? __pfx_kthread+0x10/0x10 [ 15.870305] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.870327] ? calculate_sigpending+0x7b/0xa0 [ 15.870353] ? __pfx_kthread+0x10/0x10 [ 15.870376] ret_from_fork+0x116/0x1d0 [ 15.870395] ? __pfx_kthread+0x10/0x10 [ 15.870416] ret_from_fork_asm+0x1a/0x30 [ 15.870449] </TASK> [ 15.870461] [ 15.879646] Allocated by task 282: [ 15.879793] kasan_save_stack+0x45/0x70 [ 15.879941] kasan_save_track+0x18/0x40 [ 15.880102] kasan_save_alloc_info+0x3b/0x50 [ 15.880320] __kasan_kmalloc+0xb7/0xc0 [ 15.880506] __kmalloc_cache_noprof+0x189/0x420 [ 15.880734] kasan_atomics+0x95/0x310 [ 15.880917] kunit_try_run_case+0x1a5/0x480 [ 15.881147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.881357] kthread+0x337/0x6f0 [ 15.881524] ret_from_fork+0x116/0x1d0 [ 15.881674] ret_from_fork_asm+0x1a/0x30 [ 15.881866] [ 15.881937] The buggy address belongs to the object at ffff8881038e3c00 [ 15.881937] which belongs to the cache kmalloc-64 of size 64 [ 15.882473] The buggy address is located 0 bytes to the right of [ 15.882473] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.882959] [ 15.883072] The buggy address belongs to the physical page: [ 15.883286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.883608] flags: 0x200000000000000(node=0|zone=2) [ 15.883779] page_type: f5(slab) [ 15.883901] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.884264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.884600] page dumped because: kasan: bad access detected [ 15.884837] [ 15.884907] Memory state around the buggy address: [ 15.885101] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.885423] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.885753] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.886046] ^ [ 15.886231] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886523] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886802] ================================================================== [ 15.950006] ================================================================== [ 15.950253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.950493] Write of size 8 at addr ffff8881038e3c30 by task kunit_try_catch/282 [ 15.950733] [ 15.950821] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.950864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.950878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.950899] Call Trace: [ 15.950915] <TASK> [ 15.950933] dump_stack_lvl+0x73/0xb0 [ 15.950963] print_report+0xd1/0x650 [ 15.950986] ? __virt_addr_valid+0x1db/0x2d0 [ 15.951010] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.951033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.951402] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.951428] kasan_report+0x141/0x180 [ 15.951475] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.951915] kasan_check_range+0x10c/0x1c0 [ 15.951956] __kasan_check_write+0x18/0x20 [ 15.951993] kasan_atomics_helper+0x15b6/0x5450 [ 15.952018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.952043] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.952081] ? kasan_atomics+0x152/0x310 [ 15.952110] kasan_atomics+0x1dc/0x310 [ 15.952134] ? __pfx_kasan_atomics+0x10/0x10 [ 15.952158] ? trace_hardirqs_on+0x37/0xe0 [ 15.952182] ? __pfx_read_tsc+0x10/0x10 [ 15.952205] ? ktime_get_ts64+0x86/0x230 [ 15.952229] kunit_try_run_case+0x1a5/0x480 [ 15.952254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952280] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.952308] ? __kthread_parkme+0x82/0x180 [ 15.952333] ? preempt_count_sub+0x50/0x80 [ 15.952358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.952437] kthread+0x337/0x6f0 [ 15.952456] ? trace_preempt_on+0x20/0xc0 [ 15.952480] ? __pfx_kthread+0x10/0x10 [ 15.952502] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.952525] ? calculate_sigpending+0x7b/0xa0 [ 15.952550] ? __pfx_kthread+0x10/0x10 [ 15.952572] ret_from_fork+0x116/0x1d0 [ 15.952591] ? __pfx_kthread+0x10/0x10 [ 15.952613] ret_from_fork_asm+0x1a/0x30 [ 15.952646] </TASK> [ 15.952657] [ 15.965438] Allocated by task 282: [ 15.965800] kasan_save_stack+0x45/0x70 [ 15.966147] kasan_save_track+0x18/0x40 [ 15.966522] kasan_save_alloc_info+0x3b/0x50 [ 15.966940] __kasan_kmalloc+0xb7/0xc0 [ 15.967340] __kmalloc_cache_noprof+0x189/0x420 [ 15.967741] kasan_atomics+0x95/0x310 [ 15.968063] kunit_try_run_case+0x1a5/0x480 [ 15.969420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.970524] kthread+0x337/0x6f0 [ 15.970828] ret_from_fork+0x116/0x1d0 [ 15.971338] ret_from_fork_asm+0x1a/0x30 [ 15.971503] [ 15.971580] The buggy address belongs to the object at ffff8881038e3c00 [ 15.971580] which belongs to the cache kmalloc-64 of size 64 [ 15.972245] The buggy address is located 0 bytes to the right of [ 15.972245] allocated 48-byte region [ffff8881038e3c00, ffff8881038e3c30) [ 15.972629] [ 15.973107] The buggy address belongs to the physical page: [ 15.973378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 15.973747] flags: 0x200000000000000(node=0|zone=2) [ 15.973948] page_type: f5(slab) [ 15.974189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.974536] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.974880] page dumped because: kasan: bad access detected [ 15.975209] [ 15.975310] Memory state around the buggy address: [ 15.975531] ffff8881038e3b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.975813] ffff8881038e3b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.976096] >ffff8881038e3c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.976417] ^ [ 15.976667] ffff8881038e3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.976952] ffff8881038e3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.977198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.796193] ================================================================== [ 14.796939] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.797641] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.798252] [ 14.798505] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.798549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.798562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.798581] Call Trace: [ 14.798595] <TASK> [ 14.798610] dump_stack_lvl+0x73/0xb0 [ 14.798764] print_report+0xd1/0x650 [ 14.798789] ? __virt_addr_valid+0x1db/0x2d0 [ 14.798813] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.798867] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798897] kasan_report+0x141/0x180 [ 14.798919] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798953] kasan_check_range+0x10c/0x1c0 [ 14.798977] __kasan_check_write+0x18/0x20 [ 14.798996] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.799026] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.799064] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.799088] ? trace_hardirqs_on+0x37/0xe0 [ 14.799110] ? kasan_bitops_generic+0x92/0x1c0 [ 14.799137] kasan_bitops_generic+0x121/0x1c0 [ 14.799161] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.799186] ? __pfx_read_tsc+0x10/0x10 [ 14.799223] ? ktime_get_ts64+0x86/0x230 [ 14.799247] kunit_try_run_case+0x1a5/0x480 [ 14.799294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.799343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.799367] ? __kthread_parkme+0x82/0x180 [ 14.799388] ? preempt_count_sub+0x50/0x80 [ 14.799412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.799461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.799487] kthread+0x337/0x6f0 [ 14.799506] ? trace_preempt_on+0x20/0xc0 [ 14.799529] ? __pfx_kthread+0x10/0x10 [ 14.799550] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.799571] ? calculate_sigpending+0x7b/0xa0 [ 14.799596] ? __pfx_kthread+0x10/0x10 [ 14.799617] ret_from_fork+0x116/0x1d0 [ 14.799635] ? __pfx_kthread+0x10/0x10 [ 14.799655] ret_from_fork_asm+0x1a/0x30 [ 14.799686] </TASK> [ 14.799697] [ 14.812854] Allocated by task 278: [ 14.813220] kasan_save_stack+0x45/0x70 [ 14.813507] kasan_save_track+0x18/0x40 [ 14.813786] kasan_save_alloc_info+0x3b/0x50 [ 14.814128] __kasan_kmalloc+0xb7/0xc0 [ 14.814503] __kmalloc_cache_noprof+0x189/0x420 [ 14.814689] kasan_bitops_generic+0x92/0x1c0 [ 14.815115] kunit_try_run_case+0x1a5/0x480 [ 14.815491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.815769] kthread+0x337/0x6f0 [ 14.815938] ret_from_fork+0x116/0x1d0 [ 14.816334] ret_from_fork_asm+0x1a/0x30 [ 14.816622] [ 14.816735] The buggy address belongs to the object at ffff88810226cfe0 [ 14.816735] which belongs to the cache kmalloc-16 of size 16 [ 14.817601] The buggy address is located 8 bytes inside of [ 14.817601] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.818475] [ 14.818687] The buggy address belongs to the physical page: [ 14.818987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.819590] flags: 0x200000000000000(node=0|zone=2) [ 14.820085] page_type: f5(slab) [ 14.820376] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.820864] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.821284] page dumped because: kasan: bad access detected [ 14.821685] [ 14.821968] Memory state around the buggy address: [ 14.822278] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.822622] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.822913] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.823523] ^ [ 14.823826] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.824294] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.824823] ================================================================== [ 14.825607] ================================================================== [ 14.825889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.826693] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.827368] [ 14.827583] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.827630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.827642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.827662] Call Trace: [ 14.827676] <TASK> [ 14.827691] dump_stack_lvl+0x73/0xb0 [ 14.827734] print_report+0xd1/0x650 [ 14.827756] ? __virt_addr_valid+0x1db/0x2d0 [ 14.827778] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.827893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.827916] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.827946] kasan_report+0x141/0x180 [ 14.827968] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.828002] kasan_check_range+0x10c/0x1c0 [ 14.828048] __kasan_check_write+0x18/0x20 [ 14.828069] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.828110] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.828141] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.828167] ? trace_hardirqs_on+0x37/0xe0 [ 14.828190] ? kasan_bitops_generic+0x92/0x1c0 [ 14.828218] kasan_bitops_generic+0x121/0x1c0 [ 14.828241] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.828267] ? __pfx_read_tsc+0x10/0x10 [ 14.828287] ? ktime_get_ts64+0x86/0x230 [ 14.828311] kunit_try_run_case+0x1a5/0x480 [ 14.828341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.828388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.828412] ? __kthread_parkme+0x82/0x180 [ 14.828432] ? preempt_count_sub+0x50/0x80 [ 14.828456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.828504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.828530] kthread+0x337/0x6f0 [ 14.828548] ? trace_preempt_on+0x20/0xc0 [ 14.828571] ? __pfx_kthread+0x10/0x10 [ 14.828591] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.828612] ? calculate_sigpending+0x7b/0xa0 [ 14.828636] ? __pfx_kthread+0x10/0x10 [ 14.828657] ret_from_fork+0x116/0x1d0 [ 14.828675] ? __pfx_kthread+0x10/0x10 [ 14.828695] ret_from_fork_asm+0x1a/0x30 [ 14.828738] </TASK> [ 14.828747] [ 14.840993] Allocated by task 278: [ 14.841182] kasan_save_stack+0x45/0x70 [ 14.841617] kasan_save_track+0x18/0x40 [ 14.841890] kasan_save_alloc_info+0x3b/0x50 [ 14.842070] __kasan_kmalloc+0xb7/0xc0 [ 14.842480] __kmalloc_cache_noprof+0x189/0x420 [ 14.842659] kasan_bitops_generic+0x92/0x1c0 [ 14.843026] kunit_try_run_case+0x1a5/0x480 [ 14.843262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843611] kthread+0x337/0x6f0 [ 14.843894] ret_from_fork+0x116/0x1d0 [ 14.844120] ret_from_fork_asm+0x1a/0x30 [ 14.844548] [ 14.844740] The buggy address belongs to the object at ffff88810226cfe0 [ 14.844740] which belongs to the cache kmalloc-16 of size 16 [ 14.845684] The buggy address is located 8 bytes inside of [ 14.845684] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.846400] [ 14.846486] The buggy address belongs to the physical page: [ 14.846913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.847434] flags: 0x200000000000000(node=0|zone=2) [ 14.847642] page_type: f5(slab) [ 14.847884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.848559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.848895] page dumped because: kasan: bad access detected [ 14.849301] [ 14.849468] Memory state around the buggy address: [ 14.849671] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.850008] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.850553] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.850929] ^ [ 14.851416] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.851754] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.852241] ================================================================== [ 14.852890] ================================================================== [ 14.853134] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.854134] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.854635] [ 14.854845] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.854890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.854901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.854922] Call Trace: [ 14.854935] <TASK> [ 14.854948] dump_stack_lvl+0x73/0xb0 [ 14.854978] print_report+0xd1/0x650 [ 14.855246] ? __virt_addr_valid+0x1db/0x2d0 [ 14.855271] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.855325] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855357] kasan_report+0x141/0x180 [ 14.855380] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855414] kasan_check_range+0x10c/0x1c0 [ 14.855437] __kasan_check_write+0x18/0x20 [ 14.855457] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855486] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.855516] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.855541] ? trace_hardirqs_on+0x37/0xe0 [ 14.855564] ? kasan_bitops_generic+0x92/0x1c0 [ 14.855591] kasan_bitops_generic+0x121/0x1c0 [ 14.855615] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.855640] ? __pfx_read_tsc+0x10/0x10 [ 14.855660] ? ktime_get_ts64+0x86/0x230 [ 14.855683] kunit_try_run_case+0x1a5/0x480 [ 14.855719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.855766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.855790] ? __kthread_parkme+0x82/0x180 [ 14.855810] ? preempt_count_sub+0x50/0x80 [ 14.855834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.855908] kthread+0x337/0x6f0 [ 14.855927] ? trace_preempt_on+0x20/0xc0 [ 14.855949] ? __pfx_kthread+0x10/0x10 [ 14.855970] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.855991] ? calculate_sigpending+0x7b/0xa0 [ 14.856015] ? __pfx_kthread+0x10/0x10 [ 14.856069] ret_from_fork+0x116/0x1d0 [ 14.856095] ? __pfx_kthread+0x10/0x10 [ 14.856115] ret_from_fork_asm+0x1a/0x30 [ 14.856146] </TASK> [ 14.856156] [ 14.867261] Allocated by task 278: [ 14.867674] kasan_save_stack+0x45/0x70 [ 14.867982] kasan_save_track+0x18/0x40 [ 14.868231] kasan_save_alloc_info+0x3b/0x50 [ 14.868651] __kasan_kmalloc+0xb7/0xc0 [ 14.868836] __kmalloc_cache_noprof+0x189/0x420 [ 14.869247] kasan_bitops_generic+0x92/0x1c0 [ 14.869436] kunit_try_run_case+0x1a5/0x480 [ 14.869739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869989] kthread+0x337/0x6f0 [ 14.870331] ret_from_fork+0x116/0x1d0 [ 14.870560] ret_from_fork_asm+0x1a/0x30 [ 14.870957] [ 14.871040] The buggy address belongs to the object at ffff88810226cfe0 [ 14.871040] which belongs to the cache kmalloc-16 of size 16 [ 14.871657] The buggy address is located 8 bytes inside of [ 14.871657] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.872654] [ 14.872769] The buggy address belongs to the physical page: [ 14.873157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.873698] flags: 0x200000000000000(node=0|zone=2) [ 14.874017] page_type: f5(slab) [ 14.874369] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.874684] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.875278] page dumped because: kasan: bad access detected [ 14.875468] [ 14.875565] Memory state around the buggy address: [ 14.875888] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.876559] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.876854] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.877316] ^ [ 14.877603] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.878064] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.878589] ================================================================== [ 14.769009] ================================================================== [ 14.769639] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770023] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.770401] [ 14.770515] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.770575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.770587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.770606] Call Trace: [ 14.770636] <TASK> [ 14.770651] dump_stack_lvl+0x73/0xb0 [ 14.770756] print_report+0xd1/0x650 [ 14.770778] ? __virt_addr_valid+0x1db/0x2d0 [ 14.770800] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.770853] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770882] kasan_report+0x141/0x180 [ 14.770904] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770937] kasan_check_range+0x10c/0x1c0 [ 14.770961] __kasan_check_write+0x18/0x20 [ 14.770980] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.771009] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.771066] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.771100] ? trace_hardirqs_on+0x37/0xe0 [ 14.771124] ? kasan_bitops_generic+0x92/0x1c0 [ 14.771153] kasan_bitops_generic+0x121/0x1c0 [ 14.771194] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.771222] ? __pfx_read_tsc+0x10/0x10 [ 14.771258] ? ktime_get_ts64+0x86/0x230 [ 14.771291] kunit_try_run_case+0x1a5/0x480 [ 14.771315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.771363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.771387] ? __kthread_parkme+0x82/0x180 [ 14.771407] ? preempt_count_sub+0x50/0x80 [ 14.771433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.771509] kthread+0x337/0x6f0 [ 14.771529] ? trace_preempt_on+0x20/0xc0 [ 14.771551] ? __pfx_kthread+0x10/0x10 [ 14.771571] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.771592] ? calculate_sigpending+0x7b/0xa0 [ 14.771616] ? __pfx_kthread+0x10/0x10 [ 14.771638] ret_from_fork+0x116/0x1d0 [ 14.771656] ? __pfx_kthread+0x10/0x10 [ 14.771676] ret_from_fork_asm+0x1a/0x30 [ 14.771716] </TASK> [ 14.771725] [ 14.781518] Allocated by task 278: [ 14.781690] kasan_save_stack+0x45/0x70 [ 14.781894] kasan_save_track+0x18/0x40 [ 14.782748] kasan_save_alloc_info+0x3b/0x50 [ 14.783205] __kasan_kmalloc+0xb7/0xc0 [ 14.783616] __kmalloc_cache_noprof+0x189/0x420 [ 14.783796] kasan_bitops_generic+0x92/0x1c0 [ 14.783951] kunit_try_run_case+0x1a5/0x480 [ 14.784106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784284] kthread+0x337/0x6f0 [ 14.784410] ret_from_fork+0x116/0x1d0 [ 14.784544] ret_from_fork_asm+0x1a/0x30 [ 14.784683] [ 14.785404] The buggy address belongs to the object at ffff88810226cfe0 [ 14.785404] which belongs to the cache kmalloc-16 of size 16 [ 14.787113] The buggy address is located 8 bytes inside of [ 14.787113] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.788605] [ 14.788947] The buggy address belongs to the physical page: [ 14.789722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.790790] flags: 0x200000000000000(node=0|zone=2) [ 14.791017] page_type: f5(slab) [ 14.791416] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.791868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.792319] page dumped because: kasan: bad access detected [ 14.792662] [ 14.792757] Memory state around the buggy address: [ 14.793239] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.793559] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.793827] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.794409] ^ [ 14.794780] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.795153] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.795733] ================================================================== [ 14.933724] ================================================================== [ 14.933971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.934668] Read of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.934993] [ 14.935092] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.935135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.935147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.935166] Call Trace: [ 14.935183] <TASK> [ 14.935198] dump_stack_lvl+0x73/0xb0 [ 14.935227] print_report+0xd1/0x650 [ 14.935248] ? __virt_addr_valid+0x1db/0x2d0 [ 14.935271] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.935323] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935352] kasan_report+0x141/0x180 [ 14.935374] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935407] kasan_check_range+0x10c/0x1c0 [ 14.935431] __kasan_check_read+0x15/0x20 [ 14.935450] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935479] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.935509] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.935533] ? trace_hardirqs_on+0x37/0xe0 [ 14.935556] ? kasan_bitops_generic+0x92/0x1c0 [ 14.935584] kasan_bitops_generic+0x121/0x1c0 [ 14.935607] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.935632] ? __pfx_read_tsc+0x10/0x10 [ 14.935653] ? ktime_get_ts64+0x86/0x230 [ 14.935677] kunit_try_run_case+0x1a5/0x480 [ 14.935994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.936072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.936110] ? __kthread_parkme+0x82/0x180 [ 14.936131] ? preempt_count_sub+0x50/0x80 [ 14.936155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.936204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.936230] kthread+0x337/0x6f0 [ 14.936249] ? trace_preempt_on+0x20/0xc0 [ 14.936272] ? __pfx_kthread+0x10/0x10 [ 14.936293] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.936319] ? calculate_sigpending+0x7b/0xa0 [ 14.936343] ? __pfx_kthread+0x10/0x10 [ 14.936364] ret_from_fork+0x116/0x1d0 [ 14.936383] ? __pfx_kthread+0x10/0x10 [ 14.936404] ret_from_fork_asm+0x1a/0x30 [ 14.936435] </TASK> [ 14.936445] [ 14.948534] Allocated by task 278: [ 14.948726] kasan_save_stack+0x45/0x70 [ 14.948909] kasan_save_track+0x18/0x40 [ 14.949093] kasan_save_alloc_info+0x3b/0x50 [ 14.949581] __kasan_kmalloc+0xb7/0xc0 [ 14.949757] __kmalloc_cache_noprof+0x189/0x420 [ 14.949993] kasan_bitops_generic+0x92/0x1c0 [ 14.950262] kunit_try_run_case+0x1a5/0x480 [ 14.950462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.950695] kthread+0x337/0x6f0 [ 14.950868] ret_from_fork+0x116/0x1d0 [ 14.951030] ret_from_fork_asm+0x1a/0x30 [ 14.951814] [ 14.951911] The buggy address belongs to the object at ffff88810226cfe0 [ 14.951911] which belongs to the cache kmalloc-16 of size 16 [ 14.952742] The buggy address is located 8 bytes inside of [ 14.952742] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.953459] [ 14.953567] The buggy address belongs to the physical page: [ 14.953821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.954376] flags: 0x200000000000000(node=0|zone=2) [ 14.954599] page_type: f5(slab) [ 14.954903] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.955579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.956266] page dumped because: kasan: bad access detected [ 14.956755] [ 14.956831] Memory state around the buggy address: [ 14.956989] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.957993] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.958862] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.959573] ^ [ 14.960013] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.960812] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.961033] ================================================================== [ 14.879333] ================================================================== [ 14.879775] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.880298] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.881012] [ 14.881166] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.881208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881240] Call Trace: [ 14.881255] <TASK> [ 14.881269] dump_stack_lvl+0x73/0xb0 [ 14.881435] print_report+0xd1/0x650 [ 14.881460] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881483] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881536] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881566] kasan_report+0x141/0x180 [ 14.881587] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881622] kasan_check_range+0x10c/0x1c0 [ 14.881645] __kasan_check_write+0x18/0x20 [ 14.881664] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881694] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.881738] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.881762] ? trace_hardirqs_on+0x37/0xe0 [ 14.881784] ? kasan_bitops_generic+0x92/0x1c0 [ 14.881812] kasan_bitops_generic+0x121/0x1c0 [ 14.881837] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.881862] ? __pfx_read_tsc+0x10/0x10 [ 14.881883] ? ktime_get_ts64+0x86/0x230 [ 14.881908] kunit_try_run_case+0x1a5/0x480 [ 14.881931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.881979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.882003] ? __kthread_parkme+0x82/0x180 [ 14.882023] ? preempt_count_sub+0x50/0x80 [ 14.882046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882119] kthread+0x337/0x6f0 [ 14.882138] ? trace_preempt_on+0x20/0xc0 [ 14.882162] ? __pfx_kthread+0x10/0x10 [ 14.882182] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882223] ? calculate_sigpending+0x7b/0xa0 [ 14.882260] ? __pfx_kthread+0x10/0x10 [ 14.882281] ret_from_fork+0x116/0x1d0 [ 14.882299] ? __pfx_kthread+0x10/0x10 [ 14.882319] ret_from_fork_asm+0x1a/0x30 [ 14.882350] </TASK> [ 14.882360] [ 14.893246] Allocated by task 278: [ 14.893806] kasan_save_stack+0x45/0x70 [ 14.894015] kasan_save_track+0x18/0x40 [ 14.894201] kasan_save_alloc_info+0x3b/0x50 [ 14.894512] __kasan_kmalloc+0xb7/0xc0 [ 14.894853] __kmalloc_cache_noprof+0x189/0x420 [ 14.895026] kasan_bitops_generic+0x92/0x1c0 [ 14.895367] kunit_try_run_case+0x1a5/0x480 [ 14.895657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.895934] kthread+0x337/0x6f0 [ 14.896192] ret_from_fork+0x116/0x1d0 [ 14.896498] ret_from_fork_asm+0x1a/0x30 [ 14.896676] [ 14.896784] The buggy address belongs to the object at ffff88810226cfe0 [ 14.896784] which belongs to the cache kmalloc-16 of size 16 [ 14.897520] The buggy address is located 8 bytes inside of [ 14.897520] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.898095] [ 14.898269] The buggy address belongs to the physical page: [ 14.898681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.899171] flags: 0x200000000000000(node=0|zone=2) [ 14.899407] page_type: f5(slab) [ 14.899610] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.899907] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.900136] page dumped because: kasan: bad access detected [ 14.900306] [ 14.900387] Memory state around the buggy address: [ 14.900724] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.901048] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.901369] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.901677] ^ [ 14.902492] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.902773] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.903292] ================================================================== [ 14.903977] ================================================================== [ 14.904230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905084] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.905557] [ 14.905797] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.905842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.905853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.905873] Call Trace: [ 14.905886] <TASK> [ 14.905900] dump_stack_lvl+0x73/0xb0 [ 14.905930] print_report+0xd1/0x650 [ 14.905951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.905974] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.906026] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906239] kasan_report+0x141/0x180 [ 14.906262] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906296] kasan_check_range+0x10c/0x1c0 [ 14.906319] __kasan_check_write+0x18/0x20 [ 14.906339] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906369] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.906399] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.906423] ? trace_hardirqs_on+0x37/0xe0 [ 14.906448] ? kasan_bitops_generic+0x92/0x1c0 [ 14.906475] kasan_bitops_generic+0x121/0x1c0 [ 14.906499] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.906524] ? __pfx_read_tsc+0x10/0x10 [ 14.906546] ? ktime_get_ts64+0x86/0x230 [ 14.906569] kunit_try_run_case+0x1a5/0x480 [ 14.906592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.906640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.906663] ? __kthread_parkme+0x82/0x180 [ 14.906684] ? preempt_count_sub+0x50/0x80 [ 14.906723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.906798] kthread+0x337/0x6f0 [ 14.906817] ? trace_preempt_on+0x20/0xc0 [ 14.906839] ? __pfx_kthread+0x10/0x10 [ 14.906860] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.906882] ? calculate_sigpending+0x7b/0xa0 [ 14.906906] ? __pfx_kthread+0x10/0x10 [ 14.906927] ret_from_fork+0x116/0x1d0 [ 14.906946] ? __pfx_kthread+0x10/0x10 [ 14.906966] ret_from_fork_asm+0x1a/0x30 [ 14.906997] </TASK> [ 14.907006] [ 14.917616] Allocated by task 278: [ 14.918008] kasan_save_stack+0x45/0x70 [ 14.918505] kasan_save_track+0x18/0x40 [ 14.918672] kasan_save_alloc_info+0x3b/0x50 [ 14.918891] __kasan_kmalloc+0xb7/0xc0 [ 14.919292] __kmalloc_cache_noprof+0x189/0x420 [ 14.919487] kasan_bitops_generic+0x92/0x1c0 [ 14.919747] kunit_try_run_case+0x1a5/0x480 [ 14.920096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920551] kthread+0x337/0x6f0 [ 14.920865] ret_from_fork+0x116/0x1d0 [ 14.921016] ret_from_fork_asm+0x1a/0x30 [ 14.921212] [ 14.921304] The buggy address belongs to the object at ffff88810226cfe0 [ 14.921304] which belongs to the cache kmalloc-16 of size 16 [ 14.922137] The buggy address is located 8 bytes inside of [ 14.922137] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.924136] [ 14.924352] The buggy address belongs to the physical page: [ 14.924531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.924787] flags: 0x200000000000000(node=0|zone=2) [ 14.924951] page_type: f5(slab) [ 14.925071] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.925300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.925521] page dumped because: kasan: bad access detected [ 14.925691] [ 14.927426] Memory state around the buggy address: [ 14.928773] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.929676] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.930806] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.931572] ^ [ 14.931852] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.932541] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.932820] ================================================================== [ 14.735416] ================================================================== [ 14.735785] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.736793] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.737498] [ 14.737935] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.737984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.738023] Call Trace: [ 14.738037] <TASK> [ 14.738052] dump_stack_lvl+0x73/0xb0 [ 14.738082] print_report+0xd1/0x650 [ 14.738104] ? __virt_addr_valid+0x1db/0x2d0 [ 14.738126] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.738179] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738208] kasan_report+0x141/0x180 [ 14.738231] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738264] kasan_check_range+0x10c/0x1c0 [ 14.738288] __kasan_check_write+0x18/0x20 [ 14.738307] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738336] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.738366] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.738390] ? trace_hardirqs_on+0x37/0xe0 [ 14.738413] ? kasan_bitops_generic+0x92/0x1c0 [ 14.738440] kasan_bitops_generic+0x121/0x1c0 [ 14.738464] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.738490] ? __pfx_read_tsc+0x10/0x10 [ 14.738512] ? ktime_get_ts64+0x86/0x230 [ 14.738534] kunit_try_run_case+0x1a5/0x480 [ 14.738558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738630] ? __kthread_parkme+0x82/0x180 [ 14.738650] ? preempt_count_sub+0x50/0x80 [ 14.738674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738760] kthread+0x337/0x6f0 [ 14.738779] ? trace_preempt_on+0x20/0xc0 [ 14.738801] ? __pfx_kthread+0x10/0x10 [ 14.738822] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738844] ? calculate_sigpending+0x7b/0xa0 [ 14.738867] ? __pfx_kthread+0x10/0x10 [ 14.738890] ret_from_fork+0x116/0x1d0 [ 14.738908] ? __pfx_kthread+0x10/0x10 [ 14.738928] ret_from_fork_asm+0x1a/0x30 [ 14.738959] </TASK> [ 14.738969] [ 14.757215] Allocated by task 278: [ 14.757509] kasan_save_stack+0x45/0x70 [ 14.757759] kasan_save_track+0x18/0x40 [ 14.757978] kasan_save_alloc_info+0x3b/0x50 [ 14.758413] __kasan_kmalloc+0xb7/0xc0 [ 14.758695] __kmalloc_cache_noprof+0x189/0x420 [ 14.759109] kasan_bitops_generic+0x92/0x1c0 [ 14.759443] kunit_try_run_case+0x1a5/0x480 [ 14.759766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.760021] kthread+0x337/0x6f0 [ 14.760406] ret_from_fork+0x116/0x1d0 [ 14.760560] ret_from_fork_asm+0x1a/0x30 [ 14.760970] [ 14.761252] The buggy address belongs to the object at ffff88810226cfe0 [ 14.761252] which belongs to the cache kmalloc-16 of size 16 [ 14.761764] The buggy address is located 8 bytes inside of [ 14.761764] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.762170] [ 14.762318] The buggy address belongs to the physical page: [ 14.762745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.763372] flags: 0x200000000000000(node=0|zone=2) [ 14.763623] page_type: f5(slab) [ 14.763808] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.764322] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.764718] page dumped because: kasan: bad access detected [ 14.765079] [ 14.765242] Memory state around the buggy address: [ 14.765425] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.765944] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.766433] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.766875] ^ [ 14.767403] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.767862] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.768395] ================================================================== [ 14.961382] ================================================================== [ 14.961613] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.961908] Read of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.962329] [ 14.962842] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.962890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.962902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.962922] Call Trace: [ 14.962937] <TASK> [ 14.962953] dump_stack_lvl+0x73/0xb0 [ 14.962984] print_report+0xd1/0x650 [ 14.963006] ? __virt_addr_valid+0x1db/0x2d0 [ 14.963029] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.963083] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963112] kasan_report+0x141/0x180 [ 14.963135] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963169] __asan_report_load8_noabort+0x18/0x20 [ 14.963194] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963481] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.963518] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.963544] ? trace_hardirqs_on+0x37/0xe0 [ 14.963566] ? kasan_bitops_generic+0x92/0x1c0 [ 14.963595] kasan_bitops_generic+0x121/0x1c0 [ 14.963619] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.963644] ? __pfx_read_tsc+0x10/0x10 [ 14.963666] ? ktime_get_ts64+0x86/0x230 [ 14.963690] kunit_try_run_case+0x1a5/0x480 [ 14.963728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.963776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.963800] ? __kthread_parkme+0x82/0x180 [ 14.963821] ? preempt_count_sub+0x50/0x80 [ 14.963845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.963894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.963920] kthread+0x337/0x6f0 [ 14.963939] ? trace_preempt_on+0x20/0xc0 [ 14.963962] ? __pfx_kthread+0x10/0x10 [ 14.963983] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.964004] ? calculate_sigpending+0x7b/0xa0 [ 14.964040] ? __pfx_kthread+0x10/0x10 [ 14.964063] ret_from_fork+0x116/0x1d0 [ 14.964107] ? __pfx_kthread+0x10/0x10 [ 14.964128] ret_from_fork_asm+0x1a/0x30 [ 14.964158] </TASK> [ 14.964169] [ 14.975168] Allocated by task 278: [ 14.975819] kasan_save_stack+0x45/0x70 [ 14.975990] kasan_save_track+0x18/0x40 [ 14.976392] kasan_save_alloc_info+0x3b/0x50 [ 14.976601] __kasan_kmalloc+0xb7/0xc0 [ 14.976791] __kmalloc_cache_noprof+0x189/0x420 [ 14.976993] kasan_bitops_generic+0x92/0x1c0 [ 14.977444] kunit_try_run_case+0x1a5/0x480 [ 14.977608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.977958] kthread+0x337/0x6f0 [ 14.978147] ret_from_fork+0x116/0x1d0 [ 14.978515] ret_from_fork_asm+0x1a/0x30 [ 14.978798] [ 14.978884] The buggy address belongs to the object at ffff88810226cfe0 [ 14.978884] which belongs to the cache kmalloc-16 of size 16 [ 14.979770] The buggy address is located 8 bytes inside of [ 14.979770] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.980382] [ 14.980476] The buggy address belongs to the physical page: [ 14.980715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.981345] flags: 0x200000000000000(node=0|zone=2) [ 14.981573] page_type: f5(slab) [ 14.981720] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.982259] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.982618] page dumped because: kasan: bad access detected [ 14.982859] [ 14.982954] Memory state around the buggy address: [ 14.983154] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.983811] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.984323] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.984714] ^ [ 14.985050] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.985330] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.985641] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.605854] ================================================================== [ 14.606351] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.606683] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.606993] [ 14.607100] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.607142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.607154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.607173] Call Trace: [ 14.607186] <TASK> [ 14.607199] dump_stack_lvl+0x73/0xb0 [ 14.607228] print_report+0xd1/0x650 [ 14.607250] ? __virt_addr_valid+0x1db/0x2d0 [ 14.607273] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.607337] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607363] kasan_report+0x141/0x180 [ 14.607386] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607427] kasan_check_range+0x10c/0x1c0 [ 14.607451] __kasan_check_write+0x18/0x20 [ 14.607556] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607599] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.607628] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.607652] ? trace_hardirqs_on+0x37/0xe0 [ 14.607687] ? kasan_bitops_generic+0x92/0x1c0 [ 14.607725] kasan_bitops_generic+0x116/0x1c0 [ 14.607749] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.607783] ? __pfx_read_tsc+0x10/0x10 [ 14.607804] ? ktime_get_ts64+0x86/0x230 [ 14.607827] kunit_try_run_case+0x1a5/0x480 [ 14.607861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.607884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.607909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.607934] ? __kthread_parkme+0x82/0x180 [ 14.607954] ? preempt_count_sub+0x50/0x80 [ 14.607978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.608002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.608027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.608069] kthread+0x337/0x6f0 [ 14.608087] ? trace_preempt_on+0x20/0xc0 [ 14.608110] ? __pfx_kthread+0x10/0x10 [ 14.608131] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.608152] ? calculate_sigpending+0x7b/0xa0 [ 14.608177] ? __pfx_kthread+0x10/0x10 [ 14.608246] ret_from_fork+0x116/0x1d0 [ 14.608268] ? __pfx_kthread+0x10/0x10 [ 14.608311] ret_from_fork_asm+0x1a/0x30 [ 14.608351] </TASK> [ 14.608362] [ 14.617218] Allocated by task 278: [ 14.617442] kasan_save_stack+0x45/0x70 [ 14.617605] kasan_save_track+0x18/0x40 [ 14.617828] kasan_save_alloc_info+0x3b/0x50 [ 14.618023] __kasan_kmalloc+0xb7/0xc0 [ 14.618290] __kmalloc_cache_noprof+0x189/0x420 [ 14.618527] kasan_bitops_generic+0x92/0x1c0 [ 14.618725] kunit_try_run_case+0x1a5/0x480 [ 14.618903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.619350] kthread+0x337/0x6f0 [ 14.619532] ret_from_fork+0x116/0x1d0 [ 14.619663] ret_from_fork_asm+0x1a/0x30 [ 14.619812] [ 14.619881] The buggy address belongs to the object at ffff88810226cfe0 [ 14.619881] which belongs to the cache kmalloc-16 of size 16 [ 14.620629] The buggy address is located 8 bytes inside of [ 14.620629] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.621301] [ 14.621376] The buggy address belongs to the physical page: [ 14.621546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.621838] flags: 0x200000000000000(node=0|zone=2) [ 14.622069] page_type: f5(slab) [ 14.622267] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.622738] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.623449] page dumped because: kasan: bad access detected [ 14.623680] [ 14.623798] Memory state around the buggy address: [ 14.623998] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.624435] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.624655] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.624967] ^ [ 14.625261] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.625826] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.626072] ================================================================== [ 14.626689] ================================================================== [ 14.627265] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.627727] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.628188] [ 14.628305] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.628358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.628369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.628422] Call Trace: [ 14.628437] <TASK> [ 14.628450] dump_stack_lvl+0x73/0xb0 [ 14.628491] print_report+0xd1/0x650 [ 14.628513] ? __virt_addr_valid+0x1db/0x2d0 [ 14.628536] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.628586] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628613] kasan_report+0x141/0x180 [ 14.628635] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628666] kasan_check_range+0x10c/0x1c0 [ 14.628690] __kasan_check_write+0x18/0x20 [ 14.628718] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628745] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.628773] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.628797] ? trace_hardirqs_on+0x37/0xe0 [ 14.628820] ? kasan_bitops_generic+0x92/0x1c0 [ 14.628848] kasan_bitops_generic+0x116/0x1c0 [ 14.628904] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.628942] ? __pfx_read_tsc+0x10/0x10 [ 14.628974] ? ktime_get_ts64+0x86/0x230 [ 14.629044] kunit_try_run_case+0x1a5/0x480 [ 14.629068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.629169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.629231] ? __kthread_parkme+0x82/0x180 [ 14.629252] ? preempt_count_sub+0x50/0x80 [ 14.629286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.629335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.629391] kthread+0x337/0x6f0 [ 14.629411] ? trace_preempt_on+0x20/0xc0 [ 14.629434] ? __pfx_kthread+0x10/0x10 [ 14.629466] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.629487] ? calculate_sigpending+0x7b/0xa0 [ 14.629512] ? __pfx_kthread+0x10/0x10 [ 14.629533] ret_from_fork+0x116/0x1d0 [ 14.629552] ? __pfx_kthread+0x10/0x10 [ 14.629573] ret_from_fork_asm+0x1a/0x30 [ 14.629604] </TASK> [ 14.629613] [ 14.638385] Allocated by task 278: [ 14.638569] kasan_save_stack+0x45/0x70 [ 14.638784] kasan_save_track+0x18/0x40 [ 14.639013] kasan_save_alloc_info+0x3b/0x50 [ 14.639301] __kasan_kmalloc+0xb7/0xc0 [ 14.639470] __kmalloc_cache_noprof+0x189/0x420 [ 14.639621] kasan_bitops_generic+0x92/0x1c0 [ 14.639777] kunit_try_run_case+0x1a5/0x480 [ 14.639928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.640533] kthread+0x337/0x6f0 [ 14.640747] ret_from_fork+0x116/0x1d0 [ 14.640940] ret_from_fork_asm+0x1a/0x30 [ 14.641165] [ 14.641370] The buggy address belongs to the object at ffff88810226cfe0 [ 14.641370] which belongs to the cache kmalloc-16 of size 16 [ 14.641836] The buggy address is located 8 bytes inside of [ 14.641836] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.642467] [ 14.642543] The buggy address belongs to the physical page: [ 14.642719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.642955] flags: 0x200000000000000(node=0|zone=2) [ 14.643424] page_type: f5(slab) [ 14.643653] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.644008] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.644350] page dumped because: kasan: bad access detected [ 14.644700] [ 14.645028] Memory state around the buggy address: [ 14.645208] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.645426] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.645725] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.646250] ^ [ 14.646573] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.646901] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.647210] ================================================================== [ 14.647816] ================================================================== [ 14.648295] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.648684] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.649060] [ 14.649246] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.649318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649350] Call Trace: [ 14.649363] <TASK> [ 14.649388] dump_stack_lvl+0x73/0xb0 [ 14.649416] print_report+0xd1/0x650 [ 14.649438] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649461] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.649542] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649639] kasan_report+0x141/0x180 [ 14.649680] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649722] kasan_check_range+0x10c/0x1c0 [ 14.649746] __kasan_check_write+0x18/0x20 [ 14.649766] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.649853] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.649888] ? trace_hardirqs_on+0x37/0xe0 [ 14.649911] ? kasan_bitops_generic+0x92/0x1c0 [ 14.649939] kasan_bitops_generic+0x116/0x1c0 [ 14.649963] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.649988] ? __pfx_read_tsc+0x10/0x10 [ 14.650011] ? ktime_get_ts64+0x86/0x230 [ 14.650215] kunit_try_run_case+0x1a5/0x480 [ 14.650261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650284] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.650311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.650335] ? __kthread_parkme+0x82/0x180 [ 14.650356] ? preempt_count_sub+0x50/0x80 [ 14.650380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650455] kthread+0x337/0x6f0 [ 14.650474] ? trace_preempt_on+0x20/0xc0 [ 14.650496] ? __pfx_kthread+0x10/0x10 [ 14.650517] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650538] ? calculate_sigpending+0x7b/0xa0 [ 14.650563] ? __pfx_kthread+0x10/0x10 [ 14.650584] ret_from_fork+0x116/0x1d0 [ 14.650603] ? __pfx_kthread+0x10/0x10 [ 14.650622] ret_from_fork_asm+0x1a/0x30 [ 14.650653] </TASK> [ 14.650663] [ 14.659690] Allocated by task 278: [ 14.659890] kasan_save_stack+0x45/0x70 [ 14.660096] kasan_save_track+0x18/0x40 [ 14.660329] kasan_save_alloc_info+0x3b/0x50 [ 14.660677] __kasan_kmalloc+0xb7/0xc0 [ 14.660832] __kmalloc_cache_noprof+0x189/0x420 [ 14.660986] kasan_bitops_generic+0x92/0x1c0 [ 14.661171] kunit_try_run_case+0x1a5/0x480 [ 14.661375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661656] kthread+0x337/0x6f0 [ 14.661834] ret_from_fork+0x116/0x1d0 [ 14.662082] ret_from_fork_asm+0x1a/0x30 [ 14.662252] [ 14.662322] The buggy address belongs to the object at ffff88810226cfe0 [ 14.662322] which belongs to the cache kmalloc-16 of size 16 [ 14.662832] The buggy address is located 8 bytes inside of [ 14.662832] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.664013] [ 14.665065] The buggy address belongs to the physical page: [ 14.665966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.667372] flags: 0x200000000000000(node=0|zone=2) [ 14.668373] page_type: f5(slab) [ 14.668547] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.668797] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.669031] page dumped because: kasan: bad access detected [ 14.669202] [ 14.669273] Memory state around the buggy address: [ 14.669431] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.669646] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.672150] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.672835] ^ [ 14.673339] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.673758] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.674265] ================================================================== [ 14.695814] ================================================================== [ 14.696327] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.696651] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.696950] [ 14.697110] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.697160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.697172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.697192] Call Trace: [ 14.697205] <TASK> [ 14.697221] dump_stack_lvl+0x73/0xb0 [ 14.697249] print_report+0xd1/0x650 [ 14.697271] ? __virt_addr_valid+0x1db/0x2d0 [ 14.697294] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.697345] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697372] kasan_report+0x141/0x180 [ 14.697393] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697425] kasan_check_range+0x10c/0x1c0 [ 14.697448] __kasan_check_write+0x18/0x20 [ 14.697469] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697496] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.697524] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.697548] ? trace_hardirqs_on+0x37/0xe0 [ 14.697570] ? kasan_bitops_generic+0x92/0x1c0 [ 14.697598] kasan_bitops_generic+0x116/0x1c0 [ 14.697621] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.697647] ? __pfx_read_tsc+0x10/0x10 [ 14.697668] ? ktime_get_ts64+0x86/0x230 [ 14.697692] kunit_try_run_case+0x1a5/0x480 [ 14.697729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.697777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.697801] ? __kthread_parkme+0x82/0x180 [ 14.697821] ? preempt_count_sub+0x50/0x80 [ 14.697845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.697894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.697919] kthread+0x337/0x6f0 [ 14.697938] ? trace_preempt_on+0x20/0xc0 [ 14.697960] ? __pfx_kthread+0x10/0x10 [ 14.697980] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.698002] ? calculate_sigpending+0x7b/0xa0 [ 14.698082] ? __pfx_kthread+0x10/0x10 [ 14.698107] ret_from_fork+0x116/0x1d0 [ 14.698125] ? __pfx_kthread+0x10/0x10 [ 14.698146] ret_from_fork_asm+0x1a/0x30 [ 14.698177] </TASK> [ 14.698187] [ 14.706615] Allocated by task 278: [ 14.706789] kasan_save_stack+0x45/0x70 [ 14.706981] kasan_save_track+0x18/0x40 [ 14.707418] kasan_save_alloc_info+0x3b/0x50 [ 14.707586] __kasan_kmalloc+0xb7/0xc0 [ 14.707774] __kmalloc_cache_noprof+0x189/0x420 [ 14.707998] kasan_bitops_generic+0x92/0x1c0 [ 14.708221] kunit_try_run_case+0x1a5/0x480 [ 14.708430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.708605] kthread+0x337/0x6f0 [ 14.708782] ret_from_fork+0x116/0x1d0 [ 14.708967] ret_from_fork_asm+0x1a/0x30 [ 14.709349] [ 14.709440] The buggy address belongs to the object at ffff88810226cfe0 [ 14.709440] which belongs to the cache kmalloc-16 of size 16 [ 14.709838] The buggy address is located 8 bytes inside of [ 14.709838] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.710187] [ 14.710265] The buggy address belongs to the physical page: [ 14.710516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.710968] flags: 0x200000000000000(node=0|zone=2) [ 14.711321] page_type: f5(slab) [ 14.711447] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.711677] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.711917] page dumped because: kasan: bad access detected [ 14.712327] [ 14.712425] Memory state around the buggy address: [ 14.712654] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.712996] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.713846] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.714221] ^ [ 14.714425] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.714738] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.715049] ================================================================== [ 14.715637] ================================================================== [ 14.715908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.716679] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.717024] [ 14.717341] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.717384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.717396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.717415] Call Trace: [ 14.717429] <TASK> [ 14.717441] dump_stack_lvl+0x73/0xb0 [ 14.717471] print_report+0xd1/0x650 [ 14.717492] ? __virt_addr_valid+0x1db/0x2d0 [ 14.717515] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.717566] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717594] kasan_report+0x141/0x180 [ 14.717616] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717648] kasan_check_range+0x10c/0x1c0 [ 14.717671] __kasan_check_write+0x18/0x20 [ 14.717690] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717732] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.717760] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.717786] ? trace_hardirqs_on+0x37/0xe0 [ 14.717807] ? kasan_bitops_generic+0x92/0x1c0 [ 14.717836] kasan_bitops_generic+0x116/0x1c0 [ 14.717860] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.717886] ? __pfx_read_tsc+0x10/0x10 [ 14.717906] ? ktime_get_ts64+0x86/0x230 [ 14.717930] kunit_try_run_case+0x1a5/0x480 [ 14.717955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.718002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.718046] ? __kthread_parkme+0x82/0x180 [ 14.718067] ? preempt_count_sub+0x50/0x80 [ 14.718090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.718164] kthread+0x337/0x6f0 [ 14.718184] ? trace_preempt_on+0x20/0xc0 [ 14.718206] ? __pfx_kthread+0x10/0x10 [ 14.718226] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.718248] ? calculate_sigpending+0x7b/0xa0 [ 14.718272] ? __pfx_kthread+0x10/0x10 [ 14.718293] ret_from_fork+0x116/0x1d0 [ 14.718311] ? __pfx_kthread+0x10/0x10 [ 14.718332] ret_from_fork_asm+0x1a/0x30 [ 14.718363] </TASK> [ 14.718374] [ 14.726299] Allocated by task 278: [ 14.726434] kasan_save_stack+0x45/0x70 [ 14.726770] kasan_save_track+0x18/0x40 [ 14.726982] kasan_save_alloc_info+0x3b/0x50 [ 14.727500] __kasan_kmalloc+0xb7/0xc0 [ 14.727652] __kmalloc_cache_noprof+0x189/0x420 [ 14.727865] kasan_bitops_generic+0x92/0x1c0 [ 14.728015] kunit_try_run_case+0x1a5/0x480 [ 14.728282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728538] kthread+0x337/0x6f0 [ 14.728713] ret_from_fork+0x116/0x1d0 [ 14.728881] ret_from_fork_asm+0x1a/0x30 [ 14.729133] [ 14.729210] The buggy address belongs to the object at ffff88810226cfe0 [ 14.729210] which belongs to the cache kmalloc-16 of size 16 [ 14.729561] The buggy address is located 8 bytes inside of [ 14.729561] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.730033] [ 14.730131] The buggy address belongs to the physical page: [ 14.730382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.730766] flags: 0x200000000000000(node=0|zone=2) [ 14.730929] page_type: f5(slab) [ 14.731049] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.731387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.731725] page dumped because: kasan: bad access detected [ 14.731985] [ 14.732124] Memory state around the buggy address: [ 14.732339] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.732593] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.732871] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.733458] ^ [ 14.733742] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.733984] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.734417] ================================================================== [ 14.674757] ================================================================== [ 14.675132] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.675648] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.676080] [ 14.676173] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.676216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.676228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.676249] Call Trace: [ 14.676263] <TASK> [ 14.676277] dump_stack_lvl+0x73/0xb0 [ 14.676309] print_report+0xd1/0x650 [ 14.676337] ? __virt_addr_valid+0x1db/0x2d0 [ 14.676360] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.676422] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676460] kasan_report+0x141/0x180 [ 14.676482] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676514] kasan_check_range+0x10c/0x1c0 [ 14.676611] __kasan_check_write+0x18/0x20 [ 14.676632] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676661] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.676697] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.676734] ? trace_hardirqs_on+0x37/0xe0 [ 14.676757] ? kasan_bitops_generic+0x92/0x1c0 [ 14.676800] kasan_bitops_generic+0x116/0x1c0 [ 14.676824] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.676850] ? __pfx_read_tsc+0x10/0x10 [ 14.676871] ? ktime_get_ts64+0x86/0x230 [ 14.676895] kunit_try_run_case+0x1a5/0x480 [ 14.676918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.676967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.676991] ? __kthread_parkme+0x82/0x180 [ 14.677011] ? preempt_count_sub+0x50/0x80 [ 14.677035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.677129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.677155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.677181] kthread+0x337/0x6f0 [ 14.677201] ? trace_preempt_on+0x20/0xc0 [ 14.677224] ? __pfx_kthread+0x10/0x10 [ 14.677245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.677266] ? calculate_sigpending+0x7b/0xa0 [ 14.677291] ? __pfx_kthread+0x10/0x10 [ 14.677313] ret_from_fork+0x116/0x1d0 [ 14.677333] ? __pfx_kthread+0x10/0x10 [ 14.677353] ret_from_fork_asm+0x1a/0x30 [ 14.677384] </TASK> [ 14.677394] [ 14.686264] Allocated by task 278: [ 14.686438] kasan_save_stack+0x45/0x70 [ 14.686581] kasan_save_track+0x18/0x40 [ 14.686803] kasan_save_alloc_info+0x3b/0x50 [ 14.687020] __kasan_kmalloc+0xb7/0xc0 [ 14.687323] __kmalloc_cache_noprof+0x189/0x420 [ 14.687542] kasan_bitops_generic+0x92/0x1c0 [ 14.687784] kunit_try_run_case+0x1a5/0x480 [ 14.687980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688445] kthread+0x337/0x6f0 [ 14.688664] ret_from_fork+0x116/0x1d0 [ 14.688870] ret_from_fork_asm+0x1a/0x30 [ 14.689160] [ 14.689255] The buggy address belongs to the object at ffff88810226cfe0 [ 14.689255] which belongs to the cache kmalloc-16 of size 16 [ 14.689780] The buggy address is located 8 bytes inside of [ 14.689780] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.690217] [ 14.690290] The buggy address belongs to the physical page: [ 14.690462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.690963] flags: 0x200000000000000(node=0|zone=2) [ 14.691443] page_type: f5(slab) [ 14.691653] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.692009] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.692550] page dumped because: kasan: bad access detected [ 14.692771] [ 14.692842] Memory state around the buggy address: [ 14.692996] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.693301] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.693748] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.694199] ^ [ 14.694419] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.694739] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.695147] ================================================================== [ 14.557089] ================================================================== [ 14.558042] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.558728] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.558969] [ 14.559070] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.559116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.559128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.559151] Call Trace: [ 14.559164] <TASK> [ 14.559181] dump_stack_lvl+0x73/0xb0 [ 14.559212] print_report+0xd1/0x650 [ 14.559234] ? __virt_addr_valid+0x1db/0x2d0 [ 14.559258] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559308] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559335] kasan_report+0x141/0x180 [ 14.559357] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559388] kasan_check_range+0x10c/0x1c0 [ 14.559411] __kasan_check_write+0x18/0x20 [ 14.559431] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559457] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.559485] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559509] ? trace_hardirqs_on+0x37/0xe0 [ 14.559534] ? kasan_bitops_generic+0x92/0x1c0 [ 14.559562] kasan_bitops_generic+0x116/0x1c0 [ 14.559586] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.559612] ? __pfx_read_tsc+0x10/0x10 [ 14.559634] ? ktime_get_ts64+0x86/0x230 [ 14.559659] kunit_try_run_case+0x1a5/0x480 [ 14.559685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559768] ? __kthread_parkme+0x82/0x180 [ 14.559788] ? preempt_count_sub+0x50/0x80 [ 14.559813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559888] kthread+0x337/0x6f0 [ 14.559906] ? trace_preempt_on+0x20/0xc0 [ 14.559928] ? __pfx_kthread+0x10/0x10 [ 14.559948] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559969] ? calculate_sigpending+0x7b/0xa0 [ 14.559994] ? __pfx_kthread+0x10/0x10 [ 14.560014] ret_from_fork+0x116/0x1d0 [ 14.560034] ? __pfx_kthread+0x10/0x10 [ 14.560054] ret_from_fork_asm+0x1a/0x30 [ 14.560086] </TASK> [ 14.560097] [ 14.574508] Allocated by task 278: [ 14.574650] kasan_save_stack+0x45/0x70 [ 14.574814] kasan_save_track+0x18/0x40 [ 14.574953] kasan_save_alloc_info+0x3b/0x50 [ 14.575190] __kasan_kmalloc+0xb7/0xc0 [ 14.575323] __kmalloc_cache_noprof+0x189/0x420 [ 14.575592] kasan_bitops_generic+0x92/0x1c0 [ 14.575871] kunit_try_run_case+0x1a5/0x480 [ 14.576137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576365] kthread+0x337/0x6f0 [ 14.576486] ret_from_fork+0x116/0x1d0 [ 14.576673] ret_from_fork_asm+0x1a/0x30 [ 14.576901] [ 14.577014] The buggy address belongs to the object at ffff88810226cfe0 [ 14.577014] which belongs to the cache kmalloc-16 of size 16 [ 14.577566] The buggy address is located 8 bytes inside of [ 14.577566] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.578376] [ 14.578543] The buggy address belongs to the physical page: [ 14.578813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.579068] flags: 0x200000000000000(node=0|zone=2) [ 14.579299] page_type: f5(slab) [ 14.579613] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.579917] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.580530] page dumped because: kasan: bad access detected [ 14.580787] [ 14.580896] Memory state around the buggy address: [ 14.581069] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.581468] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.581805] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.582094] ^ [ 14.582404] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.582927] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.583300] ================================================================== [ 14.584176] ================================================================== [ 14.584699] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.585118] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.585518] [ 14.585926] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.585971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.585983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.586003] Call Trace: [ 14.586014] <TASK> [ 14.586029] dump_stack_lvl+0x73/0xb0 [ 14.586058] print_report+0xd1/0x650 [ 14.586080] ? __virt_addr_valid+0x1db/0x2d0 [ 14.586102] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.586152] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586179] kasan_report+0x141/0x180 [ 14.586201] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586232] kasan_check_range+0x10c/0x1c0 [ 14.586256] __kasan_check_write+0x18/0x20 [ 14.586275] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586302] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.586330] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.586353] ? trace_hardirqs_on+0x37/0xe0 [ 14.586377] ? kasan_bitops_generic+0x92/0x1c0 [ 14.586406] kasan_bitops_generic+0x116/0x1c0 [ 14.586544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.586575] ? __pfx_read_tsc+0x10/0x10 [ 14.586596] ? ktime_get_ts64+0x86/0x230 [ 14.586620] kunit_try_run_case+0x1a5/0x480 [ 14.586644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.586692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.586726] ? __kthread_parkme+0x82/0x180 [ 14.586747] ? preempt_count_sub+0x50/0x80 [ 14.586772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.586831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.586856] kthread+0x337/0x6f0 [ 14.586875] ? trace_preempt_on+0x20/0xc0 [ 14.586898] ? __pfx_kthread+0x10/0x10 [ 14.586919] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.586940] ? calculate_sigpending+0x7b/0xa0 [ 14.586964] ? __pfx_kthread+0x10/0x10 [ 14.586986] ret_from_fork+0x116/0x1d0 [ 14.587005] ? __pfx_kthread+0x10/0x10 [ 14.587073] ret_from_fork_asm+0x1a/0x30 [ 14.587107] </TASK> [ 14.587116] [ 14.596498] Allocated by task 278: [ 14.596679] kasan_save_stack+0x45/0x70 [ 14.596895] kasan_save_track+0x18/0x40 [ 14.597133] kasan_save_alloc_info+0x3b/0x50 [ 14.597299] __kasan_kmalloc+0xb7/0xc0 [ 14.597476] __kmalloc_cache_noprof+0x189/0x420 [ 14.597693] kasan_bitops_generic+0x92/0x1c0 [ 14.597853] kunit_try_run_case+0x1a5/0x480 [ 14.598057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.598444] kthread+0x337/0x6f0 [ 14.598618] ret_from_fork+0x116/0x1d0 [ 14.598819] ret_from_fork_asm+0x1a/0x30 [ 14.599073] [ 14.599161] The buggy address belongs to the object at ffff88810226cfe0 [ 14.599161] which belongs to the cache kmalloc-16 of size 16 [ 14.599510] The buggy address is located 8 bytes inside of [ 14.599510] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.600019] [ 14.600117] The buggy address belongs to the physical page: [ 14.600631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.601127] flags: 0x200000000000000(node=0|zone=2) [ 14.601286] page_type: f5(slab) [ 14.601404] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.602072] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.602408] page dumped because: kasan: bad access detected [ 14.602812] [ 14.602911] Memory state around the buggy address: [ 14.603348] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.603571] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.603800] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.604266] ^ [ 14.604613] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.604956] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.605384] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.525193] ================================================================== [ 14.525492] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.525777] Read of size 1 at addr ffff8881032060d0 by task kunit_try_catch/276 [ 14.526664] [ 14.526790] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.526833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.526845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.526866] Call Trace: [ 14.526881] <TASK> [ 14.526898] dump_stack_lvl+0x73/0xb0 [ 14.526929] print_report+0xd1/0x650 [ 14.526951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.527126] ? strnlen+0x73/0x80 [ 14.527146] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.527170] ? strnlen+0x73/0x80 [ 14.527191] kasan_report+0x141/0x180 [ 14.527215] ? strnlen+0x73/0x80 [ 14.527237] __asan_report_load1_noabort+0x18/0x20 [ 14.527262] strnlen+0x73/0x80 [ 14.527281] kasan_strings+0x615/0xe80 [ 14.527300] ? trace_hardirqs_on+0x37/0xe0 [ 14.527323] ? __pfx_kasan_strings+0x10/0x10 [ 14.527344] ? finish_task_switch.isra.0+0x153/0x700 [ 14.527367] ? __switch_to+0x47/0xf50 [ 14.527392] ? __schedule+0x10cc/0x2b60 [ 14.527414] ? __pfx_read_tsc+0x10/0x10 [ 14.527435] ? ktime_get_ts64+0x86/0x230 [ 14.527458] kunit_try_run_case+0x1a5/0x480 [ 14.527482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.527506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.527530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.527555] ? __kthread_parkme+0x82/0x180 [ 14.527575] ? preempt_count_sub+0x50/0x80 [ 14.527599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.527623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.527648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.527674] kthread+0x337/0x6f0 [ 14.527693] ? trace_preempt_on+0x20/0xc0 [ 14.527727] ? __pfx_kthread+0x10/0x10 [ 14.527747] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.527770] ? calculate_sigpending+0x7b/0xa0 [ 14.527793] ? __pfx_kthread+0x10/0x10 [ 14.527815] ret_from_fork+0x116/0x1d0 [ 14.527833] ? __pfx_kthread+0x10/0x10 [ 14.527854] ret_from_fork_asm+0x1a/0x30 [ 14.527884] </TASK> [ 14.527895] [ 14.539047] Allocated by task 276: [ 14.539212] kasan_save_stack+0x45/0x70 [ 14.539414] kasan_save_track+0x18/0x40 [ 14.539604] kasan_save_alloc_info+0x3b/0x50 [ 14.539828] __kasan_kmalloc+0xb7/0xc0 [ 14.540010] __kmalloc_cache_noprof+0x189/0x420 [ 14.540621] kasan_strings+0xc0/0xe80 [ 14.540812] kunit_try_run_case+0x1a5/0x480 [ 14.541228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.541603] kthread+0x337/0x6f0 [ 14.541891] ret_from_fork+0x116/0x1d0 [ 14.542210] ret_from_fork_asm+0x1a/0x30 [ 14.542541] [ 14.542643] Freed by task 276: [ 14.542947] kasan_save_stack+0x45/0x70 [ 14.543274] kasan_save_track+0x18/0x40 [ 14.543788] kasan_save_free_info+0x3f/0x60 [ 14.544003] __kasan_slab_free+0x56/0x70 [ 14.544402] kfree+0x222/0x3f0 [ 14.544569] kasan_strings+0x2aa/0xe80 [ 14.544775] kunit_try_run_case+0x1a5/0x480 [ 14.544979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545482] kthread+0x337/0x6f0 [ 14.545613] ret_from_fork+0x116/0x1d0 [ 14.545985] ret_from_fork_asm+0x1a/0x30 [ 14.546325] [ 14.546430] The buggy address belongs to the object at ffff8881032060c0 [ 14.546430] which belongs to the cache kmalloc-32 of size 32 [ 14.547268] The buggy address is located 16 bytes inside of [ 14.547268] freed 32-byte region [ffff8881032060c0, ffff8881032060e0) [ 14.547854] [ 14.547937] The buggy address belongs to the physical page: [ 14.548605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103206 [ 14.548976] flags: 0x200000000000000(node=0|zone=2) [ 14.549436] page_type: f5(slab) [ 14.549685] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.550099] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.550566] page dumped because: kasan: bad access detected [ 14.550875] [ 14.550975] Memory state around the buggy address: [ 14.551294] ffff888103205f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.551597] ffff888103206000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.551909] >ffff888103206080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.552505] ^ [ 14.552741] ffff888103206100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.553361] ffff888103206180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.553786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.496898] ================================================================== [ 14.497235] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.497497] Read of size 1 at addr ffff8881032060d0 by task kunit_try_catch/276 [ 14.497825] [ 14.497918] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.497959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.497970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.497991] Call Trace: [ 14.498006] <TASK> [ 14.498020] dump_stack_lvl+0x73/0xb0 [ 14.498595] print_report+0xd1/0x650 [ 14.498633] ? __virt_addr_valid+0x1db/0x2d0 [ 14.498656] ? strlen+0x8f/0xb0 [ 14.498673] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.498698] ? strlen+0x8f/0xb0 [ 14.498730] kasan_report+0x141/0x180 [ 14.498753] ? strlen+0x8f/0xb0 [ 14.498775] __asan_report_load1_noabort+0x18/0x20 [ 14.498800] strlen+0x8f/0xb0 [ 14.498817] kasan_strings+0x57b/0xe80 [ 14.498837] ? trace_hardirqs_on+0x37/0xe0 [ 14.498860] ? __pfx_kasan_strings+0x10/0x10 [ 14.498882] ? finish_task_switch.isra.0+0x153/0x700 [ 14.498904] ? __switch_to+0x47/0xf50 [ 14.498929] ? __schedule+0x10cc/0x2b60 [ 14.498950] ? __pfx_read_tsc+0x10/0x10 [ 14.498971] ? ktime_get_ts64+0x86/0x230 [ 14.498994] kunit_try_run_case+0x1a5/0x480 [ 14.499018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.499110] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.499138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.499162] ? __kthread_parkme+0x82/0x180 [ 14.499183] ? preempt_count_sub+0x50/0x80 [ 14.499206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.499232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.499258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.499284] kthread+0x337/0x6f0 [ 14.499302] ? trace_preempt_on+0x20/0xc0 [ 14.499325] ? __pfx_kthread+0x10/0x10 [ 14.499346] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.499368] ? calculate_sigpending+0x7b/0xa0 [ 14.499392] ? __pfx_kthread+0x10/0x10 [ 14.499413] ret_from_fork+0x116/0x1d0 [ 14.499431] ? __pfx_kthread+0x10/0x10 [ 14.499451] ret_from_fork_asm+0x1a/0x30 [ 14.499482] </TASK> [ 14.499491] [ 14.510183] Allocated by task 276: [ 14.510523] kasan_save_stack+0x45/0x70 [ 14.510686] kasan_save_track+0x18/0x40 [ 14.510999] kasan_save_alloc_info+0x3b/0x50 [ 14.511236] __kasan_kmalloc+0xb7/0xc0 [ 14.511410] __kmalloc_cache_noprof+0x189/0x420 [ 14.511615] kasan_strings+0xc0/0xe80 [ 14.511797] kunit_try_run_case+0x1a5/0x480 [ 14.511988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512607] kthread+0x337/0x6f0 [ 14.512791] ret_from_fork+0x116/0x1d0 [ 14.512935] ret_from_fork_asm+0x1a/0x30 [ 14.513358] [ 14.513445] Freed by task 276: [ 14.513758] kasan_save_stack+0x45/0x70 [ 14.513963] kasan_save_track+0x18/0x40 [ 14.514311] kasan_save_free_info+0x3f/0x60 [ 14.514669] __kasan_slab_free+0x56/0x70 [ 14.514830] kfree+0x222/0x3f0 [ 14.515272] kasan_strings+0x2aa/0xe80 [ 14.515429] kunit_try_run_case+0x1a5/0x480 [ 14.515810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.516064] kthread+0x337/0x6f0 [ 14.516356] ret_from_fork+0x116/0x1d0 [ 14.516550] ret_from_fork_asm+0x1a/0x30 [ 14.516894] [ 14.516972] The buggy address belongs to the object at ffff8881032060c0 [ 14.516972] which belongs to the cache kmalloc-32 of size 32 [ 14.517848] The buggy address is located 16 bytes inside of [ 14.517848] freed 32-byte region [ffff8881032060c0, ffff8881032060e0) [ 14.518486] [ 14.518591] The buggy address belongs to the physical page: [ 14.518985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103206 [ 14.519623] flags: 0x200000000000000(node=0|zone=2) [ 14.519879] page_type: f5(slab) [ 14.520033] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.520601] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.520993] page dumped because: kasan: bad access detected [ 14.521402] [ 14.521485] Memory state around the buggy address: [ 14.521688] ffff888103205f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.522204] ffff888103206000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.522612] >ffff888103206080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.522985] ^ [ 14.523511] ffff888103206100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.523852] ffff888103206180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.524531] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.474157] ================================================================== [ 14.474498] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.474967] Read of size 1 at addr ffff8881032060d0 by task kunit_try_catch/276 [ 14.475341] [ 14.475433] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.475474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.475486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.475507] Call Trace: [ 14.475520] <TASK> [ 14.475533] dump_stack_lvl+0x73/0xb0 [ 14.475561] print_report+0xd1/0x650 [ 14.475583] ? __virt_addr_valid+0x1db/0x2d0 [ 14.475605] ? kasan_strings+0xcbc/0xe80 [ 14.475625] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.475649] ? kasan_strings+0xcbc/0xe80 [ 14.475669] kasan_report+0x141/0x180 [ 14.475690] ? kasan_strings+0xcbc/0xe80 [ 14.475727] __asan_report_load1_noabort+0x18/0x20 [ 14.475752] kasan_strings+0xcbc/0xe80 [ 14.475771] ? trace_hardirqs_on+0x37/0xe0 [ 14.475796] ? __pfx_kasan_strings+0x10/0x10 [ 14.475817] ? finish_task_switch.isra.0+0x153/0x700 [ 14.475841] ? __switch_to+0x47/0xf50 [ 14.475866] ? __schedule+0x10cc/0x2b60 [ 14.475887] ? __pfx_read_tsc+0x10/0x10 [ 14.475909] ? ktime_get_ts64+0x86/0x230 [ 14.475932] kunit_try_run_case+0x1a5/0x480 [ 14.475956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.476003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.476028] ? __kthread_parkme+0x82/0x180 [ 14.476048] ? preempt_count_sub+0x50/0x80 [ 14.476071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.476144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.476169] kthread+0x337/0x6f0 [ 14.476188] ? trace_preempt_on+0x20/0xc0 [ 14.476212] ? __pfx_kthread+0x10/0x10 [ 14.476233] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.476255] ? calculate_sigpending+0x7b/0xa0 [ 14.476278] ? __pfx_kthread+0x10/0x10 [ 14.476299] ret_from_fork+0x116/0x1d0 [ 14.476321] ? __pfx_kthread+0x10/0x10 [ 14.476341] ret_from_fork_asm+0x1a/0x30 [ 14.476371] </TASK> [ 14.476381] [ 14.483745] Allocated by task 276: [ 14.483914] kasan_save_stack+0x45/0x70 [ 14.484114] kasan_save_track+0x18/0x40 [ 14.484275] kasan_save_alloc_info+0x3b/0x50 [ 14.484489] __kasan_kmalloc+0xb7/0xc0 [ 14.484654] __kmalloc_cache_noprof+0x189/0x420 [ 14.484861] kasan_strings+0xc0/0xe80 [ 14.484991] kunit_try_run_case+0x1a5/0x480 [ 14.485389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.485629] kthread+0x337/0x6f0 [ 14.485759] ret_from_fork+0x116/0x1d0 [ 14.485890] ret_from_fork_asm+0x1a/0x30 [ 14.486107] [ 14.486201] Freed by task 276: [ 14.486358] kasan_save_stack+0x45/0x70 [ 14.486550] kasan_save_track+0x18/0x40 [ 14.486750] kasan_save_free_info+0x3f/0x60 [ 14.486945] __kasan_slab_free+0x56/0x70 [ 14.487184] kfree+0x222/0x3f0 [ 14.487344] kasan_strings+0x2aa/0xe80 [ 14.487510] kunit_try_run_case+0x1a5/0x480 [ 14.487681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.487940] kthread+0x337/0x6f0 [ 14.488116] ret_from_fork+0x116/0x1d0 [ 14.488281] ret_from_fork_asm+0x1a/0x30 [ 14.488436] [ 14.488526] The buggy address belongs to the object at ffff8881032060c0 [ 14.488526] which belongs to the cache kmalloc-32 of size 32 [ 14.488944] The buggy address is located 16 bytes inside of [ 14.488944] freed 32-byte region [ffff8881032060c0, ffff8881032060e0) [ 14.489688] [ 14.489883] The buggy address belongs to the physical page: [ 14.490056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103206 [ 14.490383] flags: 0x200000000000000(node=0|zone=2) [ 14.490615] page_type: f5(slab) [ 14.490934] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.491271] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.491528] page dumped because: kasan: bad access detected [ 14.491794] [ 14.491891] Memory state around the buggy address: [ 14.492288] ffff888103205f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492558] ffff888103206000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.492869] >ffff888103206080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.493211] ^ [ 14.493396] ffff888103206100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.493612] ffff888103206180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.494880] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.446442] ================================================================== [ 14.447368] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.447575] Read of size 1 at addr ffff8881032060d0 by task kunit_try_catch/276 [ 14.447807] [ 14.447897] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.447942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447975] Call Trace: [ 14.447986] <TASK> [ 14.448003] dump_stack_lvl+0x73/0xb0 [ 14.448030] print_report+0xd1/0x650 [ 14.448054] ? __virt_addr_valid+0x1db/0x2d0 [ 14.448076] ? strcmp+0xb0/0xc0 [ 14.448092] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.448116] ? strcmp+0xb0/0xc0 [ 14.448132] kasan_report+0x141/0x180 [ 14.448153] ? strcmp+0xb0/0xc0 [ 14.448173] __asan_report_load1_noabort+0x18/0x20 [ 14.448197] strcmp+0xb0/0xc0 [ 14.448215] kasan_strings+0x431/0xe80 [ 14.448234] ? trace_hardirqs_on+0x37/0xe0 [ 14.448258] ? __pfx_kasan_strings+0x10/0x10 [ 14.448277] ? finish_task_switch.isra.0+0x153/0x700 [ 14.448299] ? __switch_to+0x47/0xf50 [ 14.448329] ? __schedule+0x10cc/0x2b60 [ 14.448350] ? __pfx_read_tsc+0x10/0x10 [ 14.448372] ? ktime_get_ts64+0x86/0x230 [ 14.448395] kunit_try_run_case+0x1a5/0x480 [ 14.448419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.448464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.448487] ? __kthread_parkme+0x82/0x180 [ 14.448509] ? preempt_count_sub+0x50/0x80 [ 14.448531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448601] kthread+0x337/0x6f0 [ 14.448619] ? trace_preempt_on+0x20/0xc0 [ 14.448641] ? __pfx_kthread+0x10/0x10 [ 14.448660] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448680] ? calculate_sigpending+0x7b/0xa0 [ 14.448724] ? __pfx_kthread+0x10/0x10 [ 14.448745] ret_from_fork+0x116/0x1d0 [ 14.448762] ? __pfx_kthread+0x10/0x10 [ 14.448782] ret_from_fork_asm+0x1a/0x30 [ 14.448812] </TASK> [ 14.448822] [ 14.462787] Allocated by task 276: [ 14.462954] kasan_save_stack+0x45/0x70 [ 14.463202] kasan_save_track+0x18/0x40 [ 14.463385] kasan_save_alloc_info+0x3b/0x50 [ 14.463539] __kasan_kmalloc+0xb7/0xc0 [ 14.463684] __kmalloc_cache_noprof+0x189/0x420 [ 14.463915] kasan_strings+0xc0/0xe80 [ 14.464179] kunit_try_run_case+0x1a5/0x480 [ 14.464392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.464587] kthread+0x337/0x6f0 [ 14.464764] ret_from_fork+0x116/0x1d0 [ 14.464921] ret_from_fork_asm+0x1a/0x30 [ 14.465186] [ 14.465265] Freed by task 276: [ 14.465376] kasan_save_stack+0x45/0x70 [ 14.465511] kasan_save_track+0x18/0x40 [ 14.465645] kasan_save_free_info+0x3f/0x60 [ 14.465864] __kasan_slab_free+0x56/0x70 [ 14.466062] kfree+0x222/0x3f0 [ 14.466224] kasan_strings+0x2aa/0xe80 [ 14.466382] kunit_try_run_case+0x1a5/0x480 [ 14.466526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.466700] kthread+0x337/0x6f0 [ 14.466970] ret_from_fork+0x116/0x1d0 [ 14.467492] ret_from_fork_asm+0x1a/0x30 [ 14.467733] [ 14.467830] The buggy address belongs to the object at ffff8881032060c0 [ 14.467830] which belongs to the cache kmalloc-32 of size 32 [ 14.468477] The buggy address is located 16 bytes inside of [ 14.468477] freed 32-byte region [ffff8881032060c0, ffff8881032060e0) [ 14.468916] [ 14.469013] The buggy address belongs to the physical page: [ 14.469269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103206 [ 14.469635] flags: 0x200000000000000(node=0|zone=2) [ 14.469816] page_type: f5(slab) [ 14.469938] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.470476] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.471065] page dumped because: kasan: bad access detected [ 14.471359] [ 14.471446] Memory state around the buggy address: [ 14.471601] ffff888103205f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471852] ffff888103206000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.472485] >ffff888103206080: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.472835] ^ [ 14.473183] ffff888103206100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.473461] ffff888103206180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.473728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.417401] ================================================================== [ 14.418039] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.418322] Read of size 1 at addr ffff888103206018 by task kunit_try_catch/274 [ 14.418655] [ 14.418767] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.418814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.418827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.418848] Call Trace: [ 14.418859] <TASK> [ 14.418875] dump_stack_lvl+0x73/0xb0 [ 14.418902] print_report+0xd1/0x650 [ 14.418925] ? __virt_addr_valid+0x1db/0x2d0 [ 14.418946] ? memcmp+0x1b4/0x1d0 [ 14.418963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.418985] ? memcmp+0x1b4/0x1d0 [ 14.419001] kasan_report+0x141/0x180 [ 14.419022] ? memcmp+0x1b4/0x1d0 [ 14.419044] __asan_report_load1_noabort+0x18/0x20 [ 14.419067] memcmp+0x1b4/0x1d0 [ 14.419086] kasan_memcmp+0x18f/0x390 [ 14.419106] ? trace_hardirqs_on+0x37/0xe0 [ 14.419130] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.419149] ? finish_task_switch.isra.0+0x153/0x700 [ 14.419172] ? __switch_to+0x47/0xf50 [ 14.419199] ? __pfx_read_tsc+0x10/0x10 [ 14.419220] ? ktime_get_ts64+0x86/0x230 [ 14.419242] kunit_try_run_case+0x1a5/0x480 [ 14.419267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.419313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.419335] ? __kthread_parkme+0x82/0x180 [ 14.419356] ? preempt_count_sub+0x50/0x80 [ 14.419378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.419424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.419447] kthread+0x337/0x6f0 [ 14.419465] ? trace_preempt_on+0x20/0xc0 [ 14.419486] ? __pfx_kthread+0x10/0x10 [ 14.419506] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.419526] ? calculate_sigpending+0x7b/0xa0 [ 14.419549] ? __pfx_kthread+0x10/0x10 [ 14.419569] ret_from_fork+0x116/0x1d0 [ 14.419586] ? __pfx_kthread+0x10/0x10 [ 14.419605] ret_from_fork_asm+0x1a/0x30 [ 14.419636] </TASK> [ 14.419646] [ 14.428620] Allocated by task 274: [ 14.428846] kasan_save_stack+0x45/0x70 [ 14.429174] kasan_save_track+0x18/0x40 [ 14.429367] kasan_save_alloc_info+0x3b/0x50 [ 14.429585] __kasan_kmalloc+0xb7/0xc0 [ 14.429759] __kmalloc_cache_noprof+0x189/0x420 [ 14.429999] kasan_memcmp+0xb7/0x390 [ 14.430259] kunit_try_run_case+0x1a5/0x480 [ 14.430490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.430736] kthread+0x337/0x6f0 [ 14.430900] ret_from_fork+0x116/0x1d0 [ 14.431164] ret_from_fork_asm+0x1a/0x30 [ 14.431308] [ 14.431425] The buggy address belongs to the object at ffff888103206000 [ 14.431425] which belongs to the cache kmalloc-32 of size 32 [ 14.431938] The buggy address is located 0 bytes to the right of [ 14.431938] allocated 24-byte region [ffff888103206000, ffff888103206018) [ 14.432479] [ 14.432557] The buggy address belongs to the physical page: [ 14.432811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103206 [ 14.433376] flags: 0x200000000000000(node=0|zone=2) [ 14.433643] page_type: f5(slab) [ 14.433812] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.434126] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.434486] page dumped because: kasan: bad access detected [ 14.434751] [ 14.434844] Memory state around the buggy address: [ 14.435184] ffff888103205f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.435523] ffff888103205f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.435772] >ffff888103206000: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436201] ^ [ 14.436394] ffff888103206080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436910] ffff888103206100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.437609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.388912] ================================================================== [ 14.389615] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.389912] Read of size 1 at addr ffff8881039dfc4a by task kunit_try_catch/270 [ 14.390241] [ 14.390411] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.390457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.390469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.390489] Call Trace: [ 14.390501] <TASK> [ 14.390515] dump_stack_lvl+0x73/0xb0 [ 14.390545] print_report+0xd1/0x650 [ 14.390568] ? __virt_addr_valid+0x1db/0x2d0 [ 14.390590] ? kasan_alloca_oob_right+0x329/0x390 [ 14.390613] ? kasan_addr_to_slab+0x11/0xa0 [ 14.390633] ? kasan_alloca_oob_right+0x329/0x390 [ 14.390657] kasan_report+0x141/0x180 [ 14.390678] ? kasan_alloca_oob_right+0x329/0x390 [ 14.390716] __asan_report_load1_noabort+0x18/0x20 [ 14.390741] kasan_alloca_oob_right+0x329/0x390 [ 14.390763] ? __kasan_check_write+0x18/0x20 [ 14.390783] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.390806] ? finish_task_switch.isra.0+0x153/0x700 [ 14.390829] ? preempt_schedule_common+0xbe/0x110 [ 14.390853] ? trace_hardirqs_on+0x37/0xe0 [ 14.390880] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.390903] ? __kasan_check_write+0x18/0x20 [ 14.390922] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.390949] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.390974] ? __pfx_read_tsc+0x10/0x10 [ 14.390995] ? ktime_get_ts64+0x86/0x230 [ 14.391019] kunit_try_run_case+0x1a5/0x480 [ 14.391044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391067] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.391146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.391171] ? __kthread_parkme+0x82/0x180 [ 14.391193] ? preempt_count_sub+0x50/0x80 [ 14.391216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.391267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.391292] kthread+0x337/0x6f0 [ 14.391311] ? trace_preempt_on+0x20/0xc0 [ 14.391334] ? __pfx_kthread+0x10/0x10 [ 14.391354] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.391375] ? calculate_sigpending+0x7b/0xa0 [ 14.391399] ? __pfx_kthread+0x10/0x10 [ 14.391420] ret_from_fork+0x116/0x1d0 [ 14.391439] ? __pfx_kthread+0x10/0x10 [ 14.391459] ret_from_fork_asm+0x1a/0x30 [ 14.391489] </TASK> [ 14.391500] [ 14.403323] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.403547] [ 14.403617] The buggy address belongs to the physical page: [ 14.403797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039df [ 14.404030] flags: 0x200000000000000(node=0|zone=2) [ 14.404196] raw: 0200000000000000 ffffea00040e77c8 ffffea00040e77c8 0000000000000000 [ 14.404435] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.404650] page dumped because: kasan: bad access detected [ 14.405658] [ 14.405750] Memory state around the buggy address: [ 14.405901] ffff8881039dfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.406210] ffff8881039dfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.406468] >ffff8881039dfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.406691] ^ [ 14.406948] ffff8881039dfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.407415] ffff8881039dfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.408893] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.366613] ================================================================== [ 14.367093] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.367345] Read of size 1 at addr ffff8881039bfc3f by task kunit_try_catch/268 [ 14.367566] [ 14.367654] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.367696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.367722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.367743] Call Trace: [ 14.367755] <TASK> [ 14.367771] dump_stack_lvl+0x73/0xb0 [ 14.367801] print_report+0xd1/0x650 [ 14.367824] ? __virt_addr_valid+0x1db/0x2d0 [ 14.367848] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367869] ? kasan_addr_to_slab+0x11/0xa0 [ 14.367889] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367911] kasan_report+0x141/0x180 [ 14.367932] ? kasan_alloca_oob_left+0x320/0x380 [ 14.367958] __asan_report_load1_noabort+0x18/0x20 [ 14.367982] kasan_alloca_oob_left+0x320/0x380 [ 14.368004] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.368026] ? finish_task_switch.isra.0+0x153/0x700 [ 14.368048] ? preempt_schedule_common+0xbe/0x110 [ 14.368071] ? trace_hardirqs_on+0x37/0xe0 [ 14.368097] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.368121] ? __schedule+0x10cc/0x2b60 [ 14.368142] ? __pfx_read_tsc+0x10/0x10 [ 14.368163] ? ktime_get_ts64+0x86/0x230 [ 14.368187] kunit_try_run_case+0x1a5/0x480 [ 14.368211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.368233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.368257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.368280] ? __kthread_parkme+0x82/0x180 [ 14.368300] ? preempt_count_sub+0x50/0x80 [ 14.368330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.368354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.368377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.368401] kthread+0x337/0x6f0 [ 14.368418] ? trace_preempt_on+0x20/0xc0 [ 14.368440] ? __pfx_kthread+0x10/0x10 [ 14.368460] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.368480] ? calculate_sigpending+0x7b/0xa0 [ 14.368504] ? __pfx_kthread+0x10/0x10 [ 14.368524] ret_from_fork+0x116/0x1d0 [ 14.368542] ? __pfx_kthread+0x10/0x10 [ 14.368562] ret_from_fork_asm+0x1a/0x30 [ 14.368593] </TASK> [ 14.368604] [ 14.378213] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.379085] [ 14.379205] The buggy address belongs to the physical page: [ 14.379433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 14.379676] flags: 0x200000000000000(node=0|zone=2) [ 14.379861] raw: 0200000000000000 ffffea00040e6fc8 ffffea00040e6fc8 0000000000000000 [ 14.380603] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.381248] page dumped because: kasan: bad access detected [ 14.381498] [ 14.381590] Memory state around the buggy address: [ 14.381811] ffff8881039bfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.382497] ffff8881039bfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.382988] >ffff8881039bfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.383470] ^ [ 14.383832] ffff8881039bfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.384274] ffff8881039bfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.384781] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.346648] ================================================================== [ 14.347305] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.347839] Read of size 1 at addr ffff8881039f7d02 by task kunit_try_catch/266 [ 14.348189] [ 14.348322] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.348380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.348392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.348411] Call Trace: [ 14.348424] <TASK> [ 14.348438] dump_stack_lvl+0x73/0xb0 [ 14.348469] print_report+0xd1/0x650 [ 14.348492] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348514] ? kasan_stack_oob+0x2b5/0x300 [ 14.348534] ? kasan_addr_to_slab+0x11/0xa0 [ 14.348555] ? kasan_stack_oob+0x2b5/0x300 [ 14.348575] kasan_report+0x141/0x180 [ 14.348596] ? kasan_stack_oob+0x2b5/0x300 [ 14.348621] __asan_report_load1_noabort+0x18/0x20 [ 14.348647] kasan_stack_oob+0x2b5/0x300 [ 14.348667] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.348687] ? finish_task_switch.isra.0+0x153/0x700 [ 14.348721] ? __switch_to+0x47/0xf50 [ 14.348748] ? __schedule+0x10cc/0x2b60 [ 14.348770] ? __pfx_read_tsc+0x10/0x10 [ 14.348792] ? ktime_get_ts64+0x86/0x230 [ 14.348815] kunit_try_run_case+0x1a5/0x480 [ 14.348841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.348887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.348911] ? __kthread_parkme+0x82/0x180 [ 14.348934] ? preempt_count_sub+0x50/0x80 [ 14.348957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.349032] kthread+0x337/0x6f0 [ 14.349063] ? trace_preempt_on+0x20/0xc0 [ 14.349087] ? __pfx_kthread+0x10/0x10 [ 14.349107] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.349129] ? calculate_sigpending+0x7b/0xa0 [ 14.349154] ? __pfx_kthread+0x10/0x10 [ 14.349176] ret_from_fork+0x116/0x1d0 [ 14.349194] ? __pfx_kthread+0x10/0x10 [ 14.349216] ret_from_fork_asm+0x1a/0x30 [ 14.349248] </TASK> [ 14.349258] [ 14.356005] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.356373] and is located at offset 138 in frame: [ 14.356576] kasan_stack_oob+0x0/0x300 [ 14.356875] [ 14.356982] This frame has 4 objects: [ 14.357243] [48, 49) '__assertion' [ 14.357265] [64, 72) 'array' [ 14.357445] [96, 112) '__assertion' [ 14.357598] [128, 138) 'stack_array' [ 14.357779] [ 14.358034] The buggy address belongs to the physical page: [ 14.358256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f7 [ 14.358616] flags: 0x200000000000000(node=0|zone=2) [ 14.358850] raw: 0200000000000000 ffffea00040e7dc8 ffffea00040e7dc8 0000000000000000 [ 14.359124] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.359383] page dumped because: kasan: bad access detected [ 14.359639] [ 14.359738] Memory state around the buggy address: [ 14.359959] ffff8881039f7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.360217] ffff8881039f7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.360548] >ffff8881039f7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.360868] ^ [ 14.361034] ffff8881039f7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.361315] ffff8881039f7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.361599] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.327320] ================================================================== [ 14.327870] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.328310] Read of size 1 at addr ffffffff8ec63e8d by task kunit_try_catch/262 [ 14.328589] [ 14.328746] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.328793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.328805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.328827] Call Trace: [ 14.328839] <TASK> [ 14.328855] dump_stack_lvl+0x73/0xb0 [ 14.328888] print_report+0xd1/0x650 [ 14.328910] ? __virt_addr_valid+0x1db/0x2d0 [ 14.328933] ? kasan_global_oob_right+0x286/0x2d0 [ 14.328955] ? kasan_addr_to_slab+0x11/0xa0 [ 14.328976] ? kasan_global_oob_right+0x286/0x2d0 [ 14.328999] kasan_report+0x141/0x180 [ 14.329020] ? kasan_global_oob_right+0x286/0x2d0 [ 14.329047] __asan_report_load1_noabort+0x18/0x20 [ 14.329072] kasan_global_oob_right+0x286/0x2d0 [ 14.329094] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.329179] ? trace_hardirqs_on+0x37/0xe0 [ 14.329218] ? __schedule+0x207f/0x2b60 [ 14.329240] ? __pfx_read_tsc+0x10/0x10 [ 14.329264] ? ktime_get_ts64+0x86/0x230 [ 14.329288] kunit_try_run_case+0x1a5/0x480 [ 14.329313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.329336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.329360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.329384] ? __kthread_parkme+0x82/0x180 [ 14.329405] ? preempt_count_sub+0x50/0x80 [ 14.329430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.329454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.329480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.329505] kthread+0x337/0x6f0 [ 14.329524] ? trace_preempt_on+0x20/0xc0 [ 14.329547] ? __pfx_kthread+0x10/0x10 [ 14.329567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.329589] ? calculate_sigpending+0x7b/0xa0 [ 14.329614] ? __pfx_kthread+0x10/0x10 [ 14.329636] ret_from_fork+0x116/0x1d0 [ 14.329655] ? __pfx_kthread+0x10/0x10 [ 14.329675] ret_from_fork_asm+0x1a/0x30 [ 14.329718] </TASK> [ 14.329727] [ 14.336780] The buggy address belongs to the variable: [ 14.337201] global_array+0xd/0x40 [ 14.337373] [ 14.337462] The buggy address belongs to the physical page: [ 14.337637] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x31263 [ 14.337989] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.338335] raw: 0100000000002000 ffffea0000c498c8 ffffea0000c498c8 0000000000000000 [ 14.338679] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.339024] page dumped because: kasan: bad access detected [ 14.339301] [ 14.339394] Memory state around the buggy address: [ 14.339582] ffffffff8ec63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.339809] ffffffff8ec63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.340178] >ffffffff8ec63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.340518] ^ [ 14.340692] ffffffff8ec63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.341002] ffffffff8ec63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.341283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.268749] ================================================================== [ 14.269508] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.269783] Free of addr ffff88810291dd01 by task kunit_try_catch/258 [ 14.269985] [ 14.270076] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.270120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.270131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.270152] Call Trace: [ 14.270164] <TASK> [ 14.270179] dump_stack_lvl+0x73/0xb0 [ 14.270206] print_report+0xd1/0x650 [ 14.270227] ? __virt_addr_valid+0x1db/0x2d0 [ 14.270250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.270272] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.270298] kasan_report_invalid_free+0x10a/0x130 [ 14.270322] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.270348] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.270372] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.270395] check_slab_allocation+0x11f/0x130 [ 14.270416] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.270440] mempool_free+0x2ec/0x380 [ 14.270465] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.270489] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.270516] ? __kasan_check_write+0x18/0x20 [ 14.270534] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.270554] ? finish_task_switch.isra.0+0x153/0x700 [ 14.270580] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.270602] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.270628] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.270650] ? __pfx_mempool_kfree+0x10/0x10 [ 14.270673] ? __pfx_read_tsc+0x10/0x10 [ 14.270694] ? ktime_get_ts64+0x86/0x230 [ 14.271762] kunit_try_run_case+0x1a5/0x480 [ 14.271793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.271842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.271865] ? __kthread_parkme+0x82/0x180 [ 14.271887] ? preempt_count_sub+0x50/0x80 [ 14.271912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.271936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.271986] kthread+0x337/0x6f0 [ 14.272005] ? trace_preempt_on+0x20/0xc0 [ 14.272080] ? __pfx_kthread+0x10/0x10 [ 14.272104] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.272126] ? calculate_sigpending+0x7b/0xa0 [ 14.272151] ? __pfx_kthread+0x10/0x10 [ 14.272171] ret_from_fork+0x116/0x1d0 [ 14.272191] ? __pfx_kthread+0x10/0x10 [ 14.272211] ret_from_fork_asm+0x1a/0x30 [ 14.272243] </TASK> [ 14.272253] [ 14.285601] Allocated by task 258: [ 14.285795] kasan_save_stack+0x45/0x70 [ 14.285975] kasan_save_track+0x18/0x40 [ 14.286343] kasan_save_alloc_info+0x3b/0x50 [ 14.286507] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.286836] remove_element+0x11e/0x190 [ 14.287307] mempool_alloc_preallocated+0x4d/0x90 [ 14.287788] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.288098] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.288382] kunit_try_run_case+0x1a5/0x480 [ 14.288712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.289029] kthread+0x337/0x6f0 [ 14.289315] ret_from_fork+0x116/0x1d0 [ 14.289516] ret_from_fork_asm+0x1a/0x30 [ 14.289813] [ 14.289914] The buggy address belongs to the object at ffff88810291dd00 [ 14.289914] which belongs to the cache kmalloc-128 of size 128 [ 14.290558] The buggy address is located 1 bytes inside of [ 14.290558] 128-byte region [ffff88810291dd00, ffff88810291dd80) [ 14.291024] [ 14.291453] The buggy address belongs to the physical page: [ 14.291698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 14.292092] flags: 0x200000000000000(node=0|zone=2) [ 14.292488] page_type: f5(slab) [ 14.292622] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.293061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.293417] page dumped because: kasan: bad access detected [ 14.293648] [ 14.293749] Memory state around the buggy address: [ 14.293947] ffff88810291dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.294659] ffff88810291dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.295112] >ffff88810291dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.295491] ^ [ 14.295653] ffff88810291dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.296186] ffff88810291de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.296584] ================================================================== [ 14.302934] ================================================================== [ 14.303725] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.304048] Free of addr ffff888103990001 by task kunit_try_catch/260 [ 14.304322] [ 14.304440] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.304486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.304498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.304520] Call Trace: [ 14.304532] <TASK> [ 14.304547] dump_stack_lvl+0x73/0xb0 [ 14.304576] print_report+0xd1/0x650 [ 14.304598] ? __virt_addr_valid+0x1db/0x2d0 [ 14.304623] ? kasan_addr_to_slab+0x11/0xa0 [ 14.304644] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.304671] kasan_report_invalid_free+0x10a/0x130 [ 14.304696] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.304735] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.304761] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.304788] mempool_free+0x2ec/0x380 [ 14.304815] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.304842] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.304872] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.304895] ? finish_task_switch.isra.0+0x153/0x700 [ 14.304922] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.304948] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.304977] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.305002] ? __pfx_mempool_kfree+0x10/0x10 [ 14.305029] ? __pfx_read_tsc+0x10/0x10 [ 14.305052] ? ktime_get_ts64+0x86/0x230 [ 14.305077] kunit_try_run_case+0x1a5/0x480 [ 14.305102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.305150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.305232] ? __kthread_parkme+0x82/0x180 [ 14.305257] ? preempt_count_sub+0x50/0x80 [ 14.305280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.305356] kthread+0x337/0x6f0 [ 14.305374] ? trace_preempt_on+0x20/0xc0 [ 14.305397] ? __pfx_kthread+0x10/0x10 [ 14.305417] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.305439] ? calculate_sigpending+0x7b/0xa0 [ 14.305463] ? __pfx_kthread+0x10/0x10 [ 14.305486] ret_from_fork+0x116/0x1d0 [ 14.305504] ? __pfx_kthread+0x10/0x10 [ 14.305525] ret_from_fork_asm+0x1a/0x30 [ 14.305556] </TASK> [ 14.305566] [ 14.314193] The buggy address belongs to the physical page: [ 14.314505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 14.314932] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.315317] flags: 0x200000000000040(head|node=0|zone=2) [ 14.315539] page_type: f8(unknown) [ 14.315722] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.315970] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.316200] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.316497] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.317121] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 14.317426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.317650] page dumped because: kasan: bad access detected [ 14.317926] [ 14.318020] Memory state around the buggy address: [ 14.318294] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.318620] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.318955] >ffff888103990000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.319302] ^ [ 14.319423] ffff888103990080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.319748] ffff888103990100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.320128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.226325] ================================================================== [ 14.226807] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.227322] Free of addr ffff888103990000 by task kunit_try_catch/254 [ 14.227584] [ 14.227681] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.227739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.227751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.227773] Call Trace: [ 14.227784] <TASK> [ 14.227800] dump_stack_lvl+0x73/0xb0 [ 14.227830] print_report+0xd1/0x650 [ 14.227852] ? __virt_addr_valid+0x1db/0x2d0 [ 14.227877] ? kasan_addr_to_slab+0x11/0xa0 [ 14.227897] ? mempool_double_free_helper+0x184/0x370 [ 14.227923] kasan_report_invalid_free+0x10a/0x130 [ 14.227948] ? mempool_double_free_helper+0x184/0x370 [ 14.227975] ? mempool_double_free_helper+0x184/0x370 [ 14.227999] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.228024] mempool_free+0x2ec/0x380 [ 14.228064] mempool_double_free_helper+0x184/0x370 [ 14.228088] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.228114] ? __kasan_check_write+0x18/0x20 [ 14.228134] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.228156] ? finish_task_switch.isra.0+0x153/0x700 [ 14.228183] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.228208] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.228238] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.228261] ? __pfx_mempool_kfree+0x10/0x10 [ 14.228286] ? __pfx_read_tsc+0x10/0x10 [ 14.228307] ? ktime_get_ts64+0x86/0x230 [ 14.228335] kunit_try_run_case+0x1a5/0x480 [ 14.228359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.228381] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.228407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.228431] ? __kthread_parkme+0x82/0x180 [ 14.228451] ? preempt_count_sub+0x50/0x80 [ 14.228476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.228500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.228525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.228551] kthread+0x337/0x6f0 [ 14.228570] ? trace_preempt_on+0x20/0xc0 [ 14.228594] ? __pfx_kthread+0x10/0x10 [ 14.228615] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.228636] ? calculate_sigpending+0x7b/0xa0 [ 14.228661] ? __pfx_kthread+0x10/0x10 [ 14.228683] ret_from_fork+0x116/0x1d0 [ 14.228711] ? __pfx_kthread+0x10/0x10 [ 14.228742] ret_from_fork_asm+0x1a/0x30 [ 14.228791] </TASK> [ 14.228802] [ 14.237563] The buggy address belongs to the physical page: [ 14.237839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 14.238215] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.238518] flags: 0x200000000000040(head|node=0|zone=2) [ 14.238773] page_type: f8(unknown) [ 14.238958] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.239281] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.239629] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.239878] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.240115] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 14.240412] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.240777] page dumped because: kasan: bad access detected [ 14.241030] [ 14.241226] Memory state around the buggy address: [ 14.241394] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.241609] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.241889] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.242481] ^ [ 14.242649] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.242979] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.243459] ================================================================== [ 14.247859] ================================================================== [ 14.248462] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.248786] Free of addr ffff888102a44000 by task kunit_try_catch/256 [ 14.249168] [ 14.249268] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.249311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.249323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.249343] Call Trace: [ 14.249354] <TASK> [ 14.249369] dump_stack_lvl+0x73/0xb0 [ 14.249397] print_report+0xd1/0x650 [ 14.249418] ? __virt_addr_valid+0x1db/0x2d0 [ 14.249442] ? kasan_addr_to_slab+0x11/0xa0 [ 14.249462] ? mempool_double_free_helper+0x184/0x370 [ 14.249487] kasan_report_invalid_free+0x10a/0x130 [ 14.249512] ? mempool_double_free_helper+0x184/0x370 [ 14.249540] ? mempool_double_free_helper+0x184/0x370 [ 14.249563] __kasan_mempool_poison_pages+0x115/0x130 [ 14.249588] mempool_free+0x290/0x380 [ 14.249613] mempool_double_free_helper+0x184/0x370 [ 14.249638] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.249664] ? __kasan_check_write+0x18/0x20 [ 14.249684] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.249720] ? finish_task_switch.isra.0+0x153/0x700 [ 14.249747] mempool_page_alloc_double_free+0xe8/0x140 [ 14.249772] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.249801] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.249826] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.249852] ? __pfx_read_tsc+0x10/0x10 [ 14.249872] ? ktime_get_ts64+0x86/0x230 [ 14.249896] kunit_try_run_case+0x1a5/0x480 [ 14.249919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.249942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.249966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.249990] ? __kthread_parkme+0x82/0x180 [ 14.250011] ? preempt_count_sub+0x50/0x80 [ 14.250178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.250205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.250231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.250256] kthread+0x337/0x6f0 [ 14.250275] ? trace_preempt_on+0x20/0xc0 [ 14.250299] ? __pfx_kthread+0x10/0x10 [ 14.250320] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.250341] ? calculate_sigpending+0x7b/0xa0 [ 14.250365] ? __pfx_kthread+0x10/0x10 [ 14.250387] ret_from_fork+0x116/0x1d0 [ 14.250406] ? __pfx_kthread+0x10/0x10 [ 14.250426] ret_from_fork_asm+0x1a/0x30 [ 14.250457] </TASK> [ 14.250468] [ 14.258749] The buggy address belongs to the physical page: [ 14.259010] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44 [ 14.260217] flags: 0x200000000000000(node=0|zone=2) [ 14.260406] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.260880] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.261220] page dumped because: kasan: bad access detected [ 14.261538] [ 14.261636] Memory state around the buggy address: [ 14.261824] ffff888102a43f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262127] ffff888102a43f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262457] >ffff888102a44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.262790] ^ [ 14.263195] ffff888102a44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263486] ffff888102a44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.263766] ================================================================== [ 14.187042] ================================================================== [ 14.187448] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.187692] Free of addr ffff88810291d900 by task kunit_try_catch/252 [ 14.187905] [ 14.187996] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.188039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.188050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.188071] Call Trace: [ 14.188084] <TASK> [ 14.188101] dump_stack_lvl+0x73/0xb0 [ 14.188130] print_report+0xd1/0x650 [ 14.188151] ? __virt_addr_valid+0x1db/0x2d0 [ 14.188176] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.188198] ? mempool_double_free_helper+0x184/0x370 [ 14.188222] kasan_report_invalid_free+0x10a/0x130 [ 14.188246] ? mempool_double_free_helper+0x184/0x370 [ 14.188271] ? mempool_double_free_helper+0x184/0x370 [ 14.188294] ? mempool_double_free_helper+0x184/0x370 [ 14.188323] check_slab_allocation+0x101/0x130 [ 14.188344] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.188367] mempool_free+0x2ec/0x380 [ 14.188394] mempool_double_free_helper+0x184/0x370 [ 14.188417] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.188443] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.188464] ? finish_task_switch.isra.0+0x153/0x700 [ 14.188490] mempool_kmalloc_double_free+0xed/0x140 [ 14.188512] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.188537] ? __kasan_check_write+0x18/0x20 [ 14.188556] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.188577] ? __pfx_mempool_kfree+0x10/0x10 [ 14.188602] ? __pfx_read_tsc+0x10/0x10 [ 14.188622] ? ktime_get_ts64+0x86/0x230 [ 14.188643] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.188669] kunit_try_run_case+0x1a5/0x480 [ 14.188694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.189032] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.189061] ? __kthread_parkme+0x82/0x180 [ 14.189084] ? preempt_count_sub+0x50/0x80 [ 14.189107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.189131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.189326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.189353] kthread+0x337/0x6f0 [ 14.189374] ? trace_preempt_on+0x20/0xc0 [ 14.189399] ? __pfx_kthread+0x10/0x10 [ 14.189628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.189651] ? calculate_sigpending+0x7b/0xa0 [ 14.189677] ? __pfx_kthread+0x10/0x10 [ 14.189699] ret_from_fork+0x116/0x1d0 [ 14.189732] ? __pfx_kthread+0x10/0x10 [ 14.189752] ret_from_fork_asm+0x1a/0x30 [ 14.189785] </TASK> [ 14.189795] [ 14.204836] Allocated by task 252: [ 14.205001] kasan_save_stack+0x45/0x70 [ 14.205685] kasan_save_track+0x18/0x40 [ 14.206029] kasan_save_alloc_info+0x3b/0x50 [ 14.206587] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.207123] remove_element+0x11e/0x190 [ 14.207401] mempool_alloc_preallocated+0x4d/0x90 [ 14.207840] mempool_double_free_helper+0x8a/0x370 [ 14.208284] mempool_kmalloc_double_free+0xed/0x140 [ 14.208523] kunit_try_run_case+0x1a5/0x480 [ 14.208728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.208963] kthread+0x337/0x6f0 [ 14.209526] ret_from_fork+0x116/0x1d0 [ 14.209845] ret_from_fork_asm+0x1a/0x30 [ 14.210197] [ 14.210301] Freed by task 252: [ 14.210445] kasan_save_stack+0x45/0x70 [ 14.210622] kasan_save_track+0x18/0x40 [ 14.210807] kasan_save_free_info+0x3f/0x60 [ 14.210993] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.211686] mempool_free+0x2ec/0x380 [ 14.212004] mempool_double_free_helper+0x109/0x370 [ 14.212310] mempool_kmalloc_double_free+0xed/0x140 [ 14.212532] kunit_try_run_case+0x1a5/0x480 [ 14.212731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212959] kthread+0x337/0x6f0 [ 14.213451] ret_from_fork+0x116/0x1d0 [ 14.213838] ret_from_fork_asm+0x1a/0x30 [ 14.214215] [ 14.214314] The buggy address belongs to the object at ffff88810291d900 [ 14.214314] which belongs to the cache kmalloc-128 of size 128 [ 14.214819] The buggy address is located 0 bytes inside of [ 14.214819] 128-byte region [ffff88810291d900, ffff88810291d980) [ 14.215770] [ 14.216012] The buggy address belongs to the physical page: [ 14.216567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 14.217287] flags: 0x200000000000000(node=0|zone=2) [ 14.217647] page_type: f5(slab) [ 14.217841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.218555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.218881] page dumped because: kasan: bad access detected [ 14.219557] [ 14.219669] Memory state around the buggy address: [ 14.219903] ffff88810291d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.220682] ffff88810291d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221128] >ffff88810291d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.221427] ^ [ 14.221580] ffff88810291d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221880] ffff88810291da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.222558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.082498] ================================================================== [ 14.082983] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.083525] Read of size 1 at addr ffff888102a44000 by task kunit_try_catch/246 [ 14.083853] [ 14.083969] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.084011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.084023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.084181] Call Trace: [ 14.084193] <TASK> [ 14.084207] dump_stack_lvl+0x73/0xb0 [ 14.084249] print_report+0xd1/0x650 [ 14.084271] ? __virt_addr_valid+0x1db/0x2d0 [ 14.084293] ? mempool_uaf_helper+0x392/0x400 [ 14.084319] ? kasan_addr_to_slab+0x11/0xa0 [ 14.084340] ? mempool_uaf_helper+0x392/0x400 [ 14.084362] kasan_report+0x141/0x180 [ 14.084383] ? mempool_uaf_helper+0x392/0x400 [ 14.084410] __asan_report_load1_noabort+0x18/0x20 [ 14.084435] mempool_uaf_helper+0x392/0x400 [ 14.084458] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.084482] ? __kasan_check_write+0x18/0x20 [ 14.084668] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.084696] ? finish_task_switch.isra.0+0x153/0x700 [ 14.084731] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.084756] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.084784] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.084808] ? __pfx_mempool_kfree+0x10/0x10 [ 14.084833] ? __pfx_read_tsc+0x10/0x10 [ 14.084854] ? ktime_get_ts64+0x86/0x230 [ 14.084878] kunit_try_run_case+0x1a5/0x480 [ 14.084901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.084924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.084948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.084972] ? __kthread_parkme+0x82/0x180 [ 14.084992] ? preempt_count_sub+0x50/0x80 [ 14.085016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.085208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.085238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.085263] kthread+0x337/0x6f0 [ 14.085283] ? trace_preempt_on+0x20/0xc0 [ 14.085306] ? __pfx_kthread+0x10/0x10 [ 14.085327] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.085349] ? calculate_sigpending+0x7b/0xa0 [ 14.085372] ? __pfx_kthread+0x10/0x10 [ 14.085394] ret_from_fork+0x116/0x1d0 [ 14.085413] ? __pfx_kthread+0x10/0x10 [ 14.085433] ret_from_fork_asm+0x1a/0x30 [ 14.085465] </TASK> [ 14.085475] [ 14.098015] The buggy address belongs to the physical page: [ 14.098590] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44 [ 14.099154] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.099492] flags: 0x200000000000040(head|node=0|zone=2) [ 14.099745] page_type: f8(unknown) [ 14.099914] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.100540] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.101012] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.101489] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.101914] head: 0200000000000002 ffffea00040a9101 00000000ffffffff 00000000ffffffff [ 14.102387] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.102838] page dumped because: kasan: bad access detected [ 14.103053] [ 14.103363] Memory state around the buggy address: [ 14.103562] ffff888102a43f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.104002] ffff888102a43f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.104504] >ffff888102a44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.104779] ^ [ 14.104943] ffff888102a44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.105677] ffff888102a44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.105972] ================================================================== [ 14.156850] ================================================================== [ 14.158281] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.158943] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/250 [ 14.159579] [ 14.159684] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.159858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.159875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.159932] Call Trace: [ 14.159945] <TASK> [ 14.159964] dump_stack_lvl+0x73/0xb0 [ 14.160153] print_report+0xd1/0x650 [ 14.160177] ? __virt_addr_valid+0x1db/0x2d0 [ 14.160202] ? mempool_uaf_helper+0x392/0x400 [ 14.160224] ? kasan_addr_to_slab+0x11/0xa0 [ 14.160247] ? mempool_uaf_helper+0x392/0x400 [ 14.160270] kasan_report+0x141/0x180 [ 14.160292] ? mempool_uaf_helper+0x392/0x400 [ 14.160326] __asan_report_load1_noabort+0x18/0x20 [ 14.160351] mempool_uaf_helper+0x392/0x400 [ 14.160373] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.160398] ? __kasan_check_write+0x18/0x20 [ 14.160417] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.160441] ? finish_task_switch.isra.0+0x153/0x700 [ 14.160468] mempool_page_alloc_uaf+0xed/0x140 [ 14.160491] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.160518] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.160544] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.160571] ? __pfx_read_tsc+0x10/0x10 [ 14.160593] ? ktime_get_ts64+0x86/0x230 [ 14.160618] kunit_try_run_case+0x1a5/0x480 [ 14.160645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.160668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.160692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.160728] ? __kthread_parkme+0x82/0x180 [ 14.160750] ? preempt_count_sub+0x50/0x80 [ 14.160772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.160797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.160821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.160846] kthread+0x337/0x6f0 [ 14.160865] ? trace_preempt_on+0x20/0xc0 [ 14.160890] ? __pfx_kthread+0x10/0x10 [ 14.160910] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.160931] ? calculate_sigpending+0x7b/0xa0 [ 14.160956] ? __pfx_kthread+0x10/0x10 [ 14.160977] ret_from_fork+0x116/0x1d0 [ 14.160995] ? __pfx_kthread+0x10/0x10 [ 14.161016] ret_from_fork_asm+0x1a/0x30 [ 14.161059] </TASK> [ 14.161085] [ 14.173861] The buggy address belongs to the physical page: [ 14.174411] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 14.174922] flags: 0x200000000000000(node=0|zone=2) [ 14.175382] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.175756] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.176395] page dumped because: kasan: bad access detected [ 14.176617] [ 14.176964] Memory state around the buggy address: [ 14.177447] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.177920] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.178455] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.178966] ^ [ 14.179265] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.179583] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.179907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.055195] ================================================================== [ 14.055663] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.055988] Read of size 1 at addr ffff88810291d500 by task kunit_try_catch/244 [ 14.056311] [ 14.056429] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.056471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.056483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.056504] Call Trace: [ 14.056516] <TASK> [ 14.056532] dump_stack_lvl+0x73/0xb0 [ 14.056561] print_report+0xd1/0x650 [ 14.056582] ? __virt_addr_valid+0x1db/0x2d0 [ 14.056605] ? mempool_uaf_helper+0x392/0x400 [ 14.056626] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.056648] ? mempool_uaf_helper+0x392/0x400 [ 14.056670] kasan_report+0x141/0x180 [ 14.056690] ? mempool_uaf_helper+0x392/0x400 [ 14.056767] __asan_report_load1_noabort+0x18/0x20 [ 14.056795] mempool_uaf_helper+0x392/0x400 [ 14.056853] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.056878] ? __kasan_check_write+0x18/0x20 [ 14.056898] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.056922] ? finish_task_switch.isra.0+0x153/0x700 [ 14.056949] mempool_kmalloc_uaf+0xef/0x140 [ 14.056971] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.056996] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.057028] ? __pfx_mempool_kfree+0x10/0x10 [ 14.057053] ? __pfx_read_tsc+0x10/0x10 [ 14.057075] ? ktime_get_ts64+0x86/0x230 [ 14.057100] kunit_try_run_case+0x1a5/0x480 [ 14.057126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.057149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.057173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.057197] ? __kthread_parkme+0x82/0x180 [ 14.057217] ? preempt_count_sub+0x50/0x80 [ 14.057241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.057265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.057290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.057316] kthread+0x337/0x6f0 [ 14.057334] ? trace_preempt_on+0x20/0xc0 [ 14.057358] ? __pfx_kthread+0x10/0x10 [ 14.057378] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.057400] ? calculate_sigpending+0x7b/0xa0 [ 14.057424] ? __pfx_kthread+0x10/0x10 [ 14.057445] ret_from_fork+0x116/0x1d0 [ 14.057464] ? __pfx_kthread+0x10/0x10 [ 14.057484] ret_from_fork_asm+0x1a/0x30 [ 14.057516] </TASK> [ 14.057527] [ 14.065823] Allocated by task 244: [ 14.066006] kasan_save_stack+0x45/0x70 [ 14.066298] kasan_save_track+0x18/0x40 [ 14.066493] kasan_save_alloc_info+0x3b/0x50 [ 14.066686] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.066939] remove_element+0x11e/0x190 [ 14.067232] mempool_alloc_preallocated+0x4d/0x90 [ 14.067459] mempool_uaf_helper+0x96/0x400 [ 14.067671] mempool_kmalloc_uaf+0xef/0x140 [ 14.067881] kunit_try_run_case+0x1a5/0x480 [ 14.068206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068400] kthread+0x337/0x6f0 [ 14.068519] ret_from_fork+0x116/0x1d0 [ 14.068650] ret_from_fork_asm+0x1a/0x30 [ 14.068885] [ 14.068977] Freed by task 244: [ 14.069212] kasan_save_stack+0x45/0x70 [ 14.069409] kasan_save_track+0x18/0x40 [ 14.069597] kasan_save_free_info+0x3f/0x60 [ 14.069817] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.070147] mempool_free+0x2ec/0x380 [ 14.070298] mempool_uaf_helper+0x11a/0x400 [ 14.070469] mempool_kmalloc_uaf+0xef/0x140 [ 14.070691] kunit_try_run_case+0x1a5/0x480 [ 14.070915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.071270] kthread+0x337/0x6f0 [ 14.071426] ret_from_fork+0x116/0x1d0 [ 14.071625] ret_from_fork_asm+0x1a/0x30 [ 14.071827] [ 14.071927] The buggy address belongs to the object at ffff88810291d500 [ 14.071927] which belongs to the cache kmalloc-128 of size 128 [ 14.072573] The buggy address is located 0 bytes inside of [ 14.072573] freed 128-byte region [ffff88810291d500, ffff88810291d580) [ 14.073164] [ 14.073242] The buggy address belongs to the physical page: [ 14.073415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 14.073795] flags: 0x200000000000000(node=0|zone=2) [ 14.074109] page_type: f5(slab) [ 14.074280] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.074547] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.074797] page dumped because: kasan: bad access detected [ 14.075125] [ 14.075233] Memory state around the buggy address: [ 14.075469] ffff88810291d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.075796] ffff88810291d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.076101] >ffff88810291d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.076465] ^ [ 14.076632] ffff88810291d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.076952] ffff88810291d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.077346] ================================================================== [ 14.110671] ================================================================== [ 14.111661] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.112517] Read of size 1 at addr ffff8881038e3240 by task kunit_try_catch/248 [ 14.112968] [ 14.113066] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.113126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.113138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.113159] Call Trace: [ 14.113171] <TASK> [ 14.113188] dump_stack_lvl+0x73/0xb0 [ 14.113217] print_report+0xd1/0x650 [ 14.113240] ? __virt_addr_valid+0x1db/0x2d0 [ 14.113275] ? mempool_uaf_helper+0x392/0x400 [ 14.113299] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.113323] ? mempool_uaf_helper+0x392/0x400 [ 14.113357] kasan_report+0x141/0x180 [ 14.113379] ? mempool_uaf_helper+0x392/0x400 [ 14.113408] __asan_report_load1_noabort+0x18/0x20 [ 14.113434] mempool_uaf_helper+0x392/0x400 [ 14.113457] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.113493] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.113515] ? finish_task_switch.isra.0+0x153/0x700 [ 14.113552] mempool_slab_uaf+0xea/0x140 [ 14.113576] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.113602] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.113628] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.113655] ? __pfx_read_tsc+0x10/0x10 [ 14.113677] ? ktime_get_ts64+0x86/0x230 [ 14.113710] kunit_try_run_case+0x1a5/0x480 [ 14.113734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.113781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.113805] ? __kthread_parkme+0x82/0x180 [ 14.113826] ? preempt_count_sub+0x50/0x80 [ 14.113849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.113923] kthread+0x337/0x6f0 [ 14.113942] ? trace_preempt_on+0x20/0xc0 [ 14.113965] ? __pfx_kthread+0x10/0x10 [ 14.113986] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.114008] ? calculate_sigpending+0x7b/0xa0 [ 14.114054] ? __pfx_kthread+0x10/0x10 [ 14.114076] ret_from_fork+0x116/0x1d0 [ 14.114112] ? __pfx_kthread+0x10/0x10 [ 14.114133] ret_from_fork_asm+0x1a/0x30 [ 14.114164] </TASK> [ 14.114174] [ 14.128883] Allocated by task 248: [ 14.129498] kasan_save_stack+0x45/0x70 [ 14.129910] kasan_save_track+0x18/0x40 [ 14.130358] kasan_save_alloc_info+0x3b/0x50 [ 14.130831] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.131371] remove_element+0x11e/0x190 [ 14.131827] mempool_alloc_preallocated+0x4d/0x90 [ 14.132303] mempool_uaf_helper+0x96/0x400 [ 14.132669] mempool_slab_uaf+0xea/0x140 [ 14.132953] kunit_try_run_case+0x1a5/0x480 [ 14.133284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.133810] kthread+0x337/0x6f0 [ 14.133943] ret_from_fork+0x116/0x1d0 [ 14.134270] ret_from_fork_asm+0x1a/0x30 [ 14.134676] [ 14.134849] Freed by task 248: [ 14.135194] kasan_save_stack+0x45/0x70 [ 14.135639] kasan_save_track+0x18/0x40 [ 14.136026] kasan_save_free_info+0x3f/0x60 [ 14.136359] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.136532] mempool_free+0x2ec/0x380 [ 14.136664] mempool_uaf_helper+0x11a/0x400 [ 14.136817] mempool_slab_uaf+0xea/0x140 [ 14.136956] kunit_try_run_case+0x1a5/0x480 [ 14.137313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.137550] kthread+0x337/0x6f0 [ 14.137671] ret_from_fork+0x116/0x1d0 [ 14.137819] ret_from_fork_asm+0x1a/0x30 [ 14.137958] [ 14.138029] The buggy address belongs to the object at ffff8881038e3240 [ 14.138029] which belongs to the cache test_cache of size 123 [ 14.139268] The buggy address is located 0 bytes inside of [ 14.139268] freed 123-byte region [ffff8881038e3240, ffff8881038e32bb) [ 14.140607] [ 14.140795] The buggy address belongs to the physical page: [ 14.141385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e3 [ 14.142054] flags: 0x200000000000000(node=0|zone=2) [ 14.142354] page_type: f5(slab) [ 14.142727] raw: 0200000000000000 ffff888101dbddc0 dead000000000122 0000000000000000 [ 14.143198] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.144491] page dumped because: kasan: bad access detected [ 14.144679] [ 14.144767] Memory state around the buggy address: [ 14.144926] ffff8881038e3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145154] ffff8881038e3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.145370] >ffff8881038e3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.145587] ^ [ 14.146767] ffff8881038e3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.147003] ffff8881038e3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.147816] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.019152] ================================================================== [ 14.019566] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.019840] Read of size 1 at addr ffff8881032002bb by task kunit_try_catch/242 [ 14.020152] [ 14.020414] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.020460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.020472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.020493] Call Trace: [ 14.020505] <TASK> [ 14.020520] dump_stack_lvl+0x73/0xb0 [ 14.020553] print_report+0xd1/0x650 [ 14.020575] ? __virt_addr_valid+0x1db/0x2d0 [ 14.020599] ? mempool_oob_right_helper+0x318/0x380 [ 14.020639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.020663] ? mempool_oob_right_helper+0x318/0x380 [ 14.020687] kasan_report+0x141/0x180 [ 14.020720] ? mempool_oob_right_helper+0x318/0x380 [ 14.020749] __asan_report_load1_noabort+0x18/0x20 [ 14.020774] mempool_oob_right_helper+0x318/0x380 [ 14.020798] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.020827] ? irqentry_exit+0x2a/0x60 [ 14.020854] mempool_slab_oob_right+0xed/0x140 [ 14.020879] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.020905] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.020931] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.020957] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.020984] ? __pfx_read_tsc+0x10/0x10 [ 14.021008] ? ktime_get_ts64+0x86/0x230 [ 14.021064] kunit_try_run_case+0x1a5/0x480 [ 14.021090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.021114] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.021152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.021219] ? __kthread_parkme+0x82/0x180 [ 14.021567] ? preempt_count_sub+0x50/0x80 [ 14.021592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.021616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.021660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.021686] kthread+0x337/0x6f0 [ 14.021718] ? trace_preempt_on+0x20/0xc0 [ 14.021744] ? __pfx_kthread+0x10/0x10 [ 14.021765] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.021788] ? calculate_sigpending+0x7b/0xa0 [ 14.021811] ? __pfx_kthread+0x10/0x10 [ 14.021833] ret_from_fork+0x116/0x1d0 [ 14.021852] ? __pfx_kthread+0x10/0x10 [ 14.021873] ret_from_fork_asm+0x1a/0x30 [ 14.021903] </TASK> [ 14.021914] [ 14.035409] Allocated by task 242: [ 14.035538] kasan_save_stack+0x45/0x70 [ 14.035679] kasan_save_track+0x18/0x40 [ 14.036064] kasan_save_alloc_info+0x3b/0x50 [ 14.036500] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.037081] remove_element+0x11e/0x190 [ 14.037471] mempool_alloc_preallocated+0x4d/0x90 [ 14.037926] mempool_oob_right_helper+0x8a/0x380 [ 14.038449] mempool_slab_oob_right+0xed/0x140 [ 14.038920] kunit_try_run_case+0x1a5/0x480 [ 14.039393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.039879] kthread+0x337/0x6f0 [ 14.039999] ret_from_fork+0x116/0x1d0 [ 14.040175] ret_from_fork_asm+0x1a/0x30 [ 14.040624] [ 14.040795] The buggy address belongs to the object at ffff888103200240 [ 14.040795] which belongs to the cache test_cache of size 123 [ 14.041895] The buggy address is located 0 bytes to the right of [ 14.041895] allocated 123-byte region [ffff888103200240, ffff8881032002bb) [ 14.042381] [ 14.042612] The buggy address belongs to the physical page: [ 14.042889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103200 [ 14.043389] flags: 0x200000000000000(node=0|zone=2) [ 14.043894] page_type: f5(slab) [ 14.044252] raw: 0200000000000000 ffff8881031f2500 dead000000000122 0000000000000000 [ 14.044658] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.044890] page dumped because: kasan: bad access detected [ 14.045085] [ 14.045244] Memory state around the buggy address: [ 14.045697] ffff888103200180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.046371] ffff888103200200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.047019] >ffff888103200280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.047649] ^ [ 14.048065] ffff888103200300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.048457] ffff888103200380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.048666] ================================================================== [ 13.961794] ================================================================== [ 13.962284] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.962639] Read of size 1 at addr ffff8881031dbf73 by task kunit_try_catch/238 [ 13.962947] [ 13.963073] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.963123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.963188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.963212] Call Trace: [ 13.963227] <TASK> [ 13.963246] dump_stack_lvl+0x73/0xb0 [ 13.963279] print_report+0xd1/0x650 [ 13.963302] ? __virt_addr_valid+0x1db/0x2d0 [ 13.963329] ? mempool_oob_right_helper+0x318/0x380 [ 13.963352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.963376] ? mempool_oob_right_helper+0x318/0x380 [ 13.963401] kasan_report+0x141/0x180 [ 13.963422] ? mempool_oob_right_helper+0x318/0x380 [ 13.963451] __asan_report_load1_noabort+0x18/0x20 [ 13.963477] mempool_oob_right_helper+0x318/0x380 [ 13.963502] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.963528] ? ret_from_fork+0x116/0x1d0 [ 13.963548] ? kthread+0x337/0x6f0 [ 13.963569] ? ret_from_fork_asm+0x1a/0x30 [ 13.963594] ? mempool_alloc_preallocated+0x5b/0x90 [ 13.963622] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.963646] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.963673] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.963697] ? __pfx_mempool_kfree+0x10/0x10 [ 13.963737] ? __pfx_read_tsc+0x10/0x10 [ 13.963758] ? ktime_get_ts64+0x86/0x230 [ 13.963785] kunit_try_run_case+0x1a5/0x480 [ 13.963811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.963834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.963860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.963883] ? __kthread_parkme+0x82/0x180 [ 13.963903] ? preempt_count_sub+0x50/0x80 [ 13.963928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.963952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.963977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.964002] kthread+0x337/0x6f0 [ 13.964021] ? trace_preempt_on+0x20/0xc0 [ 13.964046] ? __pfx_kthread+0x10/0x10 [ 13.964066] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.964145] ? calculate_sigpending+0x7b/0xa0 [ 13.964172] ? __pfx_kthread+0x10/0x10 [ 13.964193] ret_from_fork+0x116/0x1d0 [ 13.964212] ? __pfx_kthread+0x10/0x10 [ 13.964233] ret_from_fork_asm+0x1a/0x30 [ 13.964264] </TASK> [ 13.964276] [ 13.973899] Allocated by task 238: [ 13.974737] kasan_save_stack+0x45/0x70 [ 13.974928] kasan_save_track+0x18/0x40 [ 13.975119] kasan_save_alloc_info+0x3b/0x50 [ 13.975438] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.975679] remove_element+0x11e/0x190 [ 13.975874] mempool_alloc_preallocated+0x4d/0x90 [ 13.976167] mempool_oob_right_helper+0x8a/0x380 [ 13.976361] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.976604] kunit_try_run_case+0x1a5/0x480 [ 13.976808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.977095] kthread+0x337/0x6f0 [ 13.977284] ret_from_fork+0x116/0x1d0 [ 13.977439] ret_from_fork_asm+0x1a/0x30 [ 13.977636] [ 13.977722] The buggy address belongs to the object at ffff8881031dbf00 [ 13.977722] which belongs to the cache kmalloc-128 of size 128 [ 13.978832] The buggy address is located 0 bytes to the right of [ 13.978832] allocated 115-byte region [ffff8881031dbf00, ffff8881031dbf73) [ 13.980189] [ 13.980292] The buggy address belongs to the physical page: [ 13.980627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 13.981119] flags: 0x200000000000000(node=0|zone=2) [ 13.981316] page_type: f5(slab) [ 13.981493] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.981950] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 13.982428] page dumped because: kasan: bad access detected [ 13.982646] [ 13.982759] Memory state around the buggy address: [ 13.982972] ffff8881031dbe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.983601] ffff8881031dbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.983971] >ffff8881031dbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.984365] ^ [ 13.984753] ffff8881031dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.985178] ffff8881031dc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.985526] ================================================================== [ 13.988555] ================================================================== [ 13.989489] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.989841] Read of size 1 at addr ffff88810398e001 by task kunit_try_catch/240 [ 13.990619] [ 13.990748] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.990970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.990987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.991010] Call Trace: [ 13.991146] <TASK> [ 13.991165] dump_stack_lvl+0x73/0xb0 [ 13.991199] print_report+0xd1/0x650 [ 13.991221] ? __virt_addr_valid+0x1db/0x2d0 [ 13.991243] ? mempool_oob_right_helper+0x318/0x380 [ 13.991266] ? kasan_addr_to_slab+0x11/0xa0 [ 13.991287] ? mempool_oob_right_helper+0x318/0x380 [ 13.991311] kasan_report+0x141/0x180 [ 13.991333] ? mempool_oob_right_helper+0x318/0x380 [ 13.991361] __asan_report_load1_noabort+0x18/0x20 [ 13.991386] mempool_oob_right_helper+0x318/0x380 [ 13.991411] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.991438] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.991462] ? finish_task_switch.isra.0+0x153/0x700 [ 13.991489] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.991514] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.991543] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.991567] ? __pfx_mempool_kfree+0x10/0x10 [ 13.991591] ? __pfx_read_tsc+0x10/0x10 [ 13.991612] ? ktime_get_ts64+0x86/0x230 [ 13.991636] kunit_try_run_case+0x1a5/0x480 [ 13.991661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.991722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.991746] ? __kthread_parkme+0x82/0x180 [ 13.991767] ? preempt_count_sub+0x50/0x80 [ 13.991790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.991863] kthread+0x337/0x6f0 [ 13.991883] ? trace_preempt_on+0x20/0xc0 [ 13.991907] ? __pfx_kthread+0x10/0x10 [ 13.991927] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.991948] ? calculate_sigpending+0x7b/0xa0 [ 13.991972] ? __pfx_kthread+0x10/0x10 [ 13.991994] ret_from_fork+0x116/0x1d0 [ 13.992012] ? __pfx_kthread+0x10/0x10 [ 13.992043] ret_from_fork_asm+0x1a/0x30 [ 13.992074] </TASK> [ 13.992084] [ 14.004204] The buggy address belongs to the physical page: [ 14.004479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10398c [ 14.005237] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.005567] flags: 0x200000000000040(head|node=0|zone=2) [ 14.005983] page_type: f8(unknown) [ 14.006267] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.006744] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.007254] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.007565] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.008099] head: 0200000000000002 ffffea00040e6301 00000000ffffffff 00000000ffffffff [ 14.008567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.009047] page dumped because: kasan: bad access detected [ 14.009450] [ 14.009576] Memory state around the buggy address: [ 14.009777] ffff88810398df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.010580] ffff88810398df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.011021] >ffff88810398e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.011369] ^ [ 14.011716] ffff88810398e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.012168] ffff88810398e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.012643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.388915] ================================================================== [ 13.389531] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.390396] Read of size 1 at addr ffff888101dbdb40 by task kunit_try_catch/232 [ 13.390734] [ 13.390850] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.390898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.390909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.390932] Call Trace: [ 13.390945] <TASK> [ 13.390963] dump_stack_lvl+0x73/0xb0 [ 13.390996] print_report+0xd1/0x650 [ 13.391018] ? __virt_addr_valid+0x1db/0x2d0 [ 13.391112] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.391139] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.391162] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.391189] kasan_report+0x141/0x180 [ 13.391210] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.391238] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.391264] __kasan_check_byte+0x3d/0x50 [ 13.391286] kmem_cache_destroy+0x25/0x1d0 [ 13.391310] kmem_cache_double_destroy+0x1bf/0x380 [ 13.391335] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.391360] ? finish_task_switch.isra.0+0x153/0x700 [ 13.391384] ? __switch_to+0x47/0xf50 [ 13.391412] ? __pfx_read_tsc+0x10/0x10 [ 13.391434] ? ktime_get_ts64+0x86/0x230 [ 13.391459] kunit_try_run_case+0x1a5/0x480 [ 13.391485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.391507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.391533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.391557] ? __kthread_parkme+0x82/0x180 [ 13.391578] ? preempt_count_sub+0x50/0x80 [ 13.391601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.391625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.391649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.391675] kthread+0x337/0x6f0 [ 13.391693] ? trace_preempt_on+0x20/0xc0 [ 13.391730] ? __pfx_kthread+0x10/0x10 [ 13.391750] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.391775] ? calculate_sigpending+0x7b/0xa0 [ 13.391800] ? __pfx_kthread+0x10/0x10 [ 13.391822] ret_from_fork+0x116/0x1d0 [ 13.391841] ? __pfx_kthread+0x10/0x10 [ 13.391862] ret_from_fork_asm+0x1a/0x30 [ 13.391894] </TASK> [ 13.391905] [ 13.401481] Allocated by task 232: [ 13.401798] kasan_save_stack+0x45/0x70 [ 13.402215] kasan_save_track+0x18/0x40 [ 13.402413] kasan_save_alloc_info+0x3b/0x50 [ 13.402614] __kasan_slab_alloc+0x91/0xa0 [ 13.402798] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.403013] __kmem_cache_create_args+0x169/0x240 [ 13.403728] kmem_cache_double_destroy+0xd5/0x380 [ 13.404300] kunit_try_run_case+0x1a5/0x480 [ 13.404583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.404988] kthread+0x337/0x6f0 [ 13.405407] ret_from_fork+0x116/0x1d0 [ 13.405593] ret_from_fork_asm+0x1a/0x30 [ 13.405789] [ 13.405875] Freed by task 232: [ 13.406021] kasan_save_stack+0x45/0x70 [ 13.406204] kasan_save_track+0x18/0x40 [ 13.406376] kasan_save_free_info+0x3f/0x60 [ 13.406566] __kasan_slab_free+0x56/0x70 [ 13.406753] kmem_cache_free+0x249/0x420 [ 13.406930] slab_kmem_cache_release+0x2e/0x40 [ 13.407695] kmem_cache_release+0x16/0x20 [ 13.407924] kobject_put+0x181/0x450 [ 13.408519] sysfs_slab_release+0x16/0x20 [ 13.408860] kmem_cache_destroy+0xf0/0x1d0 [ 13.409418] kmem_cache_double_destroy+0x14e/0x380 [ 13.409734] kunit_try_run_case+0x1a5/0x480 [ 13.409935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.410278] kthread+0x337/0x6f0 [ 13.410443] ret_from_fork+0x116/0x1d0 [ 13.410615] ret_from_fork_asm+0x1a/0x30 [ 13.410807] [ 13.410898] The buggy address belongs to the object at ffff888101dbdb40 [ 13.410898] which belongs to the cache kmem_cache of size 208 [ 13.411537] The buggy address is located 0 bytes inside of [ 13.411537] freed 208-byte region [ffff888101dbdb40, ffff888101dbdc10) [ 13.412560] [ 13.412664] The buggy address belongs to the physical page: [ 13.413381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101dbd [ 13.413865] flags: 0x200000000000000(node=0|zone=2) [ 13.414392] page_type: f5(slab) [ 13.414697] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.415318] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.415613] page dumped because: kasan: bad access detected [ 13.415858] [ 13.415947] Memory state around the buggy address: [ 13.416226] ffff888101dbda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.416524] ffff888101dbda80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.416820] >ffff888101dbdb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.417212] ^ [ 13.417442] ffff888101dbdb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.417742] ffff888101dbdc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.418554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.333400] ================================================================== [ 13.333883] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.334233] Read of size 1 at addr ffff8881031f9000 by task kunit_try_catch/230 [ 13.334579] [ 13.334730] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.334775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.334787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.334808] Call Trace: [ 13.334821] <TASK> [ 13.334838] dump_stack_lvl+0x73/0xb0 [ 13.334870] print_report+0xd1/0x650 [ 13.334891] ? __virt_addr_valid+0x1db/0x2d0 [ 13.334916] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.334939] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.334961] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.334984] kasan_report+0x141/0x180 [ 13.335006] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.335033] __asan_report_load1_noabort+0x18/0x20 [ 13.335070] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.335094] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.335117] ? finish_task_switch.isra.0+0x153/0x700 [ 13.335140] ? __switch_to+0x47/0xf50 [ 13.335168] ? __pfx_read_tsc+0x10/0x10 [ 13.335190] ? ktime_get_ts64+0x86/0x230 [ 13.335215] kunit_try_run_case+0x1a5/0x480 [ 13.335239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.335262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.335286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.335309] ? __kthread_parkme+0x82/0x180 [ 13.335330] ? preempt_count_sub+0x50/0x80 [ 13.335352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.335376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.335400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.335424] kthread+0x337/0x6f0 [ 13.335443] ? trace_preempt_on+0x20/0xc0 [ 13.335467] ? __pfx_kthread+0x10/0x10 [ 13.335487] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.335508] ? calculate_sigpending+0x7b/0xa0 [ 13.335532] ? __pfx_kthread+0x10/0x10 [ 13.335552] ret_from_fork+0x116/0x1d0 [ 13.335570] ? __pfx_kthread+0x10/0x10 [ 13.335590] ret_from_fork_asm+0x1a/0x30 [ 13.335621] </TASK> [ 13.335631] [ 13.343922] Allocated by task 230: [ 13.344179] kasan_save_stack+0x45/0x70 [ 13.344377] kasan_save_track+0x18/0x40 [ 13.344556] kasan_save_alloc_info+0x3b/0x50 [ 13.344760] __kasan_slab_alloc+0x91/0xa0 [ 13.344945] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.345231] kmem_cache_rcu_uaf+0x155/0x510 [ 13.345432] kunit_try_run_case+0x1a5/0x480 [ 13.345622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.345865] kthread+0x337/0x6f0 [ 13.346020] ret_from_fork+0x116/0x1d0 [ 13.347076] ret_from_fork_asm+0x1a/0x30 [ 13.347266] [ 13.347445] Freed by task 0: [ 13.347597] kasan_save_stack+0x45/0x70 [ 13.347802] kasan_save_track+0x18/0x40 [ 13.347970] kasan_save_free_info+0x3f/0x60 [ 13.348198] __kasan_slab_free+0x56/0x70 [ 13.348400] slab_free_after_rcu_debug+0xe4/0x310 [ 13.348600] rcu_core+0x66f/0x1c40 [ 13.348785] rcu_core_si+0x12/0x20 [ 13.348957] handle_softirqs+0x209/0x730 [ 13.349241] __irq_exit_rcu+0xc9/0x110 [ 13.349390] irq_exit_rcu+0x12/0x20 [ 13.349515] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.349690] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.349944] [ 13.350062] Last potentially related work creation: [ 13.350285] kasan_save_stack+0x45/0x70 [ 13.350422] kasan_record_aux_stack+0xb2/0xc0 [ 13.350570] kmem_cache_free+0x131/0x420 [ 13.350771] kmem_cache_rcu_uaf+0x194/0x510 [ 13.350983] kunit_try_run_case+0x1a5/0x480 [ 13.351334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.351767] kthread+0x337/0x6f0 [ 13.351971] ret_from_fork+0x116/0x1d0 [ 13.352146] ret_from_fork_asm+0x1a/0x30 [ 13.352453] [ 13.352547] The buggy address belongs to the object at ffff8881031f9000 [ 13.352547] which belongs to the cache test_cache of size 200 [ 13.353057] The buggy address is located 0 bytes inside of [ 13.353057] freed 200-byte region [ffff8881031f9000, ffff8881031f90c8) [ 13.353731] [ 13.353808] The buggy address belongs to the physical page: [ 13.354057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031f9 [ 13.354423] flags: 0x200000000000000(node=0|zone=2) [ 13.355072] page_type: f5(slab) [ 13.355599] raw: 0200000000000000 ffff8881031f2280 dead000000000122 0000000000000000 [ 13.356024] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.356459] page dumped because: kasan: bad access detected [ 13.356863] [ 13.356967] Memory state around the buggy address: [ 13.357416] ffff8881031f8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.357821] ffff8881031f8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.358067] >ffff8881031f9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.358677] ^ [ 13.358868] ffff8881031f9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.359336] ffff8881031f9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.359648] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.270877] ================================================================== [ 13.271895] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.272990] Free of addr ffff8881038da001 by task kunit_try_catch/228 [ 13.273945] [ 13.274383] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.274433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.274445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.274467] Call Trace: [ 13.274517] <TASK> [ 13.274535] dump_stack_lvl+0x73/0xb0 [ 13.274571] print_report+0xd1/0x650 [ 13.274627] ? __virt_addr_valid+0x1db/0x2d0 [ 13.274652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.274782] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.274809] kasan_report_invalid_free+0x10a/0x130 [ 13.274834] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.274860] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.274885] check_slab_allocation+0x11f/0x130 [ 13.274907] __kasan_slab_pre_free+0x28/0x40 [ 13.274927] kmem_cache_free+0xed/0x420 [ 13.274947] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.274968] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.274996] kmem_cache_invalid_free+0x1d8/0x460 [ 13.275050] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.275095] ? finish_task_switch.isra.0+0x153/0x700 [ 13.275120] ? __switch_to+0x47/0xf50 [ 13.275149] ? __pfx_read_tsc+0x10/0x10 [ 13.275170] ? ktime_get_ts64+0x86/0x230 [ 13.275196] kunit_try_run_case+0x1a5/0x480 [ 13.275223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.275246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.275271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.275294] ? __kthread_parkme+0x82/0x180 [ 13.275315] ? preempt_count_sub+0x50/0x80 [ 13.275338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.275362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.275386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.275411] kthread+0x337/0x6f0 [ 13.275430] ? trace_preempt_on+0x20/0xc0 [ 13.275454] ? __pfx_kthread+0x10/0x10 [ 13.275474] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.275495] ? calculate_sigpending+0x7b/0xa0 [ 13.275518] ? __pfx_kthread+0x10/0x10 [ 13.275539] ret_from_fork+0x116/0x1d0 [ 13.275557] ? __pfx_kthread+0x10/0x10 [ 13.275577] ret_from_fork_asm+0x1a/0x30 [ 13.275608] </TASK> [ 13.275618] [ 13.289259] Allocated by task 228: [ 13.289430] kasan_save_stack+0x45/0x70 [ 13.289616] kasan_save_track+0x18/0x40 [ 13.289801] kasan_save_alloc_info+0x3b/0x50 [ 13.289996] __kasan_slab_alloc+0x91/0xa0 [ 13.290631] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.290810] kmem_cache_invalid_free+0x157/0x460 [ 13.291018] kunit_try_run_case+0x1a5/0x480 [ 13.291522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.291772] kthread+0x337/0x6f0 [ 13.291932] ret_from_fork+0x116/0x1d0 [ 13.292241] ret_from_fork_asm+0x1a/0x30 [ 13.292436] [ 13.292522] The buggy address belongs to the object at ffff8881038da000 [ 13.292522] which belongs to the cache test_cache of size 200 [ 13.293000] The buggy address is located 1 bytes inside of [ 13.293000] 200-byte region [ffff8881038da000, ffff8881038da0c8) [ 13.294241] [ 13.294530] The buggy address belongs to the physical page: [ 13.294767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038da [ 13.295228] flags: 0x200000000000000(node=0|zone=2) [ 13.295453] page_type: f5(slab) [ 13.295605] raw: 0200000000000000 ffff888101dbda00 dead000000000122 0000000000000000 [ 13.295923] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.296301] page dumped because: kasan: bad access detected [ 13.296538] [ 13.296627] Memory state around the buggy address: [ 13.296840] ffff8881038d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.297204] ffff8881038d9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.297496] >ffff8881038da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.297791] ^ [ 13.297940] ffff8881038da080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.299080] ffff8881038da100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.299323] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.236008] ================================================================== [ 13.236994] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.237614] Free of addr ffff8881031f7000 by task kunit_try_catch/226 [ 13.238164] [ 13.238347] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.238391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.238403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.238425] Call Trace: [ 13.238437] <TASK> [ 13.238453] dump_stack_lvl+0x73/0xb0 [ 13.238486] print_report+0xd1/0x650 [ 13.238508] ? __virt_addr_valid+0x1db/0x2d0 [ 13.238533] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.238556] ? kmem_cache_double_free+0x1e5/0x480 [ 13.238582] kasan_report_invalid_free+0x10a/0x130 [ 13.238606] ? kmem_cache_double_free+0x1e5/0x480 [ 13.238632] ? kmem_cache_double_free+0x1e5/0x480 [ 13.238656] check_slab_allocation+0x101/0x130 [ 13.238677] __kasan_slab_pre_free+0x28/0x40 [ 13.238698] kmem_cache_free+0xed/0x420 [ 13.238730] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.238751] ? kmem_cache_double_free+0x1e5/0x480 [ 13.238777] kmem_cache_double_free+0x1e5/0x480 [ 13.238801] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.238825] ? finish_task_switch.isra.0+0x153/0x700 [ 13.238849] ? __switch_to+0x47/0xf50 [ 13.238878] ? __pfx_read_tsc+0x10/0x10 [ 13.238899] ? ktime_get_ts64+0x86/0x230 [ 13.238924] kunit_try_run_case+0x1a5/0x480 [ 13.238949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.238971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.238996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.239019] ? __kthread_parkme+0x82/0x180 [ 13.239053] ? preempt_count_sub+0x50/0x80 [ 13.239076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.239100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.239124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.239148] kthread+0x337/0x6f0 [ 13.239167] ? trace_preempt_on+0x20/0xc0 [ 13.239191] ? __pfx_kthread+0x10/0x10 [ 13.239211] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.239232] ? calculate_sigpending+0x7b/0xa0 [ 13.239255] ? __pfx_kthread+0x10/0x10 [ 13.239276] ret_from_fork+0x116/0x1d0 [ 13.239294] ? __pfx_kthread+0x10/0x10 [ 13.239314] ret_from_fork_asm+0x1a/0x30 [ 13.239344] </TASK> [ 13.239354] [ 13.250860] Allocated by task 226: [ 13.251010] kasan_save_stack+0x45/0x70 [ 13.251223] kasan_save_track+0x18/0x40 [ 13.251394] kasan_save_alloc_info+0x3b/0x50 [ 13.251604] __kasan_slab_alloc+0x91/0xa0 [ 13.251792] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.252014] kmem_cache_double_free+0x14f/0x480 [ 13.252658] kunit_try_run_case+0x1a5/0x480 [ 13.252861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.253252] kthread+0x337/0x6f0 [ 13.253423] ret_from_fork+0x116/0x1d0 [ 13.253728] ret_from_fork_asm+0x1a/0x30 [ 13.253997] [ 13.254170] Freed by task 226: [ 13.254292] kasan_save_stack+0x45/0x70 [ 13.254605] kasan_save_track+0x18/0x40 [ 13.254815] kasan_save_free_info+0x3f/0x60 [ 13.255006] __kasan_slab_free+0x56/0x70 [ 13.255211] kmem_cache_free+0x249/0x420 [ 13.255635] kmem_cache_double_free+0x16a/0x480 [ 13.255854] kunit_try_run_case+0x1a5/0x480 [ 13.256188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.256517] kthread+0x337/0x6f0 [ 13.256651] ret_from_fork+0x116/0x1d0 [ 13.256852] ret_from_fork_asm+0x1a/0x30 [ 13.257024] [ 13.257129] The buggy address belongs to the object at ffff8881031f7000 [ 13.257129] which belongs to the cache test_cache of size 200 [ 13.257883] The buggy address is located 0 bytes inside of [ 13.257883] 200-byte region [ffff8881031f7000, ffff8881031f70c8) [ 13.258518] [ 13.258695] The buggy address belongs to the physical page: [ 13.258942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031f7 [ 13.259390] flags: 0x200000000000000(node=0|zone=2) [ 13.259611] page_type: f5(slab) [ 13.259852] raw: 0200000000000000 ffff8881031f2140 dead000000000122 0000000000000000 [ 13.260124] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.260541] page dumped because: kasan: bad access detected [ 13.260762] [ 13.260858] Memory state around the buggy address: [ 13.261074] ffff8881031f6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.261323] ffff8881031f6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.261623] >ffff8881031f7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.261912] ^ [ 13.262028] ffff8881031f7080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.262365] ffff8881031f7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.191284] ================================================================== [ 13.192440] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.192674] Read of size 1 at addr ffff8881031f60c8 by task kunit_try_catch/224 [ 13.193734] [ 13.194120] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.194167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.194179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.194326] Call Trace: [ 13.194342] <TASK> [ 13.194357] dump_stack_lvl+0x73/0xb0 [ 13.194389] print_report+0xd1/0x650 [ 13.194410] ? __virt_addr_valid+0x1db/0x2d0 [ 13.194432] ? kmem_cache_oob+0x402/0x530 [ 13.194454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.194477] ? kmem_cache_oob+0x402/0x530 [ 13.194499] kasan_report+0x141/0x180 [ 13.194520] ? kmem_cache_oob+0x402/0x530 [ 13.194548] __asan_report_load1_noabort+0x18/0x20 [ 13.194572] kmem_cache_oob+0x402/0x530 [ 13.194593] ? trace_hardirqs_on+0x37/0xe0 [ 13.194617] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.194639] ? finish_task_switch.isra.0+0x153/0x700 [ 13.194662] ? __switch_to+0x47/0xf50 [ 13.194691] ? __pfx_read_tsc+0x10/0x10 [ 13.194723] ? ktime_get_ts64+0x86/0x230 [ 13.194748] kunit_try_run_case+0x1a5/0x480 [ 13.194772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.194794] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.194818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.194841] ? __kthread_parkme+0x82/0x180 [ 13.194862] ? preempt_count_sub+0x50/0x80 [ 13.194885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.194908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.194932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.194957] kthread+0x337/0x6f0 [ 13.194975] ? trace_preempt_on+0x20/0xc0 [ 13.194996] ? __pfx_kthread+0x10/0x10 [ 13.195016] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.195057] ? calculate_sigpending+0x7b/0xa0 [ 13.195094] ? __pfx_kthread+0x10/0x10 [ 13.195115] ret_from_fork+0x116/0x1d0 [ 13.195132] ? __pfx_kthread+0x10/0x10 [ 13.195152] ret_from_fork_asm+0x1a/0x30 [ 13.195182] </TASK> [ 13.195193] [ 13.208105] Allocated by task 224: [ 13.208456] kasan_save_stack+0x45/0x70 [ 13.208834] kasan_save_track+0x18/0x40 [ 13.209176] kasan_save_alloc_info+0x3b/0x50 [ 13.209637] __kasan_slab_alloc+0x91/0xa0 [ 13.209791] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.209941] kmem_cache_oob+0x157/0x530 [ 13.210217] kunit_try_run_case+0x1a5/0x480 [ 13.210642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.211243] kthread+0x337/0x6f0 [ 13.211556] ret_from_fork+0x116/0x1d0 [ 13.211955] ret_from_fork_asm+0x1a/0x30 [ 13.212405] [ 13.212530] The buggy address belongs to the object at ffff8881031f6000 [ 13.212530] which belongs to the cache test_cache of size 200 [ 13.212882] The buggy address is located 0 bytes to the right of [ 13.212882] allocated 200-byte region [ffff8881031f6000, ffff8881031f60c8) [ 13.213825] [ 13.213990] The buggy address belongs to the physical page: [ 13.214598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031f6 [ 13.215479] flags: 0x200000000000000(node=0|zone=2) [ 13.215933] page_type: f5(slab) [ 13.216186] raw: 0200000000000000 ffff8881031f2000 dead000000000122 0000000000000000 [ 13.216772] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.217564] page dumped because: kasan: bad access detected [ 13.217907] [ 13.217978] Memory state around the buggy address: [ 13.218201] ffff8881031f5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.218948] ffff8881031f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.219757] >ffff8881031f6080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.220334] ^ [ 13.220510] ffff8881031f6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.220734] ffff8881031f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.220945] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.145829] ================================================================== [ 13.147125] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.147537] Read of size 8 at addr ffff8881031eaa80 by task kunit_try_catch/217 [ 13.147772] [ 13.147867] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.147921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.147934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.147963] Call Trace: [ 13.147976] <TASK> [ 13.147992] dump_stack_lvl+0x73/0xb0 [ 13.148048] print_report+0xd1/0x650 [ 13.148071] ? __virt_addr_valid+0x1db/0x2d0 [ 13.148097] ? workqueue_uaf+0x4d6/0x560 [ 13.148118] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.148215] ? workqueue_uaf+0x4d6/0x560 [ 13.148238] kasan_report+0x141/0x180 [ 13.148260] ? workqueue_uaf+0x4d6/0x560 [ 13.148287] __asan_report_load8_noabort+0x18/0x20 [ 13.148340] workqueue_uaf+0x4d6/0x560 [ 13.148379] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.148403] ? __schedule+0x10cc/0x2b60 [ 13.148428] ? __pfx_read_tsc+0x10/0x10 [ 13.148452] ? ktime_get_ts64+0x86/0x230 [ 13.148479] kunit_try_run_case+0x1a5/0x480 [ 13.148506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.148531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.148558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.148584] ? __kthread_parkme+0x82/0x180 [ 13.148607] ? preempt_count_sub+0x50/0x80 [ 13.148633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.148679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.148717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.148746] kthread+0x337/0x6f0 [ 13.148765] ? trace_preempt_on+0x20/0xc0 [ 13.148791] ? __pfx_kthread+0x10/0x10 [ 13.148812] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.148853] ? calculate_sigpending+0x7b/0xa0 [ 13.148879] ? __pfx_kthread+0x10/0x10 [ 13.148901] ret_from_fork+0x116/0x1d0 [ 13.148920] ? __pfx_kthread+0x10/0x10 [ 13.148942] ret_from_fork_asm+0x1a/0x30 [ 13.148975] </TASK> [ 13.148985] [ 13.161922] Allocated by task 217: [ 13.162277] kasan_save_stack+0x45/0x70 [ 13.162755] kasan_save_track+0x18/0x40 [ 13.163197] kasan_save_alloc_info+0x3b/0x50 [ 13.163606] __kasan_kmalloc+0xb7/0xc0 [ 13.163973] __kmalloc_cache_noprof+0x189/0x420 [ 13.164501] workqueue_uaf+0x152/0x560 [ 13.164875] kunit_try_run_case+0x1a5/0x480 [ 13.165296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.165760] kthread+0x337/0x6f0 [ 13.165892] ret_from_fork+0x116/0x1d0 [ 13.166045] ret_from_fork_asm+0x1a/0x30 [ 13.166545] [ 13.166740] Freed by task 9: [ 13.167021] kasan_save_stack+0x45/0x70 [ 13.167485] kasan_save_track+0x18/0x40 [ 13.167866] kasan_save_free_info+0x3f/0x60 [ 13.168228] __kasan_slab_free+0x56/0x70 [ 13.168555] kfree+0x222/0x3f0 [ 13.168673] workqueue_uaf_work+0x12/0x20 [ 13.168822] process_one_work+0x5ee/0xf60 [ 13.168962] worker_thread+0x758/0x1220 [ 13.169232] kthread+0x337/0x6f0 [ 13.169607] ret_from_fork+0x116/0x1d0 [ 13.170163] ret_from_fork_asm+0x1a/0x30 [ 13.170550] [ 13.170741] Last potentially related work creation: [ 13.171245] kasan_save_stack+0x45/0x70 [ 13.171608] kasan_record_aux_stack+0xb2/0xc0 [ 13.172080] __queue_work+0x626/0xeb0 [ 13.172456] queue_work_on+0xb6/0xc0 [ 13.172809] workqueue_uaf+0x26d/0x560 [ 13.173264] kunit_try_run_case+0x1a5/0x480 [ 13.173479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.173654] kthread+0x337/0x6f0 [ 13.173785] ret_from_fork+0x116/0x1d0 [ 13.173914] ret_from_fork_asm+0x1a/0x30 [ 13.174129] [ 13.174290] The buggy address belongs to the object at ffff8881031eaa80 [ 13.174290] which belongs to the cache kmalloc-32 of size 32 [ 13.175577] The buggy address is located 0 bytes inside of [ 13.175577] freed 32-byte region [ffff8881031eaa80, ffff8881031eaaa0) [ 13.176690] [ 13.176867] The buggy address belongs to the physical page: [ 13.177363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ea [ 13.178179] flags: 0x200000000000000(node=0|zone=2) [ 13.178519] page_type: f5(slab) [ 13.178650] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.178901] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.179419] page dumped because: kasan: bad access detected [ 13.180015] [ 13.180233] Memory state around the buggy address: [ 13.180677] ffff8881031ea980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.181345] ffff8881031eaa00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.181958] >ffff8881031eaa80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.182739] ^ [ 13.183033] ffff8881031eab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.183390] ffff8881031eab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.183611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.098145] ================================================================== [ 13.098601] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.099164] Read of size 4 at addr ffff8881038d4380 by task swapper/1/0 [ 13.099381] [ 13.099762] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.099809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.099820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.099840] Call Trace: [ 13.099868] <IRQ> [ 13.099885] dump_stack_lvl+0x73/0xb0 [ 13.099917] print_report+0xd1/0x650 [ 13.099939] ? __virt_addr_valid+0x1db/0x2d0 [ 13.099962] ? rcu_uaf_reclaim+0x50/0x60 [ 13.099981] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.100004] ? rcu_uaf_reclaim+0x50/0x60 [ 13.100087] kasan_report+0x141/0x180 [ 13.100112] ? rcu_uaf_reclaim+0x50/0x60 [ 13.100138] __asan_report_load4_noabort+0x18/0x20 [ 13.100162] rcu_uaf_reclaim+0x50/0x60 [ 13.100183] rcu_core+0x66f/0x1c40 [ 13.100211] ? __pfx_rcu_core+0x10/0x10 [ 13.100232] ? ktime_get+0x6b/0x150 [ 13.100254] ? handle_softirqs+0x18e/0x730 [ 13.100279] rcu_core_si+0x12/0x20 [ 13.100299] handle_softirqs+0x209/0x730 [ 13.100325] ? hrtimer_interrupt+0x2fe/0x780 [ 13.100348] ? __pfx_handle_softirqs+0x10/0x10 [ 13.100374] __irq_exit_rcu+0xc9/0x110 [ 13.100394] irq_exit_rcu+0x12/0x20 [ 13.100414] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.100439] </IRQ> [ 13.100466] <TASK> [ 13.100477] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.100568] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.100787] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.100868] RSP: 0000:ffff888100877dc8 EFLAGS: 00010212 [ 13.100954] RAX: ffff8881cc572000 RBX: ffff888100853000 RCX: ffffffff8c674105 [ 13.100999] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000001ebbc [ 13.101091] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 13.101138] R10: ffff88815b130c53 R11: ffffffff8ebc36c0 R12: 0000000000000001 [ 13.101180] R13: ffffed102010a600 R14: ffffffff8e3b1390 R15: 0000000000000000 [ 13.101239] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.101294] ? default_idle+0xd/0x20 [ 13.101316] arch_cpu_idle+0xd/0x20 [ 13.101337] default_idle_call+0x48/0x80 [ 13.101356] do_idle+0x379/0x4f0 [ 13.101378] ? complete+0x15b/0x1d0 [ 13.101395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.101421] ? __pfx_do_idle+0x10/0x10 [ 13.101441] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 13.101465] ? complete+0x15b/0x1d0 [ 13.101487] cpu_startup_entry+0x5c/0x70 [ 13.101506] start_secondary+0x211/0x290 [ 13.101528] ? __pfx_start_secondary+0x10/0x10 [ 13.101555] common_startup_64+0x13e/0x148 [ 13.101588] </TASK> [ 13.101598] [ 13.116532] Allocated by task 215: [ 13.116674] kasan_save_stack+0x45/0x70 [ 13.117349] kasan_save_track+0x18/0x40 [ 13.117655] kasan_save_alloc_info+0x3b/0x50 [ 13.117828] __kasan_kmalloc+0xb7/0xc0 [ 13.118011] __kmalloc_cache_noprof+0x189/0x420 [ 13.118492] rcu_uaf+0xb0/0x330 [ 13.119776] kunit_try_run_case+0x1a5/0x480 [ 13.120163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120470] kthread+0x337/0x6f0 [ 13.120592] ret_from_fork+0x116/0x1d0 [ 13.120811] ret_from_fork_asm+0x1a/0x30 [ 13.121185] [ 13.121569] Freed by task 0: [ 13.122019] kasan_save_stack+0x45/0x70 [ 13.122682] kasan_save_track+0x18/0x40 [ 13.123137] kasan_save_free_info+0x3f/0x60 [ 13.123292] __kasan_slab_free+0x56/0x70 [ 13.123430] kfree+0x222/0x3f0 [ 13.123546] rcu_uaf_reclaim+0x1f/0x60 [ 13.123678] rcu_core+0x66f/0x1c40 [ 13.124384] rcu_core_si+0x12/0x20 [ 13.124729] handle_softirqs+0x209/0x730 [ 13.125256] __irq_exit_rcu+0xc9/0x110 [ 13.125722] irq_exit_rcu+0x12/0x20 [ 13.126191] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.126711] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.127327] [ 13.127507] Last potentially related work creation: [ 13.127671] kasan_save_stack+0x45/0x70 [ 13.127830] kasan_record_aux_stack+0xb2/0xc0 [ 13.127983] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.128611] call_rcu+0x12/0x20 [ 13.128940] rcu_uaf+0x168/0x330 [ 13.129300] kunit_try_run_case+0x1a5/0x480 [ 13.129749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.130310] kthread+0x337/0x6f0 [ 13.130686] ret_from_fork+0x116/0x1d0 [ 13.131167] ret_from_fork_asm+0x1a/0x30 [ 13.131556] [ 13.131740] The buggy address belongs to the object at ffff8881038d4380 [ 13.131740] which belongs to the cache kmalloc-32 of size 32 [ 13.132618] The buggy address is located 0 bytes inside of [ 13.132618] freed 32-byte region [ffff8881038d4380, ffff8881038d43a0) [ 13.132975] [ 13.133329] The buggy address belongs to the physical page: [ 13.133959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4 [ 13.134823] flags: 0x200000000000000(node=0|zone=2) [ 13.135525] page_type: f5(slab) [ 13.135868] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.136670] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.137040] page dumped because: kasan: bad access detected [ 13.137317] [ 13.137491] Memory state around the buggy address: [ 13.137960] ffff8881038d4280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.138743] ffff8881038d4300: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.139385] >ffff8881038d4380: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.139776] ^ [ 13.139890] ffff8881038d4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.140261] ffff8881038d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.141071] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.046694] ================================================================== [ 13.047002] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.047544] Read of size 1 at addr ffff8881031dbc00 by task kunit_try_catch/213 [ 13.047778] [ 13.047892] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.047933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.047944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.047964] Call Trace: [ 13.047979] <TASK> [ 13.047993] dump_stack_lvl+0x73/0xb0 [ 13.048022] print_report+0xd1/0x650 [ 13.048239] ? __virt_addr_valid+0x1db/0x2d0 [ 13.048266] ? ksize_uaf+0x5fe/0x6c0 [ 13.048286] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.048308] ? ksize_uaf+0x5fe/0x6c0 [ 13.048335] kasan_report+0x141/0x180 [ 13.048357] ? ksize_uaf+0x5fe/0x6c0 [ 13.048381] __asan_report_load1_noabort+0x18/0x20 [ 13.048406] ksize_uaf+0x5fe/0x6c0 [ 13.048426] ? __pfx_ksize_uaf+0x10/0x10 [ 13.048449] ? __pfx_ksize_uaf+0x10/0x10 [ 13.048473] kunit_try_run_case+0x1a5/0x480 [ 13.048496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.048518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.048543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.048567] ? __kthread_parkme+0x82/0x180 [ 13.048586] ? preempt_count_sub+0x50/0x80 [ 13.048609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.048633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.048656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.048681] kthread+0x337/0x6f0 [ 13.048699] ? trace_preempt_on+0x20/0xc0 [ 13.048734] ? __pfx_kthread+0x10/0x10 [ 13.048754] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.048775] ? calculate_sigpending+0x7b/0xa0 [ 13.048799] ? __pfx_kthread+0x10/0x10 [ 13.048819] ret_from_fork+0x116/0x1d0 [ 13.048838] ? __pfx_kthread+0x10/0x10 [ 13.048858] ret_from_fork_asm+0x1a/0x30 [ 13.048887] </TASK> [ 13.048897] [ 13.055730] Allocated by task 213: [ 13.055857] kasan_save_stack+0x45/0x70 [ 13.055997] kasan_save_track+0x18/0x40 [ 13.056129] kasan_save_alloc_info+0x3b/0x50 [ 13.056384] __kasan_kmalloc+0xb7/0xc0 [ 13.056571] __kmalloc_cache_noprof+0x189/0x420 [ 13.056803] ksize_uaf+0xaa/0x6c0 [ 13.056974] kunit_try_run_case+0x1a5/0x480 [ 13.057339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057651] kthread+0x337/0x6f0 [ 13.057819] ret_from_fork+0x116/0x1d0 [ 13.058001] ret_from_fork_asm+0x1a/0x30 [ 13.058149] [ 13.058219] Freed by task 213: [ 13.058329] kasan_save_stack+0x45/0x70 [ 13.058463] kasan_save_track+0x18/0x40 [ 13.058859] kasan_save_free_info+0x3f/0x60 [ 13.059191] __kasan_slab_free+0x56/0x70 [ 13.059387] kfree+0x222/0x3f0 [ 13.059555] ksize_uaf+0x12c/0x6c0 [ 13.059813] kunit_try_run_case+0x1a5/0x480 [ 13.060113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.060384] kthread+0x337/0x6f0 [ 13.060544] ret_from_fork+0x116/0x1d0 [ 13.060700] ret_from_fork_asm+0x1a/0x30 [ 13.060870] [ 13.060938] The buggy address belongs to the object at ffff8881031dbc00 [ 13.060938] which belongs to the cache kmalloc-128 of size 128 [ 13.061408] The buggy address is located 0 bytes inside of [ 13.061408] freed 128-byte region [ffff8881031dbc00, ffff8881031dbc80) [ 13.061891] [ 13.061961] The buggy address belongs to the physical page: [ 13.062128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 13.062360] flags: 0x200000000000000(node=0|zone=2) [ 13.062800] page_type: f5(slab) [ 13.062978] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.063488] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.063778] page dumped because: kasan: bad access detected [ 13.063948] [ 13.064017] Memory state around the buggy address: [ 13.064167] ffff8881031dbb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.064478] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.064824] >ffff8881031dbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.065183] ^ [ 13.065583] ffff8881031dbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.066240] ffff8881031dbd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.066490] ================================================================== [ 13.026228] ================================================================== [ 13.027139] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.027562] Read of size 1 at addr ffff8881031dbc00 by task kunit_try_catch/213 [ 13.027896] [ 13.027999] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.028043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.028054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.028074] Call Trace: [ 13.028086] <TASK> [ 13.028102] dump_stack_lvl+0x73/0xb0 [ 13.028134] print_report+0xd1/0x650 [ 13.028157] ? __virt_addr_valid+0x1db/0x2d0 [ 13.028180] ? ksize_uaf+0x19d/0x6c0 [ 13.028200] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.028223] ? ksize_uaf+0x19d/0x6c0 [ 13.028243] kasan_report+0x141/0x180 [ 13.028264] ? ksize_uaf+0x19d/0x6c0 [ 13.028286] ? ksize_uaf+0x19d/0x6c0 [ 13.028306] __kasan_check_byte+0x3d/0x50 [ 13.028332] ksize+0x20/0x60 [ 13.028353] ksize_uaf+0x19d/0x6c0 [ 13.028372] ? __pfx_ksize_uaf+0x10/0x10 [ 13.028395] ? __pfx_ksize_uaf+0x10/0x10 [ 13.028419] kunit_try_run_case+0x1a5/0x480 [ 13.028444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.028467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.028491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.028514] ? __kthread_parkme+0x82/0x180 [ 13.028535] ? preempt_count_sub+0x50/0x80 [ 13.028559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.028583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.028607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.028631] kthread+0x337/0x6f0 [ 13.028650] ? trace_preempt_on+0x20/0xc0 [ 13.028673] ? __pfx_kthread+0x10/0x10 [ 13.028693] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.028806] ? calculate_sigpending+0x7b/0xa0 [ 13.028832] ? __pfx_kthread+0x10/0x10 [ 13.028853] ret_from_fork+0x116/0x1d0 [ 13.028873] ? __pfx_kthread+0x10/0x10 [ 13.028893] ret_from_fork_asm+0x1a/0x30 [ 13.028924] </TASK> [ 13.028934] [ 13.036010] Allocated by task 213: [ 13.036219] kasan_save_stack+0x45/0x70 [ 13.036411] kasan_save_track+0x18/0x40 [ 13.036545] kasan_save_alloc_info+0x3b/0x50 [ 13.036693] __kasan_kmalloc+0xb7/0xc0 [ 13.036833] __kmalloc_cache_noprof+0x189/0x420 [ 13.037050] ksize_uaf+0xaa/0x6c0 [ 13.037217] kunit_try_run_case+0x1a5/0x480 [ 13.037425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037864] kthread+0x337/0x6f0 [ 13.038162] ret_from_fork+0x116/0x1d0 [ 13.038299] ret_from_fork_asm+0x1a/0x30 [ 13.038437] [ 13.038505] Freed by task 213: [ 13.038614] kasan_save_stack+0x45/0x70 [ 13.038792] kasan_save_track+0x18/0x40 [ 13.038966] kasan_save_free_info+0x3f/0x60 [ 13.039285] __kasan_slab_free+0x56/0x70 [ 13.039450] kfree+0x222/0x3f0 [ 13.039565] ksize_uaf+0x12c/0x6c0 [ 13.039687] kunit_try_run_case+0x1a5/0x480 [ 13.039844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040142] kthread+0x337/0x6f0 [ 13.040399] ret_from_fork+0x116/0x1d0 [ 13.040627] ret_from_fork_asm+0x1a/0x30 [ 13.040832] [ 13.040923] The buggy address belongs to the object at ffff8881031dbc00 [ 13.040923] which belongs to the cache kmalloc-128 of size 128 [ 13.041506] The buggy address is located 0 bytes inside of [ 13.041506] freed 128-byte region [ffff8881031dbc00, ffff8881031dbc80) [ 13.041939] [ 13.042034] The buggy address belongs to the physical page: [ 13.042306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 13.042664] flags: 0x200000000000000(node=0|zone=2) [ 13.042907] page_type: f5(slab) [ 13.043118] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.043429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.043679] page dumped because: kasan: bad access detected [ 13.043858] [ 13.043936] Memory state around the buggy address: [ 13.044367] ffff8881031dbb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.044686] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.044938] >ffff8881031dbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.045352] ^ [ 13.045563] ffff8881031dbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045786] ffff8881031dbd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.046140] ================================================================== [ 13.066947] ================================================================== [ 13.067464] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.067775] Read of size 1 at addr ffff8881031dbc78 by task kunit_try_catch/213 [ 13.067995] [ 13.068169] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.068208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.068219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.068239] Call Trace: [ 13.068249] <TASK> [ 13.068263] dump_stack_lvl+0x73/0xb0 [ 13.068290] print_report+0xd1/0x650 [ 13.068312] ? __virt_addr_valid+0x1db/0x2d0 [ 13.068341] ? ksize_uaf+0x5e4/0x6c0 [ 13.068361] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.068384] ? ksize_uaf+0x5e4/0x6c0 [ 13.068404] kasan_report+0x141/0x180 [ 13.068425] ? ksize_uaf+0x5e4/0x6c0 [ 13.068449] __asan_report_load1_noabort+0x18/0x20 [ 13.068474] ksize_uaf+0x5e4/0x6c0 [ 13.068494] ? __pfx_ksize_uaf+0x10/0x10 [ 13.068516] ? __pfx_ksize_uaf+0x10/0x10 [ 13.068541] kunit_try_run_case+0x1a5/0x480 [ 13.068564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.068586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.068610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.068634] ? __kthread_parkme+0x82/0x180 [ 13.068655] ? preempt_count_sub+0x50/0x80 [ 13.068678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.068712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.068736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.068761] kthread+0x337/0x6f0 [ 13.068779] ? trace_preempt_on+0x20/0xc0 [ 13.068803] ? __pfx_kthread+0x10/0x10 [ 13.068823] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.068844] ? calculate_sigpending+0x7b/0xa0 [ 13.068867] ? __pfx_kthread+0x10/0x10 [ 13.068888] ret_from_fork+0x116/0x1d0 [ 13.068906] ? __pfx_kthread+0x10/0x10 [ 13.068926] ret_from_fork_asm+0x1a/0x30 [ 13.068956] </TASK> [ 13.068965] [ 13.075684] Allocated by task 213: [ 13.075837] kasan_save_stack+0x45/0x70 [ 13.075981] kasan_save_track+0x18/0x40 [ 13.076300] kasan_save_alloc_info+0x3b/0x50 [ 13.076490] __kasan_kmalloc+0xb7/0xc0 [ 13.076621] __kmalloc_cache_noprof+0x189/0x420 [ 13.076785] ksize_uaf+0xaa/0x6c0 [ 13.076960] kunit_try_run_case+0x1a5/0x480 [ 13.077328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077578] kthread+0x337/0x6f0 [ 13.077743] ret_from_fork+0x116/0x1d0 [ 13.077874] ret_from_fork_asm+0x1a/0x30 [ 13.078011] [ 13.078294] Freed by task 213: [ 13.078596] kasan_save_stack+0x45/0x70 [ 13.078827] kasan_save_track+0x18/0x40 [ 13.079005] kasan_save_free_info+0x3f/0x60 [ 13.079261] __kasan_slab_free+0x56/0x70 [ 13.079402] kfree+0x222/0x3f0 [ 13.079518] ksize_uaf+0x12c/0x6c0 [ 13.079641] kunit_try_run_case+0x1a5/0x480 [ 13.079797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.079973] kthread+0x337/0x6f0 [ 13.080134] ret_from_fork+0x116/0x1d0 [ 13.080328] ret_from_fork_asm+0x1a/0x30 [ 13.080525] [ 13.080618] The buggy address belongs to the object at ffff8881031dbc00 [ 13.080618] which belongs to the cache kmalloc-128 of size 128 [ 13.081399] The buggy address is located 120 bytes inside of [ 13.081399] freed 128-byte region [ffff8881031dbc00, ffff8881031dbc80) [ 13.081772] [ 13.081843] The buggy address belongs to the physical page: [ 13.083654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 13.083993] flags: 0x200000000000000(node=0|zone=2) [ 13.084352] page_type: f5(slab) [ 13.084509] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.084846] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.085489] page dumped because: kasan: bad access detected [ 13.085695] [ 13.085935] Memory state around the buggy address: [ 13.086320] ffff8881031dbb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.086700] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.087246] >ffff8881031dbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.087626] ^ [ 13.087933] ffff8881031dbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.088406] ffff8881031dbd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.088815] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.975363] ================================================================== [ 12.976420] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.976812] Read of size 1 at addr ffff8881031dbb78 by task kunit_try_catch/211 [ 12.977215] [ 12.977325] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.977366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.977377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.977407] Call Trace: [ 12.977418] <TASK> [ 12.977432] dump_stack_lvl+0x73/0xb0 [ 12.977460] print_report+0xd1/0x650 [ 12.977491] ? __virt_addr_valid+0x1db/0x2d0 [ 12.977512] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.977535] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.977568] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.977592] kasan_report+0x141/0x180 [ 12.977613] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.977648] __asan_report_load1_noabort+0x18/0x20 [ 12.977672] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.977696] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.977737] ? finish_task_switch.isra.0+0x153/0x700 [ 12.977759] ? __switch_to+0x47/0xf50 [ 12.977784] ? __schedule+0x10cc/0x2b60 [ 12.977805] ? __pfx_read_tsc+0x10/0x10 [ 12.977826] ? ktime_get_ts64+0x86/0x230 [ 12.977849] kunit_try_run_case+0x1a5/0x480 [ 12.977872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.977928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.977952] ? __kthread_parkme+0x82/0x180 [ 12.977972] ? preempt_count_sub+0x50/0x80 [ 12.978005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.978045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.978069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.978094] kthread+0x337/0x6f0 [ 12.978112] ? trace_preempt_on+0x20/0xc0 [ 12.978136] ? __pfx_kthread+0x10/0x10 [ 12.978156] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.978177] ? calculate_sigpending+0x7b/0xa0 [ 12.978201] ? __pfx_kthread+0x10/0x10 [ 12.978222] ret_from_fork+0x116/0x1d0 [ 12.978240] ? __pfx_kthread+0x10/0x10 [ 12.978260] ret_from_fork_asm+0x1a/0x30 [ 12.978289] </TASK> [ 12.978388] [ 12.986389] Allocated by task 211: [ 12.986677] kasan_save_stack+0x45/0x70 [ 12.986908] kasan_save_track+0x18/0x40 [ 12.987258] kasan_save_alloc_info+0x3b/0x50 [ 12.987469] __kasan_kmalloc+0xb7/0xc0 [ 12.987668] __kmalloc_cache_noprof+0x189/0x420 [ 12.987892] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.988184] kunit_try_run_case+0x1a5/0x480 [ 12.988399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.988647] kthread+0x337/0x6f0 [ 12.988829] ret_from_fork+0x116/0x1d0 [ 12.989006] ret_from_fork_asm+0x1a/0x30 [ 12.989201] [ 12.989271] The buggy address belongs to the object at ffff8881031dbb00 [ 12.989271] which belongs to the cache kmalloc-128 of size 128 [ 12.989611] The buggy address is located 5 bytes to the right of [ 12.989611] allocated 115-byte region [ffff8881031dbb00, ffff8881031dbb73) [ 12.990332] [ 12.990434] The buggy address belongs to the physical page: [ 12.990683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 12.991039] flags: 0x200000000000000(node=0|zone=2) [ 12.991406] page_type: f5(slab) [ 12.991531] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.991800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.992132] page dumped because: kasan: bad access detected [ 12.992392] [ 12.992520] Memory state around the buggy address: [ 12.992750] ffff8881031dba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.992964] ffff8881031dba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.993355] >ffff8881031dbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.993645] ^ [ 12.993928] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.994415] ffff8881031dbc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.994632] ================================================================== [ 12.955773] ================================================================== [ 12.956264] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.956717] Read of size 1 at addr ffff8881031dbb73 by task kunit_try_catch/211 [ 12.957023] [ 12.957239] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.957285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.957308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.957328] Call Trace: [ 12.957340] <TASK> [ 12.957356] dump_stack_lvl+0x73/0xb0 [ 12.957399] print_report+0xd1/0x650 [ 12.957420] ? __virt_addr_valid+0x1db/0x2d0 [ 12.957443] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.957475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.957498] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.957521] kasan_report+0x141/0x180 [ 12.957553] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.957581] __asan_report_load1_noabort+0x18/0x20 [ 12.957606] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.957630] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.957654] ? finish_task_switch.isra.0+0x153/0x700 [ 12.957677] ? __switch_to+0x47/0xf50 [ 12.957713] ? __schedule+0x10cc/0x2b60 [ 12.957735] ? __pfx_read_tsc+0x10/0x10 [ 12.957756] ? ktime_get_ts64+0x86/0x230 [ 12.957780] kunit_try_run_case+0x1a5/0x480 [ 12.957805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.957827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.957850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.957874] ? __kthread_parkme+0x82/0x180 [ 12.957903] ? preempt_count_sub+0x50/0x80 [ 12.957925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.957949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.958004] kthread+0x337/0x6f0 [ 12.958022] ? trace_preempt_on+0x20/0xc0 [ 12.958211] ? __pfx_kthread+0x10/0x10 [ 12.958242] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.958264] ? calculate_sigpending+0x7b/0xa0 [ 12.958288] ? __pfx_kthread+0x10/0x10 [ 12.958309] ret_from_fork+0x116/0x1d0 [ 12.958328] ? __pfx_kthread+0x10/0x10 [ 12.958348] ret_from_fork_asm+0x1a/0x30 [ 12.958379] </TASK> [ 12.958389] [ 12.966797] Allocated by task 211: [ 12.966973] kasan_save_stack+0x45/0x70 [ 12.967289] kasan_save_track+0x18/0x40 [ 12.967476] kasan_save_alloc_info+0x3b/0x50 [ 12.967657] __kasan_kmalloc+0xb7/0xc0 [ 12.967854] __kmalloc_cache_noprof+0x189/0x420 [ 12.968124] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.968312] kunit_try_run_case+0x1a5/0x480 [ 12.968509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.968711] kthread+0x337/0x6f0 [ 12.968876] ret_from_fork+0x116/0x1d0 [ 12.969110] ret_from_fork_asm+0x1a/0x30 [ 12.969272] [ 12.969342] The buggy address belongs to the object at ffff8881031dbb00 [ 12.969342] which belongs to the cache kmalloc-128 of size 128 [ 12.969695] The buggy address is located 0 bytes to the right of [ 12.969695] allocated 115-byte region [ffff8881031dbb00, ffff8881031dbb73) [ 12.970253] [ 12.970347] The buggy address belongs to the physical page: [ 12.970598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 12.971181] flags: 0x200000000000000(node=0|zone=2) [ 12.971410] page_type: f5(slab) [ 12.971557] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.971824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.972329] page dumped because: kasan: bad access detected [ 12.972568] [ 12.972651] Memory state around the buggy address: [ 12.972891] ffff8881031dba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.973242] ffff8881031dba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.973517] >ffff8881031dbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.973804] ^ [ 12.974270] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.974575] ffff8881031dbc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.974840] ================================================================== [ 12.995074] ================================================================== [ 12.995609] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.996253] Read of size 1 at addr ffff8881031dbb7f by task kunit_try_catch/211 [ 12.996490] [ 12.996576] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.996614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.996625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.996644] Call Trace: [ 12.996656] <TASK> [ 12.996669] dump_stack_lvl+0x73/0xb0 [ 12.996697] print_report+0xd1/0x650 [ 12.996733] ? __virt_addr_valid+0x1db/0x2d0 [ 12.996755] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.996778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.996800] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.996824] kasan_report+0x141/0x180 [ 12.996845] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.996872] __asan_report_load1_noabort+0x18/0x20 [ 12.996897] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.996935] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.996958] ? finish_task_switch.isra.0+0x153/0x700 [ 12.996980] ? __switch_to+0x47/0xf50 [ 12.997016] ? __schedule+0x10cc/0x2b60 [ 12.997037] ? __pfx_read_tsc+0x10/0x10 [ 12.997057] ? ktime_get_ts64+0x86/0x230 [ 12.997080] kunit_try_run_case+0x1a5/0x480 [ 12.997104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.997150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.997173] ? __kthread_parkme+0x82/0x180 [ 12.997193] ? preempt_count_sub+0x50/0x80 [ 12.997216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.997263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.997288] kthread+0x337/0x6f0 [ 12.997307] ? trace_preempt_on+0x20/0xc0 [ 12.997329] ? __pfx_kthread+0x10/0x10 [ 12.997349] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.997370] ? calculate_sigpending+0x7b/0xa0 [ 12.997393] ? __pfx_kthread+0x10/0x10 [ 12.997477] ret_from_fork+0x116/0x1d0 [ 12.997496] ? __pfx_kthread+0x10/0x10 [ 12.997516] ret_from_fork_asm+0x1a/0x30 [ 12.997557] </TASK> [ 12.997566] [ 13.006403] Allocated by task 211: [ 13.006531] kasan_save_stack+0x45/0x70 [ 13.006732] kasan_save_track+0x18/0x40 [ 13.007104] kasan_save_alloc_info+0x3b/0x50 [ 13.007605] __kasan_kmalloc+0xb7/0xc0 [ 13.007754] __kmalloc_cache_noprof+0x189/0x420 [ 13.007911] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.008357] kunit_try_run_case+0x1a5/0x480 [ 13.008596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.008918] kthread+0x337/0x6f0 [ 13.009168] ret_from_fork+0x116/0x1d0 [ 13.009359] ret_from_fork_asm+0x1a/0x30 [ 13.009548] [ 13.009646] The buggy address belongs to the object at ffff8881031dbb00 [ 13.009646] which belongs to the cache kmalloc-128 of size 128 [ 13.010161] The buggy address is located 12 bytes to the right of [ 13.010161] allocated 115-byte region [ffff8881031dbb00, ffff8881031dbb73) [ 13.010524] [ 13.010747] The buggy address belongs to the physical page: [ 13.011037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 13.011634] flags: 0x200000000000000(node=0|zone=2) [ 13.011888] page_type: f5(slab) [ 13.012017] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.012331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.012829] page dumped because: kasan: bad access detected [ 13.013227] [ 13.013335] Memory state around the buggy address: [ 13.013554] ffff8881031dba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.013850] ffff8881031dba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.014194] >ffff8881031dbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.014572] ^ [ 13.014886] ffff8881031dbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.015280] ffff8881031dbc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.015508] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.925695] ================================================================== [ 12.926042] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.926463] Free of addr ffff88810226cfc0 by task kunit_try_catch/209 [ 12.926773] [ 12.926878] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.926947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.926959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.926978] Call Trace: [ 12.926991] <TASK> [ 12.927016] dump_stack_lvl+0x73/0xb0 [ 12.927099] print_report+0xd1/0x650 [ 12.927122] ? __virt_addr_valid+0x1db/0x2d0 [ 12.927145] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.927199] ? kfree_sensitive+0x2e/0x90 [ 12.927219] kasan_report_invalid_free+0x10a/0x130 [ 12.927244] ? kfree_sensitive+0x2e/0x90 [ 12.927277] ? kfree_sensitive+0x2e/0x90 [ 12.927296] check_slab_allocation+0x101/0x130 [ 12.927344] __kasan_slab_pre_free+0x28/0x40 [ 12.927364] kfree+0xf0/0x3f0 [ 12.927385] ? kfree_sensitive+0x2e/0x90 [ 12.927417] kfree_sensitive+0x2e/0x90 [ 12.927436] kmalloc_double_kzfree+0x19c/0x350 [ 12.927484] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.927508] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.927532] ? trace_hardirqs_on+0x37/0xe0 [ 12.927566] ? __pfx_read_tsc+0x10/0x10 [ 12.927586] ? ktime_get_ts64+0x86/0x230 [ 12.927635] kunit_try_run_case+0x1a5/0x480 [ 12.927659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.927694] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.927728] ? __kthread_parkme+0x82/0x180 [ 12.927748] ? preempt_count_sub+0x50/0x80 [ 12.927771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.927812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.927846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.927870] kthread+0x337/0x6f0 [ 12.927889] ? trace_preempt_on+0x20/0xc0 [ 12.927922] ? __pfx_kthread+0x10/0x10 [ 12.927942] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.927988] ? calculate_sigpending+0x7b/0xa0 [ 12.928011] ? __pfx_kthread+0x10/0x10 [ 12.928105] ret_from_fork+0x116/0x1d0 [ 12.928125] ? __pfx_kthread+0x10/0x10 [ 12.928145] ret_from_fork_asm+0x1a/0x30 [ 12.928176] </TASK> [ 12.928186] [ 12.937459] Allocated by task 209: [ 12.937689] kasan_save_stack+0x45/0x70 [ 12.937944] kasan_save_track+0x18/0x40 [ 12.938336] kasan_save_alloc_info+0x3b/0x50 [ 12.938587] __kasan_kmalloc+0xb7/0xc0 [ 12.938732] __kmalloc_cache_noprof+0x189/0x420 [ 12.938994] kmalloc_double_kzfree+0xa9/0x350 [ 12.939309] kunit_try_run_case+0x1a5/0x480 [ 12.939533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939779] kthread+0x337/0x6f0 [ 12.939994] ret_from_fork+0x116/0x1d0 [ 12.940413] ret_from_fork_asm+0x1a/0x30 [ 12.940648] [ 12.940761] Freed by task 209: [ 12.940927] kasan_save_stack+0x45/0x70 [ 12.941250] kasan_save_track+0x18/0x40 [ 12.941442] kasan_save_free_info+0x3f/0x60 [ 12.941666] __kasan_slab_free+0x56/0x70 [ 12.941890] kfree+0x222/0x3f0 [ 12.942053] kfree_sensitive+0x67/0x90 [ 12.942338] kmalloc_double_kzfree+0x12b/0x350 [ 12.942533] kunit_try_run_case+0x1a5/0x480 [ 12.942761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.943018] kthread+0x337/0x6f0 [ 12.943253] ret_from_fork+0x116/0x1d0 [ 12.943459] ret_from_fork_asm+0x1a/0x30 [ 12.943682] [ 12.943775] The buggy address belongs to the object at ffff88810226cfc0 [ 12.943775] which belongs to the cache kmalloc-16 of size 16 [ 12.944357] The buggy address is located 0 bytes inside of [ 12.944357] 16-byte region [ffff88810226cfc0, ffff88810226cfd0) [ 12.945024] [ 12.945151] The buggy address belongs to the physical page: [ 12.945409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 12.945971] flags: 0x200000000000000(node=0|zone=2) [ 12.946420] page_type: f5(slab) [ 12.946561] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.946844] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.947428] page dumped because: kasan: bad access detected [ 12.947776] [ 12.947854] Memory state around the buggy address: [ 12.948161] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 12.948419] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.948823] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.949190] ^ [ 12.949488] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.949785] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.950116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.900232] ================================================================== [ 12.901437] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.901728] Read of size 1 at addr ffff88810226cfc0 by task kunit_try_catch/209 [ 12.901941] [ 12.902029] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.902073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.902084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.902105] Call Trace: [ 12.902116] <TASK> [ 12.902131] dump_stack_lvl+0x73/0xb0 [ 12.902161] print_report+0xd1/0x650 [ 12.902183] ? __virt_addr_valid+0x1db/0x2d0 [ 12.902241] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.902264] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.902286] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.902321] kasan_report+0x141/0x180 [ 12.902343] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.902394] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.902418] __kasan_check_byte+0x3d/0x50 [ 12.902466] kfree_sensitive+0x22/0x90 [ 12.902489] kmalloc_double_kzfree+0x19c/0x350 [ 12.902511] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.902535] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.902562] ? trace_hardirqs_on+0x37/0xe0 [ 12.902585] ? __pfx_read_tsc+0x10/0x10 [ 12.902607] ? ktime_get_ts64+0x86/0x230 [ 12.902631] kunit_try_run_case+0x1a5/0x480 [ 12.902655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902680] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.902732] ? __kthread_parkme+0x82/0x180 [ 12.902753] ? preempt_count_sub+0x50/0x80 [ 12.902798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.902881] kthread+0x337/0x6f0 [ 12.902908] ? trace_preempt_on+0x20/0xc0 [ 12.902930] ? __pfx_kthread+0x10/0x10 [ 12.902950] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.902981] ? calculate_sigpending+0x7b/0xa0 [ 12.903005] ? __pfx_kthread+0x10/0x10 [ 12.903075] ret_from_fork+0x116/0x1d0 [ 12.903097] ? __pfx_kthread+0x10/0x10 [ 12.903117] ret_from_fork_asm+0x1a/0x30 [ 12.903148] </TASK> [ 12.903158] [ 12.911691] Allocated by task 209: [ 12.911896] kasan_save_stack+0x45/0x70 [ 12.912195] kasan_save_track+0x18/0x40 [ 12.912421] kasan_save_alloc_info+0x3b/0x50 [ 12.912654] __kasan_kmalloc+0xb7/0xc0 [ 12.912886] __kmalloc_cache_noprof+0x189/0x420 [ 12.913218] kmalloc_double_kzfree+0xa9/0x350 [ 12.913456] kunit_try_run_case+0x1a5/0x480 [ 12.913661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.913954] kthread+0x337/0x6f0 [ 12.914219] ret_from_fork+0x116/0x1d0 [ 12.914422] ret_from_fork_asm+0x1a/0x30 [ 12.914770] [ 12.914863] Freed by task 209: [ 12.914980] kasan_save_stack+0x45/0x70 [ 12.915476] kasan_save_track+0x18/0x40 [ 12.915617] kasan_save_free_info+0x3f/0x60 [ 12.915884] __kasan_slab_free+0x56/0x70 [ 12.916266] kfree+0x222/0x3f0 [ 12.916491] kfree_sensitive+0x67/0x90 [ 12.916681] kmalloc_double_kzfree+0x12b/0x350 [ 12.916926] kunit_try_run_case+0x1a5/0x480 [ 12.917094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.917481] kthread+0x337/0x6f0 [ 12.917722] ret_from_fork+0x116/0x1d0 [ 12.917945] ret_from_fork_asm+0x1a/0x30 [ 12.918292] [ 12.918381] The buggy address belongs to the object at ffff88810226cfc0 [ 12.918381] which belongs to the cache kmalloc-16 of size 16 [ 12.918850] The buggy address is located 0 bytes inside of [ 12.918850] freed 16-byte region [ffff88810226cfc0, ffff88810226cfd0) [ 12.919520] [ 12.919633] The buggy address belongs to the physical page: [ 12.919917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 12.920545] flags: 0x200000000000000(node=0|zone=2) [ 12.920838] page_type: f5(slab) [ 12.921050] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.921468] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.921821] page dumped because: kasan: bad access detected [ 12.922094] [ 12.922236] Memory state around the buggy address: [ 12.922456] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 12.922813] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.923106] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.923508] ^ [ 12.923668] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.924309] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.924521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.869698] ================================================================== [ 12.870935] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.871178] Read of size 1 at addr ffff88810320eea8 by task kunit_try_catch/205 [ 12.871401] [ 12.871496] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.871540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.871552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.871572] Call Trace: [ 12.871585] <TASK> [ 12.871601] dump_stack_lvl+0x73/0xb0 [ 12.871633] print_report+0xd1/0x650 [ 12.871655] ? __virt_addr_valid+0x1db/0x2d0 [ 12.871678] ? kmalloc_uaf2+0x4a8/0x520 [ 12.871698] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.871763] ? kmalloc_uaf2+0x4a8/0x520 [ 12.871783] kasan_report+0x141/0x180 [ 12.871805] ? kmalloc_uaf2+0x4a8/0x520 [ 12.871829] __asan_report_load1_noabort+0x18/0x20 [ 12.871854] kmalloc_uaf2+0x4a8/0x520 [ 12.871874] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.871893] ? finish_task_switch.isra.0+0x153/0x700 [ 12.871917] ? __switch_to+0x47/0xf50 [ 12.871945] ? __schedule+0x10cc/0x2b60 [ 12.871968] ? __pfx_read_tsc+0x10/0x10 [ 12.872153] ? ktime_get_ts64+0x86/0x230 [ 12.872193] kunit_try_run_case+0x1a5/0x480 [ 12.872463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.872489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.872523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.872547] ? __kthread_parkme+0x82/0x180 [ 12.872568] ? preempt_count_sub+0x50/0x80 [ 12.872590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.872615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.872639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.872664] kthread+0x337/0x6f0 [ 12.872682] ? trace_preempt_on+0x20/0xc0 [ 12.872719] ? __pfx_kthread+0x10/0x10 [ 12.872740] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.872761] ? calculate_sigpending+0x7b/0xa0 [ 12.872785] ? __pfx_kthread+0x10/0x10 [ 12.872806] ret_from_fork+0x116/0x1d0 [ 12.872824] ? __pfx_kthread+0x10/0x10 [ 12.872843] ret_from_fork_asm+0x1a/0x30 [ 12.872874] </TASK> [ 12.872885] [ 12.882823] Allocated by task 205: [ 12.883158] kasan_save_stack+0x45/0x70 [ 12.883364] kasan_save_track+0x18/0x40 [ 12.883497] kasan_save_alloc_info+0x3b/0x50 [ 12.883640] __kasan_kmalloc+0xb7/0xc0 [ 12.883830] __kmalloc_cache_noprof+0x189/0x420 [ 12.884244] kmalloc_uaf2+0xc6/0x520 [ 12.884443] kunit_try_run_case+0x1a5/0x480 [ 12.884650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.885094] kthread+0x337/0x6f0 [ 12.885230] ret_from_fork+0x116/0x1d0 [ 12.885501] ret_from_fork_asm+0x1a/0x30 [ 12.885696] [ 12.885819] Freed by task 205: [ 12.885986] kasan_save_stack+0x45/0x70 [ 12.886376] kasan_save_track+0x18/0x40 [ 12.886559] kasan_save_free_info+0x3f/0x60 [ 12.886770] __kasan_slab_free+0x56/0x70 [ 12.887199] kfree+0x222/0x3f0 [ 12.887355] kmalloc_uaf2+0x14c/0x520 [ 12.887566] kunit_try_run_case+0x1a5/0x480 [ 12.887852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.888318] kthread+0x337/0x6f0 [ 12.888476] ret_from_fork+0x116/0x1d0 [ 12.888781] ret_from_fork_asm+0x1a/0x30 [ 12.889004] [ 12.889268] The buggy address belongs to the object at ffff88810320ee80 [ 12.889268] which belongs to the cache kmalloc-64 of size 64 [ 12.889787] The buggy address is located 40 bytes inside of [ 12.889787] freed 64-byte region [ffff88810320ee80, ffff88810320eec0) [ 12.890450] [ 12.890577] The buggy address belongs to the physical page: [ 12.890850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10320e [ 12.891326] flags: 0x200000000000000(node=0|zone=2) [ 12.891556] page_type: f5(slab) [ 12.891725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.892114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.892472] page dumped because: kasan: bad access detected [ 12.892795] [ 12.892920] Memory state around the buggy address: [ 12.893368] ffff88810320ed80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.893699] ffff88810320ee00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.894142] >ffff88810320ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.894426] ^ [ 12.894640] ffff88810320ef00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.894977] ffff88810320ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.895348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.833147] ================================================================== [ 12.834480] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.834743] Write of size 33 at addr ffff88810320ed80 by task kunit_try_catch/203 [ 12.834973] [ 12.835315] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.835367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.835379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.835400] Call Trace: [ 12.835413] <TASK> [ 12.835593] dump_stack_lvl+0x73/0xb0 [ 12.835636] print_report+0xd1/0x650 [ 12.835660] ? __virt_addr_valid+0x1db/0x2d0 [ 12.835685] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.835719] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.835742] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.835764] kasan_report+0x141/0x180 [ 12.835786] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.835812] kasan_check_range+0x10c/0x1c0 [ 12.835836] __asan_memset+0x27/0x50 [ 12.835855] kmalloc_uaf_memset+0x1a3/0x360 [ 12.835876] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.835899] ? __schedule+0x10cc/0x2b60 [ 12.835921] ? __pfx_read_tsc+0x10/0x10 [ 12.835942] ? ktime_get_ts64+0x86/0x230 [ 12.835968] kunit_try_run_case+0x1a5/0x480 [ 12.835994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.836109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.836134] ? __kthread_parkme+0x82/0x180 [ 12.836155] ? preempt_count_sub+0x50/0x80 [ 12.836180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.836255] kthread+0x337/0x6f0 [ 12.836273] ? trace_preempt_on+0x20/0xc0 [ 12.836297] ? __pfx_kthread+0x10/0x10 [ 12.836326] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.836348] ? calculate_sigpending+0x7b/0xa0 [ 12.836372] ? __pfx_kthread+0x10/0x10 [ 12.836394] ret_from_fork+0x116/0x1d0 [ 12.836413] ? __pfx_kthread+0x10/0x10 [ 12.836433] ret_from_fork_asm+0x1a/0x30 [ 12.836465] </TASK> [ 12.836475] [ 12.844998] Allocated by task 203: [ 12.845182] kasan_save_stack+0x45/0x70 [ 12.845382] kasan_save_track+0x18/0x40 [ 12.845727] kasan_save_alloc_info+0x3b/0x50 [ 12.845992] __kasan_kmalloc+0xb7/0xc0 [ 12.846314] __kmalloc_cache_noprof+0x189/0x420 [ 12.846948] kmalloc_uaf_memset+0xa9/0x360 [ 12.847195] kunit_try_run_case+0x1a5/0x480 [ 12.848227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.848435] kthread+0x337/0x6f0 [ 12.848559] ret_from_fork+0x116/0x1d0 [ 12.848689] ret_from_fork_asm+0x1a/0x30 [ 12.848839] [ 12.848909] Freed by task 203: [ 12.850427] kasan_save_stack+0x45/0x70 [ 12.851799] kasan_save_track+0x18/0x40 [ 12.852231] kasan_save_free_info+0x3f/0x60 [ 12.852637] __kasan_slab_free+0x56/0x70 [ 12.853416] kfree+0x222/0x3f0 [ 12.853747] kmalloc_uaf_memset+0x12b/0x360 [ 12.854372] kunit_try_run_case+0x1a5/0x480 [ 12.855799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.856587] kthread+0x337/0x6f0 [ 12.857884] ret_from_fork+0x116/0x1d0 [ 12.858161] ret_from_fork_asm+0x1a/0x30 [ 12.858307] [ 12.858382] The buggy address belongs to the object at ffff88810320ed80 [ 12.858382] which belongs to the cache kmalloc-64 of size 64 [ 12.858746] The buggy address is located 0 bytes inside of [ 12.858746] freed 64-byte region [ffff88810320ed80, ffff88810320edc0) [ 12.860374] [ 12.860751] The buggy address belongs to the physical page: [ 12.861609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10320e [ 12.862333] flags: 0x200000000000000(node=0|zone=2) [ 12.862523] page_type: f5(slab) [ 12.862650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.862902] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.863328] page dumped because: kasan: bad access detected [ 12.863514] [ 12.863610] Memory state around the buggy address: [ 12.863850] ffff88810320ec80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.864256] ffff88810320ed00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.864548] >ffff88810320ed80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.864849] ^ [ 12.865015] ffff88810320ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.865341] ffff88810320ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.865618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.808353] ================================================================== [ 12.808802] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.809085] Read of size 1 at addr ffff8881031eb028 by task kunit_try_catch/201 [ 12.809972] [ 12.810305] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.810355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.810367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.810389] Call Trace: [ 12.810402] <TASK> [ 12.810420] dump_stack_lvl+0x73/0xb0 [ 12.810453] print_report+0xd1/0x650 [ 12.810475] ? __virt_addr_valid+0x1db/0x2d0 [ 12.810499] ? kmalloc_uaf+0x320/0x380 [ 12.810518] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.810541] ? kmalloc_uaf+0x320/0x380 [ 12.810560] kasan_report+0x141/0x180 [ 12.810581] ? kmalloc_uaf+0x320/0x380 [ 12.810604] __asan_report_load1_noabort+0x18/0x20 [ 12.810629] kmalloc_uaf+0x320/0x380 [ 12.810648] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.810668] ? __schedule+0x10cc/0x2b60 [ 12.810690] ? __pfx_read_tsc+0x10/0x10 [ 12.810726] ? ktime_get_ts64+0x86/0x230 [ 12.810774] kunit_try_run_case+0x1a5/0x480 [ 12.810798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.810846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.810869] ? __kthread_parkme+0x82/0x180 [ 12.810890] ? preempt_count_sub+0x50/0x80 [ 12.810913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.810961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.810986] kthread+0x337/0x6f0 [ 12.811004] ? trace_preempt_on+0x20/0xc0 [ 12.811111] ? __pfx_kthread+0x10/0x10 [ 12.811131] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.811153] ? calculate_sigpending+0x7b/0xa0 [ 12.811177] ? __pfx_kthread+0x10/0x10 [ 12.811198] ret_from_fork+0x116/0x1d0 [ 12.811216] ? __pfx_kthread+0x10/0x10 [ 12.811236] ret_from_fork_asm+0x1a/0x30 [ 12.811268] </TASK> [ 12.811278] [ 12.819479] Allocated by task 201: [ 12.819654] kasan_save_stack+0x45/0x70 [ 12.819954] kasan_save_track+0x18/0x40 [ 12.820168] kasan_save_alloc_info+0x3b/0x50 [ 12.820388] __kasan_kmalloc+0xb7/0xc0 [ 12.820600] __kmalloc_cache_noprof+0x189/0x420 [ 12.820850] kmalloc_uaf+0xaa/0x380 [ 12.821164] kunit_try_run_case+0x1a5/0x480 [ 12.821399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.821608] kthread+0x337/0x6f0 [ 12.821737] ret_from_fork+0x116/0x1d0 [ 12.821869] ret_from_fork_asm+0x1a/0x30 [ 12.822165] [ 12.822262] Freed by task 201: [ 12.822419] kasan_save_stack+0x45/0x70 [ 12.822609] kasan_save_track+0x18/0x40 [ 12.822809] kasan_save_free_info+0x3f/0x60 [ 12.822987] __kasan_slab_free+0x56/0x70 [ 12.823238] kfree+0x222/0x3f0 [ 12.823357] kmalloc_uaf+0x12c/0x380 [ 12.823484] kunit_try_run_case+0x1a5/0x480 [ 12.823720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.823970] kthread+0x337/0x6f0 [ 12.824214] ret_from_fork+0x116/0x1d0 [ 12.824423] ret_from_fork_asm+0x1a/0x30 [ 12.824584] [ 12.824654] The buggy address belongs to the object at ffff8881031eb020 [ 12.824654] which belongs to the cache kmalloc-16 of size 16 [ 12.825279] The buggy address is located 8 bytes inside of [ 12.825279] freed 16-byte region [ffff8881031eb020, ffff8881031eb030) [ 12.825693] [ 12.825824] The buggy address belongs to the physical page: [ 12.826156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031eb [ 12.826474] flags: 0x200000000000000(node=0|zone=2) [ 12.826637] page_type: f5(slab) [ 12.826768] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.827204] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.827560] page dumped because: kasan: bad access detected [ 12.827823] [ 12.827892] Memory state around the buggy address: [ 12.828204] ffff8881031eaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828492] ffff8881031eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828759] >ffff8881031eb000: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.829164] ^ [ 12.829386] ffff8881031eb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829716] ffff8881031eb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.777735] ================================================================== [ 12.778429] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778718] Read of size 64 at addr ffff88810320ec84 by task kunit_try_catch/199 [ 12.779921] [ 12.780208] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.780483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.780503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.780524] Call Trace: [ 12.780536] <TASK> [ 12.780552] dump_stack_lvl+0x73/0xb0 [ 12.780585] print_report+0xd1/0x650 [ 12.780607] ? __virt_addr_valid+0x1db/0x2d0 [ 12.780631] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.780655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.780678] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.780716] kasan_report+0x141/0x180 [ 12.780738] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.780767] kasan_check_range+0x10c/0x1c0 [ 12.780790] __asan_memmove+0x27/0x70 [ 12.780809] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.780834] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.780860] ? __schedule+0x10cc/0x2b60 [ 12.780881] ? __pfx_read_tsc+0x10/0x10 [ 12.780903] ? ktime_get_ts64+0x86/0x230 [ 12.780927] kunit_try_run_case+0x1a5/0x480 [ 12.780952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.780974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.780998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.781033] ? __kthread_parkme+0x82/0x180 [ 12.781064] ? preempt_count_sub+0x50/0x80 [ 12.781087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.781111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.781135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.781160] kthread+0x337/0x6f0 [ 12.781178] ? trace_preempt_on+0x20/0xc0 [ 12.781201] ? __pfx_kthread+0x10/0x10 [ 12.781221] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.781243] ? calculate_sigpending+0x7b/0xa0 [ 12.781266] ? __pfx_kthread+0x10/0x10 [ 12.781287] ret_from_fork+0x116/0x1d0 [ 12.781305] ? __pfx_kthread+0x10/0x10 [ 12.781324] ret_from_fork_asm+0x1a/0x30 [ 12.781356] </TASK> [ 12.781366] [ 12.791903] Allocated by task 199: [ 12.792362] kasan_save_stack+0x45/0x70 [ 12.792830] kasan_save_track+0x18/0x40 [ 12.793306] kasan_save_alloc_info+0x3b/0x50 [ 12.793818] __kasan_kmalloc+0xb7/0xc0 [ 12.794305] __kmalloc_cache_noprof+0x189/0x420 [ 12.794647] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.794836] kunit_try_run_case+0x1a5/0x480 [ 12.794986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.795392] kthread+0x337/0x6f0 [ 12.795947] ret_from_fork+0x116/0x1d0 [ 12.796395] ret_from_fork_asm+0x1a/0x30 [ 12.796548] [ 12.796624] The buggy address belongs to the object at ffff88810320ec80 [ 12.796624] which belongs to the cache kmalloc-64 of size 64 [ 12.796992] The buggy address is located 4 bytes inside of [ 12.796992] allocated 64-byte region [ffff88810320ec80, ffff88810320ecc0) [ 12.797348] [ 12.797421] The buggy address belongs to the physical page: [ 12.797594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10320e [ 12.798201] flags: 0x200000000000000(node=0|zone=2) [ 12.798712] page_type: f5(slab) [ 12.799002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.799712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.800470] page dumped because: kasan: bad access detected [ 12.800991] [ 12.801162] Memory state around the buggy address: [ 12.801688] ffff88810320eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.802330] ffff88810320ec00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.802949] >ffff88810320ec80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.803659] ^ [ 12.804168] ffff88810320ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804606] ffff88810320ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804832] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.746692] ================================================================== [ 12.747159] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.747410] Read of size 18446744073709551614 at addr ffff88810320ec04 by task kunit_try_catch/197 [ 12.747723] [ 12.747814] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.747857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.747868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.747887] Call Trace: [ 12.747899] <TASK> [ 12.747915] dump_stack_lvl+0x73/0xb0 [ 12.747944] print_report+0xd1/0x650 [ 12.747964] ? __virt_addr_valid+0x1db/0x2d0 [ 12.747985] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.748029] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748069] kasan_report+0x141/0x180 [ 12.748090] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.748118] kasan_check_range+0x10c/0x1c0 [ 12.748141] __asan_memmove+0x27/0x70 [ 12.748160] kmalloc_memmove_negative_size+0x171/0x330 [ 12.748184] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.748209] ? __schedule+0x10cc/0x2b60 [ 12.748229] ? __pfx_read_tsc+0x10/0x10 [ 12.748249] ? ktime_get_ts64+0x86/0x230 [ 12.748272] kunit_try_run_case+0x1a5/0x480 [ 12.748296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.748350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.748372] ? __kthread_parkme+0x82/0x180 [ 12.748392] ? preempt_count_sub+0x50/0x80 [ 12.748415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.748460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.748483] kthread+0x337/0x6f0 [ 12.748501] ? trace_preempt_on+0x20/0xc0 [ 12.748523] ? __pfx_kthread+0x10/0x10 [ 12.748542] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.748562] ? calculate_sigpending+0x7b/0xa0 [ 12.748585] ? __pfx_kthread+0x10/0x10 [ 12.748605] ret_from_fork+0x116/0x1d0 [ 12.748622] ? __pfx_kthread+0x10/0x10 [ 12.748641] ret_from_fork_asm+0x1a/0x30 [ 12.748671] </TASK> [ 12.748681] [ 12.762278] Allocated by task 197: [ 12.762490] kasan_save_stack+0x45/0x70 [ 12.762641] kasan_save_track+0x18/0x40 [ 12.762845] kasan_save_alloc_info+0x3b/0x50 [ 12.763095] __kasan_kmalloc+0xb7/0xc0 [ 12.763316] __kmalloc_cache_noprof+0x189/0x420 [ 12.763541] kmalloc_memmove_negative_size+0xac/0x330 [ 12.763791] kunit_try_run_case+0x1a5/0x480 [ 12.763960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764171] kthread+0x337/0x6f0 [ 12.764433] ret_from_fork+0x116/0x1d0 [ 12.764620] ret_from_fork_asm+0x1a/0x30 [ 12.764823] [ 12.764929] The buggy address belongs to the object at ffff88810320ec00 [ 12.764929] which belongs to the cache kmalloc-64 of size 64 [ 12.765499] The buggy address is located 4 bytes inside of [ 12.765499] 64-byte region [ffff88810320ec00, ffff88810320ec40) [ 12.766098] [ 12.766173] The buggy address belongs to the physical page: [ 12.766368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10320e [ 12.766777] flags: 0x200000000000000(node=0|zone=2) [ 12.767121] page_type: f5(slab) [ 12.767315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.767609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.767950] page dumped because: kasan: bad access detected [ 12.768230] [ 12.768341] Memory state around the buggy address: [ 12.768557] ffff88810320eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.768874] ffff88810320eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.769301] >ffff88810320ec00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.769624] ^ [ 12.769782] ffff88810320ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.770177] ffff88810320ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.770503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.714776] ================================================================== [ 12.715441] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.715690] Write of size 16 at addr ffff8881031dba69 by task kunit_try_catch/195 [ 12.715926] [ 12.716019] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.716069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.716080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.716100] Call Trace: [ 12.716112] <TASK> [ 12.716127] dump_stack_lvl+0x73/0xb0 [ 12.716163] print_report+0xd1/0x650 [ 12.716185] ? __virt_addr_valid+0x1db/0x2d0 [ 12.716208] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.716229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.716252] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.716274] kasan_report+0x141/0x180 [ 12.716296] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.716327] kasan_check_range+0x10c/0x1c0 [ 12.716350] __asan_memset+0x27/0x50 [ 12.716369] kmalloc_oob_memset_16+0x166/0x330 [ 12.716392] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.716415] ? __schedule+0x10cc/0x2b60 [ 12.716436] ? __pfx_read_tsc+0x10/0x10 [ 12.716457] ? ktime_get_ts64+0x86/0x230 [ 12.716481] kunit_try_run_case+0x1a5/0x480 [ 12.716505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.716527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.716551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.716574] ? __kthread_parkme+0x82/0x180 [ 12.716595] ? preempt_count_sub+0x50/0x80 [ 12.716618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.716642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.716666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.716766] kthread+0x337/0x6f0 [ 12.716810] ? trace_preempt_on+0x20/0xc0 [ 12.716834] ? __pfx_kthread+0x10/0x10 [ 12.716855] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.716877] ? calculate_sigpending+0x7b/0xa0 [ 12.716901] ? __pfx_kthread+0x10/0x10 [ 12.716921] ret_from_fork+0x116/0x1d0 [ 12.717354] ? __pfx_kthread+0x10/0x10 [ 12.717377] ret_from_fork_asm+0x1a/0x30 [ 12.717410] </TASK> [ 12.717421] [ 12.728777] Allocated by task 195: [ 12.728940] kasan_save_stack+0x45/0x70 [ 12.729416] kasan_save_track+0x18/0x40 [ 12.729698] kasan_save_alloc_info+0x3b/0x50 [ 12.730011] __kasan_kmalloc+0xb7/0xc0 [ 12.730392] __kmalloc_cache_noprof+0x189/0x420 [ 12.730696] kmalloc_oob_memset_16+0xac/0x330 [ 12.731024] kunit_try_run_case+0x1a5/0x480 [ 12.731395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.731663] kthread+0x337/0x6f0 [ 12.731840] ret_from_fork+0x116/0x1d0 [ 12.732017] ret_from_fork_asm+0x1a/0x30 [ 12.732499] [ 12.732577] The buggy address belongs to the object at ffff8881031dba00 [ 12.732577] which belongs to the cache kmalloc-128 of size 128 [ 12.733827] The buggy address is located 105 bytes inside of [ 12.733827] allocated 120-byte region [ffff8881031dba00, ffff8881031dba78) [ 12.734617] [ 12.734914] The buggy address belongs to the physical page: [ 12.735574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 12.736431] flags: 0x200000000000000(node=0|zone=2) [ 12.736656] page_type: f5(slab) [ 12.736834] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.737454] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.737847] page dumped because: kasan: bad access detected [ 12.738306] [ 12.738551] Memory state around the buggy address: [ 12.738848] ffff8881031db900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.739393] ffff8881031db980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.739723] >ffff8881031dba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.740024] ^ [ 12.740783] ffff8881031dba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.741460] ffff8881031dbb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.741786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.683626] ================================================================== [ 12.684776] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.685520] Write of size 8 at addr ffff88810291d271 by task kunit_try_catch/193 [ 12.685971] [ 12.686159] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.686204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.686227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.686247] Call Trace: [ 12.686258] <TASK> [ 12.686273] dump_stack_lvl+0x73/0xb0 [ 12.686303] print_report+0xd1/0x650 [ 12.686336] ? __virt_addr_valid+0x1db/0x2d0 [ 12.686357] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.686379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.686412] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.686435] kasan_report+0x141/0x180 [ 12.686456] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.686483] kasan_check_range+0x10c/0x1c0 [ 12.686506] __asan_memset+0x27/0x50 [ 12.686525] kmalloc_oob_memset_8+0x166/0x330 [ 12.686547] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.686570] ? __schedule+0x10cc/0x2b60 [ 12.686592] ? __pfx_read_tsc+0x10/0x10 [ 12.686614] ? ktime_get_ts64+0x86/0x230 [ 12.686638] kunit_try_run_case+0x1a5/0x480 [ 12.686662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.686717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.686741] ? __kthread_parkme+0x82/0x180 [ 12.686761] ? preempt_count_sub+0x50/0x80 [ 12.686785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.686833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686857] kthread+0x337/0x6f0 [ 12.686876] ? trace_preempt_on+0x20/0xc0 [ 12.686899] ? __pfx_kthread+0x10/0x10 [ 12.686919] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686940] ? calculate_sigpending+0x7b/0xa0 [ 12.686963] ? __pfx_kthread+0x10/0x10 [ 12.686984] ret_from_fork+0x116/0x1d0 [ 12.687002] ? __pfx_kthread+0x10/0x10 [ 12.687077] ret_from_fork_asm+0x1a/0x30 [ 12.687112] </TASK> [ 12.687123] [ 12.700647] Allocated by task 193: [ 12.700870] kasan_save_stack+0x45/0x70 [ 12.701300] kasan_save_track+0x18/0x40 [ 12.701442] kasan_save_alloc_info+0x3b/0x50 [ 12.701591] __kasan_kmalloc+0xb7/0xc0 [ 12.701734] __kmalloc_cache_noprof+0x189/0x420 [ 12.701889] kmalloc_oob_memset_8+0xac/0x330 [ 12.702117] kunit_try_run_case+0x1a5/0x480 [ 12.702341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.702562] kthread+0x337/0x6f0 [ 12.702740] ret_from_fork+0x116/0x1d0 [ 12.702906] ret_from_fork_asm+0x1a/0x30 [ 12.703116] [ 12.703302] The buggy address belongs to the object at ffff88810291d200 [ 12.703302] which belongs to the cache kmalloc-128 of size 128 [ 12.703836] The buggy address is located 113 bytes inside of [ 12.703836] allocated 120-byte region [ffff88810291d200, ffff88810291d278) [ 12.704415] [ 12.704494] The buggy address belongs to the physical page: [ 12.704785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 12.705210] flags: 0x200000000000000(node=0|zone=2) [ 12.705397] page_type: f5(slab) [ 12.705563] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.705912] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.706260] page dumped because: kasan: bad access detected [ 12.706627] [ 12.706753] Memory state around the buggy address: [ 12.706998] ffff88810291d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.707412] ffff88810291d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707741] >ffff88810291d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.708093] ^ [ 12.708412] ffff88810291d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.708737] ffff88810291d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.709043] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.661621] ================================================================== [ 12.662307] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.662668] Write of size 4 at addr ffff88810291d175 by task kunit_try_catch/191 [ 12.662979] [ 12.663108] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.663282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.663296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.663316] Call Trace: [ 12.663329] <TASK> [ 12.663344] dump_stack_lvl+0x73/0xb0 [ 12.663472] print_report+0xd1/0x650 [ 12.663494] ? __virt_addr_valid+0x1db/0x2d0 [ 12.663518] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.663539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.663562] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.663584] kasan_report+0x141/0x180 [ 12.663605] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.663632] kasan_check_range+0x10c/0x1c0 [ 12.663655] __asan_memset+0x27/0x50 [ 12.663674] kmalloc_oob_memset_4+0x166/0x330 [ 12.663697] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.663730] ? __schedule+0x10cc/0x2b60 [ 12.663752] ? __pfx_read_tsc+0x10/0x10 [ 12.663773] ? ktime_get_ts64+0x86/0x230 [ 12.663797] kunit_try_run_case+0x1a5/0x480 [ 12.664081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.664105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.664130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.664154] ? __kthread_parkme+0x82/0x180 [ 12.664175] ? preempt_count_sub+0x50/0x80 [ 12.664199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.664223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.664247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.664272] kthread+0x337/0x6f0 [ 12.664290] ? trace_preempt_on+0x20/0xc0 [ 12.664313] ? __pfx_kthread+0x10/0x10 [ 12.664340] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.664361] ? calculate_sigpending+0x7b/0xa0 [ 12.664385] ? __pfx_kthread+0x10/0x10 [ 12.664406] ret_from_fork+0x116/0x1d0 [ 12.664424] ? __pfx_kthread+0x10/0x10 [ 12.664444] ret_from_fork_asm+0x1a/0x30 [ 12.664475] </TASK> [ 12.664485] [ 12.672546] Allocated by task 191: [ 12.672718] kasan_save_stack+0x45/0x70 [ 12.672891] kasan_save_track+0x18/0x40 [ 12.673102] kasan_save_alloc_info+0x3b/0x50 [ 12.673312] __kasan_kmalloc+0xb7/0xc0 [ 12.673498] __kmalloc_cache_noprof+0x189/0x420 [ 12.673829] kmalloc_oob_memset_4+0xac/0x330 [ 12.674157] kunit_try_run_case+0x1a5/0x480 [ 12.674421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.674666] kthread+0x337/0x6f0 [ 12.674838] ret_from_fork+0x116/0x1d0 [ 12.675048] ret_from_fork_asm+0x1a/0x30 [ 12.675323] [ 12.675409] The buggy address belongs to the object at ffff88810291d100 [ 12.675409] which belongs to the cache kmalloc-128 of size 128 [ 12.675936] The buggy address is located 117 bytes inside of [ 12.675936] allocated 120-byte region [ffff88810291d100, ffff88810291d178) [ 12.676452] [ 12.676527] The buggy address belongs to the physical page: [ 12.676713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 12.677118] flags: 0x200000000000000(node=0|zone=2) [ 12.677382] page_type: f5(slab) [ 12.677550] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.677906] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.678386] page dumped because: kasan: bad access detected [ 12.678565] [ 12.678634] Memory state around the buggy address: [ 12.678821] ffff88810291d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.679298] ffff88810291d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.679675] >ffff88810291d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.680019] ^ [ 12.680414] ffff88810291d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.680734] ffff88810291d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.680985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.638755] ================================================================== [ 12.639351] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.639661] Write of size 2 at addr ffff8881031db977 by task kunit_try_catch/189 [ 12.640005] [ 12.640189] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.640232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.640243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.640262] Call Trace: [ 12.640273] <TASK> [ 12.640288] dump_stack_lvl+0x73/0xb0 [ 12.640325] print_report+0xd1/0x650 [ 12.640346] ? __virt_addr_valid+0x1db/0x2d0 [ 12.640367] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.640388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.640411] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.640456] kasan_report+0x141/0x180 [ 12.640478] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.640504] kasan_check_range+0x10c/0x1c0 [ 12.640540] __asan_memset+0x27/0x50 [ 12.640558] kmalloc_oob_memset_2+0x166/0x330 [ 12.640581] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.640603] ? __schedule+0x10cc/0x2b60 [ 12.640625] ? __pfx_read_tsc+0x10/0x10 [ 12.640647] ? ktime_get_ts64+0x86/0x230 [ 12.640670] kunit_try_run_case+0x1a5/0x480 [ 12.640712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.640735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.640759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.640793] ? __kthread_parkme+0x82/0x180 [ 12.640814] ? preempt_count_sub+0x50/0x80 [ 12.640838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.640862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.640885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.640910] kthread+0x337/0x6f0 [ 12.640929] ? trace_preempt_on+0x20/0xc0 [ 12.640952] ? __pfx_kthread+0x10/0x10 [ 12.640972] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.640993] ? calculate_sigpending+0x7b/0xa0 [ 12.641017] ? __pfx_kthread+0x10/0x10 [ 12.641055] ret_from_fork+0x116/0x1d0 [ 12.641073] ? __pfx_kthread+0x10/0x10 [ 12.641093] ret_from_fork_asm+0x1a/0x30 [ 12.641124] </TASK> [ 12.641133] [ 12.648974] Allocated by task 189: [ 12.649117] kasan_save_stack+0x45/0x70 [ 12.649264] kasan_save_track+0x18/0x40 [ 12.649606] kasan_save_alloc_info+0x3b/0x50 [ 12.649838] __kasan_kmalloc+0xb7/0xc0 [ 12.650064] __kmalloc_cache_noprof+0x189/0x420 [ 12.650289] kmalloc_oob_memset_2+0xac/0x330 [ 12.650436] kunit_try_run_case+0x1a5/0x480 [ 12.650620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.650886] kthread+0x337/0x6f0 [ 12.651083] ret_from_fork+0x116/0x1d0 [ 12.651268] ret_from_fork_asm+0x1a/0x30 [ 12.651440] [ 12.651548] The buggy address belongs to the object at ffff8881031db900 [ 12.651548] which belongs to the cache kmalloc-128 of size 128 [ 12.652121] The buggy address is located 119 bytes inside of [ 12.652121] allocated 120-byte region [ffff8881031db900, ffff8881031db978) [ 12.652635] [ 12.652720] The buggy address belongs to the physical page: [ 12.652890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 12.653441] flags: 0x200000000000000(node=0|zone=2) [ 12.653786] page_type: f5(slab) [ 12.653918] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.654555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.654910] page dumped because: kasan: bad access detected [ 12.655133] [ 12.655327] Memory state around the buggy address: [ 12.655578] ffff8881031db800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.655815] ffff8881031db880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.656088] >ffff8881031db900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.656439] ^ [ 12.656794] ffff8881031db980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.657264] ffff8881031dba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.657509] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.615580] ================================================================== [ 12.616655] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.617012] Write of size 128 at addr ffff8881031db800 by task kunit_try_catch/187 [ 12.617403] [ 12.617521] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.617576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.617588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.617607] Call Trace: [ 12.617618] <TASK> [ 12.617634] dump_stack_lvl+0x73/0xb0 [ 12.617676] print_report+0xd1/0x650 [ 12.617697] ? __virt_addr_valid+0x1db/0x2d0 [ 12.617730] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.617751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.617783] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.617805] kasan_report+0x141/0x180 [ 12.617826] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.617863] kasan_check_range+0x10c/0x1c0 [ 12.617886] __asan_memset+0x27/0x50 [ 12.617905] kmalloc_oob_in_memset+0x15f/0x320 [ 12.617927] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.617950] ? __schedule+0x10cc/0x2b60 [ 12.617972] ? __pfx_read_tsc+0x10/0x10 [ 12.617993] ? ktime_get_ts64+0x86/0x230 [ 12.618017] kunit_try_run_case+0x1a5/0x480 [ 12.618093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.618116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.618165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.618189] ? __kthread_parkme+0x82/0x180 [ 12.618218] ? preempt_count_sub+0x50/0x80 [ 12.618242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.618266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.618300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.618325] kthread+0x337/0x6f0 [ 12.618343] ? trace_preempt_on+0x20/0xc0 [ 12.618367] ? __pfx_kthread+0x10/0x10 [ 12.618387] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.618408] ? calculate_sigpending+0x7b/0xa0 [ 12.618431] ? __pfx_kthread+0x10/0x10 [ 12.618452] ret_from_fork+0x116/0x1d0 [ 12.618470] ? __pfx_kthread+0x10/0x10 [ 12.618490] ret_from_fork_asm+0x1a/0x30 [ 12.618521] </TASK> [ 12.618531] [ 12.626412] Allocated by task 187: [ 12.626589] kasan_save_stack+0x45/0x70 [ 12.626747] kasan_save_track+0x18/0x40 [ 12.626925] kasan_save_alloc_info+0x3b/0x50 [ 12.627145] __kasan_kmalloc+0xb7/0xc0 [ 12.627358] __kmalloc_cache_noprof+0x189/0x420 [ 12.627575] kmalloc_oob_in_memset+0xac/0x320 [ 12.627755] kunit_try_run_case+0x1a5/0x480 [ 12.627962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.628289] kthread+0x337/0x6f0 [ 12.628467] ret_from_fork+0x116/0x1d0 [ 12.628641] ret_from_fork_asm+0x1a/0x30 [ 12.628846] [ 12.628948] The buggy address belongs to the object at ffff8881031db800 [ 12.628948] which belongs to the cache kmalloc-128 of size 128 [ 12.629542] The buggy address is located 0 bytes inside of [ 12.629542] allocated 120-byte region [ffff8881031db800, ffff8881031db878) [ 12.629927] [ 12.630000] The buggy address belongs to the physical page: [ 12.630332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 12.630680] flags: 0x200000000000000(node=0|zone=2) [ 12.631066] page_type: f5(slab) [ 12.631213] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.631507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.631933] page dumped because: kasan: bad access detected [ 12.632431] [ 12.632508] Memory state around the buggy address: [ 12.632664] ffff8881031db700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.632987] ffff8881031db780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.633406] >ffff8881031db800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.633728] ^ [ 12.634008] ffff8881031db880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.634342] ffff8881031db900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.634723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.588169] ================================================================== [ 12.589148] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.589389] Read of size 16 at addr ffff8881031eb000 by task kunit_try_catch/185 [ 12.589614] [ 12.589752] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.589796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.589818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.589838] Call Trace: [ 12.589850] <TASK> [ 12.589864] dump_stack_lvl+0x73/0xb0 [ 12.589895] print_report+0xd1/0x650 [ 12.589951] ? __virt_addr_valid+0x1db/0x2d0 [ 12.589976] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.590014] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.590049] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.590095] kasan_report+0x141/0x180 [ 12.590131] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.590218] __asan_report_load16_noabort+0x18/0x20 [ 12.590248] kmalloc_uaf_16+0x47b/0x4c0 [ 12.590268] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.590291] ? __schedule+0x10cc/0x2b60 [ 12.590313] ? __pfx_read_tsc+0x10/0x10 [ 12.590334] ? ktime_get_ts64+0x86/0x230 [ 12.590359] kunit_try_run_case+0x1a5/0x480 [ 12.590384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.590407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.590459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.590484] ? __kthread_parkme+0x82/0x180 [ 12.590504] ? preempt_count_sub+0x50/0x80 [ 12.590529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.590552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.590577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.590601] kthread+0x337/0x6f0 [ 12.590747] ? trace_preempt_on+0x20/0xc0 [ 12.590773] ? __pfx_kthread+0x10/0x10 [ 12.590793] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.590814] ? calculate_sigpending+0x7b/0xa0 [ 12.590838] ? __pfx_kthread+0x10/0x10 [ 12.590859] ret_from_fork+0x116/0x1d0 [ 12.590876] ? __pfx_kthread+0x10/0x10 [ 12.590896] ret_from_fork_asm+0x1a/0x30 [ 12.590928] </TASK> [ 12.590938] [ 12.601302] Allocated by task 185: [ 12.601479] kasan_save_stack+0x45/0x70 [ 12.601699] kasan_save_track+0x18/0x40 [ 12.601894] kasan_save_alloc_info+0x3b/0x50 [ 12.602173] __kasan_kmalloc+0xb7/0xc0 [ 12.602309] __kmalloc_cache_noprof+0x189/0x420 [ 12.602461] kmalloc_uaf_16+0x15b/0x4c0 [ 12.602672] kunit_try_run_case+0x1a5/0x480 [ 12.602892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.603252] kthread+0x337/0x6f0 [ 12.603368] ret_from_fork+0x116/0x1d0 [ 12.603494] ret_from_fork_asm+0x1a/0x30 [ 12.603865] [ 12.603979] Freed by task 185: [ 12.604151] kasan_save_stack+0x45/0x70 [ 12.604444] kasan_save_track+0x18/0x40 [ 12.604611] kasan_save_free_info+0x3f/0x60 [ 12.604834] __kasan_slab_free+0x56/0x70 [ 12.604968] kfree+0x222/0x3f0 [ 12.605267] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.605461] kunit_try_run_case+0x1a5/0x480 [ 12.605636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.605861] kthread+0x337/0x6f0 [ 12.606121] ret_from_fork+0x116/0x1d0 [ 12.606284] ret_from_fork_asm+0x1a/0x30 [ 12.606423] [ 12.606493] The buggy address belongs to the object at ffff8881031eb000 [ 12.606493] which belongs to the cache kmalloc-16 of size 16 [ 12.607093] The buggy address is located 0 bytes inside of [ 12.607093] freed 16-byte region [ffff8881031eb000, ffff8881031eb010) [ 12.607605] [ 12.607828] The buggy address belongs to the physical page: [ 12.608013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031eb [ 12.608373] flags: 0x200000000000000(node=0|zone=2) [ 12.608662] page_type: f5(slab) [ 12.608850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.609252] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.609586] page dumped because: kasan: bad access detected [ 12.609826] [ 12.609896] Memory state around the buggy address: [ 12.610179] ffff8881031eaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610541] ffff8881031eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610858] >ffff8881031eb000: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611374] ^ [ 12.611555] ffff8881031eb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611868] ffff8881031eb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612082] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.560411] ================================================================== [ 12.560908] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.561974] Write of size 16 at addr ffff88810226cf80 by task kunit_try_catch/183 [ 12.562901] [ 12.563189] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.563250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.563262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.563304] Call Trace: [ 12.563317] <TASK> [ 12.563334] dump_stack_lvl+0x73/0xb0 [ 12.563369] print_report+0xd1/0x650 [ 12.563412] ? __virt_addr_valid+0x1db/0x2d0 [ 12.563436] ? kmalloc_oob_16+0x452/0x4a0 [ 12.563457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.563480] ? kmalloc_oob_16+0x452/0x4a0 [ 12.563501] kasan_report+0x141/0x180 [ 12.563524] ? kmalloc_oob_16+0x452/0x4a0 [ 12.563549] __asan_report_store16_noabort+0x1b/0x30 [ 12.563575] kmalloc_oob_16+0x452/0x4a0 [ 12.563596] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.563619] ? __schedule+0x10cc/0x2b60 [ 12.563641] ? __pfx_read_tsc+0x10/0x10 [ 12.563663] ? ktime_get_ts64+0x86/0x230 [ 12.563689] kunit_try_run_case+0x1a5/0x480 [ 12.563735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.563783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.563818] ? __kthread_parkme+0x82/0x180 [ 12.563840] ? preempt_count_sub+0x50/0x80 [ 12.563864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.563940] kthread+0x337/0x6f0 [ 12.563958] ? trace_preempt_on+0x20/0xc0 [ 12.563983] ? __pfx_kthread+0x10/0x10 [ 12.564004] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.564032] ? calculate_sigpending+0x7b/0xa0 [ 12.564056] ? __pfx_kthread+0x10/0x10 [ 12.564077] ret_from_fork+0x116/0x1d0 [ 12.564095] ? __pfx_kthread+0x10/0x10 [ 12.564116] ret_from_fork_asm+0x1a/0x30 [ 12.564147] </TASK> [ 12.564157] [ 12.574696] Allocated by task 183: [ 12.575105] kasan_save_stack+0x45/0x70 [ 12.575590] kasan_save_track+0x18/0x40 [ 12.575818] kasan_save_alloc_info+0x3b/0x50 [ 12.576116] __kasan_kmalloc+0xb7/0xc0 [ 12.576258] __kmalloc_cache_noprof+0x189/0x420 [ 12.576464] kmalloc_oob_16+0xa8/0x4a0 [ 12.576747] kunit_try_run_case+0x1a5/0x480 [ 12.576987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.577353] kthread+0x337/0x6f0 [ 12.577501] ret_from_fork+0x116/0x1d0 [ 12.577720] ret_from_fork_asm+0x1a/0x30 [ 12.577949] [ 12.578221] The buggy address belongs to the object at ffff88810226cf80 [ 12.578221] which belongs to the cache kmalloc-16 of size 16 [ 12.578792] The buggy address is located 0 bytes inside of [ 12.578792] allocated 13-byte region [ffff88810226cf80, ffff88810226cf8d) [ 12.579487] [ 12.579600] The buggy address belongs to the physical page: [ 12.579885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 12.580311] flags: 0x200000000000000(node=0|zone=2) [ 12.580579] page_type: f5(slab) [ 12.580798] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.581194] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.581743] page dumped because: kasan: bad access detected [ 12.582170] [ 12.582275] Memory state around the buggy address: [ 12.582472] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 12.582826] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.583168] >ffff88810226cf80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.583448] ^ [ 12.583815] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.584213] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.584607] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.495919] ================================================================== [ 12.496368] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.496595] Read of size 1 at addr ffff888100350a00 by task kunit_try_catch/181 [ 12.497645] [ 12.498141] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.498255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.498268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.498288] Call Trace: [ 12.498300] <TASK> [ 12.498316] dump_stack_lvl+0x73/0xb0 [ 12.498348] print_report+0xd1/0x650 [ 12.498378] ? __virt_addr_valid+0x1db/0x2d0 [ 12.498400] ? krealloc_uaf+0x1b8/0x5e0 [ 12.498421] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.498443] ? krealloc_uaf+0x1b8/0x5e0 [ 12.498464] kasan_report+0x141/0x180 [ 12.498485] ? krealloc_uaf+0x1b8/0x5e0 [ 12.498509] ? krealloc_uaf+0x1b8/0x5e0 [ 12.498529] __kasan_check_byte+0x3d/0x50 [ 12.498551] krealloc_noprof+0x3f/0x340 [ 12.498573] krealloc_uaf+0x1b8/0x5e0 [ 12.498593] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.498614] ? finish_task_switch.isra.0+0x153/0x700 [ 12.498636] ? __switch_to+0x47/0xf50 [ 12.498660] ? __schedule+0x10cc/0x2b60 [ 12.498682] ? __pfx_read_tsc+0x10/0x10 [ 12.498713] ? ktime_get_ts64+0x86/0x230 [ 12.498737] kunit_try_run_case+0x1a5/0x480 [ 12.498760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.498783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.498805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.498829] ? __kthread_parkme+0x82/0x180 [ 12.498849] ? preempt_count_sub+0x50/0x80 [ 12.498872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.498895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.498919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.498944] kthread+0x337/0x6f0 [ 12.498962] ? trace_preempt_on+0x20/0xc0 [ 12.498985] ? __pfx_kthread+0x10/0x10 [ 12.499005] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.499032] ? calculate_sigpending+0x7b/0xa0 [ 12.499055] ? __pfx_kthread+0x10/0x10 [ 12.499076] ret_from_fork+0x116/0x1d0 [ 12.499093] ? __pfx_kthread+0x10/0x10 [ 12.499113] ret_from_fork_asm+0x1a/0x30 [ 12.499143] </TASK> [ 12.499153] [ 12.511583] Allocated by task 181: [ 12.511821] kasan_save_stack+0x45/0x70 [ 12.512187] kasan_save_track+0x18/0x40 [ 12.512402] kasan_save_alloc_info+0x3b/0x50 [ 12.512615] __kasan_kmalloc+0xb7/0xc0 [ 12.512861] __kmalloc_cache_noprof+0x189/0x420 [ 12.513204] krealloc_uaf+0xbb/0x5e0 [ 12.513372] kunit_try_run_case+0x1a5/0x480 [ 12.513560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.513782] kthread+0x337/0x6f0 [ 12.513950] ret_from_fork+0x116/0x1d0 [ 12.514143] ret_from_fork_asm+0x1a/0x30 [ 12.514338] [ 12.514451] Freed by task 181: [ 12.514615] kasan_save_stack+0x45/0x70 [ 12.514768] kasan_save_track+0x18/0x40 [ 12.514903] kasan_save_free_info+0x3f/0x60 [ 12.515055] __kasan_slab_free+0x56/0x70 [ 12.515204] kfree+0x222/0x3f0 [ 12.515363] krealloc_uaf+0x13d/0x5e0 [ 12.515547] kunit_try_run_case+0x1a5/0x480 [ 12.516115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.516381] kthread+0x337/0x6f0 [ 12.516549] ret_from_fork+0x116/0x1d0 [ 12.516746] ret_from_fork_asm+0x1a/0x30 [ 12.516989] [ 12.517192] The buggy address belongs to the object at ffff888100350a00 [ 12.517192] which belongs to the cache kmalloc-256 of size 256 [ 12.517697] The buggy address is located 0 bytes inside of [ 12.517697] freed 256-byte region [ffff888100350a00, ffff888100350b00) [ 12.518326] [ 12.518435] The buggy address belongs to the physical page: [ 12.518669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.519209] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.519569] flags: 0x200000000000040(head|node=0|zone=2) [ 12.519829] page_type: f5(slab) [ 12.519982] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.520417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.520767] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.521119] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.521475] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.521807] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.522210] page dumped because: kasan: bad access detected [ 12.522451] [ 12.522556] Memory state around the buggy address: [ 12.522785] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.523310] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.523626] >ffff888100350a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.523871] ^ [ 12.524144] ffff888100350a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.524474] ffff888100350b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.524772] ================================================================== [ 12.526692] ================================================================== [ 12.527347] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.527687] Read of size 1 at addr ffff888100350a00 by task kunit_try_catch/181 [ 12.527971] [ 12.528091] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.528132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.528143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.528162] Call Trace: [ 12.528178] <TASK> [ 12.528193] dump_stack_lvl+0x73/0xb0 [ 12.528221] print_report+0xd1/0x650 [ 12.528242] ? __virt_addr_valid+0x1db/0x2d0 [ 12.528265] ? krealloc_uaf+0x53c/0x5e0 [ 12.528285] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.528308] ? krealloc_uaf+0x53c/0x5e0 [ 12.528333] kasan_report+0x141/0x180 [ 12.528354] ? krealloc_uaf+0x53c/0x5e0 [ 12.528379] __asan_report_load1_noabort+0x18/0x20 [ 12.528404] krealloc_uaf+0x53c/0x5e0 [ 12.528424] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.528445] ? finish_task_switch.isra.0+0x153/0x700 [ 12.528467] ? __switch_to+0x47/0xf50 [ 12.528492] ? __schedule+0x10cc/0x2b60 [ 12.528513] ? __pfx_read_tsc+0x10/0x10 [ 12.528534] ? ktime_get_ts64+0x86/0x230 [ 12.528557] kunit_try_run_case+0x1a5/0x480 [ 12.528581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.528626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.528649] ? __kthread_parkme+0x82/0x180 [ 12.528669] ? preempt_count_sub+0x50/0x80 [ 12.528692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.528750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.528775] kthread+0x337/0x6f0 [ 12.528794] ? trace_preempt_on+0x20/0xc0 [ 12.528818] ? __pfx_kthread+0x10/0x10 [ 12.528838] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.528860] ? calculate_sigpending+0x7b/0xa0 [ 12.528883] ? __pfx_kthread+0x10/0x10 [ 12.528904] ret_from_fork+0x116/0x1d0 [ 12.528922] ? __pfx_kthread+0x10/0x10 [ 12.528941] ret_from_fork_asm+0x1a/0x30 [ 12.528971] </TASK> [ 12.528981] [ 12.540980] Allocated by task 181: [ 12.541189] kasan_save_stack+0x45/0x70 [ 12.541339] kasan_save_track+0x18/0x40 [ 12.541473] kasan_save_alloc_info+0x3b/0x50 [ 12.541621] __kasan_kmalloc+0xb7/0xc0 [ 12.541770] __kmalloc_cache_noprof+0x189/0x420 [ 12.541993] krealloc_uaf+0xbb/0x5e0 [ 12.542347] kunit_try_run_case+0x1a5/0x480 [ 12.542535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.542746] kthread+0x337/0x6f0 [ 12.542912] ret_from_fork+0x116/0x1d0 [ 12.543198] ret_from_fork_asm+0x1a/0x30 [ 12.543393] [ 12.543468] Freed by task 181: [ 12.543626] kasan_save_stack+0x45/0x70 [ 12.543820] kasan_save_track+0x18/0x40 [ 12.544087] kasan_save_free_info+0x3f/0x60 [ 12.544282] __kasan_slab_free+0x56/0x70 [ 12.544454] kfree+0x222/0x3f0 [ 12.544615] krealloc_uaf+0x13d/0x5e0 [ 12.544761] kunit_try_run_case+0x1a5/0x480 [ 12.544967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.545285] kthread+0x337/0x6f0 [ 12.545434] ret_from_fork+0x116/0x1d0 [ 12.545575] ret_from_fork_asm+0x1a/0x30 [ 12.545788] [ 12.545885] The buggy address belongs to the object at ffff888100350a00 [ 12.545885] which belongs to the cache kmalloc-256 of size 256 [ 12.546520] The buggy address is located 0 bytes inside of [ 12.546520] freed 256-byte region [ffff888100350a00, ffff888100350b00) [ 12.546995] [ 12.547221] The buggy address belongs to the physical page: [ 12.547444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.547736] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.547961] flags: 0x200000000000040(head|node=0|zone=2) [ 12.548290] page_type: f5(slab) [ 12.548464] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.548779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.549075] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.549425] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.549781] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.550260] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.550563] page dumped because: kasan: bad access detected [ 12.550791] [ 12.550881] Memory state around the buggy address: [ 12.551217] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.551502] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.551801] >ffff888100350a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.552176] ^ [ 12.552342] ffff888100350a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.552619] ffff888100350b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.552921] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.467956] ================================================================== [ 12.468257] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.469327] Write of size 1 at addr ffff888102a320eb by task kunit_try_catch/179 [ 12.469677] [ 12.469793] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.469992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.470005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.470037] Call Trace: [ 12.470050] <TASK> [ 12.470075] dump_stack_lvl+0x73/0xb0 [ 12.470104] print_report+0xd1/0x650 [ 12.470125] ? __virt_addr_valid+0x1db/0x2d0 [ 12.470147] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.470171] ? kasan_addr_to_slab+0x11/0xa0 [ 12.470191] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.470215] kasan_report+0x141/0x180 [ 12.470236] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.470265] __asan_report_store1_noabort+0x1b/0x30 [ 12.470289] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.470315] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.470340] ? finish_task_switch.isra.0+0x153/0x700 [ 12.470362] ? __switch_to+0x47/0xf50 [ 12.470386] ? __schedule+0x10cc/0x2b60 [ 12.470408] ? __pfx_read_tsc+0x10/0x10 [ 12.470432] krealloc_large_less_oob+0x1c/0x30 [ 12.470455] kunit_try_run_case+0x1a5/0x480 [ 12.470479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.470501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.470524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.470547] ? __kthread_parkme+0x82/0x180 [ 12.470567] ? preempt_count_sub+0x50/0x80 [ 12.470589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.470613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.470637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.470661] kthread+0x337/0x6f0 [ 12.470679] ? trace_preempt_on+0x20/0xc0 [ 12.470716] ? __pfx_kthread+0x10/0x10 [ 12.470736] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.470757] ? calculate_sigpending+0x7b/0xa0 [ 12.470780] ? __pfx_kthread+0x10/0x10 [ 12.470802] ret_from_fork+0x116/0x1d0 [ 12.470820] ? __pfx_kthread+0x10/0x10 [ 12.470841] ret_from_fork_asm+0x1a/0x30 [ 12.470871] </TASK> [ 12.470880] [ 12.481672] The buggy address belongs to the physical page: [ 12.482021] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.482610] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.483048] flags: 0x200000000000040(head|node=0|zone=2) [ 12.483292] page_type: f8(unknown) [ 12.483459] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.483798] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.484444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.484779] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.485313] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.486080] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.486587] page dumped because: kasan: bad access detected [ 12.486960] [ 12.487055] Memory state around the buggy address: [ 12.487636] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.487969] ffff888102a32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.488435] >ffff888102a32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.488896] ^ [ 12.489342] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.489650] ffff888102a32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.489967] ================================================================== [ 12.402648] ================================================================== [ 12.402969] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.403527] Write of size 1 at addr ffff888102a320d0 by task kunit_try_catch/179 [ 12.403891] [ 12.403999] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.404098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.404110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.404129] Call Trace: [ 12.404140] <TASK> [ 12.404153] dump_stack_lvl+0x73/0xb0 [ 12.404182] print_report+0xd1/0x650 [ 12.404203] ? __virt_addr_valid+0x1db/0x2d0 [ 12.404226] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.404250] ? kasan_addr_to_slab+0x11/0xa0 [ 12.404270] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.404294] kasan_report+0x141/0x180 [ 12.404321] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.404349] __asan_report_store1_noabort+0x1b/0x30 [ 12.404374] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.404424] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.404450] ? finish_task_switch.isra.0+0x153/0x700 [ 12.404472] ? __switch_to+0x47/0xf50 [ 12.404512] ? __schedule+0x10cc/0x2b60 [ 12.404534] ? __pfx_read_tsc+0x10/0x10 [ 12.404571] krealloc_large_less_oob+0x1c/0x30 [ 12.404594] kunit_try_run_case+0x1a5/0x480 [ 12.404631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.404653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.404689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.404735] ? __kthread_parkme+0x82/0x180 [ 12.404755] ? preempt_count_sub+0x50/0x80 [ 12.404778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.404815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.404851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.404889] kthread+0x337/0x6f0 [ 12.404908] ? trace_preempt_on+0x20/0xc0 [ 12.404932] ? __pfx_kthread+0x10/0x10 [ 12.404952] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.404973] ? calculate_sigpending+0x7b/0xa0 [ 12.404995] ? __pfx_kthread+0x10/0x10 [ 12.405016] ret_from_fork+0x116/0x1d0 [ 12.405052] ? __pfx_kthread+0x10/0x10 [ 12.405072] ret_from_fork_asm+0x1a/0x30 [ 12.405102] </TASK> [ 12.405111] [ 12.413363] The buggy address belongs to the physical page: [ 12.413620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.413970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.414195] flags: 0x200000000000040(head|node=0|zone=2) [ 12.414596] page_type: f8(unknown) [ 12.414786] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.415547] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.416462] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.416876] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.417465] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.417960] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.418307] page dumped because: kasan: bad access detected [ 12.418685] [ 12.418774] Memory state around the buggy address: [ 12.418930] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.419838] ffff888102a32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.420749] >ffff888102a32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.421630] ^ [ 12.422310] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.422692] ffff888102a32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.422922] ================================================================== [ 12.311162] ================================================================== [ 12.311478] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.311843] Write of size 1 at addr ffff888100aa1aeb by task kunit_try_catch/175 [ 12.312152] [ 12.312253] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.312291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.312302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.312325] Call Trace: [ 12.312338] <TASK> [ 12.312353] dump_stack_lvl+0x73/0xb0 [ 12.312379] print_report+0xd1/0x650 [ 12.312400] ? __virt_addr_valid+0x1db/0x2d0 [ 12.312421] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.312445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.312467] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.312492] kasan_report+0x141/0x180 [ 12.312513] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.312541] __asan_report_store1_noabort+0x1b/0x30 [ 12.312566] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.312591] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.312615] ? finish_task_switch.isra.0+0x153/0x700 [ 12.312638] ? __switch_to+0x47/0xf50 [ 12.312662] ? __schedule+0x10cc/0x2b60 [ 12.312683] ? __pfx_read_tsc+0x10/0x10 [ 12.312717] krealloc_less_oob+0x1c/0x30 [ 12.312738] kunit_try_run_case+0x1a5/0x480 [ 12.312761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.312783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.312806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.312829] ? __kthread_parkme+0x82/0x180 [ 12.312850] ? preempt_count_sub+0x50/0x80 [ 12.312873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.312896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.312920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.312944] kthread+0x337/0x6f0 [ 12.312962] ? trace_preempt_on+0x20/0xc0 [ 12.312985] ? __pfx_kthread+0x10/0x10 [ 12.313005] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.313310] ? calculate_sigpending+0x7b/0xa0 [ 12.313346] ? __pfx_kthread+0x10/0x10 [ 12.313368] ret_from_fork+0x116/0x1d0 [ 12.313387] ? __pfx_kthread+0x10/0x10 [ 12.313407] ret_from_fork_asm+0x1a/0x30 [ 12.313438] </TASK> [ 12.313447] [ 12.321228] Allocated by task 175: [ 12.321430] kasan_save_stack+0x45/0x70 [ 12.321637] kasan_save_track+0x18/0x40 [ 12.321812] kasan_save_alloc_info+0x3b/0x50 [ 12.322100] __kasan_krealloc+0x190/0x1f0 [ 12.322258] krealloc_noprof+0xf3/0x340 [ 12.322392] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.322597] krealloc_less_oob+0x1c/0x30 [ 12.322804] kunit_try_run_case+0x1a5/0x480 [ 12.323191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.323423] kthread+0x337/0x6f0 [ 12.323593] ret_from_fork+0x116/0x1d0 [ 12.323818] ret_from_fork_asm+0x1a/0x30 [ 12.324151] [ 12.324272] The buggy address belongs to the object at ffff888100aa1a00 [ 12.324272] which belongs to the cache kmalloc-256 of size 256 [ 12.324769] The buggy address is located 34 bytes to the right of [ 12.324769] allocated 201-byte region [ffff888100aa1a00, ffff888100aa1ac9) [ 12.325384] [ 12.325458] The buggy address belongs to the physical page: [ 12.325630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 12.325982] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.326303] flags: 0x200000000000040(head|node=0|zone=2) [ 12.327754] page_type: f5(slab) [ 12.327907] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.328131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.328363] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.328587] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.328824] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 12.329944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.330601] page dumped because: kasan: bad access detected [ 12.331786] [ 12.332106] Memory state around the buggy address: [ 12.332985] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.334011] ffff888100aa1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.334289] >ffff888100aa1a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.334507] ^ [ 12.334718] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.334931] ffff888100aa1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.335977] ================================================================== [ 12.423223] ================================================================== [ 12.423612] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.424019] Write of size 1 at addr ffff888102a320da by task kunit_try_catch/179 [ 12.424293] [ 12.424382] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.424422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.424432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.424450] Call Trace: [ 12.424463] <TASK> [ 12.424476] dump_stack_lvl+0x73/0xb0 [ 12.424504] print_report+0xd1/0x650 [ 12.424526] ? __virt_addr_valid+0x1db/0x2d0 [ 12.424548] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.424572] ? kasan_addr_to_slab+0x11/0xa0 [ 12.424846] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.424889] kasan_report+0x141/0x180 [ 12.424913] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.424941] __asan_report_store1_noabort+0x1b/0x30 [ 12.424966] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.424992] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.425016] ? finish_task_switch.isra.0+0x153/0x700 [ 12.425323] ? __switch_to+0x47/0xf50 [ 12.425349] ? __schedule+0x10cc/0x2b60 [ 12.425370] ? __pfx_read_tsc+0x10/0x10 [ 12.425393] krealloc_large_less_oob+0x1c/0x30 [ 12.425417] kunit_try_run_case+0x1a5/0x480 [ 12.425440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.425463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.425485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.425510] ? __kthread_parkme+0x82/0x180 [ 12.425529] ? preempt_count_sub+0x50/0x80 [ 12.425552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.425576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.425599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.425624] kthread+0x337/0x6f0 [ 12.425642] ? trace_preempt_on+0x20/0xc0 [ 12.425665] ? __pfx_kthread+0x10/0x10 [ 12.425685] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.425719] ? calculate_sigpending+0x7b/0xa0 [ 12.425742] ? __pfx_kthread+0x10/0x10 [ 12.425762] ret_from_fork+0x116/0x1d0 [ 12.425780] ? __pfx_kthread+0x10/0x10 [ 12.425800] ret_from_fork_asm+0x1a/0x30 [ 12.425830] </TASK> [ 12.425839] [ 12.437088] The buggy address belongs to the physical page: [ 12.437360] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.437699] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.438295] flags: 0x200000000000040(head|node=0|zone=2) [ 12.438626] page_type: f8(unknown) [ 12.438894] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.439490] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.439908] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.440386] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.440741] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.441060] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.441400] page dumped because: kasan: bad access detected [ 12.441645] [ 12.441749] Memory state around the buggy address: [ 12.442211] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.442506] ffff888102a32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.442921] >ffff888102a32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.443455] ^ [ 12.443826] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.444257] ffff888102a32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.444692] ================================================================== [ 12.289654] ================================================================== [ 12.289988] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.290481] Write of size 1 at addr ffff888100aa1aea by task kunit_try_catch/175 [ 12.290772] [ 12.290857] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.290895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.290906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.290925] Call Trace: [ 12.290936] <TASK> [ 12.290949] dump_stack_lvl+0x73/0xb0 [ 12.290974] print_report+0xd1/0x650 [ 12.290995] ? __virt_addr_valid+0x1db/0x2d0 [ 12.291101] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.291127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.291152] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.291176] kasan_report+0x141/0x180 [ 12.291198] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.291226] __asan_report_store1_noabort+0x1b/0x30 [ 12.291251] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.291276] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.291301] ? finish_task_switch.isra.0+0x153/0x700 [ 12.291323] ? __switch_to+0x47/0xf50 [ 12.291347] ? __schedule+0x10cc/0x2b60 [ 12.291368] ? __pfx_read_tsc+0x10/0x10 [ 12.291391] krealloc_less_oob+0x1c/0x30 [ 12.291412] kunit_try_run_case+0x1a5/0x480 [ 12.291436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.291481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.291506] ? __kthread_parkme+0x82/0x180 [ 12.291525] ? preempt_count_sub+0x50/0x80 [ 12.291549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.291624] kthread+0x337/0x6f0 [ 12.291642] ? trace_preempt_on+0x20/0xc0 [ 12.291667] ? __pfx_kthread+0x10/0x10 [ 12.291687] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.291719] ? calculate_sigpending+0x7b/0xa0 [ 12.291745] ? __pfx_kthread+0x10/0x10 [ 12.291767] ret_from_fork+0x116/0x1d0 [ 12.291786] ? __pfx_kthread+0x10/0x10 [ 12.291807] ret_from_fork_asm+0x1a/0x30 [ 12.291838] </TASK> [ 12.291848] [ 12.299946] Allocated by task 175: [ 12.300302] kasan_save_stack+0x45/0x70 [ 12.300496] kasan_save_track+0x18/0x40 [ 12.300663] kasan_save_alloc_info+0x3b/0x50 [ 12.300884] __kasan_krealloc+0x190/0x1f0 [ 12.301089] krealloc_noprof+0xf3/0x340 [ 12.301254] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.301463] krealloc_less_oob+0x1c/0x30 [ 12.301602] kunit_try_run_case+0x1a5/0x480 [ 12.301813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.302079] kthread+0x337/0x6f0 [ 12.302248] ret_from_fork+0x116/0x1d0 [ 12.302392] ret_from_fork_asm+0x1a/0x30 [ 12.302563] [ 12.302655] The buggy address belongs to the object at ffff888100aa1a00 [ 12.302655] which belongs to the cache kmalloc-256 of size 256 [ 12.303285] The buggy address is located 33 bytes to the right of [ 12.303285] allocated 201-byte region [ffff888100aa1a00, ffff888100aa1ac9) [ 12.303781] [ 12.303880] The buggy address belongs to the physical page: [ 12.304179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 12.304476] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.304712] flags: 0x200000000000040(head|node=0|zone=2) [ 12.304885] page_type: f5(slab) [ 12.305002] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.305417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.305767] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.306298] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.306644] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 12.306923] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.307234] page dumped because: kasan: bad access detected [ 12.307491] [ 12.307584] Memory state around the buggy address: [ 12.307816] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.308207] ffff888100aa1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.308521] >ffff888100aa1a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.308794] ^ [ 12.309111] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.309402] ffff888100aa1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.309679] ================================================================== [ 12.445369] ================================================================== [ 12.445674] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.446036] Write of size 1 at addr ffff888102a320ea by task kunit_try_catch/179 [ 12.446920] [ 12.447034] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.447075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.447086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.447104] Call Trace: [ 12.447208] <TASK> [ 12.447227] dump_stack_lvl+0x73/0xb0 [ 12.447257] print_report+0xd1/0x650 [ 12.447359] ? __virt_addr_valid+0x1db/0x2d0 [ 12.447385] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.447409] ? kasan_addr_to_slab+0x11/0xa0 [ 12.447429] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.447454] kasan_report+0x141/0x180 [ 12.447475] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.447504] __asan_report_store1_noabort+0x1b/0x30 [ 12.447529] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.447554] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.447579] ? finish_task_switch.isra.0+0x153/0x700 [ 12.447601] ? __switch_to+0x47/0xf50 [ 12.447624] ? __schedule+0x10cc/0x2b60 [ 12.447646] ? __pfx_read_tsc+0x10/0x10 [ 12.447669] krealloc_large_less_oob+0x1c/0x30 [ 12.447692] kunit_try_run_case+0x1a5/0x480 [ 12.447727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.447749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.447772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.447795] ? __kthread_parkme+0x82/0x180 [ 12.447816] ? preempt_count_sub+0x50/0x80 [ 12.447839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.447863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.447886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.447911] kthread+0x337/0x6f0 [ 12.447929] ? trace_preempt_on+0x20/0xc0 [ 12.447952] ? __pfx_kthread+0x10/0x10 [ 12.447971] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.447992] ? calculate_sigpending+0x7b/0xa0 [ 12.448015] ? __pfx_kthread+0x10/0x10 [ 12.448062] ret_from_fork+0x116/0x1d0 [ 12.448090] ? __pfx_kthread+0x10/0x10 [ 12.448110] ret_from_fork_asm+0x1a/0x30 [ 12.448140] </TASK> [ 12.448150] [ 12.459364] The buggy address belongs to the physical page: [ 12.459630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.459961] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.460722] flags: 0x200000000000040(head|node=0|zone=2) [ 12.461077] page_type: f8(unknown) [ 12.461438] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.461802] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.462361] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.462835] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.463316] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.463788] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.464236] page dumped because: kasan: bad access detected [ 12.464486] [ 12.464570] Memory state around the buggy address: [ 12.464814] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.465479] ffff888102a32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.465786] >ffff888102a32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.466417] ^ [ 12.466843] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.467256] ffff888102a32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.467574] ================================================================== [ 12.228764] ================================================================== [ 12.229228] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.229549] Write of size 1 at addr ffff888100aa1ac9 by task kunit_try_catch/175 [ 12.229843] [ 12.229952] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.229994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.230004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.230024] Call Trace: [ 12.230035] <TASK> [ 12.230052] dump_stack_lvl+0x73/0xb0 [ 12.230079] print_report+0xd1/0x650 [ 12.230100] ? __virt_addr_valid+0x1db/0x2d0 [ 12.230121] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.230144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.230165] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.230188] kasan_report+0x141/0x180 [ 12.230208] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.230235] __asan_report_store1_noabort+0x1b/0x30 [ 12.230258] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.230283] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.230306] ? finish_task_switch.isra.0+0x153/0x700 [ 12.230328] ? __switch_to+0x47/0xf50 [ 12.230352] ? __schedule+0x10cc/0x2b60 [ 12.230373] ? __pfx_read_tsc+0x10/0x10 [ 12.230396] krealloc_less_oob+0x1c/0x30 [ 12.230416] kunit_try_run_case+0x1a5/0x480 [ 12.230439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.230483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.230504] ? __kthread_parkme+0x82/0x180 [ 12.230524] ? preempt_count_sub+0x50/0x80 [ 12.230545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.230612] kthread+0x337/0x6f0 [ 12.230629] ? trace_preempt_on+0x20/0xc0 [ 12.230652] ? __pfx_kthread+0x10/0x10 [ 12.230671] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.230691] ? calculate_sigpending+0x7b/0xa0 [ 12.230750] ? __pfx_kthread+0x10/0x10 [ 12.230792] ret_from_fork+0x116/0x1d0 [ 12.230810] ? __pfx_kthread+0x10/0x10 [ 12.230859] ret_from_fork_asm+0x1a/0x30 [ 12.230890] </TASK> [ 12.230899] [ 12.238269] Allocated by task 175: [ 12.238450] kasan_save_stack+0x45/0x70 [ 12.238657] kasan_save_track+0x18/0x40 [ 12.238853] kasan_save_alloc_info+0x3b/0x50 [ 12.239114] __kasan_krealloc+0x190/0x1f0 [ 12.239288] krealloc_noprof+0xf3/0x340 [ 12.239461] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.239685] krealloc_less_oob+0x1c/0x30 [ 12.239833] kunit_try_run_case+0x1a5/0x480 [ 12.239978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.240282] kthread+0x337/0x6f0 [ 12.240458] ret_from_fork+0x116/0x1d0 [ 12.240647] ret_from_fork_asm+0x1a/0x30 [ 12.240849] [ 12.240928] The buggy address belongs to the object at ffff888100aa1a00 [ 12.240928] which belongs to the cache kmalloc-256 of size 256 [ 12.241531] The buggy address is located 0 bytes to the right of [ 12.241531] allocated 201-byte region [ffff888100aa1a00, ffff888100aa1ac9) [ 12.241916] [ 12.242091] The buggy address belongs to the physical page: [ 12.242350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 12.242716] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.243135] flags: 0x200000000000040(head|node=0|zone=2) [ 12.243392] page_type: f5(slab) [ 12.243564] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.243923] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.244288] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.244526] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.244795] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 12.245208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.245547] page dumped because: kasan: bad access detected [ 12.245808] [ 12.245901] Memory state around the buggy address: [ 12.246261] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.246510] ffff888100aa1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.246846] >ffff888100aa1a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.247174] ^ [ 12.247435] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.247762] ffff888100aa1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.248115] ================================================================== [ 12.269465] ================================================================== [ 12.269818] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.270364] Write of size 1 at addr ffff888100aa1ada by task kunit_try_catch/175 [ 12.270666] [ 12.270793] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.270832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.270843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.270862] Call Trace: [ 12.270875] <TASK> [ 12.270889] dump_stack_lvl+0x73/0xb0 [ 12.270917] print_report+0xd1/0x650 [ 12.270939] ? __virt_addr_valid+0x1db/0x2d0 [ 12.270960] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.270983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.271006] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.271110] kasan_report+0x141/0x180 [ 12.271132] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.271161] __asan_report_store1_noabort+0x1b/0x30 [ 12.271186] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.271212] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.271236] ? finish_task_switch.isra.0+0x153/0x700 [ 12.271258] ? __switch_to+0x47/0xf50 [ 12.271282] ? __schedule+0x10cc/0x2b60 [ 12.271303] ? __pfx_read_tsc+0x10/0x10 [ 12.271326] krealloc_less_oob+0x1c/0x30 [ 12.271349] kunit_try_run_case+0x1a5/0x480 [ 12.271372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.271418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.271441] ? __kthread_parkme+0x82/0x180 [ 12.271460] ? preempt_count_sub+0x50/0x80 [ 12.271483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.271530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.271555] kthread+0x337/0x6f0 [ 12.271573] ? trace_preempt_on+0x20/0xc0 [ 12.271596] ? __pfx_kthread+0x10/0x10 [ 12.271616] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.271637] ? calculate_sigpending+0x7b/0xa0 [ 12.271660] ? __pfx_kthread+0x10/0x10 [ 12.271681] ret_from_fork+0x116/0x1d0 [ 12.271698] ? __pfx_kthread+0x10/0x10 [ 12.271729] ret_from_fork_asm+0x1a/0x30 [ 12.271760] </TASK> [ 12.271770] [ 12.279331] Allocated by task 175: [ 12.279460] kasan_save_stack+0x45/0x70 [ 12.279604] kasan_save_track+0x18/0x40 [ 12.279755] kasan_save_alloc_info+0x3b/0x50 [ 12.279967] __kasan_krealloc+0x190/0x1f0 [ 12.280406] krealloc_noprof+0xf3/0x340 [ 12.280613] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.280857] krealloc_less_oob+0x1c/0x30 [ 12.281123] kunit_try_run_case+0x1a5/0x480 [ 12.281274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.281450] kthread+0x337/0x6f0 [ 12.281613] ret_from_fork+0x116/0x1d0 [ 12.281810] ret_from_fork_asm+0x1a/0x30 [ 12.282006] [ 12.282175] The buggy address belongs to the object at ffff888100aa1a00 [ 12.282175] which belongs to the cache kmalloc-256 of size 256 [ 12.282686] The buggy address is located 17 bytes to the right of [ 12.282686] allocated 201-byte region [ffff888100aa1a00, ffff888100aa1ac9) [ 12.283247] [ 12.283320] The buggy address belongs to the physical page: [ 12.283491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 12.283856] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.284277] flags: 0x200000000000040(head|node=0|zone=2) [ 12.284517] page_type: f5(slab) [ 12.284688] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.284939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.285412] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.285769] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.286196] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 12.286536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.286874] page dumped because: kasan: bad access detected [ 12.287117] [ 12.287188] Memory state around the buggy address: [ 12.287342] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.287661] ffff888100aa1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.287998] >ffff888100aa1a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.288387] ^ [ 12.288617] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.288915] ffff888100aa1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.289262] ================================================================== [ 12.249194] ================================================================== [ 12.249481] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.249741] Write of size 1 at addr ffff888100aa1ad0 by task kunit_try_catch/175 [ 12.250071] [ 12.250180] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.250219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.250229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.250248] Call Trace: [ 12.250259] <TASK> [ 12.250272] dump_stack_lvl+0x73/0xb0 [ 12.250297] print_report+0xd1/0x650 [ 12.250317] ? __virt_addr_valid+0x1db/0x2d0 [ 12.250338] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.250360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.250381] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.250403] kasan_report+0x141/0x180 [ 12.250424] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.250451] __asan_report_store1_noabort+0x1b/0x30 [ 12.250474] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.250498] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.250521] ? finish_task_switch.isra.0+0x153/0x700 [ 12.250541] ? __switch_to+0x47/0xf50 [ 12.250565] ? __schedule+0x10cc/0x2b60 [ 12.250586] ? __pfx_read_tsc+0x10/0x10 [ 12.250608] krealloc_less_oob+0x1c/0x30 [ 12.250628] kunit_try_run_case+0x1a5/0x480 [ 12.250650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.250671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.250692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.250853] ? __kthread_parkme+0x82/0x180 [ 12.250877] ? preempt_count_sub+0x50/0x80 [ 12.250899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.250923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.250948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.250972] kthread+0x337/0x6f0 [ 12.250990] ? trace_preempt_on+0x20/0xc0 [ 12.251340] ? __pfx_kthread+0x10/0x10 [ 12.251368] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.251390] ? calculate_sigpending+0x7b/0xa0 [ 12.251413] ? __pfx_kthread+0x10/0x10 [ 12.251434] ret_from_fork+0x116/0x1d0 [ 12.251452] ? __pfx_kthread+0x10/0x10 [ 12.251472] ret_from_fork_asm+0x1a/0x30 [ 12.251502] </TASK> [ 12.251511] [ 12.259071] Allocated by task 175: [ 12.259246] kasan_save_stack+0x45/0x70 [ 12.259457] kasan_save_track+0x18/0x40 [ 12.259655] kasan_save_alloc_info+0x3b/0x50 [ 12.259877] __kasan_krealloc+0x190/0x1f0 [ 12.260267] krealloc_noprof+0xf3/0x340 [ 12.260474] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.260671] krealloc_less_oob+0x1c/0x30 [ 12.260871] kunit_try_run_case+0x1a5/0x480 [ 12.261155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.261377] kthread+0x337/0x6f0 [ 12.261539] ret_from_fork+0x116/0x1d0 [ 12.261725] ret_from_fork_asm+0x1a/0x30 [ 12.261906] [ 12.262005] The buggy address belongs to the object at ffff888100aa1a00 [ 12.262005] which belongs to the cache kmalloc-256 of size 256 [ 12.262544] The buggy address is located 7 bytes to the right of [ 12.262544] allocated 201-byte region [ffff888100aa1a00, ffff888100aa1ac9) [ 12.263076] [ 12.263183] The buggy address belongs to the physical page: [ 12.263437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa0 [ 12.263783] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.264153] flags: 0x200000000000040(head|node=0|zone=2) [ 12.264388] page_type: f5(slab) [ 12.264530] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.264775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.265006] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.265546] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.265898] head: 0200000000000001 ffffea000402a801 00000000ffffffff 00000000ffffffff [ 12.266321] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.266658] page dumped because: kasan: bad access detected [ 12.266918] [ 12.267072] Memory state around the buggy address: [ 12.267278] ffff888100aa1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267557] ffff888100aa1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.267856] >ffff888100aa1a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.268203] ^ [ 12.268447] ffff888100aa1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.268681] ffff888100aa1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.268902] ================================================================== [ 12.384802] ================================================================== [ 12.385347] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.386070] Write of size 1 at addr ffff888102a320c9 by task kunit_try_catch/179 [ 12.386581] [ 12.386714] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.386758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.386769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.386790] Call Trace: [ 12.386801] <TASK> [ 12.386818] dump_stack_lvl+0x73/0xb0 [ 12.386850] print_report+0xd1/0x650 [ 12.386873] ? __virt_addr_valid+0x1db/0x2d0 [ 12.386896] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.386920] ? kasan_addr_to_slab+0x11/0xa0 [ 12.386941] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.386965] kasan_report+0x141/0x180 [ 12.386986] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.387015] __asan_report_store1_noabort+0x1b/0x30 [ 12.387040] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.387066] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.387103] ? finish_task_switch.isra.0+0x153/0x700 [ 12.387128] ? __switch_to+0x47/0xf50 [ 12.387154] ? __schedule+0x10cc/0x2b60 [ 12.387175] ? __pfx_read_tsc+0x10/0x10 [ 12.387200] krealloc_large_less_oob+0x1c/0x30 [ 12.387223] kunit_try_run_case+0x1a5/0x480 [ 12.387248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.387270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.387294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.387317] ? __kthread_parkme+0x82/0x180 [ 12.387338] ? preempt_count_sub+0x50/0x80 [ 12.387360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.387384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.387408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.387433] kthread+0x337/0x6f0 [ 12.387452] ? trace_preempt_on+0x20/0xc0 [ 12.387475] ? __pfx_kthread+0x10/0x10 [ 12.387495] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.387516] ? calculate_sigpending+0x7b/0xa0 [ 12.387540] ? __pfx_kthread+0x10/0x10 [ 12.387561] ret_from_fork+0x116/0x1d0 [ 12.387579] ? __pfx_kthread+0x10/0x10 [ 12.387599] ret_from_fork_asm+0x1a/0x30 [ 12.387630] </TASK> [ 12.387639] [ 12.395576] The buggy address belongs to the physical page: [ 12.395864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.396247] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.396582] flags: 0x200000000000040(head|node=0|zone=2) [ 12.396816] page_type: f8(unknown) [ 12.396992] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.397406] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.397763] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.398234] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.398764] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.399132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.399459] page dumped because: kasan: bad access detected [ 12.399715] [ 12.399804] Memory state around the buggy address: [ 12.399953] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.400161] ffff888102a32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.400555] >ffff888102a32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.400905] ^ [ 12.401282] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.401687] ffff888102a32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.402014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.341056] ================================================================== [ 12.342451] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.343411] Write of size 1 at addr ffff8881028ca0eb by task kunit_try_catch/177 [ 12.344372] [ 12.344560] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.344604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344635] Call Trace: [ 12.344647] <TASK> [ 12.344663] dump_stack_lvl+0x73/0xb0 [ 12.344694] print_report+0xd1/0x650 [ 12.344834] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344858] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344882] ? kasan_addr_to_slab+0x11/0xa0 [ 12.344909] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344933] kasan_report+0x141/0x180 [ 12.344956] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344985] __asan_report_store1_noabort+0x1b/0x30 [ 12.345010] krealloc_more_oob_helper+0x821/0x930 [ 12.345039] ? __schedule+0x10cc/0x2b60 [ 12.345061] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.345086] ? finish_task_switch.isra.0+0x153/0x700 [ 12.345109] ? __switch_to+0x47/0xf50 [ 12.345133] ? __schedule+0x10cc/0x2b60 [ 12.345153] ? __pfx_read_tsc+0x10/0x10 [ 12.345178] krealloc_large_more_oob+0x1c/0x30 [ 12.345201] kunit_try_run_case+0x1a5/0x480 [ 12.345225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.345270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.345293] ? __kthread_parkme+0x82/0x180 [ 12.345314] ? preempt_count_sub+0x50/0x80 [ 12.345338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.345411] kthread+0x337/0x6f0 [ 12.345430] ? trace_preempt_on+0x20/0xc0 [ 12.345454] ? __pfx_kthread+0x10/0x10 [ 12.345474] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.345496] ? calculate_sigpending+0x7b/0xa0 [ 12.345519] ? __pfx_kthread+0x10/0x10 [ 12.345540] ret_from_fork+0x116/0x1d0 [ 12.345558] ? __pfx_kthread+0x10/0x10 [ 12.345577] ret_from_fork_asm+0x1a/0x30 [ 12.345607] </TASK> [ 12.345618] [ 12.357855] The buggy address belongs to the physical page: [ 12.358118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 12.358762] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.359083] flags: 0x200000000000040(head|node=0|zone=2) [ 12.359656] page_type: f8(unknown) [ 12.359828] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.360407] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.360742] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.361063] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.361601] head: 0200000000000002 ffffea00040a3201 00000000ffffffff 00000000ffffffff [ 12.362092] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.362503] page dumped because: kasan: bad access detected [ 12.362832] [ 12.362918] Memory state around the buggy address: [ 12.363479] ffff8881028c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.363801] ffff8881028ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.364173] >ffff8881028ca080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.364632] ^ [ 12.365029] ffff8881028ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.365490] ffff8881028ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.365887] ================================================================== [ 12.366384] ================================================================== [ 12.366672] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.367012] Write of size 1 at addr ffff8881028ca0f0 by task kunit_try_catch/177 [ 12.367479] [ 12.367574] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.367614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.367626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.367645] Call Trace: [ 12.367656] <TASK> [ 12.367668] dump_stack_lvl+0x73/0xb0 [ 12.367696] print_report+0xd1/0x650 [ 12.367733] ? __virt_addr_valid+0x1db/0x2d0 [ 12.367755] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367779] ? kasan_addr_to_slab+0x11/0xa0 [ 12.367799] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367824] kasan_report+0x141/0x180 [ 12.367846] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367875] __asan_report_store1_noabort+0x1b/0x30 [ 12.367900] krealloc_more_oob_helper+0x7eb/0x930 [ 12.367923] ? __schedule+0x10cc/0x2b60 [ 12.367944] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.367969] ? finish_task_switch.isra.0+0x153/0x700 [ 12.367992] ? __switch_to+0x47/0xf50 [ 12.368016] ? __schedule+0x10cc/0x2b60 [ 12.368052] ? __pfx_read_tsc+0x10/0x10 [ 12.368076] krealloc_large_more_oob+0x1c/0x30 [ 12.368099] kunit_try_run_case+0x1a5/0x480 [ 12.368123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.368146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.368169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.368192] ? __kthread_parkme+0x82/0x180 [ 12.368212] ? preempt_count_sub+0x50/0x80 [ 12.368235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.368259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.368283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.368308] kthread+0x337/0x6f0 [ 12.368336] ? trace_preempt_on+0x20/0xc0 [ 12.368360] ? __pfx_kthread+0x10/0x10 [ 12.368380] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.368402] ? calculate_sigpending+0x7b/0xa0 [ 12.368425] ? __pfx_kthread+0x10/0x10 [ 12.368446] ret_from_fork+0x116/0x1d0 [ 12.368464] ? __pfx_kthread+0x10/0x10 [ 12.368484] ret_from_fork_asm+0x1a/0x30 [ 12.368515] </TASK> [ 12.368524] [ 12.376471] The buggy address belongs to the physical page: [ 12.376653] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 12.376981] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.377309] flags: 0x200000000000040(head|node=0|zone=2) [ 12.377565] page_type: f8(unknown) [ 12.377713] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.377944] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.378680] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.379017] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.379443] head: 0200000000000002 ffffea00040a3201 00000000ffffffff 00000000ffffffff [ 12.379720] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.380231] page dumped because: kasan: bad access detected [ 12.380458] [ 12.380554] Memory state around the buggy address: [ 12.380751] ffff8881028c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.381129] ffff8881028ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.381407] >ffff8881028ca080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.381679] ^ [ 12.381955] ffff8881028ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.382405] ffff8881028ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.382628] ================================================================== [ 12.170057] ================================================================== [ 12.170439] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.170685] Write of size 1 at addr ffff8881003508eb by task kunit_try_catch/173 [ 12.171316] [ 12.171415] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.171456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.171468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.171486] Call Trace: [ 12.172150] <TASK> [ 12.172175] dump_stack_lvl+0x73/0xb0 [ 12.172207] print_report+0xd1/0x650 [ 12.172229] ? __virt_addr_valid+0x1db/0x2d0 [ 12.172251] ? krealloc_more_oob_helper+0x821/0x930 [ 12.172276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.172299] ? krealloc_more_oob_helper+0x821/0x930 [ 12.172332] kasan_report+0x141/0x180 [ 12.172353] ? krealloc_more_oob_helper+0x821/0x930 [ 12.172381] __asan_report_store1_noabort+0x1b/0x30 [ 12.172406] krealloc_more_oob_helper+0x821/0x930 [ 12.172429] ? __schedule+0x10cc/0x2b60 [ 12.172450] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.172475] ? finish_task_switch.isra.0+0x153/0x700 [ 12.172497] ? __switch_to+0x47/0xf50 [ 12.172523] ? __schedule+0x10cc/0x2b60 [ 12.172544] ? __pfx_read_tsc+0x10/0x10 [ 12.172567] krealloc_more_oob+0x1c/0x30 [ 12.172589] kunit_try_run_case+0x1a5/0x480 [ 12.172612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.172634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.172658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.172683] ? __kthread_parkme+0x82/0x180 [ 12.172716] ? preempt_count_sub+0x50/0x80 [ 12.172738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.172762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.172798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.172842] kthread+0x337/0x6f0 [ 12.172862] ? trace_preempt_on+0x20/0xc0 [ 12.172885] ? __pfx_kthread+0x10/0x10 [ 12.172906] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.172927] ? calculate_sigpending+0x7b/0xa0 [ 12.172950] ? __pfx_kthread+0x10/0x10 [ 12.172971] ret_from_fork+0x116/0x1d0 [ 12.172989] ? __pfx_kthread+0x10/0x10 [ 12.173044] ret_from_fork_asm+0x1a/0x30 [ 12.173089] </TASK> [ 12.173099] [ 12.183713] Allocated by task 173: [ 12.184161] kasan_save_stack+0x45/0x70 [ 12.184461] kasan_save_track+0x18/0x40 [ 12.184624] kasan_save_alloc_info+0x3b/0x50 [ 12.184991] __kasan_krealloc+0x190/0x1f0 [ 12.185488] krealloc_noprof+0xf3/0x340 [ 12.185760] krealloc_more_oob_helper+0x1a9/0x930 [ 12.186144] krealloc_more_oob+0x1c/0x30 [ 12.186473] kunit_try_run_case+0x1a5/0x480 [ 12.186801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.187212] kthread+0x337/0x6f0 [ 12.187494] ret_from_fork+0x116/0x1d0 [ 12.187641] ret_from_fork_asm+0x1a/0x30 [ 12.187854] [ 12.187951] The buggy address belongs to the object at ffff888100350800 [ 12.187951] which belongs to the cache kmalloc-256 of size 256 [ 12.188454] The buggy address is located 0 bytes to the right of [ 12.188454] allocated 235-byte region [ffff888100350800, ffff8881003508eb) [ 12.188951] [ 12.189047] The buggy address belongs to the physical page: [ 12.189278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.189634] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.190647] flags: 0x200000000000040(head|node=0|zone=2) [ 12.191136] page_type: f5(slab) [ 12.191302] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.191777] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.192247] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.192718] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.193229] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.193681] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.194273] page dumped because: kasan: bad access detected [ 12.194605] [ 12.194691] Memory state around the buggy address: [ 12.195188] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.195622] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.195941] >ffff888100350880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.196437] ^ [ 12.196832] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.197305] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.197734] ================================================================== [ 12.198892] ================================================================== [ 12.199528] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.199894] Write of size 1 at addr ffff8881003508f0 by task kunit_try_catch/173 [ 12.200573] [ 12.200781] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.200824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.200835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.200854] Call Trace: [ 12.200864] <TASK> [ 12.200878] dump_stack_lvl+0x73/0xb0 [ 12.200907] print_report+0xd1/0x650 [ 12.200928] ? __virt_addr_valid+0x1db/0x2d0 [ 12.200951] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.200976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.201000] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.201217] kasan_report+0x141/0x180 [ 12.201241] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.201270] __asan_report_store1_noabort+0x1b/0x30 [ 12.201295] krealloc_more_oob_helper+0x7eb/0x930 [ 12.201318] ? __schedule+0x10cc/0x2b60 [ 12.201340] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.201364] ? finish_task_switch.isra.0+0x153/0x700 [ 12.201388] ? __switch_to+0x47/0xf50 [ 12.201412] ? __schedule+0x10cc/0x2b60 [ 12.201432] ? __pfx_read_tsc+0x10/0x10 [ 12.201455] krealloc_more_oob+0x1c/0x30 [ 12.201476] kunit_try_run_case+0x1a5/0x480 [ 12.201501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.201523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.201546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.201569] ? __kthread_parkme+0x82/0x180 [ 12.201589] ? preempt_count_sub+0x50/0x80 [ 12.201611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.201635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.201659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.201683] kthread+0x337/0x6f0 [ 12.201718] ? trace_preempt_on+0x20/0xc0 [ 12.201741] ? __pfx_kthread+0x10/0x10 [ 12.201762] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.201783] ? calculate_sigpending+0x7b/0xa0 [ 12.201807] ? __pfx_kthread+0x10/0x10 [ 12.201828] ret_from_fork+0x116/0x1d0 [ 12.201846] ? __pfx_kthread+0x10/0x10 [ 12.201865] ret_from_fork_asm+0x1a/0x30 [ 12.201896] </TASK> [ 12.201906] [ 12.213648] Allocated by task 173: [ 12.213898] kasan_save_stack+0x45/0x70 [ 12.214348] kasan_save_track+0x18/0x40 [ 12.214515] kasan_save_alloc_info+0x3b/0x50 [ 12.214864] __kasan_krealloc+0x190/0x1f0 [ 12.215288] krealloc_noprof+0xf3/0x340 [ 12.215468] krealloc_more_oob_helper+0x1a9/0x930 [ 12.215847] krealloc_more_oob+0x1c/0x30 [ 12.216223] kunit_try_run_case+0x1a5/0x480 [ 12.216422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.216632] kthread+0x337/0x6f0 [ 12.216956] ret_from_fork+0x116/0x1d0 [ 12.217195] ret_from_fork_asm+0x1a/0x30 [ 12.217395] [ 12.217495] The buggy address belongs to the object at ffff888100350800 [ 12.217495] which belongs to the cache kmalloc-256 of size 256 [ 12.217992] The buggy address is located 5 bytes to the right of [ 12.217992] allocated 235-byte region [ffff888100350800, ffff8881003508eb) [ 12.218674] [ 12.218787] The buggy address belongs to the physical page: [ 12.219088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.219425] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.219733] flags: 0x200000000000040(head|node=0|zone=2) [ 12.219958] page_type: f5(slab) [ 12.220209] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.220512] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.220838] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.221211] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.221499] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.221856] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.222318] page dumped because: kasan: bad access detected [ 12.222582] [ 12.222679] Memory state around the buggy address: [ 12.222859] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.223259] ffff888100350800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.223525] >ffff888100350880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.223854] ^ [ 12.224209] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.224470] ffff888100350980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.224796] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.151532] ================================================================== [ 12.152545] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.152869] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/171 [ 12.153333] [ 12.153622] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.153689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.153712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.153732] Call Trace: [ 12.153743] <TASK> [ 12.153757] dump_stack_lvl+0x73/0xb0 [ 12.153786] print_report+0xd1/0x650 [ 12.153807] ? __virt_addr_valid+0x1db/0x2d0 [ 12.153829] ? page_alloc_uaf+0x356/0x3d0 [ 12.153871] ? kasan_addr_to_slab+0x11/0xa0 [ 12.153891] ? page_alloc_uaf+0x356/0x3d0 [ 12.153912] kasan_report+0x141/0x180 [ 12.153933] ? page_alloc_uaf+0x356/0x3d0 [ 12.153959] __asan_report_load1_noabort+0x18/0x20 [ 12.153983] page_alloc_uaf+0x356/0x3d0 [ 12.154004] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.154084] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.154113] ? trace_hardirqs_on+0x37/0xe0 [ 12.154136] ? __pfx_read_tsc+0x10/0x10 [ 12.154156] ? ktime_get_ts64+0x86/0x230 [ 12.154179] kunit_try_run_case+0x1a5/0x480 [ 12.154203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.154227] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.154251] ? __kthread_parkme+0x82/0x180 [ 12.154271] ? preempt_count_sub+0x50/0x80 [ 12.154294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.154318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.154342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.154366] kthread+0x337/0x6f0 [ 12.154385] ? trace_preempt_on+0x20/0xc0 [ 12.154406] ? __pfx_kthread+0x10/0x10 [ 12.154426] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.154447] ? calculate_sigpending+0x7b/0xa0 [ 12.154470] ? __pfx_kthread+0x10/0x10 [ 12.154490] ret_from_fork+0x116/0x1d0 [ 12.154508] ? __pfx_kthread+0x10/0x10 [ 12.154528] ret_from_fork_asm+0x1a/0x30 [ 12.154558] </TASK> [ 12.154567] [ 12.161890] The buggy address belongs to the physical page: [ 12.162173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 12.162697] flags: 0x200000000000000(node=0|zone=2) [ 12.162878] page_type: f0(buddy) [ 12.163311] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 12.163590] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.163868] page dumped because: kasan: bad access detected [ 12.164144] [ 12.164239] Memory state around the buggy address: [ 12.164617] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.165046] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.165253] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.165755] ^ [ 12.165906] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.166653] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.167305] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.126861] ================================================================== [ 12.127850] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.128084] Free of addr ffff8881028c8001 by task kunit_try_catch/167 [ 12.128290] [ 12.128389] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.128432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.128443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.128463] Call Trace: [ 12.128476] <TASK> [ 12.128492] dump_stack_lvl+0x73/0xb0 [ 12.128523] print_report+0xd1/0x650 [ 12.128545] ? __virt_addr_valid+0x1db/0x2d0 [ 12.128570] ? kasan_addr_to_slab+0x11/0xa0 [ 12.128590] ? kfree+0x274/0x3f0 [ 12.128611] kasan_report_invalid_free+0x10a/0x130 [ 12.128635] ? kfree+0x274/0x3f0 [ 12.128657] ? kfree+0x274/0x3f0 [ 12.128676] __kasan_kfree_large+0x86/0xd0 [ 12.128697] free_large_kmalloc+0x4b/0x110 [ 12.128732] kfree+0x274/0x3f0 [ 12.128756] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.128779] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.128803] ? __schedule+0x10cc/0x2b60 [ 12.128825] ? __pfx_read_tsc+0x10/0x10 [ 12.128847] ? ktime_get_ts64+0x86/0x230 [ 12.128872] kunit_try_run_case+0x1a5/0x480 [ 12.128897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.128919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.128943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.128966] ? __kthread_parkme+0x82/0x180 [ 12.128987] ? preempt_count_sub+0x50/0x80 [ 12.129012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.129036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.129060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.129085] kthread+0x337/0x6f0 [ 12.129103] ? trace_preempt_on+0x20/0xc0 [ 12.129126] ? __pfx_kthread+0x10/0x10 [ 12.129146] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.129167] ? calculate_sigpending+0x7b/0xa0 [ 12.129191] ? __pfx_kthread+0x10/0x10 [ 12.129211] ret_from_fork+0x116/0x1d0 [ 12.129229] ? __pfx_kthread+0x10/0x10 [ 12.129249] ret_from_fork_asm+0x1a/0x30 [ 12.129279] </TASK> [ 12.129289] [ 12.138460] The buggy address belongs to the physical page: [ 12.138647] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c8 [ 12.139006] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.139469] flags: 0x200000000000040(head|node=0|zone=2) [ 12.139746] page_type: f8(unknown) [ 12.139926] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.140737] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.141359] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.141721] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.142064] head: 0200000000000002 ffffea00040a3201 00000000ffffffff 00000000ffffffff [ 12.142526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.142880] page dumped because: kasan: bad access detected [ 12.143170] [ 12.143350] Memory state around the buggy address: [ 12.143623] ffff8881028c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143968] ffff8881028c7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.144558] >ffff8881028c8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.144887] ^ [ 12.145058] ffff8881028c8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.145429] ffff8881028c8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.145986] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.099584] ================================================================== [ 12.100196] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.100533] Read of size 1 at addr ffff888102a30000 by task kunit_try_catch/165 [ 12.101785] [ 12.102149] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.102195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.102206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.102226] Call Trace: [ 12.102237] <TASK> [ 12.102252] dump_stack_lvl+0x73/0xb0 [ 12.102282] print_report+0xd1/0x650 [ 12.102303] ? __virt_addr_valid+0x1db/0x2d0 [ 12.102325] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.102344] ? kasan_addr_to_slab+0x11/0xa0 [ 12.102499] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.102522] kasan_report+0x141/0x180 [ 12.102544] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.102569] __asan_report_load1_noabort+0x18/0x20 [ 12.102594] kmalloc_large_uaf+0x2f1/0x340 [ 12.102614] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.102636] ? __schedule+0x10cc/0x2b60 [ 12.102657] ? __pfx_read_tsc+0x10/0x10 [ 12.102678] ? ktime_get_ts64+0x86/0x230 [ 12.102714] kunit_try_run_case+0x1a5/0x480 [ 12.102738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.102760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.102783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.102807] ? __kthread_parkme+0x82/0x180 [ 12.102828] ? preempt_count_sub+0x50/0x80 [ 12.102851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.102874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.102898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.102924] kthread+0x337/0x6f0 [ 12.102942] ? trace_preempt_on+0x20/0xc0 [ 12.102964] ? __pfx_kthread+0x10/0x10 [ 12.102984] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.103005] ? calculate_sigpending+0x7b/0xa0 [ 12.103060] ? __pfx_kthread+0x10/0x10 [ 12.103081] ret_from_fork+0x116/0x1d0 [ 12.103099] ? __pfx_kthread+0x10/0x10 [ 12.103118] ret_from_fork_asm+0x1a/0x30 [ 12.103150] </TASK> [ 12.103160] [ 12.116772] The buggy address belongs to the physical page: [ 12.116949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.117749] flags: 0x200000000000000(node=0|zone=2) [ 12.118483] raw: 0200000000000000 ffffea00040a8d08 ffff88815b139f80 0000000000000000 [ 12.118929] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.119348] page dumped because: kasan: bad access detected [ 12.119848] [ 12.120022] Memory state around the buggy address: [ 12.120551] ffff888102a2ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.121143] ffff888102a2ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.121667] >ffff888102a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.121887] ^ [ 12.122000] ffff888102a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.122741] ffff888102a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.123569] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.069475] ================================================================== [ 12.070122] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.070947] Write of size 1 at addr ffff888102a3200a by task kunit_try_catch/163 [ 12.071552] [ 12.071741] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.071783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.071795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.071815] Call Trace: [ 12.071827] <TASK> [ 12.071843] dump_stack_lvl+0x73/0xb0 [ 12.071873] print_report+0xd1/0x650 [ 12.071895] ? __virt_addr_valid+0x1db/0x2d0 [ 12.071917] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.071977] ? kasan_addr_to_slab+0x11/0xa0 [ 12.071998] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.072021] kasan_report+0x141/0x180 [ 12.072055] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.072082] __asan_report_store1_noabort+0x1b/0x30 [ 12.072107] kmalloc_large_oob_right+0x2e9/0x330 [ 12.072130] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.072154] ? __schedule+0x10cc/0x2b60 [ 12.072176] ? __pfx_read_tsc+0x10/0x10 [ 12.072198] ? ktime_get_ts64+0x86/0x230 [ 12.072223] kunit_try_run_case+0x1a5/0x480 [ 12.072324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.072347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.072420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.072444] ? __kthread_parkme+0x82/0x180 [ 12.072464] ? preempt_count_sub+0x50/0x80 [ 12.072488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.072513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.072537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.072562] kthread+0x337/0x6f0 [ 12.072580] ? trace_preempt_on+0x20/0xc0 [ 12.072604] ? __pfx_kthread+0x10/0x10 [ 12.072624] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.072645] ? calculate_sigpending+0x7b/0xa0 [ 12.072669] ? __pfx_kthread+0x10/0x10 [ 12.072691] ret_from_fork+0x116/0x1d0 [ 12.072720] ? __pfx_kthread+0x10/0x10 [ 12.072741] ret_from_fork_asm+0x1a/0x30 [ 12.072772] </TASK> [ 12.072782] [ 12.085281] The buggy address belongs to the physical page: [ 12.085534] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.085794] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.086020] flags: 0x200000000000040(head|node=0|zone=2) [ 12.086646] page_type: f8(unknown) [ 12.087009] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.087739] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.088508] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.089402] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.090070] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.090348] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.091259] page dumped because: kasan: bad access detected [ 12.091657] [ 12.091856] Memory state around the buggy address: [ 12.092312] ffff888102a31f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.092644] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.092867] >ffff888102a32000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.093308] ^ [ 12.093659] ffff888102a32080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.094361] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.094986] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.025820] ================================================================== [ 12.026325] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.026651] Write of size 1 at addr ffff888103889f00 by task kunit_try_catch/161 [ 12.027453] [ 12.027845] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.027890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.027902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.027921] Call Trace: [ 12.027933] <TASK> [ 12.027949] dump_stack_lvl+0x73/0xb0 [ 12.027979] print_report+0xd1/0x650 [ 12.028001] ? __virt_addr_valid+0x1db/0x2d0 [ 12.028055] ? kmalloc_big_oob_right+0x316/0x370 [ 12.028089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.028112] ? kmalloc_big_oob_right+0x316/0x370 [ 12.028135] kasan_report+0x141/0x180 [ 12.028157] ? kmalloc_big_oob_right+0x316/0x370 [ 12.028184] __asan_report_store1_noabort+0x1b/0x30 [ 12.028209] kmalloc_big_oob_right+0x316/0x370 [ 12.028231] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.028254] ? __schedule+0x10cc/0x2b60 [ 12.028276] ? __pfx_read_tsc+0x10/0x10 [ 12.028296] ? ktime_get_ts64+0x86/0x230 [ 12.028324] kunit_try_run_case+0x1a5/0x480 [ 12.028348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.028370] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.028392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.028416] ? __kthread_parkme+0x82/0x180 [ 12.028436] ? preempt_count_sub+0x50/0x80 [ 12.028459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.028483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.028506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.028532] kthread+0x337/0x6f0 [ 12.028550] ? trace_preempt_on+0x20/0xc0 [ 12.028573] ? __pfx_kthread+0x10/0x10 [ 12.028593] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.028614] ? calculate_sigpending+0x7b/0xa0 [ 12.028637] ? __pfx_kthread+0x10/0x10 [ 12.028658] ret_from_fork+0x116/0x1d0 [ 12.028676] ? __pfx_kthread+0x10/0x10 [ 12.028696] ret_from_fork_asm+0x1a/0x30 [ 12.028738] </TASK> [ 12.028748] [ 12.046136] Allocated by task 161: [ 12.046271] kasan_save_stack+0x45/0x70 [ 12.046422] kasan_save_track+0x18/0x40 [ 12.046557] kasan_save_alloc_info+0x3b/0x50 [ 12.046844] __kasan_kmalloc+0xb7/0xc0 [ 12.047509] __kmalloc_cache_noprof+0x189/0x420 [ 12.048097] kmalloc_big_oob_right+0xa9/0x370 [ 12.048617] kunit_try_run_case+0x1a5/0x480 [ 12.049190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.049860] kthread+0x337/0x6f0 [ 12.050357] ret_from_fork+0x116/0x1d0 [ 12.050859] ret_from_fork_asm+0x1a/0x30 [ 12.051359] [ 12.051497] The buggy address belongs to the object at ffff888103888000 [ 12.051497] which belongs to the cache kmalloc-8k of size 8192 [ 12.052112] The buggy address is located 0 bytes to the right of [ 12.052112] allocated 7936-byte region [ffff888103888000, ffff888103889f00) [ 12.052493] [ 12.052567] The buggy address belongs to the physical page: [ 12.052755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103888 [ 12.052994] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.053220] flags: 0x200000000000040(head|node=0|zone=2) [ 12.053398] page_type: f5(slab) [ 12.053520] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.053837] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.054513] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.055288] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.056291] head: 0200000000000003 ffffea00040e2201 00000000ffffffff 00000000ffffffff [ 12.057071] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.057861] page dumped because: kasan: bad access detected [ 12.058478] [ 12.058665] Memory state around the buggy address: [ 12.059208] ffff888103889e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.060019] ffff888103889e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.060875] >ffff888103889f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.061647] ^ [ 12.061995] ffff888103889f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.062685] ffff88810388a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.063430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.977565] ================================================================== [ 11.978149] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.978730] Write of size 1 at addr ffff8881031db678 by task kunit_try_catch/159 [ 11.979533] [ 11.979695] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.979752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.979764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.979785] Call Trace: [ 11.979797] <TASK> [ 11.979814] dump_stack_lvl+0x73/0xb0 [ 11.979846] print_report+0xd1/0x650 [ 11.979867] ? __virt_addr_valid+0x1db/0x2d0 [ 11.979889] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.979915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.979938] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.979963] kasan_report+0x141/0x180 [ 11.979984] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.980021] __asan_report_store1_noabort+0x1b/0x30 [ 11.980047] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.980072] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.980099] ? __schedule+0x10cc/0x2b60 [ 11.980122] ? __pfx_read_tsc+0x10/0x10 [ 11.980143] ? ktime_get_ts64+0x86/0x230 [ 11.980168] kunit_try_run_case+0x1a5/0x480 [ 11.980192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.980214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.980237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.980261] ? __kthread_parkme+0x82/0x180 [ 11.980282] ? preempt_count_sub+0x50/0x80 [ 11.980306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.980336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.980361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.980386] kthread+0x337/0x6f0 [ 11.980404] ? trace_preempt_on+0x20/0xc0 [ 11.980428] ? __pfx_kthread+0x10/0x10 [ 11.980448] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.980469] ? calculate_sigpending+0x7b/0xa0 [ 11.980493] ? __pfx_kthread+0x10/0x10 [ 11.980514] ret_from_fork+0x116/0x1d0 [ 11.980532] ? __pfx_kthread+0x10/0x10 [ 11.980552] ret_from_fork_asm+0x1a/0x30 [ 11.980582] </TASK> [ 11.980592] [ 11.992249] Allocated by task 159: [ 11.992393] kasan_save_stack+0x45/0x70 [ 11.992603] kasan_save_track+0x18/0x40 [ 11.992815] kasan_save_alloc_info+0x3b/0x50 [ 11.992998] __kasan_kmalloc+0xb7/0xc0 [ 11.993647] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.993906] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.994310] kunit_try_run_case+0x1a5/0x480 [ 11.994661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.995320] kthread+0x337/0x6f0 [ 11.995651] ret_from_fork+0x116/0x1d0 [ 11.996025] ret_from_fork_asm+0x1a/0x30 [ 11.996248] [ 11.996334] The buggy address belongs to the object at ffff8881031db600 [ 11.996334] which belongs to the cache kmalloc-128 of size 128 [ 11.996884] The buggy address is located 0 bytes to the right of [ 11.996884] allocated 120-byte region [ffff8881031db600, ffff8881031db678) [ 11.997940] [ 11.998034] The buggy address belongs to the physical page: [ 11.998211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.998451] flags: 0x200000000000000(node=0|zone=2) [ 11.998614] page_type: f5(slab) [ 11.998784] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.999118] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.999787] page dumped because: kasan: bad access detected [ 12.000309] [ 12.000418] Memory state around the buggy address: [ 12.000575] ffff8881031db500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.000848] ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.001556] >ffff8881031db600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.002261] ^ [ 12.003039] ffff8881031db680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.003727] ffff8881031db700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.004108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.940424] ================================================================== [ 11.941466] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.941766] Read of size 1 at addr ffff888103859000 by task kunit_try_catch/157 [ 11.942685] [ 11.943238] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.943306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.943320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.943342] Call Trace: [ 11.943355] <TASK> [ 11.943372] dump_stack_lvl+0x73/0xb0 [ 11.943407] print_report+0xd1/0x650 [ 11.943429] ? __virt_addr_valid+0x1db/0x2d0 [ 11.943453] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.943476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.943499] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.943522] kasan_report+0x141/0x180 [ 11.943543] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.943571] __asan_report_load1_noabort+0x18/0x20 [ 11.943596] kmalloc_node_oob_right+0x369/0x3c0 [ 11.943620] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.943645] ? __schedule+0x10cc/0x2b60 [ 11.943666] ? __pfx_read_tsc+0x10/0x10 [ 11.943688] ? ktime_get_ts64+0x86/0x230 [ 11.943755] kunit_try_run_case+0x1a5/0x480 [ 11.943781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.943804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.943828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.943851] ? __kthread_parkme+0x82/0x180 [ 11.943873] ? preempt_count_sub+0x50/0x80 [ 11.943898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.943922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.943946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.943970] kthread+0x337/0x6f0 [ 11.943989] ? trace_preempt_on+0x20/0xc0 [ 11.944042] ? __pfx_kthread+0x10/0x10 [ 11.944080] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.944101] ? calculate_sigpending+0x7b/0xa0 [ 11.944125] ? __pfx_kthread+0x10/0x10 [ 11.944146] ret_from_fork+0x116/0x1d0 [ 11.944164] ? __pfx_kthread+0x10/0x10 [ 11.944184] ret_from_fork_asm+0x1a/0x30 [ 11.944215] </TASK> [ 11.944225] [ 11.955975] Allocated by task 157: [ 11.956823] kasan_save_stack+0x45/0x70 [ 11.956988] kasan_save_track+0x18/0x40 [ 11.957611] kasan_save_alloc_info+0x3b/0x50 [ 11.958308] __kasan_kmalloc+0xb7/0xc0 [ 11.958793] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.959363] kmalloc_node_oob_right+0xab/0x3c0 [ 11.960043] kunit_try_run_case+0x1a5/0x480 [ 11.960295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.960929] kthread+0x337/0x6f0 [ 11.961391] ret_from_fork+0x116/0x1d0 [ 11.961770] ret_from_fork_asm+0x1a/0x30 [ 11.961916] [ 11.961989] The buggy address belongs to the object at ffff888103858000 [ 11.961989] which belongs to the cache kmalloc-4k of size 4096 [ 11.962353] The buggy address is located 0 bytes to the right of [ 11.962353] allocated 4096-byte region [ffff888103858000, ffff888103859000) [ 11.963078] [ 11.963553] The buggy address belongs to the physical page: [ 11.964344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103858 [ 11.965323] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.966173] flags: 0x200000000000040(head|node=0|zone=2) [ 11.966747] page_type: f5(slab) [ 11.967095] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.967831] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.968567] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.969175] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.969902] head: 0200000000000003 ffffea00040e1601 00000000ffffffff 00000000ffffffff [ 11.970463] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.971141] page dumped because: kasan: bad access detected [ 11.971386] [ 11.971568] Memory state around the buggy address: [ 11.972058] ffff888103858f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.972748] ffff888103858f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.973038] >ffff888103859000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.973311] ^ [ 11.973434] ffff888103859080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.973996] ffff888103859100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.974742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.913629] ================================================================== [ 11.914175] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.914447] Read of size 1 at addr ffff8881018fefbf by task kunit_try_catch/155 [ 11.914751] [ 11.914864] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.914907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.914919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.914938] Call Trace: [ 11.914950] <TASK> [ 11.914966] dump_stack_lvl+0x73/0xb0 [ 11.914994] print_report+0xd1/0x650 [ 11.915016] ? __virt_addr_valid+0x1db/0x2d0 [ 11.915051] ? kmalloc_oob_left+0x361/0x3c0 [ 11.915071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.915094] ? kmalloc_oob_left+0x361/0x3c0 [ 11.915115] kasan_report+0x141/0x180 [ 11.915136] ? kmalloc_oob_left+0x361/0x3c0 [ 11.915161] __asan_report_load1_noabort+0x18/0x20 [ 11.915185] kmalloc_oob_left+0x361/0x3c0 [ 11.915207] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.915239] ? __schedule+0x10cc/0x2b60 [ 11.915259] ? __pfx_read_tsc+0x10/0x10 [ 11.915280] ? ktime_get_ts64+0x86/0x230 [ 11.915303] kunit_try_run_case+0x1a5/0x480 [ 11.915327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.915349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.915371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.915395] ? __kthread_parkme+0x82/0x180 [ 11.915415] ? preempt_count_sub+0x50/0x80 [ 11.915438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.915462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.915485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.915510] kthread+0x337/0x6f0 [ 11.915529] ? trace_preempt_on+0x20/0xc0 [ 11.915552] ? __pfx_kthread+0x10/0x10 [ 11.915572] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.915593] ? calculate_sigpending+0x7b/0xa0 [ 11.915619] ? __pfx_kthread+0x10/0x10 [ 11.915640] ret_from_fork+0x116/0x1d0 [ 11.915657] ? __pfx_kthread+0x10/0x10 [ 11.915677] ret_from_fork_asm+0x1a/0x30 [ 11.915719] </TASK> [ 11.915729] [ 11.924715] Allocated by task 1: [ 11.925111] kasan_save_stack+0x45/0x70 [ 11.925329] kasan_save_track+0x18/0x40 [ 11.925484] kasan_save_alloc_info+0x3b/0x50 [ 11.925695] __kasan_kmalloc+0xb7/0xc0 [ 11.925892] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.926412] kvasprintf+0xc5/0x150 [ 11.926565] __kthread_create_on_node+0x18b/0x3a0 [ 11.926938] kthread_create_on_node+0xab/0xe0 [ 11.927124] create_worker+0x3e5/0x7b0 [ 11.927499] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.927862] apply_wqattrs_prepare+0x332/0xd20 [ 11.928165] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.928451] alloc_workqueue+0xcc7/0x1ad0 [ 11.928619] latency_fsnotify_init+0x1b/0x50 [ 11.928835] do_one_initcall+0xd8/0x370 [ 11.929009] kernel_init_freeable+0x420/0x6f0 [ 11.929462] kernel_init+0x23/0x1e0 [ 11.929691] ret_from_fork+0x116/0x1d0 [ 11.929937] ret_from_fork_asm+0x1a/0x30 [ 11.930206] [ 11.930345] The buggy address belongs to the object at ffff8881018fefa0 [ 11.930345] which belongs to the cache kmalloc-16 of size 16 [ 11.930874] The buggy address is located 18 bytes to the right of [ 11.930874] allocated 13-byte region [ffff8881018fefa0, ffff8881018fefad) [ 11.931767] [ 11.931870] The buggy address belongs to the physical page: [ 11.932101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1018fe [ 11.932723] flags: 0x200000000000000(node=0|zone=2) [ 11.932929] page_type: f5(slab) [ 11.933100] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.933566] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.933898] page dumped because: kasan: bad access detected [ 11.934283] [ 11.934425] Memory state around the buggy address: [ 11.934616] ffff8881018fee80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 11.935073] ffff8881018fef00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.935661] >ffff8881018fef80: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 11.936187] ^ [ 11.936527] ffff8881018ff000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.936918] ffff8881018ff080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 11.937217] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.873371] ================================================================== [ 11.873599] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.874154] Write of size 1 at addr ffff8881031db578 by task kunit_try_catch/153 [ 11.874394] [ 11.874579] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.874654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.874666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.874697] Call Trace: [ 11.874718] <TASK> [ 11.874732] dump_stack_lvl+0x73/0xb0 [ 11.874760] print_report+0xd1/0x650 [ 11.874781] ? __virt_addr_valid+0x1db/0x2d0 [ 11.874803] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.874846] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874868] kasan_report+0x141/0x180 [ 11.874889] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.874915] __asan_report_store1_noabort+0x1b/0x30 [ 11.874940] kmalloc_oob_right+0x6bd/0x7f0 [ 11.874961] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.874983] ? __schedule+0x10cc/0x2b60 [ 11.875005] ? __pfx_read_tsc+0x10/0x10 [ 11.875026] ? ktime_get_ts64+0x86/0x230 [ 11.875065] kunit_try_run_case+0x1a5/0x480 [ 11.875089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.875112] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.875135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.875158] ? __kthread_parkme+0x82/0x180 [ 11.875177] ? preempt_count_sub+0x50/0x80 [ 11.875201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.875225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.875249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.875273] kthread+0x337/0x6f0 [ 11.875291] ? trace_preempt_on+0x20/0xc0 [ 11.875314] ? __pfx_kthread+0x10/0x10 [ 11.875334] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.875355] ? calculate_sigpending+0x7b/0xa0 [ 11.875381] ? __pfx_kthread+0x10/0x10 [ 11.875401] ret_from_fork+0x116/0x1d0 [ 11.875419] ? __pfx_kthread+0x10/0x10 [ 11.875439] ret_from_fork_asm+0x1a/0x30 [ 11.875469] </TASK> [ 11.875478] [ 11.884411] Allocated by task 153: [ 11.884586] kasan_save_stack+0x45/0x70 [ 11.884795] kasan_save_track+0x18/0x40 [ 11.884985] kasan_save_alloc_info+0x3b/0x50 [ 11.885290] __kasan_kmalloc+0xb7/0xc0 [ 11.885471] __kmalloc_cache_noprof+0x189/0x420 [ 11.885661] kmalloc_oob_right+0xa9/0x7f0 [ 11.885840] kunit_try_run_case+0x1a5/0x480 [ 11.886032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.886251] kthread+0x337/0x6f0 [ 11.886384] ret_from_fork+0x116/0x1d0 [ 11.886567] ret_from_fork_asm+0x1a/0x30 [ 11.886776] [ 11.886868] The buggy address belongs to the object at ffff8881031db500 [ 11.886868] which belongs to the cache kmalloc-128 of size 128 [ 11.887363] The buggy address is located 5 bytes to the right of [ 11.887363] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.887748] [ 11.887854] The buggy address belongs to the physical page: [ 11.888174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.888534] flags: 0x200000000000000(node=0|zone=2) [ 11.888728] page_type: f5(slab) [ 11.888846] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.889074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.889525] page dumped because: kasan: bad access detected [ 11.889792] [ 11.889882] Memory state around the buggy address: [ 11.890110] ffff8881031db400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.890544] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.890790] >ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.891178] ^ [ 11.891470] ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.891713] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892030] ================================================================== [ 11.845728] ================================================================== [ 11.846432] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.847136] Write of size 1 at addr ffff8881031db573 by task kunit_try_catch/153 [ 11.847604] [ 11.848724] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.849100] Tainted: [N]=TEST [ 11.849132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.849348] Call Trace: [ 11.849413] <TASK> [ 11.849555] dump_stack_lvl+0x73/0xb0 [ 11.849642] print_report+0xd1/0x650 [ 11.849671] ? __virt_addr_valid+0x1db/0x2d0 [ 11.849696] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.849769] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849791] kasan_report+0x141/0x180 [ 11.849812] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.849838] __asan_report_store1_noabort+0x1b/0x30 [ 11.849863] kmalloc_oob_right+0x6f0/0x7f0 [ 11.849885] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.849907] ? __schedule+0x10cc/0x2b60 [ 11.849929] ? __pfx_read_tsc+0x10/0x10 [ 11.849951] ? ktime_get_ts64+0x86/0x230 [ 11.849977] kunit_try_run_case+0x1a5/0x480 [ 11.850003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.850044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.850070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.850093] ? __kthread_parkme+0x82/0x180 [ 11.850115] ? preempt_count_sub+0x50/0x80 [ 11.850139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.850163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.850187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.850211] kthread+0x337/0x6f0 [ 11.850230] ? trace_preempt_on+0x20/0xc0 [ 11.850253] ? __pfx_kthread+0x10/0x10 [ 11.850273] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.850294] ? calculate_sigpending+0x7b/0xa0 [ 11.850321] ? __pfx_kthread+0x10/0x10 [ 11.850342] ret_from_fork+0x116/0x1d0 [ 11.850360] ? __pfx_kthread+0x10/0x10 [ 11.850380] ret_from_fork_asm+0x1a/0x30 [ 11.850437] </TASK> [ 11.850502] [ 11.859003] Allocated by task 153: [ 11.859530] kasan_save_stack+0x45/0x70 [ 11.859775] kasan_save_track+0x18/0x40 [ 11.860021] kasan_save_alloc_info+0x3b/0x50 [ 11.860219] __kasan_kmalloc+0xb7/0xc0 [ 11.860353] __kmalloc_cache_noprof+0x189/0x420 [ 11.860508] kmalloc_oob_right+0xa9/0x7f0 [ 11.860644] kunit_try_run_case+0x1a5/0x480 [ 11.861046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.861479] kthread+0x337/0x6f0 [ 11.861671] ret_from_fork+0x116/0x1d0 [ 11.861906] ret_from_fork_asm+0x1a/0x30 [ 11.862189] [ 11.862392] The buggy address belongs to the object at ffff8881031db500 [ 11.862392] which belongs to the cache kmalloc-128 of size 128 [ 11.862999] The buggy address is located 0 bytes to the right of [ 11.862999] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.863609] [ 11.863901] The buggy address belongs to the physical page: [ 11.864523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.865293] flags: 0x200000000000000(node=0|zone=2) [ 11.866071] page_type: f5(slab) [ 11.866590] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.867015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.867549] page dumped because: kasan: bad access detected [ 11.867960] [ 11.868095] Memory state around the buggy address: [ 11.868641] ffff8881031db400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.869125] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.869433] >ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.869740] ^ [ 11.870061] ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.870420] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.870770] ================================================================== [ 11.892632] ================================================================== [ 11.892939] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.893283] Read of size 1 at addr ffff8881031db580 by task kunit_try_catch/153 [ 11.893608] [ 11.893688] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.893740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.893751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.893769] Call Trace: [ 11.893781] <TASK> [ 11.893793] dump_stack_lvl+0x73/0xb0 [ 11.893818] print_report+0xd1/0x650 [ 11.893838] ? __virt_addr_valid+0x1db/0x2d0 [ 11.893862] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.893907] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893928] kasan_report+0x141/0x180 [ 11.893949] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.893975] __asan_report_load1_noabort+0x18/0x20 [ 11.893999] kmalloc_oob_right+0x68a/0x7f0 [ 11.894020] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.894042] ? __schedule+0x10cc/0x2b60 [ 11.894064] ? __pfx_read_tsc+0x10/0x10 [ 11.894084] ? ktime_get_ts64+0x86/0x230 [ 11.894107] kunit_try_run_case+0x1a5/0x480 [ 11.894130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.894152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.894175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.894497] ? __kthread_parkme+0x82/0x180 [ 11.894522] ? preempt_count_sub+0x50/0x80 [ 11.894545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.894569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.894593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.894617] kthread+0x337/0x6f0 [ 11.894635] ? trace_preempt_on+0x20/0xc0 [ 11.894723] ? __pfx_kthread+0x10/0x10 [ 11.894746] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.894767] ? calculate_sigpending+0x7b/0xa0 [ 11.894793] ? __pfx_kthread+0x10/0x10 [ 11.894814] ret_from_fork+0x116/0x1d0 [ 11.894832] ? __pfx_kthread+0x10/0x10 [ 11.894852] ret_from_fork_asm+0x1a/0x30 [ 11.894882] </TASK> [ 11.894892] [ 11.901809] Allocated by task 153: [ 11.901964] kasan_save_stack+0x45/0x70 [ 11.902143] kasan_save_track+0x18/0x40 [ 11.902279] kasan_save_alloc_info+0x3b/0x50 [ 11.902426] __kasan_kmalloc+0xb7/0xc0 [ 11.902557] __kmalloc_cache_noprof+0x189/0x420 [ 11.902722] kmalloc_oob_right+0xa9/0x7f0 [ 11.902873] kunit_try_run_case+0x1a5/0x480 [ 11.903078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.903326] kthread+0x337/0x6f0 [ 11.903490] ret_from_fork+0x116/0x1d0 [ 11.903676] ret_from_fork_asm+0x1a/0x30 [ 11.904048] [ 11.904135] The buggy address belongs to the object at ffff8881031db500 [ 11.904135] which belongs to the cache kmalloc-128 of size 128 [ 11.904493] The buggy address is located 13 bytes to the right of [ 11.904493] allocated 115-byte region [ffff8881031db500, ffff8881031db573) [ 11.904872] [ 11.904941] The buggy address belongs to the physical page: [ 11.905308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031db [ 11.905592] flags: 0x200000000000000(node=0|zone=2) [ 11.905825] page_type: f5(slab) [ 11.905988] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.906312] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.906616] page dumped because: kasan: bad access detected [ 11.906839] [ 11.906907] Memory state around the buggy address: [ 11.907075] ffff8881031db480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.907389] ffff8881031db500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.907679] >ffff8881031db580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.907988] ^ [ 11.908143] ffff8881031db600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.908401] ffff8881031db680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.908732] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.880273] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.880725] Modules linked in: [ 140.881108] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.882308] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.882556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.883025] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.883435] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.884397] RSP: 0000:ffff88810e4efc78 EFLAGS: 00010286 [ 140.884755] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.885170] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8cc337bc [ 140.885728] RBP: ffff88810e4efca0 R08: 0000000000000000 R09: ffffed1020966160 [ 140.886219] R10: ffff888104b30b07 R11: 0000000000000000 R12: ffffffff8cc337a8 [ 140.886501] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810e4efd38 [ 140.886978] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 140.887607] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.887808] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.888055] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 140.888879] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.889634] Call Trace: [ 140.890001] <TASK> [ 140.890286] drm_test_rect_calc_vscale+0x108/0x270 [ 140.890931] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.891417] ? __schedule+0x10cc/0x2b60 [ 140.891576] ? __pfx_read_tsc+0x10/0x10 [ 140.891734] ? ktime_get_ts64+0x86/0x230 [ 140.891882] kunit_try_run_case+0x1a5/0x480 [ 140.892121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.892569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.893060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.893577] ? __kthread_parkme+0x82/0x180 [ 140.893969] ? preempt_count_sub+0x50/0x80 [ 140.894482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.894940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.895639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.896010] kthread+0x337/0x6f0 [ 140.896420] ? trace_preempt_on+0x20/0xc0 [ 140.896733] ? __pfx_kthread+0x10/0x10 [ 140.896872] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.897062] ? calculate_sigpending+0x7b/0xa0 [ 140.897487] ? __pfx_kthread+0x10/0x10 [ 140.897842] ret_from_fork+0x116/0x1d0 [ 140.898218] ? __pfx_kthread+0x10/0x10 [ 140.898707] ret_from_fork_asm+0x1a/0x30 [ 140.898955] </TASK> [ 140.899109] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.902322] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.902799] Modules linked in: [ 140.903182] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.904660] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.905275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.905773] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.905951] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.906862] RSP: 0000:ffff8881048c7c78 EFLAGS: 00010286 [ 140.907308] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.907607] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8cc337f4 [ 140.907912] RBP: ffff8881048c7ca0 R08: 0000000000000000 R09: ffffed1021801980 [ 140.908349] R10: ffff88810c00cc07 R11: 0000000000000000 R12: ffffffff8cc337e0 [ 140.908595] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881048c7d38 [ 140.908924] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 140.909497] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.909797] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.910376] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 140.910814] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.911436] Call Trace: [ 140.911575] <TASK> [ 140.911835] drm_test_rect_calc_vscale+0x108/0x270 [ 140.912378] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.912637] ? __schedule+0x10cc/0x2b60 [ 140.912871] ? __pfx_read_tsc+0x10/0x10 [ 140.913427] ? ktime_get_ts64+0x86/0x230 [ 140.913640] kunit_try_run_case+0x1a5/0x480 [ 140.913872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.914314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.914551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.914808] ? __kthread_parkme+0x82/0x180 [ 140.915004] ? preempt_count_sub+0x50/0x80 [ 140.915663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.915984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.916589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.916886] kthread+0x337/0x6f0 [ 140.917342] ? trace_preempt_on+0x20/0xc0 [ 140.917558] ? __pfx_kthread+0x10/0x10 [ 140.917755] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.918325] ? calculate_sigpending+0x7b/0xa0 [ 140.918552] ? __pfx_kthread+0x10/0x10 [ 140.918757] ret_from_fork+0x116/0x1d0 [ 140.919237] ? __pfx_kthread+0x10/0x10 [ 140.919462] ret_from_fork_asm+0x1a/0x30 [ 140.919673] </TASK> [ 140.919807] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.845010] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.845312] Modules linked in: [ 140.845454] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.845789] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.845967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.846233] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.846409] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.848426] RSP: 0000:ffff8881048c7c78 EFLAGS: 00010286 [ 140.848973] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.849878] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8cc337f8 [ 140.850819] RBP: ffff8881048c7ca0 R08: 0000000000000000 R09: ffffed10218018c0 [ 140.851669] R10: ffff88810c00c607 R11: 0000000000000000 R12: ffffffff8cc337e0 [ 140.853037] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881048c7d38 [ 140.853896] FS: 0000000000000000(0000) GS:ffff8881cc472000(0000) knlGS:0000000000000000 [ 140.855742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.856444] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.857355] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52442 [ 140.857986] DR3: ffffffff8ec52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.859255] Call Trace: [ 140.859366] <TASK> [ 140.859468] drm_test_rect_calc_hscale+0x108/0x270 [ 140.859646] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.859840] ? __schedule+0x10cc/0x2b60 [ 140.859987] ? __pfx_read_tsc+0x10/0x10 [ 140.860145] ? ktime_get_ts64+0x86/0x230 [ 140.860295] kunit_try_run_case+0x1a5/0x480 [ 140.860445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.860601] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.861175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.861607] ? __kthread_parkme+0x82/0x180 [ 140.861990] ? preempt_count_sub+0x50/0x80 [ 140.862359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.862894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.863458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.863995] kthread+0x337/0x6f0 [ 140.864492] ? trace_preempt_on+0x20/0xc0 [ 140.864885] ? __pfx_kthread+0x10/0x10 [ 140.865361] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.865820] ? calculate_sigpending+0x7b/0xa0 [ 140.866281] ? __pfx_kthread+0x10/0x10 [ 140.866711] ret_from_fork+0x116/0x1d0 [ 140.867142] ? __pfx_kthread+0x10/0x10 [ 140.867500] ret_from_fork_asm+0x1a/0x30 [ 140.867664] </TASK> [ 140.867911] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.820711] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.821753] Modules linked in: [ 140.822482] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.823693] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.823938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.824925] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.825419] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.826271] RSP: 0000:ffff88810e4efc78 EFLAGS: 00010286 [ 140.826543] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.826801] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8cc337c0 [ 140.827115] RBP: ffff88810e4efca0 R08: 0000000000000000 R09: ffffed10209660a0 [ 140.827738] R10: ffff888104b30507 R11: 0000000000000000 R12: ffffffff8cc337a8 [ 140.828322] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810e4efd38 [ 140.828638] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 140.828978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.829609] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.829897] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 140.830481] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.830896] Call Trace: [ 140.831023] <TASK> [ 140.831309] drm_test_rect_calc_hscale+0x108/0x270 [ 140.831538] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.831797] ? __schedule+0x10cc/0x2b60 [ 140.831982] ? __pfx_read_tsc+0x10/0x10 [ 140.832565] ? ktime_get_ts64+0x86/0x230 [ 140.832788] kunit_try_run_case+0x1a5/0x480 [ 140.832978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.833652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.833900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.834362] ? __kthread_parkme+0x82/0x180 [ 140.834579] ? preempt_count_sub+0x50/0x80 [ 140.834771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.835253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.835748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.836228] kthread+0x337/0x6f0 [ 140.836380] ? trace_preempt_on+0x20/0xc0 [ 140.836593] ? __pfx_kthread+0x10/0x10 [ 140.837125] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.837739] ? calculate_sigpending+0x7b/0xa0 [ 140.838206] ? __pfx_kthread+0x10/0x10 [ 140.838616] ret_from_fork+0x116/0x1d0 [ 140.838963] ? __pfx_kthread+0x10/0x10 [ 140.839415] ret_from_fork_asm+0x1a/0x30 [ 140.839800] </TASK> [ 140.840059] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.182298] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.182746] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.184371] Modules linked in: [ 140.184715] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.185078] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.185618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.186536] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.187193] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 be 8c 4c 89 f2 48 c7 c7 60 83 be 8c 48 89 c6 e8 f4 ce 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.187977] RSP: 0000:ffff8881043b7d18 EFLAGS: 00010286 [ 140.188524] RAX: 0000000000000000 RBX: ffff888109b92c00 RCX: 1ffffffff1b24ce8 [ 140.189163] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.190048] RBP: ffff8881043b7d48 R08: 0000000000000000 R09: fffffbfff1b24ce8 [ 140.190436] R10: 0000000000000003 R11: 0000000000038c18 R12: ffff88810e3f0000 [ 140.190641] R13: ffff888109b92cf8 R14: ffff88810c74fd00 R15: ffff88810039fb40 [ 140.190854] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 140.191092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.191507] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.191872] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 140.192213] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.192538] Call Trace: [ 140.192639] <TASK> [ 140.192849] ? trace_preempt_on+0x20/0xc0 [ 140.193133] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.193440] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.193645] __kunit_action_free+0x57/0x70 [ 140.193828] kunit_remove_resource+0x133/0x200 [ 140.194068] ? preempt_count_sub+0x50/0x80 [ 140.194369] kunit_cleanup+0x7a/0x120 [ 140.194515] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.194761] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.194948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.195344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.195574] kthread+0x337/0x6f0 [ 140.195710] ? trace_preempt_on+0x20/0xc0 [ 140.195931] ? __pfx_kthread+0x10/0x10 [ 140.196116] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.196546] ? calculate_sigpending+0x7b/0xa0 [ 140.196803] ? __pfx_kthread+0x10/0x10 [ 140.196952] ret_from_fork+0x116/0x1d0 [ 140.197141] ? __pfx_kthread+0x10/0x10 [ 140.197406] ret_from_fork_asm+0x1a/0x30 [ 140.197651] </TASK> [ 140.197788] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.034994] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.036344] Modules linked in: [ 140.036778] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.037770] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.038281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.038967] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.039706] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.040597] RSP: 0000:ffff88810e1f7b30 EFLAGS: 00010246 [ 140.041251] RAX: dffffc0000000000 RBX: ffff88810e1f7c28 RCX: 0000000000000000 [ 140.042012] RDX: 1ffff11021c3ef8e RSI: ffff88810e1f7c28 RDI: ffff88810e1f7c70 [ 140.042831] RBP: ffff88810e1f7b70 R08: ffff88810e2c9000 R09: ffffffff8cbd89e0 [ 140.043572] R10: 0000000000000003 R11: 00000000aecae5a6 R12: ffff88810e2c9000 [ 140.043806] R13: ffff88810039fae8 R14: ffff88810e1f7ba8 R15: 0000000000000000 [ 140.044052] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 140.044923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.045601] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.046447] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 140.047144] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.047649] Call Trace: [ 140.047913] <TASK> [ 140.048130] ? add_dr+0xc1/0x1d0 [ 140.048278] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.048465] ? add_dr+0x148/0x1d0 [ 140.048589] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.049005] ? __drmm_add_action+0x1a4/0x280 [ 140.049275] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.049448] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.049838] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.050366] ? __schedule+0x10cc/0x2b60 [ 140.050546] ? __pfx_read_tsc+0x10/0x10 [ 140.050700] ? ktime_get_ts64+0x86/0x230 [ 140.050842] kunit_try_run_case+0x1a5/0x480 [ 140.050994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.051617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.052060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.052663] ? __kthread_parkme+0x82/0x180 [ 140.053109] ? preempt_count_sub+0x50/0x80 [ 140.053510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.053953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.054586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.055132] kthread+0x337/0x6f0 [ 140.055369] ? trace_preempt_on+0x20/0xc0 [ 140.055520] ? __pfx_kthread+0x10/0x10 [ 140.055657] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.055822] ? calculate_sigpending+0x7b/0xa0 [ 140.055978] ? __pfx_kthread+0x10/0x10 [ 140.056577] ret_from_fork+0x116/0x1d0 [ 140.056961] ? __pfx_kthread+0x10/0x10 [ 140.057436] ret_from_fork_asm+0x1a/0x30 [ 140.057858] </TASK> [ 140.058073] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.999454] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.999583] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.001836] Modules linked in: [ 140.002010] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.002329] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.002500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.003512] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.004916] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 bd 8c 4c 89 fa 48 c7 c7 20 39 bd 8c 48 89 c6 e8 c2 eb 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.007171] RSP: 0000:ffff88810401fb68 EFLAGS: 00010282 [ 140.007747] RAX: 0000000000000000 RBX: ffff88810401fc40 RCX: 1ffffffff1b24ce8 [ 140.008919] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.009509] RBP: ffff88810401fb90 R08: 0000000000000000 R09: fffffbfff1b24ce8 [ 140.010143] R10: 0000000000000003 R11: 0000000000037278 R12: ffff88810401fc18 [ 140.010367] R13: ffff88810dc4d800 R14: ffff88810e371000 R15: ffff88810c3d0f00 [ 140.010579] FS: 0000000000000000(0000) GS:ffff8881cc472000(0000) knlGS:0000000000000000 [ 140.010837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.011180] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 140.011503] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52442 [ 140.011749] DR3: ffffffff8ec52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.012190] Call Trace: [ 140.012598] <TASK> [ 140.012742] drm_test_framebuffer_free+0x1ab/0x610 [ 140.012985] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.013315] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.013567] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.013981] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.014311] ? __schedule+0x10cc/0x2b60 [ 140.014510] ? __pfx_read_tsc+0x10/0x10 [ 140.014739] ? ktime_get_ts64+0x86/0x230 [ 140.014908] kunit_try_run_case+0x1a5/0x480 [ 140.015224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.015419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.015696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.015900] ? __kthread_parkme+0x82/0x180 [ 140.016230] ? preempt_count_sub+0x50/0x80 [ 140.016469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.016784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.016990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.017453] kthread+0x337/0x6f0 [ 140.017700] ? trace_preempt_on+0x20/0xc0 [ 140.017915] ? __pfx_kthread+0x10/0x10 [ 140.018233] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.018389] ? calculate_sigpending+0x7b/0xa0 [ 140.018609] ? __pfx_kthread+0x10/0x10 [ 140.018819] ret_from_fork+0x116/0x1d0 [ 140.019136] ? __pfx_kthread+0x10/0x10 [ 140.019282] ret_from_fork_asm+0x1a/0x30 [ 140.019491] </TASK> [ 140.019634] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.703615] WARNING: CPU: 1 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.703978] Modules linked in: [ 138.704439] CPU: 1 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.705459] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.705914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.706506] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.706810] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.707572] RSP: 0000:ffff88810d1dfc90 EFLAGS: 00010246 [ 138.707858] RAX: dffffc0000000000 RBX: ffff88810d3a2000 RCX: 0000000000000000 [ 138.708185] RDX: 1ffff11021a74432 RSI: ffffffff89e05968 RDI: ffff88810d3a2190 [ 138.708556] RBP: ffff88810d1dfca0 R08: 1ffff11020073f69 R09: ffffed1021a3bf65 [ 138.708852] R10: 0000000000000003 R11: ffffffff888049da R12: 0000000000000000 [ 138.709191] R13: ffff88810d1dfd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.709466] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 138.709818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.710022] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 138.710512] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 138.710833] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.711266] Call Trace: [ 138.711396] <TASK> [ 138.711524] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.711858] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.712288] ? __schedule+0x10cc/0x2b60 [ 138.712603] ? __pfx_read_tsc+0x10/0x10 [ 138.712807] ? ktime_get_ts64+0x86/0x230 [ 138.713009] kunit_try_run_case+0x1a5/0x480 [ 138.713428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.713624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.713875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.714156] ? __kthread_parkme+0x82/0x180 [ 138.714452] ? preempt_count_sub+0x50/0x80 [ 138.714631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.714851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.715309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.715582] kthread+0x337/0x6f0 [ 138.715738] ? trace_preempt_on+0x20/0xc0 [ 138.715966] ? __pfx_kthread+0x10/0x10 [ 138.716112] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.716333] ? calculate_sigpending+0x7b/0xa0 [ 138.716538] ? __pfx_kthread+0x10/0x10 [ 138.717359] ret_from_fork+0x116/0x1d0 [ 138.717546] ? __pfx_kthread+0x10/0x10 [ 138.717742] ret_from_fork_asm+0x1a/0x30 [ 138.717945] </TASK> [ 138.718155] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.779876] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.780244] Modules linked in: [ 138.780406] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.780882] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.781058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.781318] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.781513] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.782010] RSP: 0000:ffff88810d34fc90 EFLAGS: 00010246 [ 138.782187] RAX: dffffc0000000000 RBX: ffff88810d2c4000 RCX: 0000000000000000 [ 138.782396] RDX: 1ffff11021a58832 RSI: ffffffff89e05968 RDI: ffff88810d2c4190 [ 138.784514] RBP: ffff88810d34fca0 R08: 1ffff11020073f69 R09: ffffed1021a69f65 [ 138.785148] R10: 0000000000000003 R11: ffffffff89385b48 R12: 0000000000000000 [ 138.786200] R13: ffff88810d34fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.786855] FS: 0000000000000000(0000) GS:ffff8881cc472000(0000) knlGS:0000000000000000 [ 138.787461] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.788063] CR2: 00007ffff7ffe000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 138.788282] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52442 [ 138.788496] DR3: ffffffff8ec52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.788756] Call Trace: [ 138.789059] <TASK> [ 138.789346] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.789948] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.790536] ? __schedule+0x10cc/0x2b60 [ 138.791017] ? __pfx_read_tsc+0x10/0x10 [ 138.791496] ? ktime_get_ts64+0x86/0x230 [ 138.792143] kunit_try_run_case+0x1a5/0x480 [ 138.792509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.792699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.793141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.793704] ? __kthread_parkme+0x82/0x180 [ 138.793913] ? preempt_count_sub+0x50/0x80 [ 138.794179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.794604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.794981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.795263] kthread+0x337/0x6f0 [ 138.795457] ? trace_preempt_on+0x20/0xc0 [ 138.795972] ? __pfx_kthread+0x10/0x10 [ 138.796388] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.796728] ? calculate_sigpending+0x7b/0xa0 [ 138.796884] ? __pfx_kthread+0x10/0x10 [ 138.797053] ret_from_fork+0x116/0x1d0 [ 138.797393] ? __pfx_kthread+0x10/0x10 [ 138.797754] ret_from_fork_asm+0x1a/0x30 [ 138.798238] </TASK> [ 138.798470] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.234624] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.234893] Modules linked in: [ 108.235160] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.235625] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.235952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.236387] RIP: 0010:intlog10+0x2a/0x40 [ 108.236652] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 97 a8 86 02 90 <0f> 0b 90 31 c0 e9 8c a8 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.237511] RSP: 0000:ffff888102a17cb0 EFLAGS: 00010246 [ 108.237961] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020542fb4 [ 108.238499] RDX: 1ffffffff1952db4 RSI: 1ffff11020542fb3 RDI: 0000000000000000 [ 108.238820] RBP: ffff888102a17d60 R08: 0000000000000000 R09: ffffed10203b3500 [ 108.239152] R10: ffff888101d9a807 R11: 0000000000000000 R12: 1ffff11020542f97 [ 108.239525] R13: ffffffff8ca96da0 R14: 0000000000000000 R15: ffff888102a17d38 [ 108.239954] FS: 0000000000000000(0000) GS:ffff8881cc572000(0000) knlGS:0000000000000000 [ 108.240426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.240777] CR2: ffff88815a90cfe0 CR3: 000000002febc000 CR4: 00000000000006f0 [ 108.240981] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52443 [ 108.241408] DR3: ffffffff8ec52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.242265] Call Trace: [ 108.242513] <TASK> [ 108.242767] ? intlog10_test+0xf2/0x220 [ 108.243267] ? __pfx_intlog10_test+0x10/0x10 [ 108.243718] ? __schedule+0x10cc/0x2b60 [ 108.243898] ? __pfx_read_tsc+0x10/0x10 [ 108.244391] ? ktime_get_ts64+0x86/0x230 [ 108.244675] kunit_try_run_case+0x1a5/0x480 [ 108.244844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.245004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.245565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.246051] ? __kthread_parkme+0x82/0x180 [ 108.246622] ? preempt_count_sub+0x50/0x80 [ 108.247209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.247537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.247743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.247941] kthread+0x337/0x6f0 [ 108.248109] ? trace_preempt_on+0x20/0xc0 [ 108.248414] ? __pfx_kthread+0x10/0x10 [ 108.248634] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.248866] ? calculate_sigpending+0x7b/0xa0 [ 108.249147] ? __pfx_kthread+0x10/0x10 [ 108.249340] ret_from_fork+0x116/0x1d0 [ 108.249506] ? __pfx_kthread+0x10/0x10 [ 108.249712] ret_from_fork_asm+0x1a/0x30 [ 108.249901] </TASK> [ 108.250226] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.197578] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.198360] Modules linked in: [ 108.198737] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 108.199892] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.200339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.200610] RIP: 0010:intlog2+0xdf/0x110 [ 108.200775] Code: a9 8c c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 02 a9 86 02 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 8f e8 55 ff 8b 45 e4 eb [ 108.201451] RSP: 0000:ffff88810b037cb0 EFLAGS: 00010246 [ 108.201761] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021606fb4 [ 108.201983] RDX: 1ffffffff1952e08 RSI: 1ffff11021606fb3 RDI: 0000000000000000 [ 108.202597] RBP: ffff88810b037d60 R08: 0000000000000000 R09: ffffed10204ee8c0 [ 108.202859] R10: ffff888102774607 R11: 0000000000000000 R12: 1ffff11021606f97 [ 108.203433] R13: ffffffff8ca97040 R14: 0000000000000000 R15: ffff88810b037d38 [ 108.203713] FS: 0000000000000000(0000) GS:ffff8881cc472000(0000) knlGS:0000000000000000 [ 108.204260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.204512] CR2: dffffc0000000000 CR3: 000000002febc000 CR4: 00000000000006f0 [ 108.204826] DR0: ffffffff8ec52440 DR1: ffffffff8ec52441 DR2: ffffffff8ec52442 [ 108.205203] DR3: ffffffff8ec52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.205609] Call Trace: [ 108.205873] <TASK> [ 108.206049] ? intlog2_test+0xf2/0x220 [ 108.206434] ? __pfx_intlog2_test+0x10/0x10 [ 108.206699] ? __schedule+0x10cc/0x2b60 [ 108.206908] ? __pfx_read_tsc+0x10/0x10 [ 108.207129] ? ktime_get_ts64+0x86/0x230 [ 108.207407] kunit_try_run_case+0x1a5/0x480 [ 108.207697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.207984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.208372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.208619] ? __kthread_parkme+0x82/0x180 [ 108.208789] ? preempt_count_sub+0x50/0x80 [ 108.209003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.209492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.209704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.210018] kthread+0x337/0x6f0 [ 108.210192] ? trace_preempt_on+0x20/0xc0 [ 108.210451] ? __pfx_kthread+0x10/0x10 [ 108.210679] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.211123] ? calculate_sigpending+0x7b/0xa0 [ 108.211307] ? __pfx_kthread+0x10/0x10 [ 108.211527] ret_from_fork+0x116/0x1d0 [ 108.211705] ? __pfx_kthread+0x10/0x10 [ 108.211872] ret_from_fork_asm+0x1a/0x30 [ 108.212242] </TASK> [ 108.212413] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.627320] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI