Date
July 6, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 16.586661] ================================================================== [ 16.587037] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.587840] Write of size 1 at addr fff00000c635a673 by task kunit_try_catch/137 [ 16.587943] [ 16.588698] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.588840] Tainted: [N]=TEST [ 16.588873] Hardware name: linux,dummy-virt (DT) [ 16.589106] Call trace: [ 16.589273] show_stack+0x20/0x38 (C) [ 16.589405] dump_stack_lvl+0x8c/0xd0 [ 16.589464] print_report+0x118/0x608 [ 16.589510] kasan_report+0xdc/0x128 [ 16.589554] __asan_report_store1_noabort+0x20/0x30 [ 16.589604] kmalloc_oob_right+0x5a4/0x660 [ 16.589654] kunit_try_run_case+0x170/0x3f0 [ 16.589703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.589754] kthread+0x328/0x630 [ 16.589797] ret_from_fork+0x10/0x20 [ 16.589949] [ 16.589997] Allocated by task 137: [ 16.590110] kasan_save_stack+0x3c/0x68 [ 16.590173] kasan_save_track+0x20/0x40 [ 16.590210] kasan_save_alloc_info+0x40/0x58 [ 16.590248] __kasan_kmalloc+0xd4/0xd8 [ 16.590283] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.590322] kmalloc_oob_right+0xb0/0x660 [ 16.590356] kunit_try_run_case+0x170/0x3f0 [ 16.590392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.590434] kthread+0x328/0x630 [ 16.590464] ret_from_fork+0x10/0x20 [ 16.590516] [ 16.590574] The buggy address belongs to the object at fff00000c635a600 [ 16.590574] which belongs to the cache kmalloc-128 of size 128 [ 16.590722] The buggy address is located 0 bytes to the right of [ 16.590722] allocated 115-byte region [fff00000c635a600, fff00000c635a673) [ 16.590792] [ 16.590884] The buggy address belongs to the physical page: [ 16.591068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 16.591329] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.591608] page_type: f5(slab) [ 16.591910] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.591973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.592090] page dumped because: kasan: bad access detected [ 16.592128] [ 16.592153] Memory state around the buggy address: [ 16.592371] fff00000c635a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.592434] fff00000c635a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.592486] >fff00000c635a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.592538] ^ [ 16.592617] fff00000c635a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.592658] fff00000c635a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.592716] ================================================================== [ 16.599524] ================================================================== [ 16.599570] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.599911] Read of size 1 at addr fff00000c635a680 by task kunit_try_catch/137 [ 16.600103] [ 16.600142] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.600376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.600443] Hardware name: linux,dummy-virt (DT) [ 16.600473] Call trace: [ 16.600493] show_stack+0x20/0x38 (C) [ 16.600764] dump_stack_lvl+0x8c/0xd0 [ 16.601103] print_report+0x118/0x608 [ 16.601177] kasan_report+0xdc/0x128 [ 16.601340] __asan_report_load1_noabort+0x20/0x30 [ 16.601522] kmalloc_oob_right+0x5d0/0x660 [ 16.601655] kunit_try_run_case+0x170/0x3f0 [ 16.601705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.601756] kthread+0x328/0x630 [ 16.602126] ret_from_fork+0x10/0x20 [ 16.602196] [ 16.602214] Allocated by task 137: [ 16.602240] kasan_save_stack+0x3c/0x68 [ 16.602525] kasan_save_track+0x20/0x40 [ 16.602716] kasan_save_alloc_info+0x40/0x58 [ 16.602833] __kasan_kmalloc+0xd4/0xd8 [ 16.602919] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.603048] kmalloc_oob_right+0xb0/0x660 [ 16.603088] kunit_try_run_case+0x170/0x3f0 [ 16.603136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.603184] kthread+0x328/0x630 [ 16.603214] ret_from_fork+0x10/0x20 [ 16.603248] [ 16.603267] The buggy address belongs to the object at fff00000c635a600 [ 16.603267] which belongs to the cache kmalloc-128 of size 128 [ 16.603322] The buggy address is located 13 bytes to the right of [ 16.603322] allocated 115-byte region [fff00000c635a600, fff00000c635a673) [ 16.603384] [ 16.603404] The buggy address belongs to the physical page: [ 16.603434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 16.603835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.603902] page_type: f5(slab) [ 16.603942] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.604255] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.604376] page dumped because: kasan: bad access detected [ 16.604448] [ 16.604466] Memory state around the buggy address: [ 16.604517] fff00000c635a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604943] fff00000c635a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.605041] >fff00000c635a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605186] ^ [ 16.605216] fff00000c635a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605502] fff00000c635a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605581] ================================================================== [ 16.593432] ================================================================== [ 16.593475] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.593519] Write of size 1 at addr fff00000c635a678 by task kunit_try_catch/137 [ 16.593694] [ 16.593728] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.593807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.593832] Hardware name: linux,dummy-virt (DT) [ 16.593860] Call trace: [ 16.593880] show_stack+0x20/0x38 (C) [ 16.593927] dump_stack_lvl+0x8c/0xd0 [ 16.594253] print_report+0x118/0x608 [ 16.594726] kasan_report+0xdc/0x128 [ 16.594920] __asan_report_store1_noabort+0x20/0x30 [ 16.594991] kmalloc_oob_right+0x538/0x660 [ 16.595319] kunit_try_run_case+0x170/0x3f0 [ 16.595406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.596018] kthread+0x328/0x630 [ 16.596074] ret_from_fork+0x10/0x20 [ 16.596161] [ 16.596204] Allocated by task 137: [ 16.596390] kasan_save_stack+0x3c/0x68 [ 16.596437] kasan_save_track+0x20/0x40 [ 16.596551] kasan_save_alloc_info+0x40/0x58 [ 16.596657] __kasan_kmalloc+0xd4/0xd8 [ 16.597013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.597088] kmalloc_oob_right+0xb0/0x660 [ 16.597124] kunit_try_run_case+0x170/0x3f0 [ 16.597199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.597246] kthread+0x328/0x630 [ 16.597277] ret_from_fork+0x10/0x20 [ 16.597311] [ 16.597337] The buggy address belongs to the object at fff00000c635a600 [ 16.597337] which belongs to the cache kmalloc-128 of size 128 [ 16.597403] The buggy address is located 5 bytes to the right of [ 16.597403] allocated 115-byte region [fff00000c635a600, fff00000c635a673) [ 16.597465] [ 16.597483] The buggy address belongs to the physical page: [ 16.597511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 16.597566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.597628] page_type: f5(slab) [ 16.597664] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.597722] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.597760] page dumped because: kasan: bad access detected [ 16.597799] [ 16.597823] Memory state around the buggy address: [ 16.597853] fff00000c635a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597894] fff00000c635a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597935] >fff00000c635a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.597970] ^ [ 16.598035] fff00000c635a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598076] fff00000c635a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598111] ==================================================================
[ 16.508473] ================================================================== [ 16.508511] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.508558] Write of size 1 at addr fff00000c63cd678 by task kunit_try_catch/137 [ 16.508605] [ 16.508636] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.508713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.508738] Hardware name: linux,dummy-virt (DT) [ 16.508768] Call trace: [ 16.509299] show_stack+0x20/0x38 (C) [ 16.509361] dump_stack_lvl+0x8c/0xd0 [ 16.509408] print_report+0x118/0x608 [ 16.509452] kasan_report+0xdc/0x128 [ 16.509495] __asan_report_store1_noabort+0x20/0x30 [ 16.509545] kmalloc_oob_right+0x538/0x660 [ 16.509599] kunit_try_run_case+0x170/0x3f0 [ 16.509647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.509927] kthread+0x328/0x630 [ 16.509975] ret_from_fork+0x10/0x20 [ 16.510032] [ 16.510050] Allocated by task 137: [ 16.510077] kasan_save_stack+0x3c/0x68 [ 16.510136] kasan_save_track+0x20/0x40 [ 16.510173] kasan_save_alloc_info+0x40/0x58 [ 16.510233] __kasan_kmalloc+0xd4/0xd8 [ 16.510280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.510318] kmalloc_oob_right+0xb0/0x660 [ 16.510352] kunit_try_run_case+0x170/0x3f0 [ 16.510389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.510429] kthread+0x328/0x630 [ 16.510460] ret_from_fork+0x10/0x20 [ 16.510494] [ 16.510512] The buggy address belongs to the object at fff00000c63cd600 [ 16.510512] which belongs to the cache kmalloc-128 of size 128 [ 16.510632] The buggy address is located 5 bytes to the right of [ 16.510632] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.510797] [ 16.510845] The buggy address belongs to the physical page: [ 16.510880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.510959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.511005] page_type: f5(slab) [ 16.511040] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.511166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511208] page dumped because: kasan: bad access detected [ 16.511237] [ 16.511254] Memory state around the buggy address: [ 16.511312] fff00000c63cd500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.511386] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511426] >fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.511462] ^ [ 16.511509] fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511550] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511618] ================================================================== [ 16.512586] ================================================================== [ 16.512679] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.512794] Read of size 1 at addr fff00000c63cd680 by task kunit_try_catch/137 [ 16.512864] [ 16.512893] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.512980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513006] Hardware name: linux,dummy-virt (DT) [ 16.513034] Call trace: [ 16.513060] show_stack+0x20/0x38 (C) [ 16.513115] dump_stack_lvl+0x8c/0xd0 [ 16.513162] print_report+0x118/0x608 [ 16.513281] kasan_report+0xdc/0x128 [ 16.513330] __asan_report_load1_noabort+0x20/0x30 [ 16.513379] kmalloc_oob_right+0x5d0/0x660 [ 16.513482] kunit_try_run_case+0x170/0x3f0 [ 16.513561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.513612] kthread+0x328/0x630 [ 16.513651] ret_from_fork+0x10/0x20 [ 16.513906] [ 16.513976] Allocated by task 137: [ 16.514004] kasan_save_stack+0x3c/0x68 [ 16.514156] kasan_save_track+0x20/0x40 [ 16.514248] kasan_save_alloc_info+0x40/0x58 [ 16.514299] __kasan_kmalloc+0xd4/0xd8 [ 16.514334] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.514371] kmalloc_oob_right+0xb0/0x660 [ 16.514405] kunit_try_run_case+0x170/0x3f0 [ 16.514478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.514520] kthread+0x328/0x630 [ 16.514551] ret_from_fork+0x10/0x20 [ 16.514585] [ 16.514636] The buggy address belongs to the object at fff00000c63cd600 [ 16.514636] which belongs to the cache kmalloc-128 of size 128 [ 16.514692] The buggy address is located 13 bytes to the right of [ 16.514692] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.514754] [ 16.514773] The buggy address belongs to the physical page: [ 16.514801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.514851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.514988] page_type: f5(slab) [ 16.515101] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.515200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.515266] page dumped because: kasan: bad access detected [ 16.515347] [ 16.515364] Memory state around the buggy address: [ 16.515443] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515566] fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.515608] >fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515643] ^ [ 16.515670] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515765] fff00000c63cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515951] ================================================================== [ 16.497712] ================================================================== [ 16.498051] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.499221] Write of size 1 at addr fff00000c63cd673 by task kunit_try_catch/137 [ 16.499536] [ 16.500471] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.500748] Tainted: [N]=TEST [ 16.500993] Hardware name: linux,dummy-virt (DT) [ 16.501263] Call trace: [ 16.501594] show_stack+0x20/0x38 (C) [ 16.502024] dump_stack_lvl+0x8c/0xd0 [ 16.502149] print_report+0x118/0x608 [ 16.502226] kasan_report+0xdc/0x128 [ 16.502405] __asan_report_store1_noabort+0x20/0x30 [ 16.502455] kmalloc_oob_right+0x5a4/0x660 [ 16.502539] kunit_try_run_case+0x170/0x3f0 [ 16.502673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.502847] kthread+0x328/0x630 [ 16.502929] ret_from_fork+0x10/0x20 [ 16.503096] [ 16.503134] Allocated by task 137: [ 16.503246] kasan_save_stack+0x3c/0x68 [ 16.503339] kasan_save_track+0x20/0x40 [ 16.503376] kasan_save_alloc_info+0x40/0x58 [ 16.503414] __kasan_kmalloc+0xd4/0xd8 [ 16.503449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.503489] kmalloc_oob_right+0xb0/0x660 [ 16.503524] kunit_try_run_case+0x170/0x3f0 [ 16.503560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.503601] kthread+0x328/0x630 [ 16.503632] ret_from_fork+0x10/0x20 [ 16.503685] [ 16.503743] The buggy address belongs to the object at fff00000c63cd600 [ 16.503743] which belongs to the cache kmalloc-128 of size 128 [ 16.503855] The buggy address is located 0 bytes to the right of [ 16.503855] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.503951] [ 16.504046] The buggy address belongs to the physical page: [ 16.504285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.504759] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.505090] page_type: f5(slab) [ 16.505515] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.505601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.505829] page dumped because: kasan: bad access detected [ 16.505926] [ 16.505992] Memory state around the buggy address: [ 16.506431] fff00000c63cd500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.506500] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506551] >fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.506633] ^ [ 16.506751] fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506792] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506855] ==================================================================
[ 12.427420] ================================================================== [ 12.428446] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.429281] Write of size 1 at addr ffff88810254d173 by task kunit_try_catch/154 [ 12.429516] [ 12.431222] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.431936] Tainted: [N]=TEST [ 12.431987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.432244] Call Trace: [ 12.432331] <TASK> [ 12.432485] dump_stack_lvl+0x73/0xb0 [ 12.432664] print_report+0xd1/0x650 [ 12.432696] ? __virt_addr_valid+0x1db/0x2d0 [ 12.432721] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.432761] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432779] kasan_report+0x141/0x180 [ 12.432798] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432822] __asan_report_store1_noabort+0x1b/0x30 [ 12.432843] kmalloc_oob_right+0x6f0/0x7f0 [ 12.432862] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.432881] ? __schedule+0x10cc/0x2b60 [ 12.432901] ? __pfx_read_tsc+0x10/0x10 [ 12.432920] ? ktime_get_ts64+0x86/0x230 [ 12.432944] kunit_try_run_case+0x1a5/0x480 [ 12.432967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.432985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.433007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.433026] ? __kthread_parkme+0x82/0x180 [ 12.433046] ? preempt_count_sub+0x50/0x80 [ 12.433068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.433128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.433150] kthread+0x337/0x6f0 [ 12.433168] ? trace_preempt_on+0x20/0xc0 [ 12.433189] ? __pfx_kthread+0x10/0x10 [ 12.433207] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.433225] ? calculate_sigpending+0x7b/0xa0 [ 12.433248] ? __pfx_kthread+0x10/0x10 [ 12.433266] ret_from_fork+0x116/0x1d0 [ 12.433283] ? __pfx_kthread+0x10/0x10 [ 12.433301] ret_from_fork_asm+0x1a/0x30 [ 12.433354] </TASK> [ 12.433423] [ 12.445421] Allocated by task 154: [ 12.446275] kasan_save_stack+0x45/0x70 [ 12.446922] kasan_save_track+0x18/0x40 [ 12.447301] kasan_save_alloc_info+0x3b/0x50 [ 12.447672] __kasan_kmalloc+0xb7/0xc0 [ 12.448049] __kmalloc_cache_noprof+0x189/0x420 [ 12.448686] kmalloc_oob_right+0xa9/0x7f0 [ 12.449072] kunit_try_run_case+0x1a5/0x480 [ 12.449339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.449909] kthread+0x337/0x6f0 [ 12.450188] ret_from_fork+0x116/0x1d0 [ 12.450454] ret_from_fork_asm+0x1a/0x30 [ 12.451023] [ 12.451333] The buggy address belongs to the object at ffff88810254d100 [ 12.451333] which belongs to the cache kmalloc-128 of size 128 [ 12.452943] The buggy address is located 0 bytes to the right of [ 12.452943] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.453863] [ 12.454211] The buggy address belongs to the physical page: [ 12.455157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.455965] flags: 0x200000000000000(node=0|zone=2) [ 12.456994] page_type: f5(slab) [ 12.457763] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.458337] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.458762] page dumped because: kasan: bad access detected [ 12.459185] [ 12.459392] Memory state around the buggy address: [ 12.460006] ffff88810254d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.460573] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.460908] >ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.461494] ^ [ 12.462002] ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.462352] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.462860] ================================================================== [ 12.493003] ================================================================== [ 12.493379] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.494066] Read of size 1 at addr ffff88810254d180 by task kunit_try_catch/154 [ 12.494765] [ 12.494953] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.495033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.495054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.495090] Call Trace: [ 12.495166] <TASK> [ 12.495200] dump_stack_lvl+0x73/0xb0 [ 12.495255] print_report+0xd1/0x650 [ 12.495293] ? __virt_addr_valid+0x1db/0x2d0 [ 12.495331] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.495422] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495454] kasan_report+0x141/0x180 [ 12.495492] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495971] __asan_report_load1_noabort+0x18/0x20 [ 12.496018] kmalloc_oob_right+0x68a/0x7f0 [ 12.496058] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.496100] ? __schedule+0x10cc/0x2b60 [ 12.496160] ? __pfx_read_tsc+0x10/0x10 [ 12.496181] ? ktime_get_ts64+0x86/0x230 [ 12.496206] kunit_try_run_case+0x1a5/0x480 [ 12.496228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.496247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.496268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.496287] ? __kthread_parkme+0x82/0x180 [ 12.496305] ? preempt_count_sub+0x50/0x80 [ 12.496326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.496346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.496365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.496384] kthread+0x337/0x6f0 [ 12.496402] ? trace_preempt_on+0x20/0xc0 [ 12.496423] ? __pfx_kthread+0x10/0x10 [ 12.496441] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.496458] ? calculate_sigpending+0x7b/0xa0 [ 12.496479] ? __pfx_kthread+0x10/0x10 [ 12.496506] ret_from_fork+0x116/0x1d0 [ 12.496535] ? __pfx_kthread+0x10/0x10 [ 12.496563] ret_from_fork_asm+0x1a/0x30 [ 12.496604] </TASK> [ 12.496635] [ 12.507585] Allocated by task 154: [ 12.507801] kasan_save_stack+0x45/0x70 [ 12.508116] kasan_save_track+0x18/0x40 [ 12.508308] kasan_save_alloc_info+0x3b/0x50 [ 12.508599] __kasan_kmalloc+0xb7/0xc0 [ 12.509096] __kmalloc_cache_noprof+0x189/0x420 [ 12.509304] kmalloc_oob_right+0xa9/0x7f0 [ 12.510271] kunit_try_run_case+0x1a5/0x480 [ 12.510770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.511091] kthread+0x337/0x6f0 [ 12.511325] ret_from_fork+0x116/0x1d0 [ 12.511827] ret_from_fork_asm+0x1a/0x30 [ 12.512209] [ 12.512392] The buggy address belongs to the object at ffff88810254d100 [ 12.512392] which belongs to the cache kmalloc-128 of size 128 [ 12.514018] The buggy address is located 13 bytes to the right of [ 12.514018] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.514655] [ 12.514988] The buggy address belongs to the physical page: [ 12.515867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.516437] flags: 0x200000000000000(node=0|zone=2) [ 12.516843] page_type: f5(slab) [ 12.517417] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.518153] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.519063] page dumped because: kasan: bad access detected [ 12.519690] [ 12.519971] Memory state around the buggy address: [ 12.520195] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.520753] ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.521322] >ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521532] ^ [ 12.521960] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522372] ffff88810254d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522707] ================================================================== [ 12.464785] ================================================================== [ 12.465171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.465635] Write of size 1 at addr ffff88810254d178 by task kunit_try_catch/154 [ 12.465989] [ 12.466222] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.466298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.466320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.466355] Call Trace: [ 12.466376] <TASK> [ 12.466407] dump_stack_lvl+0x73/0xb0 [ 12.466456] print_report+0xd1/0x650 [ 12.466486] ? __virt_addr_valid+0x1db/0x2d0 [ 12.466517] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.466576] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466605] kasan_report+0x141/0x180 [ 12.466658] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466701] __asan_report_store1_noabort+0x1b/0x30 [ 12.466737] kmalloc_oob_right+0x6bd/0x7f0 [ 12.466767] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.466829] ? __schedule+0x10cc/0x2b60 [ 12.466878] ? __pfx_read_tsc+0x10/0x10 [ 12.466913] ? ktime_get_ts64+0x86/0x230 [ 12.466957] kunit_try_run_case+0x1a5/0x480 [ 12.467001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.467080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.467148] ? __kthread_parkme+0x82/0x180 [ 12.467188] ? preempt_count_sub+0x50/0x80 [ 12.467227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.467334] kthread+0x337/0x6f0 [ 12.467366] ? trace_preempt_on+0x20/0xc0 [ 12.467412] ? __pfx_kthread+0x10/0x10 [ 12.467449] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.467503] ? calculate_sigpending+0x7b/0xa0 [ 12.467546] ? __pfx_kthread+0x10/0x10 [ 12.467585] ret_from_fork+0x116/0x1d0 [ 12.467632] ? __pfx_kthread+0x10/0x10 [ 12.467672] ret_from_fork_asm+0x1a/0x30 [ 12.467733] </TASK> [ 12.467757] [ 12.476264] Allocated by task 154: [ 12.476588] kasan_save_stack+0x45/0x70 [ 12.476844] kasan_save_track+0x18/0x40 [ 12.477009] kasan_save_alloc_info+0x3b/0x50 [ 12.477305] __kasan_kmalloc+0xb7/0xc0 [ 12.478926] __kmalloc_cache_noprof+0x189/0x420 [ 12.479460] kmalloc_oob_right+0xa9/0x7f0 [ 12.480684] kunit_try_run_case+0x1a5/0x480 [ 12.480953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.481857] kthread+0x337/0x6f0 [ 12.482326] ret_from_fork+0x116/0x1d0 [ 12.482475] ret_from_fork_asm+0x1a/0x30 [ 12.483070] [ 12.483411] The buggy address belongs to the object at ffff88810254d100 [ 12.483411] which belongs to the cache kmalloc-128 of size 128 [ 12.483812] The buggy address is located 5 bytes to the right of [ 12.483812] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.484548] [ 12.484672] The buggy address belongs to the physical page: [ 12.485469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.486580] flags: 0x200000000000000(node=0|zone=2) [ 12.486971] page_type: f5(slab) [ 12.487494] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.487880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.488225] page dumped because: kasan: bad access detected [ 12.488750] [ 12.488875] Memory state around the buggy address: [ 12.489035] ffff88810254d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.489497] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.490232] >ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.490520] ^ [ 12.490968] ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.491238] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492089] ==================================================================
[ 12.762005] ================================================================== [ 12.762375] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.762759] Write of size 1 at addr ffff8881031acc78 by task kunit_try_catch/153 [ 12.763157] [ 12.763299] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.763344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.763356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.763376] Call Trace: [ 12.763425] <TASK> [ 12.763441] dump_stack_lvl+0x73/0xb0 [ 12.763468] print_report+0xd1/0x650 [ 12.763502] ? __virt_addr_valid+0x1db/0x2d0 [ 12.763524] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.763573] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763595] kasan_report+0x141/0x180 [ 12.763617] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763644] __asan_report_store1_noabort+0x1b/0x30 [ 12.763669] kmalloc_oob_right+0x6bd/0x7f0 [ 12.763691] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.763713] ? __schedule+0x10cc/0x2b60 [ 12.763757] ? __pfx_read_tsc+0x10/0x10 [ 12.763778] ? ktime_get_ts64+0x86/0x230 [ 12.763802] kunit_try_run_case+0x1a5/0x480 [ 12.763851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.763873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.763896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.763930] ? __kthread_parkme+0x82/0x180 [ 12.763950] ? preempt_count_sub+0x50/0x80 [ 12.763973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.763997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.764042] kthread+0x337/0x6f0 [ 12.764070] ? trace_preempt_on+0x20/0xc0 [ 12.764093] ? __pfx_kthread+0x10/0x10 [ 12.764114] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.764134] ? calculate_sigpending+0x7b/0xa0 [ 12.764157] ? __pfx_kthread+0x10/0x10 [ 12.764179] ret_from_fork+0x116/0x1d0 [ 12.764197] ? __pfx_kthread+0x10/0x10 [ 12.764218] ret_from_fork_asm+0x1a/0x30 [ 12.764250] </TASK> [ 12.764261] [ 12.771857] Allocated by task 153: [ 12.772019] kasan_save_stack+0x45/0x70 [ 12.772185] kasan_save_track+0x18/0x40 [ 12.772331] kasan_save_alloc_info+0x3b/0x50 [ 12.772609] __kasan_kmalloc+0xb7/0xc0 [ 12.772816] __kmalloc_cache_noprof+0x189/0x420 [ 12.773250] kmalloc_oob_right+0xa9/0x7f0 [ 12.773602] kunit_try_run_case+0x1a5/0x480 [ 12.773851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.774142] kthread+0x337/0x6f0 [ 12.774321] ret_from_fork+0x116/0x1d0 [ 12.774551] ret_from_fork_asm+0x1a/0x30 [ 12.774799] [ 12.774914] The buggy address belongs to the object at ffff8881031acc00 [ 12.774914] which belongs to the cache kmalloc-128 of size 128 [ 12.775407] The buggy address is located 5 bytes to the right of [ 12.775407] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.776090] [ 12.776169] The buggy address belongs to the physical page: [ 12.776708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.777232] flags: 0x200000000000000(node=0|zone=2) [ 12.777544] page_type: f5(slab) [ 12.777756] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.778150] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.778483] page dumped because: kasan: bad access detected [ 12.778843] [ 12.778922] Memory state around the buggy address: [ 12.779099] ffff8881031acb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.779334] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.779715] >ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.780102] ^ [ 12.780440] ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.780847] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.781213] ================================================================== [ 12.781676] ================================================================== [ 12.782131] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.782522] Read of size 1 at addr ffff8881031acc80 by task kunit_try_catch/153 [ 12.782894] [ 12.783084] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.783127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.783138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.783158] Call Trace: [ 12.783173] <TASK> [ 12.783187] dump_stack_lvl+0x73/0xb0 [ 12.783213] print_report+0xd1/0x650 [ 12.783235] ? __virt_addr_valid+0x1db/0x2d0 [ 12.783257] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.783302] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783324] kasan_report+0x141/0x180 [ 12.783346] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783372] __asan_report_load1_noabort+0x18/0x20 [ 12.783432] kmalloc_oob_right+0x68a/0x7f0 [ 12.783454] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.783488] ? __schedule+0x10cc/0x2b60 [ 12.783510] ? __pfx_read_tsc+0x10/0x10 [ 12.783530] ? ktime_get_ts64+0x86/0x230 [ 12.783555] kunit_try_run_case+0x1a5/0x480 [ 12.783579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.783600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.783651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.783674] ? __kthread_parkme+0x82/0x180 [ 12.783694] ? preempt_count_sub+0x50/0x80 [ 12.783728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.783751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.783773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.783796] kthread+0x337/0x6f0 [ 12.783815] ? trace_preempt_on+0x20/0xc0 [ 12.783838] ? __pfx_kthread+0x10/0x10 [ 12.783860] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.783881] ? calculate_sigpending+0x7b/0xa0 [ 12.783904] ? __pfx_kthread+0x10/0x10 [ 12.783926] ret_from_fork+0x116/0x1d0 [ 12.783944] ? __pfx_kthread+0x10/0x10 [ 12.783964] ret_from_fork_asm+0x1a/0x30 [ 12.784024] </TASK> [ 12.784034] [ 12.791243] Allocated by task 153: [ 12.791476] kasan_save_stack+0x45/0x70 [ 12.791685] kasan_save_track+0x18/0x40 [ 12.791885] kasan_save_alloc_info+0x3b/0x50 [ 12.792295] __kasan_kmalloc+0xb7/0xc0 [ 12.792647] __kmalloc_cache_noprof+0x189/0x420 [ 12.792995] kmalloc_oob_right+0xa9/0x7f0 [ 12.793154] kunit_try_run_case+0x1a5/0x480 [ 12.793306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793486] kthread+0x337/0x6f0 [ 12.793616] ret_from_fork+0x116/0x1d0 [ 12.793908] ret_from_fork_asm+0x1a/0x30 [ 12.794169] [ 12.794269] The buggy address belongs to the object at ffff8881031acc00 [ 12.794269] which belongs to the cache kmalloc-128 of size 128 [ 12.794786] The buggy address is located 13 bytes to the right of [ 12.794786] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.795537] [ 12.795614] The buggy address belongs to the physical page: [ 12.795958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.796315] flags: 0x200000000000000(node=0|zone=2) [ 12.796488] page_type: f5(slab) [ 12.796612] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.797285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.797690] page dumped because: kasan: bad access detected [ 12.797956] [ 12.798031] Memory state around the buggy address: [ 12.798357] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.798751] ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.799083] >ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.799455] ^ [ 12.799577] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.799838] ffff8881031acd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800284] ================================================================== [ 12.731885] ================================================================== [ 12.732534] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.733398] Write of size 1 at addr ffff8881031acc73 by task kunit_try_catch/153 [ 12.733879] [ 12.735040] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.735441] Tainted: [N]=TEST [ 12.735473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.735694] Call Trace: [ 12.735763] <TASK> [ 12.735911] dump_stack_lvl+0x73/0xb0 [ 12.735999] print_report+0xd1/0x650 [ 12.736028] ? __virt_addr_valid+0x1db/0x2d0 [ 12.736067] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.736115] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736137] kasan_report+0x141/0x180 [ 12.736159] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736187] __asan_report_store1_noabort+0x1b/0x30 [ 12.736211] kmalloc_oob_right+0x6f0/0x7f0 [ 12.736234] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.736256] ? __schedule+0x10cc/0x2b60 [ 12.736280] ? __pfx_read_tsc+0x10/0x10 [ 12.736301] ? ktime_get_ts64+0x86/0x230 [ 12.736328] kunit_try_run_case+0x1a5/0x480 [ 12.736356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.736402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.736425] ? __kthread_parkme+0x82/0x180 [ 12.736446] ? preempt_count_sub+0x50/0x80 [ 12.736471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.736517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.736540] kthread+0x337/0x6f0 [ 12.736560] ? trace_preempt_on+0x20/0xc0 [ 12.736584] ? __pfx_kthread+0x10/0x10 [ 12.736605] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.736626] ? calculate_sigpending+0x7b/0xa0 [ 12.736651] ? __pfx_kthread+0x10/0x10 [ 12.736673] ret_from_fork+0x116/0x1d0 [ 12.736691] ? __pfx_kthread+0x10/0x10 [ 12.736712] ret_from_fork_asm+0x1a/0x30 [ 12.736768] </TASK> [ 12.736832] [ 12.749407] Allocated by task 153: [ 12.749781] kasan_save_stack+0x45/0x70 [ 12.750020] kasan_save_track+0x18/0x40 [ 12.750188] kasan_save_alloc_info+0x3b/0x50 [ 12.750437] __kasan_kmalloc+0xb7/0xc0 [ 12.750579] __kmalloc_cache_noprof+0x189/0x420 [ 12.750805] kmalloc_oob_right+0xa9/0x7f0 [ 12.750984] kunit_try_run_case+0x1a5/0x480 [ 12.751143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.751349] kthread+0x337/0x6f0 [ 12.751627] ret_from_fork+0x116/0x1d0 [ 12.751841] ret_from_fork_asm+0x1a/0x30 [ 12.752044] [ 12.752220] The buggy address belongs to the object at ffff8881031acc00 [ 12.752220] which belongs to the cache kmalloc-128 of size 128 [ 12.752982] The buggy address is located 0 bytes to the right of [ 12.752982] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.753628] [ 12.753782] The buggy address belongs to the physical page: [ 12.754512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.755097] flags: 0x200000000000000(node=0|zone=2) [ 12.755753] page_type: f5(slab) [ 12.756616] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.756942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.757415] page dumped because: kasan: bad access detected [ 12.757649] [ 12.757797] Memory state around the buggy address: [ 12.758310] ffff8881031acb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.758660] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.759126] >ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.759497] ^ [ 12.759909] ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.760268] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.760624] ==================================================================
[ 14.277512] ================================================================== [ 14.284736] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 14.291704] Write of size 1 at addr ffff8881066f8078 by task kunit_try_catch/177 [ 14.299098] [ 14.300596] CPU: 3 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.300604] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 14.300607] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 14.300610] Call Trace: [ 14.300611] <TASK> [ 14.300613] dump_stack_lvl+0x73/0xb0 [ 14.300618] print_report+0xd1/0x650 [ 14.300621] ? __virt_addr_valid+0x1db/0x2d0 [ 14.300625] ? kmalloc_oob_right+0x6bd/0x7f0 [ 14.300629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.300634] ? kmalloc_oob_right+0x6bd/0x7f0 [ 14.300638] kasan_report+0x141/0x180 [ 14.300642] ? kmalloc_oob_right+0x6bd/0x7f0 [ 14.300647] __asan_report_store1_noabort+0x1b/0x30 [ 14.300651] kmalloc_oob_right+0x6bd/0x7f0 [ 14.300655] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 14.300659] ? __schedule+0x10cc/0x2b60 [ 14.300663] ? ktime_get_ts64+0x83/0x230 [ 14.300668] kunit_try_run_case+0x1a2/0x480 [ 14.300672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.300676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.300680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.300684] ? __kthread_parkme+0x82/0x180 [ 14.300688] ? preempt_count_sub+0x50/0x80 [ 14.300692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.300696] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 14.300700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.300704] kthread+0x334/0x6f0 [ 14.300708] ? trace_preempt_on+0x20/0xc0 [ 14.300712] ? __pfx_kthread+0x10/0x10 [ 14.300715] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.300719] ? calculate_sigpending+0x7b/0xa0 [ 14.300723] ? __pfx_kthread+0x10/0x10 [ 14.300727] ret_from_fork+0x113/0x1d0 [ 14.300730] ? __pfx_kthread+0x10/0x10 [ 14.300734] ret_from_fork_asm+0x1a/0x30 [ 14.300740] </TASK> [ 14.300741] [ 14.465730] Allocated by task 177: [ 14.469136] kasan_save_stack+0x45/0x70 [ 14.472975] kasan_save_track+0x18/0x40 [ 14.476814] kasan_save_alloc_info+0x3b/0x50 [ 14.481086] __kasan_kmalloc+0xb7/0xc0 [ 14.484840] __kmalloc_cache_noprof+0x189/0x420 [ 14.489385] kmalloc_oob_right+0xa9/0x7f0 [ 14.493403] kunit_try_run_case+0x1a2/0x480 [ 14.497587] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 14.502988] kthread+0x334/0x6f0 [ 14.506219] ret_from_fork+0x113/0x1d0 [ 14.509972] ret_from_fork_asm+0x1a/0x30 [ 14.513898] [ 14.515398] The buggy address belongs to the object at ffff8881066f8000 [ 14.515398] which belongs to the cache kmalloc-128 of size 128 [ 14.527912] The buggy address is located 5 bytes to the right of [ 14.527912] allocated 115-byte region [ffff8881066f8000, ffff8881066f8073) [ 14.540861] [ 14.542362] The buggy address belongs to the physical page: [ 14.547960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f8 [ 14.555967] flags: 0x200000000000000(node=0|zone=2) [ 14.560845] page_type: f5(slab) [ 14.563993] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 14.571733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.579470] page dumped because: kasan: bad access detected [ 14.585044] [ 14.586544] Memory state around the buggy address: [ 14.591347] ffff8881066f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.598590] ffff8881066f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.605811] >ffff8881066f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.613036] ^ [ 14.620170] ffff8881066f8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.627402] ffff8881066f8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634626] ================================================================== [ 14.641868] ================================================================== [ 14.649100] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 14.656067] Read of size 1 at addr ffff8881066f8080 by task kunit_try_catch/177 [ 14.663386] [ 14.664880] CPU: 3 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.664888] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 14.664891] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 14.664894] Call Trace: [ 14.664896] <TASK> [ 14.664897] dump_stack_lvl+0x73/0xb0 [ 14.664902] print_report+0xd1/0x650 [ 14.664905] ? __virt_addr_valid+0x1db/0x2d0 [ 14.664909] ? kmalloc_oob_right+0x68a/0x7f0 [ 14.664913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.664918] ? kmalloc_oob_right+0x68a/0x7f0 [ 14.664922] kasan_report+0x141/0x180 [ 14.664926] ? kmalloc_oob_right+0x68a/0x7f0 [ 14.664931] __asan_report_load1_noabort+0x18/0x20 [ 14.664935] kmalloc_oob_right+0x68a/0x7f0 [ 14.664939] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 14.664943] ? __schedule+0x10cc/0x2b60 [ 14.664947] ? ktime_get_ts64+0x83/0x230 [ 14.664951] kunit_try_run_case+0x1a2/0x480 [ 14.664956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.664960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.664964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.664968] ? __kthread_parkme+0x82/0x180 [ 14.664971] ? preempt_count_sub+0x50/0x80 [ 14.664976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.664980] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 14.664984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.664988] kthread+0x334/0x6f0 [ 14.664991] ? trace_preempt_on+0x20/0xc0 [ 14.664995] ? __pfx_kthread+0x10/0x10 [ 14.664999] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.665003] ? calculate_sigpending+0x7b/0xa0 [ 14.665007] ? __pfx_kthread+0x10/0x10 [ 14.665011] ret_from_fork+0x113/0x1d0 [ 14.665014] ? __pfx_kthread+0x10/0x10 [ 14.665018] ret_from_fork_asm+0x1a/0x30 [ 14.665024] </TASK> [ 14.665025] [ 14.829834] Allocated by task 177: [ 14.833240] kasan_save_stack+0x45/0x70 [ 14.837078] kasan_save_track+0x18/0x40 [ 14.840916] kasan_save_alloc_info+0x3b/0x50 [ 14.845190] __kasan_kmalloc+0xb7/0xc0 [ 14.848942] __kmalloc_cache_noprof+0x189/0x420 [ 14.853476] kmalloc_oob_right+0xa9/0x7f0 [ 14.857489] kunit_try_run_case+0x1a2/0x480 [ 14.861681] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 14.867082] kthread+0x334/0x6f0 [ 14.870313] ret_from_fork+0x113/0x1d0 [ 14.874067] ret_from_fork_asm+0x1a/0x30 [ 14.877991] [ 14.879493] The buggy address belongs to the object at ffff8881066f8000 [ 14.879493] which belongs to the cache kmalloc-128 of size 128 [ 14.892006] The buggy address is located 13 bytes to the right of [ 14.892006] allocated 115-byte region [ffff8881066f8000, ffff8881066f8073) [ 14.905041] [ 14.906541] The buggy address belongs to the physical page: [ 14.912113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f8 [ 14.920114] flags: 0x200000000000000(node=0|zone=2) [ 14.924992] page_type: f5(slab) [ 14.928140] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 14.935888] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.943633] page dumped because: kasan: bad access detected [ 14.949206] [ 14.950706] Memory state around the buggy address: [ 14.955498] ffff8881066f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.962717] ffff8881066f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.969939] >ffff8881066f8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.977166] ^ [ 14.980397] ffff8881066f8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987618] ffff8881066f8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.994836] ================================================================== [ 13.909169] ================================================================== [ 13.916407] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 13.923384] Write of size 1 at addr ffff8881066f8073 by task kunit_try_catch/177 [ 13.930781] [ 13.932284] CPU: 3 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G S N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.932293] Tainted: [S]=CPU_OUT_OF_SPEC, [N]=TEST [ 13.932296] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 13.932299] Call Trace: [ 13.932301] <TASK> [ 13.932303] dump_stack_lvl+0x73/0xb0 [ 13.932309] print_report+0xd1/0x650 [ 13.932313] ? __virt_addr_valid+0x1db/0x2d0 [ 13.932333] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.932336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.932342] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.932346] kasan_report+0x141/0x180 [ 13.932350] ? kmalloc_oob_right+0x6f0/0x7f0 [ 13.932367] __asan_report_store1_noabort+0x1b/0x30 [ 13.932372] kmalloc_oob_right+0x6f0/0x7f0 [ 13.932376] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 13.932380] ? __schedule+0x10cc/0x2b60 [ 13.932385] ? ktime_get_ts64+0x83/0x230 [ 13.932389] kunit_try_run_case+0x1a2/0x480 [ 13.932394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.932399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.932403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.932408] ? __kthread_parkme+0x82/0x180 [ 13.932411] ? preempt_count_sub+0x50/0x80 [ 13.932416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.932421] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 13.932425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.932429] kthread+0x334/0x6f0 [ 13.932432] ? trace_preempt_on+0x20/0xc0 [ 13.932437] ? __pfx_kthread+0x10/0x10 [ 13.932441] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.932444] ? calculate_sigpending+0x7b/0xa0 [ 13.932449] ? __pfx_kthread+0x10/0x10 [ 13.932453] ret_from_fork+0x113/0x1d0 [ 13.932457] ? __pfx_kthread+0x10/0x10 [ 13.932460] ret_from_fork_asm+0x1a/0x30 [ 13.932466] </TASK> [ 13.932468] [ 14.096220] Allocated by task 177: [ 14.099624] kasan_save_stack+0x45/0x70 [ 14.103466] kasan_save_track+0x18/0x40 [ 14.107303] kasan_save_alloc_info+0x3b/0x50 [ 14.111603] __kasan_kmalloc+0xb7/0xc0 [ 14.115369] __kmalloc_cache_noprof+0x189/0x420 [ 14.119916] kmalloc_oob_right+0xa9/0x7f0 [ 14.123926] kunit_try_run_case+0x1a2/0x480 [ 14.128114] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 14.133511] kthread+0x334/0x6f0 [ 14.136746] ret_from_fork+0x113/0x1d0 [ 14.140499] ret_from_fork_asm+0x1a/0x30 [ 14.144432] [ 14.145932] The buggy address belongs to the object at ffff8881066f8000 [ 14.145932] which belongs to the cache kmalloc-128 of size 128 [ 14.158448] The buggy address is located 0 bytes to the right of [ 14.158448] allocated 115-byte region [ffff8881066f8000, ffff8881066f8073) [ 14.171404] [ 14.172901] The buggy address belongs to the physical page: [ 14.178477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f8 [ 14.186484] flags: 0x200000000000000(node=0|zone=2) [ 14.191384] page_type: f5(slab) [ 14.194536] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 14.202282] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.210020] page dumped because: kasan: bad access detected [ 14.215594] [ 14.217092] Memory state around the buggy address: [ 14.221886] ffff8881066f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.229104] ffff8881066f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.236351] >ffff8881066f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.243594] ^ [ 14.250468] ffff8881066f8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.257689] ffff8881066f8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264906] ==================================================================