Date
July 6, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 | |
| x86 |
[ 17.085262] ================================================================== [ 17.085311] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.085361] Read of size 1 at addr fff00000c635af7f by task kunit_try_catch/195 [ 17.085409] [ 17.085439] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.085521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.085549] Hardware name: linux,dummy-virt (DT) [ 17.085578] Call trace: [ 17.085600] show_stack+0x20/0x38 (C) [ 17.085651] dump_stack_lvl+0x8c/0xd0 [ 17.085698] print_report+0x118/0x608 [ 17.085742] kasan_report+0xdc/0x128 [ 17.086239] __asan_report_load1_noabort+0x20/0x30 [ 17.086324] ksize_unpoisons_memory+0x690/0x740 [ 17.086371] kunit_try_run_case+0x170/0x3f0 [ 17.087243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.087902] kthread+0x328/0x630 [ 17.087970] ret_from_fork+0x10/0x20 [ 17.088046] [ 17.088079] Allocated by task 195: [ 17.088107] kasan_save_stack+0x3c/0x68 [ 17.088383] kasan_save_track+0x20/0x40 [ 17.088623] kasan_save_alloc_info+0x40/0x58 [ 17.088683] __kasan_kmalloc+0xd4/0xd8 [ 17.088719] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.088757] ksize_unpoisons_memory+0xc0/0x740 [ 17.088795] kunit_try_run_case+0x170/0x3f0 [ 17.088832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.089674] kthread+0x328/0x630 [ 17.089720] ret_from_fork+0x10/0x20 [ 17.089757] [ 17.089776] The buggy address belongs to the object at fff00000c635af00 [ 17.089776] which belongs to the cache kmalloc-128 of size 128 [ 17.089836] The buggy address is located 12 bytes to the right of [ 17.089836] allocated 115-byte region [fff00000c635af00, fff00000c635af73) [ 17.089901] [ 17.089919] The buggy address belongs to the physical page: [ 17.090076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 17.090149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.091608] page_type: f5(slab) [ 17.091723] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.091879] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.091938] page dumped because: kasan: bad access detected [ 17.091970] [ 17.091999] Memory state around the buggy address: [ 17.092227] fff00000c635ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.092276] fff00000c635ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.092320] >fff00000c635af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.092812] ^ [ 17.092954] fff00000c635af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.093007] fff00000c635b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.093045] ================================================================== [ 17.066220] ================================================================== [ 17.066290] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.066684] Read of size 1 at addr fff00000c635af73 by task kunit_try_catch/195 [ 17.067318] [ 17.067391] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.067473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.067500] Hardware name: linux,dummy-virt (DT) [ 17.067537] Call trace: [ 17.067660] show_stack+0x20/0x38 (C) [ 17.067711] dump_stack_lvl+0x8c/0xd0 [ 17.067758] print_report+0x118/0x608 [ 17.067805] kasan_report+0xdc/0x128 [ 17.067849] __asan_report_load1_noabort+0x20/0x30 [ 17.068196] ksize_unpoisons_memory+0x628/0x740 [ 17.068390] kunit_try_run_case+0x170/0x3f0 [ 17.068549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.069022] kthread+0x328/0x630 [ 17.069078] ret_from_fork+0x10/0x20 [ 17.069256] [ 17.069431] Allocated by task 195: [ 17.069464] kasan_save_stack+0x3c/0x68 [ 17.069509] kasan_save_track+0x20/0x40 [ 17.069627] kasan_save_alloc_info+0x40/0x58 [ 17.069785] __kasan_kmalloc+0xd4/0xd8 [ 17.069824] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.069862] ksize_unpoisons_memory+0xc0/0x740 [ 17.069900] kunit_try_run_case+0x170/0x3f0 [ 17.069936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.070369] kthread+0x328/0x630 [ 17.070416] ret_from_fork+0x10/0x20 [ 17.070466] [ 17.070485] The buggy address belongs to the object at fff00000c635af00 [ 17.070485] which belongs to the cache kmalloc-128 of size 128 [ 17.070724] The buggy address is located 0 bytes to the right of [ 17.070724] allocated 115-byte region [fff00000c635af00, fff00000c635af73) [ 17.071118] [ 17.071261] The buggy address belongs to the physical page: [ 17.071308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 17.071364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.071413] page_type: f5(slab) [ 17.071740] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.071810] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.071990] page dumped because: kasan: bad access detected [ 17.072026] [ 17.072043] Memory state around the buggy address: [ 17.072214] fff00000c635ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.072264] fff00000c635ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072714] >fff00000c635af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.072766] ^ [ 17.073049] fff00000c635af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.073285] fff00000c635b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.073587] ================================================================== [ 17.076607] ================================================================== [ 17.076662] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.076712] Read of size 1 at addr fff00000c635af78 by task kunit_try_catch/195 [ 17.076759] [ 17.076790] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.076869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.076895] Hardware name: linux,dummy-virt (DT) [ 17.077303] Call trace: [ 17.077449] show_stack+0x20/0x38 (C) [ 17.077504] dump_stack_lvl+0x8c/0xd0 [ 17.077550] print_report+0x118/0x608 [ 17.077934] kasan_report+0xdc/0x128 [ 17.078025] __asan_report_load1_noabort+0x20/0x30 [ 17.078273] ksize_unpoisons_memory+0x618/0x740 [ 17.078325] kunit_try_run_case+0x170/0x3f0 [ 17.078370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.078420] kthread+0x328/0x630 [ 17.078838] ret_from_fork+0x10/0x20 [ 17.078919] [ 17.078937] Allocated by task 195: [ 17.079011] kasan_save_stack+0x3c/0x68 [ 17.079452] kasan_save_track+0x20/0x40 [ 17.079514] kasan_save_alloc_info+0x40/0x58 [ 17.079591] __kasan_kmalloc+0xd4/0xd8 [ 17.079640] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.079677] ksize_unpoisons_memory+0xc0/0x740 [ 17.079715] kunit_try_run_case+0x170/0x3f0 [ 17.079754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.079796] kthread+0x328/0x630 [ 17.080194] ret_from_fork+0x10/0x20 [ 17.080255] [ 17.080274] The buggy address belongs to the object at fff00000c635af00 [ 17.080274] which belongs to the cache kmalloc-128 of size 128 [ 17.080543] The buggy address is located 5 bytes to the right of [ 17.080543] allocated 115-byte region [fff00000c635af00, fff00000c635af73) [ 17.080929] [ 17.081248] The buggy address belongs to the physical page: [ 17.081281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635a [ 17.081578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.081697] page_type: f5(slab) [ 17.082124] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.082354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.082401] page dumped because: kasan: bad access detected [ 17.082433] [ 17.082799] Memory state around the buggy address: [ 17.083057] fff00000c635ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.083394] fff00000c635ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083600] >fff00000c635af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.083640] ^ [ 17.083682] fff00000c635af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083725] fff00000c635b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.083762] ==================================================================
[ 17.060485] ================================================================== [ 17.060583] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.060724] Read of size 1 at addr fff00000c63cde73 by task kunit_try_catch/195 [ 17.060778] [ 17.060812] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.060901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.060938] Hardware name: linux,dummy-virt (DT) [ 17.061380] Call trace: [ 17.061420] show_stack+0x20/0x38 (C) [ 17.061525] dump_stack_lvl+0x8c/0xd0 [ 17.061580] print_report+0x118/0x608 [ 17.061625] kasan_report+0xdc/0x128 [ 17.061768] __asan_report_load1_noabort+0x20/0x30 [ 17.061830] ksize_unpoisons_memory+0x628/0x740 [ 17.061886] kunit_try_run_case+0x170/0x3f0 [ 17.061949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.062004] kthread+0x328/0x630 [ 17.062476] ret_from_fork+0x10/0x20 [ 17.062606] [ 17.062717] Allocated by task 195: [ 17.062749] kasan_save_stack+0x3c/0x68 [ 17.062804] kasan_save_track+0x20/0x40 [ 17.062854] kasan_save_alloc_info+0x40/0x58 [ 17.062894] __kasan_kmalloc+0xd4/0xd8 [ 17.062942] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.063385] ksize_unpoisons_memory+0xc0/0x740 [ 17.063481] kunit_try_run_case+0x170/0x3f0 [ 17.063659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.063717] kthread+0x328/0x630 [ 17.063751] ret_from_fork+0x10/0x20 [ 17.063815] [ 17.063852] The buggy address belongs to the object at fff00000c63cde00 [ 17.063852] which belongs to the cache kmalloc-128 of size 128 [ 17.064160] The buggy address is located 0 bytes to the right of [ 17.064160] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.064263] [ 17.064296] The buggy address belongs to the physical page: [ 17.064391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.064445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.064493] page_type: f5(slab) [ 17.064532] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.064591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.064631] page dumped because: kasan: bad access detected [ 17.064661] [ 17.064679] Memory state around the buggy address: [ 17.064721] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.064776] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.064828] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.064875] ^ [ 17.064940] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065256] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065693] ================================================================== [ 17.067168] ================================================================== [ 17.067418] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.067493] Read of size 1 at addr fff00000c63cde78 by task kunit_try_catch/195 [ 17.067924] [ 17.068056] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.068312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.068444] Hardware name: linux,dummy-virt (DT) [ 17.068504] Call trace: [ 17.068529] show_stack+0x20/0x38 (C) [ 17.068584] dump_stack_lvl+0x8c/0xd0 [ 17.068630] print_report+0x118/0x608 [ 17.069364] kasan_report+0xdc/0x128 [ 17.069449] __asan_report_load1_noabort+0x20/0x30 [ 17.069515] ksize_unpoisons_memory+0x618/0x740 [ 17.069843] kunit_try_run_case+0x170/0x3f0 [ 17.069931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.070028] kthread+0x328/0x630 [ 17.070092] ret_from_fork+0x10/0x20 [ 17.070214] [ 17.070297] Allocated by task 195: [ 17.070376] kasan_save_stack+0x3c/0x68 [ 17.070506] kasan_save_track+0x20/0x40 [ 17.070602] kasan_save_alloc_info+0x40/0x58 [ 17.070761] __kasan_kmalloc+0xd4/0xd8 [ 17.071053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.071218] ksize_unpoisons_memory+0xc0/0x740 [ 17.071309] kunit_try_run_case+0x170/0x3f0 [ 17.071361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.071709] kthread+0x328/0x630 [ 17.071773] ret_from_fork+0x10/0x20 [ 17.071889] [ 17.071921] The buggy address belongs to the object at fff00000c63cde00 [ 17.071921] which belongs to the cache kmalloc-128 of size 128 [ 17.071981] The buggy address is located 5 bytes to the right of [ 17.071981] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.072083] [ 17.072102] The buggy address belongs to the physical page: [ 17.072138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.072194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.072243] page_type: f5(slab) [ 17.072291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.072353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.072393] page dumped because: kasan: bad access detected [ 17.072423] [ 17.072441] Memory state around the buggy address: [ 17.072480] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.072526] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072568] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.072607] ^ [ 17.072647] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072699] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072737] ================================================================== [ 17.076021] ================================================================== [ 17.076075] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.076128] Read of size 1 at addr fff00000c63cde7f by task kunit_try_catch/195 [ 17.076178] [ 17.076210] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.076291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.076318] Hardware name: linux,dummy-virt (DT) [ 17.076483] Call trace: [ 17.076754] show_stack+0x20/0x38 (C) [ 17.076840] dump_stack_lvl+0x8c/0xd0 [ 17.076893] print_report+0x118/0x608 [ 17.077201] kasan_report+0xdc/0x128 [ 17.077338] __asan_report_load1_noabort+0x20/0x30 [ 17.077393] ksize_unpoisons_memory+0x690/0x740 [ 17.077439] kunit_try_run_case+0x170/0x3f0 [ 17.077818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.077892] kthread+0x328/0x630 [ 17.078163] ret_from_fork+0x10/0x20 [ 17.078241] [ 17.078637] Allocated by task 195: [ 17.078725] kasan_save_stack+0x3c/0x68 [ 17.078787] kasan_save_track+0x20/0x40 [ 17.078825] kasan_save_alloc_info+0x40/0x58 [ 17.079257] __kasan_kmalloc+0xd4/0xd8 [ 17.079349] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.079725] ksize_unpoisons_memory+0xc0/0x740 [ 17.079841] kunit_try_run_case+0x170/0x3f0 [ 17.079894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.080224] kthread+0x328/0x630 [ 17.080362] ret_from_fork+0x10/0x20 [ 17.080696] [ 17.080738] The buggy address belongs to the object at fff00000c63cde00 [ 17.080738] which belongs to the cache kmalloc-128 of size 128 [ 17.080890] The buggy address is located 12 bytes to the right of [ 17.080890] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.081298] [ 17.081346] The buggy address belongs to the physical page: [ 17.081464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.081558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.081607] page_type: f5(slab) [ 17.081960] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.082057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.082156] page dumped because: kasan: bad access detected [ 17.082337] [ 17.082486] Memory state around the buggy address: [ 17.082562] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.082686] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082732] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.082773] ^ [ 17.082823] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082921] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082970] ==================================================================
[ 13.817760] ================================================================== [ 13.818184] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.818600] Read of size 1 at addr ffff888102aa0778 by task kunit_try_catch/212 [ 13.819145] [ 13.819322] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.819402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.819423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.819456] Call Trace: [ 13.819481] <TASK> [ 13.819506] dump_stack_lvl+0x73/0xb0 [ 13.819748] print_report+0xd1/0x650 [ 13.819790] ? __virt_addr_valid+0x1db/0x2d0 [ 13.819827] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.819868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.819926] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.819976] kasan_report+0x141/0x180 [ 13.820015] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.820062] __asan_report_load1_noabort+0x18/0x20 [ 13.820103] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.820138] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.820176] ? finish_task_switch.isra.0+0x153/0x700 [ 13.820216] ? __switch_to+0x47/0xf50 [ 13.820264] ? __schedule+0x10cc/0x2b60 [ 13.820305] ? __pfx_read_tsc+0x10/0x10 [ 13.820342] ? ktime_get_ts64+0x86/0x230 [ 13.820379] kunit_try_run_case+0x1a5/0x480 [ 13.820419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.820455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.820514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.820552] ? __kthread_parkme+0x82/0x180 [ 13.820586] ? preempt_count_sub+0x50/0x80 [ 13.821180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.821241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.821265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.821286] kthread+0x337/0x6f0 [ 13.821306] ? trace_preempt_on+0x20/0xc0 [ 13.821328] ? __pfx_kthread+0x10/0x10 [ 13.821347] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.821366] ? calculate_sigpending+0x7b/0xa0 [ 13.821387] ? __pfx_kthread+0x10/0x10 [ 13.821407] ret_from_fork+0x116/0x1d0 [ 13.821423] ? __pfx_kthread+0x10/0x10 [ 13.821441] ret_from_fork_asm+0x1a/0x30 [ 13.821468] </TASK> [ 13.821480] [ 13.831870] Allocated by task 212: [ 13.832160] kasan_save_stack+0x45/0x70 [ 13.832502] kasan_save_track+0x18/0x40 [ 13.833493] kasan_save_alloc_info+0x3b/0x50 [ 13.833759] __kasan_kmalloc+0xb7/0xc0 [ 13.833935] __kmalloc_cache_noprof+0x189/0x420 [ 13.834140] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.834337] kunit_try_run_case+0x1a5/0x480 [ 13.834520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.834715] kthread+0x337/0x6f0 [ 13.835777] ret_from_fork+0x116/0x1d0 [ 13.836129] ret_from_fork_asm+0x1a/0x30 [ 13.836457] [ 13.836773] The buggy address belongs to the object at ffff888102aa0700 [ 13.836773] which belongs to the cache kmalloc-128 of size 128 [ 13.837489] The buggy address is located 5 bytes to the right of [ 13.837489] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.838444] [ 13.839099] The buggy address belongs to the physical page: [ 13.839494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.840142] flags: 0x200000000000000(node=0|zone=2) [ 13.840436] page_type: f5(slab) [ 13.840892] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.841289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.841845] page dumped because: kasan: bad access detected [ 13.842232] [ 13.842322] Memory state around the buggy address: [ 13.842475] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.843403] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843999] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.844237] ^ [ 13.844447] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.844801] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845004] ================================================================== [ 13.789180] ================================================================== [ 13.789588] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.790436] Read of size 1 at addr ffff888102aa0773 by task kunit_try_catch/212 [ 13.790922] [ 13.791151] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.791239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.791261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.791297] Call Trace: [ 13.791320] <TASK> [ 13.791348] dump_stack_lvl+0x73/0xb0 [ 13.791405] print_report+0xd1/0x650 [ 13.791441] ? __virt_addr_valid+0x1db/0x2d0 [ 13.791481] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.791589] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791640] kasan_report+0x141/0x180 [ 13.791680] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791728] __asan_report_load1_noabort+0x18/0x20 [ 13.791764] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791805] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.791838] ? finish_task_switch.isra.0+0x153/0x700 [ 13.791880] ? __switch_to+0x47/0xf50 [ 13.791933] ? __schedule+0x10cc/0x2b60 [ 13.791971] ? __pfx_read_tsc+0x10/0x10 [ 13.792003] ? ktime_get_ts64+0x86/0x230 [ 13.792029] kunit_try_run_case+0x1a5/0x480 [ 13.792052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.792072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.792094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.792137] ? __kthread_parkme+0x82/0x180 [ 13.792164] ? preempt_count_sub+0x50/0x80 [ 13.792194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.792225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.792258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.792289] kthread+0x337/0x6f0 [ 13.792311] ? trace_preempt_on+0x20/0xc0 [ 13.792333] ? __pfx_kthread+0x10/0x10 [ 13.792353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.792371] ? calculate_sigpending+0x7b/0xa0 [ 13.792394] ? __pfx_kthread+0x10/0x10 [ 13.792414] ret_from_fork+0x116/0x1d0 [ 13.792430] ? __pfx_kthread+0x10/0x10 [ 13.792448] ret_from_fork_asm+0x1a/0x30 [ 13.792477] </TASK> [ 13.792489] [ 13.803936] Allocated by task 212: [ 13.804227] kasan_save_stack+0x45/0x70 [ 13.804438] kasan_save_track+0x18/0x40 [ 13.804974] kasan_save_alloc_info+0x3b/0x50 [ 13.805354] __kasan_kmalloc+0xb7/0xc0 [ 13.805784] __kmalloc_cache_noprof+0x189/0x420 [ 13.806132] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.806437] kunit_try_run_case+0x1a5/0x480 [ 13.806709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807052] kthread+0x337/0x6f0 [ 13.807319] ret_from_fork+0x116/0x1d0 [ 13.807510] ret_from_fork_asm+0x1a/0x30 [ 13.807990] [ 13.808185] The buggy address belongs to the object at ffff888102aa0700 [ 13.808185] which belongs to the cache kmalloc-128 of size 128 [ 13.808955] The buggy address is located 0 bytes to the right of [ 13.808955] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.809861] [ 13.810042] The buggy address belongs to the physical page: [ 13.810344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.810937] flags: 0x200000000000000(node=0|zone=2) [ 13.811337] page_type: f5(slab) [ 13.811758] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.812220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.812885] page dumped because: kasan: bad access detected [ 13.813281] [ 13.813409] Memory state around the buggy address: [ 13.813899] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.814279] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814859] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.815320] ^ [ 13.815825] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816204] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816582] ================================================================== [ 13.845816] ================================================================== [ 13.846124] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.846377] Read of size 1 at addr ffff888102aa077f by task kunit_try_catch/212 [ 13.846597] [ 13.847099] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.847203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.847224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.847294] Call Trace: [ 13.847320] <TASK> [ 13.847372] dump_stack_lvl+0x73/0xb0 [ 13.847423] print_report+0xd1/0x650 [ 13.847462] ? __virt_addr_valid+0x1db/0x2d0 [ 13.847935] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.848086] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848151] kasan_report+0x141/0x180 [ 13.848186] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848224] __asan_report_load1_noabort+0x18/0x20 [ 13.848256] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848291] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.848321] ? finish_task_switch.isra.0+0x153/0x700 [ 13.848354] ? __switch_to+0x47/0xf50 [ 13.848388] ? __schedule+0x10cc/0x2b60 [ 13.848418] ? __pfx_read_tsc+0x10/0x10 [ 13.848444] ? ktime_get_ts64+0x86/0x230 [ 13.848479] kunit_try_run_case+0x1a5/0x480 [ 13.848513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.848544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.848576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.848608] ? __kthread_parkme+0x82/0x180 [ 13.849422] ? preempt_count_sub+0x50/0x80 [ 13.849477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.849521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.849559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.849592] kthread+0x337/0x6f0 [ 13.850327] ? trace_preempt_on+0x20/0xc0 [ 13.850393] ? __pfx_kthread+0x10/0x10 [ 13.850427] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.850461] ? calculate_sigpending+0x7b/0xa0 [ 13.850497] ? __pfx_kthread+0x10/0x10 [ 13.850530] ret_from_fork+0x116/0x1d0 [ 13.850558] ? __pfx_kthread+0x10/0x10 [ 13.850587] ret_from_fork_asm+0x1a/0x30 [ 13.850652] </TASK> [ 13.850671] [ 13.862190] Allocated by task 212: [ 13.862394] kasan_save_stack+0x45/0x70 [ 13.862607] kasan_save_track+0x18/0x40 [ 13.862850] kasan_save_alloc_info+0x3b/0x50 [ 13.863146] __kasan_kmalloc+0xb7/0xc0 [ 13.863311] __kmalloc_cache_noprof+0x189/0x420 [ 13.863497] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.863845] kunit_try_run_case+0x1a5/0x480 [ 13.864146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.864514] kthread+0x337/0x6f0 [ 13.864774] ret_from_fork+0x116/0x1d0 [ 13.865041] ret_from_fork_asm+0x1a/0x30 [ 13.865334] [ 13.865468] The buggy address belongs to the object at ffff888102aa0700 [ 13.865468] which belongs to the cache kmalloc-128 of size 128 [ 13.866018] The buggy address is located 12 bytes to the right of [ 13.866018] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.866611] [ 13.866740] The buggy address belongs to the physical page: [ 13.866993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.867421] flags: 0x200000000000000(node=0|zone=2) [ 13.867665] page_type: f5(slab) [ 13.867902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.868215] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.868454] page dumped because: kasan: bad access detected [ 13.868653] [ 13.868803] Memory state around the buggy address: [ 13.869152] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.869636] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.870121] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.870554] ^ [ 13.870797] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.871216] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.871665] ==================================================================
[ 13.979024] ================================================================== [ 13.979296] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.979537] Read of size 1 at addr ffff888102c3fd78 by task kunit_try_catch/211 [ 13.979972] [ 13.980082] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.980125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.980137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.980157] Call Trace: [ 13.980169] <TASK> [ 13.980183] dump_stack_lvl+0x73/0xb0 [ 13.980211] print_report+0xd1/0x650 [ 13.980233] ? __virt_addr_valid+0x1db/0x2d0 [ 13.980255] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.980342] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980365] kasan_report+0x141/0x180 [ 13.980386] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980414] __asan_report_load1_noabort+0x18/0x20 [ 13.980437] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980461] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.980485] ? __kasan_check_write+0x18/0x20 [ 13.980503] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.980526] ? irqentry_exit+0x2a/0x60 [ 13.980546] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.980570] ? trace_hardirqs_on+0x37/0xe0 [ 13.980592] ? __pfx_read_tsc+0x10/0x10 [ 13.980612] ? ktime_get_ts64+0x86/0x230 [ 13.980635] kunit_try_run_case+0x1a5/0x480 [ 13.980659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.980682] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.981016] ? __kthread_parkme+0x82/0x180 [ 13.981040] ? preempt_count_sub+0x50/0x80 [ 13.981078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.981101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.981124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.981146] kthread+0x337/0x6f0 [ 13.981166] ? trace_preempt_on+0x20/0xc0 [ 13.981188] ? __pfx_kthread+0x10/0x10 [ 13.981209] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.981229] ? calculate_sigpending+0x7b/0xa0 [ 13.981253] ? __pfx_kthread+0x10/0x10 [ 13.981275] ret_from_fork+0x116/0x1d0 [ 13.981293] ? __pfx_kthread+0x10/0x10 [ 13.981313] ret_from_fork_asm+0x1a/0x30 [ 13.981344] </TASK> [ 13.981355] [ 13.989282] Allocated by task 211: [ 13.989495] kasan_save_stack+0x45/0x70 [ 13.989997] kasan_save_track+0x18/0x40 [ 13.990234] kasan_save_alloc_info+0x3b/0x50 [ 13.990469] __kasan_kmalloc+0xb7/0xc0 [ 13.990669] __kmalloc_cache_noprof+0x189/0x420 [ 13.990992] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.991239] kunit_try_run_case+0x1a5/0x480 [ 13.991417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991674] kthread+0x337/0x6f0 [ 13.991926] ret_from_fork+0x116/0x1d0 [ 13.992140] ret_from_fork_asm+0x1a/0x30 [ 13.992335] [ 13.992445] The buggy address belongs to the object at ffff888102c3fd00 [ 13.992445] which belongs to the cache kmalloc-128 of size 128 [ 13.992935] The buggy address is located 5 bytes to the right of [ 13.992935] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 13.993355] [ 13.993434] The buggy address belongs to the physical page: [ 13.993670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.994133] flags: 0x200000000000000(node=0|zone=2) [ 13.994387] page_type: f5(slab) [ 13.994566] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.995196] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.995562] page dumped because: kasan: bad access detected [ 13.995924] [ 13.996027] Memory state around the buggy address: [ 13.996282] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.996626] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.996941] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.997255] ^ [ 13.997602] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.998029] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.998396] ================================================================== [ 13.998915] ================================================================== [ 13.999289] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.999651] Read of size 1 at addr ffff888102c3fd7f by task kunit_try_catch/211 [ 14.000188] [ 14.000288] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.000333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.000345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.000365] Call Trace: [ 14.000383] <TASK> [ 14.000398] dump_stack_lvl+0x73/0xb0 [ 14.000427] print_report+0xd1/0x650 [ 14.000449] ? __virt_addr_valid+0x1db/0x2d0 [ 14.000471] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.000519] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000542] kasan_report+0x141/0x180 [ 14.000564] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000593] __asan_report_load1_noabort+0x18/0x20 [ 14.000616] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000640] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.000664] ? __kasan_check_write+0x18/0x20 [ 14.000683] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.000790] ? irqentry_exit+0x2a/0x60 [ 14.000814] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.000837] ? trace_hardirqs_on+0x37/0xe0 [ 14.000860] ? __pfx_read_tsc+0x10/0x10 [ 14.000881] ? ktime_get_ts64+0x86/0x230 [ 14.000905] kunit_try_run_case+0x1a5/0x480 [ 14.000928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.000952] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.000974] ? __kthread_parkme+0x82/0x180 [ 14.000995] ? preempt_count_sub+0x50/0x80 [ 14.001019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.001042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.001076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.001099] kthread+0x337/0x6f0 [ 14.001118] ? trace_preempt_on+0x20/0xc0 [ 14.001140] ? __pfx_kthread+0x10/0x10 [ 14.001161] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.001181] ? calculate_sigpending+0x7b/0xa0 [ 14.001206] ? __pfx_kthread+0x10/0x10 [ 14.001228] ret_from_fork+0x116/0x1d0 [ 14.001246] ? __pfx_kthread+0x10/0x10 [ 14.001266] ret_from_fork_asm+0x1a/0x30 [ 14.001298] </TASK> [ 14.001310] [ 14.009980] Allocated by task 211: [ 14.010147] kasan_save_stack+0x45/0x70 [ 14.010298] kasan_save_track+0x18/0x40 [ 14.010436] kasan_save_alloc_info+0x3b/0x50 [ 14.010661] __kasan_kmalloc+0xb7/0xc0 [ 14.010947] __kmalloc_cache_noprof+0x189/0x420 [ 14.011206] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.011425] kunit_try_run_case+0x1a5/0x480 [ 14.011574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.011870] kthread+0x337/0x6f0 [ 14.012067] ret_from_fork+0x116/0x1d0 [ 14.012263] ret_from_fork_asm+0x1a/0x30 [ 14.012469] [ 14.012570] The buggy address belongs to the object at ffff888102c3fd00 [ 14.012570] which belongs to the cache kmalloc-128 of size 128 [ 14.013144] The buggy address is located 12 bytes to the right of [ 14.013144] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 14.013672] [ 14.013846] The buggy address belongs to the physical page: [ 14.014028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 14.014287] flags: 0x200000000000000(node=0|zone=2) [ 14.014456] page_type: f5(slab) [ 14.014628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.015197] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.015546] page dumped because: kasan: bad access detected [ 14.015832] [ 14.015906] Memory state around the buggy address: [ 14.016075] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.016401] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.016811] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.017103] ^ [ 14.017388] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.017762] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.018059] ================================================================== [ 13.959007] ================================================================== [ 13.959535] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.959992] Read of size 1 at addr ffff888102c3fd73 by task kunit_try_catch/211 [ 13.960328] [ 13.960454] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.960499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.960511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.960531] Call Trace: [ 13.960543] <TASK> [ 13.960558] dump_stack_lvl+0x73/0xb0 [ 13.960586] print_report+0xd1/0x650 [ 13.960609] ? __virt_addr_valid+0x1db/0x2d0 [ 13.960630] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.960677] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960776] kasan_report+0x141/0x180 [ 13.960801] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960829] __asan_report_load1_noabort+0x18/0x20 [ 13.960852] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960875] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.960898] ? __kasan_check_write+0x18/0x20 [ 13.960916] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.960939] ? irqentry_exit+0x2a/0x60 [ 13.960960] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.960982] ? trace_hardirqs_on+0x37/0xe0 [ 13.961005] ? __pfx_read_tsc+0x10/0x10 [ 13.961025] ? ktime_get_ts64+0x86/0x230 [ 13.961063] kunit_try_run_case+0x1a5/0x480 [ 13.961087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961110] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.961132] ? __kthread_parkme+0x82/0x180 [ 13.961150] ? preempt_count_sub+0x50/0x80 [ 13.961174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.961240] kthread+0x337/0x6f0 [ 13.961259] ? trace_preempt_on+0x20/0xc0 [ 13.961281] ? __pfx_kthread+0x10/0x10 [ 13.961300] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.961320] ? calculate_sigpending+0x7b/0xa0 [ 13.961343] ? __pfx_kthread+0x10/0x10 [ 13.961364] ret_from_fork+0x116/0x1d0 [ 13.961382] ? __pfx_kthread+0x10/0x10 [ 13.961401] ret_from_fork_asm+0x1a/0x30 [ 13.961432] </TASK> [ 13.961443] [ 13.969921] Allocated by task 211: [ 13.970069] kasan_save_stack+0x45/0x70 [ 13.970233] kasan_save_track+0x18/0x40 [ 13.970433] kasan_save_alloc_info+0x3b/0x50 [ 13.970648] __kasan_kmalloc+0xb7/0xc0 [ 13.970914] __kmalloc_cache_noprof+0x189/0x420 [ 13.971161] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.971350] kunit_try_run_case+0x1a5/0x480 [ 13.971505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.971834] kthread+0x337/0x6f0 [ 13.972024] ret_from_fork+0x116/0x1d0 [ 13.972230] ret_from_fork_asm+0x1a/0x30 [ 13.972422] [ 13.972506] The buggy address belongs to the object at ffff888102c3fd00 [ 13.972506] which belongs to the cache kmalloc-128 of size 128 [ 13.973074] The buggy address is located 0 bytes to the right of [ 13.973074] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 13.973604] [ 13.973906] The buggy address belongs to the physical page: [ 13.974134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.974385] flags: 0x200000000000000(node=0|zone=2) [ 13.974555] page_type: f5(slab) [ 13.974822] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.975186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.975507] page dumped because: kasan: bad access detected [ 13.975684] [ 13.975828] Memory state around the buggy address: [ 13.976058] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.976499] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.976900] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.977231] ^ [ 13.977550] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.977925] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.978244] ==================================================================
[ 29.764179] ================================================================== [ 29.771411] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 29.778812] Read of size 1 at addr ffff88810133d578 by task kunit_try_catch/235 [ 29.786118] [ 29.787617] CPU: 2 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 29.787625] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 29.787628] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 29.787631] Call Trace: [ 29.787632] <TASK> [ 29.787634] dump_stack_lvl+0x73/0xb0 [ 29.787638] print_report+0xd1/0x650 [ 29.787642] ? __virt_addr_valid+0x1db/0x2d0 [ 29.787646] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 29.787650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.787655] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 29.787660] kasan_report+0x141/0x180 [ 29.787664] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 29.787669] __asan_report_load1_noabort+0x18/0x20 [ 29.787673] ksize_unpoisons_memory+0x7e9/0x9b0 [ 29.787678] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 29.787682] ? finish_task_switch.isra.0+0x153/0x700 [ 29.787686] ? __switch_to+0x544/0xf50 [ 29.787691] ? __schedule+0x10cc/0x2b60 [ 29.787694] ? ktime_get_ts64+0x83/0x230 [ 29.787699] kunit_try_run_case+0x1a2/0x480 [ 29.787703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.787707] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.787711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.787715] ? __kthread_parkme+0x82/0x180 [ 29.787719] ? preempt_count_sub+0x50/0x80 [ 29.787723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.787727] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 29.787731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.787735] kthread+0x334/0x6f0 [ 29.787739] ? trace_preempt_on+0x20/0xc0 [ 29.787743] ? __pfx_kthread+0x10/0x10 [ 29.787746] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.787750] ? calculate_sigpending+0x7b/0xa0 [ 29.787754] ? __pfx_kthread+0x10/0x10 [ 29.787758] ret_from_fork+0x113/0x1d0 [ 29.787761] ? __pfx_kthread+0x10/0x10 [ 29.787765] ret_from_fork_asm+0x1a/0x30 [ 29.787771] </TASK> [ 29.787772] [ 29.963399] Allocated by task 235: [ 29.966808] kasan_save_stack+0x45/0x70 [ 29.970646] kasan_save_track+0x18/0x40 [ 29.974486] kasan_save_alloc_info+0x3b/0x50 [ 29.978760] __kasan_kmalloc+0xb7/0xc0 [ 29.982511] __kmalloc_cache_noprof+0x189/0x420 [ 29.987046] ksize_unpoisons_memory+0xc7/0x9b0 [ 29.991498] kunit_try_run_case+0x1a2/0x480 [ 29.995687] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 30.001093] kthread+0x334/0x6f0 [ 30.004326] ret_from_fork+0x113/0x1d0 [ 30.008105] ret_from_fork_asm+0x1a/0x30 [ 30.012030] [ 30.013530] The buggy address belongs to the object at ffff88810133d500 [ 30.013530] which belongs to the cache kmalloc-128 of size 128 [ 30.026046] The buggy address is located 5 bytes to the right of [ 30.026046] allocated 115-byte region [ffff88810133d500, ffff88810133d573) [ 30.038992] [ 30.040490] The buggy address belongs to the physical page: [ 30.046066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10133d [ 30.054072] flags: 0x200000000000000(node=0|zone=2) [ 30.058952] page_type: f5(slab) [ 30.062099] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 30.069848] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.077593] page dumped because: kasan: bad access detected [ 30.083167] [ 30.084665] Memory state around the buggy address: [ 30.089459] ffff88810133d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.096676] ffff88810133d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.103896] >ffff88810133d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.111117] ^ [ 30.118248] ffff88810133d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.125467] ffff88810133d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.132689] ================================================================== [ 29.384125] ================================================================== [ 29.395582] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 29.402984] Read of size 1 at addr ffff88810133d573 by task kunit_try_catch/235 [ 29.410297] [ 29.411800] CPU: 2 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 29.411809] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 29.411812] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 29.411815] Call Trace: [ 29.411817] <TASK> [ 29.411819] dump_stack_lvl+0x73/0xb0 [ 29.411823] print_report+0xd1/0x650 [ 29.411827] ? __virt_addr_valid+0x1db/0x2d0 [ 29.411831] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 29.411836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.411841] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 29.411845] kasan_report+0x141/0x180 [ 29.411849] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 29.411854] __asan_report_load1_noabort+0x18/0x20 [ 29.411859] ksize_unpoisons_memory+0x81c/0x9b0 [ 29.411863] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 29.411867] ? finish_task_switch.isra.0+0x153/0x700 [ 29.411871] ? __switch_to+0x544/0xf50 [ 29.411876] ? __schedule+0x10cc/0x2b60 [ 29.411880] ? ktime_get_ts64+0x83/0x230 [ 29.411884] kunit_try_run_case+0x1a2/0x480 [ 29.411888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.411893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.411897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.411901] ? __kthread_parkme+0x82/0x180 [ 29.411904] ? preempt_count_sub+0x50/0x80 [ 29.411908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.411913] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 29.411917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.411921] kthread+0x334/0x6f0 [ 29.411925] ? trace_preempt_on+0x20/0xc0 [ 29.411929] ? __pfx_kthread+0x10/0x10 [ 29.411932] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.411936] ? calculate_sigpending+0x7b/0xa0 [ 29.411941] ? __pfx_kthread+0x10/0x10 [ 29.411944] ret_from_fork+0x113/0x1d0 [ 29.411948] ? __pfx_kthread+0x10/0x10 [ 29.411951] ret_from_fork_asm+0x1a/0x30 [ 29.411957] </TASK> [ 29.411959] [ 29.587721] Allocated by task 235: [ 29.591127] kasan_save_stack+0x45/0x70 [ 29.594965] kasan_save_track+0x18/0x40 [ 29.598805] kasan_save_alloc_info+0x3b/0x50 [ 29.603078] __kasan_kmalloc+0xb7/0xc0 [ 29.606832] __kmalloc_cache_noprof+0x189/0x420 [ 29.611372] ksize_unpoisons_memory+0xc7/0x9b0 [ 29.615843] kunit_try_run_case+0x1a2/0x480 [ 29.620030] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 29.625429] kthread+0x334/0x6f0 [ 29.628661] ret_from_fork+0x113/0x1d0 [ 29.632413] ret_from_fork_asm+0x1a/0x30 [ 29.636363] [ 29.637882] The buggy address belongs to the object at ffff88810133d500 [ 29.637882] which belongs to the cache kmalloc-128 of size 128 [ 29.650404] The buggy address is located 0 bytes to the right of [ 29.650404] allocated 115-byte region [ffff88810133d500, ffff88810133d573) [ 29.663366] [ 29.664880] The buggy address belongs to the physical page: [ 29.670454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10133d [ 29.678462] flags: 0x200000000000000(node=0|zone=2) [ 29.683362] page_type: f5(slab) [ 29.686531] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 29.694279] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.702017] page dumped because: kasan: bad access detected [ 29.707590] [ 29.709089] Memory state around the buggy address: [ 29.713882] ffff88810133d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.721102] ffff88810133d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.728328] >ffff88810133d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.735574] ^ [ 29.742447] ffff88810133d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.749665] ffff88810133d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.756885] ================================================================== [ 30.139944] ================================================================== [ 30.147195] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 30.154588] Read of size 1 at addr ffff88810133d57f by task kunit_try_catch/235 [ 30.161901] [ 30.163405] CPU: 2 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G S B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 30.163413] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [N]=TEST [ 30.163416] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS 2.7 12/07/2021 [ 30.163419] Call Trace: [ 30.163420] <TASK> [ 30.163422] dump_stack_lvl+0x73/0xb0 [ 30.163426] print_report+0xd1/0x650 [ 30.163430] ? __virt_addr_valid+0x1db/0x2d0 [ 30.163434] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 30.163438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.163443] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 30.163448] kasan_report+0x141/0x180 [ 30.163451] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 30.163457] __asan_report_load1_noabort+0x18/0x20 [ 30.163461] ksize_unpoisons_memory+0x7b6/0x9b0 [ 30.163466] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 30.163470] ? finish_task_switch.isra.0+0x153/0x700 [ 30.163474] ? __switch_to+0x544/0xf50 [ 30.163478] ? __schedule+0x10cc/0x2b60 [ 30.163482] ? ktime_get_ts64+0x83/0x230 [ 30.163486] kunit_try_run_case+0x1a2/0x480 [ 30.163491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.163495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.163499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.163503] ? __kthread_parkme+0x82/0x180 [ 30.163507] ? preempt_count_sub+0x50/0x80 [ 30.163511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.163515] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 30.163519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.163523] kthread+0x334/0x6f0 [ 30.163527] ? trace_preempt_on+0x20/0xc0 [ 30.163531] ? __pfx_kthread+0x10/0x10 [ 30.163534] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.163538] ? calculate_sigpending+0x7b/0xa0 [ 30.163542] ? __pfx_kthread+0x10/0x10 [ 30.163546] ret_from_fork+0x113/0x1d0 [ 30.163549] ? __pfx_kthread+0x10/0x10 [ 30.163553] ret_from_fork_asm+0x1a/0x30 [ 30.163559] </TASK> [ 30.163560] [ 30.339229] Allocated by task 235: [ 30.342638] kasan_save_stack+0x45/0x70 [ 30.346477] kasan_save_track+0x18/0x40 [ 30.350316] kasan_save_alloc_info+0x3b/0x50 [ 30.354587] __kasan_kmalloc+0xb7/0xc0 [ 30.358363] __kmalloc_cache_noprof+0x189/0x420 [ 30.362900] ksize_unpoisons_memory+0xc7/0x9b0 [ 30.367362] kunit_try_run_case+0x1a2/0x480 [ 30.371574] kunit_generic_run_threadfn_adapter+0x82/0xf0 [ 30.376975] kthread+0x334/0x6f0 [ 30.380216] ret_from_fork+0x113/0x1d0 [ 30.383968] ret_from_fork_asm+0x1a/0x30 [ 30.387895] [ 30.389401] The buggy address belongs to the object at ffff88810133d500 [ 30.389401] which belongs to the cache kmalloc-128 of size 128 [ 30.401917] The buggy address is located 12 bytes to the right of [ 30.401917] allocated 115-byte region [ffff88810133d500, ffff88810133d573) [ 30.414960] [ 30.416457] The buggy address belongs to the physical page: [ 30.422032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10133d [ 30.430040] flags: 0x200000000000000(node=0|zone=2) [ 30.434919] page_type: f5(slab) [ 30.438065] raw: 0200000000000000 ffff888100042a00 dead000000000122 0000000000000000 [ 30.445805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.453544] page dumped because: kasan: bad access detected [ 30.459117] [ 30.460616] Memory state around the buggy address: [ 30.465409] ffff88810133d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.472628] ffff88810133d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.479847] >ffff88810133d500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.487067] ^ [ 30.494198] ffff88810133d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.501418] ffff88810133d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.508636] ==================================================================