Date
July 6, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.543439] ================================================================== [ 13.544869] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.545415] Write of size 128 at addr ffff888102c3fa00 by task kunit_try_catch/187 [ 13.545674] [ 13.545783] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.545829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.545841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.545862] Call Trace: [ 13.545875] <TASK> [ 13.545891] dump_stack_lvl+0x73/0xb0 [ 13.545921] print_report+0xd1/0x650 [ 13.545944] ? __virt_addr_valid+0x1db/0x2d0 [ 13.545968] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.545990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.546015] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.546037] kasan_report+0x141/0x180 [ 13.546081] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.546109] kasan_check_range+0x10c/0x1c0 [ 13.546132] __asan_memset+0x27/0x50 [ 13.546152] kmalloc_oob_in_memset+0x15f/0x320 [ 13.546173] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.546196] ? __schedule+0x10cc/0x2b60 [ 13.546218] ? __pfx_read_tsc+0x10/0x10 [ 13.546239] ? ktime_get_ts64+0x86/0x230 [ 13.546264] kunit_try_run_case+0x1a5/0x480 [ 13.546290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.546312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.546335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.546357] ? __kthread_parkme+0x82/0x180 [ 13.546377] ? preempt_count_sub+0x50/0x80 [ 13.546401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.546424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.546737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.546777] kthread+0x337/0x6f0 [ 13.546798] ? trace_preempt_on+0x20/0xc0 [ 13.546823] ? __pfx_kthread+0x10/0x10 [ 13.546843] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.546864] ? calculate_sigpending+0x7b/0xa0 [ 13.546888] ? __pfx_kthread+0x10/0x10 [ 13.546909] ret_from_fork+0x116/0x1d0 [ 13.546927] ? __pfx_kthread+0x10/0x10 [ 13.546948] ret_from_fork_asm+0x1a/0x30 [ 13.546980] </TASK> [ 13.546991] [ 13.563297] Allocated by task 187: [ 13.563438] kasan_save_stack+0x45/0x70 [ 13.563588] kasan_save_track+0x18/0x40 [ 13.563737] kasan_save_alloc_info+0x3b/0x50 [ 13.564491] __kasan_kmalloc+0xb7/0xc0 [ 13.564901] __kmalloc_cache_noprof+0x189/0x420 [ 13.565558] kmalloc_oob_in_memset+0xac/0x320 [ 13.566154] kunit_try_run_case+0x1a5/0x480 [ 13.566652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567386] kthread+0x337/0x6f0 [ 13.567865] ret_from_fork+0x116/0x1d0 [ 13.568382] ret_from_fork_asm+0x1a/0x30 [ 13.568787] [ 13.569118] The buggy address belongs to the object at ffff888102c3fa00 [ 13.569118] which belongs to the cache kmalloc-128 of size 128 [ 13.569629] The buggy address is located 0 bytes inside of [ 13.569629] allocated 120-byte region [ffff888102c3fa00, ffff888102c3fa78) [ 13.570998] [ 13.571184] The buggy address belongs to the physical page: [ 13.571834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.572873] flags: 0x200000000000000(node=0|zone=2) [ 13.573306] page_type: f5(slab) [ 13.573438] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.573682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.574668] page dumped because: kasan: bad access detected [ 13.575321] [ 13.575615] Memory state around the buggy address: [ 13.576240] ffff888102c3f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.577023] ffff888102c3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.577796] >ffff888102c3fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.578259] ^ [ 13.579012] ffff888102c3fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579512] ffff888102c3fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.514694] ================================================================== [ 13.515568] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.516816] Read of size 16 at addr ffff8881028730e0 by task kunit_try_catch/185 [ 13.517176] [ 13.517292] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.517338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.517353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.517376] Call Trace: [ 13.517390] <TASK> [ 13.517406] dump_stack_lvl+0x73/0xb0 [ 13.517437] print_report+0xd1/0x650 [ 13.517460] ? __virt_addr_valid+0x1db/0x2d0 [ 13.517484] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.517504] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.517535] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.517556] kasan_report+0x141/0x180 [ 13.517578] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.517605] __asan_report_load16_noabort+0x18/0x20 [ 13.517629] kmalloc_uaf_16+0x47b/0x4c0 [ 13.517650] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.517672] ? __schedule+0x10cc/0x2b60 [ 13.517694] ? __pfx_read_tsc+0x10/0x10 [ 13.517760] ? ktime_get_ts64+0x86/0x230 [ 13.517788] kunit_try_run_case+0x1a5/0x480 [ 13.517814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.517836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.517859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.517882] ? __kthread_parkme+0x82/0x180 [ 13.517903] ? preempt_count_sub+0x50/0x80 [ 13.517927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.517951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.517973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.517997] kthread+0x337/0x6f0 [ 13.518018] ? trace_preempt_on+0x20/0xc0 [ 13.518043] ? __pfx_kthread+0x10/0x10 [ 13.518077] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.518132] ? calculate_sigpending+0x7b/0xa0 [ 13.518158] ? __pfx_kthread+0x10/0x10 [ 13.518180] ret_from_fork+0x116/0x1d0 [ 13.518199] ? __pfx_kthread+0x10/0x10 [ 13.518219] ret_from_fork_asm+0x1a/0x30 [ 13.518252] </TASK> [ 13.518263] [ 13.526197] Allocated by task 185: [ 13.526387] kasan_save_stack+0x45/0x70 [ 13.526598] kasan_save_track+0x18/0x40 [ 13.526930] kasan_save_alloc_info+0x3b/0x50 [ 13.527155] __kasan_kmalloc+0xb7/0xc0 [ 13.527295] __kmalloc_cache_noprof+0x189/0x420 [ 13.527457] kmalloc_uaf_16+0x15b/0x4c0 [ 13.527596] kunit_try_run_case+0x1a5/0x480 [ 13.527809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.528153] kthread+0x337/0x6f0 [ 13.528530] ret_from_fork+0x116/0x1d0 [ 13.528987] ret_from_fork_asm+0x1a/0x30 [ 13.529235] [ 13.529339] Freed by task 185: [ 13.529575] kasan_save_stack+0x45/0x70 [ 13.529971] kasan_save_track+0x18/0x40 [ 13.530187] kasan_save_free_info+0x3f/0x60 [ 13.530341] __kasan_slab_free+0x56/0x70 [ 13.530482] kfree+0x222/0x3f0 [ 13.530603] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.530759] kunit_try_run_case+0x1a5/0x480 [ 13.531082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.531498] kthread+0x337/0x6f0 [ 13.531840] ret_from_fork+0x116/0x1d0 [ 13.532212] ret_from_fork_asm+0x1a/0x30 [ 13.532465] [ 13.532604] The buggy address belongs to the object at ffff8881028730e0 [ 13.532604] which belongs to the cache kmalloc-16 of size 16 [ 13.533292] The buggy address is located 0 bytes inside of [ 13.533292] freed 16-byte region [ffff8881028730e0, ffff8881028730f0) [ 13.533909] [ 13.534019] The buggy address belongs to the physical page: [ 13.534335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 13.534701] flags: 0x200000000000000(node=0|zone=2) [ 13.534883] page_type: f5(slab) [ 13.535016] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.535281] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.535910] page dumped because: kasan: bad access detected [ 13.536412] [ 13.536569] Memory state around the buggy address: [ 13.536756] ffff888102872f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.537166] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 13.537516] >ffff888102873080: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 13.538038] ^ [ 13.538367] ffff888102873100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538649] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.539136] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 13.490779] ================================================================== [ 13.491383] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 13.491817] Write of size 16 at addr ffff888102873080 by task kunit_try_catch/183 [ 13.492180] [ 13.492306] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.492378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.492390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.492431] Call Trace: [ 13.492444] <TASK> [ 13.492461] dump_stack_lvl+0x73/0xb0 [ 13.492490] print_report+0xd1/0x650 [ 13.492513] ? __virt_addr_valid+0x1db/0x2d0 [ 13.492554] ? kmalloc_oob_16+0x452/0x4a0 [ 13.492575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.492601] ? kmalloc_oob_16+0x452/0x4a0 [ 13.492622] kasan_report+0x141/0x180 [ 13.492645] ? kmalloc_oob_16+0x452/0x4a0 [ 13.492671] __asan_report_store16_noabort+0x1b/0x30 [ 13.492696] kmalloc_oob_16+0x452/0x4a0 [ 13.492717] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 13.492742] ? __schedule+0x10cc/0x2b60 [ 13.492764] ? __pfx_read_tsc+0x10/0x10 [ 13.492877] ? ktime_get_ts64+0x86/0x230 [ 13.492903] kunit_try_run_case+0x1a5/0x480 [ 13.492928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.492950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.492991] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.493016] ? __kthread_parkme+0x82/0x180 [ 13.493062] ? preempt_count_sub+0x50/0x80 [ 13.493087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.493111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.493134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.493157] kthread+0x337/0x6f0 [ 13.493177] ? trace_preempt_on+0x20/0xc0 [ 13.493200] ? __pfx_kthread+0x10/0x10 [ 13.493221] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.493243] ? calculate_sigpending+0x7b/0xa0 [ 13.493267] ? __pfx_kthread+0x10/0x10 [ 13.493289] ret_from_fork+0x116/0x1d0 [ 13.493308] ? __pfx_kthread+0x10/0x10 [ 13.493329] ret_from_fork_asm+0x1a/0x30 [ 13.493361] </TASK> [ 13.493373] [ 13.502245] Allocated by task 183: [ 13.502515] kasan_save_stack+0x45/0x70 [ 13.502826] kasan_save_track+0x18/0x40 [ 13.503014] kasan_save_alloc_info+0x3b/0x50 [ 13.503254] __kasan_kmalloc+0xb7/0xc0 [ 13.503497] __kmalloc_cache_noprof+0x189/0x420 [ 13.503823] kmalloc_oob_16+0xa8/0x4a0 [ 13.504062] kunit_try_run_case+0x1a5/0x480 [ 13.504390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.504663] kthread+0x337/0x6f0 [ 13.504915] ret_from_fork+0x116/0x1d0 [ 13.505167] ret_from_fork_asm+0x1a/0x30 [ 13.505367] [ 13.505444] The buggy address belongs to the object at ffff888102873080 [ 13.505444] which belongs to the cache kmalloc-16 of size 16 [ 13.505906] The buggy address is located 0 bytes inside of [ 13.505906] allocated 13-byte region [ffff888102873080, ffff88810287308d) [ 13.506464] [ 13.506586] The buggy address belongs to the physical page: [ 13.506857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 13.507316] flags: 0x200000000000000(node=0|zone=2) [ 13.507590] page_type: f5(slab) [ 13.507864] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.508204] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.508436] page dumped because: kasan: bad access detected [ 13.508688] [ 13.508840] Memory state around the buggy address: [ 13.509177] ffff888102872f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.509479] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 13.509844] >ffff888102873080: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.510165] ^ [ 13.510294] ffff888102873100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.510937] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 13.458169] ================================================================== [ 13.458485] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 13.459032] Read of size 1 at addr ffff888100a30400 by task kunit_try_catch/181 [ 13.459771] [ 13.460070] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.460245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.460259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.460279] Call Trace: [ 13.460291] <TASK> [ 13.460308] dump_stack_lvl+0x73/0xb0 [ 13.460339] print_report+0xd1/0x650 [ 13.460361] ? __virt_addr_valid+0x1db/0x2d0 [ 13.460383] ? krealloc_uaf+0x53c/0x5e0 [ 13.460403] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.460428] ? krealloc_uaf+0x53c/0x5e0 [ 13.460449] kasan_report+0x141/0x180 [ 13.460471] ? krealloc_uaf+0x53c/0x5e0 [ 13.460498] __asan_report_load1_noabort+0x18/0x20 [ 13.460521] krealloc_uaf+0x53c/0x5e0 [ 13.460542] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.460562] ? finish_task_switch.isra.0+0x153/0x700 [ 13.460584] ? __switch_to+0x47/0xf50 [ 13.460610] ? __schedule+0x10cc/0x2b60 [ 13.460632] ? __pfx_read_tsc+0x10/0x10 [ 13.460652] ? ktime_get_ts64+0x86/0x230 [ 13.460677] kunit_try_run_case+0x1a5/0x480 [ 13.460701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.460797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.460819] ? __kthread_parkme+0x82/0x180 [ 13.460838] ? preempt_count_sub+0x50/0x80 [ 13.460861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.460906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.460928] kthread+0x337/0x6f0 [ 13.460947] ? trace_preempt_on+0x20/0xc0 [ 13.460971] ? __pfx_kthread+0x10/0x10 [ 13.460991] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.461012] ? calculate_sigpending+0x7b/0xa0 [ 13.461036] ? __pfx_kthread+0x10/0x10 [ 13.461069] ret_from_fork+0x116/0x1d0 [ 13.461086] ? __pfx_kthread+0x10/0x10 [ 13.461106] ret_from_fork_asm+0x1a/0x30 [ 13.461138] </TASK> [ 13.461149] [ 13.473563] Allocated by task 181: [ 13.474099] kasan_save_stack+0x45/0x70 [ 13.474326] kasan_save_track+0x18/0x40 [ 13.474482] kasan_save_alloc_info+0x3b/0x50 [ 13.474638] __kasan_kmalloc+0xb7/0xc0 [ 13.474781] __kmalloc_cache_noprof+0x189/0x420 [ 13.474944] krealloc_uaf+0xbb/0x5e0 [ 13.475097] kunit_try_run_case+0x1a5/0x480 [ 13.475312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475645] kthread+0x337/0x6f0 [ 13.476091] ret_from_fork+0x116/0x1d0 [ 13.476444] ret_from_fork_asm+0x1a/0x30 [ 13.476814] [ 13.476892] Freed by task 181: [ 13.477040] kasan_save_stack+0x45/0x70 [ 13.477440] kasan_save_track+0x18/0x40 [ 13.477831] kasan_save_free_info+0x3f/0x60 [ 13.478350] __kasan_slab_free+0x56/0x70 [ 13.478790] kfree+0x222/0x3f0 [ 13.479014] krealloc_uaf+0x13d/0x5e0 [ 13.479365] kunit_try_run_case+0x1a5/0x480 [ 13.479553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.479745] kthread+0x337/0x6f0 [ 13.479873] ret_from_fork+0x116/0x1d0 [ 13.480012] ret_from_fork_asm+0x1a/0x30 [ 13.480175] [ 13.480278] The buggy address belongs to the object at ffff888100a30400 [ 13.480278] which belongs to the cache kmalloc-256 of size 256 [ 13.480786] The buggy address is located 0 bytes inside of [ 13.480786] freed 256-byte region [ffff888100a30400, ffff888100a30500) [ 13.481333] [ 13.481413] The buggy address belongs to the physical page: [ 13.481645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.482031] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.482299] flags: 0x200000000000040(head|node=0|zone=2) [ 13.482567] page_type: f5(slab) [ 13.482750] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.483116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.483434] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.483780] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.484236] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.484487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.484875] page dumped because: kasan: bad access detected [ 13.485166] [ 13.485246] Memory state around the buggy address: [ 13.485496] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.485988] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.486313] >ffff888100a30400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.486591] ^ [ 13.486740] ffff888100a30480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.487095] ffff888100a30500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.487367] ================================================================== [ 13.417269] ================================================================== [ 13.417823] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 13.418127] Read of size 1 at addr ffff888100a30400 by task kunit_try_catch/181 [ 13.418413] [ 13.418532] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.418577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.418588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.418608] Call Trace: [ 13.418621] <TASK> [ 13.418636] dump_stack_lvl+0x73/0xb0 [ 13.418666] print_report+0xd1/0x650 [ 13.418687] ? __virt_addr_valid+0x1db/0x2d0 [ 13.418711] ? krealloc_uaf+0x1b8/0x5e0 [ 13.418732] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.418757] ? krealloc_uaf+0x1b8/0x5e0 [ 13.418777] kasan_report+0x141/0x180 [ 13.418799] ? krealloc_uaf+0x1b8/0x5e0 [ 13.418823] ? krealloc_uaf+0x1b8/0x5e0 [ 13.418843] __kasan_check_byte+0x3d/0x50 [ 13.418865] krealloc_noprof+0x3f/0x340 [ 13.418889] krealloc_uaf+0x1b8/0x5e0 [ 13.418910] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.418930] ? finish_task_switch.isra.0+0x153/0x700 [ 13.418952] ? __switch_to+0x47/0xf50 [ 13.418979] ? __schedule+0x10cc/0x2b60 [ 13.419002] ? __pfx_read_tsc+0x10/0x10 [ 13.419022] ? ktime_get_ts64+0x86/0x230 [ 13.419084] kunit_try_run_case+0x1a5/0x480 [ 13.419111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.419132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.419155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.419177] ? __kthread_parkme+0x82/0x180 [ 13.419197] ? preempt_count_sub+0x50/0x80 [ 13.419219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.419242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.419263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.419297] kthread+0x337/0x6f0 [ 13.419317] ? trace_preempt_on+0x20/0xc0 [ 13.419357] ? __pfx_kthread+0x10/0x10 [ 13.419377] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.419397] ? calculate_sigpending+0x7b/0xa0 [ 13.419422] ? __pfx_kthread+0x10/0x10 [ 13.419443] ret_from_fork+0x116/0x1d0 [ 13.419461] ? __pfx_kthread+0x10/0x10 [ 13.419481] ret_from_fork_asm+0x1a/0x30 [ 13.419513] </TASK> [ 13.419524] [ 13.432765] Allocated by task 181: [ 13.432907] kasan_save_stack+0x45/0x70 [ 13.433364] kasan_save_track+0x18/0x40 [ 13.435278] kasan_save_alloc_info+0x3b/0x50 [ 13.435556] __kasan_kmalloc+0xb7/0xc0 [ 13.436143] __kmalloc_cache_noprof+0x189/0x420 [ 13.436368] krealloc_uaf+0xbb/0x5e0 [ 13.437026] kunit_try_run_case+0x1a5/0x480 [ 13.437240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.437661] kthread+0x337/0x6f0 [ 13.438206] ret_from_fork+0x116/0x1d0 [ 13.438428] ret_from_fork_asm+0x1a/0x30 [ 13.438783] [ 13.438949] Freed by task 181: [ 13.439403] kasan_save_stack+0x45/0x70 [ 13.439714] kasan_save_track+0x18/0x40 [ 13.440118] kasan_save_free_info+0x3f/0x60 [ 13.440595] __kasan_slab_free+0x56/0x70 [ 13.440972] kfree+0x222/0x3f0 [ 13.441195] krealloc_uaf+0x13d/0x5e0 [ 13.441693] kunit_try_run_case+0x1a5/0x480 [ 13.442129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.442564] kthread+0x337/0x6f0 [ 13.442706] ret_from_fork+0x116/0x1d0 [ 13.443402] ret_from_fork_asm+0x1a/0x30 [ 13.444030] [ 13.444425] The buggy address belongs to the object at ffff888100a30400 [ 13.444425] which belongs to the cache kmalloc-256 of size 256 [ 13.445757] The buggy address is located 0 bytes inside of [ 13.445757] freed 256-byte region [ffff888100a30400, ffff888100a30500) [ 13.446829] [ 13.447219] The buggy address belongs to the physical page: [ 13.448092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.449042] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.449400] flags: 0x200000000000040(head|node=0|zone=2) [ 13.449891] page_type: f5(slab) [ 13.450301] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.450684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.451259] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.451791] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.452416] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.452737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.453351] page dumped because: kasan: bad access detected [ 13.453843] [ 13.453962] Memory state around the buggy address: [ 13.454210] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.454744] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455270] >ffff888100a30400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.455832] ^ [ 13.455991] ffff888100a30480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.456310] ffff888100a30500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.456634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 13.215442] ================================================================== [ 13.215798] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.216150] Write of size 1 at addr ffff888100a302ea by task kunit_try_catch/175 [ 13.216428] [ 13.216542] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.216583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.216594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.216613] Call Trace: [ 13.216628] <TASK> [ 13.216644] dump_stack_lvl+0x73/0xb0 [ 13.216669] print_report+0xd1/0x650 [ 13.216690] ? __virt_addr_valid+0x1db/0x2d0 [ 13.216711] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.216733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.216757] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.216780] kasan_report+0x141/0x180 [ 13.216801] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.216828] __asan_report_store1_noabort+0x1b/0x30 [ 13.216851] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.216875] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.216896] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.216924] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.216950] krealloc_less_oob+0x1c/0x30 [ 13.216971] kunit_try_run_case+0x1a5/0x480 [ 13.216993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.217036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.217097] ? __kthread_parkme+0x82/0x180 [ 13.217117] ? preempt_count_sub+0x50/0x80 [ 13.217140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.217162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.217184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.217205] kthread+0x337/0x6f0 [ 13.217224] ? trace_preempt_on+0x20/0xc0 [ 13.217246] ? __pfx_kthread+0x10/0x10 [ 13.217266] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.217286] ? calculate_sigpending+0x7b/0xa0 [ 13.217308] ? __pfx_kthread+0x10/0x10 [ 13.217345] ret_from_fork+0x116/0x1d0 [ 13.217362] ? __pfx_kthread+0x10/0x10 [ 13.217382] ret_from_fork_asm+0x1a/0x30 [ 13.217412] </TASK> [ 13.217422] [ 13.224764] Allocated by task 175: [ 13.224945] kasan_save_stack+0x45/0x70 [ 13.225151] kasan_save_track+0x18/0x40 [ 13.225344] kasan_save_alloc_info+0x3b/0x50 [ 13.225566] __kasan_krealloc+0x190/0x1f0 [ 13.225759] krealloc_noprof+0xf3/0x340 [ 13.225953] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.226135] krealloc_less_oob+0x1c/0x30 [ 13.226284] kunit_try_run_case+0x1a5/0x480 [ 13.226495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.226750] kthread+0x337/0x6f0 [ 13.226915] ret_from_fork+0x116/0x1d0 [ 13.227133] ret_from_fork_asm+0x1a/0x30 [ 13.227337] [ 13.227435] The buggy address belongs to the object at ffff888100a30200 [ 13.227435] which belongs to the cache kmalloc-256 of size 256 [ 13.227891] The buggy address is located 33 bytes to the right of [ 13.227891] allocated 201-byte region [ffff888100a30200, ffff888100a302c9) [ 13.228447] [ 13.228522] The buggy address belongs to the physical page: [ 13.228696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.228959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.229455] flags: 0x200000000000040(head|node=0|zone=2) [ 13.229790] page_type: f5(slab) [ 13.229976] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.230327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.230662] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.231058] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.231413] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.231763] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.232139] page dumped because: kasan: bad access detected [ 13.232314] [ 13.232386] Memory state around the buggy address: [ 13.232543] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.232809] ffff888100a30200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.233145] >ffff888100a30280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.233463] ^ [ 13.233866] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.234249] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.234467] ================================================================== [ 13.234883] ================================================================== [ 13.235244] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.235783] Write of size 1 at addr ffff888100a302eb by task kunit_try_catch/175 [ 13.236387] [ 13.236473] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.236513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.236524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.236543] Call Trace: [ 13.236558] <TASK> [ 13.236574] dump_stack_lvl+0x73/0xb0 [ 13.236600] print_report+0xd1/0x650 [ 13.236621] ? __virt_addr_valid+0x1db/0x2d0 [ 13.236642] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.236664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.236689] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.236730] kasan_report+0x141/0x180 [ 13.236751] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.236779] __asan_report_store1_noabort+0x1b/0x30 [ 13.236802] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.236827] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.236848] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.236877] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.236903] krealloc_less_oob+0x1c/0x30 [ 13.236924] kunit_try_run_case+0x1a5/0x480 [ 13.236946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.236966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.236989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.237010] ? __kthread_parkme+0x82/0x180 [ 13.237029] ? preempt_count_sub+0x50/0x80 [ 13.237062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.237084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.237127] kthread+0x337/0x6f0 [ 13.237149] ? trace_preempt_on+0x20/0xc0 [ 13.237172] ? __pfx_kthread+0x10/0x10 [ 13.237210] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.237230] ? calculate_sigpending+0x7b/0xa0 [ 13.237253] ? __pfx_kthread+0x10/0x10 [ 13.237293] ret_from_fork+0x116/0x1d0 [ 13.237313] ? __pfx_kthread+0x10/0x10 [ 13.237332] ret_from_fork_asm+0x1a/0x30 [ 13.237363] </TASK> [ 13.237374] [ 13.249480] Allocated by task 175: [ 13.249667] kasan_save_stack+0x45/0x70 [ 13.250262] kasan_save_track+0x18/0x40 [ 13.250574] kasan_save_alloc_info+0x3b/0x50 [ 13.251067] __kasan_krealloc+0x190/0x1f0 [ 13.251389] krealloc_noprof+0xf3/0x340 [ 13.251584] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.252259] krealloc_less_oob+0x1c/0x30 [ 13.252640] kunit_try_run_case+0x1a5/0x480 [ 13.253175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.253449] kthread+0x337/0x6f0 [ 13.253616] ret_from_fork+0x116/0x1d0 [ 13.254036] ret_from_fork_asm+0x1a/0x30 [ 13.254447] [ 13.254554] The buggy address belongs to the object at ffff888100a30200 [ 13.254554] which belongs to the cache kmalloc-256 of size 256 [ 13.255387] The buggy address is located 34 bytes to the right of [ 13.255387] allocated 201-byte region [ffff888100a30200, ffff888100a302c9) [ 13.256606] [ 13.256928] The buggy address belongs to the physical page: [ 13.257267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.257613] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.257937] flags: 0x200000000000040(head|node=0|zone=2) [ 13.258191] page_type: f5(slab) [ 13.258352] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.258675] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.258992] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.260076] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.260396] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.260796] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.261083] page dumped because: kasan: bad access detected [ 13.261348] [ 13.261447] Memory state around the buggy address: [ 13.261651] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262023] ffff888100a30200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.262358] >ffff888100a30280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.262652] ^ [ 13.263025] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.263307] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.263645] ================================================================== [ 13.308886] ================================================================== [ 13.310744] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.312005] Write of size 1 at addr ffff8881031d60c9 by task kunit_try_catch/179 [ 13.313100] [ 13.313612] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.313955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.313971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.313993] Call Trace: [ 13.314007] <TASK> [ 13.314021] dump_stack_lvl+0x73/0xb0 [ 13.314067] print_report+0xd1/0x650 [ 13.314088] ? __virt_addr_valid+0x1db/0x2d0 [ 13.314110] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.314132] ? kasan_addr_to_slab+0x11/0xa0 [ 13.314151] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.314174] kasan_report+0x141/0x180 [ 13.314195] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.314223] __asan_report_store1_noabort+0x1b/0x30 [ 13.314246] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.314276] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.314297] ? irqentry_exit+0x2a/0x60 [ 13.314318] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.314346] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 13.314371] krealloc_large_less_oob+0x1c/0x30 [ 13.314393] kunit_try_run_case+0x1a5/0x480 [ 13.314416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.314458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314480] ? __kthread_parkme+0x82/0x180 [ 13.314499] ? preempt_count_sub+0x50/0x80 [ 13.314521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.314586] kthread+0x337/0x6f0 [ 13.314605] ? trace_preempt_on+0x20/0xc0 [ 13.314626] ? __pfx_kthread+0x10/0x10 [ 13.314646] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.314665] ? calculate_sigpending+0x7b/0xa0 [ 13.314687] ? __pfx_kthread+0x10/0x10 [ 13.314716] ret_from_fork+0x116/0x1d0 [ 13.314734] ? __pfx_kthread+0x10/0x10 [ 13.314765] ret_from_fork_asm+0x1a/0x30 [ 13.314796] </TASK> [ 13.314807] [ 13.334189] The buggy address belongs to the physical page: [ 13.334497] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d4 [ 13.334918] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.335303] flags: 0x200000000000040(head|node=0|zone=2) [ 13.335568] page_type: f8(unknown) [ 13.335753] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.336549] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.336913] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.337629] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.338227] head: 0200000000000002 ffffea00040c7501 00000000ffffffff 00000000ffffffff [ 13.338669] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.339212] page dumped because: kasan: bad access detected [ 13.339587] [ 13.339673] Memory state around the buggy address: [ 13.340136] ffff8881031d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.340542] ffff8881031d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.341259] >ffff8881031d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.341680] ^ [ 13.342165] ffff8881031d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.342561] ffff8881031d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.343106] ================================================================== [ 13.396787] ================================================================== [ 13.397130] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.397396] Write of size 1 at addr ffff8881031d60eb by task kunit_try_catch/179 [ 13.397676] [ 13.398098] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.398145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.398157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.398177] Call Trace: [ 13.398190] <TASK> [ 13.398204] dump_stack_lvl+0x73/0xb0 [ 13.398232] print_report+0xd1/0x650 [ 13.398254] ? __virt_addr_valid+0x1db/0x2d0 [ 13.398275] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.398298] ? kasan_addr_to_slab+0x11/0xa0 [ 13.398318] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.398342] kasan_report+0x141/0x180 [ 13.398364] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.398394] __asan_report_store1_noabort+0x1b/0x30 [ 13.398418] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.398444] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.398467] ? irqentry_exit+0x2a/0x60 [ 13.398488] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.398517] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 13.398544] krealloc_large_less_oob+0x1c/0x30 [ 13.398566] kunit_try_run_case+0x1a5/0x480 [ 13.398590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.398611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.398634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.398657] ? __kthread_parkme+0x82/0x180 [ 13.398677] ? preempt_count_sub+0x50/0x80 [ 13.398798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.398827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.398850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.398873] kthread+0x337/0x6f0 [ 13.398893] ? trace_preempt_on+0x20/0xc0 [ 13.398916] ? __pfx_kthread+0x10/0x10 [ 13.398937] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.398957] ? calculate_sigpending+0x7b/0xa0 [ 13.398980] ? __pfx_kthread+0x10/0x10 [ 13.399002] ret_from_fork+0x116/0x1d0 [ 13.399020] ? __pfx_kthread+0x10/0x10 [ 13.399041] ret_from_fork_asm+0x1a/0x30 [ 13.399084] </TASK> [ 13.399096] [ 13.407221] The buggy address belongs to the physical page: [ 13.407442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d4 [ 13.407789] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.408150] flags: 0x200000000000040(head|node=0|zone=2) [ 13.408407] page_type: f8(unknown) [ 13.408555] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.408951] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.409207] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.409567] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.410132] head: 0200000000000002 ffffea00040c7501 00000000ffffffff 00000000ffffffff [ 13.410466] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.410809] page dumped because: kasan: bad access detected [ 13.411030] [ 13.411139] Memory state around the buggy address: [ 13.411369] ffff8881031d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.411785] ffff8881031d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.412085] >ffff8881031d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.412398] ^ [ 13.412613] ffff8881031d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.413039] ffff8881031d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.413377] ================================================================== [ 13.173378] ================================================================== [ 13.174213] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.175066] Write of size 1 at addr ffff888100a302d0 by task kunit_try_catch/175 [ 13.176107] [ 13.176245] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.176295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.176307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.176328] Call Trace: [ 13.176347] <TASK> [ 13.176365] dump_stack_lvl+0x73/0xb0 [ 13.176397] print_report+0xd1/0x650 [ 13.176419] ? __virt_addr_valid+0x1db/0x2d0 [ 13.176441] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.176464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.176490] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.176512] kasan_report+0x141/0x180 [ 13.176533] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.176561] __asan_report_store1_noabort+0x1b/0x30 [ 13.176584] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.176609] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.176631] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.176660] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.176688] krealloc_less_oob+0x1c/0x30 [ 13.176720] kunit_try_run_case+0x1a5/0x480 [ 13.176744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.176764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.176788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.176809] ? __kthread_parkme+0x82/0x180 [ 13.176828] ? preempt_count_sub+0x50/0x80 [ 13.176853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.176875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.176896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.176917] kthread+0x337/0x6f0 [ 13.176936] ? trace_preempt_on+0x20/0xc0 [ 13.176958] ? __pfx_kthread+0x10/0x10 [ 13.176978] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.176998] ? calculate_sigpending+0x7b/0xa0 [ 13.177021] ? __pfx_kthread+0x10/0x10 [ 13.177042] ret_from_fork+0x116/0x1d0 [ 13.177070] ? __pfx_kthread+0x10/0x10 [ 13.177090] ret_from_fork_asm+0x1a/0x30 [ 13.177121] </TASK> [ 13.177132] [ 13.185461] Allocated by task 175: [ 13.185607] kasan_save_stack+0x45/0x70 [ 13.185764] kasan_save_track+0x18/0x40 [ 13.185962] kasan_save_alloc_info+0x3b/0x50 [ 13.186190] __kasan_krealloc+0x190/0x1f0 [ 13.186394] krealloc_noprof+0xf3/0x340 [ 13.186592] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.186829] krealloc_less_oob+0x1c/0x30 [ 13.187032] kunit_try_run_case+0x1a5/0x480 [ 13.187198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.187377] kthread+0x337/0x6f0 [ 13.187500] ret_from_fork+0x116/0x1d0 [ 13.187634] ret_from_fork_asm+0x1a/0x30 [ 13.187801] [ 13.187876] The buggy address belongs to the object at ffff888100a30200 [ 13.187876] which belongs to the cache kmalloc-256 of size 256 [ 13.188434] The buggy address is located 7 bytes to the right of [ 13.188434] allocated 201-byte region [ffff888100a30200, ffff888100a302c9) [ 13.189383] [ 13.189481] The buggy address belongs to the physical page: [ 13.189778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.190026] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.190657] flags: 0x200000000000040(head|node=0|zone=2) [ 13.190910] page_type: f5(slab) [ 13.191045] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.191404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.191801] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.192096] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.192334] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.192571] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.192859] page dumped because: kasan: bad access detected [ 13.193139] [ 13.193240] Memory state around the buggy address: [ 13.193443] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193774] ffff888100a30200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.194152] >ffff888100a30280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.194418] ^ [ 13.194689] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.195003] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.195235] ================================================================== [ 13.361585] ================================================================== [ 13.362047] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.362399] Write of size 1 at addr ffff8881031d60da by task kunit_try_catch/179 [ 13.362661] [ 13.362866] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.362909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.362921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.362940] Call Trace: [ 13.362953] <TASK> [ 13.362967] dump_stack_lvl+0x73/0xb0 [ 13.362994] print_report+0xd1/0x650 [ 13.363016] ? __virt_addr_valid+0x1db/0x2d0 [ 13.363037] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.363072] ? kasan_addr_to_slab+0x11/0xa0 [ 13.363092] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.363115] kasan_report+0x141/0x180 [ 13.363136] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.363164] __asan_report_store1_noabort+0x1b/0x30 [ 13.363188] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.363213] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.363235] ? irqentry_exit+0x2a/0x60 [ 13.363256] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.363284] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 13.363310] krealloc_large_less_oob+0x1c/0x30 [ 13.363332] kunit_try_run_case+0x1a5/0x480 [ 13.363354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.363375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.363397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.363419] ? __kthread_parkme+0x82/0x180 [ 13.363438] ? preempt_count_sub+0x50/0x80 [ 13.363461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.363484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.363505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.363527] kthread+0x337/0x6f0 [ 13.363545] ? trace_preempt_on+0x20/0xc0 [ 13.363567] ? __pfx_kthread+0x10/0x10 [ 13.363587] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.363607] ? calculate_sigpending+0x7b/0xa0 [ 13.363630] ? __pfx_kthread+0x10/0x10 [ 13.363650] ret_from_fork+0x116/0x1d0 [ 13.363668] ? __pfx_kthread+0x10/0x10 [ 13.363687] ret_from_fork_asm+0x1a/0x30 [ 13.363796] </TASK> [ 13.363806] [ 13.371498] The buggy address belongs to the physical page: [ 13.371739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d4 [ 13.372045] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.372940] flags: 0x200000000000040(head|node=0|zone=2) [ 13.373225] page_type: f8(unknown) [ 13.373413] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.373869] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.374221] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.374548] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.374935] head: 0200000000000002 ffffea00040c7501 00000000ffffffff 00000000ffffffff [ 13.375232] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.375471] page dumped because: kasan: bad access detected [ 13.375805] [ 13.375909] Memory state around the buggy address: [ 13.376161] ffff8881031d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.376494] ffff8881031d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.376905] >ffff8881031d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.377265] ^ [ 13.377566] ffff8881031d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.377964] ffff8881031d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.378298] ================================================================== [ 13.195817] ================================================================== [ 13.196141] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.196392] Write of size 1 at addr ffff888100a302da by task kunit_try_catch/175 [ 13.196729] [ 13.196838] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.196878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.196889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.196907] Call Trace: [ 13.196922] <TASK> [ 13.196938] dump_stack_lvl+0x73/0xb0 [ 13.196964] print_report+0xd1/0x650 [ 13.196985] ? __virt_addr_valid+0x1db/0x2d0 [ 13.197007] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.197029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.197090] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.197114] kasan_report+0x141/0x180 [ 13.197135] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.197162] __asan_report_store1_noabort+0x1b/0x30 [ 13.197185] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.197210] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.197231] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.197260] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.197285] krealloc_less_oob+0x1c/0x30 [ 13.197305] kunit_try_run_case+0x1a5/0x480 [ 13.197328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.197348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.197371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.197392] ? __kthread_parkme+0x82/0x180 [ 13.197411] ? preempt_count_sub+0x50/0x80 [ 13.197434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.197456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.197477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.197500] kthread+0x337/0x6f0 [ 13.197518] ? trace_preempt_on+0x20/0xc0 [ 13.197544] ? __pfx_kthread+0x10/0x10 [ 13.197580] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.197600] ? calculate_sigpending+0x7b/0xa0 [ 13.197623] ? __pfx_kthread+0x10/0x10 [ 13.197643] ret_from_fork+0x116/0x1d0 [ 13.197661] ? __pfx_kthread+0x10/0x10 [ 13.197680] ret_from_fork_asm+0x1a/0x30 [ 13.197744] </TASK> [ 13.197754] [ 13.205031] Allocated by task 175: [ 13.205201] kasan_save_stack+0x45/0x70 [ 13.205407] kasan_save_track+0x18/0x40 [ 13.205598] kasan_save_alloc_info+0x3b/0x50 [ 13.205780] __kasan_krealloc+0x190/0x1f0 [ 13.206087] krealloc_noprof+0xf3/0x340 [ 13.206324] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.206530] krealloc_less_oob+0x1c/0x30 [ 13.206701] kunit_try_run_case+0x1a5/0x480 [ 13.206908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.207141] kthread+0x337/0x6f0 [ 13.207312] ret_from_fork+0x116/0x1d0 [ 13.207477] ret_from_fork_asm+0x1a/0x30 [ 13.207658] [ 13.207748] The buggy address belongs to the object at ffff888100a30200 [ 13.207748] which belongs to the cache kmalloc-256 of size 256 [ 13.208332] The buggy address is located 17 bytes to the right of [ 13.208332] allocated 201-byte region [ffff888100a30200, ffff888100a302c9) [ 13.208901] [ 13.208979] The buggy address belongs to the physical page: [ 13.209270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.209621] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.209954] flags: 0x200000000000040(head|node=0|zone=2) [ 13.210227] page_type: f5(slab) [ 13.210391] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.210755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.211156] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.211491] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.211745] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.211980] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.212533] page dumped because: kasan: bad access detected [ 13.212808] [ 13.212937] Memory state around the buggy address: [ 13.213126] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.213399] ffff888100a30200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.213620] >ffff888100a30280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.213860] ^ [ 13.214157] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.214474] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.214915] ================================================================== [ 13.343564] ================================================================== [ 13.344108] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.345046] Write of size 1 at addr ffff8881031d60d0 by task kunit_try_catch/179 [ 13.345679] [ 13.345903] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.345952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.345965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.345985] Call Trace: [ 13.346002] <TASK> [ 13.346019] dump_stack_lvl+0x73/0xb0 [ 13.346062] print_report+0xd1/0x650 [ 13.346086] ? __virt_addr_valid+0x1db/0x2d0 [ 13.346109] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.346132] ? kasan_addr_to_slab+0x11/0xa0 [ 13.346152] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.346176] kasan_report+0x141/0x180 [ 13.346198] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.346227] __asan_report_store1_noabort+0x1b/0x30 [ 13.346252] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.346277] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.346300] ? irqentry_exit+0x2a/0x60 [ 13.346321] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.346350] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 13.346378] krealloc_large_less_oob+0x1c/0x30 [ 13.346400] kunit_try_run_case+0x1a5/0x480 [ 13.346424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.346469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.346492] ? __kthread_parkme+0x82/0x180 [ 13.346511] ? preempt_count_sub+0x50/0x80 [ 13.346536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.346581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.346603] kthread+0x337/0x6f0 [ 13.346623] ? trace_preempt_on+0x20/0xc0 [ 13.346646] ? __pfx_kthread+0x10/0x10 [ 13.346666] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.346687] ? calculate_sigpending+0x7b/0xa0 [ 13.346800] ? __pfx_kthread+0x10/0x10 [ 13.346823] ret_from_fork+0x116/0x1d0 [ 13.346842] ? __pfx_kthread+0x10/0x10 [ 13.346863] ret_from_fork_asm+0x1a/0x30 [ 13.346897] </TASK> [ 13.346907] [ 13.354992] The buggy address belongs to the physical page: [ 13.355281] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d4 [ 13.355612] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.355973] flags: 0x200000000000040(head|node=0|zone=2) [ 13.356220] page_type: f8(unknown) [ 13.356353] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.356880] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.357184] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.357547] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.357963] head: 0200000000000002 ffffea00040c7501 00000000ffffffff 00000000ffffffff [ 13.358250] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.358603] page dumped because: kasan: bad access detected [ 13.358883] [ 13.358960] Memory state around the buggy address: [ 13.359211] ffff8881031d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.359545] ffff8881031d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.359932] >ffff8881031d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.360244] ^ [ 13.360484] ffff8881031d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.360929] ffff8881031d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.361250] ================================================================== [ 13.130406] ================================================================== [ 13.131999] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.133670] Write of size 1 at addr ffff888100a302c9 by task kunit_try_catch/175 [ 13.135159] [ 13.135280] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.135327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.135339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.135359] Call Trace: [ 13.135371] <TASK> [ 13.135386] dump_stack_lvl+0x73/0xb0 [ 13.135415] print_report+0xd1/0x650 [ 13.135436] ? __virt_addr_valid+0x1db/0x2d0 [ 13.135458] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.135482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.135507] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.135531] kasan_report+0x141/0x180 [ 13.135552] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.135581] __asan_report_store1_noabort+0x1b/0x30 [ 13.135605] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.135631] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.135653] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.135683] ? __pfx_krealloc_less_oob+0x10/0x10 [ 13.135709] krealloc_less_oob+0x1c/0x30 [ 13.135730] kunit_try_run_case+0x1a5/0x480 [ 13.135754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.135776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.135799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.135821] ? __kthread_parkme+0x82/0x180 [ 13.135840] ? preempt_count_sub+0x50/0x80 [ 13.135865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.135887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.135909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.135931] kthread+0x337/0x6f0 [ 13.135951] ? trace_preempt_on+0x20/0xc0 [ 13.135975] ? __pfx_kthread+0x10/0x10 [ 13.135995] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.136015] ? calculate_sigpending+0x7b/0xa0 [ 13.136415] ? __pfx_kthread+0x10/0x10 [ 13.136450] ret_from_fork+0x116/0x1d0 [ 13.136471] ? __pfx_kthread+0x10/0x10 [ 13.136492] ret_from_fork_asm+0x1a/0x30 [ 13.136523] </TASK> [ 13.136535] [ 13.153491] Allocated by task 175: [ 13.153641] kasan_save_stack+0x45/0x70 [ 13.154475] kasan_save_track+0x18/0x40 [ 13.155008] kasan_save_alloc_info+0x3b/0x50 [ 13.155519] __kasan_krealloc+0x190/0x1f0 [ 13.156020] krealloc_noprof+0xf3/0x340 [ 13.156644] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.157303] krealloc_less_oob+0x1c/0x30 [ 13.157846] kunit_try_run_case+0x1a5/0x480 [ 13.158013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.158210] kthread+0x337/0x6f0 [ 13.158334] ret_from_fork+0x116/0x1d0 [ 13.158469] ret_from_fork_asm+0x1a/0x30 [ 13.158609] [ 13.158685] The buggy address belongs to the object at ffff888100a30200 [ 13.158685] which belongs to the cache kmalloc-256 of size 256 [ 13.160458] The buggy address is located 0 bytes to the right of [ 13.160458] allocated 201-byte region [ffff888100a30200, ffff888100a302c9) [ 13.161698] [ 13.161890] The buggy address belongs to the physical page: [ 13.162436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.163260] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.163557] flags: 0x200000000000040(head|node=0|zone=2) [ 13.164267] page_type: f5(slab) [ 13.164406] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.164639] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.164870] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.165115] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.165350] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.166564] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.167605] page dumped because: kasan: bad access detected [ 13.168407] [ 13.168580] Memory state around the buggy address: [ 13.169009] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.169961] ffff888100a30200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.170584] >ffff888100a30280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.171084] ^ [ 13.171265] ffff888100a30300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.172248] ffff888100a30380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.172483] ================================================================== [ 13.378657] ================================================================== [ 13.379040] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.379396] Write of size 1 at addr ffff8881031d60ea by task kunit_try_catch/179 [ 13.379657] [ 13.379881] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.379926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.379938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.379958] Call Trace: [ 13.379972] <TASK> [ 13.379986] dump_stack_lvl+0x73/0xb0 [ 13.380013] print_report+0xd1/0x650 [ 13.380036] ? __virt_addr_valid+0x1db/0x2d0 [ 13.380072] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.380096] ? kasan_addr_to_slab+0x11/0xa0 [ 13.380116] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.380140] kasan_report+0x141/0x180 [ 13.380162] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.380192] __asan_report_store1_noabort+0x1b/0x30 [ 13.380216] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.380242] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.380265] ? irqentry_exit+0x2a/0x60 [ 13.380286] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.380315] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 13.380342] krealloc_large_less_oob+0x1c/0x30 [ 13.380365] kunit_try_run_case+0x1a5/0x480 [ 13.380389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.380410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.380433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.380456] ? __kthread_parkme+0x82/0x180 [ 13.380475] ? preempt_count_sub+0x50/0x80 [ 13.380500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.380523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.380545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.380568] kthread+0x337/0x6f0 [ 13.380588] ? trace_preempt_on+0x20/0xc0 [ 13.380612] ? __pfx_kthread+0x10/0x10 [ 13.380633] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.380653] ? calculate_sigpending+0x7b/0xa0 [ 13.380677] ? __pfx_kthread+0x10/0x10 [ 13.380861] ret_from_fork+0x116/0x1d0 [ 13.380889] ? __pfx_kthread+0x10/0x10 [ 13.380910] ret_from_fork_asm+0x1a/0x30 [ 13.380942] </TASK> [ 13.380952] [ 13.389283] The buggy address belongs to the physical page: [ 13.389568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d4 [ 13.389979] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.390371] flags: 0x200000000000040(head|node=0|zone=2) [ 13.390638] page_type: f8(unknown) [ 13.390879] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.391230] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.391566] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.392020] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.392365] head: 0200000000000002 ffffea00040c7501 00000000ffffffff 00000000ffffffff [ 13.392680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.393269] page dumped because: kasan: bad access detected [ 13.393499] [ 13.393580] Memory state around the buggy address: [ 13.393830] ffff8881031d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.394182] ffff8881031d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.394521] >ffff8881031d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.394861] ^ [ 13.395109] ffff8881031d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.395448] ffff8881031d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.395890] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 13.288793] ================================================================== [ 13.289096] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.289357] Write of size 1 at addr ffff8881029f20f0 by task kunit_try_catch/177 [ 13.289665] [ 13.289833] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.289877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.289889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.289909] Call Trace: [ 13.289920] <TASK> [ 13.289935] dump_stack_lvl+0x73/0xb0 [ 13.289964] print_report+0xd1/0x650 [ 13.289986] ? __virt_addr_valid+0x1db/0x2d0 [ 13.290008] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.290032] ? kasan_addr_to_slab+0x11/0xa0 [ 13.290066] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.290091] kasan_report+0x141/0x180 [ 13.290113] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.290143] __asan_report_store1_noabort+0x1b/0x30 [ 13.290168] krealloc_more_oob_helper+0x7eb/0x930 [ 13.290191] ? __schedule+0x10cc/0x2b60 [ 13.290213] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.290240] ? __kasan_check_write+0x18/0x20 [ 13.290259] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.290285] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.290309] ? __pfx_read_tsc+0x10/0x10 [ 13.290334] krealloc_large_more_oob+0x1c/0x30 [ 13.290356] kunit_try_run_case+0x1a5/0x480 [ 13.290381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290403] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.290425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.290448] ? __kthread_parkme+0x82/0x180 [ 13.290469] ? preempt_count_sub+0x50/0x80 [ 13.290494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.290517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.290540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.290563] kthread+0x337/0x6f0 [ 13.290582] ? trace_preempt_on+0x20/0xc0 [ 13.290606] ? __pfx_kthread+0x10/0x10 [ 13.290628] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.290649] ? calculate_sigpending+0x7b/0xa0 [ 13.290672] ? __pfx_kthread+0x10/0x10 [ 13.290723] ret_from_fork+0x116/0x1d0 [ 13.290743] ? __pfx_kthread+0x10/0x10 [ 13.290777] ret_from_fork_asm+0x1a/0x30 [ 13.290810] </TASK> [ 13.290820] [ 13.299285] The buggy address belongs to the physical page: [ 13.299523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 13.299939] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.300226] flags: 0x200000000000040(head|node=0|zone=2) [ 13.300545] page_type: f8(unknown) [ 13.300804] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.301092] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.301407] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.301742] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.302112] head: 0200000000000002 ffffea00040a7c01 00000000ffffffff 00000000ffffffff [ 13.302463] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.302794] page dumped because: kasan: bad access detected [ 13.303008] [ 13.303118] Memory state around the buggy address: [ 13.303288] ffff8881029f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.303510] ffff8881029f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.303732] >ffff8881029f2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.303950] ^ [ 13.304299] ffff8881029f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.304625] ffff8881029f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.304964] ================================================================== [ 13.100933] ================================================================== [ 13.101320] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.101735] Write of size 1 at addr ffff888100a300f0 by task kunit_try_catch/173 [ 13.102205] [ 13.102300] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.102341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.102353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.102372] Call Trace: [ 13.102385] <TASK> [ 13.102399] dump_stack_lvl+0x73/0xb0 [ 13.102425] print_report+0xd1/0x650 [ 13.102491] ? __virt_addr_valid+0x1db/0x2d0 [ 13.102512] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.102536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.102561] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.102584] kasan_report+0x141/0x180 [ 13.102639] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.102670] __asan_report_store1_noabort+0x1b/0x30 [ 13.102701] krealloc_more_oob_helper+0x7eb/0x930 [ 13.102723] ? __schedule+0x10cc/0x2b60 [ 13.102744] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.102816] ? finish_task_switch.isra.0+0x153/0x700 [ 13.102838] ? __switch_to+0x47/0xf50 [ 13.102864] ? __schedule+0x10cc/0x2b60 [ 13.102884] ? __pfx_read_tsc+0x10/0x10 [ 13.102937] krealloc_more_oob+0x1c/0x30 [ 13.102958] kunit_try_run_case+0x1a5/0x480 [ 13.102981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.103024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.103046] ? __kthread_parkme+0x82/0x180 [ 13.103077] ? preempt_count_sub+0x50/0x80 [ 13.103099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.103166] kthread+0x337/0x6f0 [ 13.103185] ? trace_preempt_on+0x20/0xc0 [ 13.103208] ? __pfx_kthread+0x10/0x10 [ 13.103228] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.103250] ? calculate_sigpending+0x7b/0xa0 [ 13.103273] ? __pfx_kthread+0x10/0x10 [ 13.103293] ret_from_fork+0x116/0x1d0 [ 13.103311] ? __pfx_kthread+0x10/0x10 [ 13.103331] ret_from_fork_asm+0x1a/0x30 [ 13.103362] </TASK> [ 13.103372] [ 13.112702] Allocated by task 173: [ 13.112910] kasan_save_stack+0x45/0x70 [ 13.113204] kasan_save_track+0x18/0x40 [ 13.113364] kasan_save_alloc_info+0x3b/0x50 [ 13.113583] __kasan_krealloc+0x190/0x1f0 [ 13.113821] krealloc_noprof+0xf3/0x340 [ 13.114068] krealloc_more_oob_helper+0x1a9/0x930 [ 13.114300] krealloc_more_oob+0x1c/0x30 [ 13.114520] kunit_try_run_case+0x1a5/0x480 [ 13.114759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.114957] kthread+0x337/0x6f0 [ 13.115092] ret_from_fork+0x116/0x1d0 [ 13.115232] ret_from_fork_asm+0x1a/0x30 [ 13.115429] [ 13.115530] The buggy address belongs to the object at ffff888100a30000 [ 13.115530] which belongs to the cache kmalloc-256 of size 256 [ 13.116148] The buggy address is located 5 bytes to the right of [ 13.116148] allocated 235-byte region [ffff888100a30000, ffff888100a300eb) [ 13.116866] [ 13.116960] The buggy address belongs to the physical page: [ 13.117278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.117623] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.117880] flags: 0x200000000000040(head|node=0|zone=2) [ 13.118368] page_type: f5(slab) [ 13.118602] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.119234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.119968] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.120388] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.120749] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.120990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.121369] page dumped because: kasan: bad access detected [ 13.121786] [ 13.121906] Memory state around the buggy address: [ 13.122134] ffff888100a2ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.122521] ffff888100a30000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.123026] >ffff888100a30080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.123277] ^ [ 13.123492] ffff888100a30100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.123722] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.124026] ================================================================== [ 13.271267] ================================================================== [ 13.271775] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.272122] Write of size 1 at addr ffff8881029f20eb by task kunit_try_catch/177 [ 13.272459] [ 13.272584] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.272629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.272640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.272661] Call Trace: [ 13.272674] <TASK> [ 13.272690] dump_stack_lvl+0x73/0xb0 [ 13.272749] print_report+0xd1/0x650 [ 13.272771] ? __virt_addr_valid+0x1db/0x2d0 [ 13.272795] ? krealloc_more_oob_helper+0x821/0x930 [ 13.272818] ? kasan_addr_to_slab+0x11/0xa0 [ 13.272837] ? krealloc_more_oob_helper+0x821/0x930 [ 13.272860] kasan_report+0x141/0x180 [ 13.272882] ? krealloc_more_oob_helper+0x821/0x930 [ 13.272911] __asan_report_store1_noabort+0x1b/0x30 [ 13.272936] krealloc_more_oob_helper+0x821/0x930 [ 13.272958] ? __schedule+0x10cc/0x2b60 [ 13.272993] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.273019] ? __kasan_check_write+0x18/0x20 [ 13.273037] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.273072] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 13.273096] ? __pfx_read_tsc+0x10/0x10 [ 13.273121] krealloc_large_more_oob+0x1c/0x30 [ 13.273143] kunit_try_run_case+0x1a5/0x480 [ 13.273169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273190] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 13.273212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.273235] ? __kthread_parkme+0x82/0x180 [ 13.273256] ? preempt_count_sub+0x50/0x80 [ 13.273281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.273327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.273349] kthread+0x337/0x6f0 [ 13.273369] ? trace_preempt_on+0x20/0xc0 [ 13.273392] ? __pfx_kthread+0x10/0x10 [ 13.273413] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.273434] ? calculate_sigpending+0x7b/0xa0 [ 13.273458] ? __pfx_kthread+0x10/0x10 [ 13.273479] ret_from_fork+0x116/0x1d0 [ 13.273497] ? __pfx_kthread+0x10/0x10 [ 13.273517] ret_from_fork_asm+0x1a/0x30 [ 13.273553] </TASK> [ 13.273564] [ 13.281773] The buggy address belongs to the physical page: [ 13.282097] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 13.282443] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.282892] flags: 0x200000000000040(head|node=0|zone=2) [ 13.283140] page_type: f8(unknown) [ 13.283401] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.283842] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.284224] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.284490] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.284858] head: 0200000000000002 ffffea00040a7c01 00000000ffffffff 00000000ffffffff [ 13.285237] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.285824] page dumped because: kasan: bad access detected [ 13.286070] [ 13.286177] Memory state around the buggy address: [ 13.286362] ffff8881029f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.286666] ffff8881029f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.287091] >ffff8881029f2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.287407] ^ [ 13.287639] ffff8881029f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.287993] ffff8881029f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.288259] ================================================================== [ 13.076586] ================================================================== [ 13.077377] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.077795] Write of size 1 at addr ffff888100a300eb by task kunit_try_catch/173 [ 13.078215] [ 13.078376] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.078450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.078463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.078485] Call Trace: [ 13.078498] <TASK> [ 13.078514] dump_stack_lvl+0x73/0xb0 [ 13.078547] print_report+0xd1/0x650 [ 13.078570] ? __virt_addr_valid+0x1db/0x2d0 [ 13.078595] ? krealloc_more_oob_helper+0x821/0x930 [ 13.078618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.078684] ? krealloc_more_oob_helper+0x821/0x930 [ 13.078759] kasan_report+0x141/0x180 [ 13.078795] ? krealloc_more_oob_helper+0x821/0x930 [ 13.078824] __asan_report_store1_noabort+0x1b/0x30 [ 13.078849] krealloc_more_oob_helper+0x821/0x930 [ 13.078871] ? __schedule+0x10cc/0x2b60 [ 13.078894] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.078917] ? finish_task_switch.isra.0+0x153/0x700 [ 13.078941] ? __switch_to+0x47/0xf50 [ 13.078968] ? __schedule+0x10cc/0x2b60 [ 13.078989] ? __pfx_read_tsc+0x10/0x10 [ 13.079015] krealloc_more_oob+0x1c/0x30 [ 13.079036] kunit_try_run_case+0x1a5/0x480 [ 13.079072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.079094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.079119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.079141] ? __kthread_parkme+0x82/0x180 [ 13.079162] ? preempt_count_sub+0x50/0x80 [ 13.079185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.079208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.079230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.079253] kthread+0x337/0x6f0 [ 13.079272] ? trace_preempt_on+0x20/0xc0 [ 13.079296] ? __pfx_kthread+0x10/0x10 [ 13.079316] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.079337] ? calculate_sigpending+0x7b/0xa0 [ 13.079361] ? __pfx_kthread+0x10/0x10 [ 13.079383] ret_from_fork+0x116/0x1d0 [ 13.079401] ? __pfx_kthread+0x10/0x10 [ 13.079421] ret_from_fork_asm+0x1a/0x30 [ 13.079454] </TASK> [ 13.079466] [ 13.088549] Allocated by task 173: [ 13.088814] kasan_save_stack+0x45/0x70 [ 13.088997] kasan_save_track+0x18/0x40 [ 13.089211] kasan_save_alloc_info+0x3b/0x50 [ 13.089420] __kasan_krealloc+0x190/0x1f0 [ 13.089574] krealloc_noprof+0xf3/0x340 [ 13.089800] krealloc_more_oob_helper+0x1a9/0x930 [ 13.090047] krealloc_more_oob+0x1c/0x30 [ 13.090282] kunit_try_run_case+0x1a5/0x480 [ 13.090576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.090792] kthread+0x337/0x6f0 [ 13.090923] ret_from_fork+0x116/0x1d0 [ 13.091097] ret_from_fork_asm+0x1a/0x30 [ 13.091353] [ 13.091492] The buggy address belongs to the object at ffff888100a30000 [ 13.091492] which belongs to the cache kmalloc-256 of size 256 [ 13.092544] The buggy address is located 0 bytes to the right of [ 13.092544] allocated 235-byte region [ffff888100a30000, ffff888100a300eb) [ 13.093167] [ 13.093252] The buggy address belongs to the physical page: [ 13.093506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a30 [ 13.094039] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.094347] flags: 0x200000000000040(head|node=0|zone=2) [ 13.094620] page_type: f5(slab) [ 13.094772] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.095083] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.095526] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.095905] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.096353] head: 0200000000000001 ffffea0004028c01 00000000ffffffff 00000000ffffffff [ 13.096696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.097126] page dumped because: kasan: bad access detected [ 13.097454] [ 13.097551] Memory state around the buggy address: [ 13.097806] ffff888100a2ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.098290] ffff888100a30000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.098657] >ffff888100a30080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.099192] ^ [ 13.099532] ffff888100a30100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099949] ffff888100a30180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100308] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.003659] ================================================================== [ 51.004078] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 51.004078] [ 51.004453] Use-after-free read at 0x(____ptrval____) (in kfence-#136): [ 51.005251] test_krealloc+0x6fc/0xbe0 [ 51.005647] kunit_try_run_case+0x1a5/0x480 [ 51.005859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.006268] kthread+0x337/0x6f0 [ 51.006430] ret_from_fork+0x116/0x1d0 [ 51.006706] ret_from_fork_asm+0x1a/0x30 [ 51.007061] [ 51.007152] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.007152] [ 51.007676] allocated by task 354 on cpu 0 at 51.003003s (0.004670s ago): [ 51.008147] test_alloc+0x364/0x10f0 [ 51.008325] test_krealloc+0xad/0xbe0 [ 51.008611] kunit_try_run_case+0x1a5/0x480 [ 51.008848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.009246] kthread+0x337/0x6f0 [ 51.009437] ret_from_fork+0x116/0x1d0 [ 51.009612] ret_from_fork_asm+0x1a/0x30 [ 51.009959] [ 51.010072] freed by task 354 on cpu 0 at 51.003292s (0.006778s ago): [ 51.010510] krealloc_noprof+0x108/0x340 [ 51.010783] test_krealloc+0x226/0xbe0 [ 51.010979] kunit_try_run_case+0x1a5/0x480 [ 51.011207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.011443] kthread+0x337/0x6f0 [ 51.011601] ret_from_fork+0x116/0x1d0 [ 51.011792] ret_from_fork_asm+0x1a/0x30 [ 51.012311] [ 51.012443] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.013151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.013443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.013938] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.917036] ================================================================== [ 50.917479] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.917479] [ 50.917975] Use-after-free read at 0x(____ptrval____) (in kfence-#135): [ 50.918312] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.918514] kunit_try_run_case+0x1a5/0x480 [ 50.918836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.919112] kthread+0x337/0x6f0 [ 50.919303] ret_from_fork+0x116/0x1d0 [ 50.919516] ret_from_fork_asm+0x1a/0x30 [ 50.919752] [ 50.919856] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 50.919856] [ 50.920295] allocated by task 352 on cpu 0 at 50.899241s (0.021051s ago): [ 50.920645] test_alloc+0x2a6/0x10f0 [ 50.920936] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 50.921222] kunit_try_run_case+0x1a5/0x480 [ 50.921446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.921641] kthread+0x337/0x6f0 [ 50.921793] ret_from_fork+0x116/0x1d0 [ 50.922085] ret_from_fork_asm+0x1a/0x30 [ 50.922312] [ 50.922420] freed by task 352 on cpu 0 at 50.899358s (0.023060s ago): [ 50.922720] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 50.922952] kunit_try_run_case+0x1a5/0x480 [ 50.923155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.923420] kthread+0x337/0x6f0 [ 50.923607] ret_from_fork+0x116/0x1d0 [ 50.923881] ret_from_fork_asm+0x1a/0x30 [ 50.924058] [ 50.924167] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 50.924519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.924669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.925574] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.851830] ================================================================== [ 25.852750] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 25.852750] [ 25.853233] Invalid read at 0x(____ptrval____): [ 25.853668] test_invalid_access+0xf0/0x210 [ 25.854081] kunit_try_run_case+0x1a5/0x480 [ 25.854320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.854633] kthread+0x337/0x6f0 [ 25.854934] ret_from_fork+0x116/0x1d0 [ 25.855329] ret_from_fork_asm+0x1a/0x30 [ 25.855629] [ 25.855906] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.856495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.856701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.857214] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.627380] ================================================================== [ 25.627842] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.627842] [ 25.628280] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#131): [ 25.629408] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.629648] kunit_try_run_case+0x1a5/0x480 [ 25.629811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.629994] kthread+0x337/0x6f0 [ 25.630260] ret_from_fork+0x116/0x1d0 [ 25.630412] ret_from_fork_asm+0x1a/0x30 [ 25.630563] [ 25.630642] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.630642] [ 25.630942] allocated by task 342 on cpu 1 at 25.627034s (0.003906s ago): [ 25.631315] test_alloc+0x364/0x10f0 [ 25.631514] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 25.631810] kunit_try_run_case+0x1a5/0x480 [ 25.632042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632317] kthread+0x337/0x6f0 [ 25.632501] ret_from_fork+0x116/0x1d0 [ 25.632905] ret_from_fork_asm+0x1a/0x30 [ 25.633145] [ 25.633248] freed by task 342 on cpu 1 at 25.627257s (0.005989s ago): [ 25.633561] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.633784] kunit_try_run_case+0x1a5/0x480 [ 25.634119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.636447] kthread+0x337/0x6f0 [ 25.636968] ret_from_fork+0x116/0x1d0 [ 25.637578] ret_from_fork_asm+0x1a/0x30 [ 25.638104] [ 25.638534] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.639562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.639960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.640270] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.419264] ================================================================== [ 25.419651] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.419651] [ 25.420071] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#129): [ 25.420429] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.420626] kunit_try_run_case+0x1a5/0x480 [ 25.420955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.421202] kthread+0x337/0x6f0 [ 25.421349] ret_from_fork+0x116/0x1d0 [ 25.421548] ret_from_fork_asm+0x1a/0x30 [ 25.421769] [ 25.421852] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.421852] [ 25.422234] allocated by task 340 on cpu 0 at 25.419034s (0.003198s ago): [ 25.422542] test_alloc+0x364/0x10f0 [ 25.422743] test_kmalloc_aligned_oob_read+0x105/0x560 [ 25.422929] kunit_try_run_case+0x1a5/0x480 [ 25.423096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.423356] kthread+0x337/0x6f0 [ 25.423529] ret_from_fork+0x116/0x1d0 [ 25.423722] ret_from_fork_asm+0x1a/0x30 [ 25.423926] [ 25.424106] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.424534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.424753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.425108] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.195174] ================================================================== [ 22.195569] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 22.195569] [ 22.196125] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 22.196731] test_corruption+0x131/0x3e0 [ 22.197701] kunit_try_run_case+0x1a5/0x480 [ 22.197952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.198311] kthread+0x337/0x6f0 [ 22.198718] ret_from_fork+0x116/0x1d0 [ 22.199129] ret_from_fork_asm+0x1a/0x30 [ 22.199451] [ 22.199658] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.199658] [ 22.200329] allocated by task 330 on cpu 0 at 22.195037s (0.005289s ago): [ 22.200652] test_alloc+0x2a6/0x10f0 [ 22.200972] test_corruption+0xe6/0x3e0 [ 22.201285] kunit_try_run_case+0x1a5/0x480 [ 22.201516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.201985] kthread+0x337/0x6f0 [ 22.202283] ret_from_fork+0x116/0x1d0 [ 22.202569] ret_from_fork_asm+0x1a/0x30 [ 22.202783] [ 22.203083] freed by task 330 on cpu 0 at 22.195096s (0.007984s ago): [ 22.203382] test_corruption+0x131/0x3e0 [ 22.203686] kunit_try_run_case+0x1a5/0x480 [ 22.203933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.204385] kthread+0x337/0x6f0 [ 22.204657] ret_from_fork+0x116/0x1d0 [ 22.204969] ret_from_fork_asm+0x1a/0x30 [ 22.205186] [ 22.205301] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 22.206009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.206329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.206844] ================================================================== [ 22.403203] ================================================================== [ 22.403613] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 22.403613] [ 22.404060] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#100): [ 22.404900] test_corruption+0x216/0x3e0 [ 22.405114] kunit_try_run_case+0x1a5/0x480 [ 22.405362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.405839] kthread+0x337/0x6f0 [ 22.406222] ret_from_fork+0x116/0x1d0 [ 22.406527] ret_from_fork_asm+0x1a/0x30 [ 22.406728] [ 22.406893] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.406893] [ 22.407319] allocated by task 330 on cpu 0 at 22.403068s (0.004249s ago): [ 22.407654] test_alloc+0x2a6/0x10f0 [ 22.408179] test_corruption+0x1cb/0x3e0 [ 22.408377] kunit_try_run_case+0x1a5/0x480 [ 22.408720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.409083] kthread+0x337/0x6f0 [ 22.409246] ret_from_fork+0x116/0x1d0 [ 22.409561] ret_from_fork_asm+0x1a/0x30 [ 22.409867] [ 22.410191] freed by task 330 on cpu 0 at 22.403127s (0.007061s ago): [ 22.410490] test_corruption+0x216/0x3e0 [ 22.410782] kunit_try_run_case+0x1a5/0x480 [ 22.411099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.411344] kthread+0x337/0x6f0 [ 22.411488] ret_from_fork+0x116/0x1d0 [ 22.412002] ret_from_fork_asm+0x1a/0x30 [ 22.412221] [ 22.412513] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 22.413033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.413341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.413758] ================================================================== [ 20.739358] ================================================================== [ 20.739954] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 20.739954] [ 20.740317] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 20.741137] test_corruption+0x2d2/0x3e0 [ 20.741349] kunit_try_run_case+0x1a5/0x480 [ 20.741551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.741782] kthread+0x337/0x6f0 [ 20.741985] ret_from_fork+0x116/0x1d0 [ 20.742192] ret_from_fork_asm+0x1a/0x30 [ 20.742406] [ 20.742488] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.742488] [ 20.742879] allocated by task 328 on cpu 1 at 20.739103s (0.003774s ago): [ 20.743291] test_alloc+0x364/0x10f0 [ 20.743472] test_corruption+0xe6/0x3e0 [ 20.743631] kunit_try_run_case+0x1a5/0x480 [ 20.743872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.744156] kthread+0x337/0x6f0 [ 20.744329] ret_from_fork+0x116/0x1d0 [ 20.744498] ret_from_fork_asm+0x1a/0x30 [ 20.744699] [ 20.744837] freed by task 328 on cpu 1 at 20.739196s (0.005639s ago): [ 20.745093] test_corruption+0x2d2/0x3e0 [ 20.745243] kunit_try_run_case+0x1a5/0x480 [ 20.745448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.745724] kthread+0x337/0x6f0 [ 20.745877] ret_from_fork+0x116/0x1d0 [ 20.746022] ret_from_fork_asm+0x1a/0x30 [ 20.746183] [ 20.746358] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.746874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.747108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.747516] ================================================================== [ 21.675334] ================================================================== [ 21.675768] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 21.675768] [ 21.676115] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#93): [ 21.676551] test_corruption+0x2df/0x3e0 [ 21.676752] kunit_try_run_case+0x1a5/0x480 [ 21.676970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.677251] kthread+0x337/0x6f0 [ 21.677389] ret_from_fork+0x116/0x1d0 [ 21.677577] ret_from_fork_asm+0x1a/0x30 [ 21.677872] [ 21.677983] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 21.677983] [ 21.678344] allocated by task 328 on cpu 1 at 21.675037s (0.003305s ago): [ 21.678682] test_alloc+0x364/0x10f0 [ 21.678870] test_corruption+0x1cb/0x3e0 [ 21.679028] kunit_try_run_case+0x1a5/0x480 [ 21.679294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.679520] kthread+0x337/0x6f0 [ 21.679651] ret_from_fork+0x116/0x1d0 [ 21.679794] ret_from_fork_asm+0x1a/0x30 [ 21.680009] [ 21.680123] freed by task 328 on cpu 1 at 21.675160s (0.004961s ago): [ 21.680458] test_corruption+0x2df/0x3e0 [ 21.680640] kunit_try_run_case+0x1a5/0x480 [ 21.680801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.681105] kthread+0x337/0x6f0 [ 21.681291] ret_from_fork+0x116/0x1d0 [ 21.681465] ret_from_fork_asm+0x1a/0x30 [ 21.681622] [ 21.681728] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 21.682262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.682486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.682881] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.531116] ================================================================== [ 20.531501] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 20.531501] [ 20.531924] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 20.532228] test_invalid_addr_free+0x1e1/0x260 [ 20.533110] kunit_try_run_case+0x1a5/0x480 [ 20.533335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.533561] kthread+0x337/0x6f0 [ 20.534000] ret_from_fork+0x116/0x1d0 [ 20.534232] ret_from_fork_asm+0x1a/0x30 [ 20.534443] [ 20.534535] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.534535] [ 20.535230] allocated by task 324 on cpu 0 at 20.530985s (0.004242s ago): [ 20.535675] test_alloc+0x364/0x10f0 [ 20.535921] test_invalid_addr_free+0xdb/0x260 [ 20.536228] kunit_try_run_case+0x1a5/0x480 [ 20.536409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.536825] kthread+0x337/0x6f0 [ 20.537130] ret_from_fork+0x116/0x1d0 [ 20.537297] ret_from_fork_asm+0x1a/0x30 [ 20.537641] [ 20.537783] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.538421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.538622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.539196] ================================================================== [ 20.635164] ================================================================== [ 20.635563] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 20.635563] [ 20.635953] Invalid free of 0x(____ptrval____) (in kfence-#83): [ 20.636267] test_invalid_addr_free+0xfb/0x260 [ 20.636828] kunit_try_run_case+0x1a5/0x480 [ 20.637062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.637342] kthread+0x337/0x6f0 [ 20.637513] ret_from_fork+0x116/0x1d0 [ 20.637706] ret_from_fork_asm+0x1a/0x30 [ 20.638292] [ 20.638388] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.638388] [ 20.638996] allocated by task 326 on cpu 0 at 20.635057s (0.003937s ago): [ 20.639487] test_alloc+0x2a6/0x10f0 [ 20.639760] test_invalid_addr_free+0xdb/0x260 [ 20.639959] kunit_try_run_case+0x1a5/0x480 [ 20.640321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.640580] kthread+0x337/0x6f0 [ 20.640855] ret_from_fork+0x116/0x1d0 [ 20.641117] ret_from_fork_asm+0x1a/0x30 [ 20.641332] [ 20.641546] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.642159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.642439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.642916] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.323258] ================================================================== [ 20.323775] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 20.323775] [ 20.324143] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 20.324408] test_double_free+0x1d3/0x260 [ 20.324621] kunit_try_run_case+0x1a5/0x480 [ 20.324778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.324965] kthread+0x337/0x6f0 [ 20.325165] ret_from_fork+0x116/0x1d0 [ 20.325491] ret_from_fork_asm+0x1a/0x30 [ 20.325725] [ 20.325830] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.325830] [ 20.326214] allocated by task 320 on cpu 1 at 20.322977s (0.003235s ago): [ 20.326527] test_alloc+0x364/0x10f0 [ 20.326694] test_double_free+0xdb/0x260 [ 20.326839] kunit_try_run_case+0x1a5/0x480 [ 20.327035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.327224] kthread+0x337/0x6f0 [ 20.327654] ret_from_fork+0x116/0x1d0 [ 20.327959] ret_from_fork_asm+0x1a/0x30 [ 20.328148] [ 20.328248] freed by task 320 on cpu 1 at 20.323037s (0.005209s ago): [ 20.328464] test_double_free+0x1e0/0x260 [ 20.328752] kunit_try_run_case+0x1a5/0x480 [ 20.328975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.329197] kthread+0x337/0x6f0 [ 20.329326] ret_from_fork+0x116/0x1d0 [ 20.329464] ret_from_fork_asm+0x1a/0x30 [ 20.329738] [ 20.329869] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.330373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.330573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.331002] ================================================================== [ 20.427343] ================================================================== [ 20.427926] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 20.427926] [ 20.428228] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 20.428952] test_double_free+0x112/0x260 [ 20.429196] kunit_try_run_case+0x1a5/0x480 [ 20.429366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.429633] kthread+0x337/0x6f0 [ 20.430112] ret_from_fork+0x116/0x1d0 [ 20.430299] ret_from_fork_asm+0x1a/0x30 [ 20.430504] [ 20.430801] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.430801] [ 20.431292] allocated by task 322 on cpu 0 at 20.427065s (0.004224s ago): [ 20.431923] test_alloc+0x2a6/0x10f0 [ 20.432123] test_double_free+0xdb/0x260 [ 20.432305] kunit_try_run_case+0x1a5/0x480 [ 20.432505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.432992] kthread+0x337/0x6f0 [ 20.433182] ret_from_fork+0x116/0x1d0 [ 20.433341] ret_from_fork_asm+0x1a/0x30 [ 20.433668] [ 20.433754] freed by task 322 on cpu 0 at 20.427126s (0.006625s ago): [ 20.434235] test_double_free+0xfa/0x260 [ 20.434505] kunit_try_run_case+0x1a5/0x480 [ 20.434804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.435062] kthread+0x337/0x6f0 [ 20.435361] ret_from_fork+0x116/0x1d0 [ 20.435614] ret_from_fork_asm+0x1a/0x30 [ 20.435783] [ 20.435935] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.436424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.436621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.437273] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.011285] ================================================================== [ 20.011684] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 20.011684] [ 20.012162] Use-after-free read at 0x(____ptrval____) (in kfence-#77): [ 20.012884] test_use_after_free_read+0x129/0x270 [ 20.013221] kunit_try_run_case+0x1a5/0x480 [ 20.013613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.013989] kthread+0x337/0x6f0 [ 20.014172] ret_from_fork+0x116/0x1d0 [ 20.014366] ret_from_fork_asm+0x1a/0x30 [ 20.014568] [ 20.014664] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.014664] [ 20.015366] allocated by task 314 on cpu 0 at 20.011153s (0.004211s ago): [ 20.015835] test_alloc+0x2a6/0x10f0 [ 20.016128] test_use_after_free_read+0xdc/0x270 [ 20.016443] kunit_try_run_case+0x1a5/0x480 [ 20.016655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.017098] kthread+0x337/0x6f0 [ 20.017258] ret_from_fork+0x116/0x1d0 [ 20.017618] ret_from_fork_asm+0x1a/0x30 [ 20.017858] [ 20.017961] freed by task 314 on cpu 0 at 20.011203s (0.006756s ago): [ 20.018502] test_use_after_free_read+0xfb/0x270 [ 20.018734] kunit_try_run_case+0x1a5/0x480 [ 20.019130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.019487] kthread+0x337/0x6f0 [ 20.019672] ret_from_fork+0x116/0x1d0 [ 20.020058] ret_from_fork_asm+0x1a/0x30 [ 20.020353] [ 20.020510] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.021178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.021405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.022003] ================================================================== [ 19.907268] ================================================================== [ 19.907700] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.907700] [ 19.908165] Use-after-free read at 0x(____ptrval____) (in kfence-#76): [ 19.908437] test_use_after_free_read+0x129/0x270 [ 19.908666] kunit_try_run_case+0x1a5/0x480 [ 19.908908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.909186] kthread+0x337/0x6f0 [ 19.909374] ret_from_fork+0x116/0x1d0 [ 19.909529] ret_from_fork_asm+0x1a/0x30 [ 19.909744] [ 19.909852] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.909852] [ 19.910262] allocated by task 312 on cpu 1 at 19.907057s (0.003203s ago): [ 19.910577] test_alloc+0x364/0x10f0 [ 19.910717] test_use_after_free_read+0xdc/0x270 [ 19.911097] kunit_try_run_case+0x1a5/0x480 [ 19.911287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.911546] kthread+0x337/0x6f0 [ 19.911693] ret_from_fork+0x116/0x1d0 [ 19.911854] ret_from_fork_asm+0x1a/0x30 [ 19.912094] [ 19.912320] freed by task 312 on cpu 1 at 19.907118s (0.005118s ago): [ 19.912685] test_use_after_free_read+0x1e7/0x270 [ 19.912921] kunit_try_run_case+0x1a5/0x480 [ 19.913199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.913471] kthread+0x337/0x6f0 [ 19.913606] ret_from_fork+0x116/0x1d0 [ 19.913754] ret_from_fork_asm+0x1a/0x30 [ 19.913972] [ 19.914111] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.914545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.914778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.915207] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.803028] ================================================================== [ 19.803485] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.803485] [ 19.803970] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#75): [ 19.804250] test_out_of_bounds_write+0x10d/0x260 [ 19.804454] kunit_try_run_case+0x1a5/0x480 [ 19.804681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.804954] kthread+0x337/0x6f0 [ 19.805113] ret_from_fork+0x116/0x1d0 [ 19.805315] ret_from_fork_asm+0x1a/0x30 [ 19.805512] [ 19.805627] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.805627] [ 19.805975] allocated by task 310 on cpu 0 at 19.802969s (0.003003s ago): [ 19.806314] test_alloc+0x2a6/0x10f0 [ 19.806499] test_out_of_bounds_write+0xd4/0x260 [ 19.806662] kunit_try_run_case+0x1a5/0x480 [ 19.806944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.807183] kthread+0x337/0x6f0 [ 19.807312] ret_from_fork+0x116/0x1d0 [ 19.807482] ret_from_fork_asm+0x1a/0x30 [ 19.807692] [ 19.807818] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.808327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.808498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.808981] ================================================================== [ 19.699219] ================================================================== [ 19.699642] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.699642] [ 19.700037] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#74): [ 19.700405] test_out_of_bounds_write+0x10d/0x260 [ 19.700618] kunit_try_run_case+0x1a5/0x480 [ 19.700945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.701160] kthread+0x337/0x6f0 [ 19.701343] ret_from_fork+0x116/0x1d0 [ 19.701537] ret_from_fork_asm+0x1a/0x30 [ 19.701742] [ 19.701841] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.701841] [ 19.702228] allocated by task 308 on cpu 1 at 19.699094s (0.003131s ago): [ 19.702562] test_alloc+0x364/0x10f0 [ 19.702775] test_out_of_bounds_write+0xd4/0x260 [ 19.702952] kunit_try_run_case+0x1a5/0x480 [ 19.703123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.703393] kthread+0x337/0x6f0 [ 19.703569] ret_from_fork+0x116/0x1d0 [ 19.703784] ret_from_fork_asm+0x1a/0x30 [ 19.703946] [ 19.704068] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.704550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.704741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.705062] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.075118] ================================================================== [ 19.075517] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 19.075517] [ 19.076040] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#68): [ 19.076461] test_out_of_bounds_read+0x216/0x4e0 [ 19.076641] kunit_try_run_case+0x1a5/0x480 [ 19.076804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.076990] kthread+0x337/0x6f0 [ 19.077137] ret_from_fork+0x116/0x1d0 [ 19.077284] ret_from_fork_asm+0x1a/0x30 [ 19.077435] [ 19.077515] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.077515] [ 19.077803] allocated by task 306 on cpu 1 at 19.075063s (0.002738s ago): [ 19.078064] test_alloc+0x2a6/0x10f0 [ 19.078285] test_out_of_bounds_read+0x1e2/0x4e0 [ 19.078477] kunit_try_run_case+0x1a5/0x480 [ 19.078632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.079142] kthread+0x337/0x6f0 [ 19.079351] ret_from_fork+0x116/0x1d0 [ 19.079567] ret_from_fork_asm+0x1a/0x30 [ 19.079793] [ 19.079894] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.080486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.080670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.081197] ================================================================== [ 18.971177] ================================================================== [ 18.971581] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.971581] [ 18.972021] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#67): [ 18.972369] test_out_of_bounds_read+0x126/0x4e0 [ 18.972600] kunit_try_run_case+0x1a5/0x480 [ 18.972765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.973076] kthread+0x337/0x6f0 [ 18.973264] ret_from_fork+0x116/0x1d0 [ 18.973473] ret_from_fork_asm+0x1a/0x30 [ 18.973635] [ 18.973716] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.973716] [ 18.974147] allocated by task 306 on cpu 1 at 18.971108s (0.003038s ago): [ 18.974550] test_alloc+0x2a6/0x10f0 [ 18.974719] test_out_of_bounds_read+0xed/0x4e0 [ 18.974958] kunit_try_run_case+0x1a5/0x480 [ 18.975127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.975384] kthread+0x337/0x6f0 [ 18.975564] ret_from_fork+0x116/0x1d0 [ 18.975762] ret_from_fork_asm+0x1a/0x30 [ 18.975955] [ 18.976069] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.976567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.976866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.977266] ================================================================== [ 18.348120] ================================================================== [ 18.348605] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.348605] [ 18.349592] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 18.350271] test_out_of_bounds_read+0x126/0x4e0 [ 18.350602] kunit_try_run_case+0x1a5/0x480 [ 18.350828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.351243] kthread+0x337/0x6f0 [ 18.351506] ret_from_fork+0x116/0x1d0 [ 18.351699] ret_from_fork_asm+0x1a/0x30 [ 18.352065] [ 18.352477] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.352477] [ 18.353217] allocated by task 304 on cpu 0 at 18.347035s (0.005970s ago): [ 18.353921] test_alloc+0x364/0x10f0 [ 18.354155] test_out_of_bounds_read+0xed/0x4e0 [ 18.354480] kunit_try_run_case+0x1a5/0x480 [ 18.354673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.355010] kthread+0x337/0x6f0 [ 18.355194] ret_from_fork+0x116/0x1d0 [ 18.355394] ret_from_fork_asm+0x1a/0x30 [ 18.355656] [ 18.356141] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.356621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.356942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.357448] ================================================================== [ 18.867228] ================================================================== [ 18.867661] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.867661] [ 18.868113] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 18.868480] test_out_of_bounds_read+0x216/0x4e0 [ 18.868719] kunit_try_run_case+0x1a5/0x480 [ 18.868901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.869197] kthread+0x337/0x6f0 [ 18.869567] ret_from_fork+0x116/0x1d0 [ 18.870482] ret_from_fork_asm+0x1a/0x30 [ 18.870701] [ 18.870806] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.870806] [ 18.871412] allocated by task 304 on cpu 0 at 18.867037s (0.004372s ago): [ 18.871915] test_alloc+0x364/0x10f0 [ 18.872093] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.872447] kunit_try_run_case+0x1a5/0x480 [ 18.872741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.873077] kthread+0x337/0x6f0 [ 18.873315] ret_from_fork+0x116/0x1d0 [ 18.873575] ret_from_fork_asm+0x1a/0x30 [ 18.873757] [ 18.873971] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.874587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.874787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.875396] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.109459] ================================================================== [ 18.110083] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 18.110406] Write of size 1 at addr ffff8881031c0b78 by task kunit_try_catch/302 [ 18.110711] [ 18.110977] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.111024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.111039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.111074] Call Trace: [ 18.111093] <TASK> [ 18.111113] dump_stack_lvl+0x73/0xb0 [ 18.111295] print_report+0xd1/0x650 [ 18.111322] ? __virt_addr_valid+0x1db/0x2d0 [ 18.111347] ? strncpy_from_user+0x1a5/0x1d0 [ 18.111373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.111401] ? strncpy_from_user+0x1a5/0x1d0 [ 18.111428] kasan_report+0x141/0x180 [ 18.111452] ? strncpy_from_user+0x1a5/0x1d0 [ 18.111483] __asan_report_store1_noabort+0x1b/0x30 [ 18.111511] strncpy_from_user+0x1a5/0x1d0 [ 18.111539] copy_user_test_oob+0x760/0x10f0 [ 18.111570] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.111596] ? __kasan_check_write+0x18/0x20 [ 18.111618] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.111643] ? irqentry_exit+0x2a/0x60 [ 18.111667] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.111693] ? trace_hardirqs_on+0x37/0xe0 [ 18.111719] ? __pfx_read_tsc+0x10/0x10 [ 18.111743] ? ktime_get_ts64+0x86/0x230 [ 18.111770] kunit_try_run_case+0x1a5/0x480 [ 18.111796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.111823] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.111847] ? __kthread_parkme+0x82/0x180 [ 18.111869] ? preempt_count_sub+0x50/0x80 [ 18.111895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.111920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.111946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.111971] kthread+0x337/0x6f0 [ 18.111993] ? trace_preempt_on+0x20/0xc0 [ 18.112017] ? __pfx_kthread+0x10/0x10 [ 18.112040] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.112074] ? calculate_sigpending+0x7b/0xa0 [ 18.112101] ? __pfx_kthread+0x10/0x10 [ 18.112125] ret_from_fork+0x116/0x1d0 [ 18.112145] ? __pfx_kthread+0x10/0x10 [ 18.112169] ret_from_fork_asm+0x1a/0x30 [ 18.112202] </TASK> [ 18.112217] [ 18.121722] Allocated by task 302: [ 18.122039] kasan_save_stack+0x45/0x70 [ 18.122243] kasan_save_track+0x18/0x40 [ 18.122426] kasan_save_alloc_info+0x3b/0x50 [ 18.122630] __kasan_kmalloc+0xb7/0xc0 [ 18.123060] __kmalloc_noprof+0x1c9/0x500 [ 18.123310] kunit_kmalloc_array+0x25/0x60 [ 18.123583] copy_user_test_oob+0xab/0x10f0 [ 18.123873] kunit_try_run_case+0x1a5/0x480 [ 18.124155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.124364] kthread+0x337/0x6f0 [ 18.124671] ret_from_fork+0x116/0x1d0 [ 18.124818] ret_from_fork_asm+0x1a/0x30 [ 18.124961] [ 18.126245] The buggy address belongs to the object at ffff8881031c0b00 [ 18.126245] which belongs to the cache kmalloc-128 of size 128 [ 18.126960] The buggy address is located 0 bytes to the right of [ 18.126960] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.127359] [ 18.127438] The buggy address belongs to the physical page: [ 18.127615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.127861] flags: 0x200000000000000(node=0|zone=2) [ 18.128293] page_type: f5(slab) [ 18.128660] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.129306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.130070] page dumped because: kasan: bad access detected [ 18.130533] [ 18.130691] Memory state around the buggy address: [ 18.131102] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.131950] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.132237] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.132454] ^ [ 18.133218] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.133716] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.133982] ================================================================== [ 18.085991] ================================================================== [ 18.086281] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 18.086612] Write of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 18.087377] [ 18.087609] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.087656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.087669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.087691] Call Trace: [ 18.087771] <TASK> [ 18.087793] dump_stack_lvl+0x73/0xb0 [ 18.087825] print_report+0xd1/0x650 [ 18.087850] ? __virt_addr_valid+0x1db/0x2d0 [ 18.087875] ? strncpy_from_user+0x2e/0x1d0 [ 18.087901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.087931] ? strncpy_from_user+0x2e/0x1d0 [ 18.087957] kasan_report+0x141/0x180 [ 18.087982] ? strncpy_from_user+0x2e/0x1d0 [ 18.088013] kasan_check_range+0x10c/0x1c0 [ 18.088039] __kasan_check_write+0x18/0x20 [ 18.088073] strncpy_from_user+0x2e/0x1d0 [ 18.088098] ? __kasan_check_read+0x15/0x20 [ 18.088122] copy_user_test_oob+0x760/0x10f0 [ 18.088151] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.088180] ? __kasan_check_write+0x18/0x20 [ 18.088201] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.088227] ? irqentry_exit+0x2a/0x60 [ 18.088250] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.088276] ? trace_hardirqs_on+0x37/0xe0 [ 18.088302] ? __pfx_read_tsc+0x10/0x10 [ 18.088324] ? ktime_get_ts64+0x86/0x230 [ 18.088351] kunit_try_run_case+0x1a5/0x480 [ 18.088377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.088404] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.088430] ? __kthread_parkme+0x82/0x180 [ 18.088452] ? preempt_count_sub+0x50/0x80 [ 18.088477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.088502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.088526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.088552] kthread+0x337/0x6f0 [ 18.088574] ? trace_preempt_on+0x20/0xc0 [ 18.088598] ? __pfx_kthread+0x10/0x10 [ 18.088620] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.088644] ? calculate_sigpending+0x7b/0xa0 [ 18.088670] ? __pfx_kthread+0x10/0x10 [ 18.088694] ret_from_fork+0x116/0x1d0 [ 18.088714] ? __pfx_kthread+0x10/0x10 [ 18.088749] ret_from_fork_asm+0x1a/0x30 [ 18.088782] </TASK> [ 18.088795] [ 18.098923] Allocated by task 302: [ 18.099241] kasan_save_stack+0x45/0x70 [ 18.099536] kasan_save_track+0x18/0x40 [ 18.099734] kasan_save_alloc_info+0x3b/0x50 [ 18.100097] __kasan_kmalloc+0xb7/0xc0 [ 18.100283] __kmalloc_noprof+0x1c9/0x500 [ 18.100473] kunit_kmalloc_array+0x25/0x60 [ 18.100657] copy_user_test_oob+0xab/0x10f0 [ 18.101097] kunit_try_run_case+0x1a5/0x480 [ 18.101302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.101621] kthread+0x337/0x6f0 [ 18.101803] ret_from_fork+0x116/0x1d0 [ 18.101976] ret_from_fork_asm+0x1a/0x30 [ 18.102331] [ 18.102418] The buggy address belongs to the object at ffff8881031c0b00 [ 18.102418] which belongs to the cache kmalloc-128 of size 128 [ 18.103042] The buggy address is located 0 bytes inside of [ 18.103042] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.103532] [ 18.103643] The buggy address belongs to the physical page: [ 18.104157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.104547] flags: 0x200000000000000(node=0|zone=2) [ 18.104783] page_type: f5(slab) [ 18.105081] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.105467] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.105764] page dumped because: kasan: bad access detected [ 18.106126] [ 18.106229] Memory state around the buggy address: [ 18.106545] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.106835] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.107281] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.107588] ^ [ 18.108013] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.108433] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.108794] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.013712] ================================================================== [ 18.014905] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 18.015252] Read of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 18.015560] [ 18.015686] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.015733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.016139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.016164] Call Trace: [ 18.016184] <TASK> [ 18.016204] dump_stack_lvl+0x73/0xb0 [ 18.016337] print_report+0xd1/0x650 [ 18.016364] ? __virt_addr_valid+0x1db/0x2d0 [ 18.016391] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.016418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.016449] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.016477] kasan_report+0x141/0x180 [ 18.016503] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.016536] kasan_check_range+0x10c/0x1c0 [ 18.016564] __kasan_check_read+0x15/0x20 [ 18.016586] copy_user_test_oob+0x4aa/0x10f0 [ 18.016617] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.016646] ? __kasan_check_write+0x18/0x20 [ 18.016669] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.016696] ? irqentry_exit+0x2a/0x60 [ 18.016721] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.016751] ? trace_hardirqs_on+0x37/0xe0 [ 18.016777] ? __pfx_read_tsc+0x10/0x10 [ 18.016803] ? ktime_get_ts64+0x86/0x230 [ 18.016834] kunit_try_run_case+0x1a5/0x480 [ 18.016863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.016892] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.016919] ? __kthread_parkme+0x82/0x180 [ 18.016943] ? preempt_count_sub+0x50/0x80 [ 18.016970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.016998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.017025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.017064] kthread+0x337/0x6f0 [ 18.017088] ? trace_preempt_on+0x20/0xc0 [ 18.017115] ? __pfx_kthread+0x10/0x10 [ 18.017139] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.017163] ? calculate_sigpending+0x7b/0xa0 [ 18.017190] ? __pfx_kthread+0x10/0x10 [ 18.017215] ret_from_fork+0x116/0x1d0 [ 18.017237] ? __pfx_kthread+0x10/0x10 [ 18.017262] ret_from_fork_asm+0x1a/0x30 [ 18.017298] </TASK> [ 18.017313] [ 18.027410] Allocated by task 302: [ 18.027612] kasan_save_stack+0x45/0x70 [ 18.027833] kasan_save_track+0x18/0x40 [ 18.028205] kasan_save_alloc_info+0x3b/0x50 [ 18.028493] __kasan_kmalloc+0xb7/0xc0 [ 18.028647] __kmalloc_noprof+0x1c9/0x500 [ 18.028979] kunit_kmalloc_array+0x25/0x60 [ 18.029150] copy_user_test_oob+0xab/0x10f0 [ 18.029375] kunit_try_run_case+0x1a5/0x480 [ 18.029595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.030116] kthread+0x337/0x6f0 [ 18.030292] ret_from_fork+0x116/0x1d0 [ 18.030448] ret_from_fork_asm+0x1a/0x30 [ 18.030780] [ 18.030877] The buggy address belongs to the object at ffff8881031c0b00 [ 18.030877] which belongs to the cache kmalloc-128 of size 128 [ 18.031601] The buggy address is located 0 bytes inside of [ 18.031601] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.032315] [ 18.032419] The buggy address belongs to the physical page: [ 18.032752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.033230] flags: 0x200000000000000(node=0|zone=2) [ 18.033487] page_type: f5(slab) [ 18.033666] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.034185] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.034585] page dumped because: kasan: bad access detected [ 18.034902] [ 18.035000] Memory state around the buggy address: [ 18.035337] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.035706] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.036225] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.036526] ^ [ 18.036933] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037310] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037693] ================================================================== [ 17.994128] ================================================================== [ 17.994466] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 17.994792] Write of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 17.995149] [ 17.995247] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.995297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.995310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.995334] Call Trace: [ 17.995349] <TASK> [ 17.995369] dump_stack_lvl+0x73/0xb0 [ 17.995403] print_report+0xd1/0x650 [ 17.995429] ? __virt_addr_valid+0x1db/0x2d0 [ 17.995456] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.995483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.995513] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.995540] kasan_report+0x141/0x180 [ 17.995566] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.995599] kasan_check_range+0x10c/0x1c0 [ 17.995626] __kasan_check_write+0x18/0x20 [ 17.995648] copy_user_test_oob+0x3fd/0x10f0 [ 17.995678] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.995707] ? __kasan_check_write+0x18/0x20 [ 17.995729] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.995756] ? irqentry_exit+0x2a/0x60 [ 17.995782] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.995810] ? trace_hardirqs_on+0x37/0xe0 [ 17.995838] ? __pfx_read_tsc+0x10/0x10 [ 17.995864] ? ktime_get_ts64+0x86/0x230 [ 17.995893] kunit_try_run_case+0x1a5/0x480 [ 17.995933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.995962] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.995989] ? __kthread_parkme+0x82/0x180 [ 17.996013] ? preempt_count_sub+0x50/0x80 [ 17.996042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.996081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.996108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.996135] kthread+0x337/0x6f0 [ 17.996159] ? trace_preempt_on+0x20/0xc0 [ 17.996185] ? __pfx_kthread+0x10/0x10 [ 17.996210] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.996236] ? calculate_sigpending+0x7b/0xa0 [ 17.996262] ? __pfx_kthread+0x10/0x10 [ 17.996288] ret_from_fork+0x116/0x1d0 [ 17.996310] ? __pfx_kthread+0x10/0x10 [ 17.996334] ret_from_fork_asm+0x1a/0x30 [ 17.996369] </TASK> [ 17.996383] [ 18.004429] Allocated by task 302: [ 18.004631] kasan_save_stack+0x45/0x70 [ 18.004854] kasan_save_track+0x18/0x40 [ 18.005036] kasan_save_alloc_info+0x3b/0x50 [ 18.005209] __kasan_kmalloc+0xb7/0xc0 [ 18.005404] __kmalloc_noprof+0x1c9/0x500 [ 18.005621] kunit_kmalloc_array+0x25/0x60 [ 18.005836] copy_user_test_oob+0xab/0x10f0 [ 18.006106] kunit_try_run_case+0x1a5/0x480 [ 18.006262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.006544] kthread+0x337/0x6f0 [ 18.006737] ret_from_fork+0x116/0x1d0 [ 18.006928] ret_from_fork_asm+0x1a/0x30 [ 18.007088] [ 18.007167] The buggy address belongs to the object at ffff8881031c0b00 [ 18.007167] which belongs to the cache kmalloc-128 of size 128 [ 18.007580] The buggy address is located 0 bytes inside of [ 18.007580] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.008153] [ 18.008256] The buggy address belongs to the physical page: [ 18.008527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.008784] flags: 0x200000000000000(node=0|zone=2) [ 18.008960] page_type: f5(slab) [ 18.009113] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.009487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.009851] page dumped because: kasan: bad access detected [ 18.010139] [ 18.010244] Memory state around the buggy address: [ 18.010523] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.010895] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.011207] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.011498] ^ [ 18.011766] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.012081] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.012498] ================================================================== [ 18.062348] ================================================================== [ 18.062636] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 18.063144] Read of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 18.063960] [ 18.064159] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.064209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.064222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.064355] Call Trace: [ 18.064375] <TASK> [ 18.064393] dump_stack_lvl+0x73/0xb0 [ 18.064427] print_report+0xd1/0x650 [ 18.064455] ? __virt_addr_valid+0x1db/0x2d0 [ 18.064480] ? copy_user_test_oob+0x604/0x10f0 [ 18.064506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.064536] ? copy_user_test_oob+0x604/0x10f0 [ 18.064562] kasan_report+0x141/0x180 [ 18.064588] ? copy_user_test_oob+0x604/0x10f0 [ 18.064620] kasan_check_range+0x10c/0x1c0 [ 18.064646] __kasan_check_read+0x15/0x20 [ 18.064668] copy_user_test_oob+0x604/0x10f0 [ 18.064697] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.064740] ? __kasan_check_write+0x18/0x20 [ 18.064763] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.064789] ? irqentry_exit+0x2a/0x60 [ 18.064814] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.064841] ? trace_hardirqs_on+0x37/0xe0 [ 18.064867] ? __pfx_read_tsc+0x10/0x10 [ 18.064891] ? ktime_get_ts64+0x86/0x230 [ 18.064919] kunit_try_run_case+0x1a5/0x480 [ 18.064947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.064975] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.065000] ? __kthread_parkme+0x82/0x180 [ 18.065024] ? preempt_count_sub+0x50/0x80 [ 18.065063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.065090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.065116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.065141] kthread+0x337/0x6f0 [ 18.065164] ? trace_preempt_on+0x20/0xc0 [ 18.065188] ? __pfx_kthread+0x10/0x10 [ 18.065212] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.065236] ? calculate_sigpending+0x7b/0xa0 [ 18.065262] ? __pfx_kthread+0x10/0x10 [ 18.065287] ret_from_fork+0x116/0x1d0 [ 18.065308] ? __pfx_kthread+0x10/0x10 [ 18.065332] ret_from_fork_asm+0x1a/0x30 [ 18.065367] </TASK> [ 18.065381] [ 18.075407] Allocated by task 302: [ 18.075769] kasan_save_stack+0x45/0x70 [ 18.075949] kasan_save_track+0x18/0x40 [ 18.076157] kasan_save_alloc_info+0x3b/0x50 [ 18.076362] __kasan_kmalloc+0xb7/0xc0 [ 18.076532] __kmalloc_noprof+0x1c9/0x500 [ 18.076719] kunit_kmalloc_array+0x25/0x60 [ 18.077204] copy_user_test_oob+0xab/0x10f0 [ 18.077382] kunit_try_run_case+0x1a5/0x480 [ 18.077723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.077925] kthread+0x337/0x6f0 [ 18.078237] ret_from_fork+0x116/0x1d0 [ 18.078390] ret_from_fork_asm+0x1a/0x30 [ 18.078696] [ 18.078829] The buggy address belongs to the object at ffff8881031c0b00 [ 18.078829] which belongs to the cache kmalloc-128 of size 128 [ 18.079515] The buggy address is located 0 bytes inside of [ 18.079515] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.080146] [ 18.080366] The buggy address belongs to the physical page: [ 18.080639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.081087] flags: 0x200000000000000(node=0|zone=2) [ 18.081394] page_type: f5(slab) [ 18.081581] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.082044] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.082366] page dumped because: kasan: bad access detected [ 18.082697] [ 18.082832] Memory state around the buggy address: [ 18.083163] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.083463] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.083909] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.084231] ^ [ 18.084615] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.084944] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.085399] ================================================================== [ 18.038441] ================================================================== [ 18.039110] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 18.039445] Write of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 18.039973] [ 18.040105] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.040154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.040168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.040191] Call Trace: [ 18.040212] <TASK> [ 18.040381] dump_stack_lvl+0x73/0xb0 [ 18.040417] print_report+0xd1/0x650 [ 18.040442] ? __virt_addr_valid+0x1db/0x2d0 [ 18.040468] ? copy_user_test_oob+0x557/0x10f0 [ 18.040495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.040524] ? copy_user_test_oob+0x557/0x10f0 [ 18.040552] kasan_report+0x141/0x180 [ 18.040578] ? copy_user_test_oob+0x557/0x10f0 [ 18.040610] kasan_check_range+0x10c/0x1c0 [ 18.040637] __kasan_check_write+0x18/0x20 [ 18.040659] copy_user_test_oob+0x557/0x10f0 [ 18.040688] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.040716] ? __kasan_check_write+0x18/0x20 [ 18.040751] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.040779] ? irqentry_exit+0x2a/0x60 [ 18.040804] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.040831] ? trace_hardirqs_on+0x37/0xe0 [ 18.040858] ? __pfx_read_tsc+0x10/0x10 [ 18.040882] ? ktime_get_ts64+0x86/0x230 [ 18.040912] kunit_try_run_case+0x1a5/0x480 [ 18.040939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.040967] ? queued_spin_lock_slowpath+0x116/0xb40 [ 18.040993] ? __kthread_parkme+0x82/0x180 [ 18.041016] ? preempt_count_sub+0x50/0x80 [ 18.041043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.041081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.041107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.041133] kthread+0x337/0x6f0 [ 18.041155] ? trace_preempt_on+0x20/0xc0 [ 18.041180] ? __pfx_kthread+0x10/0x10 [ 18.041203] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.041227] ? calculate_sigpending+0x7b/0xa0 [ 18.041253] ? __pfx_kthread+0x10/0x10 [ 18.041281] ret_from_fork+0x116/0x1d0 [ 18.041302] ? __pfx_kthread+0x10/0x10 [ 18.041325] ret_from_fork_asm+0x1a/0x30 [ 18.041359] </TASK> [ 18.041374] [ 18.051222] Allocated by task 302: [ 18.051417] kasan_save_stack+0x45/0x70 [ 18.051757] kasan_save_track+0x18/0x40 [ 18.052075] kasan_save_alloc_info+0x3b/0x50 [ 18.052407] __kasan_kmalloc+0xb7/0xc0 [ 18.052585] __kmalloc_noprof+0x1c9/0x500 [ 18.052892] kunit_kmalloc_array+0x25/0x60 [ 18.053179] copy_user_test_oob+0xab/0x10f0 [ 18.053375] kunit_try_run_case+0x1a5/0x480 [ 18.053595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.054064] kthread+0x337/0x6f0 [ 18.054242] ret_from_fork+0x116/0x1d0 [ 18.054497] ret_from_fork_asm+0x1a/0x30 [ 18.054654] [ 18.054759] The buggy address belongs to the object at ffff8881031c0b00 [ 18.054759] which belongs to the cache kmalloc-128 of size 128 [ 18.055605] The buggy address is located 0 bytes inside of [ 18.055605] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 18.056208] [ 18.056424] The buggy address belongs to the physical page: [ 18.056629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 18.057201] flags: 0x200000000000000(node=0|zone=2) [ 18.057443] page_type: f5(slab) [ 18.057721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.058171] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.058514] page dumped because: kasan: bad access detected [ 18.058983] [ 18.059092] Memory state around the buggy address: [ 18.059287] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.059755] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060037] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.060467] ^ [ 18.060889] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.061290] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.061678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 17.958456] ================================================================== [ 17.958838] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 17.959459] Read of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 17.959803] [ 17.959901] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.959949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.959963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.959985] Call Trace: [ 17.960003] <TASK> [ 17.960022] dump_stack_lvl+0x73/0xb0 [ 17.960068] print_report+0xd1/0x650 [ 17.960094] ? __virt_addr_valid+0x1db/0x2d0 [ 17.960122] ? _copy_to_user+0x3c/0x70 [ 17.960144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.960175] ? _copy_to_user+0x3c/0x70 [ 17.960198] kasan_report+0x141/0x180 [ 17.960223] ? _copy_to_user+0x3c/0x70 [ 17.960252] kasan_check_range+0x10c/0x1c0 [ 17.960279] __kasan_check_read+0x15/0x20 [ 17.960302] _copy_to_user+0x3c/0x70 [ 17.960326] copy_user_test_oob+0x364/0x10f0 [ 17.960356] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.960386] ? __kasan_check_write+0x18/0x20 [ 17.960408] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.960435] ? irqentry_exit+0x2a/0x60 [ 17.960460] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.960488] ? trace_hardirqs_on+0x37/0xe0 [ 17.960515] ? __pfx_read_tsc+0x10/0x10 [ 17.960541] ? ktime_get_ts64+0x86/0x230 [ 17.960570] kunit_try_run_case+0x1a5/0x480 [ 17.960598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.960627] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.960655] ? __kthread_parkme+0x82/0x180 [ 17.960679] ? preempt_count_sub+0x50/0x80 [ 17.960707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.960747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.960775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.960802] kthread+0x337/0x6f0 [ 17.960827] ? trace_preempt_on+0x20/0xc0 [ 17.960853] ? __pfx_kthread+0x10/0x10 [ 17.960879] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.960904] ? calculate_sigpending+0x7b/0xa0 [ 17.960931] ? __pfx_kthread+0x10/0x10 [ 17.960958] ret_from_fork+0x116/0x1d0 [ 17.960980] ? __pfx_kthread+0x10/0x10 [ 17.961004] ret_from_fork_asm+0x1a/0x30 [ 17.961040] </TASK> [ 17.961063] [ 17.975857] Allocated by task 302: [ 17.976191] kasan_save_stack+0x45/0x70 [ 17.976554] kasan_save_track+0x18/0x40 [ 17.976998] kasan_save_alloc_info+0x3b/0x50 [ 17.977283] __kasan_kmalloc+0xb7/0xc0 [ 17.977422] __kmalloc_noprof+0x1c9/0x500 [ 17.977582] kunit_kmalloc_array+0x25/0x60 [ 17.977750] copy_user_test_oob+0xab/0x10f0 [ 17.978146] kunit_try_run_case+0x1a5/0x480 [ 17.978528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.979159] kthread+0x337/0x6f0 [ 17.979459] ret_from_fork+0x116/0x1d0 [ 17.979812] ret_from_fork_asm+0x1a/0x30 [ 17.980179] [ 17.980350] The buggy address belongs to the object at ffff8881031c0b00 [ 17.980350] which belongs to the cache kmalloc-128 of size 128 [ 17.981460] The buggy address is located 0 bytes inside of [ 17.981460] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 17.981881] [ 17.981962] The buggy address belongs to the physical page: [ 17.982154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 17.982405] flags: 0x200000000000000(node=0|zone=2) [ 17.982575] page_type: f5(slab) [ 17.982702] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.983355] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.984178] page dumped because: kasan: bad access detected [ 17.984730] [ 17.984889] Memory state around the buggy address: [ 17.985318] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.985938] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.986561] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.987520] ^ [ 17.988205] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.988944] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.989590] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 17.936498] ================================================================== [ 17.937222] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 17.937528] Write of size 121 at addr ffff8881031c0b00 by task kunit_try_catch/302 [ 17.937838] [ 17.937973] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.938024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.938038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.938073] Call Trace: [ 17.938090] <TASK> [ 17.938112] dump_stack_lvl+0x73/0xb0 [ 17.938149] print_report+0xd1/0x650 [ 17.938176] ? __virt_addr_valid+0x1db/0x2d0 [ 17.938205] ? _copy_from_user+0x32/0x90 [ 17.938227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.938256] ? _copy_from_user+0x32/0x90 [ 17.938279] kasan_report+0x141/0x180 [ 17.938305] ? _copy_from_user+0x32/0x90 [ 17.938333] kasan_check_range+0x10c/0x1c0 [ 17.938359] __kasan_check_write+0x18/0x20 [ 17.938382] _copy_from_user+0x32/0x90 [ 17.938405] copy_user_test_oob+0x2be/0x10f0 [ 17.938435] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.938462] ? __kasan_check_write+0x18/0x20 [ 17.938485] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.938511] ? irqentry_exit+0x2a/0x60 [ 17.938538] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.938565] ? trace_hardirqs_on+0x37/0xe0 [ 17.938593] ? __pfx_read_tsc+0x10/0x10 [ 17.938620] ? ktime_get_ts64+0x86/0x230 [ 17.938649] kunit_try_run_case+0x1a5/0x480 [ 17.938676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.938704] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.938741] ? __kthread_parkme+0x82/0x180 [ 17.938766] ? preempt_count_sub+0x50/0x80 [ 17.938797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.938825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.938851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.938878] kthread+0x337/0x6f0 [ 17.938901] ? trace_preempt_on+0x20/0xc0 [ 17.938927] ? __pfx_kthread+0x10/0x10 [ 17.938951] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.938975] ? calculate_sigpending+0x7b/0xa0 [ 17.939003] ? __pfx_kthread+0x10/0x10 [ 17.939029] ret_from_fork+0x116/0x1d0 [ 17.939061] ? __pfx_kthread+0x10/0x10 [ 17.939085] ret_from_fork_asm+0x1a/0x30 [ 17.939121] </TASK> [ 17.939136] [ 17.946984] Allocated by task 302: [ 17.947163] kasan_save_stack+0x45/0x70 [ 17.947349] kasan_save_track+0x18/0x40 [ 17.947558] kasan_save_alloc_info+0x3b/0x50 [ 17.947779] __kasan_kmalloc+0xb7/0xc0 [ 17.947981] __kmalloc_noprof+0x1c9/0x500 [ 17.948176] kunit_kmalloc_array+0x25/0x60 [ 17.948398] copy_user_test_oob+0xab/0x10f0 [ 17.948618] kunit_try_run_case+0x1a5/0x480 [ 17.948806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.948995] kthread+0x337/0x6f0 [ 17.949221] ret_from_fork+0x116/0x1d0 [ 17.949477] ret_from_fork_asm+0x1a/0x30 [ 17.949637] [ 17.949717] The buggy address belongs to the object at ffff8881031c0b00 [ 17.949717] which belongs to the cache kmalloc-128 of size 128 [ 17.950267] The buggy address is located 0 bytes inside of [ 17.950267] allocated 120-byte region [ffff8881031c0b00, ffff8881031c0b78) [ 17.950652] [ 17.950734] The buggy address belongs to the physical page: [ 17.951020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 17.951408] flags: 0x200000000000000(node=0|zone=2) [ 17.951661] page_type: f5(slab) [ 17.951841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.952263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.952512] page dumped because: kasan: bad access detected [ 17.952840] [ 17.952945] Memory state around the buggy address: [ 17.953202] ffff8881031c0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.953514] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.953871] >ffff8881031c0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.954157] ^ [ 17.954460] ffff8881031c0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.954796] ffff8881031c0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 17.856849] ================================================================== [ 17.857525] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 17.857950] Read of size 8 at addr ffff8881031c0a78 by task kunit_try_catch/298 [ 17.858357] [ 17.858561] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.858615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.858630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.858656] Call Trace: [ 17.858671] <TASK> [ 17.858689] dump_stack_lvl+0x73/0xb0 [ 17.858763] print_report+0xd1/0x650 [ 17.858791] ? __virt_addr_valid+0x1db/0x2d0 [ 17.858818] ? copy_to_kernel_nofault+0x225/0x260 [ 17.858883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.858939] ? copy_to_kernel_nofault+0x225/0x260 [ 17.858966] kasan_report+0x141/0x180 [ 17.858990] ? copy_to_kernel_nofault+0x225/0x260 [ 17.859022] __asan_report_load8_noabort+0x18/0x20 [ 17.859060] copy_to_kernel_nofault+0x225/0x260 [ 17.859087] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 17.859114] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.859176] ? finish_task_switch.isra.0+0x153/0x700 [ 17.859203] ? __schedule+0x10cc/0x2b60 [ 17.859226] ? trace_hardirqs_on+0x37/0xe0 [ 17.859261] ? __pfx_read_tsc+0x10/0x10 [ 17.859285] ? ktime_get_ts64+0x86/0x230 [ 17.859313] kunit_try_run_case+0x1a5/0x480 [ 17.859340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.859364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.859389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.859415] ? __kthread_parkme+0x82/0x180 [ 17.859437] ? preempt_count_sub+0x50/0x80 [ 17.859463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.859488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.859514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.859539] kthread+0x337/0x6f0 [ 17.859561] ? trace_preempt_on+0x20/0xc0 [ 17.859586] ? __pfx_kthread+0x10/0x10 [ 17.859610] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.859634] ? calculate_sigpending+0x7b/0xa0 [ 17.859662] ? __pfx_kthread+0x10/0x10 [ 17.859687] ret_from_fork+0x116/0x1d0 [ 17.859747] ? __pfx_kthread+0x10/0x10 [ 17.859787] ret_from_fork_asm+0x1a/0x30 [ 17.859822] </TASK> [ 17.859837] [ 17.878182] Allocated by task 298: [ 17.878380] kasan_save_stack+0x45/0x70 [ 17.878577] kasan_save_track+0x18/0x40 [ 17.879219] kasan_save_alloc_info+0x3b/0x50 [ 17.879462] __kasan_kmalloc+0xb7/0xc0 [ 17.879642] __kmalloc_cache_noprof+0x189/0x420 [ 17.880021] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.880225] kunit_try_run_case+0x1a5/0x480 [ 17.880440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.880701] kthread+0x337/0x6f0 [ 17.880966] ret_from_fork+0x116/0x1d0 [ 17.881204] ret_from_fork_asm+0x1a/0x30 [ 17.881390] [ 17.881478] The buggy address belongs to the object at ffff8881031c0a00 [ 17.881478] which belongs to the cache kmalloc-128 of size 128 [ 17.882206] The buggy address is located 0 bytes to the right of [ 17.882206] allocated 120-byte region [ffff8881031c0a00, ffff8881031c0a78) [ 17.882714] [ 17.882836] The buggy address belongs to the physical page: [ 17.883014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 17.883531] flags: 0x200000000000000(node=0|zone=2) [ 17.884118] page_type: f5(slab) [ 17.884315] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.884616] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.885382] page dumped because: kasan: bad access detected [ 17.886110] [ 17.886220] Memory state around the buggy address: [ 17.886516] ffff8881031c0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.887261] ffff8881031c0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.887916] >ffff8881031c0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.888394] ^ [ 17.888975] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889307] ffff8881031c0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889611] ================================================================== [ 17.892275] ================================================================== [ 17.892626] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 17.893746] Write of size 8 at addr ffff8881031c0a78 by task kunit_try_catch/298 [ 17.894453] [ 17.894683] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.894748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.894764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.894786] Call Trace: [ 17.894801] <TASK> [ 17.894818] dump_stack_lvl+0x73/0xb0 [ 17.894849] print_report+0xd1/0x650 [ 17.894873] ? __virt_addr_valid+0x1db/0x2d0 [ 17.894897] ? copy_to_kernel_nofault+0x99/0x260 [ 17.894923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.894951] ? copy_to_kernel_nofault+0x99/0x260 [ 17.894976] kasan_report+0x141/0x180 [ 17.895000] ? copy_to_kernel_nofault+0x99/0x260 [ 17.895031] kasan_check_range+0x10c/0x1c0 [ 17.895069] __kasan_check_write+0x18/0x20 [ 17.895090] copy_to_kernel_nofault+0x99/0x260 [ 17.895116] copy_to_kernel_nofault_oob+0x288/0x560 [ 17.895143] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.895167] ? finish_task_switch.isra.0+0x153/0x700 [ 17.895191] ? __schedule+0x10cc/0x2b60 [ 17.895214] ? trace_hardirqs_on+0x37/0xe0 [ 17.895248] ? __pfx_read_tsc+0x10/0x10 [ 17.895271] ? ktime_get_ts64+0x86/0x230 [ 17.895296] kunit_try_run_case+0x1a5/0x480 [ 17.895322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.895346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.895370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.895395] ? __kthread_parkme+0x82/0x180 [ 17.895417] ? preempt_count_sub+0x50/0x80 [ 17.895442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.895467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.895492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.895517] kthread+0x337/0x6f0 [ 17.895538] ? trace_preempt_on+0x20/0xc0 [ 17.895563] ? __pfx_kthread+0x10/0x10 [ 17.895585] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.895608] ? calculate_sigpending+0x7b/0xa0 [ 17.895634] ? __pfx_kthread+0x10/0x10 [ 17.895657] ret_from_fork+0x116/0x1d0 [ 17.895677] ? __pfx_kthread+0x10/0x10 [ 17.895699] ret_from_fork_asm+0x1a/0x30 [ 17.895899] </TASK> [ 17.895918] [ 17.909400] Allocated by task 298: [ 17.909575] kasan_save_stack+0x45/0x70 [ 17.909797] kasan_save_track+0x18/0x40 [ 17.910090] kasan_save_alloc_info+0x3b/0x50 [ 17.910314] __kasan_kmalloc+0xb7/0xc0 [ 17.910522] __kmalloc_cache_noprof+0x189/0x420 [ 17.910752] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.910949] kunit_try_run_case+0x1a5/0x480 [ 17.911298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.911653] kthread+0x337/0x6f0 [ 17.911986] ret_from_fork+0x116/0x1d0 [ 17.912246] ret_from_fork_asm+0x1a/0x30 [ 17.912413] [ 17.912522] The buggy address belongs to the object at ffff8881031c0a00 [ 17.912522] which belongs to the cache kmalloc-128 of size 128 [ 17.913069] The buggy address is located 0 bytes to the right of [ 17.913069] allocated 120-byte region [ffff8881031c0a00, ffff8881031c0a78) [ 17.913614] [ 17.913707] The buggy address belongs to the physical page: [ 17.914253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 17.914586] flags: 0x200000000000000(node=0|zone=2) [ 17.914875] page_type: f5(slab) [ 17.915096] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.915428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.915700] page dumped because: kasan: bad access detected [ 17.916028] [ 17.916119] Memory state around the buggy address: [ 17.916285] ffff8881031c0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.916592] ffff8881031c0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.916920] >ffff8881031c0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.917358] ^ [ 17.917611] ffff8881031c0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.918123] ffff8881031c0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.918468] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.924258] ================================================================== [ 16.924996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 16.925852] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.926558] [ 16.926750] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.926813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.926828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.926850] Call Trace: [ 16.926867] <TASK> [ 16.926884] dump_stack_lvl+0x73/0xb0 [ 16.926924] print_report+0xd1/0x650 [ 16.926949] ? __virt_addr_valid+0x1db/0x2d0 [ 16.926974] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.927008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.927036] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.927070] kasan_report+0x141/0x180 [ 16.927093] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.927123] __asan_report_load4_noabort+0x18/0x20 [ 16.927149] kasan_atomics_helper+0x49e8/0x5450 [ 16.927173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.927197] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.927223] ? kasan_atomics+0x152/0x310 [ 16.927252] kasan_atomics+0x1dc/0x310 [ 16.927277] ? __pfx_kasan_atomics+0x10/0x10 [ 16.927303] ? __pfx_read_tsc+0x10/0x10 [ 16.927326] ? ktime_get_ts64+0x86/0x230 [ 16.927351] kunit_try_run_case+0x1a5/0x480 [ 16.927376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.927400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.927425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.927450] ? __kthread_parkme+0x82/0x180 [ 16.927472] ? preempt_count_sub+0x50/0x80 [ 16.927497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.927522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.927547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.927572] kthread+0x337/0x6f0 [ 16.927593] ? trace_preempt_on+0x20/0xc0 [ 16.927618] ? __pfx_kthread+0x10/0x10 [ 16.927640] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.927663] ? calculate_sigpending+0x7b/0xa0 [ 16.927687] ? __pfx_kthread+0x10/0x10 [ 16.927711] ret_from_fork+0x116/0x1d0 [ 16.927741] ? __pfx_kthread+0x10/0x10 [ 16.927765] ret_from_fork_asm+0x1a/0x30 [ 16.927799] </TASK> [ 16.927812] [ 16.941395] Allocated by task 282: [ 16.941713] kasan_save_stack+0x45/0x70 [ 16.942029] kasan_save_track+0x18/0x40 [ 16.942384] kasan_save_alloc_info+0x3b/0x50 [ 16.942549] __kasan_kmalloc+0xb7/0xc0 [ 16.942693] __kmalloc_cache_noprof+0x189/0x420 [ 16.943190] kasan_atomics+0x95/0x310 [ 16.943572] kunit_try_run_case+0x1a5/0x480 [ 16.944029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.944556] kthread+0x337/0x6f0 [ 16.944935] ret_from_fork+0x116/0x1d0 [ 16.945318] ret_from_fork_asm+0x1a/0x30 [ 16.945470] [ 16.945557] The buggy address belongs to the object at ffff8881031d0c00 [ 16.945557] which belongs to the cache kmalloc-64 of size 64 [ 16.946150] The buggy address is located 0 bytes to the right of [ 16.946150] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.946763] [ 16.946858] The buggy address belongs to the physical page: [ 16.947400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.947658] flags: 0x200000000000000(node=0|zone=2) [ 16.947867] page_type: f5(slab) [ 16.948238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.948781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.949024] page dumped because: kasan: bad access detected [ 16.949215] [ 16.949290] Memory state around the buggy address: [ 16.949454] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.949687] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.950337] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.951024] ^ [ 16.951465] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.952199] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.952850] ================================================================== [ 17.068375] ================================================================== [ 17.068733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 17.069091] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.069432] [ 17.069557] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.069602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.069628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.069650] Call Trace: [ 17.069666] <TASK> [ 17.069681] dump_stack_lvl+0x73/0xb0 [ 17.069710] print_report+0xd1/0x650 [ 17.069734] ? __virt_addr_valid+0x1db/0x2d0 [ 17.069767] ? kasan_atomics_helper+0x1467/0x5450 [ 17.069790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.069817] ? kasan_atomics_helper+0x1467/0x5450 [ 17.069852] kasan_report+0x141/0x180 [ 17.069876] ? kasan_atomics_helper+0x1467/0x5450 [ 17.069903] kasan_check_range+0x10c/0x1c0 [ 17.069927] __kasan_check_write+0x18/0x20 [ 17.069948] kasan_atomics_helper+0x1467/0x5450 [ 17.069971] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.069994] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.070019] ? kasan_atomics+0x152/0x310 [ 17.070056] kasan_atomics+0x1dc/0x310 [ 17.070080] ? __pfx_kasan_atomics+0x10/0x10 [ 17.070114] ? __pfx_read_tsc+0x10/0x10 [ 17.070136] ? ktime_get_ts64+0x86/0x230 [ 17.070162] kunit_try_run_case+0x1a5/0x480 [ 17.070197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.070220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.070243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.070268] ? __kthread_parkme+0x82/0x180 [ 17.070288] ? preempt_count_sub+0x50/0x80 [ 17.070313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.070338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.070361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.070385] kthread+0x337/0x6f0 [ 17.070405] ? trace_preempt_on+0x20/0xc0 [ 17.070430] ? __pfx_kthread+0x10/0x10 [ 17.070451] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.070473] ? calculate_sigpending+0x7b/0xa0 [ 17.070507] ? __pfx_kthread+0x10/0x10 [ 17.070530] ret_from_fork+0x116/0x1d0 [ 17.070549] ? __pfx_kthread+0x10/0x10 [ 17.070581] ret_from_fork_asm+0x1a/0x30 [ 17.070613] </TASK> [ 17.070625] [ 17.078872] Allocated by task 282: [ 17.079121] kasan_save_stack+0x45/0x70 [ 17.079347] kasan_save_track+0x18/0x40 [ 17.079553] kasan_save_alloc_info+0x3b/0x50 [ 17.079828] __kasan_kmalloc+0xb7/0xc0 [ 17.080028] __kmalloc_cache_noprof+0x189/0x420 [ 17.080257] kasan_atomics+0x95/0x310 [ 17.080406] kunit_try_run_case+0x1a5/0x480 [ 17.080593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.081034] kthread+0x337/0x6f0 [ 17.081194] ret_from_fork+0x116/0x1d0 [ 17.081416] ret_from_fork_asm+0x1a/0x30 [ 17.081630] [ 17.081740] The buggy address belongs to the object at ffff8881031d0c00 [ 17.081740] which belongs to the cache kmalloc-64 of size 64 [ 17.082288] The buggy address is located 0 bytes to the right of [ 17.082288] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.082880] [ 17.082999] The buggy address belongs to the physical page: [ 17.083257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.083584] flags: 0x200000000000000(node=0|zone=2) [ 17.083761] page_type: f5(slab) [ 17.083892] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.088293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.089056] page dumped because: kasan: bad access detected [ 17.089867] [ 17.090045] Memory state around the buggy address: [ 17.090801] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.091447] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.091688] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.092861] ^ [ 17.093327] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.093694] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.094292] ================================================================== [ 17.607524] ================================================================== [ 17.607771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 17.608014] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.610460] [ 17.610960] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.611016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.611031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.611074] Call Trace: [ 17.611093] <TASK> [ 17.611113] dump_stack_lvl+0x73/0xb0 [ 17.611149] print_report+0xd1/0x650 [ 17.611172] ? __virt_addr_valid+0x1db/0x2d0 [ 17.611197] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.611220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.611247] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.611270] kasan_report+0x141/0x180 [ 17.611294] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.611322] __asan_report_load8_noabort+0x18/0x20 [ 17.611347] kasan_atomics_helper+0x4f71/0x5450 [ 17.611371] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.611394] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.611421] ? kasan_atomics+0x152/0x310 [ 17.611449] kasan_atomics+0x1dc/0x310 [ 17.611473] ? __pfx_kasan_atomics+0x10/0x10 [ 17.611499] ? __pfx_read_tsc+0x10/0x10 [ 17.611521] ? ktime_get_ts64+0x86/0x230 [ 17.611547] kunit_try_run_case+0x1a5/0x480 [ 17.611572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.611595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.611619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.611643] ? __kthread_parkme+0x82/0x180 [ 17.611664] ? preempt_count_sub+0x50/0x80 [ 17.611689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.612018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.612070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.612096] kthread+0x337/0x6f0 [ 17.612119] ? trace_preempt_on+0x20/0xc0 [ 17.612145] ? __pfx_kthread+0x10/0x10 [ 17.612167] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.612190] ? calculate_sigpending+0x7b/0xa0 [ 17.612216] ? __pfx_kthread+0x10/0x10 [ 17.612240] ret_from_fork+0x116/0x1d0 [ 17.612259] ? __pfx_kthread+0x10/0x10 [ 17.612281] ret_from_fork_asm+0x1a/0x30 [ 17.612314] </TASK> [ 17.612327] [ 17.624434] Allocated by task 282: [ 17.624652] kasan_save_stack+0x45/0x70 [ 17.624823] kasan_save_track+0x18/0x40 [ 17.625236] kasan_save_alloc_info+0x3b/0x50 [ 17.625464] __kasan_kmalloc+0xb7/0xc0 [ 17.625774] __kmalloc_cache_noprof+0x189/0x420 [ 17.626127] kasan_atomics+0x95/0x310 [ 17.626393] kunit_try_run_case+0x1a5/0x480 [ 17.626628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.627022] kthread+0x337/0x6f0 [ 17.627339] ret_from_fork+0x116/0x1d0 [ 17.627851] ret_from_fork_asm+0x1a/0x30 [ 17.628106] [ 17.628373] The buggy address belongs to the object at ffff8881031d0c00 [ 17.628373] which belongs to the cache kmalloc-64 of size 64 [ 17.629309] The buggy address is located 0 bytes to the right of [ 17.629309] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.629697] [ 17.629903] The buggy address belongs to the physical page: [ 17.630611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.631471] flags: 0x200000000000000(node=0|zone=2) [ 17.632123] page_type: f5(slab) [ 17.632450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.632831] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.633634] page dumped because: kasan: bad access detected [ 17.633946] [ 17.634197] Memory state around the buggy address: [ 17.634530] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.634945] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.635679] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.636340] ^ [ 17.636510] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.636751] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.637641] ================================================================== [ 16.652651] ================================================================== [ 16.653042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 16.653936] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.654673] [ 16.654919] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.654977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.654991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.655014] Call Trace: [ 16.655030] <TASK> [ 16.655067] dump_stack_lvl+0x73/0xb0 [ 16.655096] print_report+0xd1/0x650 [ 16.655121] ? __virt_addr_valid+0x1db/0x2d0 [ 16.655145] ? kasan_atomics_helper+0xd47/0x5450 [ 16.655167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.655194] ? kasan_atomics_helper+0xd47/0x5450 [ 16.655216] kasan_report+0x141/0x180 [ 16.655239] ? kasan_atomics_helper+0xd47/0x5450 [ 16.655277] kasan_check_range+0x10c/0x1c0 [ 16.655302] __kasan_check_write+0x18/0x20 [ 16.655333] kasan_atomics_helper+0xd47/0x5450 [ 16.655357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.655381] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.655406] ? kasan_atomics+0x152/0x310 [ 16.655435] kasan_atomics+0x1dc/0x310 [ 16.655468] ? __pfx_kasan_atomics+0x10/0x10 [ 16.655494] ? __pfx_read_tsc+0x10/0x10 [ 16.655516] ? ktime_get_ts64+0x86/0x230 [ 16.655554] kunit_try_run_case+0x1a5/0x480 [ 16.655580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.655602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.655627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.655650] ? __kthread_parkme+0x82/0x180 [ 16.655672] ? preempt_count_sub+0x50/0x80 [ 16.655696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.655721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.655755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.655779] kthread+0x337/0x6f0 [ 16.655800] ? trace_preempt_on+0x20/0xc0 [ 16.655825] ? __pfx_kthread+0x10/0x10 [ 16.655847] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.655869] ? calculate_sigpending+0x7b/0xa0 [ 16.655894] ? __pfx_kthread+0x10/0x10 [ 16.655917] ret_from_fork+0x116/0x1d0 [ 16.655936] ? __pfx_kthread+0x10/0x10 [ 16.655957] ret_from_fork_asm+0x1a/0x30 [ 16.655991] </TASK> [ 16.656004] [ 16.669512] Allocated by task 282: [ 16.669941] kasan_save_stack+0x45/0x70 [ 16.670245] kasan_save_track+0x18/0x40 [ 16.670388] kasan_save_alloc_info+0x3b/0x50 [ 16.670542] __kasan_kmalloc+0xb7/0xc0 [ 16.670680] __kmalloc_cache_noprof+0x189/0x420 [ 16.671035] kasan_atomics+0x95/0x310 [ 16.671403] kunit_try_run_case+0x1a5/0x480 [ 16.671848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.672443] kthread+0x337/0x6f0 [ 16.672768] ret_from_fork+0x116/0x1d0 [ 16.673207] ret_from_fork_asm+0x1a/0x30 [ 16.673672] [ 16.673894] The buggy address belongs to the object at ffff8881031d0c00 [ 16.673894] which belongs to the cache kmalloc-64 of size 64 [ 16.674535] The buggy address is located 0 bytes to the right of [ 16.674535] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.675219] [ 16.675361] The buggy address belongs to the physical page: [ 16.675725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.676411] flags: 0x200000000000000(node=0|zone=2) [ 16.676590] page_type: f5(slab) [ 16.676720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.677479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.678278] page dumped because: kasan: bad access detected [ 16.678832] [ 16.678961] Memory state around the buggy address: [ 16.679146] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.679382] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.679617] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.680108] ^ [ 16.680673] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.681609] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.682303] ================================================================== [ 16.421253] ================================================================== [ 16.422218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 16.422927] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.423489] [ 16.423706] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.423753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.423767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.423790] Call Trace: [ 16.423807] <TASK> [ 16.423825] dump_stack_lvl+0x73/0xb0 [ 16.423854] print_report+0xd1/0x650 [ 16.423879] ? __virt_addr_valid+0x1db/0x2d0 [ 16.423904] ? kasan_atomics_helper+0x860/0x5450 [ 16.423926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.423954] ? kasan_atomics_helper+0x860/0x5450 [ 16.423978] kasan_report+0x141/0x180 [ 16.424001] ? kasan_atomics_helper+0x860/0x5450 [ 16.424030] kasan_check_range+0x10c/0x1c0 [ 16.424068] __kasan_check_write+0x18/0x20 [ 16.424090] kasan_atomics_helper+0x860/0x5450 [ 16.424113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.424138] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.424164] ? kasan_atomics+0x152/0x310 [ 16.424193] kasan_atomics+0x1dc/0x310 [ 16.424218] ? __pfx_kasan_atomics+0x10/0x10 [ 16.424245] ? __pfx_read_tsc+0x10/0x10 [ 16.424268] ? ktime_get_ts64+0x86/0x230 [ 16.424295] kunit_try_run_case+0x1a5/0x480 [ 16.424321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.424370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.424395] ? __kthread_parkme+0x82/0x180 [ 16.424416] ? preempt_count_sub+0x50/0x80 [ 16.424442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.424492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.424517] kthread+0x337/0x6f0 [ 16.424538] ? trace_preempt_on+0x20/0xc0 [ 16.424563] ? __pfx_kthread+0x10/0x10 [ 16.424586] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.424609] ? calculate_sigpending+0x7b/0xa0 [ 16.424634] ? __pfx_kthread+0x10/0x10 [ 16.424658] ret_from_fork+0x116/0x1d0 [ 16.424678] ? __pfx_kthread+0x10/0x10 [ 16.424701] ret_from_fork_asm+0x1a/0x30 [ 16.424770] </TASK> [ 16.424785] [ 16.433216] Allocated by task 282: [ 16.433455] kasan_save_stack+0x45/0x70 [ 16.433709] kasan_save_track+0x18/0x40 [ 16.433930] kasan_save_alloc_info+0x3b/0x50 [ 16.434211] __kasan_kmalloc+0xb7/0xc0 [ 16.434420] __kmalloc_cache_noprof+0x189/0x420 [ 16.434660] kasan_atomics+0x95/0x310 [ 16.434876] kunit_try_run_case+0x1a5/0x480 [ 16.435133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.435436] kthread+0x337/0x6f0 [ 16.435862] ret_from_fork+0x116/0x1d0 [ 16.436114] ret_from_fork_asm+0x1a/0x30 [ 16.436330] [ 16.436434] The buggy address belongs to the object at ffff8881031d0c00 [ 16.436434] which belongs to the cache kmalloc-64 of size 64 [ 16.437104] The buggy address is located 0 bytes to the right of [ 16.437104] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.437499] [ 16.437613] The buggy address belongs to the physical page: [ 16.438150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.438586] flags: 0x200000000000000(node=0|zone=2) [ 16.438860] page_type: f5(slab) [ 16.439045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.439429] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.439841] page dumped because: kasan: bad access detected [ 16.440027] [ 16.440116] Memory state around the buggy address: [ 16.440344] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.440760] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.441145] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.441506] ^ [ 16.441778] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.442140] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.442444] ================================================================== [ 16.748906] ================================================================== [ 16.749206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 16.749580] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.749948] [ 16.750100] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.750143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.750156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.750179] Call Trace: [ 16.750193] <TASK> [ 16.750208] dump_stack_lvl+0x73/0xb0 [ 16.750248] print_report+0xd1/0x650 [ 16.750272] ? __virt_addr_valid+0x1db/0x2d0 [ 16.750295] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.750329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.750357] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.750379] kasan_report+0x141/0x180 [ 16.750412] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.750440] kasan_check_range+0x10c/0x1c0 [ 16.750465] __kasan_check_write+0x18/0x20 [ 16.750496] kasan_atomics_helper+0xfa9/0x5450 [ 16.750520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.750545] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.750581] ? kasan_atomics+0x152/0x310 [ 16.750609] kasan_atomics+0x1dc/0x310 [ 16.750645] ? __pfx_kasan_atomics+0x10/0x10 [ 16.750671] ? __pfx_read_tsc+0x10/0x10 [ 16.750693] ? ktime_get_ts64+0x86/0x230 [ 16.750739] kunit_try_run_case+0x1a5/0x480 [ 16.750774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.750797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.750832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.750857] ? __kthread_parkme+0x82/0x180 [ 16.750878] ? preempt_count_sub+0x50/0x80 [ 16.750903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.750938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.750962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.750996] kthread+0x337/0x6f0 [ 16.751017] ? trace_preempt_on+0x20/0xc0 [ 16.751041] ? __pfx_kthread+0x10/0x10 [ 16.751087] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.751109] ? calculate_sigpending+0x7b/0xa0 [ 16.751133] ? __pfx_kthread+0x10/0x10 [ 16.751168] ret_from_fork+0x116/0x1d0 [ 16.751188] ? __pfx_kthread+0x10/0x10 [ 16.751210] ret_from_fork_asm+0x1a/0x30 [ 16.751255] </TASK> [ 16.751267] [ 16.759056] Allocated by task 282: [ 16.759200] kasan_save_stack+0x45/0x70 [ 16.759348] kasan_save_track+0x18/0x40 [ 16.759553] kasan_save_alloc_info+0x3b/0x50 [ 16.759808] __kasan_kmalloc+0xb7/0xc0 [ 16.760003] __kmalloc_cache_noprof+0x189/0x420 [ 16.760245] kasan_atomics+0x95/0x310 [ 16.760440] kunit_try_run_case+0x1a5/0x480 [ 16.760654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.760927] kthread+0x337/0x6f0 [ 16.761072] ret_from_fork+0x116/0x1d0 [ 16.761213] ret_from_fork_asm+0x1a/0x30 [ 16.761361] [ 16.761438] The buggy address belongs to the object at ffff8881031d0c00 [ 16.761438] which belongs to the cache kmalloc-64 of size 64 [ 16.761966] The buggy address is located 0 bytes to the right of [ 16.761966] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.762596] [ 16.762735] The buggy address belongs to the physical page: [ 16.763003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.763397] flags: 0x200000000000000(node=0|zone=2) [ 16.763667] page_type: f5(slab) [ 16.763872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.764230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.764529] page dumped because: kasan: bad access detected [ 16.764830] [ 16.764911] Memory state around the buggy address: [ 16.765154] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.765461] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.765816] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.766108] ^ [ 16.766367] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766667] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.767009] ================================================================== [ 16.621826] ================================================================== [ 16.622089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 16.622333] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.622567] [ 16.622656] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.622700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.622717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.622753] Call Trace: [ 16.622768] <TASK> [ 16.622785] dump_stack_lvl+0x73/0xb0 [ 16.622812] print_report+0xd1/0x650 [ 16.622836] ? __virt_addr_valid+0x1db/0x2d0 [ 16.622873] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.622895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.622923] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.622959] kasan_report+0x141/0x180 [ 16.622982] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.623011] __asan_report_load4_noabort+0x18/0x20 [ 16.623037] kasan_atomics_helper+0x4a84/0x5450 [ 16.623069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.623092] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.623120] ? kasan_atomics+0x152/0x310 [ 16.623148] kasan_atomics+0x1dc/0x310 [ 16.623172] ? __pfx_kasan_atomics+0x10/0x10 [ 16.623208] ? __pfx_read_tsc+0x10/0x10 [ 16.623231] ? ktime_get_ts64+0x86/0x230 [ 16.623256] kunit_try_run_case+0x1a5/0x480 [ 16.623296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.623319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.623343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.623367] ? __kthread_parkme+0x82/0x180 [ 16.623389] ? preempt_count_sub+0x50/0x80 [ 16.623415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.623439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.623464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.623489] kthread+0x337/0x6f0 [ 16.623509] ? trace_preempt_on+0x20/0xc0 [ 16.623534] ? __pfx_kthread+0x10/0x10 [ 16.623557] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.623579] ? calculate_sigpending+0x7b/0xa0 [ 16.623615] ? __pfx_kthread+0x10/0x10 [ 16.623638] ret_from_fork+0x116/0x1d0 [ 16.623658] ? __pfx_kthread+0x10/0x10 [ 16.623692] ret_from_fork_asm+0x1a/0x30 [ 16.623725] </TASK> [ 16.623737] [ 16.638160] Allocated by task 282: [ 16.638526] kasan_save_stack+0x45/0x70 [ 16.638940] kasan_save_track+0x18/0x40 [ 16.639350] kasan_save_alloc_info+0x3b/0x50 [ 16.639801] __kasan_kmalloc+0xb7/0xc0 [ 16.640223] __kmalloc_cache_noprof+0x189/0x420 [ 16.640674] kasan_atomics+0x95/0x310 [ 16.641133] kunit_try_run_case+0x1a5/0x480 [ 16.641569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.641996] kthread+0x337/0x6f0 [ 16.642252] ret_from_fork+0x116/0x1d0 [ 16.642562] ret_from_fork_asm+0x1a/0x30 [ 16.642717] [ 16.642924] The buggy address belongs to the object at ffff8881031d0c00 [ 16.642924] which belongs to the cache kmalloc-64 of size 64 [ 16.644014] The buggy address is located 0 bytes to the right of [ 16.644014] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.644426] [ 16.644507] The buggy address belongs to the physical page: [ 16.644697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.645484] flags: 0x200000000000000(node=0|zone=2) [ 16.646026] page_type: f5(slab) [ 16.646367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.647159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.647861] page dumped because: kasan: bad access detected [ 16.648393] [ 16.648579] Memory state around the buggy address: [ 16.649209] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.649510] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.649772] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.650443] ^ [ 16.650986] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.651658] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.652103] ================================================================== [ 16.953815] ================================================================== [ 16.954485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 16.955418] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.956197] [ 16.956300] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.956345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.956359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.956395] Call Trace: [ 16.956410] <TASK> [ 16.956427] dump_stack_lvl+0x73/0xb0 [ 16.956466] print_report+0xd1/0x650 [ 16.956491] ? __virt_addr_valid+0x1db/0x2d0 [ 16.956515] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.956537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.956574] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.956597] kasan_report+0x141/0x180 [ 16.956621] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.956661] kasan_check_range+0x10c/0x1c0 [ 16.956686] __kasan_check_write+0x18/0x20 [ 16.956706] kasan_atomics_helper+0x12e6/0x5450 [ 16.956741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.956764] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.956790] ? kasan_atomics+0x152/0x310 [ 16.956818] kasan_atomics+0x1dc/0x310 [ 16.956842] ? __pfx_kasan_atomics+0x10/0x10 [ 16.956868] ? __pfx_read_tsc+0x10/0x10 [ 16.956889] ? ktime_get_ts64+0x86/0x230 [ 16.956914] kunit_try_run_case+0x1a5/0x480 [ 16.956939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.956961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.956985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.957010] ? __kthread_parkme+0x82/0x180 [ 16.957030] ? preempt_count_sub+0x50/0x80 [ 16.957067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.957092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.957117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.957141] kthread+0x337/0x6f0 [ 16.957161] ? trace_preempt_on+0x20/0xc0 [ 16.957185] ? __pfx_kthread+0x10/0x10 [ 16.957207] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.957228] ? calculate_sigpending+0x7b/0xa0 [ 16.957253] ? __pfx_kthread+0x10/0x10 [ 16.957275] ret_from_fork+0x116/0x1d0 [ 16.957294] ? __pfx_kthread+0x10/0x10 [ 16.957315] ret_from_fork_asm+0x1a/0x30 [ 16.957349] </TASK> [ 16.957361] [ 16.970410] Allocated by task 282: [ 16.970551] kasan_save_stack+0x45/0x70 [ 16.970699] kasan_save_track+0x18/0x40 [ 16.971073] kasan_save_alloc_info+0x3b/0x50 [ 16.971463] __kasan_kmalloc+0xb7/0xc0 [ 16.971918] __kmalloc_cache_noprof+0x189/0x420 [ 16.972414] kasan_atomics+0x95/0x310 [ 16.972810] kunit_try_run_case+0x1a5/0x480 [ 16.973278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.973836] kthread+0x337/0x6f0 [ 16.974155] ret_from_fork+0x116/0x1d0 [ 16.974534] ret_from_fork_asm+0x1a/0x30 [ 16.974760] [ 16.974950] The buggy address belongs to the object at ffff8881031d0c00 [ 16.974950] which belongs to the cache kmalloc-64 of size 64 [ 16.975545] The buggy address is located 0 bytes to the right of [ 16.975545] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.976097] [ 16.976283] The buggy address belongs to the physical page: [ 16.976621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.977013] flags: 0x200000000000000(node=0|zone=2) [ 16.977399] page_type: f5(slab) [ 16.977533] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.978174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.979132] page dumped because: kasan: bad access detected [ 16.979599] [ 16.979676] Memory state around the buggy address: [ 16.980114] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.980656] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.980950] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.981471] ^ [ 16.981644] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.982008] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.982507] ================================================================== [ 16.710398] ================================================================== [ 16.710751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 16.711129] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.711504] [ 16.711627] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.711671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.711685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.711717] Call Trace: [ 16.711733] <TASK> [ 16.711749] dump_stack_lvl+0x73/0xb0 [ 16.711784] print_report+0xd1/0x650 [ 16.711807] ? __virt_addr_valid+0x1db/0x2d0 [ 16.711830] ? kasan_atomics_helper+0xe78/0x5450 [ 16.711851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.711878] ? kasan_atomics_helper+0xe78/0x5450 [ 16.711901] kasan_report+0x141/0x180 [ 16.711924] ? kasan_atomics_helper+0xe78/0x5450 [ 16.711950] kasan_check_range+0x10c/0x1c0 [ 16.711975] __kasan_check_write+0x18/0x20 [ 16.711994] kasan_atomics_helper+0xe78/0x5450 [ 16.712018] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.712041] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.712076] ? kasan_atomics+0x152/0x310 [ 16.712104] kasan_atomics+0x1dc/0x310 [ 16.712128] ? __pfx_kasan_atomics+0x10/0x10 [ 16.712153] ? __pfx_read_tsc+0x10/0x10 [ 16.712174] ? ktime_get_ts64+0x86/0x230 [ 16.712200] kunit_try_run_case+0x1a5/0x480 [ 16.712224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.712272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.712295] ? __kthread_parkme+0x82/0x180 [ 16.712316] ? preempt_count_sub+0x50/0x80 [ 16.712341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.712389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.712412] kthread+0x337/0x6f0 [ 16.712433] ? trace_preempt_on+0x20/0xc0 [ 16.712457] ? __pfx_kthread+0x10/0x10 [ 16.712479] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.712500] ? calculate_sigpending+0x7b/0xa0 [ 16.712526] ? __pfx_kthread+0x10/0x10 [ 16.712548] ret_from_fork+0x116/0x1d0 [ 16.712568] ? __pfx_kthread+0x10/0x10 [ 16.712590] ret_from_fork_asm+0x1a/0x30 [ 16.712623] </TASK> [ 16.712636] [ 16.720295] Allocated by task 282: [ 16.720542] kasan_save_stack+0x45/0x70 [ 16.720828] kasan_save_track+0x18/0x40 [ 16.721070] kasan_save_alloc_info+0x3b/0x50 [ 16.721273] __kasan_kmalloc+0xb7/0xc0 [ 16.721415] __kmalloc_cache_noprof+0x189/0x420 [ 16.721648] kasan_atomics+0x95/0x310 [ 16.721891] kunit_try_run_case+0x1a5/0x480 [ 16.722120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722384] kthread+0x337/0x6f0 [ 16.722558] ret_from_fork+0x116/0x1d0 [ 16.722780] ret_from_fork_asm+0x1a/0x30 [ 16.722989] [ 16.723091] The buggy address belongs to the object at ffff8881031d0c00 [ 16.723091] which belongs to the cache kmalloc-64 of size 64 [ 16.723594] The buggy address is located 0 bytes to the right of [ 16.723594] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.724193] [ 16.724313] The buggy address belongs to the physical page: [ 16.724575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.724942] flags: 0x200000000000000(node=0|zone=2) [ 16.725128] page_type: f5(slab) [ 16.725260] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.725505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.725907] page dumped because: kasan: bad access detected [ 16.726185] [ 16.726285] Memory state around the buggy address: [ 16.726527] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.726906] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.727275] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.727576] ^ [ 16.727796] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728032] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728274] ================================================================== [ 17.209958] ================================================================== [ 17.210617] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 17.211180] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.211420] [ 17.211511] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.211557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.211570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.211593] Call Trace: [ 17.211608] <TASK> [ 17.211625] dump_stack_lvl+0x73/0xb0 [ 17.211652] print_report+0xd1/0x650 [ 17.211676] ? __virt_addr_valid+0x1db/0x2d0 [ 17.211700] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.211722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.211749] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.211771] kasan_report+0x141/0x180 [ 17.211795] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.211822] kasan_check_range+0x10c/0x1c0 [ 17.211846] __kasan_check_write+0x18/0x20 [ 17.211866] kasan_atomics_helper+0x16e7/0x5450 [ 17.211889] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.211912] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.211937] ? kasan_atomics+0x152/0x310 [ 17.211965] kasan_atomics+0x1dc/0x310 [ 17.211987] ? __pfx_kasan_atomics+0x10/0x10 [ 17.212013] ? __pfx_read_tsc+0x10/0x10 [ 17.212034] ? ktime_get_ts64+0x86/0x230 [ 17.212072] kunit_try_run_case+0x1a5/0x480 [ 17.212096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.212118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.212141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.212165] ? __kthread_parkme+0x82/0x180 [ 17.212185] ? preempt_count_sub+0x50/0x80 [ 17.212210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.212235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.212259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.212282] kthread+0x337/0x6f0 [ 17.212304] ? trace_preempt_on+0x20/0xc0 [ 17.212327] ? __pfx_kthread+0x10/0x10 [ 17.212348] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.212370] ? calculate_sigpending+0x7b/0xa0 [ 17.212394] ? __pfx_kthread+0x10/0x10 [ 17.212416] ret_from_fork+0x116/0x1d0 [ 17.212435] ? __pfx_kthread+0x10/0x10 [ 17.212457] ret_from_fork_asm+0x1a/0x30 [ 17.212489] </TASK> [ 17.212501] [ 17.222574] Allocated by task 282: [ 17.222784] kasan_save_stack+0x45/0x70 [ 17.222984] kasan_save_track+0x18/0x40 [ 17.223181] kasan_save_alloc_info+0x3b/0x50 [ 17.223391] __kasan_kmalloc+0xb7/0xc0 [ 17.223576] __kmalloc_cache_noprof+0x189/0x420 [ 17.224208] kasan_atomics+0x95/0x310 [ 17.224459] kunit_try_run_case+0x1a5/0x480 [ 17.224779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.225223] kthread+0x337/0x6f0 [ 17.225499] ret_from_fork+0x116/0x1d0 [ 17.225899] ret_from_fork_asm+0x1a/0x30 [ 17.226227] [ 17.226473] The buggy address belongs to the object at ffff8881031d0c00 [ 17.226473] which belongs to the cache kmalloc-64 of size 64 [ 17.227287] The buggy address is located 0 bytes to the right of [ 17.227287] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.228174] [ 17.228281] The buggy address belongs to the physical page: [ 17.228532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.229353] flags: 0x200000000000000(node=0|zone=2) [ 17.229672] page_type: f5(slab) [ 17.229988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.230584] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.230847] page dumped because: kasan: bad access detected [ 17.231036] [ 17.231126] Memory state around the buggy address: [ 17.231346] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.231700] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.231987] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.233023] ^ [ 17.233669] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234472] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235279] ================================================================== [ 17.094880] ================================================================== [ 17.095798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 17.096390] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.096687] [ 17.097188] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.097244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.097267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.097291] Call Trace: [ 17.097309] <TASK> [ 17.097329] dump_stack_lvl+0x73/0xb0 [ 17.097363] print_report+0xd1/0x650 [ 17.097387] ? __virt_addr_valid+0x1db/0x2d0 [ 17.097410] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.097433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.097459] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.097482] kasan_report+0x141/0x180 [ 17.097506] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.097539] __asan_report_store8_noabort+0x1b/0x30 [ 17.097565] kasan_atomics_helper+0x50d4/0x5450 [ 17.097589] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.097612] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.097638] ? kasan_atomics+0x152/0x310 [ 17.097667] kasan_atomics+0x1dc/0x310 [ 17.097691] ? __pfx_kasan_atomics+0x10/0x10 [ 17.097717] ? __pfx_read_tsc+0x10/0x10 [ 17.097945] ? ktime_get_ts64+0x86/0x230 [ 17.097977] kunit_try_run_case+0x1a5/0x480 [ 17.098004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.098027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.098075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.098101] ? __kthread_parkme+0x82/0x180 [ 17.098122] ? preempt_count_sub+0x50/0x80 [ 17.098147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.098173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.098197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.098222] kthread+0x337/0x6f0 [ 17.098243] ? trace_preempt_on+0x20/0xc0 [ 17.098269] ? __pfx_kthread+0x10/0x10 [ 17.098292] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.098314] ? calculate_sigpending+0x7b/0xa0 [ 17.098339] ? __pfx_kthread+0x10/0x10 [ 17.098363] ret_from_fork+0x116/0x1d0 [ 17.098383] ? __pfx_kthread+0x10/0x10 [ 17.098405] ret_from_fork_asm+0x1a/0x30 [ 17.098439] </TASK> [ 17.098452] [ 17.109854] Allocated by task 282: [ 17.110283] kasan_save_stack+0x45/0x70 [ 17.110550] kasan_save_track+0x18/0x40 [ 17.110851] kasan_save_alloc_info+0x3b/0x50 [ 17.111232] __kasan_kmalloc+0xb7/0xc0 [ 17.111433] __kmalloc_cache_noprof+0x189/0x420 [ 17.111642] kasan_atomics+0x95/0x310 [ 17.112167] kunit_try_run_case+0x1a5/0x480 [ 17.112442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.112904] kthread+0x337/0x6f0 [ 17.113190] ret_from_fork+0x116/0x1d0 [ 17.113351] ret_from_fork_asm+0x1a/0x30 [ 17.113496] [ 17.113583] The buggy address belongs to the object at ffff8881031d0c00 [ 17.113583] which belongs to the cache kmalloc-64 of size 64 [ 17.113967] The buggy address is located 0 bytes to the right of [ 17.113967] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.114990] [ 17.115093] The buggy address belongs to the physical page: [ 17.115282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.115538] flags: 0x200000000000000(node=0|zone=2) [ 17.115742] page_type: f5(slab) [ 17.116417] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.117149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.117840] page dumped because: kasan: bad access detected [ 17.118347] [ 17.118510] Memory state around the buggy address: [ 17.119018] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.119673] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.120324] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.120545] ^ [ 17.120706] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121358] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.122038] ================================================================== [ 16.893999] ================================================================== [ 16.894739] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.895528] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.896839] [ 16.897031] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.897089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.897103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.897126] Call Trace: [ 16.897143] <TASK> [ 16.897159] dump_stack_lvl+0x73/0xb0 [ 16.897188] print_report+0xd1/0x650 [ 16.897213] ? __virt_addr_valid+0x1db/0x2d0 [ 16.897237] ? kasan_atomics_helper+0x1217/0x5450 [ 16.897259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.897287] ? kasan_atomics_helper+0x1217/0x5450 [ 16.897311] kasan_report+0x141/0x180 [ 16.897336] ? kasan_atomics_helper+0x1217/0x5450 [ 16.897364] kasan_check_range+0x10c/0x1c0 [ 16.897391] __kasan_check_write+0x18/0x20 [ 16.897411] kasan_atomics_helper+0x1217/0x5450 [ 16.897437] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.897460] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.897487] ? kasan_atomics+0x152/0x310 [ 16.897517] kasan_atomics+0x1dc/0x310 [ 16.897546] ? __pfx_kasan_atomics+0x10/0x10 [ 16.897572] ? __pfx_read_tsc+0x10/0x10 [ 16.897595] ? ktime_get_ts64+0x86/0x230 [ 16.897622] kunit_try_run_case+0x1a5/0x480 [ 16.897648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.897672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.897697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.897722] ? __kthread_parkme+0x82/0x180 [ 16.897745] ? preempt_count_sub+0x50/0x80 [ 16.897771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.897797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.897822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.897847] kthread+0x337/0x6f0 [ 16.897868] ? trace_preempt_on+0x20/0xc0 [ 16.897894] ? __pfx_kthread+0x10/0x10 [ 16.897916] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.897939] ? calculate_sigpending+0x7b/0xa0 [ 16.897963] ? __pfx_kthread+0x10/0x10 [ 16.897988] ret_from_fork+0x116/0x1d0 [ 16.898007] ? __pfx_kthread+0x10/0x10 [ 16.898030] ret_from_fork_asm+0x1a/0x30 [ 16.898073] </TASK> [ 16.898086] [ 16.910440] Allocated by task 282: [ 16.910811] kasan_save_stack+0x45/0x70 [ 16.911206] kasan_save_track+0x18/0x40 [ 16.911591] kasan_save_alloc_info+0x3b/0x50 [ 16.912022] __kasan_kmalloc+0xb7/0xc0 [ 16.912405] __kmalloc_cache_noprof+0x189/0x420 [ 16.912874] kasan_atomics+0x95/0x310 [ 16.913378] kunit_try_run_case+0x1a5/0x480 [ 16.913806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.914324] kthread+0x337/0x6f0 [ 16.914609] ret_from_fork+0x116/0x1d0 [ 16.914772] ret_from_fork_asm+0x1a/0x30 [ 16.915138] [ 16.915324] The buggy address belongs to the object at ffff8881031d0c00 [ 16.915324] which belongs to the cache kmalloc-64 of size 64 [ 16.916008] The buggy address is located 0 bytes to the right of [ 16.916008] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.917086] [ 16.917165] The buggy address belongs to the physical page: [ 16.917348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.917605] flags: 0x200000000000000(node=0|zone=2) [ 16.917872] page_type: f5(slab) [ 16.918215] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.918996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.919677] page dumped because: kasan: bad access detected [ 16.920269] [ 16.920430] Memory state around the buggy address: [ 16.920939] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.921583] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.922124] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.922347] ^ [ 16.922506] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.922738] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.923380] ================================================================== [ 16.232483] ================================================================== [ 16.232749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 16.233151] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.233514] [ 16.233638] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.233686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.233700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.233724] Call Trace: [ 16.233740] <TASK> [ 16.233757] dump_stack_lvl+0x73/0xb0 [ 16.233786] print_report+0xd1/0x650 [ 16.233810] ? __virt_addr_valid+0x1db/0x2d0 [ 16.233835] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.233859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.233887] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.233912] kasan_report+0x141/0x180 [ 16.233937] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.233995] __asan_report_load4_noabort+0x18/0x20 [ 16.234024] kasan_atomics_helper+0x4b54/0x5450 [ 16.234061] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.234086] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.234133] ? kasan_atomics+0x152/0x310 [ 16.234164] kasan_atomics+0x1dc/0x310 [ 16.234207] ? __pfx_kasan_atomics+0x10/0x10 [ 16.234249] ? __pfx_read_tsc+0x10/0x10 [ 16.234287] ? ktime_get_ts64+0x86/0x230 [ 16.234329] kunit_try_run_case+0x1a5/0x480 [ 16.234371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.234425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.234451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.234491] ? __kthread_parkme+0x82/0x180 [ 16.234513] ? preempt_count_sub+0x50/0x80 [ 16.234540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.234566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.234591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.234617] kthread+0x337/0x6f0 [ 16.234639] ? trace_preempt_on+0x20/0xc0 [ 16.234664] ? __pfx_kthread+0x10/0x10 [ 16.234687] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.234710] ? calculate_sigpending+0x7b/0xa0 [ 16.234736] ? __pfx_kthread+0x10/0x10 [ 16.234760] ret_from_fork+0x116/0x1d0 [ 16.234780] ? __pfx_kthread+0x10/0x10 [ 16.234803] ret_from_fork_asm+0x1a/0x30 [ 16.234838] </TASK> [ 16.234851] [ 16.243213] Allocated by task 282: [ 16.243509] kasan_save_stack+0x45/0x70 [ 16.243720] kasan_save_track+0x18/0x40 [ 16.243939] kasan_save_alloc_info+0x3b/0x50 [ 16.244282] __kasan_kmalloc+0xb7/0xc0 [ 16.244488] __kmalloc_cache_noprof+0x189/0x420 [ 16.244726] kasan_atomics+0x95/0x310 [ 16.244932] kunit_try_run_case+0x1a5/0x480 [ 16.245169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.245436] kthread+0x337/0x6f0 [ 16.245593] ret_from_fork+0x116/0x1d0 [ 16.245739] ret_from_fork_asm+0x1a/0x30 [ 16.245923] [ 16.246094] The buggy address belongs to the object at ffff8881031d0c00 [ 16.246094] which belongs to the cache kmalloc-64 of size 64 [ 16.246615] The buggy address is located 0 bytes to the right of [ 16.246615] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.247214] [ 16.247321] The buggy address belongs to the physical page: [ 16.247585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.247961] flags: 0x200000000000000(node=0|zone=2) [ 16.248209] page_type: f5(slab) [ 16.248420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.248832] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.249193] page dumped because: kasan: bad access detected [ 16.249465] [ 16.249567] Memory state around the buggy address: [ 16.249798] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.250131] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.250507] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.250723] ^ [ 16.250964] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.251304] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.251623] ================================================================== [ 16.826929] ================================================================== [ 16.829036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 16.829426] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.830598] [ 16.830854] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.830925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.830939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.830963] Call Trace: [ 16.830979] <TASK> [ 16.831006] dump_stack_lvl+0x73/0xb0 [ 16.831038] print_report+0xd1/0x650 [ 16.831083] ? __virt_addr_valid+0x1db/0x2d0 [ 16.831108] ? kasan_atomics_helper+0x1148/0x5450 [ 16.831131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.831159] ? kasan_atomics_helper+0x1148/0x5450 [ 16.831183] kasan_report+0x141/0x180 [ 16.831207] ? kasan_atomics_helper+0x1148/0x5450 [ 16.831237] kasan_check_range+0x10c/0x1c0 [ 16.831263] __kasan_check_write+0x18/0x20 [ 16.831285] kasan_atomics_helper+0x1148/0x5450 [ 16.831310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.831333] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.831360] ? kasan_atomics+0x152/0x310 [ 16.831389] kasan_atomics+0x1dc/0x310 [ 16.831414] ? __pfx_kasan_atomics+0x10/0x10 [ 16.831440] ? __pfx_read_tsc+0x10/0x10 [ 16.831463] ? ktime_get_ts64+0x86/0x230 [ 16.831490] kunit_try_run_case+0x1a5/0x480 [ 16.831516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.831540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.831565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.831589] ? __kthread_parkme+0x82/0x180 [ 16.831611] ? preempt_count_sub+0x50/0x80 [ 16.831636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.831662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.831687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.833285] kthread+0x337/0x6f0 [ 16.833326] ? trace_preempt_on+0x20/0xc0 [ 16.833354] ? __pfx_kthread+0x10/0x10 [ 16.833380] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.833403] ? calculate_sigpending+0x7b/0xa0 [ 16.833427] ? __pfx_kthread+0x10/0x10 [ 16.833451] ret_from_fork+0x116/0x1d0 [ 16.833471] ? __pfx_kthread+0x10/0x10 [ 16.833493] ret_from_fork_asm+0x1a/0x30 [ 16.833534] </TASK> [ 16.833547] [ 16.848439] Allocated by task 282: [ 16.848800] kasan_save_stack+0x45/0x70 [ 16.849213] kasan_save_track+0x18/0x40 [ 16.849615] kasan_save_alloc_info+0x3b/0x50 [ 16.850124] __kasan_kmalloc+0xb7/0xc0 [ 16.850498] __kmalloc_cache_noprof+0x189/0x420 [ 16.850949] kasan_atomics+0x95/0x310 [ 16.851330] kunit_try_run_case+0x1a5/0x480 [ 16.851745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.852253] kthread+0x337/0x6f0 [ 16.852588] ret_from_fork+0x116/0x1d0 [ 16.853000] ret_from_fork_asm+0x1a/0x30 [ 16.853414] [ 16.853504] The buggy address belongs to the object at ffff8881031d0c00 [ 16.853504] which belongs to the cache kmalloc-64 of size 64 [ 16.854565] The buggy address is located 0 bytes to the right of [ 16.854565] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.855252] [ 16.855334] The buggy address belongs to the physical page: [ 16.855517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.855858] flags: 0x200000000000000(node=0|zone=2) [ 16.856338] page_type: f5(slab) [ 16.856674] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.857385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.858159] page dumped because: kasan: bad access detected [ 16.858659] [ 16.858846] Memory state around the buggy address: [ 16.859354] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.860162] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.860624] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.861018] ^ [ 16.861481] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.862220] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.862795] ================================================================== [ 16.212882] ================================================================== [ 16.213327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 16.213734] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.214394] [ 16.214568] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.214635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.214649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.214671] Call Trace: [ 16.214687] <TASK> [ 16.214702] dump_stack_lvl+0x73/0xb0 [ 16.214731] print_report+0xd1/0x650 [ 16.214755] ? __virt_addr_valid+0x1db/0x2d0 [ 16.214778] ? kasan_atomics_helper+0x3df/0x5450 [ 16.214799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.214827] ? kasan_atomics_helper+0x3df/0x5450 [ 16.214849] kasan_report+0x141/0x180 [ 16.214873] ? kasan_atomics_helper+0x3df/0x5450 [ 16.214900] kasan_check_range+0x10c/0x1c0 [ 16.214925] __kasan_check_read+0x15/0x20 [ 16.214966] kasan_atomics_helper+0x3df/0x5450 [ 16.214990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.215014] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.215068] ? kasan_atomics+0x152/0x310 [ 16.215097] kasan_atomics+0x1dc/0x310 [ 16.215121] ? __pfx_kasan_atomics+0x10/0x10 [ 16.215164] ? __pfx_read_tsc+0x10/0x10 [ 16.215185] ? ktime_get_ts64+0x86/0x230 [ 16.215212] kunit_try_run_case+0x1a5/0x480 [ 16.215237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.215259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.215284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.215308] ? __kthread_parkme+0x82/0x180 [ 16.215329] ? preempt_count_sub+0x50/0x80 [ 16.215354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.215379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.215403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.215427] kthread+0x337/0x6f0 [ 16.215448] ? trace_preempt_on+0x20/0xc0 [ 16.215472] ? __pfx_kthread+0x10/0x10 [ 16.215494] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.215516] ? calculate_sigpending+0x7b/0xa0 [ 16.215541] ? __pfx_kthread+0x10/0x10 [ 16.215564] ret_from_fork+0x116/0x1d0 [ 16.215583] ? __pfx_kthread+0x10/0x10 [ 16.215604] ret_from_fork_asm+0x1a/0x30 [ 16.215638] </TASK> [ 16.215650] [ 16.223883] Allocated by task 282: [ 16.224061] kasan_save_stack+0x45/0x70 [ 16.224290] kasan_save_track+0x18/0x40 [ 16.224508] kasan_save_alloc_info+0x3b/0x50 [ 16.224749] __kasan_kmalloc+0xb7/0xc0 [ 16.224937] __kmalloc_cache_noprof+0x189/0x420 [ 16.225180] kasan_atomics+0x95/0x310 [ 16.225376] kunit_try_run_case+0x1a5/0x480 [ 16.225600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.225855] kthread+0x337/0x6f0 [ 16.225985] ret_from_fork+0x116/0x1d0 [ 16.226136] ret_from_fork_asm+0x1a/0x30 [ 16.226295] [ 16.226398] The buggy address belongs to the object at ffff8881031d0c00 [ 16.226398] which belongs to the cache kmalloc-64 of size 64 [ 16.227038] The buggy address is located 0 bytes to the right of [ 16.227038] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.227615] [ 16.227751] The buggy address belongs to the physical page: [ 16.227960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.228223] flags: 0x200000000000000(node=0|zone=2) [ 16.228396] page_type: f5(slab) [ 16.228524] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.228879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.229240] page dumped because: kasan: bad access detected [ 16.229504] [ 16.229630] Memory state around the buggy address: [ 16.230041] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.230293] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.230521] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.230770] ^ [ 16.231015] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.231425] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.231864] ================================================================== [ 16.125574] ================================================================== [ 16.126554] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 16.127943] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.128439] [ 16.128538] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.128584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.128596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.128617] Call Trace: [ 16.128629] <TASK> [ 16.128644] dump_stack_lvl+0x73/0xb0 [ 16.128676] print_report+0xd1/0x650 [ 16.128698] ? __virt_addr_valid+0x1db/0x2d0 [ 16.129267] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.129293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.129321] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.129344] kasan_report+0x141/0x180 [ 16.129367] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.129394] __asan_report_store4_noabort+0x1b/0x30 [ 16.129419] kasan_atomics_helper+0x4ba2/0x5450 [ 16.129443] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.129466] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.129495] ? kasan_atomics+0x152/0x310 [ 16.129531] kasan_atomics+0x1dc/0x310 [ 16.129554] ? __pfx_kasan_atomics+0x10/0x10 [ 16.129579] ? __pfx_read_tsc+0x10/0x10 [ 16.129600] ? ktime_get_ts64+0x86/0x230 [ 16.129626] kunit_try_run_case+0x1a5/0x480 [ 16.129650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.129672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.129698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.129720] ? __kthread_parkme+0x82/0x180 [ 16.129742] ? preempt_count_sub+0x50/0x80 [ 16.129765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.129790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.129837] kthread+0x337/0x6f0 [ 16.129858] ? trace_preempt_on+0x20/0xc0 [ 16.129880] ? __pfx_kthread+0x10/0x10 [ 16.129901] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.129923] ? calculate_sigpending+0x7b/0xa0 [ 16.129947] ? __pfx_kthread+0x10/0x10 [ 16.129969] ret_from_fork+0x116/0x1d0 [ 16.129988] ? __pfx_kthread+0x10/0x10 [ 16.130010] ret_from_fork_asm+0x1a/0x30 [ 16.130043] </TASK> [ 16.130066] [ 16.147059] Allocated by task 282: [ 16.147362] kasan_save_stack+0x45/0x70 [ 16.147649] kasan_save_track+0x18/0x40 [ 16.148164] kasan_save_alloc_info+0x3b/0x50 [ 16.148617] __kasan_kmalloc+0xb7/0xc0 [ 16.148957] __kmalloc_cache_noprof+0x189/0x420 [ 16.149372] kasan_atomics+0x95/0x310 [ 16.149513] kunit_try_run_case+0x1a5/0x480 [ 16.149669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.150235] kthread+0x337/0x6f0 [ 16.150602] ret_from_fork+0x116/0x1d0 [ 16.151014] ret_from_fork_asm+0x1a/0x30 [ 16.151458] [ 16.151643] The buggy address belongs to the object at ffff8881031d0c00 [ 16.151643] which belongs to the cache kmalloc-64 of size 64 [ 16.152594] The buggy address is located 0 bytes to the right of [ 16.152594] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.153699] [ 16.153809] The buggy address belongs to the physical page: [ 16.154309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.154984] flags: 0x200000000000000(node=0|zone=2) [ 16.155499] page_type: f5(slab) [ 16.155668] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.156331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.157087] page dumped because: kasan: bad access detected [ 16.157654] [ 16.157762] Memory state around the buggy address: [ 16.158121] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.158347] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.158569] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.158814] ^ [ 16.159030] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.159682] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160366] ================================================================== [ 17.717994] ================================================================== [ 17.718264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 17.718622] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.719159] [ 17.719276] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.719321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.719333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.719356] Call Trace: [ 17.719372] <TASK> [ 17.719388] dump_stack_lvl+0x73/0xb0 [ 17.719417] print_report+0xd1/0x650 [ 17.719440] ? __virt_addr_valid+0x1db/0x2d0 [ 17.719462] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.719485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.719512] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.719535] kasan_report+0x141/0x180 [ 17.719558] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.719585] __asan_report_load8_noabort+0x18/0x20 [ 17.719610] kasan_atomics_helper+0x4fb2/0x5450 [ 17.719633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.719656] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.719682] ? kasan_atomics+0x152/0x310 [ 17.719710] kasan_atomics+0x1dc/0x310 [ 17.719733] ? __pfx_kasan_atomics+0x10/0x10 [ 17.719758] ? __pfx_read_tsc+0x10/0x10 [ 17.719805] ? ktime_get_ts64+0x86/0x230 [ 17.719831] kunit_try_run_case+0x1a5/0x480 [ 17.719856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.719879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.719916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.719940] ? __kthread_parkme+0x82/0x180 [ 17.719961] ? preempt_count_sub+0x50/0x80 [ 17.719985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.720010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.720033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.720068] kthread+0x337/0x6f0 [ 17.720089] ? trace_preempt_on+0x20/0xc0 [ 17.720113] ? __pfx_kthread+0x10/0x10 [ 17.720135] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.720156] ? calculate_sigpending+0x7b/0xa0 [ 17.720180] ? __pfx_kthread+0x10/0x10 [ 17.720203] ret_from_fork+0x116/0x1d0 [ 17.720221] ? __pfx_kthread+0x10/0x10 [ 17.720243] ret_from_fork_asm+0x1a/0x30 [ 17.720275] </TASK> [ 17.720288] [ 17.728118] Allocated by task 282: [ 17.728313] kasan_save_stack+0x45/0x70 [ 17.728520] kasan_save_track+0x18/0x40 [ 17.728709] kasan_save_alloc_info+0x3b/0x50 [ 17.728935] __kasan_kmalloc+0xb7/0xc0 [ 17.729087] __kmalloc_cache_noprof+0x189/0x420 [ 17.729291] kasan_atomics+0x95/0x310 [ 17.729487] kunit_try_run_case+0x1a5/0x480 [ 17.729722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.729930] kthread+0x337/0x6f0 [ 17.730076] ret_from_fork+0x116/0x1d0 [ 17.730218] ret_from_fork_asm+0x1a/0x30 [ 17.730399] [ 17.730502] The buggy address belongs to the object at ffff8881031d0c00 [ 17.730502] which belongs to the cache kmalloc-64 of size 64 [ 17.731106] The buggy address is located 0 bytes to the right of [ 17.731106] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.731918] [ 17.732000] The buggy address belongs to the physical page: [ 17.732264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.732648] flags: 0x200000000000000(node=0|zone=2) [ 17.732906] page_type: f5(slab) [ 17.733033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.733400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.733737] page dumped because: kasan: bad access detected [ 17.733919] [ 17.733993] Memory state around the buggy address: [ 17.734361] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.734734] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.735139] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.735361] ^ [ 17.735755] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.736119] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.736438] ================================================================== [ 17.793960] ================================================================== [ 17.794623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 17.795390] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.796446] [ 17.796637] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.796683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.796697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.796720] Call Trace: [ 17.796736] <TASK> [ 17.796754] dump_stack_lvl+0x73/0xb0 [ 17.796781] print_report+0xd1/0x650 [ 17.796806] ? __virt_addr_valid+0x1db/0x2d0 [ 17.796830] ? kasan_atomics_helper+0x224c/0x5450 [ 17.796851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.796880] ? kasan_atomics_helper+0x224c/0x5450 [ 17.796914] kasan_report+0x141/0x180 [ 17.796937] ? kasan_atomics_helper+0x224c/0x5450 [ 17.796967] kasan_check_range+0x10c/0x1c0 [ 17.796993] __kasan_check_write+0x18/0x20 [ 17.797014] kasan_atomics_helper+0x224c/0x5450 [ 17.797038] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.797074] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.797101] ? kasan_atomics+0x152/0x310 [ 17.797130] kasan_atomics+0x1dc/0x310 [ 17.797155] ? __pfx_kasan_atomics+0x10/0x10 [ 17.797181] ? __pfx_read_tsc+0x10/0x10 [ 17.797204] ? ktime_get_ts64+0x86/0x230 [ 17.797231] kunit_try_run_case+0x1a5/0x480 [ 17.797256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.797279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.797305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.797330] ? __kthread_parkme+0x82/0x180 [ 17.797351] ? preempt_count_sub+0x50/0x80 [ 17.797378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.797404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.797428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.797452] kthread+0x337/0x6f0 [ 17.797474] ? trace_preempt_on+0x20/0xc0 [ 17.797498] ? __pfx_kthread+0x10/0x10 [ 17.797525] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.797548] ? calculate_sigpending+0x7b/0xa0 [ 17.797572] ? __pfx_kthread+0x10/0x10 [ 17.797596] ret_from_fork+0x116/0x1d0 [ 17.797616] ? __pfx_kthread+0x10/0x10 [ 17.797639] ret_from_fork_asm+0x1a/0x30 [ 17.797673] </TASK> [ 17.797690] [ 17.806018] Allocated by task 282: [ 17.806203] kasan_save_stack+0x45/0x70 [ 17.806395] kasan_save_track+0x18/0x40 [ 17.806541] kasan_save_alloc_info+0x3b/0x50 [ 17.806811] __kasan_kmalloc+0xb7/0xc0 [ 17.807016] __kmalloc_cache_noprof+0x189/0x420 [ 17.807207] kasan_atomics+0x95/0x310 [ 17.807414] kunit_try_run_case+0x1a5/0x480 [ 17.807626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.807895] kthread+0x337/0x6f0 [ 17.808045] ret_from_fork+0x116/0x1d0 [ 17.808266] ret_from_fork_asm+0x1a/0x30 [ 17.808470] [ 17.808549] The buggy address belongs to the object at ffff8881031d0c00 [ 17.808549] which belongs to the cache kmalloc-64 of size 64 [ 17.809178] The buggy address is located 0 bytes to the right of [ 17.809178] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.809660] [ 17.809754] The buggy address belongs to the physical page: [ 17.810027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.810399] flags: 0x200000000000000(node=0|zone=2) [ 17.810607] page_type: f5(slab) [ 17.810740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.811534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.811850] page dumped because: kasan: bad access detected [ 17.812036] [ 17.812122] Memory state around the buggy address: [ 17.812289] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.812680] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.813135] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.813414] ^ [ 17.813580] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.813809] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.814038] ================================================================== [ 16.399010] ================================================================== [ 16.399284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 16.399630] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.400349] [ 16.400566] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.400664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.400679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.400702] Call Trace: [ 16.400718] <TASK> [ 16.400734] dump_stack_lvl+0x73/0xb0 [ 16.400764] print_report+0xd1/0x650 [ 16.400788] ? __virt_addr_valid+0x1db/0x2d0 [ 16.400812] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.400835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.400862] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.400885] kasan_report+0x141/0x180 [ 16.400908] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.400937] kasan_check_range+0x10c/0x1c0 [ 16.400962] __kasan_check_write+0x18/0x20 [ 16.400982] kasan_atomics_helper+0x7c7/0x5450 [ 16.401007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.401030] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.401070] ? kasan_atomics+0x152/0x310 [ 16.401100] kasan_atomics+0x1dc/0x310 [ 16.401135] ? __pfx_kasan_atomics+0x10/0x10 [ 16.401161] ? __pfx_read_tsc+0x10/0x10 [ 16.401183] ? ktime_get_ts64+0x86/0x230 [ 16.401210] kunit_try_run_case+0x1a5/0x480 [ 16.401274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.401349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.401374] ? __kthread_parkme+0x82/0x180 [ 16.401395] ? preempt_count_sub+0x50/0x80 [ 16.401421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.401471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.401496] kthread+0x337/0x6f0 [ 16.401517] ? trace_preempt_on+0x20/0xc0 [ 16.401551] ? __pfx_kthread+0x10/0x10 [ 16.401574] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.401597] ? calculate_sigpending+0x7b/0xa0 [ 16.401622] ? __pfx_kthread+0x10/0x10 [ 16.401646] ret_from_fork+0x116/0x1d0 [ 16.401666] ? __pfx_kthread+0x10/0x10 [ 16.401687] ret_from_fork_asm+0x1a/0x30 [ 16.401722] </TASK> [ 16.401741] [ 16.410159] Allocated by task 282: [ 16.410368] kasan_save_stack+0x45/0x70 [ 16.410591] kasan_save_track+0x18/0x40 [ 16.410844] kasan_save_alloc_info+0x3b/0x50 [ 16.411113] __kasan_kmalloc+0xb7/0xc0 [ 16.411331] __kmalloc_cache_noprof+0x189/0x420 [ 16.411572] kasan_atomics+0x95/0x310 [ 16.411729] kunit_try_run_case+0x1a5/0x480 [ 16.411976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.412302] kthread+0x337/0x6f0 [ 16.412433] ret_from_fork+0x116/0x1d0 [ 16.412571] ret_from_fork_asm+0x1a/0x30 [ 16.412769] [ 16.412870] The buggy address belongs to the object at ffff8881031d0c00 [ 16.412870] which belongs to the cache kmalloc-64 of size 64 [ 16.413520] The buggy address is located 0 bytes to the right of [ 16.413520] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.414125] [ 16.414202] The buggy address belongs to the physical page: [ 16.414430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.414967] flags: 0x200000000000000(node=0|zone=2) [ 16.415236] page_type: f5(slab) [ 16.415424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.415820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.416286] page dumped because: kasan: bad access detected [ 16.416473] [ 16.416549] Memory state around the buggy address: [ 16.416711] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.416936] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.417317] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.418129] ^ [ 16.418738] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.419496] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.420326] ================================================================== [ 17.403221] ================================================================== [ 17.404158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 17.404691] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.405583] [ 17.405688] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.405748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.405763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.405786] Call Trace: [ 17.405803] <TASK> [ 17.405843] dump_stack_lvl+0x73/0xb0 [ 17.405874] print_report+0xd1/0x650 [ 17.405899] ? __virt_addr_valid+0x1db/0x2d0 [ 17.405923] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.405946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.405975] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.405999] kasan_report+0x141/0x180 [ 17.406022] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.406063] kasan_check_range+0x10c/0x1c0 [ 17.406089] __kasan_check_write+0x18/0x20 [ 17.406110] kasan_atomics_helper+0x1c18/0x5450 [ 17.406135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.406159] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.406186] ? kasan_atomics+0x152/0x310 [ 17.406215] kasan_atomics+0x1dc/0x310 [ 17.406240] ? __pfx_kasan_atomics+0x10/0x10 [ 17.406267] ? __pfx_read_tsc+0x10/0x10 [ 17.406289] ? ktime_get_ts64+0x86/0x230 [ 17.406316] kunit_try_run_case+0x1a5/0x480 [ 17.406341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.406390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.406415] ? __kthread_parkme+0x82/0x180 [ 17.406437] ? preempt_count_sub+0x50/0x80 [ 17.406462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.406513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.406537] kthread+0x337/0x6f0 [ 17.406559] ? trace_preempt_on+0x20/0xc0 [ 17.406584] ? __pfx_kthread+0x10/0x10 [ 17.406606] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.406629] ? calculate_sigpending+0x7b/0xa0 [ 17.406655] ? __pfx_kthread+0x10/0x10 [ 17.406679] ret_from_fork+0x116/0x1d0 [ 17.406699] ? __pfx_kthread+0x10/0x10 [ 17.406721] ret_from_fork_asm+0x1a/0x30 [ 17.406905] </TASK> [ 17.406919] [ 17.421037] Allocated by task 282: [ 17.421517] kasan_save_stack+0x45/0x70 [ 17.422024] kasan_save_track+0x18/0x40 [ 17.422496] kasan_save_alloc_info+0x3b/0x50 [ 17.423016] __kasan_kmalloc+0xb7/0xc0 [ 17.423481] __kmalloc_cache_noprof+0x189/0x420 [ 17.424030] kasan_atomics+0x95/0x310 [ 17.424494] kunit_try_run_case+0x1a5/0x480 [ 17.425030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.425318] kthread+0x337/0x6f0 [ 17.425444] ret_from_fork+0x116/0x1d0 [ 17.425581] ret_from_fork_asm+0x1a/0x30 [ 17.425721] [ 17.425797] The buggy address belongs to the object at ffff8881031d0c00 [ 17.425797] which belongs to the cache kmalloc-64 of size 64 [ 17.426166] The buggy address is located 0 bytes to the right of [ 17.426166] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.426534] [ 17.426610] The buggy address belongs to the physical page: [ 17.426968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.428207] flags: 0x200000000000000(node=0|zone=2) [ 17.428774] page_type: f5(slab) [ 17.429190] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.430002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.430776] page dumped because: kasan: bad access detected [ 17.431398] [ 17.431566] Memory state around the buggy address: [ 17.432198] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.433179] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.433913] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.434492] ^ [ 17.434659] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.435370] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.436168] ================================================================== [ 17.498576] ================================================================== [ 17.498886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 17.499645] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.500171] [ 17.500359] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.500429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.500443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.500467] Call Trace: [ 17.500482] <TASK> [ 17.500500] dump_stack_lvl+0x73/0xb0 [ 17.500529] print_report+0xd1/0x650 [ 17.500553] ? __virt_addr_valid+0x1db/0x2d0 [ 17.500577] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.500619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.500647] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.500671] kasan_report+0x141/0x180 [ 17.500695] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.500724] kasan_check_range+0x10c/0x1c0 [ 17.500750] __kasan_check_write+0x18/0x20 [ 17.500772] kasan_atomics_helper+0x1d7a/0x5450 [ 17.500796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.500820] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.500846] ? kasan_atomics+0x152/0x310 [ 17.500876] kasan_atomics+0x1dc/0x310 [ 17.500901] ? __pfx_kasan_atomics+0x10/0x10 [ 17.500927] ? __pfx_read_tsc+0x10/0x10 [ 17.500950] ? ktime_get_ts64+0x86/0x230 [ 17.500977] kunit_try_run_case+0x1a5/0x480 [ 17.501002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.501027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.501062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.501088] ? __kthread_parkme+0x82/0x180 [ 17.501109] ? preempt_count_sub+0x50/0x80 [ 17.501135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.501161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.501185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.501210] kthread+0x337/0x6f0 [ 17.501231] ? trace_preempt_on+0x20/0xc0 [ 17.501256] ? __pfx_kthread+0x10/0x10 [ 17.501279] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.501302] ? calculate_sigpending+0x7b/0xa0 [ 17.501327] ? __pfx_kthread+0x10/0x10 [ 17.501351] ret_from_fork+0x116/0x1d0 [ 17.501370] ? __pfx_kthread+0x10/0x10 [ 17.501392] ret_from_fork_asm+0x1a/0x30 [ 17.501425] </TASK> [ 17.501438] [ 17.513184] Allocated by task 282: [ 17.513388] kasan_save_stack+0x45/0x70 [ 17.513795] kasan_save_track+0x18/0x40 [ 17.514191] kasan_save_alloc_info+0x3b/0x50 [ 17.514398] __kasan_kmalloc+0xb7/0xc0 [ 17.514536] __kmalloc_cache_noprof+0x189/0x420 [ 17.514694] kasan_atomics+0x95/0x310 [ 17.515103] kunit_try_run_case+0x1a5/0x480 [ 17.515520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.516186] kthread+0x337/0x6f0 [ 17.516592] ret_from_fork+0x116/0x1d0 [ 17.517011] ret_from_fork_asm+0x1a/0x30 [ 17.517399] [ 17.517475] The buggy address belongs to the object at ffff8881031d0c00 [ 17.517475] which belongs to the cache kmalloc-64 of size 64 [ 17.518083] The buggy address is located 0 bytes to the right of [ 17.518083] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.519264] [ 17.519449] The buggy address belongs to the physical page: [ 17.519914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.520175] flags: 0x200000000000000(node=0|zone=2) [ 17.520347] page_type: f5(slab) [ 17.520475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.520710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.521466] page dumped because: kasan: bad access detected [ 17.522109] [ 17.522309] Memory state around the buggy address: [ 17.522769] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.523422] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.524247] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.524827] ^ [ 17.524985] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.525214] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.525428] ================================================================== [ 17.763891] ================================================================== [ 17.764839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 17.765579] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.766390] [ 17.766500] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.766566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.766583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.766605] Call Trace: [ 17.766621] <TASK> [ 17.766640] dump_stack_lvl+0x73/0xb0 [ 17.766671] print_report+0xd1/0x650 [ 17.766729] ? __virt_addr_valid+0x1db/0x2d0 [ 17.766771] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.766792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.766820] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.766842] kasan_report+0x141/0x180 [ 17.766865] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.766894] __asan_report_load8_noabort+0x18/0x20 [ 17.766920] kasan_atomics_helper+0x4fa5/0x5450 [ 17.766967] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.766990] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.767016] ? kasan_atomics+0x152/0x310 [ 17.767075] kasan_atomics+0x1dc/0x310 [ 17.767098] ? __pfx_kasan_atomics+0x10/0x10 [ 17.767124] ? __pfx_read_tsc+0x10/0x10 [ 17.767146] ? ktime_get_ts64+0x86/0x230 [ 17.767172] kunit_try_run_case+0x1a5/0x480 [ 17.767197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.767220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.767245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.767269] ? __kthread_parkme+0x82/0x180 [ 17.767290] ? preempt_count_sub+0x50/0x80 [ 17.767314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.767340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.767363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.767387] kthread+0x337/0x6f0 [ 17.767408] ? trace_preempt_on+0x20/0xc0 [ 17.767432] ? __pfx_kthread+0x10/0x10 [ 17.767454] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.767476] ? calculate_sigpending+0x7b/0xa0 [ 17.767500] ? __pfx_kthread+0x10/0x10 [ 17.767523] ret_from_fork+0x116/0x1d0 [ 17.767543] ? __pfx_kthread+0x10/0x10 [ 17.767565] ret_from_fork_asm+0x1a/0x30 [ 17.767597] </TASK> [ 17.767610] [ 17.780439] Allocated by task 282: [ 17.780776] kasan_save_stack+0x45/0x70 [ 17.781212] kasan_save_track+0x18/0x40 [ 17.781582] kasan_save_alloc_info+0x3b/0x50 [ 17.782020] __kasan_kmalloc+0xb7/0xc0 [ 17.782269] __kmalloc_cache_noprof+0x189/0x420 [ 17.782432] kasan_atomics+0x95/0x310 [ 17.782572] kunit_try_run_case+0x1a5/0x480 [ 17.782723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.783211] kthread+0x337/0x6f0 [ 17.783513] ret_from_fork+0x116/0x1d0 [ 17.783864] ret_from_fork_asm+0x1a/0x30 [ 17.784229] [ 17.784394] The buggy address belongs to the object at ffff8881031d0c00 [ 17.784394] which belongs to the cache kmalloc-64 of size 64 [ 17.785480] The buggy address is located 0 bytes to the right of [ 17.785480] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.786308] [ 17.786388] The buggy address belongs to the physical page: [ 17.786571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.786984] flags: 0x200000000000000(node=0|zone=2) [ 17.787431] page_type: f5(slab) [ 17.787782] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.788684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.789375] page dumped because: kasan: bad access detected [ 17.789947] [ 17.790122] Memory state around the buggy address: [ 17.790549] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.791107] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.791340] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.791570] ^ [ 17.791748] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.792376] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793067] ================================================================== [ 16.160888] ================================================================== [ 16.161683] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 16.162383] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.163110] [ 16.163340] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.163384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.163396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.163416] Call Trace: [ 16.163427] <TASK> [ 16.163442] dump_stack_lvl+0x73/0xb0 [ 16.163469] print_report+0xd1/0x650 [ 16.163490] ? __virt_addr_valid+0x1db/0x2d0 [ 16.163513] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.163556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.163582] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.163603] kasan_report+0x141/0x180 [ 16.163624] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.163650] __asan_report_load4_noabort+0x18/0x20 [ 16.163675] kasan_atomics_helper+0x4b88/0x5450 [ 16.163696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.163719] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.163743] ? kasan_atomics+0x152/0x310 [ 16.163769] kasan_atomics+0x1dc/0x310 [ 16.163791] ? __pfx_kasan_atomics+0x10/0x10 [ 16.163815] ? __pfx_read_tsc+0x10/0x10 [ 16.163834] ? ktime_get_ts64+0x86/0x230 [ 16.163860] kunit_try_run_case+0x1a5/0x480 [ 16.163882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.163903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.163927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.163950] ? __kthread_parkme+0x82/0x180 [ 16.163977] ? preempt_count_sub+0x50/0x80 [ 16.164001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.164024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.164057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.164080] kthread+0x337/0x6f0 [ 16.164099] ? trace_preempt_on+0x20/0xc0 [ 16.164122] ? __pfx_kthread+0x10/0x10 [ 16.164142] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.164162] ? calculate_sigpending+0x7b/0xa0 [ 16.164185] ? __pfx_kthread+0x10/0x10 [ 16.164206] ret_from_fork+0x116/0x1d0 [ 16.164225] ? __pfx_kthread+0x10/0x10 [ 16.164245] ret_from_fork_asm+0x1a/0x30 [ 16.164276] </TASK> [ 16.164288] [ 16.176271] Allocated by task 282: [ 16.176670] kasan_save_stack+0x45/0x70 [ 16.177177] kasan_save_track+0x18/0x40 [ 16.177658] kasan_save_alloc_info+0x3b/0x50 [ 16.177979] __kasan_kmalloc+0xb7/0xc0 [ 16.178406] __kmalloc_cache_noprof+0x189/0x420 [ 16.178807] kasan_atomics+0x95/0x310 [ 16.179078] kunit_try_run_case+0x1a5/0x480 [ 16.179570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.180130] kthread+0x337/0x6f0 [ 16.180265] ret_from_fork+0x116/0x1d0 [ 16.180452] ret_from_fork_asm+0x1a/0x30 [ 16.180612] [ 16.180703] The buggy address belongs to the object at ffff8881031d0c00 [ 16.180703] which belongs to the cache kmalloc-64 of size 64 [ 16.182106] The buggy address is located 0 bytes to the right of [ 16.182106] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.182978] [ 16.183082] The buggy address belongs to the physical page: [ 16.183693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.184241] flags: 0x200000000000000(node=0|zone=2) [ 16.184825] page_type: f5(slab) [ 16.185243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.185612] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.185991] page dumped because: kasan: bad access detected [ 16.186474] [ 16.186556] Memory state around the buggy address: [ 16.186727] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.186971] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.187696] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.188547] ^ [ 16.189062] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.189830] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.190729] ================================================================== [ 17.289817] ================================================================== [ 17.290087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 17.290333] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.290674] [ 17.290792] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.290836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.290849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.290871] Call Trace: [ 17.290915] <TASK> [ 17.290931] dump_stack_lvl+0x73/0xb0 [ 17.290958] print_report+0xd1/0x650 [ 17.290982] ? __virt_addr_valid+0x1db/0x2d0 [ 17.291005] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.291028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.291067] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.291091] kasan_report+0x141/0x180 [ 17.291114] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.291143] kasan_check_range+0x10c/0x1c0 [ 17.291169] __kasan_check_write+0x18/0x20 [ 17.291190] kasan_atomics_helper+0x18b1/0x5450 [ 17.291214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.291237] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.291264] ? kasan_atomics+0x152/0x310 [ 17.291293] kasan_atomics+0x1dc/0x310 [ 17.291316] ? __pfx_kasan_atomics+0x10/0x10 [ 17.291342] ? __pfx_read_tsc+0x10/0x10 [ 17.291364] ? ktime_get_ts64+0x86/0x230 [ 17.291390] kunit_try_run_case+0x1a5/0x480 [ 17.291415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.291440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.291464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.291488] ? __kthread_parkme+0x82/0x180 [ 17.291509] ? preempt_count_sub+0x50/0x80 [ 17.291534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.291559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.291582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.291607] kthread+0x337/0x6f0 [ 17.291628] ? trace_preempt_on+0x20/0xc0 [ 17.291652] ? __pfx_kthread+0x10/0x10 [ 17.291674] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.291696] ? calculate_sigpending+0x7b/0xa0 [ 17.291721] ? __pfx_kthread+0x10/0x10 [ 17.291744] ret_from_fork+0x116/0x1d0 [ 17.291763] ? __pfx_kthread+0x10/0x10 [ 17.291785] ret_from_fork_asm+0x1a/0x30 [ 17.291818] </TASK> [ 17.291830] [ 17.299829] Allocated by task 282: [ 17.300028] kasan_save_stack+0x45/0x70 [ 17.300252] kasan_save_track+0x18/0x40 [ 17.300461] kasan_save_alloc_info+0x3b/0x50 [ 17.300699] __kasan_kmalloc+0xb7/0xc0 [ 17.300911] __kmalloc_cache_noprof+0x189/0x420 [ 17.301121] kasan_atomics+0x95/0x310 [ 17.301282] kunit_try_run_case+0x1a5/0x480 [ 17.301508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.301769] kthread+0x337/0x6f0 [ 17.301936] ret_from_fork+0x116/0x1d0 [ 17.302089] ret_from_fork_asm+0x1a/0x30 [ 17.302238] [ 17.302315] The buggy address belongs to the object at ffff8881031d0c00 [ 17.302315] which belongs to the cache kmalloc-64 of size 64 [ 17.302693] The buggy address is located 0 bytes to the right of [ 17.302693] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.303447] [ 17.303548] The buggy address belongs to the physical page: [ 17.303810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.304180] flags: 0x200000000000000(node=0|zone=2) [ 17.304358] page_type: f5(slab) [ 17.304487] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.304733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.305197] page dumped because: kasan: bad access detected [ 17.305464] [ 17.305569] Memory state around the buggy address: [ 17.305897] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.306245] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.306590] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.306892] ^ [ 17.307130] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.307362] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.307664] ================================================================== [ 16.335143] ================================================================== [ 16.335397] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 16.335641] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.336403] [ 16.336707] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.336782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.336823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.336847] Call Trace: [ 16.336862] <TASK> [ 16.336880] dump_stack_lvl+0x73/0xb0 [ 16.336911] print_report+0xd1/0x650 [ 16.336936] ? __virt_addr_valid+0x1db/0x2d0 [ 16.336960] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.336985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.337014] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.337038] kasan_report+0x141/0x180 [ 16.337073] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.337102] kasan_check_range+0x10c/0x1c0 [ 16.337128] __kasan_check_write+0x18/0x20 [ 16.337149] kasan_atomics_helper+0x5fe/0x5450 [ 16.337208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.337235] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.337262] ? kasan_atomics+0x152/0x310 [ 16.337293] kasan_atomics+0x1dc/0x310 [ 16.337317] ? __pfx_kasan_atomics+0x10/0x10 [ 16.337344] ? __pfx_read_tsc+0x10/0x10 [ 16.337369] ? ktime_get_ts64+0x86/0x230 [ 16.337398] kunit_try_run_case+0x1a5/0x480 [ 16.337425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.337449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.337475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.337501] ? __kthread_parkme+0x82/0x180 [ 16.337529] ? preempt_count_sub+0x50/0x80 [ 16.337558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.337585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.337610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.337636] kthread+0x337/0x6f0 [ 16.337658] ? trace_preempt_on+0x20/0xc0 [ 16.337685] ? __pfx_kthread+0x10/0x10 [ 16.337709] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.337732] ? calculate_sigpending+0x7b/0xa0 [ 16.337759] ? __pfx_kthread+0x10/0x10 [ 16.337782] ret_from_fork+0x116/0x1d0 [ 16.337803] ? __pfx_kthread+0x10/0x10 [ 16.337827] ret_from_fork_asm+0x1a/0x30 [ 16.337861] </TASK> [ 16.337876] [ 16.348605] Allocated by task 282: [ 16.348816] kasan_save_stack+0x45/0x70 [ 16.349064] kasan_save_track+0x18/0x40 [ 16.349241] kasan_save_alloc_info+0x3b/0x50 [ 16.349489] __kasan_kmalloc+0xb7/0xc0 [ 16.349688] __kmalloc_cache_noprof+0x189/0x420 [ 16.349924] kasan_atomics+0x95/0x310 [ 16.350160] kunit_try_run_case+0x1a5/0x480 [ 16.350383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.350656] kthread+0x337/0x6f0 [ 16.350898] ret_from_fork+0x116/0x1d0 [ 16.351144] ret_from_fork_asm+0x1a/0x30 [ 16.351290] [ 16.351365] The buggy address belongs to the object at ffff8881031d0c00 [ 16.351365] which belongs to the cache kmalloc-64 of size 64 [ 16.351895] The buggy address is located 0 bytes to the right of [ 16.351895] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.352516] [ 16.352611] The buggy address belongs to the physical page: [ 16.352941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.353302] flags: 0x200000000000000(node=0|zone=2) [ 16.353501] page_type: f5(slab) [ 16.353652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.354198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.354552] page dumped because: kasan: bad access detected [ 16.354801] [ 16.354901] Memory state around the buggy address: [ 16.355146] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.355636] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.356030] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.356359] ^ [ 16.356595] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.356927] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357167] ================================================================== [ 16.982971] ================================================================== [ 16.983700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 16.984504] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.985281] [ 16.985375] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.985422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.985436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.985458] Call Trace: [ 16.985474] <TASK> [ 16.985491] dump_stack_lvl+0x73/0xb0 [ 16.985520] print_report+0xd1/0x650 [ 16.985548] ? __virt_addr_valid+0x1db/0x2d0 [ 16.985572] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.985595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.985623] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.985646] kasan_report+0x141/0x180 [ 16.985670] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.985698] __asan_report_load4_noabort+0x18/0x20 [ 16.985736] kasan_atomics_helper+0x49ce/0x5450 [ 16.985760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.985784] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.985810] ? kasan_atomics+0x152/0x310 [ 16.985840] kasan_atomics+0x1dc/0x310 [ 16.985864] ? __pfx_kasan_atomics+0x10/0x10 [ 16.985904] ? __pfx_read_tsc+0x10/0x10 [ 16.985927] ? ktime_get_ts64+0x86/0x230 [ 16.985954] kunit_try_run_case+0x1a5/0x480 [ 16.985991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.986015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.986039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.986074] ? __kthread_parkme+0x82/0x180 [ 16.986097] ? preempt_count_sub+0x50/0x80 [ 16.986122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.986148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.986172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.986198] kthread+0x337/0x6f0 [ 16.986219] ? trace_preempt_on+0x20/0xc0 [ 16.986245] ? __pfx_kthread+0x10/0x10 [ 16.986268] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.986290] ? calculate_sigpending+0x7b/0xa0 [ 16.986315] ? __pfx_kthread+0x10/0x10 [ 16.986338] ret_from_fork+0x116/0x1d0 [ 16.986358] ? __pfx_kthread+0x10/0x10 [ 16.986381] ret_from_fork_asm+0x1a/0x30 [ 16.986415] </TASK> [ 16.986427] [ 17.001070] Allocated by task 282: [ 17.001434] kasan_save_stack+0x45/0x70 [ 17.001835] kasan_save_track+0x18/0x40 [ 17.002032] kasan_save_alloc_info+0x3b/0x50 [ 17.002448] __kasan_kmalloc+0xb7/0xc0 [ 17.002589] __kmalloc_cache_noprof+0x189/0x420 [ 17.002772] kasan_atomics+0x95/0x310 [ 17.003066] kunit_try_run_case+0x1a5/0x480 [ 17.003230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.003412] kthread+0x337/0x6f0 [ 17.003540] ret_from_fork+0x116/0x1d0 [ 17.003677] ret_from_fork_asm+0x1a/0x30 [ 17.003926] [ 17.004079] The buggy address belongs to the object at ffff8881031d0c00 [ 17.004079] which belongs to the cache kmalloc-64 of size 64 [ 17.005290] The buggy address is located 0 bytes to the right of [ 17.005290] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.006535] [ 17.006719] The buggy address belongs to the physical page: [ 17.007284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.007667] flags: 0x200000000000000(node=0|zone=2) [ 17.007991] page_type: f5(slab) [ 17.008324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.009079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.009716] page dumped because: kasan: bad access detected [ 17.010209] [ 17.010344] Memory state around the buggy address: [ 17.010750] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.010995] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.011636] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.012180] ^ [ 17.012519] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.012975] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.013484] ================================================================== [ 17.236540] ================================================================== [ 17.237742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 17.238356] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.239493] [ 17.239754] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.239808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.239823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.239846] Call Trace: [ 17.239864] <TASK> [ 17.239880] dump_stack_lvl+0x73/0xb0 [ 17.239911] print_report+0xd1/0x650 [ 17.239935] ? __virt_addr_valid+0x1db/0x2d0 [ 17.239959] ? kasan_atomics_helper+0x177f/0x5450 [ 17.239982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.240010] ? kasan_atomics_helper+0x177f/0x5450 [ 17.240034] kasan_report+0x141/0x180 [ 17.240068] ? kasan_atomics_helper+0x177f/0x5450 [ 17.240097] kasan_check_range+0x10c/0x1c0 [ 17.240123] __kasan_check_write+0x18/0x20 [ 17.240143] kasan_atomics_helper+0x177f/0x5450 [ 17.240168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.240192] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.240218] ? kasan_atomics+0x152/0x310 [ 17.240247] kasan_atomics+0x1dc/0x310 [ 17.240272] ? __pfx_kasan_atomics+0x10/0x10 [ 17.240297] ? __pfx_read_tsc+0x10/0x10 [ 17.240319] ? ktime_get_ts64+0x86/0x230 [ 17.240345] kunit_try_run_case+0x1a5/0x480 [ 17.240371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.240396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.240420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.240444] ? __kthread_parkme+0x82/0x180 [ 17.240466] ? preempt_count_sub+0x50/0x80 [ 17.240491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.240517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.240543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.240567] kthread+0x337/0x6f0 [ 17.240588] ? trace_preempt_on+0x20/0xc0 [ 17.240613] ? __pfx_kthread+0x10/0x10 [ 17.240635] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.240658] ? calculate_sigpending+0x7b/0xa0 [ 17.240682] ? __pfx_kthread+0x10/0x10 [ 17.240706] ret_from_fork+0x116/0x1d0 [ 17.240892] ? __pfx_kthread+0x10/0x10 [ 17.240918] ret_from_fork_asm+0x1a/0x30 [ 17.240952] </TASK> [ 17.240966] [ 17.256509] Allocated by task 282: [ 17.256833] kasan_save_stack+0x45/0x70 [ 17.257179] kasan_save_track+0x18/0x40 [ 17.257325] kasan_save_alloc_info+0x3b/0x50 [ 17.257482] __kasan_kmalloc+0xb7/0xc0 [ 17.257627] __kmalloc_cache_noprof+0x189/0x420 [ 17.257971] kasan_atomics+0x95/0x310 [ 17.258356] kunit_try_run_case+0x1a5/0x480 [ 17.258807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.259329] kthread+0x337/0x6f0 [ 17.259676] ret_from_fork+0x116/0x1d0 [ 17.260088] ret_from_fork_asm+0x1a/0x30 [ 17.260484] [ 17.260578] The buggy address belongs to the object at ffff8881031d0c00 [ 17.260578] which belongs to the cache kmalloc-64 of size 64 [ 17.261567] The buggy address is located 0 bytes to the right of [ 17.261567] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.262467] [ 17.262547] The buggy address belongs to the physical page: [ 17.262764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.263514] flags: 0x200000000000000(node=0|zone=2) [ 17.264014] page_type: f5(slab) [ 17.264191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.264432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.264674] page dumped because: kasan: bad access detected [ 17.265241] [ 17.265404] Memory state around the buggy address: [ 17.265901] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.266517] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.266986] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.267834] ^ [ 17.268425] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.268955] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269715] ================================================================== [ 17.376085] ================================================================== [ 17.376355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 17.376712] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.377759] [ 17.377880] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.378080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.378098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.378121] Call Trace: [ 17.378137] <TASK> [ 17.378155] dump_stack_lvl+0x73/0xb0 [ 17.378186] print_report+0xd1/0x650 [ 17.378209] ? __virt_addr_valid+0x1db/0x2d0 [ 17.378233] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.378258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.378287] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.378309] kasan_report+0x141/0x180 [ 17.378333] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.378361] kasan_check_range+0x10c/0x1c0 [ 17.378386] __kasan_check_write+0x18/0x20 [ 17.378407] kasan_atomics_helper+0x1b22/0x5450 [ 17.378431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.378454] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.378481] ? kasan_atomics+0x152/0x310 [ 17.378510] kasan_atomics+0x1dc/0x310 [ 17.378533] ? __pfx_kasan_atomics+0x10/0x10 [ 17.378559] ? __pfx_read_tsc+0x10/0x10 [ 17.378581] ? ktime_get_ts64+0x86/0x230 [ 17.378607] kunit_try_run_case+0x1a5/0x480 [ 17.378632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.378655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.378679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.378702] ? __kthread_parkme+0x82/0x180 [ 17.378734] ? preempt_count_sub+0x50/0x80 [ 17.378760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.378785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.378808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.378832] kthread+0x337/0x6f0 [ 17.378852] ? trace_preempt_on+0x20/0xc0 [ 17.378875] ? __pfx_kthread+0x10/0x10 [ 17.378897] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.378919] ? calculate_sigpending+0x7b/0xa0 [ 17.378944] ? __pfx_kthread+0x10/0x10 [ 17.378966] ret_from_fork+0x116/0x1d0 [ 17.379000] ? __pfx_kthread+0x10/0x10 [ 17.379022] ret_from_fork_asm+0x1a/0x30 [ 17.379064] </TASK> [ 17.379077] [ 17.389777] Allocated by task 282: [ 17.390268] kasan_save_stack+0x45/0x70 [ 17.390452] kasan_save_track+0x18/0x40 [ 17.390852] kasan_save_alloc_info+0x3b/0x50 [ 17.391210] __kasan_kmalloc+0xb7/0xc0 [ 17.391520] __kmalloc_cache_noprof+0x189/0x420 [ 17.391832] kasan_atomics+0x95/0x310 [ 17.392006] kunit_try_run_case+0x1a5/0x480 [ 17.392382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.392650] kthread+0x337/0x6f0 [ 17.392990] ret_from_fork+0x116/0x1d0 [ 17.393200] ret_from_fork_asm+0x1a/0x30 [ 17.393557] [ 17.393754] The buggy address belongs to the object at ffff8881031d0c00 [ 17.393754] which belongs to the cache kmalloc-64 of size 64 [ 17.394420] The buggy address is located 0 bytes to the right of [ 17.394420] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.395186] [ 17.395418] The buggy address belongs to the physical page: [ 17.395675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.396174] flags: 0x200000000000000(node=0|zone=2) [ 17.396560] page_type: f5(slab) [ 17.396847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.397308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.397771] page dumped because: kasan: bad access detected [ 17.397967] [ 17.398060] Memory state around the buggy address: [ 17.398235] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.398472] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.398704] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.399663] ^ [ 17.400281] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.401038] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.401806] ================================================================== [ 17.436932] ================================================================== [ 17.437905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 17.438555] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.439222] [ 17.439432] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.439481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.439495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.439518] Call Trace: [ 17.439535] <TASK> [ 17.439553] dump_stack_lvl+0x73/0xb0 [ 17.439603] print_report+0xd1/0x650 [ 17.439629] ? __virt_addr_valid+0x1db/0x2d0 [ 17.439655] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.439677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.439705] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.439739] kasan_report+0x141/0x180 [ 17.439763] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.439792] __asan_report_load8_noabort+0x18/0x20 [ 17.439818] kasan_atomics_helper+0x4f30/0x5450 [ 17.439842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.439866] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.439893] ? kasan_atomics+0x152/0x310 [ 17.439923] kasan_atomics+0x1dc/0x310 [ 17.439947] ? __pfx_kasan_atomics+0x10/0x10 [ 17.439974] ? __pfx_read_tsc+0x10/0x10 [ 17.439997] ? ktime_get_ts64+0x86/0x230 [ 17.440025] kunit_try_run_case+0x1a5/0x480 [ 17.440063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.440088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.440115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.440140] ? __kthread_parkme+0x82/0x180 [ 17.440162] ? preempt_count_sub+0x50/0x80 [ 17.440188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.440213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.440237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.440262] kthread+0x337/0x6f0 [ 17.440284] ? trace_preempt_on+0x20/0xc0 [ 17.440308] ? __pfx_kthread+0x10/0x10 [ 17.440330] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.440352] ? calculate_sigpending+0x7b/0xa0 [ 17.440377] ? __pfx_kthread+0x10/0x10 [ 17.440400] ret_from_fork+0x116/0x1d0 [ 17.440420] ? __pfx_kthread+0x10/0x10 [ 17.440442] ret_from_fork_asm+0x1a/0x30 [ 17.440476] </TASK> [ 17.440489] [ 17.452426] Allocated by task 282: [ 17.452758] kasan_save_stack+0x45/0x70 [ 17.453227] kasan_save_track+0x18/0x40 [ 17.453628] kasan_save_alloc_info+0x3b/0x50 [ 17.454112] __kasan_kmalloc+0xb7/0xc0 [ 17.454477] __kmalloc_cache_noprof+0x189/0x420 [ 17.454977] kasan_atomics+0x95/0x310 [ 17.455360] kunit_try_run_case+0x1a5/0x480 [ 17.455783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.456240] kthread+0x337/0x6f0 [ 17.456375] ret_from_fork+0x116/0x1d0 [ 17.456519] ret_from_fork_asm+0x1a/0x30 [ 17.456668] [ 17.456763] The buggy address belongs to the object at ffff8881031d0c00 [ 17.456763] which belongs to the cache kmalloc-64 of size 64 [ 17.457945] The buggy address is located 0 bytes to the right of [ 17.457945] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.459213] [ 17.459383] The buggy address belongs to the physical page: [ 17.459811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.460082] flags: 0x200000000000000(node=0|zone=2) [ 17.460257] page_type: f5(slab) [ 17.460384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.460631] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.461070] page dumped because: kasan: bad access detected [ 17.461575] [ 17.461741] Memory state around the buggy address: [ 17.462256] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.463020] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.463695] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.464346] ^ [ 17.464824] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.465467] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.466241] ================================================================== [ 17.326399] ================================================================== [ 17.326817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 17.327141] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.327422] [ 17.327510] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.327553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.327566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.327588] Call Trace: [ 17.327602] <TASK> [ 17.327617] dump_stack_lvl+0x73/0xb0 [ 17.327643] print_report+0xd1/0x650 [ 17.327666] ? __virt_addr_valid+0x1db/0x2d0 [ 17.327688] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.327710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.327748] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.327771] kasan_report+0x141/0x180 [ 17.327794] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.327822] kasan_check_range+0x10c/0x1c0 [ 17.327847] __kasan_check_write+0x18/0x20 [ 17.327867] kasan_atomics_helper+0x19e3/0x5450 [ 17.327890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.327914] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.327940] ? kasan_atomics+0x152/0x310 [ 17.327969] kasan_atomics+0x1dc/0x310 [ 17.327994] ? __pfx_kasan_atomics+0x10/0x10 [ 17.328019] ? __pfx_read_tsc+0x10/0x10 [ 17.328041] ? ktime_get_ts64+0x86/0x230 [ 17.328080] kunit_try_run_case+0x1a5/0x480 [ 17.328105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.328128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.328152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.328176] ? __kthread_parkme+0x82/0x180 [ 17.328197] ? preempt_count_sub+0x50/0x80 [ 17.328222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.328245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.328269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.328293] kthread+0x337/0x6f0 [ 17.328314] ? trace_preempt_on+0x20/0xc0 [ 17.328338] ? __pfx_kthread+0x10/0x10 [ 17.328359] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.328382] ? calculate_sigpending+0x7b/0xa0 [ 17.328406] ? __pfx_kthread+0x10/0x10 [ 17.328429] ret_from_fork+0x116/0x1d0 [ 17.328448] ? __pfx_kthread+0x10/0x10 [ 17.328470] ret_from_fork_asm+0x1a/0x30 [ 17.328502] </TASK> [ 17.328514] [ 17.336701] Allocated by task 282: [ 17.336899] kasan_save_stack+0x45/0x70 [ 17.337125] kasan_save_track+0x18/0x40 [ 17.337325] kasan_save_alloc_info+0x3b/0x50 [ 17.337534] __kasan_kmalloc+0xb7/0xc0 [ 17.337747] __kmalloc_cache_noprof+0x189/0x420 [ 17.337938] kasan_atomics+0x95/0x310 [ 17.338093] kunit_try_run_case+0x1a5/0x480 [ 17.338251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.338438] kthread+0x337/0x6f0 [ 17.338569] ret_from_fork+0x116/0x1d0 [ 17.338748] ret_from_fork_asm+0x1a/0x30 [ 17.338970] [ 17.339083] The buggy address belongs to the object at ffff8881031d0c00 [ 17.339083] which belongs to the cache kmalloc-64 of size 64 [ 17.339653] The buggy address is located 0 bytes to the right of [ 17.339653] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.340685] [ 17.340841] The buggy address belongs to the physical page: [ 17.341035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.341304] flags: 0x200000000000000(node=0|zone=2) [ 17.341479] page_type: f5(slab) [ 17.341613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.342011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.342378] page dumped because: kasan: bad access detected [ 17.342650] [ 17.342754] Memory state around the buggy address: [ 17.342961] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.343214] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.343453] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.343686] ^ [ 17.343854] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.344319] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.344676] ================================================================== [ 16.530315] ================================================================== [ 16.531258] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 16.532073] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.532674] [ 16.532956] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.533034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.533068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.533092] Call Trace: [ 16.533111] <TASK> [ 16.533129] dump_stack_lvl+0x73/0xb0 [ 16.533161] print_report+0xd1/0x650 [ 16.533185] ? __virt_addr_valid+0x1db/0x2d0 [ 16.533210] ? kasan_atomics_helper+0xac7/0x5450 [ 16.533232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.533262] ? kasan_atomics_helper+0xac7/0x5450 [ 16.533285] kasan_report+0x141/0x180 [ 16.533310] ? kasan_atomics_helper+0xac7/0x5450 [ 16.533338] kasan_check_range+0x10c/0x1c0 [ 16.533364] __kasan_check_write+0x18/0x20 [ 16.533386] kasan_atomics_helper+0xac7/0x5450 [ 16.533411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.533435] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.533463] ? kasan_atomics+0x152/0x310 [ 16.533492] kasan_atomics+0x1dc/0x310 [ 16.533517] ? __pfx_kasan_atomics+0x10/0x10 [ 16.533548] ? __pfx_read_tsc+0x10/0x10 [ 16.533571] ? ktime_get_ts64+0x86/0x230 [ 16.533597] kunit_try_run_case+0x1a5/0x480 [ 16.533623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.533647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.533673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.533698] ? __kthread_parkme+0x82/0x180 [ 16.533728] ? preempt_count_sub+0x50/0x80 [ 16.533754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.533780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.533804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.533829] kthread+0x337/0x6f0 [ 16.533850] ? trace_preempt_on+0x20/0xc0 [ 16.533874] ? __pfx_kthread+0x10/0x10 [ 16.533898] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.533920] ? calculate_sigpending+0x7b/0xa0 [ 16.533946] ? __pfx_kthread+0x10/0x10 [ 16.533969] ret_from_fork+0x116/0x1d0 [ 16.533989] ? __pfx_kthread+0x10/0x10 [ 16.534012] ret_from_fork_asm+0x1a/0x30 [ 16.534046] </TASK> [ 16.534067] [ 16.547040] Allocated by task 282: [ 16.547417] kasan_save_stack+0x45/0x70 [ 16.547815] kasan_save_track+0x18/0x40 [ 16.548209] kasan_save_alloc_info+0x3b/0x50 [ 16.548514] __kasan_kmalloc+0xb7/0xc0 [ 16.548655] __kmalloc_cache_noprof+0x189/0x420 [ 16.549032] kasan_atomics+0x95/0x310 [ 16.549408] kunit_try_run_case+0x1a5/0x480 [ 16.549867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.550433] kthread+0x337/0x6f0 [ 16.550563] ret_from_fork+0x116/0x1d0 [ 16.550701] ret_from_fork_asm+0x1a/0x30 [ 16.551115] [ 16.551289] The buggy address belongs to the object at ffff8881031d0c00 [ 16.551289] which belongs to the cache kmalloc-64 of size 64 [ 16.552425] The buggy address is located 0 bytes to the right of [ 16.552425] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.553239] [ 16.553318] The buggy address belongs to the physical page: [ 16.553501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.553776] flags: 0x200000000000000(node=0|zone=2) [ 16.553950] page_type: f5(slab) [ 16.554087] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.554327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.554563] page dumped because: kasan: bad access detected [ 16.554765] [ 16.554936] Memory state around the buggy address: [ 16.555380] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.556113] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.557262] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.557871] ^ [ 16.558297] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.558826] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559956] ================================================================== [ 16.805559] ================================================================== [ 16.806234] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 16.806613] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.806860] [ 16.806950] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.806993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.807007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.807029] Call Trace: [ 16.807045] <TASK> [ 16.807075] dump_stack_lvl+0x73/0xb0 [ 16.807127] print_report+0xd1/0x650 [ 16.807152] ? __virt_addr_valid+0x1db/0x2d0 [ 16.807176] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.807211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.807239] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.807262] kasan_report+0x141/0x180 [ 16.807286] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.807315] __asan_report_load4_noabort+0x18/0x20 [ 16.807342] kasan_atomics_helper+0x4a1c/0x5450 [ 16.807367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.807391] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.807417] ? kasan_atomics+0x152/0x310 [ 16.807446] kasan_atomics+0x1dc/0x310 [ 16.807470] ? __pfx_kasan_atomics+0x10/0x10 [ 16.807495] ? __pfx_read_tsc+0x10/0x10 [ 16.807517] ? ktime_get_ts64+0x86/0x230 [ 16.807553] kunit_try_run_case+0x1a5/0x480 [ 16.807578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.807611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.807636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.807660] ? __kthread_parkme+0x82/0x180 [ 16.807681] ? preempt_count_sub+0x50/0x80 [ 16.807707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.807749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.807773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.807797] kthread+0x337/0x6f0 [ 16.807817] ? trace_preempt_on+0x20/0xc0 [ 16.807842] ? __pfx_kthread+0x10/0x10 [ 16.807864] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.807886] ? calculate_sigpending+0x7b/0xa0 [ 16.807911] ? __pfx_kthread+0x10/0x10 [ 16.807933] ret_from_fork+0x116/0x1d0 [ 16.807953] ? __pfx_kthread+0x10/0x10 [ 16.807974] ret_from_fork_asm+0x1a/0x30 [ 16.808007] </TASK> [ 16.808019] [ 16.816874] Allocated by task 282: [ 16.817021] kasan_save_stack+0x45/0x70 [ 16.817365] kasan_save_track+0x18/0x40 [ 16.817583] kasan_save_alloc_info+0x3b/0x50 [ 16.817860] __kasan_kmalloc+0xb7/0xc0 [ 16.818020] __kmalloc_cache_noprof+0x189/0x420 [ 16.818205] kasan_atomics+0x95/0x310 [ 16.818349] kunit_try_run_case+0x1a5/0x480 [ 16.818502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.818685] kthread+0x337/0x6f0 [ 16.818836] ret_from_fork+0x116/0x1d0 [ 16.818976] ret_from_fork_asm+0x1a/0x30 [ 16.819135] [ 16.819214] The buggy address belongs to the object at ffff8881031d0c00 [ 16.819214] which belongs to the cache kmalloc-64 of size 64 [ 16.820485] The buggy address is located 0 bytes to the right of [ 16.820485] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.820901] [ 16.820997] The buggy address belongs to the physical page: [ 16.821258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.821802] flags: 0x200000000000000(node=0|zone=2) [ 16.822011] page_type: f5(slab) [ 16.822200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.822582] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.822959] page dumped because: kasan: bad access detected [ 16.823240] [ 16.823318] Memory state around the buggy address: [ 16.823533] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.823913] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.824268] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.824625] ^ [ 16.824897] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.825272] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.825616] ================================================================== [ 16.094822] ================================================================== [ 16.095708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 16.096318] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.096665] [ 16.097011] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.097073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.097086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.097339] Call Trace: [ 16.097359] <TASK> [ 16.097376] dump_stack_lvl+0x73/0xb0 [ 16.097406] print_report+0xd1/0x650 [ 16.097430] ? __virt_addr_valid+0x1db/0x2d0 [ 16.097452] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.097473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.097499] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.097520] kasan_report+0x141/0x180 [ 16.097548] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.097574] __asan_report_load4_noabort+0x18/0x20 [ 16.097597] kasan_atomics_helper+0x4bbc/0x5450 [ 16.097619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.097641] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.097665] ? kasan_atomics+0x152/0x310 [ 16.097692] kasan_atomics+0x1dc/0x310 [ 16.097735] ? __pfx_kasan_atomics+0x10/0x10 [ 16.097759] ? __pfx_read_tsc+0x10/0x10 [ 16.097797] ? ktime_get_ts64+0x86/0x230 [ 16.097820] kunit_try_run_case+0x1a5/0x480 [ 16.097845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.097865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.097889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.097911] ? __kthread_parkme+0x82/0x180 [ 16.097930] ? preempt_count_sub+0x50/0x80 [ 16.097953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.097976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.097998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.098021] kthread+0x337/0x6f0 [ 16.098039] ? trace_preempt_on+0x20/0xc0 [ 16.098072] ? __pfx_kthread+0x10/0x10 [ 16.098092] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.098113] ? calculate_sigpending+0x7b/0xa0 [ 16.098136] ? __pfx_kthread+0x10/0x10 [ 16.098157] ret_from_fork+0x116/0x1d0 [ 16.098174] ? __pfx_kthread+0x10/0x10 [ 16.098194] ret_from_fork_asm+0x1a/0x30 [ 16.098225] </TASK> [ 16.098237] [ 16.111176] Allocated by task 282: [ 16.111355] kasan_save_stack+0x45/0x70 [ 16.111571] kasan_save_track+0x18/0x40 [ 16.112086] kasan_save_alloc_info+0x3b/0x50 [ 16.112306] __kasan_kmalloc+0xb7/0xc0 [ 16.112579] __kmalloc_cache_noprof+0x189/0x420 [ 16.112990] kasan_atomics+0x95/0x310 [ 16.113385] kunit_try_run_case+0x1a5/0x480 [ 16.113598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.114275] kthread+0x337/0x6f0 [ 16.114468] ret_from_fork+0x116/0x1d0 [ 16.114622] ret_from_fork_asm+0x1a/0x30 [ 16.115113] [ 16.115244] The buggy address belongs to the object at ffff8881031d0c00 [ 16.115244] which belongs to the cache kmalloc-64 of size 64 [ 16.116089] The buggy address is located 0 bytes to the right of [ 16.116089] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.116744] [ 16.117060] The buggy address belongs to the physical page: [ 16.117312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.117698] flags: 0x200000000000000(node=0|zone=2) [ 16.118490] page_type: f5(slab) [ 16.118663] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.119347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.119884] page dumped because: kasan: bad access detected [ 16.120230] [ 16.120348] Memory state around the buggy address: [ 16.120623] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.121177] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.121507] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.122118] ^ [ 16.122602] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.123214] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124070] ================================================================== [ 16.357963] ================================================================== [ 16.358373] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 16.358738] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.359083] [ 16.359240] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.359288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.359302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.359323] Call Trace: [ 16.359340] <TASK> [ 16.359389] dump_stack_lvl+0x73/0xb0 [ 16.359420] print_report+0xd1/0x650 [ 16.359443] ? __virt_addr_valid+0x1db/0x2d0 [ 16.359466] ? kasan_atomics_helper+0x697/0x5450 [ 16.359488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.359515] ? kasan_atomics_helper+0x697/0x5450 [ 16.359571] kasan_report+0x141/0x180 [ 16.359597] ? kasan_atomics_helper+0x697/0x5450 [ 16.359624] kasan_check_range+0x10c/0x1c0 [ 16.359650] __kasan_check_write+0x18/0x20 [ 16.359671] kasan_atomics_helper+0x697/0x5450 [ 16.359694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.359717] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.359744] ? kasan_atomics+0x152/0x310 [ 16.359772] kasan_atomics+0x1dc/0x310 [ 16.359796] ? __pfx_kasan_atomics+0x10/0x10 [ 16.359821] ? __pfx_read_tsc+0x10/0x10 [ 16.359842] ? ktime_get_ts64+0x86/0x230 [ 16.359901] kunit_try_run_case+0x1a5/0x480 [ 16.359926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.359949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.359973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.359997] ? __kthread_parkme+0x82/0x180 [ 16.360018] ? preempt_count_sub+0x50/0x80 [ 16.360080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.360104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.360130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.360153] kthread+0x337/0x6f0 [ 16.360174] ? trace_preempt_on+0x20/0xc0 [ 16.360198] ? __pfx_kthread+0x10/0x10 [ 16.360220] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.360243] ? calculate_sigpending+0x7b/0xa0 [ 16.360267] ? __pfx_kthread+0x10/0x10 [ 16.360290] ret_from_fork+0x116/0x1d0 [ 16.360310] ? __pfx_kthread+0x10/0x10 [ 16.360331] ret_from_fork_asm+0x1a/0x30 [ 16.360363] </TASK> [ 16.360376] [ 16.368555] Allocated by task 282: [ 16.368701] kasan_save_stack+0x45/0x70 [ 16.368946] kasan_save_track+0x18/0x40 [ 16.369162] kasan_save_alloc_info+0x3b/0x50 [ 16.369470] __kasan_kmalloc+0xb7/0xc0 [ 16.369684] __kmalloc_cache_noprof+0x189/0x420 [ 16.369950] kasan_atomics+0x95/0x310 [ 16.370183] kunit_try_run_case+0x1a5/0x480 [ 16.370357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.370601] kthread+0x337/0x6f0 [ 16.370825] ret_from_fork+0x116/0x1d0 [ 16.370962] ret_from_fork_asm+0x1a/0x30 [ 16.371206] [ 16.371310] The buggy address belongs to the object at ffff8881031d0c00 [ 16.371310] which belongs to the cache kmalloc-64 of size 64 [ 16.371914] The buggy address is located 0 bytes to the right of [ 16.371914] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.372496] [ 16.372588] The buggy address belongs to the physical page: [ 16.372857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.373202] flags: 0x200000000000000(node=0|zone=2) [ 16.373381] page_type: f5(slab) [ 16.373597] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.374149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.374488] page dumped because: kasan: bad access detected [ 16.374773] [ 16.374862] Memory state around the buggy address: [ 16.375123] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.375467] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.375822] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.376216] ^ [ 16.376484] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.376811] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.377211] ================================================================== [ 17.525863] ================================================================== [ 17.526114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 17.526345] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.526572] [ 17.526659] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.526705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.526736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.526758] Call Trace: [ 17.526775] <TASK> [ 17.526792] dump_stack_lvl+0x73/0xb0 [ 17.526820] print_report+0xd1/0x650 [ 17.526843] ? __virt_addr_valid+0x1db/0x2d0 [ 17.526866] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.526888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.526915] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.526938] kasan_report+0x141/0x180 [ 17.526961] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.526990] kasan_check_range+0x10c/0x1c0 [ 17.527015] __kasan_check_write+0x18/0x20 [ 17.527036] kasan_atomics_helper+0x1e12/0x5450 [ 17.527074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.527098] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.527178] ? kasan_atomics+0x152/0x310 [ 17.527214] kasan_atomics+0x1dc/0x310 [ 17.527249] ? __pfx_kasan_atomics+0x10/0x10 [ 17.527276] ? __pfx_read_tsc+0x10/0x10 [ 17.527297] ? ktime_get_ts64+0x86/0x230 [ 17.527323] kunit_try_run_case+0x1a5/0x480 [ 17.527349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.527373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.527398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.527422] ? __kthread_parkme+0x82/0x180 [ 17.527443] ? preempt_count_sub+0x50/0x80 [ 17.527469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.527493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.527517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.527541] kthread+0x337/0x6f0 [ 17.527561] ? trace_preempt_on+0x20/0xc0 [ 17.527585] ? __pfx_kthread+0x10/0x10 [ 17.527607] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.527628] ? calculate_sigpending+0x7b/0xa0 [ 17.527653] ? __pfx_kthread+0x10/0x10 [ 17.527676] ret_from_fork+0x116/0x1d0 [ 17.527695] ? __pfx_kthread+0x10/0x10 [ 17.527724] ret_from_fork_asm+0x1a/0x30 [ 17.527757] </TASK> [ 17.527769] [ 17.538696] Allocated by task 282: [ 17.539152] kasan_save_stack+0x45/0x70 [ 17.539537] kasan_save_track+0x18/0x40 [ 17.539966] kasan_save_alloc_info+0x3b/0x50 [ 17.540388] __kasan_kmalloc+0xb7/0xc0 [ 17.540808] __kmalloc_cache_noprof+0x189/0x420 [ 17.541254] kasan_atomics+0x95/0x310 [ 17.541619] kunit_try_run_case+0x1a5/0x480 [ 17.541946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.542379] kthread+0x337/0x6f0 [ 17.542516] ret_from_fork+0x116/0x1d0 [ 17.542660] ret_from_fork_asm+0x1a/0x30 [ 17.543072] [ 17.543267] The buggy address belongs to the object at ffff8881031d0c00 [ 17.543267] which belongs to the cache kmalloc-64 of size 64 [ 17.544421] The buggy address is located 0 bytes to the right of [ 17.544421] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.545027] [ 17.545121] The buggy address belongs to the physical page: [ 17.545312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.545585] flags: 0x200000000000000(node=0|zone=2) [ 17.545916] page_type: f5(slab) [ 17.546318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.547070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.547794] page dumped because: kasan: bad access detected [ 17.548326] [ 17.548512] Memory state around the buggy address: [ 17.548996] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.549701] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.550406] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.550944] ^ [ 17.551193] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.551430] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.551661] ================================================================== [ 17.736946] ================================================================== [ 17.737280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 17.737627] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.737981] [ 17.738110] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.738155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.738168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.738191] Call Trace: [ 17.738228] <TASK> [ 17.738244] dump_stack_lvl+0x73/0xb0 [ 17.738272] print_report+0xd1/0x650 [ 17.738294] ? __virt_addr_valid+0x1db/0x2d0 [ 17.738318] ? kasan_atomics_helper+0x218a/0x5450 [ 17.738339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.738366] ? kasan_atomics_helper+0x218a/0x5450 [ 17.738389] kasan_report+0x141/0x180 [ 17.738411] ? kasan_atomics_helper+0x218a/0x5450 [ 17.738439] kasan_check_range+0x10c/0x1c0 [ 17.738464] __kasan_check_write+0x18/0x20 [ 17.738485] kasan_atomics_helper+0x218a/0x5450 [ 17.738509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.738532] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.738558] ? kasan_atomics+0x152/0x310 [ 17.738586] kasan_atomics+0x1dc/0x310 [ 17.738610] ? __pfx_kasan_atomics+0x10/0x10 [ 17.738636] ? __pfx_read_tsc+0x10/0x10 [ 17.738657] ? ktime_get_ts64+0x86/0x230 [ 17.738683] kunit_try_run_case+0x1a5/0x480 [ 17.738707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.738744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.738790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.738814] ? __kthread_parkme+0x82/0x180 [ 17.738836] ? preempt_count_sub+0x50/0x80 [ 17.738860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.738886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.738909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.738934] kthread+0x337/0x6f0 [ 17.738955] ? trace_preempt_on+0x20/0xc0 [ 17.738979] ? __pfx_kthread+0x10/0x10 [ 17.739001] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.739024] ? calculate_sigpending+0x7b/0xa0 [ 17.739061] ? __pfx_kthread+0x10/0x10 [ 17.739084] ret_from_fork+0x116/0x1d0 [ 17.739104] ? __pfx_kthread+0x10/0x10 [ 17.739126] ret_from_fork_asm+0x1a/0x30 [ 17.739158] </TASK> [ 17.739171] [ 17.747303] Allocated by task 282: [ 17.747443] kasan_save_stack+0x45/0x70 [ 17.747593] kasan_save_track+0x18/0x40 [ 17.748110] kasan_save_alloc_info+0x3b/0x50 [ 17.748536] __kasan_kmalloc+0xb7/0xc0 [ 17.749578] __kmalloc_cache_noprof+0x189/0x420 [ 17.750246] kasan_atomics+0x95/0x310 [ 17.750843] kunit_try_run_case+0x1a5/0x480 [ 17.751408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.751614] kthread+0x337/0x6f0 [ 17.751980] ret_from_fork+0x116/0x1d0 [ 17.752483] ret_from_fork_asm+0x1a/0x30 [ 17.753126] [ 17.753317] The buggy address belongs to the object at ffff8881031d0c00 [ 17.753317] which belongs to the cache kmalloc-64 of size 64 [ 17.754282] The buggy address is located 0 bytes to the right of [ 17.754282] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.754695] [ 17.755101] The buggy address belongs to the physical page: [ 17.755931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.756313] flags: 0x200000000000000(node=0|zone=2) [ 17.756500] page_type: f5(slab) [ 17.756631] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.756891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.757734] page dumped because: kasan: bad access detected [ 17.758372] [ 17.758650] Memory state around the buggy address: [ 17.759240] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.760084] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.760858] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.761487] ^ [ 17.761671] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.762495] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.763175] ================================================================== [ 16.500259] ================================================================== [ 16.500935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 16.501629] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.502381] [ 16.502600] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.502646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.502659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.502708] Call Trace: [ 16.502742] <TASK> [ 16.502759] dump_stack_lvl+0x73/0xb0 [ 16.502801] print_report+0xd1/0x650 [ 16.502824] ? __virt_addr_valid+0x1db/0x2d0 [ 16.502848] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.502881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.502908] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.502930] kasan_report+0x141/0x180 [ 16.502953] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.502981] kasan_check_range+0x10c/0x1c0 [ 16.503006] __kasan_check_write+0x18/0x20 [ 16.503026] kasan_atomics_helper+0xa2b/0x5450 [ 16.503058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.503081] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.503106] ? kasan_atomics+0x152/0x310 [ 16.503133] kasan_atomics+0x1dc/0x310 [ 16.503157] ? __pfx_kasan_atomics+0x10/0x10 [ 16.503182] ? __pfx_read_tsc+0x10/0x10 [ 16.503203] ? ktime_get_ts64+0x86/0x230 [ 16.503229] kunit_try_run_case+0x1a5/0x480 [ 16.503253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.503276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.503299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.503323] ? __kthread_parkme+0x82/0x180 [ 16.503343] ? preempt_count_sub+0x50/0x80 [ 16.503368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.503393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.503416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.503440] kthread+0x337/0x6f0 [ 16.503460] ? trace_preempt_on+0x20/0xc0 [ 16.503485] ? __pfx_kthread+0x10/0x10 [ 16.503506] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.503528] ? calculate_sigpending+0x7b/0xa0 [ 16.503552] ? __pfx_kthread+0x10/0x10 [ 16.503574] ret_from_fork+0x116/0x1d0 [ 16.503594] ? __pfx_kthread+0x10/0x10 [ 16.503615] ret_from_fork_asm+0x1a/0x30 [ 16.503647] </TASK> [ 16.503659] [ 16.516807] Allocated by task 282: [ 16.517076] kasan_save_stack+0x45/0x70 [ 16.517433] kasan_save_track+0x18/0x40 [ 16.517579] kasan_save_alloc_info+0x3b/0x50 [ 16.517785] __kasan_kmalloc+0xb7/0xc0 [ 16.518211] __kmalloc_cache_noprof+0x189/0x420 [ 16.518656] kasan_atomics+0x95/0x310 [ 16.519067] kunit_try_run_case+0x1a5/0x480 [ 16.519370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519552] kthread+0x337/0x6f0 [ 16.519677] ret_from_fork+0x116/0x1d0 [ 16.520100] ret_from_fork_asm+0x1a/0x30 [ 16.520499] [ 16.520658] The buggy address belongs to the object at ffff8881031d0c00 [ 16.520658] which belongs to the cache kmalloc-64 of size 64 [ 16.521650] The buggy address is located 0 bytes to the right of [ 16.521650] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.522625] [ 16.522709] The buggy address belongs to the physical page: [ 16.523302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.523675] flags: 0x200000000000000(node=0|zone=2) [ 16.524187] page_type: f5(slab) [ 16.524529] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.525086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.525332] page dumped because: kasan: bad access detected [ 16.525516] [ 16.525596] Memory state around the buggy address: [ 16.525894] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.526568] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.527261] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.527946] ^ [ 16.528438] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529073] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529512] ================================================================== [ 17.123259] ================================================================== [ 17.123605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 17.124458] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.125304] [ 17.125526] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.125573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.125587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.125609] Call Trace: [ 17.125624] <TASK> [ 17.125660] dump_stack_lvl+0x73/0xb0 [ 17.125690] print_report+0xd1/0x650 [ 17.125734] ? __virt_addr_valid+0x1db/0x2d0 [ 17.125757] ? kasan_atomics_helper+0x151d/0x5450 [ 17.125779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.125806] ? kasan_atomics_helper+0x151d/0x5450 [ 17.125828] kasan_report+0x141/0x180 [ 17.125851] ? kasan_atomics_helper+0x151d/0x5450 [ 17.125879] kasan_check_range+0x10c/0x1c0 [ 17.125904] __kasan_check_write+0x18/0x20 [ 17.125923] kasan_atomics_helper+0x151d/0x5450 [ 17.125946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.125969] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.125995] ? kasan_atomics+0x152/0x310 [ 17.126022] kasan_atomics+0x1dc/0x310 [ 17.126056] ? __pfx_kasan_atomics+0x10/0x10 [ 17.126081] ? __pfx_read_tsc+0x10/0x10 [ 17.126103] ? ktime_get_ts64+0x86/0x230 [ 17.126129] kunit_try_run_case+0x1a5/0x480 [ 17.126154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.126177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.126201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.126226] ? __kthread_parkme+0x82/0x180 [ 17.126246] ? preempt_count_sub+0x50/0x80 [ 17.126271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.126296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.126320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.126344] kthread+0x337/0x6f0 [ 17.126364] ? trace_preempt_on+0x20/0xc0 [ 17.126388] ? __pfx_kthread+0x10/0x10 [ 17.126410] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.126432] ? calculate_sigpending+0x7b/0xa0 [ 17.126459] ? __pfx_kthread+0x10/0x10 [ 17.126481] ret_from_fork+0x116/0x1d0 [ 17.126500] ? __pfx_kthread+0x10/0x10 [ 17.126521] ret_from_fork_asm+0x1a/0x30 [ 17.126555] </TASK> [ 17.126567] [ 17.138679] Allocated by task 282: [ 17.139069] kasan_save_stack+0x45/0x70 [ 17.139475] kasan_save_track+0x18/0x40 [ 17.139887] kasan_save_alloc_info+0x3b/0x50 [ 17.140319] __kasan_kmalloc+0xb7/0xc0 [ 17.140697] __kmalloc_cache_noprof+0x189/0x420 [ 17.141182] kasan_atomics+0x95/0x310 [ 17.141564] kunit_try_run_case+0x1a5/0x480 [ 17.142010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.142464] kthread+0x337/0x6f0 [ 17.142599] ret_from_fork+0x116/0x1d0 [ 17.142820] ret_from_fork_asm+0x1a/0x30 [ 17.143236] [ 17.143440] The buggy address belongs to the object at ffff8881031d0c00 [ 17.143440] which belongs to the cache kmalloc-64 of size 64 [ 17.144451] The buggy address is located 0 bytes to the right of [ 17.144451] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.145204] [ 17.145379] The buggy address belongs to the physical page: [ 17.145942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.146548] flags: 0x200000000000000(node=0|zone=2) [ 17.146780] page_type: f5(slab) [ 17.147123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.147856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.148230] page dumped because: kasan: bad access detected [ 17.148418] [ 17.148496] Memory state around the buggy address: [ 17.148671] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.149372] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.150080] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.150767] ^ [ 17.151238] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.151935] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.152272] ================================================================== [ 16.191810] ================================================================== [ 16.192620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 16.193489] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.194402] [ 16.194601] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.194677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.194691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.194713] Call Trace: [ 16.194727] <TASK> [ 16.194746] dump_stack_lvl+0x73/0xb0 [ 16.194775] print_report+0xd1/0x650 [ 16.194799] ? __virt_addr_valid+0x1db/0x2d0 [ 16.194821] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.194844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.194872] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.194894] kasan_report+0x141/0x180 [ 16.194918] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.194946] __asan_report_store4_noabort+0x1b/0x30 [ 16.194972] kasan_atomics_helper+0x4b6e/0x5450 [ 16.194997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.195020] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.195046] ? kasan_atomics+0x152/0x310 [ 16.195090] kasan_atomics+0x1dc/0x310 [ 16.195113] ? __pfx_kasan_atomics+0x10/0x10 [ 16.195139] ? __pfx_read_tsc+0x10/0x10 [ 16.195187] ? ktime_get_ts64+0x86/0x230 [ 16.195212] kunit_try_run_case+0x1a5/0x480 [ 16.195238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.195262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.195287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.195312] ? __kthread_parkme+0x82/0x180 [ 16.195335] ? preempt_count_sub+0x50/0x80 [ 16.195361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.195386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.195410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.195435] kthread+0x337/0x6f0 [ 16.195456] ? trace_preempt_on+0x20/0xc0 [ 16.195481] ? __pfx_kthread+0x10/0x10 [ 16.195503] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.195525] ? calculate_sigpending+0x7b/0xa0 [ 16.195551] ? __pfx_kthread+0x10/0x10 [ 16.195574] ret_from_fork+0x116/0x1d0 [ 16.195593] ? __pfx_kthread+0x10/0x10 [ 16.195615] ret_from_fork_asm+0x1a/0x30 [ 16.195649] </TASK> [ 16.195662] [ 16.203619] Allocated by task 282: [ 16.203915] kasan_save_stack+0x45/0x70 [ 16.204149] kasan_save_track+0x18/0x40 [ 16.204369] kasan_save_alloc_info+0x3b/0x50 [ 16.204561] __kasan_kmalloc+0xb7/0xc0 [ 16.204754] __kmalloc_cache_noprof+0x189/0x420 [ 16.205093] kasan_atomics+0x95/0x310 [ 16.205294] kunit_try_run_case+0x1a5/0x480 [ 16.205562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.205827] kthread+0x337/0x6f0 [ 16.206000] ret_from_fork+0x116/0x1d0 [ 16.206213] ret_from_fork_asm+0x1a/0x30 [ 16.206413] [ 16.206492] The buggy address belongs to the object at ffff8881031d0c00 [ 16.206492] which belongs to the cache kmalloc-64 of size 64 [ 16.207067] The buggy address is located 0 bytes to the right of [ 16.207067] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.207716] [ 16.207796] The buggy address belongs to the physical page: [ 16.207972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.208469] flags: 0x200000000000000(node=0|zone=2) [ 16.208727] page_type: f5(slab) [ 16.209023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.209419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.209713] page dumped because: kasan: bad access detected [ 16.209942] [ 16.210044] Memory state around the buggy address: [ 16.210297] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.210619] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.211125] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.211475] ^ [ 16.211703] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.212097] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.212424] ================================================================== [ 17.014102] ================================================================== [ 17.014949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 17.015690] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.016431] [ 17.016565] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.016609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.016623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.016645] Call Trace: [ 17.016674] <TASK> [ 17.016692] dump_stack_lvl+0x73/0xb0 [ 17.016720] print_report+0xd1/0x650 [ 17.016764] ? __virt_addr_valid+0x1db/0x2d0 [ 17.016788] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.016810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.016837] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.016860] kasan_report+0x141/0x180 [ 17.016883] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.016920] kasan_check_range+0x10c/0x1c0 [ 17.016945] __kasan_check_read+0x15/0x20 [ 17.016966] kasan_atomics_helper+0x13b5/0x5450 [ 17.017004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.017031] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.017065] ? kasan_atomics+0x152/0x310 [ 17.017093] kasan_atomics+0x1dc/0x310 [ 17.017118] ? __pfx_kasan_atomics+0x10/0x10 [ 17.017143] ? __pfx_read_tsc+0x10/0x10 [ 17.017166] ? ktime_get_ts64+0x86/0x230 [ 17.017192] kunit_try_run_case+0x1a5/0x480 [ 17.017218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.017241] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.017265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.017290] ? __kthread_parkme+0x82/0x180 [ 17.017311] ? preempt_count_sub+0x50/0x80 [ 17.017336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.017361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.017384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.017408] kthread+0x337/0x6f0 [ 17.017429] ? trace_preempt_on+0x20/0xc0 [ 17.017453] ? __pfx_kthread+0x10/0x10 [ 17.017475] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.017496] ? calculate_sigpending+0x7b/0xa0 [ 17.017520] ? __pfx_kthread+0x10/0x10 [ 17.017546] ret_from_fork+0x116/0x1d0 [ 17.017566] ? __pfx_kthread+0x10/0x10 [ 17.017587] ret_from_fork_asm+0x1a/0x30 [ 17.017619] </TASK> [ 17.017632] [ 17.029738] Allocated by task 282: [ 17.030131] kasan_save_stack+0x45/0x70 [ 17.030532] kasan_save_track+0x18/0x40 [ 17.030953] kasan_save_alloc_info+0x3b/0x50 [ 17.031394] __kasan_kmalloc+0xb7/0xc0 [ 17.031785] __kmalloc_cache_noprof+0x189/0x420 [ 17.032244] kasan_atomics+0x95/0x310 [ 17.032630] kunit_try_run_case+0x1a5/0x480 [ 17.033170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.033632] kthread+0x337/0x6f0 [ 17.033798] ret_from_fork+0x116/0x1d0 [ 17.034122] ret_from_fork_asm+0x1a/0x30 [ 17.034449] [ 17.034529] The buggy address belongs to the object at ffff8881031d0c00 [ 17.034529] which belongs to the cache kmalloc-64 of size 64 [ 17.035145] The buggy address is located 0 bytes to the right of [ 17.035145] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.035762] [ 17.035962] The buggy address belongs to the physical page: [ 17.036508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.037320] flags: 0x200000000000000(node=0|zone=2) [ 17.037616] page_type: f5(slab) [ 17.037999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.038482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.038742] page dumped because: kasan: bad access detected [ 17.039278] [ 17.039446] Memory state around the buggy address: [ 17.039957] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.040631] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.041043] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.041290] ^ [ 17.041463] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041706] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042371] ================================================================== [ 16.276484] ================================================================== [ 16.277561] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 16.278097] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.278618] [ 16.278737] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.278784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.278799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.278822] Call Trace: [ 16.278840] <TASK> [ 16.278858] dump_stack_lvl+0x73/0xb0 [ 16.278888] print_report+0xd1/0x650 [ 16.278912] ? __virt_addr_valid+0x1db/0x2d0 [ 16.278936] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.278959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.278986] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.279011] kasan_report+0x141/0x180 [ 16.279035] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.279076] __asan_report_store4_noabort+0x1b/0x30 [ 16.279102] kasan_atomics_helper+0x4b3a/0x5450 [ 16.279127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.279151] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.279177] ? kasan_atomics+0x152/0x310 [ 16.279206] kasan_atomics+0x1dc/0x310 [ 16.279232] ? __pfx_kasan_atomics+0x10/0x10 [ 16.279258] ? __pfx_read_tsc+0x10/0x10 [ 16.279281] ? ktime_get_ts64+0x86/0x230 [ 16.279307] kunit_try_run_case+0x1a5/0x480 [ 16.279333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.279356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.279381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.279406] ? __kthread_parkme+0x82/0x180 [ 16.279428] ? preempt_count_sub+0x50/0x80 [ 16.279454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.279479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.279503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.279528] kthread+0x337/0x6f0 [ 16.279549] ? trace_preempt_on+0x20/0xc0 [ 16.279574] ? __pfx_kthread+0x10/0x10 [ 16.279596] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.279618] ? calculate_sigpending+0x7b/0xa0 [ 16.279644] ? __pfx_kthread+0x10/0x10 [ 16.279668] ret_from_fork+0x116/0x1d0 [ 16.279687] ? __pfx_kthread+0x10/0x10 [ 16.279710] ret_from_fork_asm+0x1a/0x30 [ 16.279743] </TASK> [ 16.279756] [ 16.291417] Allocated by task 282: [ 16.291605] kasan_save_stack+0x45/0x70 [ 16.292097] kasan_save_track+0x18/0x40 [ 16.292754] kasan_save_alloc_info+0x3b/0x50 [ 16.292932] __kasan_kmalloc+0xb7/0xc0 [ 16.293118] __kmalloc_cache_noprof+0x189/0x420 [ 16.293502] kasan_atomics+0x95/0x310 [ 16.293658] kunit_try_run_case+0x1a5/0x480 [ 16.294029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.294574] kthread+0x337/0x6f0 [ 16.294955] ret_from_fork+0x116/0x1d0 [ 16.295201] ret_from_fork_asm+0x1a/0x30 [ 16.295354] [ 16.295435] The buggy address belongs to the object at ffff8881031d0c00 [ 16.295435] which belongs to the cache kmalloc-64 of size 64 [ 16.295820] The buggy address is located 0 bytes to the right of [ 16.295820] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.296224] [ 16.296303] The buggy address belongs to the physical page: [ 16.296488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.296743] flags: 0x200000000000000(node=0|zone=2) [ 16.296917] page_type: f5(slab) [ 16.297046] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.297725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.298377] page dumped because: kasan: bad access detected [ 16.298918] [ 16.299585] Memory state around the buggy address: [ 16.300639] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.301865] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.302825] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.303545] ^ [ 16.303729] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.303951] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304219] ================================================================== [ 17.270258] ================================================================== [ 17.270549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 17.271267] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.272072] [ 17.272252] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.272298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.272312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.272335] Call Trace: [ 17.272352] <TASK> [ 17.272371] dump_stack_lvl+0x73/0xb0 [ 17.272400] print_report+0xd1/0x650 [ 17.272436] ? __virt_addr_valid+0x1db/0x2d0 [ 17.272460] ? kasan_atomics_helper+0x1818/0x5450 [ 17.272482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.272508] ? kasan_atomics_helper+0x1818/0x5450 [ 17.272531] kasan_report+0x141/0x180 [ 17.272554] ? kasan_atomics_helper+0x1818/0x5450 [ 17.272583] kasan_check_range+0x10c/0x1c0 [ 17.272607] __kasan_check_write+0x18/0x20 [ 17.272627] kasan_atomics_helper+0x1818/0x5450 [ 17.272651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.272674] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.272700] ? kasan_atomics+0x152/0x310 [ 17.272728] kasan_atomics+0x1dc/0x310 [ 17.272763] ? __pfx_kasan_atomics+0x10/0x10 [ 17.272788] ? __pfx_read_tsc+0x10/0x10 [ 17.272810] ? ktime_get_ts64+0x86/0x230 [ 17.272836] kunit_try_run_case+0x1a5/0x480 [ 17.272860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.272882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.272907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.272930] ? __kthread_parkme+0x82/0x180 [ 17.272952] ? preempt_count_sub+0x50/0x80 [ 17.272976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.273000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.273023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.273057] kthread+0x337/0x6f0 [ 17.273078] ? trace_preempt_on+0x20/0xc0 [ 17.273100] ? __pfx_kthread+0x10/0x10 [ 17.273122] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.273143] ? calculate_sigpending+0x7b/0xa0 [ 17.273167] ? __pfx_kthread+0x10/0x10 [ 17.273191] ret_from_fork+0x116/0x1d0 [ 17.273209] ? __pfx_kthread+0x10/0x10 [ 17.273230] ret_from_fork_asm+0x1a/0x30 [ 17.273262] </TASK> [ 17.273276] [ 17.281223] Allocated by task 282: [ 17.281416] kasan_save_stack+0x45/0x70 [ 17.281634] kasan_save_track+0x18/0x40 [ 17.281854] kasan_save_alloc_info+0x3b/0x50 [ 17.282098] __kasan_kmalloc+0xb7/0xc0 [ 17.282295] __kmalloc_cache_noprof+0x189/0x420 [ 17.282478] kasan_atomics+0x95/0x310 [ 17.282622] kunit_try_run_case+0x1a5/0x480 [ 17.282790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.283090] kthread+0x337/0x6f0 [ 17.283268] ret_from_fork+0x116/0x1d0 [ 17.283521] ret_from_fork_asm+0x1a/0x30 [ 17.283714] [ 17.283820] The buggy address belongs to the object at ffff8881031d0c00 [ 17.283820] which belongs to the cache kmalloc-64 of size 64 [ 17.284362] The buggy address is located 0 bytes to the right of [ 17.284362] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.284912] [ 17.285019] The buggy address belongs to the physical page: [ 17.285306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.285638] flags: 0x200000000000000(node=0|zone=2) [ 17.285884] page_type: f5(slab) [ 17.286060] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.286403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.286657] page dumped because: kasan: bad access detected [ 17.286903] [ 17.287010] Memory state around the buggy address: [ 17.287276] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.287615] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.288111] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.288404] ^ [ 17.288592] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288982] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.289308] ================================================================== [ 16.863310] ================================================================== [ 16.863565] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 16.863980] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.864662] [ 16.864857] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.864903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.864917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.864940] Call Trace: [ 16.864959] <TASK> [ 16.864977] dump_stack_lvl+0x73/0xb0 [ 16.865015] print_report+0xd1/0x650 [ 16.865039] ? __virt_addr_valid+0x1db/0x2d0 [ 16.865080] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.865103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.865130] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.865152] kasan_report+0x141/0x180 [ 16.865176] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.865204] __asan_report_load4_noabort+0x18/0x20 [ 16.865228] kasan_atomics_helper+0x4a02/0x5450 [ 16.865252] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.865275] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.865300] ? kasan_atomics+0x152/0x310 [ 16.865328] kasan_atomics+0x1dc/0x310 [ 16.865364] ? __pfx_kasan_atomics+0x10/0x10 [ 16.865390] ? __pfx_read_tsc+0x10/0x10 [ 16.865412] ? ktime_get_ts64+0x86/0x230 [ 16.865437] kunit_try_run_case+0x1a5/0x480 [ 16.865462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.865486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.865510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.865540] ? __kthread_parkme+0x82/0x180 [ 16.865561] ? preempt_count_sub+0x50/0x80 [ 16.865586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.865610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.865633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.865657] kthread+0x337/0x6f0 [ 16.865677] ? trace_preempt_on+0x20/0xc0 [ 16.865702] ? __pfx_kthread+0x10/0x10 [ 16.865724] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.865745] ? calculate_sigpending+0x7b/0xa0 [ 16.865770] ? __pfx_kthread+0x10/0x10 [ 16.865792] ret_from_fork+0x116/0x1d0 [ 16.865811] ? __pfx_kthread+0x10/0x10 [ 16.865832] ret_from_fork_asm+0x1a/0x30 [ 16.865864] </TASK> [ 16.865877] [ 16.880194] Allocated by task 282: [ 16.880547] kasan_save_stack+0x45/0x70 [ 16.880971] kasan_save_track+0x18/0x40 [ 16.881248] kasan_save_alloc_info+0x3b/0x50 [ 16.881590] __kasan_kmalloc+0xb7/0xc0 [ 16.881741] __kmalloc_cache_noprof+0x189/0x420 [ 16.882198] kasan_atomics+0x95/0x310 [ 16.882572] kunit_try_run_case+0x1a5/0x480 [ 16.883072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.883261] kthread+0x337/0x6f0 [ 16.883392] ret_from_fork+0x116/0x1d0 [ 16.883533] ret_from_fork_asm+0x1a/0x30 [ 16.883683] [ 16.883820] The buggy address belongs to the object at ffff8881031d0c00 [ 16.883820] which belongs to the cache kmalloc-64 of size 64 [ 16.884965] The buggy address is located 0 bytes to the right of [ 16.884965] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.886221] [ 16.886401] The buggy address belongs to the physical page: [ 16.887010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.887889] flags: 0x200000000000000(node=0|zone=2) [ 16.888289] page_type: f5(slab) [ 16.888422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.888672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.889338] page dumped because: kasan: bad access detected [ 16.889921] [ 16.890127] Memory state around the buggy address: [ 16.890588] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.891325] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.892057] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.892291] ^ [ 16.892461] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892692] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.893003] ================================================================== [ 16.377640] ================================================================== [ 16.377890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 16.378334] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.378634] [ 16.378724] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.378770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.378783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.378806] Call Trace: [ 16.378821] <TASK> [ 16.378838] dump_stack_lvl+0x73/0xb0 [ 16.378866] print_report+0xd1/0x650 [ 16.378890] ? __virt_addr_valid+0x1db/0x2d0 [ 16.378913] ? kasan_atomics_helper+0x72f/0x5450 [ 16.378936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.378963] ? kasan_atomics_helper+0x72f/0x5450 [ 16.378986] kasan_report+0x141/0x180 [ 16.379010] ? kasan_atomics_helper+0x72f/0x5450 [ 16.379040] kasan_check_range+0x10c/0x1c0 [ 16.379077] __kasan_check_write+0x18/0x20 [ 16.379098] kasan_atomics_helper+0x72f/0x5450 [ 16.379122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.379147] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.379174] ? kasan_atomics+0x152/0x310 [ 16.379202] kasan_atomics+0x1dc/0x310 [ 16.379227] ? __pfx_kasan_atomics+0x10/0x10 [ 16.379269] ? __pfx_read_tsc+0x10/0x10 [ 16.379333] ? ktime_get_ts64+0x86/0x230 [ 16.379387] kunit_try_run_case+0x1a5/0x480 [ 16.379414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.379511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.379536] ? __kthread_parkme+0x82/0x180 [ 16.379608] ? preempt_count_sub+0x50/0x80 [ 16.379659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.379736] kthread+0x337/0x6f0 [ 16.379756] ? trace_preempt_on+0x20/0xc0 [ 16.379782] ? __pfx_kthread+0x10/0x10 [ 16.379805] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.379828] ? calculate_sigpending+0x7b/0xa0 [ 16.379853] ? __pfx_kthread+0x10/0x10 [ 16.379877] ret_from_fork+0x116/0x1d0 [ 16.379897] ? __pfx_kthread+0x10/0x10 [ 16.379919] ret_from_fork_asm+0x1a/0x30 [ 16.379954] </TASK> [ 16.379968] [ 16.388755] Allocated by task 282: [ 16.388898] kasan_save_stack+0x45/0x70 [ 16.389135] kasan_save_track+0x18/0x40 [ 16.389378] kasan_save_alloc_info+0x3b/0x50 [ 16.389642] __kasan_kmalloc+0xb7/0xc0 [ 16.389845] __kmalloc_cache_noprof+0x189/0x420 [ 16.390362] kasan_atomics+0x95/0x310 [ 16.390664] kunit_try_run_case+0x1a5/0x480 [ 16.391103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.391410] kthread+0x337/0x6f0 [ 16.391614] ret_from_fork+0x116/0x1d0 [ 16.391836] ret_from_fork_asm+0x1a/0x30 [ 16.392106] [ 16.392209] The buggy address belongs to the object at ffff8881031d0c00 [ 16.392209] which belongs to the cache kmalloc-64 of size 64 [ 16.392666] The buggy address is located 0 bytes to the right of [ 16.392666] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.393202] [ 16.393306] The buggy address belongs to the physical page: [ 16.393631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.393932] flags: 0x200000000000000(node=0|zone=2) [ 16.394117] page_type: f5(slab) [ 16.394251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.394598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.395151] page dumped because: kasan: bad access detected [ 16.395492] [ 16.395593] Memory state around the buggy address: [ 16.395997] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.396349] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.396721] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.397038] ^ [ 16.397213] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.397556] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.397947] ================================================================== [ 17.152975] ================================================================== [ 17.153661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 17.154373] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.155114] [ 17.155319] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.155366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.155380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.155402] Call Trace: [ 17.155418] <TASK> [ 17.155435] dump_stack_lvl+0x73/0xb0 [ 17.155462] print_report+0xd1/0x650 [ 17.155486] ? __virt_addr_valid+0x1db/0x2d0 [ 17.155510] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.155531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.155558] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.155580] kasan_report+0x141/0x180 [ 17.155623] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.155651] kasan_check_range+0x10c/0x1c0 [ 17.155675] __kasan_check_write+0x18/0x20 [ 17.155696] kasan_atomics_helper+0x15b6/0x5450 [ 17.155741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.155764] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.155791] ? kasan_atomics+0x152/0x310 [ 17.155819] kasan_atomics+0x1dc/0x310 [ 17.155843] ? __pfx_kasan_atomics+0x10/0x10 [ 17.155868] ? __pfx_read_tsc+0x10/0x10 [ 17.155890] ? ktime_get_ts64+0x86/0x230 [ 17.155916] kunit_try_run_case+0x1a5/0x480 [ 17.155942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.155964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.155988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.156013] ? __kthread_parkme+0x82/0x180 [ 17.156034] ? preempt_count_sub+0x50/0x80 [ 17.156069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.156095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.156120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.156144] kthread+0x337/0x6f0 [ 17.156165] ? trace_preempt_on+0x20/0xc0 [ 17.156190] ? __pfx_kthread+0x10/0x10 [ 17.156212] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.156234] ? calculate_sigpending+0x7b/0xa0 [ 17.156258] ? __pfx_kthread+0x10/0x10 [ 17.156282] ret_from_fork+0x116/0x1d0 [ 17.156302] ? __pfx_kthread+0x10/0x10 [ 17.156325] ret_from_fork_asm+0x1a/0x30 [ 17.156357] </TASK> [ 17.156371] [ 17.168701] Allocated by task 282: [ 17.169055] kasan_save_stack+0x45/0x70 [ 17.169423] kasan_save_track+0x18/0x40 [ 17.169808] kasan_save_alloc_info+0x3b/0x50 [ 17.170213] __kasan_kmalloc+0xb7/0xc0 [ 17.170554] __kmalloc_cache_noprof+0x189/0x420 [ 17.170738] kasan_atomics+0x95/0x310 [ 17.171104] kunit_try_run_case+0x1a5/0x480 [ 17.171487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.171784] kthread+0x337/0x6f0 [ 17.171913] ret_from_fork+0x116/0x1d0 [ 17.172058] ret_from_fork_asm+0x1a/0x30 [ 17.172421] [ 17.172585] The buggy address belongs to the object at ffff8881031d0c00 [ 17.172585] which belongs to the cache kmalloc-64 of size 64 [ 17.173649] The buggy address is located 0 bytes to the right of [ 17.173649] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.174330] [ 17.174407] The buggy address belongs to the physical page: [ 17.174588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.175008] flags: 0x200000000000000(node=0|zone=2) [ 17.175452] page_type: f5(slab) [ 17.175773] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.176724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.177508] page dumped because: kasan: bad access detected [ 17.178011] [ 17.178184] Memory state around the buggy address: [ 17.178619] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.178909] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.179148] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.179374] ^ [ 17.179541] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.179786] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180063] ================================================================== [ 17.043404] ================================================================== [ 17.044118] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 17.044852] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.045587] [ 17.045817] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.045865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.045879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.045902] Call Trace: [ 17.045918] <TASK> [ 17.045934] dump_stack_lvl+0x73/0xb0 [ 17.045962] print_report+0xd1/0x650 [ 17.045986] ? __virt_addr_valid+0x1db/0x2d0 [ 17.046010] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.046032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.046072] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.046096] kasan_report+0x141/0x180 [ 17.046120] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.046149] __asan_report_load8_noabort+0x18/0x20 [ 17.046175] kasan_atomics_helper+0x4eae/0x5450 [ 17.046200] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.046225] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.046252] ? kasan_atomics+0x152/0x310 [ 17.046282] kasan_atomics+0x1dc/0x310 [ 17.046307] ? __pfx_kasan_atomics+0x10/0x10 [ 17.046334] ? __pfx_read_tsc+0x10/0x10 [ 17.046357] ? ktime_get_ts64+0x86/0x230 [ 17.046384] kunit_try_run_case+0x1a5/0x480 [ 17.046409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.046432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.046456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.046482] ? __kthread_parkme+0x82/0x180 [ 17.046503] ? preempt_count_sub+0x50/0x80 [ 17.046529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.046554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.046579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.046604] kthread+0x337/0x6f0 [ 17.046625] ? trace_preempt_on+0x20/0xc0 [ 17.046650] ? __pfx_kthread+0x10/0x10 [ 17.046673] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.046696] ? calculate_sigpending+0x7b/0xa0 [ 17.046721] ? __pfx_kthread+0x10/0x10 [ 17.046757] ret_from_fork+0x116/0x1d0 [ 17.046778] ? __pfx_kthread+0x10/0x10 [ 17.046799] ret_from_fork_asm+0x1a/0x30 [ 17.046846] </TASK> [ 17.046858] [ 17.059747] Allocated by task 282: [ 17.060067] kasan_save_stack+0x45/0x70 [ 17.060277] kasan_save_track+0x18/0x40 [ 17.060432] kasan_save_alloc_info+0x3b/0x50 [ 17.060650] __kasan_kmalloc+0xb7/0xc0 [ 17.060842] __kmalloc_cache_noprof+0x189/0x420 [ 17.061072] kasan_atomics+0x95/0x310 [ 17.061215] kunit_try_run_case+0x1a5/0x480 [ 17.061431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.061724] kthread+0x337/0x6f0 [ 17.061925] ret_from_fork+0x116/0x1d0 [ 17.062126] ret_from_fork_asm+0x1a/0x30 [ 17.062320] [ 17.062421] The buggy address belongs to the object at ffff8881031d0c00 [ 17.062421] which belongs to the cache kmalloc-64 of size 64 [ 17.062949] The buggy address is located 0 bytes to the right of [ 17.062949] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.063547] [ 17.063642] The buggy address belongs to the physical page: [ 17.063927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.064333] flags: 0x200000000000000(node=0|zone=2) [ 17.064629] page_type: f5(slab) [ 17.064803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.065202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.065496] page dumped because: kasan: bad access detected [ 17.065753] [ 17.065851] Memory state around the buggy address: [ 17.066084] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066312] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066581] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.066955] ^ [ 17.067168] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.067491] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.067858] ================================================================== [ 17.552830] ================================================================== [ 17.553586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 17.554331] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.555058] [ 17.555264] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.555312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.555325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.555349] Call Trace: [ 17.555364] <TASK> [ 17.555380] dump_stack_lvl+0x73/0xb0 [ 17.555431] print_report+0xd1/0x650 [ 17.555455] ? __virt_addr_valid+0x1db/0x2d0 [ 17.555478] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.555501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.555530] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.555553] kasan_report+0x141/0x180 [ 17.555578] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.555607] kasan_check_range+0x10c/0x1c0 [ 17.555632] __kasan_check_write+0x18/0x20 [ 17.555653] kasan_atomics_helper+0x1eaa/0x5450 [ 17.555678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.555702] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.555750] ? kasan_atomics+0x152/0x310 [ 17.555779] kasan_atomics+0x1dc/0x310 [ 17.555804] ? __pfx_kasan_atomics+0x10/0x10 [ 17.555830] ? __pfx_read_tsc+0x10/0x10 [ 17.555852] ? ktime_get_ts64+0x86/0x230 [ 17.555878] kunit_try_run_case+0x1a5/0x480 [ 17.555904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.555928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.555953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.555980] ? __kthread_parkme+0x82/0x180 [ 17.556005] ? preempt_count_sub+0x50/0x80 [ 17.556032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.556071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.556097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.556122] kthread+0x337/0x6f0 [ 17.556144] ? trace_preempt_on+0x20/0xc0 [ 17.556171] ? __pfx_kthread+0x10/0x10 [ 17.556197] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.556220] ? calculate_sigpending+0x7b/0xa0 [ 17.556246] ? __pfx_kthread+0x10/0x10 [ 17.556270] ret_from_fork+0x116/0x1d0 [ 17.556291] ? __pfx_kthread+0x10/0x10 [ 17.556318] ret_from_fork_asm+0x1a/0x30 [ 17.556353] </TASK> [ 17.556365] [ 17.567406] Allocated by task 282: [ 17.567617] kasan_save_stack+0x45/0x70 [ 17.567822] kasan_save_track+0x18/0x40 [ 17.568031] kasan_save_alloc_info+0x3b/0x50 [ 17.568286] __kasan_kmalloc+0xb7/0xc0 [ 17.568508] __kmalloc_cache_noprof+0x189/0x420 [ 17.568735] kasan_atomics+0x95/0x310 [ 17.568946] kunit_try_run_case+0x1a5/0x480 [ 17.569171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.569418] kthread+0x337/0x6f0 [ 17.569548] ret_from_fork+0x116/0x1d0 [ 17.569721] ret_from_fork_asm+0x1a/0x30 [ 17.569923] [ 17.570056] The buggy address belongs to the object at ffff8881031d0c00 [ 17.570056] which belongs to the cache kmalloc-64 of size 64 [ 17.570595] The buggy address is located 0 bytes to the right of [ 17.570595] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.571170] [ 17.571275] The buggy address belongs to the physical page: [ 17.571535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.571965] flags: 0x200000000000000(node=0|zone=2) [ 17.572214] page_type: f5(slab) [ 17.572392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.572720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.573162] page dumped because: kasan: bad access detected [ 17.573421] [ 17.573526] Memory state around the buggy address: [ 17.573739] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.573965] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.574549] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.575027] ^ [ 17.575280] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.575569] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.575942] ================================================================== [ 16.305034] ================================================================== [ 16.305959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 16.307353] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.308328] [ 16.308642] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.308693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.308708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.308731] Call Trace: [ 16.308748] <TASK> [ 16.308789] dump_stack_lvl+0x73/0xb0 [ 16.308822] print_report+0xd1/0x650 [ 16.308846] ? __virt_addr_valid+0x1db/0x2d0 [ 16.308870] ? kasan_atomics_helper+0x565/0x5450 [ 16.308892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.308920] ? kasan_atomics_helper+0x565/0x5450 [ 16.308943] kasan_report+0x141/0x180 [ 16.308966] ? kasan_atomics_helper+0x565/0x5450 [ 16.308994] kasan_check_range+0x10c/0x1c0 [ 16.309020] __kasan_check_write+0x18/0x20 [ 16.309040] kasan_atomics_helper+0x565/0x5450 [ 16.309079] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.309103] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.309130] ? kasan_atomics+0x152/0x310 [ 16.309159] kasan_atomics+0x1dc/0x310 [ 16.309183] ? __pfx_kasan_atomics+0x10/0x10 [ 16.309209] ? __pfx_read_tsc+0x10/0x10 [ 16.309231] ? ktime_get_ts64+0x86/0x230 [ 16.309258] kunit_try_run_case+0x1a5/0x480 [ 16.309283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.309307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.309333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.309357] ? __kthread_parkme+0x82/0x180 [ 16.309379] ? preempt_count_sub+0x50/0x80 [ 16.309405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.309430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.309454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.309478] kthread+0x337/0x6f0 [ 16.309501] ? trace_preempt_on+0x20/0xc0 [ 16.309531] ? __pfx_kthread+0x10/0x10 [ 16.309554] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.309578] ? calculate_sigpending+0x7b/0xa0 [ 16.309603] ? __pfx_kthread+0x10/0x10 [ 16.309628] ret_from_fork+0x116/0x1d0 [ 16.309647] ? __pfx_kthread+0x10/0x10 [ 16.309669] ret_from_fork_asm+0x1a/0x30 [ 16.309702] </TASK> [ 16.309715] [ 16.322234] Allocated by task 282: [ 16.322374] kasan_save_stack+0x45/0x70 [ 16.322520] kasan_save_track+0x18/0x40 [ 16.322658] kasan_save_alloc_info+0x3b/0x50 [ 16.322932] __kasan_kmalloc+0xb7/0xc0 [ 16.323334] __kmalloc_cache_noprof+0x189/0x420 [ 16.323499] kasan_atomics+0x95/0x310 [ 16.323674] kunit_try_run_case+0x1a5/0x480 [ 16.324185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.324551] kthread+0x337/0x6f0 [ 16.324682] ret_from_fork+0x116/0x1d0 [ 16.324911] ret_from_fork_asm+0x1a/0x30 [ 16.325309] [ 16.325390] The buggy address belongs to the object at ffff8881031d0c00 [ 16.325390] which belongs to the cache kmalloc-64 of size 64 [ 16.325792] The buggy address is located 0 bytes to the right of [ 16.325792] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.326314] [ 16.326396] The buggy address belongs to the physical page: [ 16.326578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.327133] flags: 0x200000000000000(node=0|zone=2) [ 16.327663] page_type: f5(slab) [ 16.328074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.328796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.329670] page dumped because: kasan: bad access detected [ 16.330407] [ 16.330610] Memory state around the buggy address: [ 16.331143] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331393] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331621] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.332184] ^ [ 16.332671] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.333467] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.334308] ================================================================== [ 16.470450] ================================================================== [ 16.471025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 16.471468] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.472263] [ 16.472514] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.472562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.472576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.472598] Call Trace: [ 16.472615] <TASK> [ 16.472632] dump_stack_lvl+0x73/0xb0 [ 16.472689] print_report+0xd1/0x650 [ 16.472740] ? __virt_addr_valid+0x1db/0x2d0 [ 16.472764] ? kasan_atomics_helper+0x992/0x5450 [ 16.472815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.472841] ? kasan_atomics_helper+0x992/0x5450 [ 16.472875] kasan_report+0x141/0x180 [ 16.472899] ? kasan_atomics_helper+0x992/0x5450 [ 16.472927] kasan_check_range+0x10c/0x1c0 [ 16.472951] __kasan_check_write+0x18/0x20 [ 16.472999] kasan_atomics_helper+0x992/0x5450 [ 16.473023] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.473046] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.473089] ? kasan_atomics+0x152/0x310 [ 16.473117] kasan_atomics+0x1dc/0x310 [ 16.473141] ? __pfx_kasan_atomics+0x10/0x10 [ 16.473167] ? __pfx_read_tsc+0x10/0x10 [ 16.473189] ? ktime_get_ts64+0x86/0x230 [ 16.473215] kunit_try_run_case+0x1a5/0x480 [ 16.473242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.473265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.473290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.473314] ? __kthread_parkme+0x82/0x180 [ 16.473336] ? preempt_count_sub+0x50/0x80 [ 16.473363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.473388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.473412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.473437] kthread+0x337/0x6f0 [ 16.473458] ? trace_preempt_on+0x20/0xc0 [ 16.473482] ? __pfx_kthread+0x10/0x10 [ 16.473505] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.473533] ? calculate_sigpending+0x7b/0xa0 [ 16.473557] ? __pfx_kthread+0x10/0x10 [ 16.473581] ret_from_fork+0x116/0x1d0 [ 16.473601] ? __pfx_kthread+0x10/0x10 [ 16.473622] ret_from_fork_asm+0x1a/0x30 [ 16.473655] </TASK> [ 16.473668] [ 16.486934] Allocated by task 282: [ 16.487293] kasan_save_stack+0x45/0x70 [ 16.487698] kasan_save_track+0x18/0x40 [ 16.488122] kasan_save_alloc_info+0x3b/0x50 [ 16.488477] __kasan_kmalloc+0xb7/0xc0 [ 16.488625] __kmalloc_cache_noprof+0x189/0x420 [ 16.489032] kasan_atomics+0x95/0x310 [ 16.489442] kunit_try_run_case+0x1a5/0x480 [ 16.489898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.490323] kthread+0x337/0x6f0 [ 16.490459] ret_from_fork+0x116/0x1d0 [ 16.490602] ret_from_fork_asm+0x1a/0x30 [ 16.490858] [ 16.491085] The buggy address belongs to the object at ffff8881031d0c00 [ 16.491085] which belongs to the cache kmalloc-64 of size 64 [ 16.492273] The buggy address is located 0 bytes to the right of [ 16.492273] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.493229] [ 16.493316] The buggy address belongs to the physical page: [ 16.493506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.493944] flags: 0x200000000000000(node=0|zone=2) [ 16.494444] page_type: f5(slab) [ 16.494834] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.495555] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.496289] page dumped because: kasan: bad access detected [ 16.496841] [ 16.496926] Memory state around the buggy address: [ 16.497105] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497338] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497571] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.497807] ^ [ 16.497972] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498626] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.499307] ================================================================== [ 16.592532] ================================================================== [ 16.592939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 16.593642] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.594495] [ 16.594750] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.594800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.594826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.594849] Call Trace: [ 16.594867] <TASK> [ 16.594898] dump_stack_lvl+0x73/0xb0 [ 16.594929] print_report+0xd1/0x650 [ 16.594953] ? __virt_addr_valid+0x1db/0x2d0 [ 16.594979] ? kasan_atomics_helper+0xc70/0x5450 [ 16.595003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.595030] ? kasan_atomics_helper+0xc70/0x5450 [ 16.595065] kasan_report+0x141/0x180 [ 16.595089] ? kasan_atomics_helper+0xc70/0x5450 [ 16.595116] kasan_check_range+0x10c/0x1c0 [ 16.595142] __kasan_check_write+0x18/0x20 [ 16.595163] kasan_atomics_helper+0xc70/0x5450 [ 16.595187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.595211] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.595248] ? kasan_atomics+0x152/0x310 [ 16.595278] kasan_atomics+0x1dc/0x310 [ 16.595314] ? __pfx_kasan_atomics+0x10/0x10 [ 16.595340] ? __pfx_read_tsc+0x10/0x10 [ 16.595364] ? ktime_get_ts64+0x86/0x230 [ 16.595390] kunit_try_run_case+0x1a5/0x480 [ 16.595427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.595451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.595488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.595513] ? __kthread_parkme+0x82/0x180 [ 16.595534] ? preempt_count_sub+0x50/0x80 [ 16.595560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.595585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.595610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.595635] kthread+0x337/0x6f0 [ 16.595656] ? trace_preempt_on+0x20/0xc0 [ 16.595682] ? __pfx_kthread+0x10/0x10 [ 16.595704] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.595727] ? calculate_sigpending+0x7b/0xa0 [ 16.595753] ? __pfx_kthread+0x10/0x10 [ 16.595776] ret_from_fork+0x116/0x1d0 [ 16.595796] ? __pfx_kthread+0x10/0x10 [ 16.595818] ret_from_fork_asm+0x1a/0x30 [ 16.595853] </TASK> [ 16.595867] [ 16.609498] Allocated by task 282: [ 16.609865] kasan_save_stack+0x45/0x70 [ 16.610184] kasan_save_track+0x18/0x40 [ 16.610429] kasan_save_alloc_info+0x3b/0x50 [ 16.610586] __kasan_kmalloc+0xb7/0xc0 [ 16.610724] __kmalloc_cache_noprof+0x189/0x420 [ 16.610888] kasan_atomics+0x95/0x310 [ 16.611026] kunit_try_run_case+0x1a5/0x480 [ 16.611437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.611967] kthread+0x337/0x6f0 [ 16.612296] ret_from_fork+0x116/0x1d0 [ 16.612667] ret_from_fork_asm+0x1a/0x30 [ 16.613070] [ 16.613210] The buggy address belongs to the object at ffff8881031d0c00 [ 16.613210] which belongs to the cache kmalloc-64 of size 64 [ 16.613741] The buggy address is located 0 bytes to the right of [ 16.613741] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.614422] [ 16.614500] The buggy address belongs to the physical page: [ 16.614678] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.615343] flags: 0x200000000000000(node=0|zone=2) [ 16.615825] page_type: f5(slab) [ 16.616154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.616904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.617355] page dumped because: kasan: bad access detected [ 16.617539] [ 16.617614] Memory state around the buggy address: [ 16.617857] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618478] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.619193] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.619862] ^ [ 16.620312] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620758] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621341] ================================================================== [ 17.665098] ================================================================== [ 17.665819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 17.666188] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.666786] [ 17.666941] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.667133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.667149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.667172] Call Trace: [ 17.667188] <TASK> [ 17.667205] dump_stack_lvl+0x73/0xb0 [ 17.667235] print_report+0xd1/0x650 [ 17.667258] ? __virt_addr_valid+0x1db/0x2d0 [ 17.667282] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.667304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.667331] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.667355] kasan_report+0x141/0x180 [ 17.667377] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.667406] __asan_report_load8_noabort+0x18/0x20 [ 17.667431] kasan_atomics_helper+0x4f98/0x5450 [ 17.667456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.667479] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.667505] ? kasan_atomics+0x152/0x310 [ 17.667533] kasan_atomics+0x1dc/0x310 [ 17.667557] ? __pfx_kasan_atomics+0x10/0x10 [ 17.667583] ? __pfx_read_tsc+0x10/0x10 [ 17.667605] ? ktime_get_ts64+0x86/0x230 [ 17.667632] kunit_try_run_case+0x1a5/0x480 [ 17.667658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.667681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.667706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.667740] ? __kthread_parkme+0x82/0x180 [ 17.667762] ? preempt_count_sub+0x50/0x80 [ 17.667786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.667812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.667837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.667862] kthread+0x337/0x6f0 [ 17.667882] ? trace_preempt_on+0x20/0xc0 [ 17.667906] ? __pfx_kthread+0x10/0x10 [ 17.667929] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.667951] ? calculate_sigpending+0x7b/0xa0 [ 17.667976] ? __pfx_kthread+0x10/0x10 [ 17.668000] ret_from_fork+0x116/0x1d0 [ 17.668020] ? __pfx_kthread+0x10/0x10 [ 17.668043] ret_from_fork_asm+0x1a/0x30 [ 17.668089] </TASK> [ 17.668102] [ 17.678845] Allocated by task 282: [ 17.679289] kasan_save_stack+0x45/0x70 [ 17.679491] kasan_save_track+0x18/0x40 [ 17.679669] kasan_save_alloc_info+0x3b/0x50 [ 17.679879] __kasan_kmalloc+0xb7/0xc0 [ 17.680251] __kmalloc_cache_noprof+0x189/0x420 [ 17.680625] kasan_atomics+0x95/0x310 [ 17.680910] kunit_try_run_case+0x1a5/0x480 [ 17.681239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.681591] kthread+0x337/0x6f0 [ 17.681925] ret_from_fork+0x116/0x1d0 [ 17.682226] ret_from_fork_asm+0x1a/0x30 [ 17.682547] [ 17.682748] The buggy address belongs to the object at ffff8881031d0c00 [ 17.682748] which belongs to the cache kmalloc-64 of size 64 [ 17.683239] The buggy address is located 0 bytes to the right of [ 17.683239] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.683717] [ 17.683891] The buggy address belongs to the physical page: [ 17.684506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.685118] flags: 0x200000000000000(node=0|zone=2) [ 17.685465] page_type: f5(slab) [ 17.685747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.686209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.686642] page dumped because: kasan: bad access detected [ 17.687025] [ 17.687334] Memory state around the buggy address: [ 17.687578] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.688066] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.688508] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.689025] ^ [ 17.689274] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.689593] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.690150] ================================================================== [ 17.576484] ================================================================== [ 17.577182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 17.578079] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.578447] [ 17.578554] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.578599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.578612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.578634] Call Trace: [ 17.578650] <TASK> [ 17.578665] dump_stack_lvl+0x73/0xb0 [ 17.578692] print_report+0xd1/0x650 [ 17.578716] ? __virt_addr_valid+0x1db/0x2d0 [ 17.578769] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.578792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.578819] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.578842] kasan_report+0x141/0x180 [ 17.578865] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.578893] kasan_check_range+0x10c/0x1c0 [ 17.578918] __kasan_check_write+0x18/0x20 [ 17.578939] kasan_atomics_helper+0x1f43/0x5450 [ 17.578963] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.578986] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.579012] ? kasan_atomics+0x152/0x310 [ 17.579040] kasan_atomics+0x1dc/0x310 [ 17.579076] ? __pfx_kasan_atomics+0x10/0x10 [ 17.579102] ? __pfx_read_tsc+0x10/0x10 [ 17.579143] ? ktime_get_ts64+0x86/0x230 [ 17.579170] kunit_try_run_case+0x1a5/0x480 [ 17.579212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.579235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.579260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.579302] ? __kthread_parkme+0x82/0x180 [ 17.579324] ? preempt_count_sub+0x50/0x80 [ 17.579349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.579374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.579398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.579422] kthread+0x337/0x6f0 [ 17.579462] ? trace_preempt_on+0x20/0xc0 [ 17.579486] ? __pfx_kthread+0x10/0x10 [ 17.579508] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.579531] ? calculate_sigpending+0x7b/0xa0 [ 17.579555] ? __pfx_kthread+0x10/0x10 [ 17.579578] ret_from_fork+0x116/0x1d0 [ 17.579597] ? __pfx_kthread+0x10/0x10 [ 17.579619] ret_from_fork_asm+0x1a/0x30 [ 17.579669] </TASK> [ 17.579682] [ 17.593518] Allocated by task 282: [ 17.593918] kasan_save_stack+0x45/0x70 [ 17.594295] kasan_save_track+0x18/0x40 [ 17.594445] kasan_save_alloc_info+0x3b/0x50 [ 17.594607] __kasan_kmalloc+0xb7/0xc0 [ 17.594782] __kmalloc_cache_noprof+0x189/0x420 [ 17.594954] kasan_atomics+0x95/0x310 [ 17.595111] kunit_try_run_case+0x1a5/0x480 [ 17.595269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.595455] kthread+0x337/0x6f0 [ 17.595586] ret_from_fork+0x116/0x1d0 [ 17.595750] ret_from_fork_asm+0x1a/0x30 [ 17.596128] [ 17.596303] The buggy address belongs to the object at ffff8881031d0c00 [ 17.596303] which belongs to the cache kmalloc-64 of size 64 [ 17.597543] The buggy address is located 0 bytes to the right of [ 17.597543] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.598940] [ 17.599137] The buggy address belongs to the physical page: [ 17.599658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.600457] flags: 0x200000000000000(node=0|zone=2) [ 17.600962] page_type: f5(slab) [ 17.601289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.602034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.602322] page dumped because: kasan: bad access detected [ 17.602510] [ 17.602587] Memory state around the buggy address: [ 17.602782] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.603432] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.604148] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.604837] ^ [ 17.606253] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.606853] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.607102] ================================================================== [ 16.443286] ================================================================== [ 16.443746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 16.444122] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.444407] [ 16.444571] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.444658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.444674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.444698] Call Trace: [ 16.444714] <TASK> [ 16.444741] dump_stack_lvl+0x73/0xb0 [ 16.444772] print_report+0xd1/0x650 [ 16.444796] ? __virt_addr_valid+0x1db/0x2d0 [ 16.444857] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.444881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.444909] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.444932] kasan_report+0x141/0x180 [ 16.444988] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.445018] kasan_check_range+0x10c/0x1c0 [ 16.445043] __kasan_check_write+0x18/0x20 [ 16.445076] kasan_atomics_helper+0x8f9/0x5450 [ 16.445102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.445125] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.445152] ? kasan_atomics+0x152/0x310 [ 16.445182] kasan_atomics+0x1dc/0x310 [ 16.445207] ? __pfx_kasan_atomics+0x10/0x10 [ 16.445234] ? __pfx_read_tsc+0x10/0x10 [ 16.445257] ? ktime_get_ts64+0x86/0x230 [ 16.445283] kunit_try_run_case+0x1a5/0x480 [ 16.445308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.445333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.445358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.445384] ? __kthread_parkme+0x82/0x180 [ 16.445406] ? preempt_count_sub+0x50/0x80 [ 16.445432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.445458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.445482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.445509] kthread+0x337/0x6f0 [ 16.445533] ? trace_preempt_on+0x20/0xc0 [ 16.445581] ? __pfx_kthread+0x10/0x10 [ 16.445604] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.445627] ? calculate_sigpending+0x7b/0xa0 [ 16.445652] ? __pfx_kthread+0x10/0x10 [ 16.445676] ret_from_fork+0x116/0x1d0 [ 16.445697] ? __pfx_kthread+0x10/0x10 [ 16.445720] ret_from_fork_asm+0x1a/0x30 [ 16.445755] </TASK> [ 16.445769] [ 16.455609] Allocated by task 282: [ 16.456065] kasan_save_stack+0x45/0x70 [ 16.456473] kasan_save_track+0x18/0x40 [ 16.456894] kasan_save_alloc_info+0x3b/0x50 [ 16.457327] __kasan_kmalloc+0xb7/0xc0 [ 16.457739] __kmalloc_cache_noprof+0x189/0x420 [ 16.458200] kasan_atomics+0x95/0x310 [ 16.458576] kunit_try_run_case+0x1a5/0x480 [ 16.459010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.459535] kthread+0x337/0x6f0 [ 16.459904] ret_from_fork+0x116/0x1d0 [ 16.460287] ret_from_fork_asm+0x1a/0x30 [ 16.460588] [ 16.460668] The buggy address belongs to the object at ffff8881031d0c00 [ 16.460668] which belongs to the cache kmalloc-64 of size 64 [ 16.461652] The buggy address is located 0 bytes to the right of [ 16.461652] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.462748] [ 16.462897] The buggy address belongs to the physical page: [ 16.463318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.463693] flags: 0x200000000000000(node=0|zone=2) [ 16.464199] page_type: f5(slab) [ 16.464532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.464964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.465222] page dumped because: kasan: bad access detected [ 16.465409] [ 16.465484] Memory state around the buggy address: [ 16.465652] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.466330] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.467001] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.467666] ^ [ 16.468172] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.468856] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.469500] ================================================================== [ 16.786159] ================================================================== [ 16.786654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 16.787076] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.787459] [ 16.787580] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.787628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.787642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.787666] Call Trace: [ 16.787680] <TASK> [ 16.787697] dump_stack_lvl+0x73/0xb0 [ 16.787749] print_report+0xd1/0x650 [ 16.787774] ? __virt_addr_valid+0x1db/0x2d0 [ 16.787810] ? kasan_atomics_helper+0x1079/0x5450 [ 16.787833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.787861] ? kasan_atomics_helper+0x1079/0x5450 [ 16.787897] kasan_report+0x141/0x180 [ 16.787921] ? kasan_atomics_helper+0x1079/0x5450 [ 16.787951] kasan_check_range+0x10c/0x1c0 [ 16.787977] __kasan_check_write+0x18/0x20 [ 16.787999] kasan_atomics_helper+0x1079/0x5450 [ 16.788024] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.788057] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.788084] ? kasan_atomics+0x152/0x310 [ 16.788114] kasan_atomics+0x1dc/0x310 [ 16.788139] ? __pfx_kasan_atomics+0x10/0x10 [ 16.788166] ? __pfx_read_tsc+0x10/0x10 [ 16.788188] ? ktime_get_ts64+0x86/0x230 [ 16.788225] kunit_try_run_case+0x1a5/0x480 [ 16.788251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.788275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.788312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.788337] ? __kthread_parkme+0x82/0x180 [ 16.788359] ? preempt_count_sub+0x50/0x80 [ 16.788384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.788418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.788443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.788479] kthread+0x337/0x6f0 [ 16.788501] ? trace_preempt_on+0x20/0xc0 [ 16.788526] ? __pfx_kthread+0x10/0x10 [ 16.788549] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.788582] ? calculate_sigpending+0x7b/0xa0 [ 16.788607] ? __pfx_kthread+0x10/0x10 [ 16.788631] ret_from_fork+0x116/0x1d0 [ 16.788661] ? __pfx_kthread+0x10/0x10 [ 16.788684] ret_from_fork_asm+0x1a/0x30 [ 16.788745] </TASK> [ 16.788758] [ 16.797155] Allocated by task 282: [ 16.797356] kasan_save_stack+0x45/0x70 [ 16.797557] kasan_save_track+0x18/0x40 [ 16.797761] kasan_save_alloc_info+0x3b/0x50 [ 16.797990] __kasan_kmalloc+0xb7/0xc0 [ 16.798219] __kmalloc_cache_noprof+0x189/0x420 [ 16.798442] kasan_atomics+0x95/0x310 [ 16.798672] kunit_try_run_case+0x1a5/0x480 [ 16.798848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799035] kthread+0x337/0x6f0 [ 16.799224] ret_from_fork+0x116/0x1d0 [ 16.799434] ret_from_fork_asm+0x1a/0x30 [ 16.799656] [ 16.799785] The buggy address belongs to the object at ffff8881031d0c00 [ 16.799785] which belongs to the cache kmalloc-64 of size 64 [ 16.800261] The buggy address is located 0 bytes to the right of [ 16.800261] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.800876] [ 16.800987] The buggy address belongs to the physical page: [ 16.801291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.801651] flags: 0x200000000000000(node=0|zone=2) [ 16.801921] page_type: f5(slab) [ 16.802116] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.802423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.802664] page dumped because: kasan: bad access detected [ 16.802872] [ 16.802949] Memory state around the buggy address: [ 16.803211] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.803547] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.803921] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.804266] ^ [ 16.804500] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.804809] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805035] ================================================================== [ 16.767659] ================================================================== [ 16.767995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 16.768361] Read of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.768718] [ 16.768852] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.768898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.768912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.768934] Call Trace: [ 16.768951] <TASK> [ 16.768967] dump_stack_lvl+0x73/0xb0 [ 16.768995] print_report+0xd1/0x650 [ 16.769019] ? __virt_addr_valid+0x1db/0x2d0 [ 16.769043] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.769074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.769101] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.769123] kasan_report+0x141/0x180 [ 16.769146] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.769174] __asan_report_load4_noabort+0x18/0x20 [ 16.769199] kasan_atomics_helper+0x4a36/0x5450 [ 16.769222] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.769245] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.769271] ? kasan_atomics+0x152/0x310 [ 16.769299] kasan_atomics+0x1dc/0x310 [ 16.769323] ? __pfx_kasan_atomics+0x10/0x10 [ 16.769348] ? __pfx_read_tsc+0x10/0x10 [ 16.769370] ? ktime_get_ts64+0x86/0x230 [ 16.769395] kunit_try_run_case+0x1a5/0x480 [ 16.769420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.769443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.769467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.769491] ? __kthread_parkme+0x82/0x180 [ 16.769511] ? preempt_count_sub+0x50/0x80 [ 16.769542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.769567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.769600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.769625] kthread+0x337/0x6f0 [ 16.769646] ? trace_preempt_on+0x20/0xc0 [ 16.769681] ? __pfx_kthread+0x10/0x10 [ 16.769703] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.769750] ? calculate_sigpending+0x7b/0xa0 [ 16.769775] ? __pfx_kthread+0x10/0x10 [ 16.769798] ret_from_fork+0x116/0x1d0 [ 16.769817] ? __pfx_kthread+0x10/0x10 [ 16.769839] ret_from_fork_asm+0x1a/0x30 [ 16.769872] </TASK> [ 16.769885] [ 16.777375] Allocated by task 282: [ 16.777565] kasan_save_stack+0x45/0x70 [ 16.777751] kasan_save_track+0x18/0x40 [ 16.777979] kasan_save_alloc_info+0x3b/0x50 [ 16.778212] __kasan_kmalloc+0xb7/0xc0 [ 16.778406] __kmalloc_cache_noprof+0x189/0x420 [ 16.778637] kasan_atomics+0x95/0x310 [ 16.778867] kunit_try_run_case+0x1a5/0x480 [ 16.779082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.779352] kthread+0x337/0x6f0 [ 16.779528] ret_from_fork+0x116/0x1d0 [ 16.779763] ret_from_fork_asm+0x1a/0x30 [ 16.779979] [ 16.780091] The buggy address belongs to the object at ffff8881031d0c00 [ 16.780091] which belongs to the cache kmalloc-64 of size 64 [ 16.780646] The buggy address is located 0 bytes to the right of [ 16.780646] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.781264] [ 16.781362] The buggy address belongs to the physical page: [ 16.781658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.782014] flags: 0x200000000000000(node=0|zone=2) [ 16.782311] page_type: f5(slab) [ 16.782474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.782819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.783078] page dumped because: kasan: bad access detected [ 16.783265] [ 16.783344] Memory state around the buggy address: [ 16.783529] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.783942] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.784352] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.784794] ^ [ 16.785061] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.785361] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.785599] ================================================================== [ 17.814805] ================================================================== [ 17.815193] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 17.815547] Read of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.816141] [ 17.816260] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.816304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.816317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.816339] Call Trace: [ 17.816354] <TASK> [ 17.816370] dump_stack_lvl+0x73/0xb0 [ 17.816399] print_report+0xd1/0x650 [ 17.816421] ? __virt_addr_valid+0x1db/0x2d0 [ 17.816443] ? kasan_atomics_helper+0x5115/0x5450 [ 17.816465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.816492] ? kasan_atomics_helper+0x5115/0x5450 [ 17.816514] kasan_report+0x141/0x180 [ 17.816538] ? kasan_atomics_helper+0x5115/0x5450 [ 17.816566] __asan_report_load8_noabort+0x18/0x20 [ 17.816591] kasan_atomics_helper+0x5115/0x5450 [ 17.816615] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.816638] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.816664] ? kasan_atomics+0x152/0x310 [ 17.816692] kasan_atomics+0x1dc/0x310 [ 17.816715] ? __pfx_kasan_atomics+0x10/0x10 [ 17.816754] ? __pfx_read_tsc+0x10/0x10 [ 17.816777] ? ktime_get_ts64+0x86/0x230 [ 17.816803] kunit_try_run_case+0x1a5/0x480 [ 17.816827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.816850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.816874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.816898] ? __kthread_parkme+0x82/0x180 [ 17.816919] ? preempt_count_sub+0x50/0x80 [ 17.816943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.816969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.816992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.817016] kthread+0x337/0x6f0 [ 17.817037] ? trace_preempt_on+0x20/0xc0 [ 17.817072] ? __pfx_kthread+0x10/0x10 [ 17.817094] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.817117] ? calculate_sigpending+0x7b/0xa0 [ 17.817141] ? __pfx_kthread+0x10/0x10 [ 17.817164] ret_from_fork+0x116/0x1d0 [ 17.817183] ? __pfx_kthread+0x10/0x10 [ 17.817204] ret_from_fork_asm+0x1a/0x30 [ 17.817237] </TASK> [ 17.817250] [ 17.824812] Allocated by task 282: [ 17.825002] kasan_save_stack+0x45/0x70 [ 17.825222] kasan_save_track+0x18/0x40 [ 17.825387] kasan_save_alloc_info+0x3b/0x50 [ 17.825566] __kasan_kmalloc+0xb7/0xc0 [ 17.825881] __kmalloc_cache_noprof+0x189/0x420 [ 17.826131] kasan_atomics+0x95/0x310 [ 17.826318] kunit_try_run_case+0x1a5/0x480 [ 17.826503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.826760] kthread+0x337/0x6f0 [ 17.826925] ret_from_fork+0x116/0x1d0 [ 17.827104] ret_from_fork_asm+0x1a/0x30 [ 17.827292] [ 17.827372] The buggy address belongs to the object at ffff8881031d0c00 [ 17.827372] which belongs to the cache kmalloc-64 of size 64 [ 17.827931] The buggy address is located 0 bytes to the right of [ 17.827931] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.828334] [ 17.828412] The buggy address belongs to the physical page: [ 17.828596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.828914] flags: 0x200000000000000(node=0|zone=2) [ 17.829243] page_type: f5(slab) [ 17.829420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.829825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.830076] page dumped because: kasan: bad access detected [ 17.830258] [ 17.830332] Memory state around the buggy address: [ 17.830497] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.830932] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.831290] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.831626] ^ [ 17.832010] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.832367] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.832593] ================================================================== [ 17.638874] ================================================================== [ 17.639894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 17.640164] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.640405] [ 17.640498] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.640543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.640558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.640581] Call Trace: [ 17.640599] <TASK> [ 17.640615] dump_stack_lvl+0x73/0xb0 [ 17.640643] print_report+0xd1/0x650 [ 17.640667] ? __virt_addr_valid+0x1db/0x2d0 [ 17.640689] ? kasan_atomics_helper+0x2006/0x5450 [ 17.640712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.640740] ? kasan_atomics_helper+0x2006/0x5450 [ 17.640764] kasan_report+0x141/0x180 [ 17.640787] ? kasan_atomics_helper+0x2006/0x5450 [ 17.640815] kasan_check_range+0x10c/0x1c0 [ 17.640840] __kasan_check_write+0x18/0x20 [ 17.640860] kasan_atomics_helper+0x2006/0x5450 [ 17.640884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.640907] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.640934] ? kasan_atomics+0x152/0x310 [ 17.640963] kasan_atomics+0x1dc/0x310 [ 17.640987] ? __pfx_kasan_atomics+0x10/0x10 [ 17.641013] ? __pfx_read_tsc+0x10/0x10 [ 17.641035] ? ktime_get_ts64+0x86/0x230 [ 17.641072] kunit_try_run_case+0x1a5/0x480 [ 17.641098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.641121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.641145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.641170] ? __kthread_parkme+0x82/0x180 [ 17.641191] ? preempt_count_sub+0x50/0x80 [ 17.641216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.641241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.641265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.641290] kthread+0x337/0x6f0 [ 17.641311] ? trace_preempt_on+0x20/0xc0 [ 17.641336] ? __pfx_kthread+0x10/0x10 [ 17.641358] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.641381] ? calculate_sigpending+0x7b/0xa0 [ 17.641405] ? __pfx_kthread+0x10/0x10 [ 17.641429] ret_from_fork+0x116/0x1d0 [ 17.641449] ? __pfx_kthread+0x10/0x10 [ 17.641471] ret_from_fork_asm+0x1a/0x30 [ 17.641505] </TASK> [ 17.641517] [ 17.653161] Allocated by task 282: [ 17.653393] kasan_save_stack+0x45/0x70 [ 17.653921] kasan_save_track+0x18/0x40 [ 17.654157] kasan_save_alloc_info+0x3b/0x50 [ 17.654389] __kasan_kmalloc+0xb7/0xc0 [ 17.654797] __kmalloc_cache_noprof+0x189/0x420 [ 17.655147] kasan_atomics+0x95/0x310 [ 17.655379] kunit_try_run_case+0x1a5/0x480 [ 17.655737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.656082] kthread+0x337/0x6f0 [ 17.656421] ret_from_fork+0x116/0x1d0 [ 17.656735] ret_from_fork_asm+0x1a/0x30 [ 17.656965] [ 17.657239] The buggy address belongs to the object at ffff8881031d0c00 [ 17.657239] which belongs to the cache kmalloc-64 of size 64 [ 17.657760] The buggy address is located 0 bytes to the right of [ 17.657760] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.658352] [ 17.658519] The buggy address belongs to the physical page: [ 17.659166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.659570] flags: 0x200000000000000(node=0|zone=2) [ 17.659919] page_type: f5(slab) [ 17.660139] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.660615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.661121] page dumped because: kasan: bad access detected [ 17.661427] [ 17.661544] Memory state around the buggy address: [ 17.661847] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.662362] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.662694] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.663156] ^ [ 17.663464] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.663925] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.664243] ================================================================== [ 17.345337] ================================================================== [ 17.345728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 17.346013] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.348097] [ 17.348300] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.348350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.348366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.348391] Call Trace: [ 17.348408] <TASK> [ 17.348426] dump_stack_lvl+0x73/0xb0 [ 17.348459] print_report+0xd1/0x650 [ 17.348483] ? __virt_addr_valid+0x1db/0x2d0 [ 17.348507] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.348530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.348560] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.348585] kasan_report+0x141/0x180 [ 17.348609] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.348637] kasan_check_range+0x10c/0x1c0 [ 17.348663] __kasan_check_write+0x18/0x20 [ 17.348684] kasan_atomics_helper+0x1a7f/0x5450 [ 17.348710] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.350753] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.350800] ? kasan_atomics+0x152/0x310 [ 17.350833] kasan_atomics+0x1dc/0x310 [ 17.350861] ? __pfx_kasan_atomics+0x10/0x10 [ 17.350888] ? __pfx_read_tsc+0x10/0x10 [ 17.350911] ? ktime_get_ts64+0x86/0x230 [ 17.350939] kunit_try_run_case+0x1a5/0x480 [ 17.350965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.350989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.351015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.351040] ? __kthread_parkme+0x82/0x180 [ 17.351089] ? preempt_count_sub+0x50/0x80 [ 17.351117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.351142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.351166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.351190] kthread+0x337/0x6f0 [ 17.351211] ? trace_preempt_on+0x20/0xc0 [ 17.351237] ? __pfx_kthread+0x10/0x10 [ 17.351260] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.351283] ? calculate_sigpending+0x7b/0xa0 [ 17.351308] ? __pfx_kthread+0x10/0x10 [ 17.351331] ret_from_fork+0x116/0x1d0 [ 17.351352] ? __pfx_kthread+0x10/0x10 [ 17.351374] ret_from_fork_asm+0x1a/0x30 [ 17.351407] </TASK> [ 17.351421] [ 17.364561] Allocated by task 282: [ 17.364890] kasan_save_stack+0x45/0x70 [ 17.365143] kasan_save_track+0x18/0x40 [ 17.365316] kasan_save_alloc_info+0x3b/0x50 [ 17.365549] __kasan_kmalloc+0xb7/0xc0 [ 17.365728] __kmalloc_cache_noprof+0x189/0x420 [ 17.366285] kasan_atomics+0x95/0x310 [ 17.366607] kunit_try_run_case+0x1a5/0x480 [ 17.366855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.367199] kthread+0x337/0x6f0 [ 17.367477] ret_from_fork+0x116/0x1d0 [ 17.367637] ret_from_fork_asm+0x1a/0x30 [ 17.368035] [ 17.368148] The buggy address belongs to the object at ffff8881031d0c00 [ 17.368148] which belongs to the cache kmalloc-64 of size 64 [ 17.368971] The buggy address is located 0 bytes to the right of [ 17.368971] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.369493] [ 17.369754] The buggy address belongs to the physical page: [ 17.370117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.370526] flags: 0x200000000000000(node=0|zone=2) [ 17.370843] page_type: f5(slab) [ 17.371030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.371372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.371698] page dumped because: kasan: bad access detected [ 17.372214] [ 17.372461] Memory state around the buggy address: [ 17.372687] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.373233] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.373651] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.374166] ^ [ 17.374503] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.374981] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.375398] ================================================================== [ 16.560497] ================================================================== [ 16.560836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 16.562373] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.563002] [ 16.563205] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.563253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.563266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.563289] Call Trace: [ 16.563306] <TASK> [ 16.563322] dump_stack_lvl+0x73/0xb0 [ 16.564099] print_report+0xd1/0x650 [ 16.564134] ? __virt_addr_valid+0x1db/0x2d0 [ 16.564171] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.564194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.564220] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.564245] kasan_report+0x141/0x180 [ 16.564269] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.564298] kasan_check_range+0x10c/0x1c0 [ 16.564323] __kasan_check_write+0x18/0x20 [ 16.564344] kasan_atomics_helper+0xb6a/0x5450 [ 16.564368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.564391] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.564418] ? kasan_atomics+0x152/0x310 [ 16.564835] kasan_atomics+0x1dc/0x310 [ 16.564863] ? __pfx_kasan_atomics+0x10/0x10 [ 16.564904] ? __pfx_read_tsc+0x10/0x10 [ 16.564927] ? ktime_get_ts64+0x86/0x230 [ 16.564955] kunit_try_run_case+0x1a5/0x480 [ 16.564980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.565003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.565028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.565062] ? __kthread_parkme+0x82/0x180 [ 16.565084] ? preempt_count_sub+0x50/0x80 [ 16.565109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.565134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.565157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.565181] kthread+0x337/0x6f0 [ 16.565201] ? trace_preempt_on+0x20/0xc0 [ 16.565226] ? __pfx_kthread+0x10/0x10 [ 16.565248] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.565270] ? calculate_sigpending+0x7b/0xa0 [ 16.565295] ? __pfx_kthread+0x10/0x10 [ 16.565317] ret_from_fork+0x116/0x1d0 [ 16.565336] ? __pfx_kthread+0x10/0x10 [ 16.565358] ret_from_fork_asm+0x1a/0x30 [ 16.565391] </TASK> [ 16.565403] [ 16.578787] Allocated by task 282: [ 16.579086] kasan_save_stack+0x45/0x70 [ 16.579365] kasan_save_track+0x18/0x40 [ 16.579686] kasan_save_alloc_info+0x3b/0x50 [ 16.580169] __kasan_kmalloc+0xb7/0xc0 [ 16.580459] __kmalloc_cache_noprof+0x189/0x420 [ 16.580841] kasan_atomics+0x95/0x310 [ 16.581153] kunit_try_run_case+0x1a5/0x480 [ 16.581314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.581499] kthread+0x337/0x6f0 [ 16.581633] ret_from_fork+0x116/0x1d0 [ 16.581857] ret_from_fork_asm+0x1a/0x30 [ 16.582268] [ 16.582446] The buggy address belongs to the object at ffff8881031d0c00 [ 16.582446] which belongs to the cache kmalloc-64 of size 64 [ 16.583675] The buggy address is located 0 bytes to the right of [ 16.583675] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.584989] [ 16.585193] The buggy address belongs to the physical page: [ 16.585558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.585986] flags: 0x200000000000000(node=0|zone=2) [ 16.586471] page_type: f5(slab) [ 16.586833] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.587658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.588265] page dumped because: kasan: bad access detected [ 16.588673] [ 16.588769] Memory state around the buggy address: [ 16.589163] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.589563] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.589938] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.590615] ^ [ 16.591159] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.591761] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.591995] ================================================================== [ 17.308422] ================================================================== [ 17.308822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 17.309093] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.309458] [ 17.309579] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.309623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.309636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.309657] Call Trace: [ 17.309672] <TASK> [ 17.309686] dump_stack_lvl+0x73/0xb0 [ 17.309714] print_report+0xd1/0x650 [ 17.309745] ? __virt_addr_valid+0x1db/0x2d0 [ 17.309769] ? kasan_atomics_helper+0x194a/0x5450 [ 17.309791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.309817] ? kasan_atomics_helper+0x194a/0x5450 [ 17.309841] kasan_report+0x141/0x180 [ 17.309864] ? kasan_atomics_helper+0x194a/0x5450 [ 17.309891] kasan_check_range+0x10c/0x1c0 [ 17.309916] __kasan_check_write+0x18/0x20 [ 17.309937] kasan_atomics_helper+0x194a/0x5450 [ 17.309961] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.309984] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.310009] ? kasan_atomics+0x152/0x310 [ 17.310037] kasan_atomics+0x1dc/0x310 [ 17.310072] ? __pfx_kasan_atomics+0x10/0x10 [ 17.310097] ? __pfx_read_tsc+0x10/0x10 [ 17.310120] ? ktime_get_ts64+0x86/0x230 [ 17.310146] kunit_try_run_case+0x1a5/0x480 [ 17.310170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.310193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.310217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.310241] ? __kthread_parkme+0x82/0x180 [ 17.310261] ? preempt_count_sub+0x50/0x80 [ 17.310286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.310309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.310332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.310356] kthread+0x337/0x6f0 [ 17.310377] ? trace_preempt_on+0x20/0xc0 [ 17.310401] ? __pfx_kthread+0x10/0x10 [ 17.310425] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.310449] ? calculate_sigpending+0x7b/0xa0 [ 17.310473] ? __pfx_kthread+0x10/0x10 [ 17.310495] ret_from_fork+0x116/0x1d0 [ 17.310514] ? __pfx_kthread+0x10/0x10 [ 17.310536] ret_from_fork_asm+0x1a/0x30 [ 17.310569] </TASK> [ 17.310581] [ 17.318305] Allocated by task 282: [ 17.318468] kasan_save_stack+0x45/0x70 [ 17.318643] kasan_save_track+0x18/0x40 [ 17.318882] kasan_save_alloc_info+0x3b/0x50 [ 17.319102] __kasan_kmalloc+0xb7/0xc0 [ 17.319285] __kmalloc_cache_noprof+0x189/0x420 [ 17.319504] kasan_atomics+0x95/0x310 [ 17.319693] kunit_try_run_case+0x1a5/0x480 [ 17.319942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320165] kthread+0x337/0x6f0 [ 17.320324] ret_from_fork+0x116/0x1d0 [ 17.320520] ret_from_fork_asm+0x1a/0x30 [ 17.320710] [ 17.320818] The buggy address belongs to the object at ffff8881031d0c00 [ 17.320818] which belongs to the cache kmalloc-64 of size 64 [ 17.321193] The buggy address is located 0 bytes to the right of [ 17.321193] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.321591] [ 17.321666] The buggy address belongs to the physical page: [ 17.321911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.322288] flags: 0x200000000000000(node=0|zone=2) [ 17.322534] page_type: f5(slab) [ 17.322739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.323098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.323443] page dumped because: kasan: bad access detected [ 17.323698] [ 17.323809] Memory state around the buggy address: [ 17.324036] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.324342] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.324564] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.324925] ^ [ 17.325198] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.325532] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.325902] ================================================================== [ 17.467969] ================================================================== [ 17.468806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 17.469667] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.470181] [ 17.470293] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.470339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.470376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.470400] Call Trace: [ 17.470416] <TASK> [ 17.470433] dump_stack_lvl+0x73/0xb0 [ 17.470465] print_report+0xd1/0x650 [ 17.470488] ? __virt_addr_valid+0x1db/0x2d0 [ 17.470511] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.470533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.470636] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.470660] kasan_report+0x141/0x180 [ 17.470683] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.470711] kasan_check_range+0x10c/0x1c0 [ 17.470737] __kasan_check_write+0x18/0x20 [ 17.470757] kasan_atomics_helper+0x1ce1/0x5450 [ 17.470781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.470804] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.470830] ? kasan_atomics+0x152/0x310 [ 17.470859] kasan_atomics+0x1dc/0x310 [ 17.470882] ? __pfx_kasan_atomics+0x10/0x10 [ 17.470907] ? __pfx_read_tsc+0x10/0x10 [ 17.470929] ? ktime_get_ts64+0x86/0x230 [ 17.470955] kunit_try_run_case+0x1a5/0x480 [ 17.470981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.471004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.471028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.471065] ? __kthread_parkme+0x82/0x180 [ 17.471087] ? preempt_count_sub+0x50/0x80 [ 17.471112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.471136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.471160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.471184] kthread+0x337/0x6f0 [ 17.471204] ? trace_preempt_on+0x20/0xc0 [ 17.471229] ? __pfx_kthread+0x10/0x10 [ 17.471251] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.471272] ? calculate_sigpending+0x7b/0xa0 [ 17.471296] ? __pfx_kthread+0x10/0x10 [ 17.471318] ret_from_fork+0x116/0x1d0 [ 17.471337] ? __pfx_kthread+0x10/0x10 [ 17.471358] ret_from_fork_asm+0x1a/0x30 [ 17.471391] </TASK> [ 17.471403] [ 17.483511] Allocated by task 282: [ 17.483655] kasan_save_stack+0x45/0x70 [ 17.483849] kasan_save_track+0x18/0x40 [ 17.484213] kasan_save_alloc_info+0x3b/0x50 [ 17.484620] __kasan_kmalloc+0xb7/0xc0 [ 17.485004] __kmalloc_cache_noprof+0x189/0x420 [ 17.485465] kasan_atomics+0x95/0x310 [ 17.485851] kunit_try_run_case+0x1a5/0x480 [ 17.486270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.486774] kthread+0x337/0x6f0 [ 17.487173] ret_from_fork+0x116/0x1d0 [ 17.487555] ret_from_fork_asm+0x1a/0x30 [ 17.488010] [ 17.488217] The buggy address belongs to the object at ffff8881031d0c00 [ 17.488217] which belongs to the cache kmalloc-64 of size 64 [ 17.489563] The buggy address is located 0 bytes to the right of [ 17.489563] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.490416] [ 17.490609] The buggy address belongs to the physical page: [ 17.491129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.491561] flags: 0x200000000000000(node=0|zone=2) [ 17.491756] page_type: f5(slab) [ 17.492118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.492878] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.493542] page dumped because: kasan: bad access detected [ 17.493746] [ 17.493947] Memory state around the buggy address: [ 17.494425] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.495072] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.495456] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.495684] ^ [ 17.496031] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.496719] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.497514] ================================================================== [ 16.252126] ================================================================== [ 16.252544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 16.252909] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.253271] [ 16.253366] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.253411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.253424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.253446] Call Trace: [ 16.253462] <TASK> [ 16.253478] dump_stack_lvl+0x73/0xb0 [ 16.253508] print_report+0xd1/0x650 [ 16.253558] ? __virt_addr_valid+0x1db/0x2d0 [ 16.253583] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.253605] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.253650] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.253675] kasan_report+0x141/0x180 [ 16.253700] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.253728] kasan_check_range+0x10c/0x1c0 [ 16.253753] __kasan_check_write+0x18/0x20 [ 16.253773] kasan_atomics_helper+0x4a0/0x5450 [ 16.253815] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.253839] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.253866] ? kasan_atomics+0x152/0x310 [ 16.253894] kasan_atomics+0x1dc/0x310 [ 16.253918] ? __pfx_kasan_atomics+0x10/0x10 [ 16.253944] ? __pfx_read_tsc+0x10/0x10 [ 16.253986] ? ktime_get_ts64+0x86/0x230 [ 16.254015] kunit_try_run_case+0x1a5/0x480 [ 16.254041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.254073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.254098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.254122] ? __kthread_parkme+0x82/0x180 [ 16.254144] ? preempt_count_sub+0x50/0x80 [ 16.254169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.254194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.254218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.254242] kthread+0x337/0x6f0 [ 16.254263] ? trace_preempt_on+0x20/0xc0 [ 16.254286] ? __pfx_kthread+0x10/0x10 [ 16.254327] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.254350] ? calculate_sigpending+0x7b/0xa0 [ 16.254374] ? __pfx_kthread+0x10/0x10 [ 16.254398] ret_from_fork+0x116/0x1d0 [ 16.254417] ? __pfx_kthread+0x10/0x10 [ 16.254439] ret_from_fork_asm+0x1a/0x30 [ 16.254490] </TASK> [ 16.254504] [ 16.262765] Allocated by task 282: [ 16.262942] kasan_save_stack+0x45/0x70 [ 16.263167] kasan_save_track+0x18/0x40 [ 16.263417] kasan_save_alloc_info+0x3b/0x50 [ 16.263681] __kasan_kmalloc+0xb7/0xc0 [ 16.263997] __kmalloc_cache_noprof+0x189/0x420 [ 16.264226] kasan_atomics+0x95/0x310 [ 16.264492] kunit_try_run_case+0x1a5/0x480 [ 16.264936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.265173] kthread+0x337/0x6f0 [ 16.265326] ret_from_fork+0x116/0x1d0 [ 16.265463] ret_from_fork_asm+0x1a/0x30 [ 16.265609] [ 16.265684] The buggy address belongs to the object at ffff8881031d0c00 [ 16.265684] which belongs to the cache kmalloc-64 of size 64 [ 16.266765] The buggy address is located 0 bytes to the right of [ 16.266765] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.268582] [ 16.268675] The buggy address belongs to the physical page: [ 16.269279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.269952] flags: 0x200000000000000(node=0|zone=2) [ 16.270412] page_type: f5(slab) [ 16.270736] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.271087] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.271406] page dumped because: kasan: bad access detected [ 16.271650] [ 16.271981] Memory state around the buggy address: [ 16.272517] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.273160] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.273612] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.274112] ^ [ 16.274478] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275020] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275497] ================================================================== [ 16.728829] ================================================================== [ 16.729426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 16.729836] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.730319] [ 16.730441] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.730486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.730500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.730524] Call Trace: [ 16.730540] <TASK> [ 16.730556] dump_stack_lvl+0x73/0xb0 [ 16.730584] print_report+0xd1/0x650 [ 16.730608] ? __virt_addr_valid+0x1db/0x2d0 [ 16.730631] ? kasan_atomics_helper+0xf10/0x5450 [ 16.730654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.730682] ? kasan_atomics_helper+0xf10/0x5450 [ 16.730705] kasan_report+0x141/0x180 [ 16.730754] ? kasan_atomics_helper+0xf10/0x5450 [ 16.730806] kasan_check_range+0x10c/0x1c0 [ 16.730833] __kasan_check_write+0x18/0x20 [ 16.730854] kasan_atomics_helper+0xf10/0x5450 [ 16.730879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.730902] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.730950] ? kasan_atomics+0x152/0x310 [ 16.730982] kasan_atomics+0x1dc/0x310 [ 16.731006] ? __pfx_kasan_atomics+0x10/0x10 [ 16.731033] ? __pfx_read_tsc+0x10/0x10 [ 16.731066] ? ktime_get_ts64+0x86/0x230 [ 16.731094] kunit_try_run_case+0x1a5/0x480 [ 16.731119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.731183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.731221] ? __kthread_parkme+0x82/0x180 [ 16.731242] ? preempt_count_sub+0x50/0x80 [ 16.731268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.731330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.731371] kthread+0x337/0x6f0 [ 16.731393] ? trace_preempt_on+0x20/0xc0 [ 16.731420] ? __pfx_kthread+0x10/0x10 [ 16.731442] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.731465] ? calculate_sigpending+0x7b/0xa0 [ 16.731490] ? __pfx_kthread+0x10/0x10 [ 16.731514] ret_from_fork+0x116/0x1d0 [ 16.731534] ? __pfx_kthread+0x10/0x10 [ 16.731556] ret_from_fork_asm+0x1a/0x30 [ 16.731590] </TASK> [ 16.731603] [ 16.740040] Allocated by task 282: [ 16.740251] kasan_save_stack+0x45/0x70 [ 16.740464] kasan_save_track+0x18/0x40 [ 16.740656] kasan_save_alloc_info+0x3b/0x50 [ 16.740928] __kasan_kmalloc+0xb7/0xc0 [ 16.741124] __kmalloc_cache_noprof+0x189/0x420 [ 16.741361] kasan_atomics+0x95/0x310 [ 16.741597] kunit_try_run_case+0x1a5/0x480 [ 16.741813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.742083] kthread+0x337/0x6f0 [ 16.742261] ret_from_fork+0x116/0x1d0 [ 16.742486] ret_from_fork_asm+0x1a/0x30 [ 16.742690] [ 16.742829] The buggy address belongs to the object at ffff8881031d0c00 [ 16.742829] which belongs to the cache kmalloc-64 of size 64 [ 16.743377] The buggy address is located 0 bytes to the right of [ 16.743377] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.743977] [ 16.744084] The buggy address belongs to the physical page: [ 16.744378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.744777] flags: 0x200000000000000(node=0|zone=2) [ 16.745038] page_type: f5(slab) [ 16.745247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.745500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.745781] page dumped because: kasan: bad access detected [ 16.745970] [ 16.746057] Memory state around the buggy address: [ 16.746299] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.746774] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.747185] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.747573] ^ [ 16.747840] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.748114] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.748347] ================================================================== [ 17.691879] ================================================================== [ 17.692251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 17.692611] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.692949] [ 17.693661] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.693713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.693727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.693751] Call Trace: [ 17.693769] <TASK> [ 17.693787] dump_stack_lvl+0x73/0xb0 [ 17.693923] print_report+0xd1/0x650 [ 17.693953] ? __virt_addr_valid+0x1db/0x2d0 [ 17.693979] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.694003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.694031] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.694068] kasan_report+0x141/0x180 [ 17.694092] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.694121] kasan_check_range+0x10c/0x1c0 [ 17.694147] __kasan_check_write+0x18/0x20 [ 17.694168] kasan_atomics_helper+0x20c8/0x5450 [ 17.694192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.694216] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.694243] ? kasan_atomics+0x152/0x310 [ 17.694272] kasan_atomics+0x1dc/0x310 [ 17.694297] ? __pfx_kasan_atomics+0x10/0x10 [ 17.694324] ? __pfx_read_tsc+0x10/0x10 [ 17.694347] ? ktime_get_ts64+0x86/0x230 [ 17.694373] kunit_try_run_case+0x1a5/0x480 [ 17.694399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.694423] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.694450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.694476] ? __kthread_parkme+0x82/0x180 [ 17.694497] ? preempt_count_sub+0x50/0x80 [ 17.694524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.694549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.694599] kthread+0x337/0x6f0 [ 17.694620] ? trace_preempt_on+0x20/0xc0 [ 17.694645] ? __pfx_kthread+0x10/0x10 [ 17.694668] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.694690] ? calculate_sigpending+0x7b/0xa0 [ 17.694716] ? __pfx_kthread+0x10/0x10 [ 17.694750] ret_from_fork+0x116/0x1d0 [ 17.694770] ? __pfx_kthread+0x10/0x10 [ 17.694793] ret_from_fork_asm+0x1a/0x30 [ 17.694827] </TASK> [ 17.694840] [ 17.706258] Allocated by task 282: [ 17.706585] kasan_save_stack+0x45/0x70 [ 17.706953] kasan_save_track+0x18/0x40 [ 17.707295] kasan_save_alloc_info+0x3b/0x50 [ 17.707535] __kasan_kmalloc+0xb7/0xc0 [ 17.707734] __kmalloc_cache_noprof+0x189/0x420 [ 17.708184] kasan_atomics+0x95/0x310 [ 17.708475] kunit_try_run_case+0x1a5/0x480 [ 17.708833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.709194] kthread+0x337/0x6f0 [ 17.709480] ret_from_fork+0x116/0x1d0 [ 17.709642] ret_from_fork_asm+0x1a/0x30 [ 17.710105] [ 17.710212] The buggy address belongs to the object at ffff8881031d0c00 [ 17.710212] which belongs to the cache kmalloc-64 of size 64 [ 17.711009] The buggy address is located 0 bytes to the right of [ 17.711009] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.711627] [ 17.711715] The buggy address belongs to the physical page: [ 17.712218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.712737] flags: 0x200000000000000(node=0|zone=2) [ 17.713078] page_type: f5(slab) [ 17.713266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.713765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.714113] page dumped because: kasan: bad access detected [ 17.714382] [ 17.714475] Memory state around the buggy address: [ 17.714702] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.715284] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.715684] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.716167] ^ [ 17.716484] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.716950] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.717337] ================================================================== [ 16.683223] ================================================================== [ 16.683919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 16.684769] Write of size 4 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 16.685171] [ 16.685332] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.685384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.685398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.685432] Call Trace: [ 16.685449] <TASK> [ 16.685467] dump_stack_lvl+0x73/0xb0 [ 16.685509] print_report+0xd1/0x650 [ 16.685538] ? __virt_addr_valid+0x1db/0x2d0 [ 16.685562] ? kasan_atomics_helper+0xde0/0x5450 [ 16.685585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.685612] ? kasan_atomics_helper+0xde0/0x5450 [ 16.685636] kasan_report+0x141/0x180 [ 16.685671] ? kasan_atomics_helper+0xde0/0x5450 [ 16.685700] kasan_check_range+0x10c/0x1c0 [ 16.685726] __kasan_check_write+0x18/0x20 [ 16.685759] kasan_atomics_helper+0xde0/0x5450 [ 16.685784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.685807] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.685834] ? kasan_atomics+0x152/0x310 [ 16.685864] kasan_atomics+0x1dc/0x310 [ 16.685889] ? __pfx_kasan_atomics+0x10/0x10 [ 16.685915] ? __pfx_read_tsc+0x10/0x10 [ 16.685939] ? ktime_get_ts64+0x86/0x230 [ 16.685965] kunit_try_run_case+0x1a5/0x480 [ 16.685990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.686014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.686040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.686075] ? __kthread_parkme+0x82/0x180 [ 16.686096] ? preempt_count_sub+0x50/0x80 [ 16.686123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.686148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.686173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.686198] kthread+0x337/0x6f0 [ 16.686219] ? trace_preempt_on+0x20/0xc0 [ 16.686244] ? __pfx_kthread+0x10/0x10 [ 16.686267] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.686290] ? calculate_sigpending+0x7b/0xa0 [ 16.686316] ? __pfx_kthread+0x10/0x10 [ 16.686339] ret_from_fork+0x116/0x1d0 [ 16.686359] ? __pfx_kthread+0x10/0x10 [ 16.686381] ret_from_fork_asm+0x1a/0x30 [ 16.686415] </TASK> [ 16.686429] [ 16.698625] Allocated by task 282: [ 16.698791] kasan_save_stack+0x45/0x70 [ 16.699164] kasan_save_track+0x18/0x40 [ 16.699541] kasan_save_alloc_info+0x3b/0x50 [ 16.699996] __kasan_kmalloc+0xb7/0xc0 [ 16.700380] __kmalloc_cache_noprof+0x189/0x420 [ 16.700853] kasan_atomics+0x95/0x310 [ 16.701246] kunit_try_run_case+0x1a5/0x480 [ 16.701681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702275] kthread+0x337/0x6f0 [ 16.702689] ret_from_fork+0x116/0x1d0 [ 16.703180] ret_from_fork_asm+0x1a/0x30 [ 16.703655] [ 16.703827] The buggy address belongs to the object at ffff8881031d0c00 [ 16.703827] which belongs to the cache kmalloc-64 of size 64 [ 16.704933] The buggy address is located 0 bytes to the right of [ 16.704933] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 16.705439] [ 16.705550] The buggy address belongs to the physical page: [ 16.705776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 16.706187] flags: 0x200000000000000(node=0|zone=2) [ 16.706433] page_type: f5(slab) [ 16.706596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.706910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.707260] page dumped because: kasan: bad access detected [ 16.707542] [ 16.707631] Memory state around the buggy address: [ 16.707928] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.708196] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.708558] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.708931] ^ [ 16.709160] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709480] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709741] ================================================================== [ 17.180601] ================================================================== [ 17.180945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 17.181286] Write of size 8 at addr ffff8881031d0c30 by task kunit_try_catch/282 [ 17.181613] [ 17.181718] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.181771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.181785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.181807] Call Trace: [ 17.181824] <TASK> [ 17.181842] dump_stack_lvl+0x73/0xb0 [ 17.181870] print_report+0xd1/0x650 [ 17.181893] ? __virt_addr_valid+0x1db/0x2d0 [ 17.181916] ? kasan_atomics_helper+0x164f/0x5450 [ 17.181939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.181965] ? kasan_atomics_helper+0x164f/0x5450 [ 17.181988] kasan_report+0x141/0x180 [ 17.182011] ? kasan_atomics_helper+0x164f/0x5450 [ 17.182039] kasan_check_range+0x10c/0x1c0 [ 17.182077] __kasan_check_write+0x18/0x20 [ 17.182098] kasan_atomics_helper+0x164f/0x5450 [ 17.182122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.182146] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.182172] ? kasan_atomics+0x152/0x310 [ 17.182200] kasan_atomics+0x1dc/0x310 [ 17.182224] ? __pfx_kasan_atomics+0x10/0x10 [ 17.182249] ? __pfx_read_tsc+0x10/0x10 [ 17.182272] ? ktime_get_ts64+0x86/0x230 [ 17.182297] kunit_try_run_case+0x1a5/0x480 [ 17.182323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.182346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.182370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.182394] ? __kthread_parkme+0x82/0x180 [ 17.182416] ? preempt_count_sub+0x50/0x80 [ 17.182442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.182467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.182492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.182515] kthread+0x337/0x6f0 [ 17.182535] ? trace_preempt_on+0x20/0xc0 [ 17.182560] ? __pfx_kthread+0x10/0x10 [ 17.182582] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.182604] ? calculate_sigpending+0x7b/0xa0 [ 17.182630] ? __pfx_kthread+0x10/0x10 [ 17.182654] ret_from_fork+0x116/0x1d0 [ 17.182674] ? __pfx_kthread+0x10/0x10 [ 17.182696] ret_from_fork_asm+0x1a/0x30 [ 17.182730] </TASK> [ 17.182742] [ 17.195687] Allocated by task 282: [ 17.196067] kasan_save_stack+0x45/0x70 [ 17.196448] kasan_save_track+0x18/0x40 [ 17.196868] kasan_save_alloc_info+0x3b/0x50 [ 17.197129] __kasan_kmalloc+0xb7/0xc0 [ 17.197276] __kmalloc_cache_noprof+0x189/0x420 [ 17.197445] kasan_atomics+0x95/0x310 [ 17.197595] kunit_try_run_case+0x1a5/0x480 [ 17.197792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.198290] kthread+0x337/0x6f0 [ 17.198619] ret_from_fork+0x116/0x1d0 [ 17.199032] ret_from_fork_asm+0x1a/0x30 [ 17.199440] [ 17.199610] The buggy address belongs to the object at ffff8881031d0c00 [ 17.199610] which belongs to the cache kmalloc-64 of size 64 [ 17.200975] The buggy address is located 0 bytes to the right of [ 17.200975] allocated 48-byte region [ffff8881031d0c00, ffff8881031d0c30) [ 17.202167] [ 17.202251] The buggy address belongs to the physical page: [ 17.202438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d0 [ 17.202697] flags: 0x200000000000000(node=0|zone=2) [ 17.203290] page_type: f5(slab) [ 17.203598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.204404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.205141] page dumped because: kasan: bad access detected [ 17.205656] [ 17.205821] Memory state around the buggy address: [ 17.206175] ffff8881031d0b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.206406] ffff8881031d0b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.206634] >ffff8881031d0c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.207144] ^ [ 17.207590] ffff8881031d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.208296] ffff8881031d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.208927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.866803] ================================================================== [ 15.867571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.868391] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.869084] [ 15.869279] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.869326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.869339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.869360] Call Trace: [ 15.869375] <TASK> [ 15.869392] dump_stack_lvl+0x73/0xb0 [ 15.869419] print_report+0xd1/0x650 [ 15.869442] ? __virt_addr_valid+0x1db/0x2d0 [ 15.869464] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.869492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.869520] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.869553] kasan_report+0x141/0x180 [ 15.869577] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.869611] kasan_check_range+0x10c/0x1c0 [ 15.869636] __kasan_check_write+0x18/0x20 [ 15.869656] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.869684] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.869737] ? kasan_save_alloc_info+0x3b/0x50 [ 15.869761] ? kasan_save_stack+0x45/0x70 [ 15.869786] kasan_bitops_generic+0x121/0x1c0 [ 15.869810] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.869836] ? __pfx_read_tsc+0x10/0x10 [ 15.869858] ? ktime_get_ts64+0x86/0x230 [ 15.869883] kunit_try_run_case+0x1a5/0x480 [ 15.869907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.869930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.869953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.869978] ? __kthread_parkme+0x82/0x180 [ 15.869998] ? preempt_count_sub+0x50/0x80 [ 15.870023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.870057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.870080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.870105] kthread+0x337/0x6f0 [ 15.870126] ? trace_preempt_on+0x20/0xc0 [ 15.870150] ? __pfx_kthread+0x10/0x10 [ 15.870172] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.870194] ? calculate_sigpending+0x7b/0xa0 [ 15.870218] ? __pfx_kthread+0x10/0x10 [ 15.870241] ret_from_fork+0x116/0x1d0 [ 15.870260] ? __pfx_kthread+0x10/0x10 [ 15.870282] ret_from_fork_asm+0x1a/0x30 [ 15.870315] </TASK> [ 15.870327] [ 15.883482] Allocated by task 278: [ 15.883624] kasan_save_stack+0x45/0x70 [ 15.883918] kasan_save_track+0x18/0x40 [ 15.884287] kasan_save_alloc_info+0x3b/0x50 [ 15.884675] __kasan_kmalloc+0xb7/0xc0 [ 15.885069] __kmalloc_cache_noprof+0x189/0x420 [ 15.885498] kasan_bitops_generic+0x92/0x1c0 [ 15.885915] kunit_try_run_case+0x1a5/0x480 [ 15.886305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.886807] kthread+0x337/0x6f0 [ 15.887122] ret_from_fork+0x116/0x1d0 [ 15.887475] ret_from_fork_asm+0x1a/0x30 [ 15.887870] [ 15.888032] The buggy address belongs to the object at ffff888102873120 [ 15.888032] which belongs to the cache kmalloc-16 of size 16 [ 15.888966] The buggy address is located 8 bytes inside of [ 15.888966] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.889470] [ 15.889649] The buggy address belongs to the physical page: [ 15.890168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.890880] flags: 0x200000000000000(node=0|zone=2) [ 15.891333] page_type: f5(slab) [ 15.891625] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.891999] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.892246] page dumped because: kasan: bad access detected [ 15.892425] [ 15.892498] Memory state around the buggy address: [ 15.892658] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.893243] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.893887] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.894512] ^ [ 15.894927] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.895557] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.896195] ================================================================== [ 15.926575] ================================================================== [ 15.926845] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.927155] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.927398] [ 15.927490] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.927535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.927547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.927570] Call Trace: [ 15.927587] <TASK> [ 15.927604] dump_stack_lvl+0x73/0xb0 [ 15.927631] print_report+0xd1/0x650 [ 15.927654] ? __virt_addr_valid+0x1db/0x2d0 [ 15.927677] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.927705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.927731] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.927760] kasan_report+0x141/0x180 [ 15.927783] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.927817] kasan_check_range+0x10c/0x1c0 [ 15.927842] __kasan_check_write+0x18/0x20 [ 15.927860] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.927889] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.927918] ? kasan_save_alloc_info+0x3b/0x50 [ 15.927942] ? kasan_save_stack+0x45/0x70 [ 15.927966] kasan_bitops_generic+0x121/0x1c0 [ 15.927990] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.928016] ? __pfx_read_tsc+0x10/0x10 [ 15.928037] ? ktime_get_ts64+0x86/0x230 [ 15.928241] kunit_try_run_case+0x1a5/0x480 [ 15.928268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.928292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.928317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.928341] ? __kthread_parkme+0x82/0x180 [ 15.928361] ? preempt_count_sub+0x50/0x80 [ 15.928386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.928411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.928434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.928458] kthread+0x337/0x6f0 [ 15.928479] ? trace_preempt_on+0x20/0xc0 [ 15.928502] ? __pfx_kthread+0x10/0x10 [ 15.928524] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.928545] ? calculate_sigpending+0x7b/0xa0 [ 15.928571] ? __pfx_kthread+0x10/0x10 [ 15.928594] ret_from_fork+0x116/0x1d0 [ 15.928612] ? __pfx_kthread+0x10/0x10 [ 15.928635] ret_from_fork_asm+0x1a/0x30 [ 15.928667] </TASK> [ 15.928679] [ 15.943283] Allocated by task 278: [ 15.943422] kasan_save_stack+0x45/0x70 [ 15.943571] kasan_save_track+0x18/0x40 [ 15.943737] kasan_save_alloc_info+0x3b/0x50 [ 15.944128] __kasan_kmalloc+0xb7/0xc0 [ 15.944461] __kmalloc_cache_noprof+0x189/0x420 [ 15.944890] kasan_bitops_generic+0x92/0x1c0 [ 15.945293] kunit_try_run_case+0x1a5/0x480 [ 15.945669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.946196] kthread+0x337/0x6f0 [ 15.946504] ret_from_fork+0x116/0x1d0 [ 15.946868] ret_from_fork_asm+0x1a/0x30 [ 15.947237] [ 15.947400] The buggy address belongs to the object at ffff888102873120 [ 15.947400] which belongs to the cache kmalloc-16 of size 16 [ 15.948192] The buggy address is located 8 bytes inside of [ 15.948192] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.948558] [ 15.948634] The buggy address belongs to the physical page: [ 15.949020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.949736] flags: 0x200000000000000(node=0|zone=2) [ 15.950180] page_type: f5(slab) [ 15.950481] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.951158] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.951823] page dumped because: kasan: bad access detected [ 15.952324] [ 15.952463] Memory state around the buggy address: [ 15.952624] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.953137] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.953781] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.954241] ^ [ 15.954398] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.954623] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.955129] ================================================================== [ 16.066715] ================================================================== [ 16.067356] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.067647] Read of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 16.068071] [ 16.068194] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.068238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068271] Call Trace: [ 16.068285] <TASK> [ 16.068301] dump_stack_lvl+0x73/0xb0 [ 16.068329] print_report+0xd1/0x650 [ 16.068352] ? __virt_addr_valid+0x1db/0x2d0 [ 16.068375] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.068401] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.068427] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.068454] kasan_report+0x141/0x180 [ 16.068478] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.068511] __asan_report_load8_noabort+0x18/0x20 [ 16.068536] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.068564] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.068594] ? kasan_save_alloc_info+0x3b/0x50 [ 16.068618] ? kasan_save_stack+0x45/0x70 [ 16.068642] kasan_bitops_generic+0x121/0x1c0 [ 16.068666] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.068691] ? __pfx_read_tsc+0x10/0x10 [ 16.068712] ? ktime_get_ts64+0x86/0x230 [ 16.068752] kunit_try_run_case+0x1a5/0x480 [ 16.068776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.068822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.068844] ? __kthread_parkme+0x82/0x180 [ 16.068865] ? preempt_count_sub+0x50/0x80 [ 16.068889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.068936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.068959] kthread+0x337/0x6f0 [ 16.068979] ? trace_preempt_on+0x20/0xc0 [ 16.069003] ? __pfx_kthread+0x10/0x10 [ 16.069024] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.069044] ? calculate_sigpending+0x7b/0xa0 [ 16.069079] ? __pfx_kthread+0x10/0x10 [ 16.069102] ret_from_fork+0x116/0x1d0 [ 16.069120] ? __pfx_kthread+0x10/0x10 [ 16.069141] ret_from_fork_asm+0x1a/0x30 [ 16.069173] </TASK> [ 16.069185] [ 16.077372] Allocated by task 278: [ 16.077572] kasan_save_stack+0x45/0x70 [ 16.077807] kasan_save_track+0x18/0x40 [ 16.077999] kasan_save_alloc_info+0x3b/0x50 [ 16.078195] __kasan_kmalloc+0xb7/0xc0 [ 16.078390] __kmalloc_cache_noprof+0x189/0x420 [ 16.078558] kasan_bitops_generic+0x92/0x1c0 [ 16.078838] kunit_try_run_case+0x1a5/0x480 [ 16.079071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.079315] kthread+0x337/0x6f0 [ 16.079488] ret_from_fork+0x116/0x1d0 [ 16.079652] ret_from_fork_asm+0x1a/0x30 [ 16.079829] [ 16.079932] The buggy address belongs to the object at ffff888102873120 [ 16.079932] which belongs to the cache kmalloc-16 of size 16 [ 16.080501] The buggy address is located 8 bytes inside of [ 16.080501] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 16.080989] [ 16.081099] The buggy address belongs to the physical page: [ 16.081369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 16.081659] flags: 0x200000000000000(node=0|zone=2) [ 16.081902] page_type: f5(slab) [ 16.082126] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.082432] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.082789] page dumped because: kasan: bad access detected [ 16.083129] [ 16.083204] Memory state around the buggy address: [ 16.083369] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 16.083600] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.083830] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.084190] ^ [ 16.084424] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.084814] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085164] ================================================================== [ 15.956641] ================================================================== [ 15.957334] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.958128] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.958666] [ 15.958821] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.958866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.958878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.958899] Call Trace: [ 15.958915] <TASK> [ 15.958930] dump_stack_lvl+0x73/0xb0 [ 15.958958] print_report+0xd1/0x650 [ 15.958981] ? __virt_addr_valid+0x1db/0x2d0 [ 15.959003] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.959030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.959068] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.959096] kasan_report+0x141/0x180 [ 15.959118] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.959151] kasan_check_range+0x10c/0x1c0 [ 15.959175] __kasan_check_write+0x18/0x20 [ 15.959194] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.959222] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.959250] ? kasan_save_alloc_info+0x3b/0x50 [ 15.959274] ? kasan_save_stack+0x45/0x70 [ 15.959297] kasan_bitops_generic+0x121/0x1c0 [ 15.959320] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.959345] ? __pfx_read_tsc+0x10/0x10 [ 15.959366] ? ktime_get_ts64+0x86/0x230 [ 15.959390] kunit_try_run_case+0x1a5/0x480 [ 15.959414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.959436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.959459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.959482] ? __kthread_parkme+0x82/0x180 [ 15.959501] ? preempt_count_sub+0x50/0x80 [ 15.959525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.959549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.959573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.959595] kthread+0x337/0x6f0 [ 15.959616] ? trace_preempt_on+0x20/0xc0 [ 15.959638] ? __pfx_kthread+0x10/0x10 [ 15.959659] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.959680] ? calculate_sigpending+0x7b/0xa0 [ 15.959704] ? __pfx_kthread+0x10/0x10 [ 15.959746] ret_from_fork+0x116/0x1d0 [ 15.959765] ? __pfx_kthread+0x10/0x10 [ 15.959785] ret_from_fork_asm+0x1a/0x30 [ 15.959817] </TASK> [ 15.959828] [ 15.972792] Allocated by task 278: [ 15.973142] kasan_save_stack+0x45/0x70 [ 15.973532] kasan_save_track+0x18/0x40 [ 15.973932] kasan_save_alloc_info+0x3b/0x50 [ 15.974358] __kasan_kmalloc+0xb7/0xc0 [ 15.974754] __kmalloc_cache_noprof+0x189/0x420 [ 15.974976] kasan_bitops_generic+0x92/0x1c0 [ 15.975307] kunit_try_run_case+0x1a5/0x480 [ 15.975699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.976167] kthread+0x337/0x6f0 [ 15.976299] ret_from_fork+0x116/0x1d0 [ 15.976443] ret_from_fork_asm+0x1a/0x30 [ 15.976595] [ 15.976672] The buggy address belongs to the object at ffff888102873120 [ 15.976672] which belongs to the cache kmalloc-16 of size 16 [ 15.977799] The buggy address is located 8 bytes inside of [ 15.977799] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.978885] [ 15.979063] The buggy address belongs to the physical page: [ 15.979563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.980035] flags: 0x200000000000000(node=0|zone=2) [ 15.980224] page_type: f5(slab) [ 15.980357] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.980604] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.981179] page dumped because: kasan: bad access detected [ 15.981680] [ 15.981871] Memory state around the buggy address: [ 15.982317] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.982965] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.983617] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.984262] ^ [ 15.984677] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.985222] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.985449] ================================================================== [ 15.837376] ================================================================== [ 15.838464] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.839350] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.839867] [ 15.839960] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.840006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.840019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.840040] Call Trace: [ 15.840417] <TASK> [ 15.840440] dump_stack_lvl+0x73/0xb0 [ 15.840471] print_report+0xd1/0x650 [ 15.840493] ? __virt_addr_valid+0x1db/0x2d0 [ 15.840516] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.840544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.840569] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.840596] kasan_report+0x141/0x180 [ 15.840618] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.840649] kasan_check_range+0x10c/0x1c0 [ 15.840673] __kasan_check_write+0x18/0x20 [ 15.840692] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.840748] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.840778] ? kasan_save_alloc_info+0x3b/0x50 [ 15.840801] ? kasan_save_stack+0x45/0x70 [ 15.840825] kasan_bitops_generic+0x121/0x1c0 [ 15.840849] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.840873] ? __pfx_read_tsc+0x10/0x10 [ 15.840893] ? ktime_get_ts64+0x86/0x230 [ 15.840918] kunit_try_run_case+0x1a5/0x480 [ 15.840941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.840986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.841008] ? __kthread_parkme+0x82/0x180 [ 15.841027] ? preempt_count_sub+0x50/0x80 [ 15.841062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.841107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.841130] kthread+0x337/0x6f0 [ 15.841149] ? trace_preempt_on+0x20/0xc0 [ 15.841171] ? __pfx_kthread+0x10/0x10 [ 15.841192] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.841212] ? calculate_sigpending+0x7b/0xa0 [ 15.841236] ? __pfx_kthread+0x10/0x10 [ 15.841257] ret_from_fork+0x116/0x1d0 [ 15.841275] ? __pfx_kthread+0x10/0x10 [ 15.841295] ret_from_fork_asm+0x1a/0x30 [ 15.841327] </TASK> [ 15.841338] [ 15.854241] Allocated by task 278: [ 15.854380] kasan_save_stack+0x45/0x70 [ 15.854527] kasan_save_track+0x18/0x40 [ 15.854667] kasan_save_alloc_info+0x3b/0x50 [ 15.855055] __kasan_kmalloc+0xb7/0xc0 [ 15.855398] __kmalloc_cache_noprof+0x189/0x420 [ 15.855837] kasan_bitops_generic+0x92/0x1c0 [ 15.856269] kunit_try_run_case+0x1a5/0x480 [ 15.856646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.857151] kthread+0x337/0x6f0 [ 15.857468] ret_from_fork+0x116/0x1d0 [ 15.857845] ret_from_fork_asm+0x1a/0x30 [ 15.858235] [ 15.858339] The buggy address belongs to the object at ffff888102873120 [ 15.858339] which belongs to the cache kmalloc-16 of size 16 [ 15.858732] The buggy address is located 8 bytes inside of [ 15.858732] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.859794] [ 15.859959] The buggy address belongs to the physical page: [ 15.860465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.861038] flags: 0x200000000000000(node=0|zone=2) [ 15.861224] page_type: f5(slab) [ 15.861355] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.861609] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.862157] page dumped because: kasan: bad access detected [ 15.862653] [ 15.862839] Memory state around the buggy address: [ 15.863269] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.863926] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.864564] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.865236] ^ [ 15.865666] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.865966] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.866207] ================================================================== [ 16.045357] ================================================================== [ 16.046006] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.046865] Read of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 16.047502] [ 16.047680] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.047727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.047753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.047775] Call Trace: [ 16.047791] <TASK> [ 16.047807] dump_stack_lvl+0x73/0xb0 [ 16.047835] print_report+0xd1/0x650 [ 16.047858] ? __virt_addr_valid+0x1db/0x2d0 [ 16.047880] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.047907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.047933] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.047961] kasan_report+0x141/0x180 [ 16.047982] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.048014] kasan_check_range+0x10c/0x1c0 [ 16.048037] __kasan_check_read+0x15/0x20 [ 16.048078] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.048105] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.048134] ? kasan_save_alloc_info+0x3b/0x50 [ 16.048157] ? kasan_save_stack+0x45/0x70 [ 16.048181] kasan_bitops_generic+0x121/0x1c0 [ 16.048204] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.048229] ? __pfx_read_tsc+0x10/0x10 [ 16.048250] ? ktime_get_ts64+0x86/0x230 [ 16.048277] kunit_try_run_case+0x1a5/0x480 [ 16.048302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.048324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.048346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.048369] ? __kthread_parkme+0x82/0x180 [ 16.048389] ? preempt_count_sub+0x50/0x80 [ 16.048411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.048434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.048457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.048479] kthread+0x337/0x6f0 [ 16.048498] ? trace_preempt_on+0x20/0xc0 [ 16.048522] ? __pfx_kthread+0x10/0x10 [ 16.048541] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.048562] ? calculate_sigpending+0x7b/0xa0 [ 16.048585] ? __pfx_kthread+0x10/0x10 [ 16.048608] ret_from_fork+0x116/0x1d0 [ 16.048627] ? __pfx_kthread+0x10/0x10 [ 16.048646] ret_from_fork_asm+0x1a/0x30 [ 16.048677] </TASK> [ 16.048688] [ 16.058164] Allocated by task 278: [ 16.058359] kasan_save_stack+0x45/0x70 [ 16.058615] kasan_save_track+0x18/0x40 [ 16.058921] kasan_save_alloc_info+0x3b/0x50 [ 16.059094] __kasan_kmalloc+0xb7/0xc0 [ 16.059232] __kmalloc_cache_noprof+0x189/0x420 [ 16.059396] kasan_bitops_generic+0x92/0x1c0 [ 16.059613] kunit_try_run_case+0x1a5/0x480 [ 16.059955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.060228] kthread+0x337/0x6f0 [ 16.060626] ret_from_fork+0x116/0x1d0 [ 16.060842] ret_from_fork_asm+0x1a/0x30 [ 16.061032] [ 16.061140] The buggy address belongs to the object at ffff888102873120 [ 16.061140] which belongs to the cache kmalloc-16 of size 16 [ 16.061552] The buggy address is located 8 bytes inside of [ 16.061552] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 16.062026] [ 16.062137] The buggy address belongs to the physical page: [ 16.062370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 16.062619] flags: 0x200000000000000(node=0|zone=2) [ 16.062976] page_type: f5(slab) [ 16.063161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.063516] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.063836] page dumped because: kasan: bad access detected [ 16.064110] [ 16.064192] Memory state around the buggy address: [ 16.064415] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 16.064681] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.065037] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.065327] ^ [ 16.065534] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.065842] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.066141] ================================================================== [ 16.015013] ================================================================== [ 16.015690] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.016508] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 16.017191] [ 16.017311] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.017357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.017369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.017391] Call Trace: [ 16.017407] <TASK> [ 16.017424] dump_stack_lvl+0x73/0xb0 [ 16.017453] print_report+0xd1/0x650 [ 16.017475] ? __virt_addr_valid+0x1db/0x2d0 [ 16.017498] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.017531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.017558] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.017587] kasan_report+0x141/0x180 [ 16.017609] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.017643] kasan_check_range+0x10c/0x1c0 [ 16.017667] __kasan_check_write+0x18/0x20 [ 16.017687] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.017742] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.017773] ? kasan_save_alloc_info+0x3b/0x50 [ 16.017796] ? kasan_save_stack+0x45/0x70 [ 16.017821] kasan_bitops_generic+0x121/0x1c0 [ 16.017846] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.017872] ? __pfx_read_tsc+0x10/0x10 [ 16.017892] ? ktime_get_ts64+0x86/0x230 [ 16.017918] kunit_try_run_case+0x1a5/0x480 [ 16.017942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.017964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.017989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.018012] ? __kthread_parkme+0x82/0x180 [ 16.018032] ? preempt_count_sub+0x50/0x80 [ 16.018066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.018090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.018114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.018137] kthread+0x337/0x6f0 [ 16.018157] ? trace_preempt_on+0x20/0xc0 [ 16.018181] ? __pfx_kthread+0x10/0x10 [ 16.018203] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.018224] ? calculate_sigpending+0x7b/0xa0 [ 16.018248] ? __pfx_kthread+0x10/0x10 [ 16.018270] ret_from_fork+0x116/0x1d0 [ 16.018289] ? __pfx_kthread+0x10/0x10 [ 16.018310] ret_from_fork_asm+0x1a/0x30 [ 16.018343] </TASK> [ 16.018355] [ 16.031741] Allocated by task 278: [ 16.032091] kasan_save_stack+0x45/0x70 [ 16.032471] kasan_save_track+0x18/0x40 [ 16.033242] kasan_save_alloc_info+0x3b/0x50 [ 16.033747] __kasan_kmalloc+0xb7/0xc0 [ 16.034159] __kmalloc_cache_noprof+0x189/0x420 [ 16.034581] kasan_bitops_generic+0x92/0x1c0 [ 16.034997] kunit_try_run_case+0x1a5/0x480 [ 16.035395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.035612] kthread+0x337/0x6f0 [ 16.035754] ret_from_fork+0x116/0x1d0 [ 16.035899] ret_from_fork_asm+0x1a/0x30 [ 16.036073] [ 16.036245] The buggy address belongs to the object at ffff888102873120 [ 16.036245] which belongs to the cache kmalloc-16 of size 16 [ 16.037300] The buggy address is located 8 bytes inside of [ 16.037300] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 16.038139] [ 16.038221] The buggy address belongs to the physical page: [ 16.038405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 16.038660] flags: 0x200000000000000(node=0|zone=2) [ 16.038833] page_type: f5(slab) [ 16.040193] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.040489] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.040736] page dumped because: kasan: bad access detected [ 16.040917] [ 16.041013] Memory state around the buggy address: [ 16.041245] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 16.041568] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.041877] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.043190] ^ [ 16.043362] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043589] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043812] ================================================================== [ 15.986069] ================================================================== [ 15.986743] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.987516] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.988193] [ 15.988376] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.988420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.988432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.988454] Call Trace: [ 15.988469] <TASK> [ 15.988484] dump_stack_lvl+0x73/0xb0 [ 15.988510] print_report+0xd1/0x650 [ 15.988532] ? __virt_addr_valid+0x1db/0x2d0 [ 15.988555] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.988583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.988609] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.988637] kasan_report+0x141/0x180 [ 15.988659] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.988692] kasan_check_range+0x10c/0x1c0 [ 15.988739] __kasan_check_write+0x18/0x20 [ 15.988759] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.988786] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.988815] ? kasan_save_alloc_info+0x3b/0x50 [ 15.988839] ? kasan_save_stack+0x45/0x70 [ 15.988863] kasan_bitops_generic+0x121/0x1c0 [ 15.988886] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.988911] ? __pfx_read_tsc+0x10/0x10 [ 15.988932] ? ktime_get_ts64+0x86/0x230 [ 15.988957] kunit_try_run_case+0x1a5/0x480 [ 15.988981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.989002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.989025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.989060] ? __kthread_parkme+0x82/0x180 [ 15.989080] ? preempt_count_sub+0x50/0x80 [ 15.989103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.989126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.989148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.989171] kthread+0x337/0x6f0 [ 15.989191] ? trace_preempt_on+0x20/0xc0 [ 15.989214] ? __pfx_kthread+0x10/0x10 [ 15.989235] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.989255] ? calculate_sigpending+0x7b/0xa0 [ 15.989278] ? __pfx_kthread+0x10/0x10 [ 15.989299] ret_from_fork+0x116/0x1d0 [ 15.989317] ? __pfx_kthread+0x10/0x10 [ 15.989337] ret_from_fork_asm+0x1a/0x30 [ 15.989369] </TASK> [ 15.989380] [ 16.001534] Allocated by task 278: [ 16.001875] kasan_save_stack+0x45/0x70 [ 16.002242] kasan_save_track+0x18/0x40 [ 16.002623] kasan_save_alloc_info+0x3b/0x50 [ 16.003037] __kasan_kmalloc+0xb7/0xc0 [ 16.003400] __kmalloc_cache_noprof+0x189/0x420 [ 16.003842] kasan_bitops_generic+0x92/0x1c0 [ 16.004236] kunit_try_run_case+0x1a5/0x480 [ 16.004625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.005140] kthread+0x337/0x6f0 [ 16.005456] ret_from_fork+0x116/0x1d0 [ 16.005835] ret_from_fork_asm+0x1a/0x30 [ 16.006213] [ 16.006292] The buggy address belongs to the object at ffff888102873120 [ 16.006292] which belongs to the cache kmalloc-16 of size 16 [ 16.006654] The buggy address is located 8 bytes inside of [ 16.006654] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 16.007648] [ 16.007833] The buggy address belongs to the physical page: [ 16.008317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 16.009013] flags: 0x200000000000000(node=0|zone=2) [ 16.009362] page_type: f5(slab) [ 16.009489] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.009766] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.010448] page dumped because: kasan: bad access detected [ 16.010956] [ 16.011127] Memory state around the buggy address: [ 16.011559] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 16.012069] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.012295] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.012518] ^ [ 16.012672] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013284] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013959] ================================================================== [ 15.897161] ================================================================== [ 15.897817] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.898209] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.898873] [ 15.899060] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.899105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.899118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.899138] Call Trace: [ 15.899153] <TASK> [ 15.899168] dump_stack_lvl+0x73/0xb0 [ 15.899194] print_report+0xd1/0x650 [ 15.899216] ? __virt_addr_valid+0x1db/0x2d0 [ 15.899239] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.899268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.899294] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.899321] kasan_report+0x141/0x180 [ 15.899343] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.899376] kasan_check_range+0x10c/0x1c0 [ 15.899399] __kasan_check_write+0x18/0x20 [ 15.899418] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.899446] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.899475] ? kasan_save_alloc_info+0x3b/0x50 [ 15.899498] ? kasan_save_stack+0x45/0x70 [ 15.899522] kasan_bitops_generic+0x121/0x1c0 [ 15.899545] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.899570] ? __pfx_read_tsc+0x10/0x10 [ 15.899590] ? ktime_get_ts64+0x86/0x230 [ 15.899616] kunit_try_run_case+0x1a5/0x480 [ 15.899639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.899662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.899686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.899708] ? __kthread_parkme+0x82/0x180 [ 15.899750] ? preempt_count_sub+0x50/0x80 [ 15.899774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.899798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.899820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.899843] kthread+0x337/0x6f0 [ 15.899862] ? trace_preempt_on+0x20/0xc0 [ 15.899886] ? __pfx_kthread+0x10/0x10 [ 15.899906] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.899927] ? calculate_sigpending+0x7b/0xa0 [ 15.899950] ? __pfx_kthread+0x10/0x10 [ 15.899971] ret_from_fork+0x116/0x1d0 [ 15.899990] ? __pfx_kthread+0x10/0x10 [ 15.900010] ret_from_fork_asm+0x1a/0x30 [ 15.900041] </TASK> [ 15.900061] [ 15.913148] Allocated by task 278: [ 15.913489] kasan_save_stack+0x45/0x70 [ 15.913898] kasan_save_track+0x18/0x40 [ 15.914109] kasan_save_alloc_info+0x3b/0x50 [ 15.914269] __kasan_kmalloc+0xb7/0xc0 [ 15.914411] __kmalloc_cache_noprof+0x189/0x420 [ 15.914577] kasan_bitops_generic+0x92/0x1c0 [ 15.914790] kunit_try_run_case+0x1a5/0x480 [ 15.915231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.915734] kthread+0x337/0x6f0 [ 15.916067] ret_from_fork+0x116/0x1d0 [ 15.916434] ret_from_fork_asm+0x1a/0x30 [ 15.916832] [ 15.917001] The buggy address belongs to the object at ffff888102873120 [ 15.917001] which belongs to the cache kmalloc-16 of size 16 [ 15.918128] The buggy address is located 8 bytes inside of [ 15.918128] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.919035] [ 15.919218] The buggy address belongs to the physical page: [ 15.919436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.919693] flags: 0x200000000000000(node=0|zone=2) [ 15.920171] page_type: f5(slab) [ 15.920477] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.921201] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.921920] page dumped because: kasan: bad access detected [ 15.922190] [ 15.922267] Memory state around the buggy address: [ 15.922436] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.922671] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.923326] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.923996] ^ [ 15.924429] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.925123] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.925786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.629956] ================================================================== [ 15.630463] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.630978] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.631507] [ 15.631628] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.631677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.631777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.631814] Call Trace: [ 15.631827] <TASK> [ 15.631843] dump_stack_lvl+0x73/0xb0 [ 15.631888] print_report+0xd1/0x650 [ 15.631910] ? __virt_addr_valid+0x1db/0x2d0 [ 15.631934] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.631960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.631986] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.632012] kasan_report+0x141/0x180 [ 15.632043] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.632084] kasan_check_range+0x10c/0x1c0 [ 15.632118] __kasan_check_write+0x18/0x20 [ 15.632138] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.632164] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.632192] ? kasan_save_alloc_info+0x3b/0x50 [ 15.632215] ? kasan_save_stack+0x45/0x70 [ 15.632240] kasan_bitops_generic+0x116/0x1c0 [ 15.632264] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.632289] ? __pfx_read_tsc+0x10/0x10 [ 15.632311] ? ktime_get_ts64+0x86/0x230 [ 15.632338] kunit_try_run_case+0x1a5/0x480 [ 15.632365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.632416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.632441] ? __kthread_parkme+0x82/0x180 [ 15.632462] ? preempt_count_sub+0x50/0x80 [ 15.632488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.632535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.632559] kthread+0x337/0x6f0 [ 15.632580] ? trace_preempt_on+0x20/0xc0 [ 15.632605] ? __pfx_kthread+0x10/0x10 [ 15.632626] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.632647] ? calculate_sigpending+0x7b/0xa0 [ 15.632671] ? __pfx_kthread+0x10/0x10 [ 15.632763] ret_from_fork+0x116/0x1d0 [ 15.632788] ? __pfx_kthread+0x10/0x10 [ 15.632810] ret_from_fork_asm+0x1a/0x30 [ 15.632843] </TASK> [ 15.632855] [ 15.641821] Allocated by task 278: [ 15.642028] kasan_save_stack+0x45/0x70 [ 15.642278] kasan_save_track+0x18/0x40 [ 15.642478] kasan_save_alloc_info+0x3b/0x50 [ 15.642798] __kasan_kmalloc+0xb7/0xc0 [ 15.643004] __kmalloc_cache_noprof+0x189/0x420 [ 15.643180] kasan_bitops_generic+0x92/0x1c0 [ 15.643372] kunit_try_run_case+0x1a5/0x480 [ 15.643599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.643944] kthread+0x337/0x6f0 [ 15.644103] ret_from_fork+0x116/0x1d0 [ 15.644329] ret_from_fork_asm+0x1a/0x30 [ 15.644499] [ 15.644622] The buggy address belongs to the object at ffff888102873120 [ 15.644622] which belongs to the cache kmalloc-16 of size 16 [ 15.645146] The buggy address is located 8 bytes inside of [ 15.645146] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.645887] [ 15.645982] The buggy address belongs to the physical page: [ 15.646178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.646544] flags: 0x200000000000000(node=0|zone=2) [ 15.646801] page_type: f5(slab) [ 15.646944] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.647232] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.647587] page dumped because: kasan: bad access detected [ 15.647847] [ 15.647945] Memory state around the buggy address: [ 15.648387] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.648767] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.649133] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.649447] ^ [ 15.649635] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.650066] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.650361] ================================================================== [ 15.694900] ================================================================== [ 15.695242] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.695608] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.695907] [ 15.695996] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.696039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.696060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.696082] Call Trace: [ 15.696095] <TASK> [ 15.696110] dump_stack_lvl+0x73/0xb0 [ 15.696136] print_report+0xd1/0x650 [ 15.696157] ? __virt_addr_valid+0x1db/0x2d0 [ 15.696179] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.696204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.696229] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.696255] kasan_report+0x141/0x180 [ 15.696277] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.696307] kasan_check_range+0x10c/0x1c0 [ 15.696331] __kasan_check_write+0x18/0x20 [ 15.696350] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.696376] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.696403] ? kasan_save_alloc_info+0x3b/0x50 [ 15.696427] ? kasan_save_stack+0x45/0x70 [ 15.696451] kasan_bitops_generic+0x116/0x1c0 [ 15.696473] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.696499] ? __pfx_read_tsc+0x10/0x10 [ 15.696519] ? ktime_get_ts64+0x86/0x230 [ 15.696544] kunit_try_run_case+0x1a5/0x480 [ 15.696567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.696588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.696612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.696634] ? __kthread_parkme+0x82/0x180 [ 15.696655] ? preempt_count_sub+0x50/0x80 [ 15.696678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.696702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.696725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.696748] kthread+0x337/0x6f0 [ 15.696768] ? trace_preempt_on+0x20/0xc0 [ 15.696791] ? __pfx_kthread+0x10/0x10 [ 15.696811] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.696832] ? calculate_sigpending+0x7b/0xa0 [ 15.696855] ? __pfx_kthread+0x10/0x10 [ 15.696878] ret_from_fork+0x116/0x1d0 [ 15.696896] ? __pfx_kthread+0x10/0x10 [ 15.696917] ret_from_fork_asm+0x1a/0x30 [ 15.696949] </TASK> [ 15.696959] [ 15.707091] Allocated by task 278: [ 15.707295] kasan_save_stack+0x45/0x70 [ 15.707498] kasan_save_track+0x18/0x40 [ 15.707682] kasan_save_alloc_info+0x3b/0x50 [ 15.707889] __kasan_kmalloc+0xb7/0xc0 [ 15.708500] __kmalloc_cache_noprof+0x189/0x420 [ 15.708886] kasan_bitops_generic+0x92/0x1c0 [ 15.709155] kunit_try_run_case+0x1a5/0x480 [ 15.709398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709596] kthread+0x337/0x6f0 [ 15.710003] ret_from_fork+0x116/0x1d0 [ 15.710234] ret_from_fork_asm+0x1a/0x30 [ 15.710539] [ 15.710659] The buggy address belongs to the object at ffff888102873120 [ 15.710659] which belongs to the cache kmalloc-16 of size 16 [ 15.711402] The buggy address is located 8 bytes inside of [ 15.711402] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.712090] [ 15.712206] The buggy address belongs to the physical page: [ 15.712489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.713169] flags: 0x200000000000000(node=0|zone=2) [ 15.713436] page_type: f5(slab) [ 15.713610] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.714129] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.714484] page dumped because: kasan: bad access detected [ 15.714736] [ 15.714837] Memory state around the buggy address: [ 15.715076] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.715408] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.715729] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.716127] ^ [ 15.716345] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.716594] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.717105] ================================================================== [ 15.719469] ================================================================== [ 15.719924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.720225] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.720471] [ 15.720568] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.720616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.720629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.720652] Call Trace: [ 15.720665] <TASK> [ 15.720681] dump_stack_lvl+0x73/0xb0 [ 15.720709] print_report+0xd1/0x650 [ 15.720733] ? __virt_addr_valid+0x1db/0x2d0 [ 15.720756] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.720783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.720810] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.720837] kasan_report+0x141/0x180 [ 15.720860] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.721290] kasan_check_range+0x10c/0x1c0 [ 15.721353] __kasan_check_write+0x18/0x20 [ 15.721454] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.721559] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.721591] ? kasan_save_alloc_info+0x3b/0x50 [ 15.721616] ? kasan_save_stack+0x45/0x70 [ 15.721641] kasan_bitops_generic+0x116/0x1c0 [ 15.721667] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.721693] ? __pfx_read_tsc+0x10/0x10 [ 15.721715] ? ktime_get_ts64+0x86/0x230 [ 15.721741] kunit_try_run_case+0x1a5/0x480 [ 15.721766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.721789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.721813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.721837] ? __kthread_parkme+0x82/0x180 [ 15.721857] ? preempt_count_sub+0x50/0x80 [ 15.721882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.721906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.721930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.721953] kthread+0x337/0x6f0 [ 15.721974] ? trace_preempt_on+0x20/0xc0 [ 15.721998] ? __pfx_kthread+0x10/0x10 [ 15.722021] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.722044] ? calculate_sigpending+0x7b/0xa0 [ 15.722080] ? __pfx_kthread+0x10/0x10 [ 15.722103] ret_from_fork+0x116/0x1d0 [ 15.722123] ? __pfx_kthread+0x10/0x10 [ 15.722145] ret_from_fork_asm+0x1a/0x30 [ 15.722180] </TASK> [ 15.722192] [ 15.737173] Allocated by task 278: [ 15.737335] kasan_save_stack+0x45/0x70 [ 15.737549] kasan_save_track+0x18/0x40 [ 15.737695] kasan_save_alloc_info+0x3b/0x50 [ 15.738312] __kasan_kmalloc+0xb7/0xc0 [ 15.738555] __kmalloc_cache_noprof+0x189/0x420 [ 15.738801] kasan_bitops_generic+0x92/0x1c0 [ 15.739132] kunit_try_run_case+0x1a5/0x480 [ 15.739404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.739632] kthread+0x337/0x6f0 [ 15.739804] ret_from_fork+0x116/0x1d0 [ 15.740220] ret_from_fork_asm+0x1a/0x30 [ 15.740406] [ 15.740497] The buggy address belongs to the object at ffff888102873120 [ 15.740497] which belongs to the cache kmalloc-16 of size 16 [ 15.741123] The buggy address is located 8 bytes inside of [ 15.741123] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.741627] [ 15.741729] The buggy address belongs to the physical page: [ 15.741945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.742305] flags: 0x200000000000000(node=0|zone=2) [ 15.742529] page_type: f5(slab) [ 15.742677] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.743433] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.743740] page dumped because: kasan: bad access detected [ 15.744099] [ 15.744202] Memory state around the buggy address: [ 15.744549] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.745013] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.745410] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.745725] ^ [ 15.746081] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746459] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746890] ================================================================== [ 15.779647] ================================================================== [ 15.779992] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.781345] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.781604] [ 15.781700] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.782679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.782695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.782737] Call Trace: [ 15.782755] <TASK> [ 15.782772] dump_stack_lvl+0x73/0xb0 [ 15.782803] print_report+0xd1/0x650 [ 15.782826] ? __virt_addr_valid+0x1db/0x2d0 [ 15.782849] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.782875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.782901] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.782926] kasan_report+0x141/0x180 [ 15.782949] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.782979] kasan_check_range+0x10c/0x1c0 [ 15.783003] __kasan_check_write+0x18/0x20 [ 15.783022] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.783058] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.783095] ? kasan_save_alloc_info+0x3b/0x50 [ 15.783119] ? kasan_save_stack+0x45/0x70 [ 15.783143] kasan_bitops_generic+0x116/0x1c0 [ 15.783166] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.783192] ? __pfx_read_tsc+0x10/0x10 [ 15.783213] ? ktime_get_ts64+0x86/0x230 [ 15.783237] kunit_try_run_case+0x1a5/0x480 [ 15.783260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.783304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.783328] ? __kthread_parkme+0x82/0x180 [ 15.783348] ? preempt_count_sub+0x50/0x80 [ 15.783372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.783439] kthread+0x337/0x6f0 [ 15.783458] ? trace_preempt_on+0x20/0xc0 [ 15.783481] ? __pfx_kthread+0x10/0x10 [ 15.783501] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.783521] ? calculate_sigpending+0x7b/0xa0 [ 15.783544] ? __pfx_kthread+0x10/0x10 [ 15.783566] ret_from_fork+0x116/0x1d0 [ 15.783584] ? __pfx_kthread+0x10/0x10 [ 15.783604] ret_from_fork_asm+0x1a/0x30 [ 15.783635] </TASK> [ 15.783646] [ 15.795002] Allocated by task 278: [ 15.795339] kasan_save_stack+0x45/0x70 [ 15.795731] kasan_save_track+0x18/0x40 [ 15.796096] kasan_save_alloc_info+0x3b/0x50 [ 15.796498] __kasan_kmalloc+0xb7/0xc0 [ 15.796879] __kmalloc_cache_noprof+0x189/0x420 [ 15.797307] kasan_bitops_generic+0x92/0x1c0 [ 15.797516] kunit_try_run_case+0x1a5/0x480 [ 15.797673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.798173] kthread+0x337/0x6f0 [ 15.798492] ret_from_fork+0x116/0x1d0 [ 15.798878] ret_from_fork_asm+0x1a/0x30 [ 15.799246] [ 15.799320] The buggy address belongs to the object at ffff888102873120 [ 15.799320] which belongs to the cache kmalloc-16 of size 16 [ 15.799681] The buggy address is located 8 bytes inside of [ 15.799681] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.800768] [ 15.800935] The buggy address belongs to the physical page: [ 15.801422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.802145] flags: 0x200000000000000(node=0|zone=2) [ 15.802415] page_type: f5(slab) [ 15.802545] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.802931] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.803603] page dumped because: kasan: bad access detected [ 15.804110] [ 15.804271] Memory state around the buggy address: [ 15.804706] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.805001] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.805234] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.805457] ^ [ 15.805617] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.806116] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.806743] ================================================================== [ 15.672246] ================================================================== [ 15.672623] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.673141] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.673497] [ 15.673637] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.673683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.673810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.673833] Call Trace: [ 15.673850] <TASK> [ 15.673879] dump_stack_lvl+0x73/0xb0 [ 15.673910] print_report+0xd1/0x650 [ 15.673933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.673957] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.673984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.674011] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.674037] kasan_report+0x141/0x180 [ 15.674070] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.674103] kasan_check_range+0x10c/0x1c0 [ 15.674163] __kasan_check_write+0x18/0x20 [ 15.674183] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.674221] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.674249] ? kasan_save_alloc_info+0x3b/0x50 [ 15.674274] ? kasan_save_stack+0x45/0x70 [ 15.674299] kasan_bitops_generic+0x116/0x1c0 [ 15.674323] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.674350] ? __pfx_read_tsc+0x10/0x10 [ 15.674373] ? ktime_get_ts64+0x86/0x230 [ 15.674397] kunit_try_run_case+0x1a5/0x480 [ 15.674422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.674469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.674524] ? __kthread_parkme+0x82/0x180 [ 15.674546] ? preempt_count_sub+0x50/0x80 [ 15.674571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.674655] kthread+0x337/0x6f0 [ 15.674677] ? trace_preempt_on+0x20/0xc0 [ 15.674781] ? __pfx_kthread+0x10/0x10 [ 15.674804] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.674827] ? calculate_sigpending+0x7b/0xa0 [ 15.674853] ? __pfx_kthread+0x10/0x10 [ 15.674876] ret_from_fork+0x116/0x1d0 [ 15.674896] ? __pfx_kthread+0x10/0x10 [ 15.674918] ret_from_fork_asm+0x1a/0x30 [ 15.674952] </TASK> [ 15.674964] [ 15.684295] Allocated by task 278: [ 15.684490] kasan_save_stack+0x45/0x70 [ 15.684794] kasan_save_track+0x18/0x40 [ 15.684959] kasan_save_alloc_info+0x3b/0x50 [ 15.685231] __kasan_kmalloc+0xb7/0xc0 [ 15.685448] __kmalloc_cache_noprof+0x189/0x420 [ 15.685862] kasan_bitops_generic+0x92/0x1c0 [ 15.686060] kunit_try_run_case+0x1a5/0x480 [ 15.686323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.686534] kthread+0x337/0x6f0 [ 15.686666] ret_from_fork+0x116/0x1d0 [ 15.687084] ret_from_fork_asm+0x1a/0x30 [ 15.687326] [ 15.687431] The buggy address belongs to the object at ffff888102873120 [ 15.687431] which belongs to the cache kmalloc-16 of size 16 [ 15.688257] The buggy address is located 8 bytes inside of [ 15.688257] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.688901] [ 15.689007] The buggy address belongs to the physical page: [ 15.689274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.689642] flags: 0x200000000000000(node=0|zone=2) [ 15.690015] page_type: f5(slab) [ 15.690209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.690584] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.691068] page dumped because: kasan: bad access detected [ 15.691304] [ 15.691402] Memory state around the buggy address: [ 15.691653] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.692140] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.692445] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.693012] ^ [ 15.693261] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.693621] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694076] ================================================================== [ 15.807888] ================================================================== [ 15.808561] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.809345] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.810004] [ 15.810204] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.810249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.810262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.810283] Call Trace: [ 15.810298] <TASK> [ 15.810313] dump_stack_lvl+0x73/0xb0 [ 15.810341] print_report+0xd1/0x650 [ 15.810364] ? __virt_addr_valid+0x1db/0x2d0 [ 15.810386] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.810411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.810438] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.810463] kasan_report+0x141/0x180 [ 15.810486] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.810518] kasan_check_range+0x10c/0x1c0 [ 15.810542] __kasan_check_write+0x18/0x20 [ 15.810562] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.810587] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.810615] ? kasan_save_alloc_info+0x3b/0x50 [ 15.810638] ? kasan_save_stack+0x45/0x70 [ 15.810663] kasan_bitops_generic+0x116/0x1c0 [ 15.810686] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.810734] ? __pfx_read_tsc+0x10/0x10 [ 15.810756] ? ktime_get_ts64+0x86/0x230 [ 15.810782] kunit_try_run_case+0x1a5/0x480 [ 15.810806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.810827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.810851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.810873] ? __kthread_parkme+0x82/0x180 [ 15.810893] ? preempt_count_sub+0x50/0x80 [ 15.810916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.810940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.810963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.810986] kthread+0x337/0x6f0 [ 15.811006] ? trace_preempt_on+0x20/0xc0 [ 15.811030] ? __pfx_kthread+0x10/0x10 [ 15.811062] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.811085] ? calculate_sigpending+0x7b/0xa0 [ 15.811108] ? __pfx_kthread+0x10/0x10 [ 15.811130] ret_from_fork+0x116/0x1d0 [ 15.811148] ? __pfx_kthread+0x10/0x10 [ 15.811168] ret_from_fork_asm+0x1a/0x30 [ 15.811201] </TASK> [ 15.811212] [ 15.823664] Allocated by task 278: [ 15.824035] kasan_save_stack+0x45/0x70 [ 15.824423] kasan_save_track+0x18/0x40 [ 15.824820] kasan_save_alloc_info+0x3b/0x50 [ 15.825229] __kasan_kmalloc+0xb7/0xc0 [ 15.825605] __kmalloc_cache_noprof+0x189/0x420 [ 15.826068] kasan_bitops_generic+0x92/0x1c0 [ 15.826480] kunit_try_run_case+0x1a5/0x480 [ 15.826919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.827432] kthread+0x337/0x6f0 [ 15.827785] ret_from_fork+0x116/0x1d0 [ 15.828153] ret_from_fork_asm+0x1a/0x30 [ 15.828539] [ 15.828704] The buggy address belongs to the object at ffff888102873120 [ 15.828704] which belongs to the cache kmalloc-16 of size 16 [ 15.829226] The buggy address is located 8 bytes inside of [ 15.829226] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.829605] [ 15.829683] The buggy address belongs to the physical page: [ 15.830194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.830911] flags: 0x200000000000000(node=0|zone=2) [ 15.831366] page_type: f5(slab) [ 15.831661] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.832363] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.833063] page dumped because: kasan: bad access detected [ 15.833558] [ 15.833736] Memory state around the buggy address: [ 15.833975] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.834219] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.834448] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.834673] ^ [ 15.835084] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.835694] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.836344] ================================================================== [ 15.650928] ================================================================== [ 15.651268] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.651589] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.652130] [ 15.652240] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.652286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.652299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.652321] Call Trace: [ 15.652334] <TASK> [ 15.652351] dump_stack_lvl+0x73/0xb0 [ 15.652378] print_report+0xd1/0x650 [ 15.652401] ? __virt_addr_valid+0x1db/0x2d0 [ 15.652482] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.652507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.652532] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.652570] kasan_report+0x141/0x180 [ 15.652592] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.652623] kasan_check_range+0x10c/0x1c0 [ 15.652646] __kasan_check_write+0x18/0x20 [ 15.652665] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.652691] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.652805] ? kasan_save_alloc_info+0x3b/0x50 [ 15.652829] ? kasan_save_stack+0x45/0x70 [ 15.652865] kasan_bitops_generic+0x116/0x1c0 [ 15.652888] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.652914] ? __pfx_read_tsc+0x10/0x10 [ 15.652943] ? ktime_get_ts64+0x86/0x230 [ 15.652969] kunit_try_run_case+0x1a5/0x480 [ 15.653003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.653026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.653057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.653081] ? __kthread_parkme+0x82/0x180 [ 15.653101] ? preempt_count_sub+0x50/0x80 [ 15.653124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.653148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.653171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.653194] kthread+0x337/0x6f0 [ 15.653213] ? trace_preempt_on+0x20/0xc0 [ 15.653237] ? __pfx_kthread+0x10/0x10 [ 15.653268] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.653288] ? calculate_sigpending+0x7b/0xa0 [ 15.653312] ? __pfx_kthread+0x10/0x10 [ 15.653344] ret_from_fork+0x116/0x1d0 [ 15.653363] ? __pfx_kthread+0x10/0x10 [ 15.653384] ret_from_fork_asm+0x1a/0x30 [ 15.653416] </TASK> [ 15.653427] [ 15.662438] Allocated by task 278: [ 15.662649] kasan_save_stack+0x45/0x70 [ 15.662949] kasan_save_track+0x18/0x40 [ 15.663130] kasan_save_alloc_info+0x3b/0x50 [ 15.663381] __kasan_kmalloc+0xb7/0xc0 [ 15.663553] __kmalloc_cache_noprof+0x189/0x420 [ 15.663874] kasan_bitops_generic+0x92/0x1c0 [ 15.664039] kunit_try_run_case+0x1a5/0x480 [ 15.664227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.664520] kthread+0x337/0x6f0 [ 15.664767] ret_from_fork+0x116/0x1d0 [ 15.664986] ret_from_fork_asm+0x1a/0x30 [ 15.665238] [ 15.665340] The buggy address belongs to the object at ffff888102873120 [ 15.665340] which belongs to the cache kmalloc-16 of size 16 [ 15.665900] The buggy address is located 8 bytes inside of [ 15.665900] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.666537] [ 15.666640] The buggy address belongs to the physical page: [ 15.667151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.667541] flags: 0x200000000000000(node=0|zone=2) [ 15.667883] page_type: f5(slab) [ 15.668089] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.668441] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.668688] page dumped because: kasan: bad access detected [ 15.669068] [ 15.669175] Memory state around the buggy address: [ 15.669417] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.669840] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.670158] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.670538] ^ [ 15.670860] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.671195] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.671526] ================================================================== [ 15.747505] ================================================================== [ 15.748361] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.749271] Write of size 8 at addr ffff888102873128 by task kunit_try_catch/278 [ 15.749513] [ 15.749607] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.749650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.749663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.749685] Call Trace: [ 15.749698] <TASK> [ 15.749712] dump_stack_lvl+0x73/0xb0 [ 15.749741] print_report+0xd1/0x650 [ 15.749763] ? __virt_addr_valid+0x1db/0x2d0 [ 15.749785] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.749810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.749835] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.749861] kasan_report+0x141/0x180 [ 15.749882] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.749912] kasan_check_range+0x10c/0x1c0 [ 15.749936] __kasan_check_write+0x18/0x20 [ 15.749955] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.749980] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.750009] ? kasan_save_alloc_info+0x3b/0x50 [ 15.750032] ? kasan_save_stack+0x45/0x70 [ 15.750070] kasan_bitops_generic+0x116/0x1c0 [ 15.750093] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.750118] ? __pfx_read_tsc+0x10/0x10 [ 15.750137] ? ktime_get_ts64+0x86/0x230 [ 15.750164] kunit_try_run_case+0x1a5/0x480 [ 15.750188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.750210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.750233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.750255] ? __kthread_parkme+0x82/0x180 [ 15.750275] ? preempt_count_sub+0x50/0x80 [ 15.750297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.750321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.750345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.750370] kthread+0x337/0x6f0 [ 15.750389] ? trace_preempt_on+0x20/0xc0 [ 15.750412] ? __pfx_kthread+0x10/0x10 [ 15.750432] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.750452] ? calculate_sigpending+0x7b/0xa0 [ 15.750475] ? __pfx_kthread+0x10/0x10 [ 15.750496] ret_from_fork+0x116/0x1d0 [ 15.750515] ? __pfx_kthread+0x10/0x10 [ 15.750535] ret_from_fork_asm+0x1a/0x30 [ 15.750566] </TASK> [ 15.750577] [ 15.765439] Allocated by task 278: [ 15.765594] kasan_save_stack+0x45/0x70 [ 15.765777] kasan_save_track+0x18/0x40 [ 15.766148] kasan_save_alloc_info+0x3b/0x50 [ 15.766542] __kasan_kmalloc+0xb7/0xc0 [ 15.766919] __kmalloc_cache_noprof+0x189/0x420 [ 15.767357] kasan_bitops_generic+0x92/0x1c0 [ 15.767802] kunit_try_run_case+0x1a5/0x480 [ 15.768210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.768709] kthread+0x337/0x6f0 [ 15.769085] ret_from_fork+0x116/0x1d0 [ 15.769444] ret_from_fork_asm+0x1a/0x30 [ 15.769859] [ 15.770044] The buggy address belongs to the object at ffff888102873120 [ 15.770044] which belongs to the cache kmalloc-16 of size 16 [ 15.771372] The buggy address is located 8 bytes inside of [ 15.771372] allocated 9-byte region [ffff888102873120, ffff888102873129) [ 15.772443] [ 15.772616] The buggy address belongs to the physical page: [ 15.772872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 15.773302] flags: 0x200000000000000(node=0|zone=2) [ 15.773760] page_type: f5(slab) [ 15.774101] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.774614] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.775150] page dumped because: kasan: bad access detected [ 15.775727] [ 15.775813] Memory state around the buggy address: [ 15.775981] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.776230] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.776458] >ffff888102873100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.776679] ^ [ 15.778248] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.778612] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.778946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.601010] ================================================================== [ 15.601353] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.601646] Read of size 1 at addr ffff8881031d1550 by task kunit_try_catch/276 [ 15.601984] [ 15.602100] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.602145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.602157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.602178] Call Trace: [ 15.602194] <TASK> [ 15.602211] dump_stack_lvl+0x73/0xb0 [ 15.602237] print_report+0xd1/0x650 [ 15.602258] ? __virt_addr_valid+0x1db/0x2d0 [ 15.602280] ? strnlen+0x73/0x80 [ 15.602301] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.602327] ? strnlen+0x73/0x80 [ 15.602348] kasan_report+0x141/0x180 [ 15.602370] ? strnlen+0x73/0x80 [ 15.602397] __asan_report_load1_noabort+0x18/0x20 [ 15.602424] strnlen+0x73/0x80 [ 15.602447] kasan_strings+0x615/0xe80 [ 15.602467] ? trace_hardirqs_on+0x37/0xe0 [ 15.602490] ? __pfx_kasan_strings+0x10/0x10 [ 15.602510] ? finish_task_switch.isra.0+0x153/0x700 [ 15.602532] ? __switch_to+0x47/0xf50 [ 15.602557] ? __schedule+0x10cc/0x2b60 [ 15.602579] ? __pfx_read_tsc+0x10/0x10 [ 15.602600] ? ktime_get_ts64+0x86/0x230 [ 15.602624] kunit_try_run_case+0x1a5/0x480 [ 15.602646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.602692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.602714] ? __kthread_parkme+0x82/0x180 [ 15.602735] ? preempt_count_sub+0x50/0x80 [ 15.602759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.602783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.602829] kthread+0x337/0x6f0 [ 15.602849] ? trace_preempt_on+0x20/0xc0 [ 15.602871] ? __pfx_kthread+0x10/0x10 [ 15.602893] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.602914] ? calculate_sigpending+0x7b/0xa0 [ 15.602938] ? __pfx_kthread+0x10/0x10 [ 15.602960] ret_from_fork+0x116/0x1d0 [ 15.602978] ? __pfx_kthread+0x10/0x10 [ 15.602999] ret_from_fork_asm+0x1a/0x30 [ 15.603031] </TASK> [ 15.603042] [ 15.611509] Allocated by task 276: [ 15.611655] kasan_save_stack+0x45/0x70 [ 15.611874] kasan_save_track+0x18/0x40 [ 15.612112] kasan_save_alloc_info+0x3b/0x50 [ 15.612338] __kasan_kmalloc+0xb7/0xc0 [ 15.612537] __kmalloc_cache_noprof+0x189/0x420 [ 15.612757] kasan_strings+0xc0/0xe80 [ 15.612899] kunit_try_run_case+0x1a5/0x480 [ 15.613090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613364] kthread+0x337/0x6f0 [ 15.613584] ret_from_fork+0x116/0x1d0 [ 15.613805] ret_from_fork_asm+0x1a/0x30 [ 15.614029] [ 15.614125] Freed by task 276: [ 15.614294] kasan_save_stack+0x45/0x70 [ 15.614498] kasan_save_track+0x18/0x40 [ 15.614707] kasan_save_free_info+0x3f/0x60 [ 15.614932] __kasan_slab_free+0x56/0x70 [ 15.615152] kfree+0x222/0x3f0 [ 15.615339] kasan_strings+0x2aa/0xe80 [ 15.615522] kunit_try_run_case+0x1a5/0x480 [ 15.615783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.616069] kthread+0x337/0x6f0 [ 15.616216] ret_from_fork+0x116/0x1d0 [ 15.616358] ret_from_fork_asm+0x1a/0x30 [ 15.616508] [ 15.616585] The buggy address belongs to the object at ffff8881031d1540 [ 15.616585] which belongs to the cache kmalloc-32 of size 32 [ 15.617174] The buggy address is located 16 bytes inside of [ 15.617174] freed 32-byte region [ffff8881031d1540, ffff8881031d1560) [ 15.617771] [ 15.617880] The buggy address belongs to the physical page: [ 15.618186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.618531] flags: 0x200000000000000(node=0|zone=2) [ 15.618708] page_type: f5(slab) [ 15.618858] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.619127] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.619518] page dumped because: kasan: bad access detected [ 15.619855] [ 15.619969] Memory state around the buggy address: [ 15.620219] ffff8881031d1400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.620590] ffff8881031d1480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.620967] >ffff8881031d1500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.621302] ^ [ 15.621585] ffff8881031d1580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.621939] ffff8881031d1600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.622274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 15.575531] ================================================================== [ 15.576068] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 15.576404] Read of size 1 at addr ffff8881031d1550 by task kunit_try_catch/276 [ 15.576846] [ 15.576945] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.576990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.577005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.577027] Call Trace: [ 15.577042] <TASK> [ 15.577071] dump_stack_lvl+0x73/0xb0 [ 15.577098] print_report+0xd1/0x650 [ 15.577120] ? __virt_addr_valid+0x1db/0x2d0 [ 15.577184] ? strlen+0x8f/0xb0 [ 15.577229] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.577257] ? strlen+0x8f/0xb0 [ 15.577279] kasan_report+0x141/0x180 [ 15.577301] ? strlen+0x8f/0xb0 [ 15.577329] __asan_report_load1_noabort+0x18/0x20 [ 15.577354] strlen+0x8f/0xb0 [ 15.577376] kasan_strings+0x57b/0xe80 [ 15.577396] ? trace_hardirqs_on+0x37/0xe0 [ 15.577420] ? __pfx_kasan_strings+0x10/0x10 [ 15.577440] ? finish_task_switch.isra.0+0x153/0x700 [ 15.577463] ? __switch_to+0x47/0xf50 [ 15.577489] ? __schedule+0x10cc/0x2b60 [ 15.577512] ? __pfx_read_tsc+0x10/0x10 [ 15.577537] ? ktime_get_ts64+0x86/0x230 [ 15.577562] kunit_try_run_case+0x1a5/0x480 [ 15.577587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.577608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.577631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.577655] ? __kthread_parkme+0x82/0x180 [ 15.577675] ? preempt_count_sub+0x50/0x80 [ 15.577807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.577839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.577863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.577887] kthread+0x337/0x6f0 [ 15.577907] ? trace_preempt_on+0x20/0xc0 [ 15.577930] ? __pfx_kthread+0x10/0x10 [ 15.577952] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.577974] ? calculate_sigpending+0x7b/0xa0 [ 15.577997] ? __pfx_kthread+0x10/0x10 [ 15.578019] ret_from_fork+0x116/0x1d0 [ 15.578038] ? __pfx_kthread+0x10/0x10 [ 15.578071] ret_from_fork_asm+0x1a/0x30 [ 15.578103] </TASK> [ 15.578114] [ 15.587650] Allocated by task 276: [ 15.587837] kasan_save_stack+0x45/0x70 [ 15.588043] kasan_save_track+0x18/0x40 [ 15.588217] kasan_save_alloc_info+0x3b/0x50 [ 15.588438] __kasan_kmalloc+0xb7/0xc0 [ 15.588621] __kmalloc_cache_noprof+0x189/0x420 [ 15.588843] kasan_strings+0xc0/0xe80 [ 15.589024] kunit_try_run_case+0x1a5/0x480 [ 15.589467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.589879] kthread+0x337/0x6f0 [ 15.590045] ret_from_fork+0x116/0x1d0 [ 15.590194] ret_from_fork_asm+0x1a/0x30 [ 15.590339] [ 15.590439] Freed by task 276: [ 15.590600] kasan_save_stack+0x45/0x70 [ 15.590948] kasan_save_track+0x18/0x40 [ 15.591167] kasan_save_free_info+0x3f/0x60 [ 15.591444] __kasan_slab_free+0x56/0x70 [ 15.591653] kfree+0x222/0x3f0 [ 15.591859] kasan_strings+0x2aa/0xe80 [ 15.592027] kunit_try_run_case+0x1a5/0x480 [ 15.592254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.592568] kthread+0x337/0x6f0 [ 15.592916] ret_from_fork+0x116/0x1d0 [ 15.593151] ret_from_fork_asm+0x1a/0x30 [ 15.593400] [ 15.593513] The buggy address belongs to the object at ffff8881031d1540 [ 15.593513] which belongs to the cache kmalloc-32 of size 32 [ 15.594166] The buggy address is located 16 bytes inside of [ 15.594166] freed 32-byte region [ffff8881031d1540, ffff8881031d1560) [ 15.594844] [ 15.594988] The buggy address belongs to the physical page: [ 15.595287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.595686] flags: 0x200000000000000(node=0|zone=2) [ 15.596082] page_type: f5(slab) [ 15.596254] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.596610] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.597163] page dumped because: kasan: bad access detected [ 15.597434] [ 15.597540] Memory state around the buggy address: [ 15.597968] ffff8881031d1400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.598271] ffff8881031d1480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.598658] >ffff8881031d1500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.599099] ^ [ 15.599352] ffff8881031d1580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.599814] ffff8881031d1600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.600178] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 15.542337] ================================================================== [ 15.542919] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 15.543361] Read of size 1 at addr ffff8881031d1550 by task kunit_try_catch/276 [ 15.544394] [ 15.544639] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.544814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.544830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.544876] Call Trace: [ 15.544890] <TASK> [ 15.544904] dump_stack_lvl+0x73/0xb0 [ 15.544937] print_report+0xd1/0x650 [ 15.544962] ? __virt_addr_valid+0x1db/0x2d0 [ 15.544984] ? kasan_strings+0xcbc/0xe80 [ 15.545004] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.545030] ? kasan_strings+0xcbc/0xe80 [ 15.545061] kasan_report+0x141/0x180 [ 15.545084] ? kasan_strings+0xcbc/0xe80 [ 15.545111] __asan_report_load1_noabort+0x18/0x20 [ 15.545136] kasan_strings+0xcbc/0xe80 [ 15.545155] ? trace_hardirqs_on+0x37/0xe0 [ 15.545179] ? __pfx_kasan_strings+0x10/0x10 [ 15.545199] ? finish_task_switch.isra.0+0x153/0x700 [ 15.545221] ? __switch_to+0x47/0xf50 [ 15.545246] ? __schedule+0x10cc/0x2b60 [ 15.545270] ? __pfx_read_tsc+0x10/0x10 [ 15.545291] ? ktime_get_ts64+0x86/0x230 [ 15.545315] kunit_try_run_case+0x1a5/0x480 [ 15.545340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.545361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.545383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.545407] ? __kthread_parkme+0x82/0x180 [ 15.545427] ? preempt_count_sub+0x50/0x80 [ 15.545450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.545473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.545496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.545519] kthread+0x337/0x6f0 [ 15.545543] ? trace_preempt_on+0x20/0xc0 [ 15.545565] ? __pfx_kthread+0x10/0x10 [ 15.545586] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.545607] ? calculate_sigpending+0x7b/0xa0 [ 15.545632] ? __pfx_kthread+0x10/0x10 [ 15.545654] ret_from_fork+0x116/0x1d0 [ 15.545672] ? __pfx_kthread+0x10/0x10 [ 15.545693] ret_from_fork_asm+0x1a/0x30 [ 15.545810] </TASK> [ 15.545821] [ 15.559602] Allocated by task 276: [ 15.560011] kasan_save_stack+0x45/0x70 [ 15.560444] kasan_save_track+0x18/0x40 [ 15.560940] kasan_save_alloc_info+0x3b/0x50 [ 15.561411] __kasan_kmalloc+0xb7/0xc0 [ 15.561932] __kmalloc_cache_noprof+0x189/0x420 [ 15.562440] kasan_strings+0xc0/0xe80 [ 15.562925] kunit_try_run_case+0x1a5/0x480 [ 15.563396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.563994] kthread+0x337/0x6f0 [ 15.564363] ret_from_fork+0x116/0x1d0 [ 15.564823] ret_from_fork_asm+0x1a/0x30 [ 15.564984] [ 15.565077] Freed by task 276: [ 15.565201] kasan_save_stack+0x45/0x70 [ 15.565414] kasan_save_track+0x18/0x40 [ 15.565598] kasan_save_free_info+0x3f/0x60 [ 15.565980] __kasan_slab_free+0x56/0x70 [ 15.566154] kfree+0x222/0x3f0 [ 15.566334] kasan_strings+0x2aa/0xe80 [ 15.566576] kunit_try_run_case+0x1a5/0x480 [ 15.566951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.567223] kthread+0x337/0x6f0 [ 15.567377] ret_from_fork+0x116/0x1d0 [ 15.567619] ret_from_fork_asm+0x1a/0x30 [ 15.568031] [ 15.568165] The buggy address belongs to the object at ffff8881031d1540 [ 15.568165] which belongs to the cache kmalloc-32 of size 32 [ 15.568827] The buggy address is located 16 bytes inside of [ 15.568827] freed 32-byte region [ffff8881031d1540, ffff8881031d1560) [ 15.569509] [ 15.569628] The buggy address belongs to the physical page: [ 15.570104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.570425] flags: 0x200000000000000(node=0|zone=2) [ 15.570682] page_type: f5(slab) [ 15.570865] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.571243] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.571615] page dumped because: kasan: bad access detected [ 15.571864] [ 15.571955] Memory state around the buggy address: [ 15.572486] ffff8881031d1400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.572979] ffff8881031d1480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.573329] >ffff8881031d1500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.573679] ^ [ 15.574067] ffff8881031d1580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.574416] ffff8881031d1600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.574917] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 15.507548] ================================================================== [ 15.509148] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 15.509418] Read of size 1 at addr ffff8881031d1550 by task kunit_try_catch/276 [ 15.509727] [ 15.511164] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.511222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.511235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.511259] Call Trace: [ 15.511273] <TASK> [ 15.511291] dump_stack_lvl+0x73/0xb0 [ 15.511324] print_report+0xd1/0x650 [ 15.511349] ? __virt_addr_valid+0x1db/0x2d0 [ 15.511375] ? strcmp+0xb0/0xc0 [ 15.511397] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.511424] ? strcmp+0xb0/0xc0 [ 15.511446] kasan_report+0x141/0x180 [ 15.511469] ? strcmp+0xb0/0xc0 [ 15.511496] __asan_report_load1_noabort+0x18/0x20 [ 15.511522] strcmp+0xb0/0xc0 [ 15.511545] kasan_strings+0x431/0xe80 [ 15.511566] ? trace_hardirqs_on+0x37/0xe0 [ 15.511593] ? __pfx_kasan_strings+0x10/0x10 [ 15.511614] ? finish_task_switch.isra.0+0x153/0x700 [ 15.511638] ? __switch_to+0x47/0xf50 [ 15.511666] ? __schedule+0x10cc/0x2b60 [ 15.511690] ? __pfx_read_tsc+0x10/0x10 [ 15.511722] ? ktime_get_ts64+0x86/0x230 [ 15.511749] kunit_try_run_case+0x1a5/0x480 [ 15.511775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.511798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.511822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.511846] ? __kthread_parkme+0x82/0x180 [ 15.511867] ? preempt_count_sub+0x50/0x80 [ 15.511891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.511916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.511939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.511963] kthread+0x337/0x6f0 [ 15.511984] ? trace_preempt_on+0x20/0xc0 [ 15.512007] ? __pfx_kthread+0x10/0x10 [ 15.512029] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.512062] ? calculate_sigpending+0x7b/0xa0 [ 15.512088] ? __pfx_kthread+0x10/0x10 [ 15.512111] ret_from_fork+0x116/0x1d0 [ 15.512130] ? __pfx_kthread+0x10/0x10 [ 15.512152] ret_from_fork_asm+0x1a/0x30 [ 15.512185] </TASK> [ 15.512197] [ 15.526672] Allocated by task 276: [ 15.526900] kasan_save_stack+0x45/0x70 [ 15.527140] kasan_save_track+0x18/0x40 [ 15.527538] kasan_save_alloc_info+0x3b/0x50 [ 15.527954] __kasan_kmalloc+0xb7/0xc0 [ 15.528164] __kmalloc_cache_noprof+0x189/0x420 [ 15.528467] kasan_strings+0xc0/0xe80 [ 15.528668] kunit_try_run_case+0x1a5/0x480 [ 15.529004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.529287] kthread+0x337/0x6f0 [ 15.529571] ret_from_fork+0x116/0x1d0 [ 15.529946] ret_from_fork_asm+0x1a/0x30 [ 15.530218] [ 15.530318] Freed by task 276: [ 15.530524] kasan_save_stack+0x45/0x70 [ 15.530847] kasan_save_track+0x18/0x40 [ 15.531150] kasan_save_free_info+0x3f/0x60 [ 15.531352] __kasan_slab_free+0x56/0x70 [ 15.531644] kfree+0x222/0x3f0 [ 15.532058] kasan_strings+0x2aa/0xe80 [ 15.532267] kunit_try_run_case+0x1a5/0x480 [ 15.532601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.532994] kthread+0x337/0x6f0 [ 15.533181] ret_from_fork+0x116/0x1d0 [ 15.533485] ret_from_fork_asm+0x1a/0x30 [ 15.533677] [ 15.534028] The buggy address belongs to the object at ffff8881031d1540 [ 15.534028] which belongs to the cache kmalloc-32 of size 32 [ 15.534590] The buggy address is located 16 bytes inside of [ 15.534590] freed 32-byte region [ffff8881031d1540, ffff8881031d1560) [ 15.535245] [ 15.535404] The buggy address belongs to the physical page: [ 15.535672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.536236] flags: 0x200000000000000(node=0|zone=2) [ 15.536489] page_type: f5(slab) [ 15.536829] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.537230] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.537600] page dumped because: kasan: bad access detected [ 15.538002] [ 15.538119] Memory state around the buggy address: [ 15.538433] ffff8881031d1400: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.538880] ffff8881031d1480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.539135] >ffff8881031d1500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.539480] ^ [ 15.539752] ffff8881031d1580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.540516] ffff8881031d1600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.540982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 15.480878] ================================================================== [ 15.481345] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.481653] Read of size 1 at addr ffff8881031d1498 by task kunit_try_catch/274 [ 15.482279] [ 15.482395] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.482444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.482456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.482478] Call Trace: [ 15.482491] <TASK> [ 15.482506] dump_stack_lvl+0x73/0xb0 [ 15.482535] print_report+0xd1/0x650 [ 15.482559] ? __virt_addr_valid+0x1db/0x2d0 [ 15.482581] ? memcmp+0x1b4/0x1d0 [ 15.482599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.482625] ? memcmp+0x1b4/0x1d0 [ 15.482643] kasan_report+0x141/0x180 [ 15.482666] ? memcmp+0x1b4/0x1d0 [ 15.482688] __asan_report_load1_noabort+0x18/0x20 [ 15.482786] memcmp+0x1b4/0x1d0 [ 15.482810] kasan_memcmp+0x18f/0x390 [ 15.482832] ? trace_hardirqs_on+0x37/0xe0 [ 15.482857] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.482876] ? finish_task_switch.isra.0+0x153/0x700 [ 15.482899] ? __switch_to+0x47/0xf50 [ 15.482929] ? __pfx_read_tsc+0x10/0x10 [ 15.482952] ? ktime_get_ts64+0x86/0x230 [ 15.482976] kunit_try_run_case+0x1a5/0x480 [ 15.483000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.483046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.483080] ? __kthread_parkme+0x82/0x180 [ 15.483102] ? preempt_count_sub+0x50/0x80 [ 15.483126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.483197] kthread+0x337/0x6f0 [ 15.483215] ? trace_preempt_on+0x20/0xc0 [ 15.483239] ? __pfx_kthread+0x10/0x10 [ 15.483259] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.483280] ? calculate_sigpending+0x7b/0xa0 [ 15.483303] ? __pfx_kthread+0x10/0x10 [ 15.483325] ret_from_fork+0x116/0x1d0 [ 15.483343] ? __pfx_kthread+0x10/0x10 [ 15.483364] ret_from_fork_asm+0x1a/0x30 [ 15.483396] </TASK> [ 15.483408] [ 15.491118] Allocated by task 274: [ 15.491263] kasan_save_stack+0x45/0x70 [ 15.491461] kasan_save_track+0x18/0x40 [ 15.491661] kasan_save_alloc_info+0x3b/0x50 [ 15.491876] __kasan_kmalloc+0xb7/0xc0 [ 15.492099] __kmalloc_cache_noprof+0x189/0x420 [ 15.492311] kasan_memcmp+0xb7/0x390 [ 15.492447] kunit_try_run_case+0x1a5/0x480 [ 15.492601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.493165] kthread+0x337/0x6f0 [ 15.493359] ret_from_fork+0x116/0x1d0 [ 15.493563] ret_from_fork_asm+0x1a/0x30 [ 15.493877] [ 15.493987] The buggy address belongs to the object at ffff8881031d1480 [ 15.493987] which belongs to the cache kmalloc-32 of size 32 [ 15.494570] The buggy address is located 0 bytes to the right of [ 15.494570] allocated 24-byte region [ffff8881031d1480, ffff8881031d1498) [ 15.495163] [ 15.495273] The buggy address belongs to the physical page: [ 15.495475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031d1 [ 15.496008] flags: 0x200000000000000(node=0|zone=2) [ 15.496249] page_type: f5(slab) [ 15.496420] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.496665] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.496903] page dumped because: kasan: bad access detected [ 15.497154] [ 15.497256] Memory state around the buggy address: [ 15.497909] ffff8881031d1380: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.498274] ffff8881031d1400: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.498589] >ffff8881031d1480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499096] ^ [ 15.499357] ffff8881031d1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499623] ffff8881031d1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 15.444867] ================================================================== [ 15.445620] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 15.446132] Read of size 1 at addr ffff888103a57c4a by task kunit_try_catch/270 [ 15.446419] [ 15.446529] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.446572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.446585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.446606] Call Trace: [ 15.446618] <TASK> [ 15.446631] dump_stack_lvl+0x73/0xb0 [ 15.446658] print_report+0xd1/0x650 [ 15.446679] ? __virt_addr_valid+0x1db/0x2d0 [ 15.446701] ? kasan_alloca_oob_right+0x329/0x390 [ 15.447088] ? kasan_addr_to_slab+0x11/0xa0 [ 15.447114] ? kasan_alloca_oob_right+0x329/0x390 [ 15.447137] kasan_report+0x141/0x180 [ 15.447161] ? kasan_alloca_oob_right+0x329/0x390 [ 15.447188] __asan_report_load1_noabort+0x18/0x20 [ 15.447448] kasan_alloca_oob_right+0x329/0x390 [ 15.447472] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.447497] ? finish_task_switch.isra.0+0x153/0x700 [ 15.447518] ? __ww_mutex_lock.constprop.0+0x1dbe/0x1e90 [ 15.447543] ? trace_hardirqs_on+0x37/0xe0 [ 15.447567] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 15.447593] ? __schedule+0x10cc/0x2b60 [ 15.447615] ? __pfx_read_tsc+0x10/0x10 [ 15.447636] ? ktime_get_ts64+0x86/0x230 [ 15.447659] kunit_try_run_case+0x1a5/0x480 [ 15.447684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.447788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.447811] ? __kthread_parkme+0x82/0x180 [ 15.447831] ? preempt_count_sub+0x50/0x80 [ 15.447854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.447901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.447924] kthread+0x337/0x6f0 [ 15.447943] ? trace_preempt_on+0x20/0xc0 [ 15.447964] ? __pfx_kthread+0x10/0x10 [ 15.447985] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.448004] ? calculate_sigpending+0x7b/0xa0 [ 15.448028] ? __pfx_kthread+0x10/0x10 [ 15.448061] ret_from_fork+0x116/0x1d0 [ 15.448079] ? __pfx_kthread+0x10/0x10 [ 15.448099] ret_from_fork_asm+0x1a/0x30 [ 15.448130] </TASK> [ 15.448143] [ 15.459453] The buggy address belongs to stack of task kunit_try_catch/270 [ 15.459826] [ 15.459929] The buggy address belongs to the physical page: [ 15.460190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a57 [ 15.460543] flags: 0x200000000000000(node=0|zone=2) [ 15.460982] raw: 0200000000000000 ffffea00040e95c8 ffffea00040e95c8 0000000000000000 [ 15.461345] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.461685] page dumped because: kasan: bad access detected [ 15.462670] [ 15.462808] Memory state around the buggy address: [ 15.462983] ffff888103a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.464023] ffff888103a57b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.464407] >ffff888103a57c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.464795] ^ [ 15.465068] ffff888103a57c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.465309] ffff888103a57d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.465659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 15.420710] ================================================================== [ 15.421421] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 15.422084] Read of size 1 at addr ffff8881039c7c3f by task kunit_try_catch/268 [ 15.422436] [ 15.422543] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.422590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.422603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.422624] Call Trace: [ 15.422638] <TASK> [ 15.422653] dump_stack_lvl+0x73/0xb0 [ 15.422684] print_report+0xd1/0x650 [ 15.422707] ? __virt_addr_valid+0x1db/0x2d0 [ 15.422745] ? kasan_alloca_oob_left+0x320/0x380 [ 15.422770] ? kasan_addr_to_slab+0x11/0xa0 [ 15.422790] ? kasan_alloca_oob_left+0x320/0x380 [ 15.422814] kasan_report+0x141/0x180 [ 15.422837] ? kasan_alloca_oob_left+0x320/0x380 [ 15.422866] __asan_report_load1_noabort+0x18/0x20 [ 15.422890] kasan_alloca_oob_left+0x320/0x380 [ 15.422915] ? finish_task_switch.isra.0+0x153/0x700 [ 15.422939] ? __ww_mutex_lock.constprop.0+0x1dbe/0x1e90 [ 15.422965] ? trace_hardirqs_on+0x37/0xe0 [ 15.422992] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 15.423020] ? __schedule+0x10cc/0x2b60 [ 15.423045] ? __pfx_read_tsc+0x10/0x10 [ 15.423077] ? ktime_get_ts64+0x86/0x230 [ 15.423102] kunit_try_run_case+0x1a5/0x480 [ 15.423128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.423151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.423174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.423198] ? __kthread_parkme+0x82/0x180 [ 15.423218] ? preempt_count_sub+0x50/0x80 [ 15.423242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.423266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.423289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.423314] kthread+0x337/0x6f0 [ 15.423333] ? trace_preempt_on+0x20/0xc0 [ 15.423357] ? __pfx_kthread+0x10/0x10 [ 15.423391] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.423413] ? calculate_sigpending+0x7b/0xa0 [ 15.423438] ? __pfx_kthread+0x10/0x10 [ 15.423460] ret_from_fork+0x116/0x1d0 [ 15.423479] ? __pfx_kthread+0x10/0x10 [ 15.423501] ret_from_fork_asm+0x1a/0x30 [ 15.423534] </TASK> [ 15.423545] [ 15.433392] The buggy address belongs to stack of task kunit_try_catch/268 [ 15.433955] [ 15.434099] The buggy address belongs to the physical page: [ 15.434343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c7 [ 15.434670] flags: 0x200000000000000(node=0|zone=2) [ 15.435482] raw: 0200000000000000 ffffea00040e71c8 ffffea00040e71c8 0000000000000000 [ 15.436233] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.436683] page dumped because: kasan: bad access detected [ 15.437111] [ 15.437213] Memory state around the buggy address: [ 15.437435] ffff8881039c7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.438094] ffff8881039c7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.438547] >ffff8881039c7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.439385] ^ [ 15.439698] ffff8881039c7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.440379] ffff8881039c7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.441044] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 15.398193] ================================================================== [ 15.400139] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 15.400400] Read of size 1 at addr ffff888103a47d02 by task kunit_try_catch/266 [ 15.400638] [ 15.400730] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.400776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.400788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.400810] Call Trace: [ 15.400824] <TASK> [ 15.400839] dump_stack_lvl+0x73/0xb0 [ 15.400868] print_report+0xd1/0x650 [ 15.400890] ? __virt_addr_valid+0x1db/0x2d0 [ 15.400914] ? kasan_stack_oob+0x2b5/0x300 [ 15.400933] ? kasan_addr_to_slab+0x11/0xa0 [ 15.400953] ? kasan_stack_oob+0x2b5/0x300 [ 15.400973] kasan_report+0x141/0x180 [ 15.400995] ? kasan_stack_oob+0x2b5/0x300 [ 15.401020] __asan_report_load1_noabort+0x18/0x20 [ 15.401043] kasan_stack_oob+0x2b5/0x300 [ 15.401134] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.401156] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.401188] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.401214] kunit_try_run_case+0x1a5/0x480 [ 15.401241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.401286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.401309] ? __kthread_parkme+0x82/0x180 [ 15.401331] ? preempt_count_sub+0x50/0x80 [ 15.401355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.401402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.401424] kthread+0x337/0x6f0 [ 15.401445] ? trace_preempt_on+0x20/0xc0 [ 15.401469] ? __pfx_kthread+0x10/0x10 [ 15.401490] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.401511] ? calculate_sigpending+0x7b/0xa0 [ 15.401543] ? __pfx_kthread+0x10/0x10 [ 15.401565] ret_from_fork+0x116/0x1d0 [ 15.401585] ? __pfx_kthread+0x10/0x10 [ 15.401605] ret_from_fork_asm+0x1a/0x30 [ 15.401637] </TASK> [ 15.401650] [ 15.410284] The buggy address belongs to stack of task kunit_try_catch/266 [ 15.410696] and is located at offset 138 in frame: [ 15.411031] kasan_stack_oob+0x0/0x300 [ 15.411320] [ 15.411447] This frame has 4 objects: [ 15.411760] [48, 49) '__assertion' [ 15.411786] [64, 72) 'array' [ 15.411983] [96, 112) '__assertion' [ 15.412294] [128, 138) 'stack_array' [ 15.412513] [ 15.412731] The buggy address belongs to the physical page: [ 15.413089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a47 [ 15.413383] flags: 0x200000000000000(node=0|zone=2) [ 15.413583] raw: 0200000000000000 ffffea00040e91c8 ffffea00040e91c8 0000000000000000 [ 15.414407] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.414892] page dumped because: kasan: bad access detected [ 15.415114] [ 15.415196] Memory state around the buggy address: [ 15.415442] ffff888103a47c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.415891] ffff888103a47c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 15.416221] >ffff888103a47d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.416554] ^ [ 15.416680] ffff888103a47d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 15.417087] ffff888103a47e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.417427] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 15.374002] ================================================================== [ 15.375339] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 15.376527] Read of size 1 at addr ffffffffbd061e8d by task kunit_try_catch/262 [ 15.377004] [ 15.377176] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.377225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.377237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.377259] Call Trace: [ 15.377271] <TASK> [ 15.377286] dump_stack_lvl+0x73/0xb0 [ 15.377316] print_report+0xd1/0x650 [ 15.377338] ? __virt_addr_valid+0x1db/0x2d0 [ 15.377362] ? kasan_global_oob_right+0x286/0x2d0 [ 15.377385] ? kasan_addr_to_slab+0x11/0xa0 [ 15.377406] ? kasan_global_oob_right+0x286/0x2d0 [ 15.377429] kasan_report+0x141/0x180 [ 15.377451] ? kasan_global_oob_right+0x286/0x2d0 [ 15.377479] __asan_report_load1_noabort+0x18/0x20 [ 15.377506] kasan_global_oob_right+0x286/0x2d0 [ 15.377534] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 15.377556] ? trace_hardirqs_on+0x37/0xe0 [ 15.377581] ? __schedule+0x207f/0x2b60 [ 15.377604] ? __pfx_read_tsc+0x10/0x10 [ 15.377625] ? ktime_get_ts64+0x86/0x230 [ 15.377650] kunit_try_run_case+0x1a5/0x480 [ 15.377675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.377698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.377721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.377744] ? __kthread_parkme+0x82/0x180 [ 15.377765] ? preempt_count_sub+0x50/0x80 [ 15.377789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.377813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.377836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.377859] kthread+0x337/0x6f0 [ 15.377880] ? trace_preempt_on+0x20/0xc0 [ 15.377902] ? __pfx_kthread+0x10/0x10 [ 15.377924] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.377946] ? calculate_sigpending+0x7b/0xa0 [ 15.377969] ? __pfx_kthread+0x10/0x10 [ 15.377992] ret_from_fork+0x116/0x1d0 [ 15.378010] ? __pfx_kthread+0x10/0x10 [ 15.378031] ret_from_fork_asm+0x1a/0x30 [ 15.378076] </TASK> [ 15.378088] [ 15.386393] The buggy address belongs to the variable: [ 15.386647] global_array+0xd/0x40 [ 15.386960] [ 15.387089] The buggy address belongs to the physical page: [ 15.387273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x148861 [ 15.387613] flags: 0x200000000002000(reserved|node=0|zone=2) [ 15.387891] raw: 0200000000002000 ffffea0005221848 ffffea0005221848 0000000000000000 [ 15.388353] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.388590] page dumped because: kasan: bad access detected [ 15.389076] [ 15.389180] Memory state around the buggy address: [ 15.389416] ffffffffbd061d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.389725] ffffffffbd061e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.389991] >ffffffffbd061e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 15.390334] ^ [ 15.390483] ffffffffbd061f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 15.390952] ffffffffbd061f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 15.391279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 15.326673] ================================================================== [ 15.327305] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.327681] Free of addr ffff8881039f3501 by task kunit_try_catch/258 [ 15.327999] [ 15.328144] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.328189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.328223] Call Trace: [ 15.328235] <TASK> [ 15.328250] dump_stack_lvl+0x73/0xb0 [ 15.328278] print_report+0xd1/0x650 [ 15.328302] ? __virt_addr_valid+0x1db/0x2d0 [ 15.328325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.328351] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.328379] kasan_report_invalid_free+0x10a/0x130 [ 15.328403] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.328431] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.328456] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.328479] check_slab_allocation+0x11f/0x130 [ 15.328502] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.328527] mempool_free+0x2ec/0x380 [ 15.328555] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.328581] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.328611] ? finish_task_switch.isra.0+0x153/0x700 [ 15.328637] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.328661] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 15.328689] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.328711] ? __pfx_mempool_kfree+0x10/0x10 [ 15.328756] ? __pfx_read_tsc+0x10/0x10 [ 15.328777] ? ktime_get_ts64+0x86/0x230 [ 15.328802] kunit_try_run_case+0x1a5/0x480 [ 15.328827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.328874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.328897] ? __kthread_parkme+0x82/0x180 [ 15.328917] ? preempt_count_sub+0x50/0x80 [ 15.328941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.329011] kthread+0x337/0x6f0 [ 15.329031] ? trace_preempt_on+0x20/0xc0 [ 15.329064] ? __pfx_kthread+0x10/0x10 [ 15.329085] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.329106] ? calculate_sigpending+0x7b/0xa0 [ 15.329131] ? __pfx_kthread+0x10/0x10 [ 15.329156] ret_from_fork+0x116/0x1d0 [ 15.329176] ? __pfx_kthread+0x10/0x10 [ 15.329197] ret_from_fork_asm+0x1a/0x30 [ 15.329229] </TASK> [ 15.329240] [ 15.338854] Allocated by task 258: [ 15.339014] kasan_save_stack+0x45/0x70 [ 15.339225] kasan_save_track+0x18/0x40 [ 15.339400] kasan_save_alloc_info+0x3b/0x50 [ 15.339603] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.339819] remove_element+0x11e/0x190 [ 15.340083] mempool_alloc_preallocated+0x4d/0x90 [ 15.340325] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 15.340627] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.340797] kunit_try_run_case+0x1a5/0x480 [ 15.340948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.341174] kthread+0x337/0x6f0 [ 15.341347] ret_from_fork+0x116/0x1d0 [ 15.341541] ret_from_fork_asm+0x1a/0x30 [ 15.341917] [ 15.342021] The buggy address belongs to the object at ffff8881039f3500 [ 15.342021] which belongs to the cache kmalloc-128 of size 128 [ 15.342528] The buggy address is located 1 bytes inside of [ 15.342528] 128-byte region [ffff8881039f3500, ffff8881039f3580) [ 15.343126] [ 15.343228] The buggy address belongs to the physical page: [ 15.343411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.343702] flags: 0x200000000000000(node=0|zone=2) [ 15.344008] page_type: f5(slab) [ 15.344198] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.344556] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.345064] page dumped because: kasan: bad access detected [ 15.345246] [ 15.345319] Memory state around the buggy address: [ 15.345480] ffff8881039f3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.345856] ffff8881039f3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.346191] >ffff8881039f3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.346515] ^ [ 15.346685] ffff8881039f3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347068] ffff8881039f3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.347300] ================================================================== [ 15.349547] ================================================================== [ 15.350486] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.350873] Free of addr ffff888102a10001 by task kunit_try_catch/260 [ 15.351422] [ 15.351547] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.351594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.351605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.351627] Call Trace: [ 15.351639] <TASK> [ 15.351653] dump_stack_lvl+0x73/0xb0 [ 15.351683] print_report+0xd1/0x650 [ 15.351706] ? __virt_addr_valid+0x1db/0x2d0 [ 15.351729] ? kasan_addr_to_slab+0x11/0xa0 [ 15.351750] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.351776] kasan_report_invalid_free+0x10a/0x130 [ 15.351801] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.351829] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.351854] __kasan_mempool_poison_object+0x102/0x1d0 [ 15.351878] mempool_free+0x2ec/0x380 [ 15.351906] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.351931] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.351955] ? update_load_avg+0x1be/0x21b0 [ 15.351984] ? finish_task_switch.isra.0+0x153/0x700 [ 15.352010] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 15.352035] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 15.352077] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.352100] ? __pfx_mempool_kfree+0x10/0x10 [ 15.352126] ? __pfx_read_tsc+0x10/0x10 [ 15.352146] ? ktime_get_ts64+0x86/0x230 [ 15.352171] kunit_try_run_case+0x1a5/0x480 [ 15.352195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.352242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.352265] ? __kthread_parkme+0x82/0x180 [ 15.352285] ? preempt_count_sub+0x50/0x80 [ 15.352309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.352356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.352380] kthread+0x337/0x6f0 [ 15.352400] ? trace_preempt_on+0x20/0xc0 [ 15.352423] ? __pfx_kthread+0x10/0x10 [ 15.352445] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.352466] ? calculate_sigpending+0x7b/0xa0 [ 15.352490] ? __pfx_kthread+0x10/0x10 [ 15.352513] ret_from_fork+0x116/0x1d0 [ 15.352531] ? __pfx_kthread+0x10/0x10 [ 15.352552] ret_from_fork_asm+0x1a/0x30 [ 15.352583] </TASK> [ 15.352595] [ 15.361981] The buggy address belongs to the physical page: [ 15.362293] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a10 [ 15.362743] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.363204] flags: 0x200000000000040(head|node=0|zone=2) [ 15.363412] page_type: f8(unknown) [ 15.363552] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.363882] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.364306] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.365073] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.365414] head: 0200000000000002 ffffea00040a8401 00000000ffffffff 00000000ffffffff [ 15.365737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.366016] page dumped because: kasan: bad access detected [ 15.366480] [ 15.366582] Memory state around the buggy address: [ 15.366771] ffff888102a0ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.367100] ffff888102a0ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.367445] >ffff888102a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.367903] ^ [ 15.368082] ffff888102a10080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.368395] ffff888102a10100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.368684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 15.279379] ================================================================== [ 15.280216] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.280545] Free of addr ffff888102a0c000 by task kunit_try_catch/254 [ 15.280992] [ 15.281369] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.281520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.281544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.281568] Call Trace: [ 15.281584] <TASK> [ 15.281601] dump_stack_lvl+0x73/0xb0 [ 15.281634] print_report+0xd1/0x650 [ 15.281666] ? __virt_addr_valid+0x1db/0x2d0 [ 15.281691] ? kasan_addr_to_slab+0x11/0xa0 [ 15.281741] ? mempool_double_free_helper+0x184/0x370 [ 15.281768] kasan_report_invalid_free+0x10a/0x130 [ 15.281793] ? mempool_double_free_helper+0x184/0x370 [ 15.281818] ? mempool_double_free_helper+0x184/0x370 [ 15.281840] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 15.281865] mempool_free+0x2ec/0x380 [ 15.281892] mempool_double_free_helper+0x184/0x370 [ 15.281916] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.281940] ? __kasan_check_write+0x18/0x20 [ 15.281959] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.281982] ? finish_task_switch.isra.0+0x153/0x700 [ 15.282009] mempool_kmalloc_large_double_free+0xed/0x140 [ 15.282033] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 15.282072] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.282094] ? __pfx_mempool_kfree+0x10/0x10 [ 15.282119] ? __pfx_read_tsc+0x10/0x10 [ 15.282140] ? ktime_get_ts64+0x86/0x230 [ 15.282165] kunit_try_run_case+0x1a5/0x480 [ 15.282190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.282237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.282259] ? __kthread_parkme+0x82/0x180 [ 15.282279] ? preempt_count_sub+0x50/0x80 [ 15.282302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.282348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.282371] kthread+0x337/0x6f0 [ 15.282390] ? trace_preempt_on+0x20/0xc0 [ 15.282412] ? __pfx_kthread+0x10/0x10 [ 15.282433] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.282454] ? calculate_sigpending+0x7b/0xa0 [ 15.282478] ? __pfx_kthread+0x10/0x10 [ 15.282498] ret_from_fork+0x116/0x1d0 [ 15.282516] ? __pfx_kthread+0x10/0x10 [ 15.282536] ret_from_fork_asm+0x1a/0x30 [ 15.282567] </TASK> [ 15.282579] [ 15.296226] The buggy address belongs to the physical page: [ 15.296492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0c [ 15.297287] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.297598] flags: 0x200000000000040(head|node=0|zone=2) [ 15.298291] page_type: f8(unknown) [ 15.298499] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.299038] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.299314] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.299762] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.300198] head: 0200000000000002 ffffea00040a8301 00000000ffffffff 00000000ffffffff [ 15.300532] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.300944] page dumped because: kasan: bad access detected [ 15.301263] [ 15.301340] Memory state around the buggy address: [ 15.301601] ffff888102a0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.301980] ffff888102a0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.302234] >ffff888102a0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.302564] ^ [ 15.302731] ffff888102a0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.303093] ffff888102a0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.303391] ================================================================== [ 15.234321] ================================================================== [ 15.234830] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.235290] Free of addr ffff8881039f3100 by task kunit_try_catch/252 [ 15.235539] [ 15.235645] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.235688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.235700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.235721] Call Trace: [ 15.235750] <TASK> [ 15.235764] dump_stack_lvl+0x73/0xb0 [ 15.235793] print_report+0xd1/0x650 [ 15.235815] ? __virt_addr_valid+0x1db/0x2d0 [ 15.235839] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.235865] ? mempool_double_free_helper+0x184/0x370 [ 15.235889] kasan_report_invalid_free+0x10a/0x130 [ 15.235913] ? mempool_double_free_helper+0x184/0x370 [ 15.235940] ? mempool_double_free_helper+0x184/0x370 [ 15.235962] ? mempool_double_free_helper+0x184/0x370 [ 15.235984] check_slab_allocation+0x101/0x130 [ 15.236007] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.236032] mempool_free+0x2ec/0x380 [ 15.236070] mempool_double_free_helper+0x184/0x370 [ 15.236095] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.236117] ? update_load_avg+0x1be/0x21b0 [ 15.236141] ? dequeue_entities+0x27e/0x1740 [ 15.236167] ? finish_task_switch.isra.0+0x153/0x700 [ 15.236193] mempool_kmalloc_double_free+0xed/0x140 [ 15.236216] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 15.236243] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.236265] ? __pfx_mempool_kfree+0x10/0x10 [ 15.236290] ? __pfx_read_tsc+0x10/0x10 [ 15.236310] ? ktime_get_ts64+0x86/0x230 [ 15.236334] kunit_try_run_case+0x1a5/0x480 [ 15.236360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.236405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.236427] ? __kthread_parkme+0x82/0x180 [ 15.236447] ? preempt_count_sub+0x50/0x80 [ 15.236472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.236540] kthread+0x337/0x6f0 [ 15.236560] ? trace_preempt_on+0x20/0xc0 [ 15.236583] ? __pfx_kthread+0x10/0x10 [ 15.236604] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.236624] ? calculate_sigpending+0x7b/0xa0 [ 15.236647] ? __pfx_kthread+0x10/0x10 [ 15.236692] ret_from_fork+0x116/0x1d0 [ 15.236711] ? __pfx_kthread+0x10/0x10 [ 15.236739] ret_from_fork_asm+0x1a/0x30 [ 15.236771] </TASK> [ 15.236783] [ 15.254435] Allocated by task 252: [ 15.254992] kasan_save_stack+0x45/0x70 [ 15.255322] kasan_save_track+0x18/0x40 [ 15.255947] kasan_save_alloc_info+0x3b/0x50 [ 15.256706] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.256992] remove_element+0x11e/0x190 [ 15.257250] mempool_alloc_preallocated+0x4d/0x90 [ 15.257543] mempool_double_free_helper+0x8a/0x370 [ 15.258179] mempool_kmalloc_double_free+0xed/0x140 [ 15.258418] kunit_try_run_case+0x1a5/0x480 [ 15.258622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259375] kthread+0x337/0x6f0 [ 15.259686] ret_from_fork+0x116/0x1d0 [ 15.260131] ret_from_fork_asm+0x1a/0x30 [ 15.260461] [ 15.260694] Freed by task 252: [ 15.261042] kasan_save_stack+0x45/0x70 [ 15.261593] kasan_save_track+0x18/0x40 [ 15.262119] kasan_save_free_info+0x3f/0x60 [ 15.262513] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.262977] mempool_free+0x2ec/0x380 [ 15.263208] mempool_double_free_helper+0x109/0x370 [ 15.263440] mempool_kmalloc_double_free+0xed/0x140 [ 15.263664] kunit_try_run_case+0x1a5/0x480 [ 15.264341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.264645] kthread+0x337/0x6f0 [ 15.265107] ret_from_fork+0x116/0x1d0 [ 15.265439] ret_from_fork_asm+0x1a/0x30 [ 15.265887] [ 15.265994] The buggy address belongs to the object at ffff8881039f3100 [ 15.265994] which belongs to the cache kmalloc-128 of size 128 [ 15.266534] The buggy address is located 0 bytes inside of [ 15.266534] 128-byte region [ffff8881039f3100, ffff8881039f3180) [ 15.267698] [ 15.268034] The buggy address belongs to the physical page: [ 15.268523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.269575] flags: 0x200000000000000(node=0|zone=2) [ 15.270058] page_type: f5(slab) [ 15.270239] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.270576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.271407] page dumped because: kasan: bad access detected [ 15.271684] [ 15.271909] Memory state around the buggy address: [ 15.272153] ffff8881039f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.272468] ffff8881039f3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273177] >ffff8881039f3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.273654] ^ [ 15.274047] ffff8881039f3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274389] ffff8881039f3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.274698] ================================================================== [ 15.306197] ================================================================== [ 15.307065] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.307393] Free of addr ffff888103950000 by task kunit_try_catch/256 [ 15.307666] [ 15.307873] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.307924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.307937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.307960] Call Trace: [ 15.307973] <TASK> [ 15.307988] dump_stack_lvl+0x73/0xb0 [ 15.308018] print_report+0xd1/0x650 [ 15.308042] ? __virt_addr_valid+0x1db/0x2d0 [ 15.308079] ? kasan_addr_to_slab+0x11/0xa0 [ 15.308098] ? mempool_double_free_helper+0x184/0x370 [ 15.308125] kasan_report_invalid_free+0x10a/0x130 [ 15.308150] ? mempool_double_free_helper+0x184/0x370 [ 15.308177] ? mempool_double_free_helper+0x184/0x370 [ 15.308201] __kasan_mempool_poison_pages+0x115/0x130 [ 15.308227] mempool_free+0x290/0x380 [ 15.308254] mempool_double_free_helper+0x184/0x370 [ 15.308279] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.308303] ? update_load_avg+0x1be/0x21b0 [ 15.308331] ? finish_task_switch.isra.0+0x153/0x700 [ 15.308356] mempool_page_alloc_double_free+0xe8/0x140 [ 15.308383] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 15.308412] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.308436] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.308462] ? __pfx_read_tsc+0x10/0x10 [ 15.308484] ? ktime_get_ts64+0x86/0x230 [ 15.308509] kunit_try_run_case+0x1a5/0x480 [ 15.308535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.308558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.308582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.308606] ? __kthread_parkme+0x82/0x180 [ 15.308627] ? preempt_count_sub+0x50/0x80 [ 15.308651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.308675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.308699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.308778] kthread+0x337/0x6f0 [ 15.308800] ? trace_preempt_on+0x20/0xc0 [ 15.308824] ? __pfx_kthread+0x10/0x10 [ 15.308845] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.308867] ? calculate_sigpending+0x7b/0xa0 [ 15.308892] ? __pfx_kthread+0x10/0x10 [ 15.308914] ret_from_fork+0x116/0x1d0 [ 15.308933] ? __pfx_kthread+0x10/0x10 [ 15.308953] ret_from_fork_asm+0x1a/0x30 [ 15.308986] </TASK> [ 15.308998] [ 15.318511] The buggy address belongs to the physical page: [ 15.318711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 15.318988] flags: 0x200000000000000(node=0|zone=2) [ 15.319400] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.319774] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.320319] page dumped because: kasan: bad access detected [ 15.320554] [ 15.320660] Memory state around the buggy address: [ 15.320967] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.321229] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.321590] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.321943] ^ [ 15.322274] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.322625] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.322896] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 15.145449] ================================================================== [ 15.146433] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.146686] Read of size 1 at addr ffff888102a0c000 by task kunit_try_catch/246 [ 15.148015] [ 15.148470] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.148565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.148581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.148604] Call Trace: [ 15.148619] <TASK> [ 15.148635] dump_stack_lvl+0x73/0xb0 [ 15.148665] print_report+0xd1/0x650 [ 15.148687] ? __virt_addr_valid+0x1db/0x2d0 [ 15.148743] ? mempool_uaf_helper+0x392/0x400 [ 15.148779] ? kasan_addr_to_slab+0x11/0xa0 [ 15.148799] ? mempool_uaf_helper+0x392/0x400 [ 15.148822] kasan_report+0x141/0x180 [ 15.148844] ? mempool_uaf_helper+0x392/0x400 [ 15.148871] __asan_report_load1_noabort+0x18/0x20 [ 15.148897] mempool_uaf_helper+0x392/0x400 [ 15.148920] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.148946] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.148969] ? finish_task_switch.isra.0+0x153/0x700 [ 15.148994] mempool_kmalloc_large_uaf+0xef/0x140 [ 15.149018] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.149045] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.149080] ? __pfx_mempool_kfree+0x10/0x10 [ 15.149105] ? __pfx_read_tsc+0x10/0x10 [ 15.149125] ? ktime_get_ts64+0x86/0x230 [ 15.149149] kunit_try_run_case+0x1a5/0x480 [ 15.149174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.149196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.149219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.149242] ? __kthread_parkme+0x82/0x180 [ 15.149262] ? preempt_count_sub+0x50/0x80 [ 15.149285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.149308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.149330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.149353] kthread+0x337/0x6f0 [ 15.149373] ? trace_preempt_on+0x20/0xc0 [ 15.149397] ? __pfx_kthread+0x10/0x10 [ 15.149418] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.149438] ? calculate_sigpending+0x7b/0xa0 [ 15.149462] ? __pfx_kthread+0x10/0x10 [ 15.149484] ret_from_fork+0x116/0x1d0 [ 15.149502] ? __pfx_kthread+0x10/0x10 [ 15.149529] ret_from_fork_asm+0x1a/0x30 [ 15.149560] </TASK> [ 15.149572] [ 15.165739] The buggy address belongs to the physical page: [ 15.165950] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0c [ 15.166599] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.167223] flags: 0x200000000000040(head|node=0|zone=2) [ 15.167722] page_type: f8(unknown) [ 15.167967] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.168405] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.168643] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.169457] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.170452] head: 0200000000000002 ffffea00040a8301 00000000ffffffff 00000000ffffffff [ 15.171446] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.171902] page dumped because: kasan: bad access detected [ 15.172099] [ 15.172179] Memory state around the buggy address: [ 15.172345] ffff888102a0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.172571] ffff888102a0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.172794] >ffff888102a0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.173012] ^ [ 15.173454] ffff888102a0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.174299] ffff888102a0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.175152] ================================================================== [ 15.213099] ================================================================== [ 15.213586] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.213903] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/250 [ 15.214321] [ 15.214435] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.214482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.214496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.214518] Call Trace: [ 15.214532] <TASK> [ 15.214548] dump_stack_lvl+0x73/0xb0 [ 15.214578] print_report+0xd1/0x650 [ 15.214601] ? __virt_addr_valid+0x1db/0x2d0 [ 15.214625] ? mempool_uaf_helper+0x392/0x400 [ 15.214648] ? kasan_addr_to_slab+0x11/0xa0 [ 15.214668] ? mempool_uaf_helper+0x392/0x400 [ 15.214691] kasan_report+0x141/0x180 [ 15.214713] ? mempool_uaf_helper+0x392/0x400 [ 15.214759] __asan_report_load1_noabort+0x18/0x20 [ 15.214785] mempool_uaf_helper+0x392/0x400 [ 15.214808] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.214840] mempool_page_alloc_uaf+0xed/0x140 [ 15.214864] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 15.214892] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.214917] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.214944] ? __pfx_read_tsc+0x10/0x10 [ 15.214966] ? ktime_get_ts64+0x86/0x230 [ 15.214992] kunit_try_run_case+0x1a5/0x480 [ 15.215017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.215040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.215076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.215100] ? __kthread_parkme+0x82/0x180 [ 15.215122] ? preempt_count_sub+0x50/0x80 [ 15.215147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.215170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.215194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.215218] kthread+0x337/0x6f0 [ 15.215238] ? trace_preempt_on+0x20/0xc0 [ 15.215263] ? __pfx_kthread+0x10/0x10 [ 15.215284] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.215307] ? calculate_sigpending+0x7b/0xa0 [ 15.215333] ? __pfx_kthread+0x10/0x10 [ 15.215356] ret_from_fork+0x116/0x1d0 [ 15.215375] ? __pfx_kthread+0x10/0x10 [ 15.215395] ret_from_fork_asm+0x1a/0x30 [ 15.215429] </TASK> [ 15.215441] [ 15.224179] The buggy address belongs to the physical page: [ 15.224464] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 15.224887] flags: 0x200000000000000(node=0|zone=2) [ 15.225083] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.225386] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.225684] page dumped because: kasan: bad access detected [ 15.226037] [ 15.226170] Memory state around the buggy address: [ 15.226367] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.226701] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.227023] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.227343] ^ [ 15.227504] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.227977] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.228302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 15.179551] ================================================================== [ 15.180085] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.180336] Read of size 1 at addr ffff8881039f2240 by task kunit_try_catch/248 [ 15.180569] [ 15.180663] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.180709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.180722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.180745] Call Trace: [ 15.180757] <TASK> [ 15.180774] dump_stack_lvl+0x73/0xb0 [ 15.180804] print_report+0xd1/0x650 [ 15.180827] ? __virt_addr_valid+0x1db/0x2d0 [ 15.180851] ? mempool_uaf_helper+0x392/0x400 [ 15.180874] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.180900] ? mempool_uaf_helper+0x392/0x400 [ 15.180922] kasan_report+0x141/0x180 [ 15.180946] ? mempool_uaf_helper+0x392/0x400 [ 15.180973] __asan_report_load1_noabort+0x18/0x20 [ 15.180998] mempool_uaf_helper+0x392/0x400 [ 15.181060] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.181096] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.181149] ? finish_task_switch.isra.0+0x153/0x700 [ 15.181174] mempool_slab_uaf+0xea/0x140 [ 15.181197] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.181224] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.181249] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.181275] ? __pfx_read_tsc+0x10/0x10 [ 15.181297] ? ktime_get_ts64+0x86/0x230 [ 15.181321] kunit_try_run_case+0x1a5/0x480 [ 15.181346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.181392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.181415] ? __kthread_parkme+0x82/0x180 [ 15.181436] ? preempt_count_sub+0x50/0x80 [ 15.181459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.181505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.181531] kthread+0x337/0x6f0 [ 15.181551] ? trace_preempt_on+0x20/0xc0 [ 15.181574] ? __pfx_kthread+0x10/0x10 [ 15.181595] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.181616] ? calculate_sigpending+0x7b/0xa0 [ 15.181640] ? __pfx_kthread+0x10/0x10 [ 15.181661] ret_from_fork+0x116/0x1d0 [ 15.181680] ? __pfx_kthread+0x10/0x10 [ 15.181700] ret_from_fork_asm+0x1a/0x30 [ 15.181740] </TASK> [ 15.181752] [ 15.191074] Allocated by task 248: [ 15.191277] kasan_save_stack+0x45/0x70 [ 15.191444] kasan_save_track+0x18/0x40 [ 15.191630] kasan_save_alloc_info+0x3b/0x50 [ 15.191839] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.192157] remove_element+0x11e/0x190 [ 15.192303] mempool_alloc_preallocated+0x4d/0x90 [ 15.192470] mempool_uaf_helper+0x96/0x400 [ 15.192684] mempool_slab_uaf+0xea/0x140 [ 15.193147] kunit_try_run_case+0x1a5/0x480 [ 15.193361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.193629] kthread+0x337/0x6f0 [ 15.193849] ret_from_fork+0x116/0x1d0 [ 15.194037] ret_from_fork_asm+0x1a/0x30 [ 15.194194] [ 15.194269] Freed by task 248: [ 15.194401] kasan_save_stack+0x45/0x70 [ 15.194602] kasan_save_track+0x18/0x40 [ 15.194799] kasan_save_free_info+0x3f/0x60 [ 15.195022] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.195209] mempool_free+0x2ec/0x380 [ 15.195347] mempool_uaf_helper+0x11a/0x400 [ 15.195496] mempool_slab_uaf+0xea/0x140 [ 15.195639] kunit_try_run_case+0x1a5/0x480 [ 15.195972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196290] kthread+0x337/0x6f0 [ 15.196466] ret_from_fork+0x116/0x1d0 [ 15.196659] ret_from_fork_asm+0x1a/0x30 [ 15.197118] [ 15.197226] The buggy address belongs to the object at ffff8881039f2240 [ 15.197226] which belongs to the cache test_cache of size 123 [ 15.198033] The buggy address is located 0 bytes inside of [ 15.198033] freed 123-byte region [ffff8881039f2240, ffff8881039f22bb) [ 15.198407] [ 15.198510] The buggy address belongs to the physical page: [ 15.198878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f2 [ 15.199259] flags: 0x200000000000000(node=0|zone=2) [ 15.199506] page_type: f5(slab) [ 15.199683] raw: 0200000000000000 ffff888101601a00 dead000000000122 0000000000000000 [ 15.200004] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.200338] page dumped because: kasan: bad access detected [ 15.200579] [ 15.200677] Memory state around the buggy address: [ 15.200969] ffff8881039f2100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.201257] ffff8881039f2180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.201569] >ffff8881039f2200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 15.201867] ^ [ 15.202046] ffff8881039f2280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.202393] ffff8881039f2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202703] ================================================================== [ 15.106164] ================================================================== [ 15.107822] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.109121] Read of size 1 at addr ffff8881031c0700 by task kunit_try_catch/244 [ 15.109480] [ 15.109632] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.109681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.109694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.109869] Call Trace: [ 15.109911] <TASK> [ 15.109928] dump_stack_lvl+0x73/0xb0 [ 15.109959] print_report+0xd1/0x650 [ 15.109982] ? __virt_addr_valid+0x1db/0x2d0 [ 15.110004] ? mempool_uaf_helper+0x392/0x400 [ 15.110027] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.110065] ? mempool_uaf_helper+0x392/0x400 [ 15.110088] kasan_report+0x141/0x180 [ 15.110110] ? mempool_uaf_helper+0x392/0x400 [ 15.110138] __asan_report_load1_noabort+0x18/0x20 [ 15.110162] mempool_uaf_helper+0x392/0x400 [ 15.110185] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.110210] ? __kasan_check_write+0x18/0x20 [ 15.110230] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.110252] ? finish_task_switch.isra.0+0x153/0x700 [ 15.110279] mempool_kmalloc_uaf+0xef/0x140 [ 15.110301] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 15.110327] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.110350] ? __pfx_mempool_kfree+0x10/0x10 [ 15.110376] ? __pfx_read_tsc+0x10/0x10 [ 15.110396] ? ktime_get_ts64+0x86/0x230 [ 15.110421] kunit_try_run_case+0x1a5/0x480 [ 15.110446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.110492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.110514] ? __kthread_parkme+0x82/0x180 [ 15.110535] ? preempt_count_sub+0x50/0x80 [ 15.110559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.110606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.110629] kthread+0x337/0x6f0 [ 15.110648] ? trace_preempt_on+0x20/0xc0 [ 15.110671] ? __pfx_kthread+0x10/0x10 [ 15.110692] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.110744] ? calculate_sigpending+0x7b/0xa0 [ 15.110770] ? __pfx_kthread+0x10/0x10 [ 15.110792] ret_from_fork+0x116/0x1d0 [ 15.110811] ? __pfx_kthread+0x10/0x10 [ 15.110831] ret_from_fork_asm+0x1a/0x30 [ 15.110863] </TASK> [ 15.110875] [ 15.124282] Allocated by task 244: [ 15.124536] kasan_save_stack+0x45/0x70 [ 15.124741] kasan_save_track+0x18/0x40 [ 15.125236] kasan_save_alloc_info+0x3b/0x50 [ 15.125539] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.126061] remove_element+0x11e/0x190 [ 15.126266] mempool_alloc_preallocated+0x4d/0x90 [ 15.126634] mempool_uaf_helper+0x96/0x400 [ 15.126932] mempool_kmalloc_uaf+0xef/0x140 [ 15.127277] kunit_try_run_case+0x1a5/0x480 [ 15.127831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128256] kthread+0x337/0x6f0 [ 15.128553] ret_from_fork+0x116/0x1d0 [ 15.128888] ret_from_fork_asm+0x1a/0x30 [ 15.129297] [ 15.129432] Freed by task 244: [ 15.129591] kasan_save_stack+0x45/0x70 [ 15.130108] kasan_save_track+0x18/0x40 [ 15.130313] kasan_save_free_info+0x3f/0x60 [ 15.130645] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.131044] mempool_free+0x2ec/0x380 [ 15.131283] mempool_uaf_helper+0x11a/0x400 [ 15.131483] mempool_kmalloc_uaf+0xef/0x140 [ 15.131702] kunit_try_run_case+0x1a5/0x480 [ 15.132255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.132581] kthread+0x337/0x6f0 [ 15.132947] ret_from_fork+0x116/0x1d0 [ 15.133162] ret_from_fork_asm+0x1a/0x30 [ 15.133432] [ 15.133535] The buggy address belongs to the object at ffff8881031c0700 [ 15.133535] which belongs to the cache kmalloc-128 of size 128 [ 15.134307] The buggy address is located 0 bytes inside of [ 15.134307] freed 128-byte region [ffff8881031c0700, ffff8881031c0780) [ 15.135213] [ 15.135331] The buggy address belongs to the physical page: [ 15.135596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 15.136264] flags: 0x200000000000000(node=0|zone=2) [ 15.136601] page_type: f5(slab) [ 15.136816] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.137493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.137989] page dumped because: kasan: bad access detected [ 15.138636] [ 15.138771] Memory state around the buggy address: [ 15.139004] ffff8881031c0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.139339] ffff8881031c0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139662] >ffff8881031c0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.140660] ^ [ 15.140974] ffff8881031c0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.141314] ffff8881031c0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.141852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 15.078036] ================================================================== [ 15.078608] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.079219] Read of size 1 at addr ffff8881039f02bb by task kunit_try_catch/242 [ 15.079508] [ 15.079652] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.079700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.079713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.079736] Call Trace: [ 15.079750] <TASK> [ 15.079769] dump_stack_lvl+0x73/0xb0 [ 15.079804] print_report+0xd1/0x650 [ 15.079831] ? __virt_addr_valid+0x1db/0x2d0 [ 15.079860] ? mempool_oob_right_helper+0x318/0x380 [ 15.080000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.080030] ? mempool_oob_right_helper+0x318/0x380 [ 15.080067] kasan_report+0x141/0x180 [ 15.080091] ? mempool_oob_right_helper+0x318/0x380 [ 15.080122] __asan_report_load1_noabort+0x18/0x20 [ 15.080147] mempool_oob_right_helper+0x318/0x380 [ 15.080174] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.080198] ? update_load_avg+0x1be/0x21b0 [ 15.080226] ? enqueue_entity+0x215/0x1080 [ 15.080253] ? finish_task_switch.isra.0+0x153/0x700 [ 15.080280] mempool_slab_oob_right+0xed/0x140 [ 15.080306] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 15.080335] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.080363] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.080390] ? __pfx_read_tsc+0x10/0x10 [ 15.080413] ? ktime_get_ts64+0x86/0x230 [ 15.080440] kunit_try_run_case+0x1a5/0x480 [ 15.080468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.080492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.080517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.080542] ? __kthread_parkme+0x82/0x180 [ 15.080565] ? preempt_count_sub+0x50/0x80 [ 15.080591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.080617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.080641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.080667] kthread+0x337/0x6f0 [ 15.080689] ? trace_preempt_on+0x20/0xc0 [ 15.080741] ? __pfx_kthread+0x10/0x10 [ 15.080764] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.080788] ? calculate_sigpending+0x7b/0xa0 [ 15.080824] ? __pfx_kthread+0x10/0x10 [ 15.080847] ret_from_fork+0x116/0x1d0 [ 15.080869] ? __pfx_kthread+0x10/0x10 [ 15.080892] ret_from_fork_asm+0x1a/0x30 [ 15.080926] </TASK> [ 15.080939] [ 15.089767] Allocated by task 242: [ 15.089909] kasan_save_stack+0x45/0x70 [ 15.090139] kasan_save_track+0x18/0x40 [ 15.090343] kasan_save_alloc_info+0x3b/0x50 [ 15.090570] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.090801] remove_element+0x11e/0x190 [ 15.090947] mempool_alloc_preallocated+0x4d/0x90 [ 15.091392] mempool_oob_right_helper+0x8a/0x380 [ 15.091639] mempool_slab_oob_right+0xed/0x140 [ 15.092139] kunit_try_run_case+0x1a5/0x480 [ 15.092336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.092559] kthread+0x337/0x6f0 [ 15.092825] ret_from_fork+0x116/0x1d0 [ 15.093008] ret_from_fork_asm+0x1a/0x30 [ 15.093188] [ 15.093288] The buggy address belongs to the object at ffff8881039f0240 [ 15.093288] which belongs to the cache test_cache of size 123 [ 15.093869] The buggy address is located 0 bytes to the right of [ 15.093869] allocated 123-byte region [ffff8881039f0240, ffff8881039f02bb) [ 15.094420] [ 15.094500] The buggy address belongs to the physical page: [ 15.094679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f0 [ 15.094924] flags: 0x200000000000000(node=0|zone=2) [ 15.095408] page_type: f5(slab) [ 15.095872] raw: 0200000000000000 ffff8881016018c0 dead000000000122 0000000000000000 [ 15.096239] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.096634] page dumped because: kasan: bad access detected [ 15.096874] [ 15.097031] Memory state around the buggy address: [ 15.097310] ffff8881039f0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.097660] ffff8881039f0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 15.098031] >ffff8881039f0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 15.098322] ^ [ 15.098588] ffff8881039f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098930] ffff8881039f0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.099172] ================================================================== [ 15.026120] ================================================================== [ 15.026651] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.027438] Read of size 1 at addr ffff8881031c0373 by task kunit_try_catch/238 [ 15.027965] [ 15.028225] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.028282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.028294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.028318] Call Trace: [ 15.028332] <TASK> [ 15.028350] dump_stack_lvl+0x73/0xb0 [ 15.028383] print_report+0xd1/0x650 [ 15.028407] ? __virt_addr_valid+0x1db/0x2d0 [ 15.028430] ? mempool_oob_right_helper+0x318/0x380 [ 15.028454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.028480] ? mempool_oob_right_helper+0x318/0x380 [ 15.028503] kasan_report+0x141/0x180 [ 15.028525] ? mempool_oob_right_helper+0x318/0x380 [ 15.028554] __asan_report_load1_noabort+0x18/0x20 [ 15.028577] mempool_oob_right_helper+0x318/0x380 [ 15.028602] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.028627] ? __kasan_check_write+0x18/0x20 [ 15.028646] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.028669] ? finish_task_switch.isra.0+0x153/0x700 [ 15.028696] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.028825] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 15.028854] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.028881] ? __pfx_mempool_kfree+0x10/0x10 [ 15.028905] ? __pfx_read_tsc+0x10/0x10 [ 15.028934] ? ktime_get_ts64+0x86/0x230 [ 15.028959] kunit_try_run_case+0x1a5/0x480 [ 15.028985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.029007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.029031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.029063] ? __kthread_parkme+0x82/0x180 [ 15.029085] ? preempt_count_sub+0x50/0x80 [ 15.029108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.029134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.029181] kthread+0x337/0x6f0 [ 15.029201] ? trace_preempt_on+0x20/0xc0 [ 15.029225] ? __pfx_kthread+0x10/0x10 [ 15.029246] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.029266] ? calculate_sigpending+0x7b/0xa0 [ 15.029291] ? __pfx_kthread+0x10/0x10 [ 15.029312] ret_from_fork+0x116/0x1d0 [ 15.029330] ? __pfx_kthread+0x10/0x10 [ 15.029351] ret_from_fork_asm+0x1a/0x30 [ 15.029384] </TASK> [ 15.029398] [ 15.038394] Allocated by task 238: [ 15.038561] kasan_save_stack+0x45/0x70 [ 15.038943] kasan_save_track+0x18/0x40 [ 15.039182] kasan_save_alloc_info+0x3b/0x50 [ 15.039419] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.039684] remove_element+0x11e/0x190 [ 15.039894] mempool_alloc_preallocated+0x4d/0x90 [ 15.040104] mempool_oob_right_helper+0x8a/0x380 [ 15.040264] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.040457] kunit_try_run_case+0x1a5/0x480 [ 15.040680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.040943] kthread+0x337/0x6f0 [ 15.041194] ret_from_fork+0x116/0x1d0 [ 15.041447] ret_from_fork_asm+0x1a/0x30 [ 15.041604] [ 15.041682] The buggy address belongs to the object at ffff8881031c0300 [ 15.041682] which belongs to the cache kmalloc-128 of size 128 [ 15.042240] The buggy address is located 0 bytes to the right of [ 15.042240] allocated 115-byte region [ffff8881031c0300, ffff8881031c0373) [ 15.042976] [ 15.043091] The buggy address belongs to the physical page: [ 15.043608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 15.044012] flags: 0x200000000000000(node=0|zone=2) [ 15.044209] page_type: f5(slab) [ 15.044357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.044800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.045269] page dumped because: kasan: bad access detected [ 15.045573] [ 15.045677] Memory state around the buggy address: [ 15.045963] ffff8881031c0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.046319] ffff8881031c0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.046692] >ffff8881031c0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.046968] ^ [ 15.047505] ffff8881031c0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.047958] ffff8881031c0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.048335] ================================================================== [ 15.052678] ================================================================== [ 15.053300] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.053690] Read of size 1 at addr ffff888102a0a001 by task kunit_try_catch/240 [ 15.054625] [ 15.054962] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.055072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.055087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.055109] Call Trace: [ 15.055123] <TASK> [ 15.055139] dump_stack_lvl+0x73/0xb0 [ 15.055169] print_report+0xd1/0x650 [ 15.055193] ? __virt_addr_valid+0x1db/0x2d0 [ 15.055215] ? mempool_oob_right_helper+0x318/0x380 [ 15.055239] ? kasan_addr_to_slab+0x11/0xa0 [ 15.055260] ? mempool_oob_right_helper+0x318/0x380 [ 15.055283] kasan_report+0x141/0x180 [ 15.055306] ? mempool_oob_right_helper+0x318/0x380 [ 15.055336] __asan_report_load1_noabort+0x18/0x20 [ 15.055359] mempool_oob_right_helper+0x318/0x380 [ 15.055385] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.055410] ? __kasan_check_write+0x18/0x20 [ 15.055430] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.055453] ? finish_task_switch.isra.0+0x153/0x700 [ 15.055479] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 15.055504] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 15.055532] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.055557] ? __pfx_mempool_kfree+0x10/0x10 [ 15.055583] ? __pfx_read_tsc+0x10/0x10 [ 15.055604] ? ktime_get_ts64+0x86/0x230 [ 15.055628] kunit_try_run_case+0x1a5/0x480 [ 15.055654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.055701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.055723] ? __kthread_parkme+0x82/0x180 [ 15.055744] ? preempt_count_sub+0x50/0x80 [ 15.055768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.055831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.055854] kthread+0x337/0x6f0 [ 15.055874] ? trace_preempt_on+0x20/0xc0 [ 15.055898] ? __pfx_kthread+0x10/0x10 [ 15.055920] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.055941] ? calculate_sigpending+0x7b/0xa0 [ 15.055965] ? __pfx_kthread+0x10/0x10 [ 15.055989] ret_from_fork+0x116/0x1d0 [ 15.056008] ? __pfx_kthread+0x10/0x10 [ 15.056030] ret_from_fork_asm+0x1a/0x30 [ 15.056073] </TASK> [ 15.056085] [ 15.065685] The buggy address belongs to the physical page: [ 15.066103] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 15.066514] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.066933] flags: 0x200000000000040(head|node=0|zone=2) [ 15.067174] page_type: f8(unknown) [ 15.067371] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.067782] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.068090] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.068490] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.068844] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 15.069276] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.069560] page dumped because: kasan: bad access detected [ 15.069797] [ 15.069902] Memory state around the buggy address: [ 15.070151] ffff888102a09f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.070511] ffff888102a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.070880] >ffff888102a0a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.071232] ^ [ 15.071378] ffff888102a0a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.071693] ffff888102a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.072139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 14.448912] ================================================================== [ 14.449435] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 14.450224] Read of size 1 at addr ffff888101985780 by task kunit_try_catch/232 [ 14.450738] [ 14.451007] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.451076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.451211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.451239] Call Trace: [ 14.451256] <TASK> [ 14.451278] dump_stack_lvl+0x73/0xb0 [ 14.451317] print_report+0xd1/0x650 [ 14.451343] ? __virt_addr_valid+0x1db/0x2d0 [ 14.451372] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.451400] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.451429] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.451456] kasan_report+0x141/0x180 [ 14.451481] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.451512] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.451542] __kasan_check_byte+0x3d/0x50 [ 14.451568] kmem_cache_destroy+0x25/0x1d0 [ 14.451594] kmem_cache_double_destroy+0x1bf/0x380 [ 14.451620] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 14.451647] ? finish_task_switch.isra.0+0x153/0x700 [ 14.451673] ? __switch_to+0x47/0xf50 [ 14.451708] ? __pfx_read_tsc+0x10/0x10 [ 14.451733] ? ktime_get_ts64+0x86/0x230 [ 14.451761] kunit_try_run_case+0x1a5/0x480 [ 14.451790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.451844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451870] ? __kthread_parkme+0x82/0x180 [ 14.451894] ? preempt_count_sub+0x50/0x80 [ 14.451921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.452000] kthread+0x337/0x6f0 [ 14.452022] ? trace_preempt_on+0x20/0xc0 [ 14.452062] ? __pfx_kthread+0x10/0x10 [ 14.452086] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.452109] ? calculate_sigpending+0x7b/0xa0 [ 14.452138] ? __pfx_kthread+0x10/0x10 [ 14.452162] ret_from_fork+0x116/0x1d0 [ 14.452183] ? __pfx_kthread+0x10/0x10 [ 14.452206] ret_from_fork_asm+0x1a/0x30 [ 14.452242] </TASK> [ 14.452256] [ 14.464404] Allocated by task 232: [ 14.464970] kasan_save_stack+0x45/0x70 [ 14.465213] kasan_save_track+0x18/0x40 [ 14.465492] kasan_save_alloc_info+0x3b/0x50 [ 14.465702] __kasan_slab_alloc+0x91/0xa0 [ 14.466113] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.466290] __kmem_cache_create_args+0x169/0x240 [ 14.466460] kmem_cache_double_destroy+0xd5/0x380 [ 14.466927] kunit_try_run_case+0x1a5/0x480 [ 14.467169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467413] kthread+0x337/0x6f0 [ 14.467541] ret_from_fork+0x116/0x1d0 [ 14.467680] ret_from_fork_asm+0x1a/0x30 [ 14.467832] [ 14.467909] Freed by task 232: [ 14.468027] kasan_save_stack+0x45/0x70 [ 14.468178] kasan_save_track+0x18/0x40 [ 14.468318] kasan_save_free_info+0x3f/0x60 [ 14.468470] __kasan_slab_free+0x56/0x70 [ 14.468610] kmem_cache_free+0x249/0x420 [ 14.468751] slab_kmem_cache_release+0x2e/0x40 [ 14.468905] kmem_cache_release+0x16/0x20 [ 14.469416] kobject_put+0x181/0x450 [ 14.469650] sysfs_slab_release+0x16/0x20 [ 14.469807] kmem_cache_destroy+0xf0/0x1d0 [ 14.471089] kmem_cache_double_destroy+0x14e/0x380 [ 14.471536] kunit_try_run_case+0x1a5/0x480 [ 14.471909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472170] kthread+0x337/0x6f0 [ 14.472342] ret_from_fork+0x116/0x1d0 [ 14.472535] ret_from_fork_asm+0x1a/0x30 [ 14.472731] [ 14.472992] The buggy address belongs to the object at ffff888101985780 [ 14.472992] which belongs to the cache kmem_cache of size 208 [ 14.473548] The buggy address is located 0 bytes inside of [ 14.473548] freed 208-byte region [ffff888101985780, ffff888101985850) [ 14.475496] [ 14.475588] The buggy address belongs to the physical page: [ 14.475785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101985 [ 14.476040] flags: 0x200000000000000(node=0|zone=2) [ 14.476303] page_type: f5(slab) [ 14.476481] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 14.476843] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 14.478854] page dumped because: kasan: bad access detected [ 14.479669] [ 14.479943] Memory state around the buggy address: [ 14.480390] ffff888101985680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.481126] ffff888101985700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.481971] >ffff888101985780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.482617] ^ [ 14.483010] ffff888101985800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 14.483643] ffff888101985880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.484335] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 14.390017] ================================================================== [ 14.390535] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.391270] Read of size 1 at addr ffff8881039e8000 by task kunit_try_catch/230 [ 14.391679] [ 14.391795] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.391844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.391857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.391880] Call Trace: [ 14.391894] <TASK> [ 14.391912] dump_stack_lvl+0x73/0xb0 [ 14.392254] print_report+0xd1/0x650 [ 14.392289] ? __virt_addr_valid+0x1db/0x2d0 [ 14.392315] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.392338] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.392365] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.392389] kasan_report+0x141/0x180 [ 14.392411] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.392439] __asan_report_load1_noabort+0x18/0x20 [ 14.392463] kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.392486] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 14.392509] ? finish_task_switch.isra.0+0x153/0x700 [ 14.392532] ? __switch_to+0x47/0xf50 [ 14.392563] ? __pfx_read_tsc+0x10/0x10 [ 14.392585] ? ktime_get_ts64+0x86/0x230 [ 14.392611] kunit_try_run_case+0x1a5/0x480 [ 14.392637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.392659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.392684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.392706] ? __kthread_parkme+0x82/0x180 [ 14.392727] ? preempt_count_sub+0x50/0x80 [ 14.393019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.393046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.393086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.393110] kthread+0x337/0x6f0 [ 14.393131] ? trace_preempt_on+0x20/0xc0 [ 14.393156] ? __pfx_kthread+0x10/0x10 [ 14.393178] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.393199] ? calculate_sigpending+0x7b/0xa0 [ 14.393226] ? __pfx_kthread+0x10/0x10 [ 14.393248] ret_from_fork+0x116/0x1d0 [ 14.393268] ? __pfx_kthread+0x10/0x10 [ 14.393289] ret_from_fork_asm+0x1a/0x30 [ 14.393323] </TASK> [ 14.393336] [ 14.404046] Allocated by task 230: [ 14.404274] kasan_save_stack+0x45/0x70 [ 14.404479] kasan_save_track+0x18/0x40 [ 14.404681] kasan_save_alloc_info+0x3b/0x50 [ 14.405470] __kasan_slab_alloc+0x91/0xa0 [ 14.405871] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.406113] kmem_cache_rcu_uaf+0x155/0x510 [ 14.406341] kunit_try_run_case+0x1a5/0x480 [ 14.406543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.407086] kthread+0x337/0x6f0 [ 14.407278] ret_from_fork+0x116/0x1d0 [ 14.407423] ret_from_fork_asm+0x1a/0x30 [ 14.407574] [ 14.407655] Freed by task 0: [ 14.407783] kasan_save_stack+0x45/0x70 [ 14.407930] kasan_save_track+0x18/0x40 [ 14.408091] kasan_save_free_info+0x3f/0x60 [ 14.408253] __kasan_slab_free+0x56/0x70 [ 14.408404] slab_free_after_rcu_debug+0xe4/0x310 [ 14.408825] rcu_core+0x66f/0x1c40 [ 14.409109] rcu_core_si+0x12/0x20 [ 14.409245] handle_softirqs+0x209/0x730 [ 14.409439] __irq_exit_rcu+0xc9/0x110 [ 14.409588] irq_exit_rcu+0x12/0x20 [ 14.410103] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.410594] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.411288] [ 14.411494] Last potentially related work creation: [ 14.411757] kasan_save_stack+0x45/0x70 [ 14.412169] kasan_record_aux_stack+0xb2/0xc0 [ 14.412609] kmem_cache_free+0x131/0x420 [ 14.413004] kmem_cache_rcu_uaf+0x194/0x510 [ 14.413282] kunit_try_run_case+0x1a5/0x480 [ 14.413612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.414210] kthread+0x337/0x6f0 [ 14.414490] ret_from_fork+0x116/0x1d0 [ 14.414654] ret_from_fork_asm+0x1a/0x30 [ 14.414983] [ 14.415189] The buggy address belongs to the object at ffff8881039e8000 [ 14.415189] which belongs to the cache test_cache of size 200 [ 14.415985] The buggy address is located 0 bytes inside of [ 14.415985] freed 200-byte region [ffff8881039e8000, ffff8881039e80c8) [ 14.416359] [ 14.416440] The buggy address belongs to the physical page: [ 14.416623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e8 [ 14.417384] flags: 0x200000000000000(node=0|zone=2) [ 14.417918] page_type: f5(slab) [ 14.418354] raw: 0200000000000000 ffff888101601500 dead000000000122 0000000000000000 [ 14.419244] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.420245] page dumped because: kasan: bad access detected [ 14.420784] [ 14.421008] Memory state around the buggy address: [ 14.421643] ffff8881039e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.422146] ffff8881039e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.422376] >ffff8881039e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.422599] ^ [ 14.422772] ffff8881039e8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.423481] ffff8881039e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.424294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 14.331547] ================================================================== [ 14.332433] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 14.333661] Free of addr ffff8881031cb001 by task kunit_try_catch/228 [ 14.333951] [ 14.334310] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.334407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334445] Call Trace: [ 14.334460] <TASK> [ 14.334478] dump_stack_lvl+0x73/0xb0 [ 14.334511] print_report+0xd1/0x650 [ 14.334534] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.334586] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.334611] kasan_report_invalid_free+0x10a/0x130 [ 14.334635] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.334661] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.334685] check_slab_allocation+0x11f/0x130 [ 14.334708] __kasan_slab_pre_free+0x28/0x40 [ 14.334756] kmem_cache_free+0xed/0x420 [ 14.334789] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.334809] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.334837] kmem_cache_invalid_free+0x1d8/0x460 [ 14.334861] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 14.334884] ? finish_task_switch.isra.0+0x153/0x700 [ 14.334907] ? __switch_to+0x47/0xf50 [ 14.334938] ? __pfx_read_tsc+0x10/0x10 [ 14.334960] ? ktime_get_ts64+0x86/0x230 [ 14.334985] kunit_try_run_case+0x1a5/0x480 [ 14.335010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.335033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.335068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.335091] ? __kthread_parkme+0x82/0x180 [ 14.335111] ? preempt_count_sub+0x50/0x80 [ 14.335134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.335158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.335203] kthread+0x337/0x6f0 [ 14.335223] ? trace_preempt_on+0x20/0xc0 [ 14.335249] ? __pfx_kthread+0x10/0x10 [ 14.335270] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.335291] ? calculate_sigpending+0x7b/0xa0 [ 14.335317] ? __pfx_kthread+0x10/0x10 [ 14.335338] ret_from_fork+0x116/0x1d0 [ 14.335358] ? __pfx_kthread+0x10/0x10 [ 14.335379] ret_from_fork_asm+0x1a/0x30 [ 14.335412] </TASK> [ 14.335423] [ 14.349390] Allocated by task 228: [ 14.349830] kasan_save_stack+0x45/0x70 [ 14.350120] kasan_save_track+0x18/0x40 [ 14.350403] kasan_save_alloc_info+0x3b/0x50 [ 14.350611] __kasan_slab_alloc+0x91/0xa0 [ 14.350959] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.351157] kmem_cache_invalid_free+0x157/0x460 [ 14.351546] kunit_try_run_case+0x1a5/0x480 [ 14.351746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.352134] kthread+0x337/0x6f0 [ 14.352416] ret_from_fork+0x116/0x1d0 [ 14.352602] ret_from_fork_asm+0x1a/0x30 [ 14.352975] [ 14.353130] The buggy address belongs to the object at ffff8881031cb000 [ 14.353130] which belongs to the cache test_cache of size 200 [ 14.353968] The buggy address is located 1 bytes inside of [ 14.353968] 200-byte region [ffff8881031cb000, ffff8881031cb0c8) [ 14.354568] [ 14.354681] The buggy address belongs to the physical page: [ 14.355262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031cb [ 14.355692] flags: 0x200000000000000(node=0|zone=2) [ 14.355899] page_type: f5(slab) [ 14.356230] raw: 0200000000000000 ffff888101985640 dead000000000122 0000000000000000 [ 14.356557] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.357122] page dumped because: kasan: bad access detected [ 14.357433] [ 14.357526] Memory state around the buggy address: [ 14.357940] ffff8881031caf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358304] ffff8881031caf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358695] >ffff8881031cb000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.359178] ^ [ 14.359352] ffff8881031cb080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.359753] ffff8881031cb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.360289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 14.293078] ================================================================== [ 14.293642] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.293947] Free of addr ffff888102c53000 by task kunit_try_catch/226 [ 14.294706] [ 14.295036] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.295123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.295136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.295160] Call Trace: [ 14.295175] <TASK> [ 14.295194] dump_stack_lvl+0x73/0xb0 [ 14.295231] print_report+0xd1/0x650 [ 14.295256] ? __virt_addr_valid+0x1db/0x2d0 [ 14.295285] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.295313] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295341] kasan_report_invalid_free+0x10a/0x130 [ 14.295367] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295396] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295423] check_slab_allocation+0x101/0x130 [ 14.295447] __kasan_slab_pre_free+0x28/0x40 [ 14.295470] kmem_cache_free+0xed/0x420 [ 14.295492] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.295515] ? kmem_cache_double_free+0x1e5/0x480 [ 14.295545] kmem_cache_double_free+0x1e5/0x480 [ 14.295571] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.295598] ? finish_task_switch.isra.0+0x153/0x700 [ 14.295625] ? __switch_to+0x47/0xf50 [ 14.295658] ? __pfx_read_tsc+0x10/0x10 [ 14.295682] ? ktime_get_ts64+0x86/0x230 [ 14.295709] kunit_try_run_case+0x1a5/0x480 [ 14.295739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.295954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.295990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.296016] ? __kthread_parkme+0x82/0x180 [ 14.296040] ? preempt_count_sub+0x50/0x80 [ 14.296080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.296106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.296131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.296156] kthread+0x337/0x6f0 [ 14.296178] ? trace_preempt_on+0x20/0xc0 [ 14.296205] ? __pfx_kthread+0x10/0x10 [ 14.296228] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.296252] ? calculate_sigpending+0x7b/0xa0 [ 14.296279] ? __pfx_kthread+0x10/0x10 [ 14.296303] ret_from_fork+0x116/0x1d0 [ 14.296323] ? __pfx_kthread+0x10/0x10 [ 14.296346] ret_from_fork_asm+0x1a/0x30 [ 14.296380] </TASK> [ 14.296393] [ 14.309771] Allocated by task 226: [ 14.309950] kasan_save_stack+0x45/0x70 [ 14.310458] kasan_save_track+0x18/0x40 [ 14.310649] kasan_save_alloc_info+0x3b/0x50 [ 14.310912] __kasan_slab_alloc+0x91/0xa0 [ 14.311343] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.311632] kmem_cache_double_free+0x14f/0x480 [ 14.311818] kunit_try_run_case+0x1a5/0x480 [ 14.312063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312295] kthread+0x337/0x6f0 [ 14.312464] ret_from_fork+0x116/0x1d0 [ 14.312641] ret_from_fork_asm+0x1a/0x30 [ 14.313140] [ 14.313249] Freed by task 226: [ 14.313400] kasan_save_stack+0x45/0x70 [ 14.313815] kasan_save_track+0x18/0x40 [ 14.314257] kasan_save_free_info+0x3f/0x60 [ 14.314520] __kasan_slab_free+0x56/0x70 [ 14.314727] kmem_cache_free+0x249/0x420 [ 14.315000] kmem_cache_double_free+0x16a/0x480 [ 14.315346] kunit_try_run_case+0x1a5/0x480 [ 14.315548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315963] kthread+0x337/0x6f0 [ 14.316137] ret_from_fork+0x116/0x1d0 [ 14.316493] ret_from_fork_asm+0x1a/0x30 [ 14.316848] [ 14.316953] The buggy address belongs to the object at ffff888102c53000 [ 14.316953] which belongs to the cache test_cache of size 200 [ 14.317645] The buggy address is located 0 bytes inside of [ 14.317645] 200-byte region [ffff888102c53000, ffff888102c530c8) [ 14.318411] [ 14.318503] The buggy address belongs to the physical page: [ 14.318738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c53 [ 14.319302] flags: 0x200000000000000(node=0|zone=2) [ 14.319514] page_type: f5(slab) [ 14.319830] raw: 0200000000000000 ffff8881016013c0 dead000000000122 0000000000000000 [ 14.320253] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.320735] page dumped because: kasan: bad access detected [ 14.321022] [ 14.321211] Memory state around the buggy address: [ 14.321439] ffff888102c52f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 14.321746] ffff888102c52f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.322332] >ffff888102c53000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.322740] ^ [ 14.322916] ffff888102c53080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.323347] ffff888102c53100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.323811] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 14.242383] ================================================================== [ 14.243318] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 14.244079] Read of size 1 at addr ffff8881031c90c8 by task kunit_try_catch/224 [ 14.245016] [ 14.245331] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.245383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.245395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.245416] Call Trace: [ 14.245429] <TASK> [ 14.245447] dump_stack_lvl+0x73/0xb0 [ 14.245479] print_report+0xd1/0x650 [ 14.245502] ? __virt_addr_valid+0x1db/0x2d0 [ 14.245529] ? kmem_cache_oob+0x402/0x530 [ 14.245552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.245577] ? kmem_cache_oob+0x402/0x530 [ 14.245600] kasan_report+0x141/0x180 [ 14.245623] ? kmem_cache_oob+0x402/0x530 [ 14.245651] __asan_report_load1_noabort+0x18/0x20 [ 14.245675] kmem_cache_oob+0x402/0x530 [ 14.245916] ? trace_hardirqs_on+0x37/0xe0 [ 14.245973] ? __pfx_kmem_cache_oob+0x10/0x10 [ 14.245998] ? finish_task_switch.isra.0+0x153/0x700 [ 14.246020] ? __switch_to+0x47/0xf50 [ 14.246061] ? __pfx_read_tsc+0x10/0x10 [ 14.246083] ? ktime_get_ts64+0x86/0x230 [ 14.246108] kunit_try_run_case+0x1a5/0x480 [ 14.246134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.246156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.246180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.246203] ? __kthread_parkme+0x82/0x180 [ 14.246222] ? preempt_count_sub+0x50/0x80 [ 14.246245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.246268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.246290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.246313] kthread+0x337/0x6f0 [ 14.246333] ? trace_preempt_on+0x20/0xc0 [ 14.246355] ? __pfx_kthread+0x10/0x10 [ 14.246376] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.246396] ? calculate_sigpending+0x7b/0xa0 [ 14.246420] ? __pfx_kthread+0x10/0x10 [ 14.246441] ret_from_fork+0x116/0x1d0 [ 14.246459] ? __pfx_kthread+0x10/0x10 [ 14.246480] ret_from_fork_asm+0x1a/0x30 [ 14.246511] </TASK> [ 14.246523] [ 14.263060] Allocated by task 224: [ 14.263702] kasan_save_stack+0x45/0x70 [ 14.264270] kasan_save_track+0x18/0x40 [ 14.264622] kasan_save_alloc_info+0x3b/0x50 [ 14.265269] __kasan_slab_alloc+0x91/0xa0 [ 14.265809] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.266272] kmem_cache_oob+0x157/0x530 [ 14.266458] kunit_try_run_case+0x1a5/0x480 [ 14.267105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267679] kthread+0x337/0x6f0 [ 14.268079] ret_from_fork+0x116/0x1d0 [ 14.268469] ret_from_fork_asm+0x1a/0x30 [ 14.268616] [ 14.268689] The buggy address belongs to the object at ffff8881031c9000 [ 14.268689] which belongs to the cache test_cache of size 200 [ 14.270261] The buggy address is located 0 bytes to the right of [ 14.270261] allocated 200-byte region [ffff8881031c9000, ffff8881031c90c8) [ 14.271347] [ 14.271488] The buggy address belongs to the physical page: [ 14.272032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c9 [ 14.272427] flags: 0x200000000000000(node=0|zone=2) [ 14.272598] page_type: f5(slab) [ 14.272722] raw: 0200000000000000 ffff888101985500 dead000000000122 0000000000000000 [ 14.272980] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.273214] page dumped because: kasan: bad access detected [ 14.273386] [ 14.273457] Memory state around the buggy address: [ 14.273619] ffff8881031c8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.274296] ffff8881031c9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.275017] >ffff8881031c9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.275885] ^ [ 14.276488] ffff8881031c9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277200] ffff8881031c9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277965] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 14.184538] ================================================================== [ 14.185767] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 14.186245] Read of size 8 at addr ffff8881031bbf40 by task kunit_try_catch/217 [ 14.187304] [ 14.187707] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.187757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.187769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.187790] Call Trace: [ 14.187804] <TASK> [ 14.187820] dump_stack_lvl+0x73/0xb0 [ 14.187850] print_report+0xd1/0x650 [ 14.187872] ? __virt_addr_valid+0x1db/0x2d0 [ 14.187894] ? workqueue_uaf+0x4d6/0x560 [ 14.188013] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.188041] ? workqueue_uaf+0x4d6/0x560 [ 14.188094] kasan_report+0x141/0x180 [ 14.188116] ? workqueue_uaf+0x4d6/0x560 [ 14.188143] __asan_report_load8_noabort+0x18/0x20 [ 14.188167] workqueue_uaf+0x4d6/0x560 [ 14.188189] ? __pfx_workqueue_uaf+0x10/0x10 [ 14.188211] ? __schedule+0x10cc/0x2b60 [ 14.188233] ? __pfx_read_tsc+0x10/0x10 [ 14.188255] ? ktime_get_ts64+0x86/0x230 [ 14.188280] kunit_try_run_case+0x1a5/0x480 [ 14.188304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.188350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.188373] ? __kthread_parkme+0x82/0x180 [ 14.188393] ? preempt_count_sub+0x50/0x80 [ 14.188417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.188462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.188485] kthread+0x337/0x6f0 [ 14.188504] ? trace_preempt_on+0x20/0xc0 [ 14.188529] ? __pfx_kthread+0x10/0x10 [ 14.188550] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.188570] ? calculate_sigpending+0x7b/0xa0 [ 14.188594] ? __pfx_kthread+0x10/0x10 [ 14.188616] ret_from_fork+0x116/0x1d0 [ 14.188634] ? __pfx_kthread+0x10/0x10 [ 14.188654] ret_from_fork_asm+0x1a/0x30 [ 14.188685] </TASK> [ 14.188697] [ 14.204503] Allocated by task 217: [ 14.205143] kasan_save_stack+0x45/0x70 [ 14.205659] kasan_save_track+0x18/0x40 [ 14.206235] kasan_save_alloc_info+0x3b/0x50 [ 14.206787] __kasan_kmalloc+0xb7/0xc0 [ 14.207152] __kmalloc_cache_noprof+0x189/0x420 [ 14.207347] workqueue_uaf+0x152/0x560 [ 14.207486] kunit_try_run_case+0x1a5/0x480 [ 14.207633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.207819] kthread+0x337/0x6f0 [ 14.207941] ret_from_fork+0x116/0x1d0 [ 14.208083] ret_from_fork_asm+0x1a/0x30 [ 14.208286] [ 14.208382] Freed by task 24: [ 14.208539] kasan_save_stack+0x45/0x70 [ 14.208733] kasan_save_track+0x18/0x40 [ 14.210019] kasan_save_free_info+0x3f/0x60 [ 14.210776] __kasan_slab_free+0x56/0x70 [ 14.211418] kfree+0x222/0x3f0 [ 14.211555] workqueue_uaf_work+0x12/0x20 [ 14.212383] process_one_work+0x5ee/0xf60 [ 14.212883] worker_thread+0x758/0x1220 [ 14.213037] kthread+0x337/0x6f0 [ 14.213829] ret_from_fork+0x116/0x1d0 [ 14.214317] ret_from_fork_asm+0x1a/0x30 [ 14.214886] [ 14.215161] Last potentially related work creation: [ 14.215401] kasan_save_stack+0x45/0x70 [ 14.215549] kasan_record_aux_stack+0xb2/0xc0 [ 14.216132] __queue_work+0x626/0xeb0 [ 14.216611] queue_work_on+0xb6/0xc0 [ 14.217224] workqueue_uaf+0x26d/0x560 [ 14.217923] kunit_try_run_case+0x1a5/0x480 [ 14.218475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.219289] kthread+0x337/0x6f0 [ 14.219428] ret_from_fork+0x116/0x1d0 [ 14.219567] ret_from_fork_asm+0x1a/0x30 [ 14.220099] [ 14.220573] The buggy address belongs to the object at ffff8881031bbf40 [ 14.220573] which belongs to the cache kmalloc-32 of size 32 [ 14.222203] The buggy address is located 0 bytes inside of [ 14.222203] freed 32-byte region [ffff8881031bbf40, ffff8881031bbf60) [ 14.222598] [ 14.222677] The buggy address belongs to the physical page: [ 14.223808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031bb [ 14.224894] flags: 0x200000000000000(node=0|zone=2) [ 14.225127] page_type: f5(slab) [ 14.225259] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.225496] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.226496] page dumped because: kasan: bad access detected [ 14.227271] [ 14.227603] Memory state around the buggy address: [ 14.228344] ffff8881031bbe00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.229090] ffff8881031bbe80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.229931] >ffff8881031bbf00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.230764] ^ [ 14.231403] ffff8881031bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.232204] ffff8881031bc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.232975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 14.136816] ================================================================== [ 14.137509] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 14.138017] Read of size 4 at addr ffff8881031bbe80 by task swapper/1/0 [ 14.138554] [ 14.138921] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.139101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.139116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.139140] Call Trace: [ 14.139170] <IRQ> [ 14.139187] dump_stack_lvl+0x73/0xb0 [ 14.139220] print_report+0xd1/0x650 [ 14.139243] ? __virt_addr_valid+0x1db/0x2d0 [ 14.139268] ? rcu_uaf_reclaim+0x50/0x60 [ 14.139288] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.139314] ? rcu_uaf_reclaim+0x50/0x60 [ 14.139335] kasan_report+0x141/0x180 [ 14.139357] ? rcu_uaf_reclaim+0x50/0x60 [ 14.139383] __asan_report_load4_noabort+0x18/0x20 [ 14.139407] rcu_uaf_reclaim+0x50/0x60 [ 14.139427] rcu_core+0x66f/0x1c40 [ 14.139458] ? __pfx_rcu_core+0x10/0x10 [ 14.139480] ? ktime_get+0x6b/0x150 [ 14.139503] ? handle_softirqs+0x18e/0x730 [ 14.139529] rcu_core_si+0x12/0x20 [ 14.139549] handle_softirqs+0x209/0x730 [ 14.139568] ? hrtimer_interrupt+0x2fe/0x780 [ 14.139596] ? __pfx_handle_softirqs+0x10/0x10 [ 14.139622] __irq_exit_rcu+0xc9/0x110 [ 14.139642] irq_exit_rcu+0x12/0x20 [ 14.139662] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.139685] </IRQ> [ 14.139712] <TASK> [ 14.139723] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.139839] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 14.140084] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 ba 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 14.140176] RSP: 0000:ffff888100877dc8 EFLAGS: 00010212 [ 14.140268] RAX: ffff88819e174000 RBX: ffff888100853000 RCX: ffffffffbaa700e5 [ 14.140320] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 00000000000115ec [ 14.140365] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 14.140409] R10: ffff88815b130c53 R11: 000000000002c400 R12: 0000000000000001 [ 14.140453] R13: ffffed102010a600 R14: ffffffffbc7b0e90 R15: 0000000000000000 [ 14.140514] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 14.140568] ? default_idle+0xd/0x20 [ 14.140590] arch_cpu_idle+0xd/0x20 [ 14.140612] default_idle_call+0x48/0x80 [ 14.140635] do_idle+0x379/0x4f0 [ 14.140658] ? complete+0x15b/0x1d0 [ 14.140676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.140701] ? __pfx_do_idle+0x10/0x10 [ 14.140723] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 14.140746] ? complete+0x15b/0x1d0 [ 14.140768] cpu_startup_entry+0x5c/0x70 [ 14.140792] start_secondary+0x211/0x290 [ 14.140814] ? __pfx_start_secondary+0x10/0x10 [ 14.140841] common_startup_64+0x13e/0x148 [ 14.140875] </TASK> [ 14.140887] [ 14.157444] Allocated by task 215: [ 14.157663] kasan_save_stack+0x45/0x70 [ 14.157947] kasan_save_track+0x18/0x40 [ 14.158786] kasan_save_alloc_info+0x3b/0x50 [ 14.159160] __kasan_kmalloc+0xb7/0xc0 [ 14.159488] __kmalloc_cache_noprof+0x189/0x420 [ 14.159891] rcu_uaf+0xb0/0x330 [ 14.160082] kunit_try_run_case+0x1a5/0x480 [ 14.160294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.160536] kthread+0x337/0x6f0 [ 14.160694] ret_from_fork+0x116/0x1d0 [ 14.161339] ret_from_fork_asm+0x1a/0x30 [ 14.161547] [ 14.161940] Freed by task 0: [ 14.162108] kasan_save_stack+0x45/0x70 [ 14.162320] kasan_save_track+0x18/0x40 [ 14.162510] kasan_save_free_info+0x3f/0x60 [ 14.162779] __kasan_slab_free+0x56/0x70 [ 14.162968] kfree+0x222/0x3f0 [ 14.163150] rcu_uaf_reclaim+0x1f/0x60 [ 14.163334] rcu_core+0x66f/0x1c40 [ 14.163518] rcu_core_si+0x12/0x20 [ 14.163690] handle_softirqs+0x209/0x730 [ 14.164523] __irq_exit_rcu+0xc9/0x110 [ 14.164723] irq_exit_rcu+0x12/0x20 [ 14.164970] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.165237] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.165494] [ 14.165628] Last potentially related work creation: [ 14.166414] kasan_save_stack+0x45/0x70 [ 14.166781] kasan_record_aux_stack+0xb2/0xc0 [ 14.167180] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 14.167410] call_rcu+0x12/0x20 [ 14.167583] rcu_uaf+0x168/0x330 [ 14.168123] kunit_try_run_case+0x1a5/0x480 [ 14.168338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.168663] kthread+0x337/0x6f0 [ 14.168908] ret_from_fork+0x116/0x1d0 [ 14.169361] ret_from_fork_asm+0x1a/0x30 [ 14.169548] [ 14.169699] The buggy address belongs to the object at ffff8881031bbe80 [ 14.169699] which belongs to the cache kmalloc-32 of size 32 [ 14.170570] The buggy address is located 0 bytes inside of [ 14.170570] freed 32-byte region [ffff8881031bbe80, ffff8881031bbea0) [ 14.171612] [ 14.171714] The buggy address belongs to the physical page: [ 14.171901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031bb [ 14.172399] flags: 0x200000000000000(node=0|zone=2) [ 14.173196] page_type: f5(slab) [ 14.173387] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.174397] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.175077] page dumped because: kasan: bad access detected [ 14.175761] [ 14.175933] Memory state around the buggy address: [ 14.176301] ffff8881031bbd80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.176533] ffff8881031bbe00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.176997] >ffff8881031bbe80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.177827] ^ [ 14.178269] ffff8881031bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179105] ffff8881031bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179977] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 14.066631] ================================================================== [ 14.067251] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 14.067565] Read of size 1 at addr ffff888102c3fe00 by task kunit_try_catch/213 [ 14.068181] [ 14.068418] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.068463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.068475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.068495] Call Trace: [ 14.068509] <TASK> [ 14.068526] dump_stack_lvl+0x73/0xb0 [ 14.068559] print_report+0xd1/0x650 [ 14.068582] ? __virt_addr_valid+0x1db/0x2d0 [ 14.068606] ? ksize_uaf+0x5fe/0x6c0 [ 14.068628] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.068655] ? ksize_uaf+0x5fe/0x6c0 [ 14.068677] kasan_report+0x141/0x180 [ 14.068710] ? ksize_uaf+0x5fe/0x6c0 [ 14.068738] __asan_report_load1_noabort+0x18/0x20 [ 14.068763] ksize_uaf+0x5fe/0x6c0 [ 14.068784] ? __pfx_ksize_uaf+0x10/0x10 [ 14.068806] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.068831] ? trace_hardirqs_on+0x37/0xe0 [ 14.068856] ? __pfx_read_tsc+0x10/0x10 [ 14.068879] ? ktime_get_ts64+0x86/0x230 [ 14.068905] kunit_try_run_case+0x1a5/0x480 [ 14.068930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.068956] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.068980] ? __kthread_parkme+0x82/0x180 [ 14.069001] ? preempt_count_sub+0x50/0x80 [ 14.069026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.069062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.069085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.069109] kthread+0x337/0x6f0 [ 14.069131] ? trace_preempt_on+0x20/0xc0 [ 14.069154] ? __pfx_kthread+0x10/0x10 [ 14.069176] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.069198] ? calculate_sigpending+0x7b/0xa0 [ 14.069222] ? __pfx_kthread+0x10/0x10 [ 14.069245] ret_from_fork+0x116/0x1d0 [ 14.069264] ? __pfx_kthread+0x10/0x10 [ 14.069286] ret_from_fork_asm+0x1a/0x30 [ 14.069318] </TASK> [ 14.069349] [ 14.080068] Allocated by task 213: [ 14.080388] kasan_save_stack+0x45/0x70 [ 14.080594] kasan_save_track+0x18/0x40 [ 14.080898] kasan_save_alloc_info+0x3b/0x50 [ 14.081123] __kasan_kmalloc+0xb7/0xc0 [ 14.081302] __kmalloc_cache_noprof+0x189/0x420 [ 14.081512] ksize_uaf+0xaa/0x6c0 [ 14.081682] kunit_try_run_case+0x1a5/0x480 [ 14.082485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.083018] kthread+0x337/0x6f0 [ 14.083417] ret_from_fork+0x116/0x1d0 [ 14.083732] ret_from_fork_asm+0x1a/0x30 [ 14.083957] [ 14.084066] Freed by task 213: [ 14.084221] kasan_save_stack+0x45/0x70 [ 14.084410] kasan_save_track+0x18/0x40 [ 14.084591] kasan_save_free_info+0x3f/0x60 [ 14.085189] __kasan_slab_free+0x56/0x70 [ 14.085638] kfree+0x222/0x3f0 [ 14.085932] ksize_uaf+0x12c/0x6c0 [ 14.086239] kunit_try_run_case+0x1a5/0x480 [ 14.086624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.087302] kthread+0x337/0x6f0 [ 14.087553] ret_from_fork+0x116/0x1d0 [ 14.088097] ret_from_fork_asm+0x1a/0x30 [ 14.088305] [ 14.088405] The buggy address belongs to the object at ffff888102c3fe00 [ 14.088405] which belongs to the cache kmalloc-128 of size 128 [ 14.089476] The buggy address is located 0 bytes inside of [ 14.089476] freed 128-byte region [ffff888102c3fe00, ffff888102c3fe80) [ 14.090622] [ 14.090952] The buggy address belongs to the physical page: [ 14.091220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 14.091569] flags: 0x200000000000000(node=0|zone=2) [ 14.092203] page_type: f5(slab) [ 14.092466] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.093255] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.093577] page dumped because: kasan: bad access detected [ 14.094199] [ 14.094471] Memory state around the buggy address: [ 14.095035] ffff888102c3fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.095331] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.095638] >ffff888102c3fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.095944] ^ [ 14.096234] ffff888102c3fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.096607] ffff888102c3ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.097139] ================================================================== [ 14.027888] ================================================================== [ 14.028411] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 14.028736] Read of size 1 at addr ffff888102c3fe00 by task kunit_try_catch/213 [ 14.029074] [ 14.029181] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.029225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.029237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.029258] Call Trace: [ 14.029272] <TASK> [ 14.029289] dump_stack_lvl+0x73/0xb0 [ 14.029319] print_report+0xd1/0x650 [ 14.029343] ? __virt_addr_valid+0x1db/0x2d0 [ 14.029367] ? ksize_uaf+0x19d/0x6c0 [ 14.029390] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.029418] ? ksize_uaf+0x19d/0x6c0 [ 14.029440] kasan_report+0x141/0x180 [ 14.029464] ? ksize_uaf+0x19d/0x6c0 [ 14.029490] ? ksize_uaf+0x19d/0x6c0 [ 14.029512] __kasan_check_byte+0x3d/0x50 [ 14.029541] ksize+0x20/0x60 [ 14.029563] ksize_uaf+0x19d/0x6c0 [ 14.029585] ? __pfx_ksize_uaf+0x10/0x10 [ 14.029607] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.029634] ? trace_hardirqs_on+0x37/0xe0 [ 14.029658] ? __pfx_read_tsc+0x10/0x10 [ 14.029681] ? ktime_get_ts64+0x86/0x230 [ 14.029707] kunit_try_run_case+0x1a5/0x480 [ 14.029877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.029905] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.029932] ? __kthread_parkme+0x82/0x180 [ 14.029955] ? preempt_count_sub+0x50/0x80 [ 14.030003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.030033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.030069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.030095] kthread+0x337/0x6f0 [ 14.030118] ? trace_preempt_on+0x20/0xc0 [ 14.030142] ? __pfx_kthread+0x10/0x10 [ 14.030166] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.030189] ? calculate_sigpending+0x7b/0xa0 [ 14.030215] ? __pfx_kthread+0x10/0x10 [ 14.030239] ret_from_fork+0x116/0x1d0 [ 14.030259] ? __pfx_kthread+0x10/0x10 [ 14.030288] ret_from_fork_asm+0x1a/0x30 [ 14.030322] </TASK> [ 14.030335] [ 14.042334] Allocated by task 213: [ 14.042486] kasan_save_stack+0x45/0x70 [ 14.042646] kasan_save_track+0x18/0x40 [ 14.043103] kasan_save_alloc_info+0x3b/0x50 [ 14.043356] __kasan_kmalloc+0xb7/0xc0 [ 14.043558] __kmalloc_cache_noprof+0x189/0x420 [ 14.044269] ksize_uaf+0xaa/0x6c0 [ 14.045076] kunit_try_run_case+0x1a5/0x480 [ 14.045578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.046157] kthread+0x337/0x6f0 [ 14.046859] ret_from_fork+0x116/0x1d0 [ 14.047501] ret_from_fork_asm+0x1a/0x30 [ 14.047672] [ 14.048131] Freed by task 213: [ 14.048686] kasan_save_stack+0x45/0x70 [ 14.049314] kasan_save_track+0x18/0x40 [ 14.049472] kasan_save_free_info+0x3f/0x60 [ 14.049637] __kasan_slab_free+0x56/0x70 [ 14.050329] kfree+0x222/0x3f0 [ 14.050800] ksize_uaf+0x12c/0x6c0 [ 14.051341] kunit_try_run_case+0x1a5/0x480 [ 14.052139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.052951] kthread+0x337/0x6f0 [ 14.053438] ret_from_fork+0x116/0x1d0 [ 14.053600] ret_from_fork_asm+0x1a/0x30 [ 14.054160] [ 14.054509] The buggy address belongs to the object at ffff888102c3fe00 [ 14.054509] which belongs to the cache kmalloc-128 of size 128 [ 14.056393] The buggy address is located 0 bytes inside of [ 14.056393] freed 128-byte region [ffff888102c3fe00, ffff888102c3fe80) [ 14.057800] [ 14.058176] The buggy address belongs to the physical page: [ 14.058858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 14.059515] flags: 0x200000000000000(node=0|zone=2) [ 14.059695] page_type: f5(slab) [ 14.060364] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.061515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.062514] page dumped because: kasan: bad access detected [ 14.062914] [ 14.063140] Memory state around the buggy address: [ 14.063380] ffff888102c3fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.064044] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.064290] >ffff888102c3fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.064509] ^ [ 14.064629] ffff888102c3fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.064937] ffff888102c3ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.065589] ================================================================== [ 14.097593] ================================================================== [ 14.098190] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 14.098481] Read of size 1 at addr ffff888102c3fe78 by task kunit_try_catch/213 [ 14.098785] [ 14.099036] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.099098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.099111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.099131] Call Trace: [ 14.099151] <TASK> [ 14.099170] dump_stack_lvl+0x73/0xb0 [ 14.099201] print_report+0xd1/0x650 [ 14.099226] ? __virt_addr_valid+0x1db/0x2d0 [ 14.099251] ? ksize_uaf+0x5e4/0x6c0 [ 14.099273] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.099301] ? ksize_uaf+0x5e4/0x6c0 [ 14.099325] kasan_report+0x141/0x180 [ 14.099350] ? ksize_uaf+0x5e4/0x6c0 [ 14.099378] __asan_report_load1_noabort+0x18/0x20 [ 14.099405] ksize_uaf+0x5e4/0x6c0 [ 14.099428] ? __pfx_ksize_uaf+0x10/0x10 [ 14.099452] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.099478] ? trace_hardirqs_on+0x37/0xe0 [ 14.099504] ? __pfx_read_tsc+0x10/0x10 [ 14.099527] ? ktime_get_ts64+0x86/0x230 [ 14.099553] kunit_try_run_case+0x1a5/0x480 [ 14.099579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099605] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.099632] ? __kthread_parkme+0x82/0x180 [ 14.099654] ? preempt_count_sub+0x50/0x80 [ 14.099681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.099732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.099757] kthread+0x337/0x6f0 [ 14.099779] ? trace_preempt_on+0x20/0xc0 [ 14.099804] ? __pfx_kthread+0x10/0x10 [ 14.099827] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.099851] ? calculate_sigpending+0x7b/0xa0 [ 14.099877] ? __pfx_kthread+0x10/0x10 [ 14.099902] ret_from_fork+0x116/0x1d0 [ 14.099922] ? __pfx_kthread+0x10/0x10 [ 14.099945] ret_from_fork_asm+0x1a/0x30 [ 14.099979] </TASK> [ 14.099991] [ 14.109042] Allocated by task 213: [ 14.109228] kasan_save_stack+0x45/0x70 [ 14.109420] kasan_save_track+0x18/0x40 [ 14.109614] kasan_save_alloc_info+0x3b/0x50 [ 14.110213] __kasan_kmalloc+0xb7/0xc0 [ 14.110555] __kmalloc_cache_noprof+0x189/0x420 [ 14.110855] ksize_uaf+0xaa/0x6c0 [ 14.111009] kunit_try_run_case+0x1a5/0x480 [ 14.111361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111615] kthread+0x337/0x6f0 [ 14.111978] ret_from_fork+0x116/0x1d0 [ 14.112267] ret_from_fork_asm+0x1a/0x30 [ 14.112431] [ 14.112535] Freed by task 213: [ 14.113082] kasan_save_stack+0x45/0x70 [ 14.113298] kasan_save_track+0x18/0x40 [ 14.113451] kasan_save_free_info+0x3f/0x60 [ 14.113609] __kasan_slab_free+0x56/0x70 [ 14.114037] kfree+0x222/0x3f0 [ 14.114475] ksize_uaf+0x12c/0x6c0 [ 14.115104] kunit_try_run_case+0x1a5/0x480 [ 14.115763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116489] kthread+0x337/0x6f0 [ 14.117097] ret_from_fork+0x116/0x1d0 [ 14.117518] ret_from_fork_asm+0x1a/0x30 [ 14.117679] [ 14.118011] The buggy address belongs to the object at ffff888102c3fe00 [ 14.118011] which belongs to the cache kmalloc-128 of size 128 [ 14.119682] The buggy address is located 120 bytes inside of [ 14.119682] freed 128-byte region [ffff888102c3fe00, ffff888102c3fe80) [ 14.120084] [ 14.120532] The buggy address belongs to the physical page: [ 14.121426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 14.121767] flags: 0x200000000000000(node=0|zone=2) [ 14.122008] page_type: f5(slab) [ 14.122201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.122488] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.122834] page dumped because: kasan: bad access detected [ 14.123499] [ 14.123601] Memory state around the buggy address: [ 14.124211] ffff888102c3fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.124651] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125163] >ffff888102c3fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.125609] ^ [ 14.126120] ffff888102c3fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.126525] ffff888102c3ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.127017] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.979024] ================================================================== [ 13.979296] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.979537] Read of size 1 at addr ffff888102c3fd78 by task kunit_try_catch/211 [ 13.979972] [ 13.980082] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.980125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.980137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.980157] Call Trace: [ 13.980169] <TASK> [ 13.980183] dump_stack_lvl+0x73/0xb0 [ 13.980211] print_report+0xd1/0x650 [ 13.980233] ? __virt_addr_valid+0x1db/0x2d0 [ 13.980255] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.980342] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980365] kasan_report+0x141/0x180 [ 13.980386] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980414] __asan_report_load1_noabort+0x18/0x20 [ 13.980437] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.980461] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.980485] ? __kasan_check_write+0x18/0x20 [ 13.980503] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.980526] ? irqentry_exit+0x2a/0x60 [ 13.980546] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.980570] ? trace_hardirqs_on+0x37/0xe0 [ 13.980592] ? __pfx_read_tsc+0x10/0x10 [ 13.980612] ? ktime_get_ts64+0x86/0x230 [ 13.980635] kunit_try_run_case+0x1a5/0x480 [ 13.980659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.980682] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.981016] ? __kthread_parkme+0x82/0x180 [ 13.981040] ? preempt_count_sub+0x50/0x80 [ 13.981078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.981101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.981124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.981146] kthread+0x337/0x6f0 [ 13.981166] ? trace_preempt_on+0x20/0xc0 [ 13.981188] ? __pfx_kthread+0x10/0x10 [ 13.981209] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.981229] ? calculate_sigpending+0x7b/0xa0 [ 13.981253] ? __pfx_kthread+0x10/0x10 [ 13.981275] ret_from_fork+0x116/0x1d0 [ 13.981293] ? __pfx_kthread+0x10/0x10 [ 13.981313] ret_from_fork_asm+0x1a/0x30 [ 13.981344] </TASK> [ 13.981355] [ 13.989282] Allocated by task 211: [ 13.989495] kasan_save_stack+0x45/0x70 [ 13.989997] kasan_save_track+0x18/0x40 [ 13.990234] kasan_save_alloc_info+0x3b/0x50 [ 13.990469] __kasan_kmalloc+0xb7/0xc0 [ 13.990669] __kmalloc_cache_noprof+0x189/0x420 [ 13.990992] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.991239] kunit_try_run_case+0x1a5/0x480 [ 13.991417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991674] kthread+0x337/0x6f0 [ 13.991926] ret_from_fork+0x116/0x1d0 [ 13.992140] ret_from_fork_asm+0x1a/0x30 [ 13.992335] [ 13.992445] The buggy address belongs to the object at ffff888102c3fd00 [ 13.992445] which belongs to the cache kmalloc-128 of size 128 [ 13.992935] The buggy address is located 5 bytes to the right of [ 13.992935] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 13.993355] [ 13.993434] The buggy address belongs to the physical page: [ 13.993670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.994133] flags: 0x200000000000000(node=0|zone=2) [ 13.994387] page_type: f5(slab) [ 13.994566] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.995196] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.995562] page dumped because: kasan: bad access detected [ 13.995924] [ 13.996027] Memory state around the buggy address: [ 13.996282] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.996626] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.996941] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.997255] ^ [ 13.997602] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.998029] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.998396] ================================================================== [ 13.998915] ================================================================== [ 13.999289] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.999651] Read of size 1 at addr ffff888102c3fd7f by task kunit_try_catch/211 [ 14.000188] [ 14.000288] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.000333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.000345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.000365] Call Trace: [ 14.000383] <TASK> [ 14.000398] dump_stack_lvl+0x73/0xb0 [ 14.000427] print_report+0xd1/0x650 [ 14.000449] ? __virt_addr_valid+0x1db/0x2d0 [ 14.000471] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.000519] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000542] kasan_report+0x141/0x180 [ 14.000564] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000593] __asan_report_load1_noabort+0x18/0x20 [ 14.000616] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.000640] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.000664] ? __kasan_check_write+0x18/0x20 [ 14.000683] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.000790] ? irqentry_exit+0x2a/0x60 [ 14.000814] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.000837] ? trace_hardirqs_on+0x37/0xe0 [ 14.000860] ? __pfx_read_tsc+0x10/0x10 [ 14.000881] ? ktime_get_ts64+0x86/0x230 [ 14.000905] kunit_try_run_case+0x1a5/0x480 [ 14.000928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.000952] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.000974] ? __kthread_parkme+0x82/0x180 [ 14.000995] ? preempt_count_sub+0x50/0x80 [ 14.001019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.001042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.001076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.001099] kthread+0x337/0x6f0 [ 14.001118] ? trace_preempt_on+0x20/0xc0 [ 14.001140] ? __pfx_kthread+0x10/0x10 [ 14.001161] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.001181] ? calculate_sigpending+0x7b/0xa0 [ 14.001206] ? __pfx_kthread+0x10/0x10 [ 14.001228] ret_from_fork+0x116/0x1d0 [ 14.001246] ? __pfx_kthread+0x10/0x10 [ 14.001266] ret_from_fork_asm+0x1a/0x30 [ 14.001298] </TASK> [ 14.001310] [ 14.009980] Allocated by task 211: [ 14.010147] kasan_save_stack+0x45/0x70 [ 14.010298] kasan_save_track+0x18/0x40 [ 14.010436] kasan_save_alloc_info+0x3b/0x50 [ 14.010661] __kasan_kmalloc+0xb7/0xc0 [ 14.010947] __kmalloc_cache_noprof+0x189/0x420 [ 14.011206] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.011425] kunit_try_run_case+0x1a5/0x480 [ 14.011574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.011870] kthread+0x337/0x6f0 [ 14.012067] ret_from_fork+0x116/0x1d0 [ 14.012263] ret_from_fork_asm+0x1a/0x30 [ 14.012469] [ 14.012570] The buggy address belongs to the object at ffff888102c3fd00 [ 14.012570] which belongs to the cache kmalloc-128 of size 128 [ 14.013144] The buggy address is located 12 bytes to the right of [ 14.013144] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 14.013672] [ 14.013846] The buggy address belongs to the physical page: [ 14.014028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 14.014287] flags: 0x200000000000000(node=0|zone=2) [ 14.014456] page_type: f5(slab) [ 14.014628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.015197] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.015546] page dumped because: kasan: bad access detected [ 14.015832] [ 14.015906] Memory state around the buggy address: [ 14.016075] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.016401] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.016811] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.017103] ^ [ 14.017388] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.017762] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.018059] ================================================================== [ 13.959007] ================================================================== [ 13.959535] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.959992] Read of size 1 at addr ffff888102c3fd73 by task kunit_try_catch/211 [ 13.960328] [ 13.960454] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.960499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.960511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.960531] Call Trace: [ 13.960543] <TASK> [ 13.960558] dump_stack_lvl+0x73/0xb0 [ 13.960586] print_report+0xd1/0x650 [ 13.960609] ? __virt_addr_valid+0x1db/0x2d0 [ 13.960630] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.960677] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960776] kasan_report+0x141/0x180 [ 13.960801] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960829] __asan_report_load1_noabort+0x18/0x20 [ 13.960852] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.960875] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.960898] ? __kasan_check_write+0x18/0x20 [ 13.960916] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.960939] ? irqentry_exit+0x2a/0x60 [ 13.960960] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.960982] ? trace_hardirqs_on+0x37/0xe0 [ 13.961005] ? __pfx_read_tsc+0x10/0x10 [ 13.961025] ? ktime_get_ts64+0x86/0x230 [ 13.961063] kunit_try_run_case+0x1a5/0x480 [ 13.961087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961110] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.961132] ? __kthread_parkme+0x82/0x180 [ 13.961150] ? preempt_count_sub+0x50/0x80 [ 13.961174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.961240] kthread+0x337/0x6f0 [ 13.961259] ? trace_preempt_on+0x20/0xc0 [ 13.961281] ? __pfx_kthread+0x10/0x10 [ 13.961300] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.961320] ? calculate_sigpending+0x7b/0xa0 [ 13.961343] ? __pfx_kthread+0x10/0x10 [ 13.961364] ret_from_fork+0x116/0x1d0 [ 13.961382] ? __pfx_kthread+0x10/0x10 [ 13.961401] ret_from_fork_asm+0x1a/0x30 [ 13.961432] </TASK> [ 13.961443] [ 13.969921] Allocated by task 211: [ 13.970069] kasan_save_stack+0x45/0x70 [ 13.970233] kasan_save_track+0x18/0x40 [ 13.970433] kasan_save_alloc_info+0x3b/0x50 [ 13.970648] __kasan_kmalloc+0xb7/0xc0 [ 13.970914] __kmalloc_cache_noprof+0x189/0x420 [ 13.971161] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.971350] kunit_try_run_case+0x1a5/0x480 [ 13.971505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.971834] kthread+0x337/0x6f0 [ 13.972024] ret_from_fork+0x116/0x1d0 [ 13.972230] ret_from_fork_asm+0x1a/0x30 [ 13.972422] [ 13.972506] The buggy address belongs to the object at ffff888102c3fd00 [ 13.972506] which belongs to the cache kmalloc-128 of size 128 [ 13.973074] The buggy address is located 0 bytes to the right of [ 13.973074] allocated 115-byte region [ffff888102c3fd00, ffff888102c3fd73) [ 13.973604] [ 13.973906] The buggy address belongs to the physical page: [ 13.974134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.974385] flags: 0x200000000000000(node=0|zone=2) [ 13.974555] page_type: f5(slab) [ 13.974822] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.975186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.975507] page dumped because: kasan: bad access detected [ 13.975684] [ 13.975828] Memory state around the buggy address: [ 13.976058] ffff888102c3fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.976499] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.976900] >ffff888102c3fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.977231] ^ [ 13.977550] ffff888102c3fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.977925] ffff888102c3fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.978244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.925011] ================================================================== [ 13.925401] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.925793] Free of addr ffff88810168fee0 by task kunit_try_catch/209 [ 13.926112] [ 13.926424] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.926466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.926477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.926497] Call Trace: [ 13.926509] <TASK> [ 13.926524] dump_stack_lvl+0x73/0xb0 [ 13.926552] print_report+0xd1/0x650 [ 13.926574] ? __virt_addr_valid+0x1db/0x2d0 [ 13.926597] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.926622] ? kfree_sensitive+0x2e/0x90 [ 13.926643] kasan_report_invalid_free+0x10a/0x130 [ 13.926666] ? kfree_sensitive+0x2e/0x90 [ 13.926687] ? kfree_sensitive+0x2e/0x90 [ 13.926781] check_slab_allocation+0x101/0x130 [ 13.926803] __kasan_slab_pre_free+0x28/0x40 [ 13.926823] kfree+0xf0/0x3f0 [ 13.926845] ? kfree_sensitive+0x2e/0x90 [ 13.926867] kfree_sensitive+0x2e/0x90 [ 13.926886] kmalloc_double_kzfree+0x19c/0x350 [ 13.926908] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.926932] ? __schedule+0x10cc/0x2b60 [ 13.926954] ? __pfx_read_tsc+0x10/0x10 [ 13.926977] ? ktime_get_ts64+0x86/0x230 [ 13.927003] kunit_try_run_case+0x1a5/0x480 [ 13.927026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.927081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.927103] ? __kthread_parkme+0x82/0x180 [ 13.927122] ? preempt_count_sub+0x50/0x80 [ 13.927146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.927192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.927214] kthread+0x337/0x6f0 [ 13.927233] ? trace_preempt_on+0x20/0xc0 [ 13.927255] ? __pfx_kthread+0x10/0x10 [ 13.927275] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.927296] ? calculate_sigpending+0x7b/0xa0 [ 13.927320] ? __pfx_kthread+0x10/0x10 [ 13.927341] ret_from_fork+0x116/0x1d0 [ 13.927359] ? __pfx_kthread+0x10/0x10 [ 13.927379] ret_from_fork_asm+0x1a/0x30 [ 13.927410] </TASK> [ 13.927420] [ 13.935578] Allocated by task 209: [ 13.935909] kasan_save_stack+0x45/0x70 [ 13.936137] kasan_save_track+0x18/0x40 [ 13.936343] kasan_save_alloc_info+0x3b/0x50 [ 13.936568] __kasan_kmalloc+0xb7/0xc0 [ 13.936863] __kmalloc_cache_noprof+0x189/0x420 [ 13.937121] kmalloc_double_kzfree+0xa9/0x350 [ 13.937298] kunit_try_run_case+0x1a5/0x480 [ 13.937527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.937807] kthread+0x337/0x6f0 [ 13.937943] ret_from_fork+0x116/0x1d0 [ 13.938103] ret_from_fork_asm+0x1a/0x30 [ 13.938321] [ 13.938424] Freed by task 209: [ 13.938592] kasan_save_stack+0x45/0x70 [ 13.938882] kasan_save_track+0x18/0x40 [ 13.939104] kasan_save_free_info+0x3f/0x60 [ 13.939331] __kasan_slab_free+0x56/0x70 [ 13.939538] kfree+0x222/0x3f0 [ 13.939664] kfree_sensitive+0x67/0x90 [ 13.939940] kmalloc_double_kzfree+0x12b/0x350 [ 13.940191] kunit_try_run_case+0x1a5/0x480 [ 13.940415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.940654] kthread+0x337/0x6f0 [ 13.940992] ret_from_fork+0x116/0x1d0 [ 13.941213] ret_from_fork_asm+0x1a/0x30 [ 13.941393] [ 13.941497] The buggy address belongs to the object at ffff88810168fee0 [ 13.941497] which belongs to the cache kmalloc-16 of size 16 [ 13.942130] The buggy address is located 0 bytes inside of [ 13.942130] 16-byte region [ffff88810168fee0, ffff88810168fef0) [ 13.942604] [ 13.942682] The buggy address belongs to the physical page: [ 13.942946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10168f [ 13.943294] flags: 0x200000000000000(node=0|zone=2) [ 13.943547] page_type: f5(slab) [ 13.943803] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.944187] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.944489] page dumped because: kasan: bad access detected [ 13.944674] [ 13.944823] Memory state around the buggy address: [ 13.944997] ffff88810168fd80: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 13.945360] ffff88810168fe00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.945893] >ffff88810168fe80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.946262] ^ [ 13.946569] ffff88810168ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.946943] ffff88810168ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.947213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.894243] ================================================================== [ 13.896144] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.897342] Read of size 1 at addr ffff88810168fee0 by task kunit_try_catch/209 [ 13.898353] [ 13.898942] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.899020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.899034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.899069] Call Trace: [ 13.899082] <TASK> [ 13.899098] dump_stack_lvl+0x73/0xb0 [ 13.899130] print_report+0xd1/0x650 [ 13.899153] ? __virt_addr_valid+0x1db/0x2d0 [ 13.899175] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.899198] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.899223] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.899246] kasan_report+0x141/0x180 [ 13.899268] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.899294] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.899317] __kasan_check_byte+0x3d/0x50 [ 13.899338] kfree_sensitive+0x22/0x90 [ 13.899361] kmalloc_double_kzfree+0x19c/0x350 [ 13.899384] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.899408] ? __schedule+0x10cc/0x2b60 [ 13.899430] ? __pfx_read_tsc+0x10/0x10 [ 13.899451] ? ktime_get_ts64+0x86/0x230 [ 13.899476] kunit_try_run_case+0x1a5/0x480 [ 13.899500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.899521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.899544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.899567] ? __kthread_parkme+0x82/0x180 [ 13.899586] ? preempt_count_sub+0x50/0x80 [ 13.899610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.899633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.899655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.899678] kthread+0x337/0x6f0 [ 13.899697] ? trace_preempt_on+0x20/0xc0 [ 13.899720] ? __pfx_kthread+0x10/0x10 [ 13.899741] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.899762] ? calculate_sigpending+0x7b/0xa0 [ 13.899786] ? __pfx_kthread+0x10/0x10 [ 13.899807] ret_from_fork+0x116/0x1d0 [ 13.899826] ? __pfx_kthread+0x10/0x10 [ 13.899846] ret_from_fork_asm+0x1a/0x30 [ 13.899878] </TASK> [ 13.899890] [ 13.913229] Allocated by task 209: [ 13.913427] kasan_save_stack+0x45/0x70 [ 13.913586] kasan_save_track+0x18/0x40 [ 13.913815] kasan_save_alloc_info+0x3b/0x50 [ 13.914036] __kasan_kmalloc+0xb7/0xc0 [ 13.914249] __kmalloc_cache_noprof+0x189/0x420 [ 13.914485] kmalloc_double_kzfree+0xa9/0x350 [ 13.914770] kunit_try_run_case+0x1a5/0x480 [ 13.914954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.915212] kthread+0x337/0x6f0 [ 13.915365] ret_from_fork+0x116/0x1d0 [ 13.915513] ret_from_fork_asm+0x1a/0x30 [ 13.915789] [ 13.915898] Freed by task 209: [ 13.916045] kasan_save_stack+0x45/0x70 [ 13.916232] kasan_save_track+0x18/0x40 [ 13.916430] kasan_save_free_info+0x3f/0x60 [ 13.916635] __kasan_slab_free+0x56/0x70 [ 13.917018] kfree+0x222/0x3f0 [ 13.917194] kfree_sensitive+0x67/0x90 [ 13.917340] kmalloc_double_kzfree+0x12b/0x350 [ 13.917495] kunit_try_run_case+0x1a5/0x480 [ 13.917649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.917985] kthread+0x337/0x6f0 [ 13.918173] ret_from_fork+0x116/0x1d0 [ 13.918366] ret_from_fork_asm+0x1a/0x30 [ 13.918563] [ 13.918662] The buggy address belongs to the object at ffff88810168fee0 [ 13.918662] which belongs to the cache kmalloc-16 of size 16 [ 13.919228] The buggy address is located 0 bytes inside of [ 13.919228] freed 16-byte region [ffff88810168fee0, ffff88810168fef0) [ 13.919643] [ 13.919799] The buggy address belongs to the physical page: [ 13.920075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10168f [ 13.920443] flags: 0x200000000000000(node=0|zone=2) [ 13.920672] page_type: f5(slab) [ 13.920907] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.921246] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.921569] page dumped because: kasan: bad access detected [ 13.922006] [ 13.922114] Memory state around the buggy address: [ 13.922281] ffff88810168fd80: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 13.922506] ffff88810168fe00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.922885] >ffff88810168fe80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.923232] ^ [ 13.923522] ffff88810168ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.923894] ffff88810168ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.924200] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.852167] ================================================================== [ 13.853403] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.854305] Read of size 1 at addr ffff888102c4c328 by task kunit_try_catch/205 [ 13.854544] [ 13.854639] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.854684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.854696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.854745] Call Trace: [ 13.854757] <TASK> [ 13.854772] dump_stack_lvl+0x73/0xb0 [ 13.854801] print_report+0xd1/0x650 [ 13.854822] ? __virt_addr_valid+0x1db/0x2d0 [ 13.854843] ? kmalloc_uaf2+0x4a8/0x520 [ 13.854862] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.854888] ? kmalloc_uaf2+0x4a8/0x520 [ 13.854907] kasan_report+0x141/0x180 [ 13.854928] ? kmalloc_uaf2+0x4a8/0x520 [ 13.854953] __asan_report_load1_noabort+0x18/0x20 [ 13.854976] kmalloc_uaf2+0x4a8/0x520 [ 13.854996] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.855014] ? finish_task_switch.isra.0+0x153/0x700 [ 13.855036] ? __switch_to+0x47/0xf50 [ 13.855073] ? __schedule+0x10cc/0x2b60 [ 13.855095] ? __pfx_read_tsc+0x10/0x10 [ 13.855115] ? ktime_get_ts64+0x86/0x230 [ 13.855138] kunit_try_run_case+0x1a5/0x480 [ 13.855161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.855204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.855226] ? __kthread_parkme+0x82/0x180 [ 13.855245] ? preempt_count_sub+0x50/0x80 [ 13.855267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.855333] kthread+0x337/0x6f0 [ 13.855352] ? trace_preempt_on+0x20/0xc0 [ 13.855373] ? __pfx_kthread+0x10/0x10 [ 13.855394] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.855414] ? calculate_sigpending+0x7b/0xa0 [ 13.855437] ? __pfx_kthread+0x10/0x10 [ 13.855458] ret_from_fork+0x116/0x1d0 [ 13.855475] ? __pfx_kthread+0x10/0x10 [ 13.855495] ret_from_fork_asm+0x1a/0x30 [ 13.855525] </TASK> [ 13.855536] [ 13.869651] Allocated by task 205: [ 13.869965] kasan_save_stack+0x45/0x70 [ 13.870210] kasan_save_track+0x18/0x40 [ 13.870359] kasan_save_alloc_info+0x3b/0x50 [ 13.870514] __kasan_kmalloc+0xb7/0xc0 [ 13.870651] __kmalloc_cache_noprof+0x189/0x420 [ 13.871298] kmalloc_uaf2+0xc6/0x520 [ 13.871669] kunit_try_run_case+0x1a5/0x480 [ 13.872119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.872709] kthread+0x337/0x6f0 [ 13.873163] ret_from_fork+0x116/0x1d0 [ 13.873560] ret_from_fork_asm+0x1a/0x30 [ 13.874198] [ 13.874377] Freed by task 205: [ 13.874684] kasan_save_stack+0x45/0x70 [ 13.874989] kasan_save_track+0x18/0x40 [ 13.875146] kasan_save_free_info+0x3f/0x60 [ 13.875297] __kasan_slab_free+0x56/0x70 [ 13.875437] kfree+0x222/0x3f0 [ 13.875557] kmalloc_uaf2+0x14c/0x520 [ 13.875691] kunit_try_run_case+0x1a5/0x480 [ 13.876648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.876931] kthread+0x337/0x6f0 [ 13.877454] ret_from_fork+0x116/0x1d0 [ 13.878030] ret_from_fork_asm+0x1a/0x30 [ 13.878306] [ 13.878388] The buggy address belongs to the object at ffff888102c4c300 [ 13.878388] which belongs to the cache kmalloc-64 of size 64 [ 13.879034] The buggy address is located 40 bytes inside of [ 13.879034] freed 64-byte region [ffff888102c4c300, ffff888102c4c340) [ 13.880928] [ 13.881295] The buggy address belongs to the physical page: [ 13.882167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c4c [ 13.882954] flags: 0x200000000000000(node=0|zone=2) [ 13.883150] page_type: f5(slab) [ 13.883283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.883528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.884093] page dumped because: kasan: bad access detected [ 13.884633] [ 13.884748] Memory state around the buggy address: [ 13.884975] ffff888102c4c200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.885263] ffff888102c4c280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.885591] >ffff888102c4c300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.885883] ^ [ 13.886658] ffff888102c4c380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.887509] ffff888102c4c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.888343] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.812681] ================================================================== [ 13.813151] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.813393] Write of size 33 at addr ffff8881031c1080 by task kunit_try_catch/203 [ 13.813636] [ 13.813727] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.813770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.813782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.813803] Call Trace: [ 13.813814] <TASK> [ 13.813839] dump_stack_lvl+0x73/0xb0 [ 13.813866] print_report+0xd1/0x650 [ 13.813887] ? __virt_addr_valid+0x1db/0x2d0 [ 13.813908] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.813929] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.813953] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.813974] kasan_report+0x141/0x180 [ 13.813995] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.814021] kasan_check_range+0x10c/0x1c0 [ 13.814043] __asan_memset+0x27/0x50 [ 13.814073] kmalloc_uaf_memset+0x1a3/0x360 [ 13.814093] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.814114] ? __schedule+0x10cc/0x2b60 [ 13.814135] ? __pfx_read_tsc+0x10/0x10 [ 13.814154] ? ktime_get_ts64+0x86/0x230 [ 13.814179] kunit_try_run_case+0x1a5/0x480 [ 13.814202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.814223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.814245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.814267] ? __kthread_parkme+0x82/0x180 [ 13.814285] ? preempt_count_sub+0x50/0x80 [ 13.814308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.814330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.814352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.814374] kthread+0x337/0x6f0 [ 13.814393] ? trace_preempt_on+0x20/0xc0 [ 13.814416] ? __pfx_kthread+0x10/0x10 [ 13.814435] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.814455] ? calculate_sigpending+0x7b/0xa0 [ 13.814477] ? __pfx_kthread+0x10/0x10 [ 13.814498] ret_from_fork+0x116/0x1d0 [ 13.814515] ? __pfx_kthread+0x10/0x10 [ 13.814535] ret_from_fork_asm+0x1a/0x30 [ 13.814565] </TASK> [ 13.814575] [ 13.827319] Allocated by task 203: [ 13.827461] kasan_save_stack+0x45/0x70 [ 13.827740] kasan_save_track+0x18/0x40 [ 13.827882] kasan_save_alloc_info+0x3b/0x50 [ 13.828061] __kasan_kmalloc+0xb7/0xc0 [ 13.828208] __kmalloc_cache_noprof+0x189/0x420 [ 13.828660] kmalloc_uaf_memset+0xa9/0x360 [ 13.829101] kunit_try_run_case+0x1a5/0x480 [ 13.829520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.830146] kthread+0x337/0x6f0 [ 13.830448] ret_from_fork+0x116/0x1d0 [ 13.830869] ret_from_fork_asm+0x1a/0x30 [ 13.831312] [ 13.831521] Freed by task 203: [ 13.831867] kasan_save_stack+0x45/0x70 [ 13.832237] kasan_save_track+0x18/0x40 [ 13.832538] kasan_save_free_info+0x3f/0x60 [ 13.833123] __kasan_slab_free+0x56/0x70 [ 13.833538] kfree+0x222/0x3f0 [ 13.833866] kmalloc_uaf_memset+0x12b/0x360 [ 13.834160] kunit_try_run_case+0x1a5/0x480 [ 13.834870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835181] kthread+0x337/0x6f0 [ 13.835313] ret_from_fork+0x116/0x1d0 [ 13.835453] ret_from_fork_asm+0x1a/0x30 [ 13.835599] [ 13.835675] The buggy address belongs to the object at ffff8881031c1080 [ 13.835675] which belongs to the cache kmalloc-64 of size 64 [ 13.836924] The buggy address is located 0 bytes inside of [ 13.836924] freed 64-byte region [ffff8881031c1080, ffff8881031c10c0) [ 13.838161] [ 13.838331] The buggy address belongs to the physical page: [ 13.838855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c1 [ 13.839673] flags: 0x200000000000000(node=0|zone=2) [ 13.840220] page_type: f5(slab) [ 13.840551] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.841264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.842104] page dumped because: kasan: bad access detected [ 13.842337] [ 13.842416] Memory state around the buggy address: [ 13.842586] ffff8881031c0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842827] ffff8881031c1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.843070] >ffff8881031c1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.843491] ^ [ 13.843625] ffff8881031c1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.844283] ffff8881031c1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845030] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.776584] ================================================================== [ 13.777339] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.777818] Read of size 1 at addr ffff888102873108 by task kunit_try_catch/201 [ 13.778151] [ 13.778278] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.778323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.778335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.778356] Call Trace: [ 13.778369] <TASK> [ 13.778385] dump_stack_lvl+0x73/0xb0 [ 13.778416] print_report+0xd1/0x650 [ 13.778438] ? __virt_addr_valid+0x1db/0x2d0 [ 13.778461] ? kmalloc_uaf+0x320/0x380 [ 13.778480] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.778506] ? kmalloc_uaf+0x320/0x380 [ 13.778526] kasan_report+0x141/0x180 [ 13.778547] ? kmalloc_uaf+0x320/0x380 [ 13.778573] __asan_report_load1_noabort+0x18/0x20 [ 13.778596] kmalloc_uaf+0x320/0x380 [ 13.778615] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.778636] ? __schedule+0x10cc/0x2b60 [ 13.778658] ? __pfx_read_tsc+0x10/0x10 [ 13.778678] ? ktime_get_ts64+0x86/0x230 [ 13.778703] kunit_try_run_case+0x1a5/0x480 [ 13.779232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.779258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.779283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.779305] ? __kthread_parkme+0x82/0x180 [ 13.779326] ? preempt_count_sub+0x50/0x80 [ 13.779350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.779374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.779396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.779418] kthread+0x337/0x6f0 [ 13.779438] ? trace_preempt_on+0x20/0xc0 [ 13.779462] ? __pfx_kthread+0x10/0x10 [ 13.779482] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.779503] ? calculate_sigpending+0x7b/0xa0 [ 13.779528] ? __pfx_kthread+0x10/0x10 [ 13.779549] ret_from_fork+0x116/0x1d0 [ 13.779568] ? __pfx_kthread+0x10/0x10 [ 13.779588] ret_from_fork_asm+0x1a/0x30 [ 13.779620] </TASK> [ 13.779631] [ 13.790672] Allocated by task 201: [ 13.791315] kasan_save_stack+0x45/0x70 [ 13.791485] kasan_save_track+0x18/0x40 [ 13.791634] kasan_save_alloc_info+0x3b/0x50 [ 13.792384] __kasan_kmalloc+0xb7/0xc0 [ 13.793043] __kmalloc_cache_noprof+0x189/0x420 [ 13.793659] kmalloc_uaf+0xaa/0x380 [ 13.794223] kunit_try_run_case+0x1a5/0x480 [ 13.794855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.795499] kthread+0x337/0x6f0 [ 13.795644] ret_from_fork+0x116/0x1d0 [ 13.796174] ret_from_fork_asm+0x1a/0x30 [ 13.796835] [ 13.797066] Freed by task 201: [ 13.797354] kasan_save_stack+0x45/0x70 [ 13.797581] kasan_save_track+0x18/0x40 [ 13.797788] kasan_save_free_info+0x3f/0x60 [ 13.798001] __kasan_slab_free+0x56/0x70 [ 13.798218] kfree+0x222/0x3f0 [ 13.798384] kmalloc_uaf+0x12c/0x380 [ 13.798566] kunit_try_run_case+0x1a5/0x480 [ 13.798776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799029] kthread+0x337/0x6f0 [ 13.799975] ret_from_fork+0x116/0x1d0 [ 13.800146] ret_from_fork_asm+0x1a/0x30 [ 13.800605] [ 13.800954] The buggy address belongs to the object at ffff888102873100 [ 13.800954] which belongs to the cache kmalloc-16 of size 16 [ 13.801472] The buggy address is located 8 bytes inside of [ 13.801472] freed 16-byte region [ffff888102873100, ffff888102873110) [ 13.802318] [ 13.802662] The buggy address belongs to the physical page: [ 13.803156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 13.803604] flags: 0x200000000000000(node=0|zone=2) [ 13.804035] page_type: f5(slab) [ 13.804217] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.804572] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.805288] page dumped because: kasan: bad access detected [ 13.805676] [ 13.806002] Memory state around the buggy address: [ 13.806365] ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 13.806929] ffff888102873080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.807424] >ffff888102873100: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.808026] ^ [ 13.808182] ffff888102873180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.808875] ffff888102873200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.809199] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.746379] ================================================================== [ 13.746846] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.747131] Read of size 64 at addr ffff888102c4c184 by task kunit_try_catch/199 [ 13.747415] [ 13.747537] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.747582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.747593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.747613] Call Trace: [ 13.747625] <TASK> [ 13.747640] dump_stack_lvl+0x73/0xb0 [ 13.747668] print_report+0xd1/0x650 [ 13.747690] ? __virt_addr_valid+0x1db/0x2d0 [ 13.747712] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.747735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.747760] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.747784] kasan_report+0x141/0x180 [ 13.747805] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.747835] kasan_check_range+0x10c/0x1c0 [ 13.747859] __asan_memmove+0x27/0x70 [ 13.747878] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.747902] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.747927] ? __schedule+0x10cc/0x2b60 [ 13.747948] ? __pfx_read_tsc+0x10/0x10 [ 13.747969] ? ktime_get_ts64+0x86/0x230 [ 13.747995] kunit_try_run_case+0x1a5/0x480 [ 13.748019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.748040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.748520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.748545] ? __kthread_parkme+0x82/0x180 [ 13.748565] ? preempt_count_sub+0x50/0x80 [ 13.748588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.748612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.748634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.748656] kthread+0x337/0x6f0 [ 13.748676] ? trace_preempt_on+0x20/0xc0 [ 13.748729] ? __pfx_kthread+0x10/0x10 [ 13.748763] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.748784] ? calculate_sigpending+0x7b/0xa0 [ 13.748807] ? __pfx_kthread+0x10/0x10 [ 13.748829] ret_from_fork+0x116/0x1d0 [ 13.748847] ? __pfx_kthread+0x10/0x10 [ 13.748867] ret_from_fork_asm+0x1a/0x30 [ 13.748899] </TASK> [ 13.748910] [ 13.762826] Allocated by task 199: [ 13.763199] kasan_save_stack+0x45/0x70 [ 13.763601] kasan_save_track+0x18/0x40 [ 13.763961] kasan_save_alloc_info+0x3b/0x50 [ 13.764139] __kasan_kmalloc+0xb7/0xc0 [ 13.764370] __kmalloc_cache_noprof+0x189/0x420 [ 13.764912] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.765416] kunit_try_run_case+0x1a5/0x480 [ 13.765917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.766152] kthread+0x337/0x6f0 [ 13.766315] ret_from_fork+0x116/0x1d0 [ 13.766497] ret_from_fork_asm+0x1a/0x30 [ 13.766688] [ 13.766881] The buggy address belongs to the object at ffff888102c4c180 [ 13.766881] which belongs to the cache kmalloc-64 of size 64 [ 13.767443] The buggy address is located 4 bytes inside of [ 13.767443] allocated 64-byte region [ffff888102c4c180, ffff888102c4c1c0) [ 13.768073] [ 13.768179] The buggy address belongs to the physical page: [ 13.768510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c4c [ 13.769028] flags: 0x200000000000000(node=0|zone=2) [ 13.769245] page_type: f5(slab) [ 13.769458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.769892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.770200] page dumped because: kasan: bad access detected [ 13.770501] [ 13.770600] Memory state around the buggy address: [ 13.770965] ffff888102c4c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.771330] ffff888102c4c100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.771728] >ffff888102c4c180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.772037] ^ [ 13.772301] ffff888102c4c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772587] ffff888102c4c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.772954] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.709384] ================================================================== [ 13.710872] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.711436] Read of size 18446744073709551614 at addr ffff8881031b8d04 by task kunit_try_catch/197 [ 13.712148] [ 13.712251] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.712298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.712310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.712331] Call Trace: [ 13.712344] <TASK> [ 13.712360] dump_stack_lvl+0x73/0xb0 [ 13.712390] print_report+0xd1/0x650 [ 13.712412] ? __virt_addr_valid+0x1db/0x2d0 [ 13.712433] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.712457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.712481] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.712526] kasan_report+0x141/0x180 [ 13.712547] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.712576] kasan_check_range+0x10c/0x1c0 [ 13.712600] __asan_memmove+0x27/0x70 [ 13.712619] kmalloc_memmove_negative_size+0x171/0x330 [ 13.712642] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.712667] ? __schedule+0x10cc/0x2b60 [ 13.712688] ? __pfx_read_tsc+0x10/0x10 [ 13.712844] ? ktime_get_ts64+0x86/0x230 [ 13.712872] kunit_try_run_case+0x1a5/0x480 [ 13.712896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.712918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.712970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.712992] ? __kthread_parkme+0x82/0x180 [ 13.713012] ? preempt_count_sub+0x50/0x80 [ 13.713034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.713068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.713090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.713112] kthread+0x337/0x6f0 [ 13.713131] ? trace_preempt_on+0x20/0xc0 [ 13.713154] ? __pfx_kthread+0x10/0x10 [ 13.713174] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.713194] ? calculate_sigpending+0x7b/0xa0 [ 13.713217] ? __pfx_kthread+0x10/0x10 [ 13.713238] ret_from_fork+0x116/0x1d0 [ 13.713255] ? __pfx_kthread+0x10/0x10 [ 13.713275] ret_from_fork_asm+0x1a/0x30 [ 13.713306] </TASK> [ 13.713318] [ 13.728044] Allocated by task 197: [ 13.728423] kasan_save_stack+0x45/0x70 [ 13.728879] kasan_save_track+0x18/0x40 [ 13.729045] kasan_save_alloc_info+0x3b/0x50 [ 13.729219] __kasan_kmalloc+0xb7/0xc0 [ 13.729361] __kmalloc_cache_noprof+0x189/0x420 [ 13.729532] kmalloc_memmove_negative_size+0xac/0x330 [ 13.729931] kunit_try_run_case+0x1a5/0x480 [ 13.730377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.730988] kthread+0x337/0x6f0 [ 13.731422] ret_from_fork+0x116/0x1d0 [ 13.731811] ret_from_fork_asm+0x1a/0x30 [ 13.732330] [ 13.732530] The buggy address belongs to the object at ffff8881031b8d00 [ 13.732530] which belongs to the cache kmalloc-64 of size 64 [ 13.733954] The buggy address is located 4 bytes inside of [ 13.733954] 64-byte region [ffff8881031b8d00, ffff8881031b8d40) [ 13.734365] [ 13.734446] The buggy address belongs to the physical page: [ 13.734634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031b8 [ 13.735463] flags: 0x200000000000000(node=0|zone=2) [ 13.736073] page_type: f5(slab) [ 13.736410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.737291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.738270] page dumped because: kasan: bad access detected [ 13.738868] [ 13.738970] Memory state around the buggy address: [ 13.739424] ffff8881031b8c00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 13.739784] ffff8881031b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.740468] >ffff8881031b8d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.741063] ^ [ 13.741294] ffff8881031b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.741535] ffff8881031b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.741973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.672457] ================================================================== [ 13.674185] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.675311] Write of size 16 at addr ffff888102c3fc69 by task kunit_try_catch/195 [ 13.676330] [ 13.676693] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.676772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.676785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.676807] Call Trace: [ 13.676821] <TASK> [ 13.676840] dump_stack_lvl+0x73/0xb0 [ 13.676871] print_report+0xd1/0x650 [ 13.676893] ? __virt_addr_valid+0x1db/0x2d0 [ 13.676917] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.676937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.676962] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.676984] kasan_report+0x141/0x180 [ 13.677005] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.677032] kasan_check_range+0x10c/0x1c0 [ 13.677070] __asan_memset+0x27/0x50 [ 13.677089] kmalloc_oob_memset_16+0x166/0x330 [ 13.677111] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.677134] ? __schedule+0x10cc/0x2b60 [ 13.677156] ? __pfx_read_tsc+0x10/0x10 [ 13.677177] ? ktime_get_ts64+0x86/0x230 [ 13.677202] kunit_try_run_case+0x1a5/0x480 [ 13.677233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.677255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.677278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.677300] ? __kthread_parkme+0x82/0x180 [ 13.677320] ? preempt_count_sub+0x50/0x80 [ 13.677344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.677367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.677389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.677410] kthread+0x337/0x6f0 [ 13.677429] ? trace_preempt_on+0x20/0xc0 [ 13.677452] ? __pfx_kthread+0x10/0x10 [ 13.677472] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.677492] ? calculate_sigpending+0x7b/0xa0 [ 13.677517] ? __pfx_kthread+0x10/0x10 [ 13.677542] ret_from_fork+0x116/0x1d0 [ 13.677560] ? __pfx_kthread+0x10/0x10 [ 13.677581] ret_from_fork_asm+0x1a/0x30 [ 13.677613] </TASK> [ 13.677624] [ 13.688359] Allocated by task 195: [ 13.689354] kasan_save_stack+0x45/0x70 [ 13.689558] kasan_save_track+0x18/0x40 [ 13.690133] kasan_save_alloc_info+0x3b/0x50 [ 13.690926] __kasan_kmalloc+0xb7/0xc0 [ 13.691390] __kmalloc_cache_noprof+0x189/0x420 [ 13.691569] kmalloc_oob_memset_16+0xac/0x330 [ 13.692292] kunit_try_run_case+0x1a5/0x480 [ 13.692693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.693529] kthread+0x337/0x6f0 [ 13.693880] ret_from_fork+0x116/0x1d0 [ 13.694087] ret_from_fork_asm+0x1a/0x30 [ 13.694439] [ 13.694521] The buggy address belongs to the object at ffff888102c3fc00 [ 13.694521] which belongs to the cache kmalloc-128 of size 128 [ 13.695898] The buggy address is located 105 bytes inside of [ 13.695898] allocated 120-byte region [ffff888102c3fc00, ffff888102c3fc78) [ 13.697029] [ 13.697341] The buggy address belongs to the physical page: [ 13.698032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.698318] flags: 0x200000000000000(node=0|zone=2) [ 13.698504] page_type: f5(slab) [ 13.698639] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.699666] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.700533] page dumped because: kasan: bad access detected [ 13.701158] [ 13.701330] Memory state around the buggy address: [ 13.701916] ffff888102c3fb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.702170] ffff888102c3fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.702400] >ffff888102c3fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.702632] ^ [ 13.703363] ffff888102c3fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.704120] ffff888102c3fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.704891] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.648663] ================================================================== [ 13.649369] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.649791] Write of size 8 at addr ffff8881031c0071 by task kunit_try_catch/193 [ 13.650074] [ 13.650216] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.650261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.650273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.650294] Call Trace: [ 13.650306] <TASK> [ 13.650321] dump_stack_lvl+0x73/0xb0 [ 13.650350] print_report+0xd1/0x650 [ 13.650373] ? __virt_addr_valid+0x1db/0x2d0 [ 13.650398] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.650420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.650447] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.650493] kasan_report+0x141/0x180 [ 13.650515] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.650542] kasan_check_range+0x10c/0x1c0 [ 13.650566] __asan_memset+0x27/0x50 [ 13.650585] kmalloc_oob_memset_8+0x166/0x330 [ 13.650608] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.650631] ? __schedule+0x10cc/0x2b60 [ 13.650653] ? __pfx_read_tsc+0x10/0x10 [ 13.650675] ? ktime_get_ts64+0x86/0x230 [ 13.650700] kunit_try_run_case+0x1a5/0x480 [ 13.650757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.650779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.650803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.650825] ? __kthread_parkme+0x82/0x180 [ 13.650846] ? preempt_count_sub+0x50/0x80 [ 13.650870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.650893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.650915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.650938] kthread+0x337/0x6f0 [ 13.650958] ? trace_preempt_on+0x20/0xc0 [ 13.650982] ? __pfx_kthread+0x10/0x10 [ 13.651022] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.651043] ? calculate_sigpending+0x7b/0xa0 [ 13.651078] ? __pfx_kthread+0x10/0x10 [ 13.651100] ret_from_fork+0x116/0x1d0 [ 13.651119] ? __pfx_kthread+0x10/0x10 [ 13.651140] ret_from_fork_asm+0x1a/0x30 [ 13.651172] </TASK> [ 13.651183] [ 13.659411] Allocated by task 193: [ 13.659608] kasan_save_stack+0x45/0x70 [ 13.659799] kasan_save_track+0x18/0x40 [ 13.660067] kasan_save_alloc_info+0x3b/0x50 [ 13.660268] __kasan_kmalloc+0xb7/0xc0 [ 13.660501] __kmalloc_cache_noprof+0x189/0x420 [ 13.660725] kmalloc_oob_memset_8+0xac/0x330 [ 13.660941] kunit_try_run_case+0x1a5/0x480 [ 13.661417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.661619] kthread+0x337/0x6f0 [ 13.661746] ret_from_fork+0x116/0x1d0 [ 13.661883] ret_from_fork_asm+0x1a/0x30 [ 13.662220] [ 13.662324] The buggy address belongs to the object at ffff8881031c0000 [ 13.662324] which belongs to the cache kmalloc-128 of size 128 [ 13.662722] The buggy address is located 113 bytes inside of [ 13.662722] allocated 120-byte region [ffff8881031c0000, ffff8881031c0078) [ 13.663306] [ 13.663415] The buggy address belongs to the physical page: [ 13.663672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c0 [ 13.664123] flags: 0x200000000000000(node=0|zone=2) [ 13.664413] page_type: f5(slab) [ 13.664634] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.665089] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.665364] page dumped because: kasan: bad access detected [ 13.665697] [ 13.665889] Memory state around the buggy address: [ 13.666145] ffff8881031bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666450] ffff8881031bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666776] >ffff8881031c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.667037] ^ [ 13.667299] ffff8881031c0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.667653] ffff8881031c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.667944] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.618915] ================================================================== [ 13.620371] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.621336] Write of size 4 at addr ffff8881031acf75 by task kunit_try_catch/191 [ 13.621622] [ 13.621978] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.622028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.622041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.622076] Call Trace: [ 13.622089] <TASK> [ 13.622105] dump_stack_lvl+0x73/0xb0 [ 13.622136] print_report+0xd1/0x650 [ 13.622157] ? __virt_addr_valid+0x1db/0x2d0 [ 13.622179] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.622199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.622224] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.622245] kasan_report+0x141/0x180 [ 13.622266] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.622292] kasan_check_range+0x10c/0x1c0 [ 13.622315] __asan_memset+0x27/0x50 [ 13.622333] kmalloc_oob_memset_4+0x166/0x330 [ 13.622355] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.622377] ? __schedule+0x10cc/0x2b60 [ 13.622398] ? __pfx_read_tsc+0x10/0x10 [ 13.622419] ? ktime_get_ts64+0x86/0x230 [ 13.622444] kunit_try_run_case+0x1a5/0x480 [ 13.622468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.622488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.622510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.622532] ? __kthread_parkme+0x82/0x180 [ 13.622551] ? preempt_count_sub+0x50/0x80 [ 13.622575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.622597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.622618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.622639] kthread+0x337/0x6f0 [ 13.622658] ? trace_preempt_on+0x20/0xc0 [ 13.622681] ? __pfx_kthread+0x10/0x10 [ 13.622708] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.622728] ? calculate_sigpending+0x7b/0xa0 [ 13.622750] ? __pfx_kthread+0x10/0x10 [ 13.622771] ret_from_fork+0x116/0x1d0 [ 13.622788] ? __pfx_kthread+0x10/0x10 [ 13.622808] ret_from_fork_asm+0x1a/0x30 [ 13.622839] </TASK> [ 13.622850] [ 13.635703] Allocated by task 191: [ 13.635905] kasan_save_stack+0x45/0x70 [ 13.636161] kasan_save_track+0x18/0x40 [ 13.636355] kasan_save_alloc_info+0x3b/0x50 [ 13.636573] __kasan_kmalloc+0xb7/0xc0 [ 13.636762] __kmalloc_cache_noprof+0x189/0x420 [ 13.636932] kmalloc_oob_memset_4+0xac/0x330 [ 13.637118] kunit_try_run_case+0x1a5/0x480 [ 13.637391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.637770] kthread+0x337/0x6f0 [ 13.637936] ret_from_fork+0x116/0x1d0 [ 13.638133] ret_from_fork_asm+0x1a/0x30 [ 13.638369] [ 13.638475] The buggy address belongs to the object at ffff8881031acf00 [ 13.638475] which belongs to the cache kmalloc-128 of size 128 [ 13.638939] The buggy address is located 117 bytes inside of [ 13.638939] allocated 120-byte region [ffff8881031acf00, ffff8881031acf78) [ 13.639634] [ 13.639778] The buggy address belongs to the physical page: [ 13.640022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 13.640297] flags: 0x200000000000000(node=0|zone=2) [ 13.640476] page_type: f5(slab) [ 13.640607] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.640968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.641337] page dumped because: kasan: bad access detected [ 13.641614] [ 13.641718] Memory state around the buggy address: [ 13.641889] ffff8881031ace00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.642142] ffff8881031ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.642482] >ffff8881031acf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.642822] ^ [ 13.643164] ffff8881031acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.643442] ffff8881031ad000: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 13.643679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.583599] ================================================================== [ 13.585014] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.585795] Write of size 2 at addr ffff888102c3fb77 by task kunit_try_catch/189 [ 13.586060] [ 13.586160] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.586206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.586218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.586240] Call Trace: [ 13.586254] <TASK> [ 13.586270] dump_stack_lvl+0x73/0xb0 [ 13.586300] print_report+0xd1/0x650 [ 13.586323] ? __virt_addr_valid+0x1db/0x2d0 [ 13.586346] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.586368] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.586395] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.586417] kasan_report+0x141/0x180 [ 13.586440] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.586468] kasan_check_range+0x10c/0x1c0 [ 13.586492] __asan_memset+0x27/0x50 [ 13.586511] kmalloc_oob_memset_2+0x166/0x330 [ 13.586534] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.586558] ? __schedule+0x10cc/0x2b60 [ 13.586581] ? __pfx_read_tsc+0x10/0x10 [ 13.586602] ? ktime_get_ts64+0x86/0x230 [ 13.586631] kunit_try_run_case+0x1a5/0x480 [ 13.586655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.586701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.586724] ? __kthread_parkme+0x82/0x180 [ 13.586744] ? preempt_count_sub+0x50/0x80 [ 13.586768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.586792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.586836] kthread+0x337/0x6f0 [ 13.586856] ? trace_preempt_on+0x20/0xc0 [ 13.586880] ? __pfx_kthread+0x10/0x10 [ 13.586900] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586921] ? calculate_sigpending+0x7b/0xa0 [ 13.586945] ? __pfx_kthread+0x10/0x10 [ 13.586966] ret_from_fork+0x116/0x1d0 [ 13.586984] ? __pfx_kthread+0x10/0x10 [ 13.587005] ret_from_fork_asm+0x1a/0x30 [ 13.587038] </TASK> [ 13.587060] [ 13.599627] Allocated by task 189: [ 13.599786] kasan_save_stack+0x45/0x70 [ 13.600372] kasan_save_track+0x18/0x40 [ 13.601126] kasan_save_alloc_info+0x3b/0x50 [ 13.601632] __kasan_kmalloc+0xb7/0xc0 [ 13.602093] __kmalloc_cache_noprof+0x189/0x420 [ 13.602620] kmalloc_oob_memset_2+0xac/0x330 [ 13.603136] kunit_try_run_case+0x1a5/0x480 [ 13.603612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.604212] kthread+0x337/0x6f0 [ 13.604612] ret_from_fork+0x116/0x1d0 [ 13.605062] ret_from_fork_asm+0x1a/0x30 [ 13.605518] [ 13.605804] The buggy address belongs to the object at ffff888102c3fb00 [ 13.605804] which belongs to the cache kmalloc-128 of size 128 [ 13.606603] The buggy address is located 119 bytes inside of [ 13.606603] allocated 120-byte region [ffff888102c3fb00, ffff888102c3fb78) [ 13.607552] [ 13.607721] The buggy address belongs to the physical page: [ 13.608451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c3f [ 13.609436] flags: 0x200000000000000(node=0|zone=2) [ 13.609617] page_type: f5(slab) [ 13.609755] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.610603] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.611486] page dumped because: kasan: bad access detected [ 13.612007] [ 13.612279] Memory state around the buggy address: [ 13.612676] ffff888102c3fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.613064] ffff888102c3fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.613294] >ffff888102c3fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.613514] ^ [ 13.613750] ffff888102c3fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.614577] ffff888102c3fc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.615411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 13.047442] ================================================================== [ 13.049147] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 13.049914] Read of size 1 at addr ffff888103940000 by task kunit_try_catch/171 [ 13.050833] [ 13.051077] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.051215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.051231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.051251] Call Trace: [ 13.051263] <TASK> [ 13.051279] dump_stack_lvl+0x73/0xb0 [ 13.051308] print_report+0xd1/0x650 [ 13.051332] ? __virt_addr_valid+0x1db/0x2d0 [ 13.051353] ? page_alloc_uaf+0x356/0x3d0 [ 13.051374] ? kasan_addr_to_slab+0x11/0xa0 [ 13.051394] ? page_alloc_uaf+0x356/0x3d0 [ 13.051415] kasan_report+0x141/0x180 [ 13.051436] ? page_alloc_uaf+0x356/0x3d0 [ 13.051462] __asan_report_load1_noabort+0x18/0x20 [ 13.051485] page_alloc_uaf+0x356/0x3d0 [ 13.051506] ? __pfx_page_alloc_uaf+0x10/0x10 [ 13.051528] ? __schedule+0x10cc/0x2b60 [ 13.051549] ? __pfx_read_tsc+0x10/0x10 [ 13.051569] ? ktime_get_ts64+0x86/0x230 [ 13.051594] kunit_try_run_case+0x1a5/0x480 [ 13.051618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.051640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.051662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.051684] ? __kthread_parkme+0x82/0x180 [ 13.051703] ? preempt_count_sub+0x50/0x80 [ 13.051726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.051748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.051771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.051793] kthread+0x337/0x6f0 [ 13.051812] ? trace_preempt_on+0x20/0xc0 [ 13.051835] ? __pfx_kthread+0x10/0x10 [ 13.051855] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.051874] ? calculate_sigpending+0x7b/0xa0 [ 13.051897] ? __pfx_kthread+0x10/0x10 [ 13.051917] ret_from_fork+0x116/0x1d0 [ 13.051935] ? __pfx_kthread+0x10/0x10 [ 13.051954] ret_from_fork_asm+0x1a/0x30 [ 13.051985] </TASK> [ 13.051996] [ 13.066124] The buggy address belongs to the physical page: [ 13.066443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103940 [ 13.067277] flags: 0x200000000000000(node=0|zone=2) [ 13.067650] page_type: f0(buddy) [ 13.068037] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 13.068390] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 13.068897] page dumped because: kasan: bad access detected [ 13.069414] [ 13.069602] Memory state around the buggy address: [ 13.069956] ffff88810393ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.070611] ffff88810393ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.071083] >ffff888103940000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.071653] ^ [ 13.071983] ffff888103940080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.072558] ffff888103940100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.072976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 13.008275] ================================================================== [ 13.009698] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 13.010445] Free of addr ffff888102424001 by task kunit_try_catch/167 [ 13.011338] [ 13.011446] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.011492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.011505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.011526] Call Trace: [ 13.011539] <TASK> [ 13.011554] dump_stack_lvl+0x73/0xb0 [ 13.011584] print_report+0xd1/0x650 [ 13.011606] ? __virt_addr_valid+0x1db/0x2d0 [ 13.011628] ? kasan_addr_to_slab+0x11/0xa0 [ 13.011648] ? kfree+0x274/0x3f0 [ 13.011670] kasan_report_invalid_free+0x10a/0x130 [ 13.011694] ? kfree+0x274/0x3f0 [ 13.011717] ? kfree+0x274/0x3f0 [ 13.011737] __kasan_kfree_large+0x86/0xd0 [ 13.011758] free_large_kmalloc+0x4b/0x110 [ 13.011781] kfree+0x274/0x3f0 [ 13.011806] kmalloc_large_invalid_free+0x120/0x2b0 [ 13.011828] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 13.011851] ? __schedule+0x10cc/0x2b60 [ 13.011872] ? __pfx_read_tsc+0x10/0x10 [ 13.011892] ? ktime_get_ts64+0x86/0x230 [ 13.011916] kunit_try_run_case+0x1a5/0x480 [ 13.011940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.011962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.011984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.012007] ? __kthread_parkme+0x82/0x180 [ 13.012026] ? preempt_count_sub+0x50/0x80 [ 13.012069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.012093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.012115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.012137] kthread+0x337/0x6f0 [ 13.012156] ? trace_preempt_on+0x20/0xc0 [ 13.012179] ? __pfx_kthread+0x10/0x10 [ 13.012200] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.012220] ? calculate_sigpending+0x7b/0xa0 [ 13.012243] ? __pfx_kthread+0x10/0x10 [ 13.012265] ret_from_fork+0x116/0x1d0 [ 13.012283] ? __pfx_kthread+0x10/0x10 [ 13.012304] ret_from_fork_asm+0x1a/0x30 [ 13.012335] </TASK> [ 13.012347] [ 13.029116] The buggy address belongs to the physical page: [ 13.029329] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102424 [ 13.029607] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.029899] flags: 0x200000000000040(head|node=0|zone=2) [ 13.030676] page_type: f8(unknown) [ 13.031086] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.031968] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.032799] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.033628] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.034454] head: 0200000000000002 ffffea0004090901 00000000ffffffff 00000000ffffffff [ 13.035331] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.035834] page dumped because: kasan: bad access detected [ 13.036466] [ 13.036747] Memory state around the buggy address: [ 13.037189] ffff888102423f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.037874] ffff888102423f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.038582] >ffff888102424000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.039383] ^ [ 13.039826] ffff888102424080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.040598] ffff888102424100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.041408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.988275] ================================================================== [ 12.989133] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.990391] Read of size 1 at addr ffff888102424000 by task kunit_try_catch/165 [ 12.991571] [ 12.991943] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.991993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.992006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.992027] Call Trace: [ 12.992039] <TASK> [ 12.992069] dump_stack_lvl+0x73/0xb0 [ 12.992102] print_report+0xd1/0x650 [ 12.992124] ? __virt_addr_valid+0x1db/0x2d0 [ 12.992147] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.992167] ? kasan_addr_to_slab+0x11/0xa0 [ 12.992187] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.992207] kasan_report+0x141/0x180 [ 12.992229] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.992255] __asan_report_load1_noabort+0x18/0x20 [ 12.992278] kmalloc_large_uaf+0x2f1/0x340 [ 12.992298] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.992320] ? __schedule+0x10cc/0x2b60 [ 12.992342] ? __pfx_read_tsc+0x10/0x10 [ 12.992362] ? ktime_get_ts64+0x86/0x230 [ 12.992387] kunit_try_run_case+0x1a5/0x480 [ 12.992411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.992455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.992477] ? __kthread_parkme+0x82/0x180 [ 12.992496] ? preempt_count_sub+0x50/0x80 [ 12.992520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.992586] kthread+0x337/0x6f0 [ 12.992605] ? trace_preempt_on+0x20/0xc0 [ 12.992628] ? __pfx_kthread+0x10/0x10 [ 12.992648] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992668] ? calculate_sigpending+0x7b/0xa0 [ 12.992691] ? __pfx_kthread+0x10/0x10 [ 12.992712] ret_from_fork+0x116/0x1d0 [ 12.992730] ? __pfx_kthread+0x10/0x10 [ 12.992750] ret_from_fork_asm+0x1a/0x30 [ 12.992781] </TASK> [ 12.992793] [ 13.000311] The buggy address belongs to the physical page: [ 13.000596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102424 [ 13.001035] flags: 0x200000000000000(node=0|zone=2) [ 13.001231] raw: 0200000000000000 ffff88815b039f80 ffff88815b039f80 0000000000000000 [ 13.001462] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.001856] page dumped because: kasan: bad access detected [ 13.002175] [ 13.002277] Memory state around the buggy address: [ 13.002514] ffff888102423f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.002975] ffff888102423f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.003323] >ffff888102424000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.003663] ^ [ 13.003936] ffff888102424080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.004280] ffff888102424100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.004586] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.952398] ================================================================== [ 12.953416] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.953686] Write of size 1 at addr ffff8881029ea00a by task kunit_try_catch/163 [ 12.955396] [ 12.955799] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.955847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.955858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.955879] Call Trace: [ 12.955892] <TASK> [ 12.955906] dump_stack_lvl+0x73/0xb0 [ 12.955934] print_report+0xd1/0x650 [ 12.955956] ? __virt_addr_valid+0x1db/0x2d0 [ 12.955978] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.955998] ? kasan_addr_to_slab+0x11/0xa0 [ 12.956018] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.956039] kasan_report+0x141/0x180 [ 12.956073] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.956100] __asan_report_store1_noabort+0x1b/0x30 [ 12.956123] kmalloc_large_oob_right+0x2e9/0x330 [ 12.956144] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.956166] ? __schedule+0x10cc/0x2b60 [ 12.956187] ? __pfx_read_tsc+0x10/0x10 [ 12.956208] ? ktime_get_ts64+0x86/0x230 [ 12.956233] kunit_try_run_case+0x1a5/0x480 [ 12.956256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.956299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.956321] ? __kthread_parkme+0x82/0x180 [ 12.956340] ? preempt_count_sub+0x50/0x80 [ 12.956363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.956407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.956428] kthread+0x337/0x6f0 [ 12.956447] ? trace_preempt_on+0x20/0xc0 [ 12.956470] ? __pfx_kthread+0x10/0x10 [ 12.956490] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.956510] ? calculate_sigpending+0x7b/0xa0 [ 12.956533] ? __pfx_kthread+0x10/0x10 [ 12.956553] ret_from_fork+0x116/0x1d0 [ 12.956571] ? __pfx_kthread+0x10/0x10 [ 12.956591] ret_from_fork_asm+0x1a/0x30 [ 12.956621] </TASK> [ 12.956632] [ 12.976060] The buggy address belongs to the physical page: [ 12.976333] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e8 [ 12.976680] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.977034] flags: 0x200000000000040(head|node=0|zone=2) [ 12.977423] page_type: f8(unknown) [ 12.977573] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.978047] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.978448] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.978980] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.979349] head: 0200000000000002 ffffea00040a7a01 00000000ffffffff 00000000ffffffff [ 12.979691] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.980159] page dumped because: kasan: bad access detected [ 12.980380] [ 12.980484] Memory state around the buggy address: [ 12.980807] ffff8881029e9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.981128] ffff8881029e9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.981470] >ffff8881029ea000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.981892] ^ [ 12.982111] ffff8881029ea080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.982446] ffff8881029ea100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.982883] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.922327] ================================================================== [ 12.922810] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.923084] Write of size 1 at addr ffff8881027edf00 by task kunit_try_catch/161 [ 12.923652] [ 12.923881] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.923930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.923942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.923992] Call Trace: [ 12.924006] <TASK> [ 12.924026] dump_stack_lvl+0x73/0xb0 [ 12.924072] print_report+0xd1/0x650 [ 12.924095] ? __virt_addr_valid+0x1db/0x2d0 [ 12.924119] ? kmalloc_big_oob_right+0x316/0x370 [ 12.924179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.924206] ? kmalloc_big_oob_right+0x316/0x370 [ 12.924241] kasan_report+0x141/0x180 [ 12.924294] ? kmalloc_big_oob_right+0x316/0x370 [ 12.924345] __asan_report_store1_noabort+0x1b/0x30 [ 12.924369] kmalloc_big_oob_right+0x316/0x370 [ 12.924392] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.924415] ? __schedule+0x10cc/0x2b60 [ 12.924438] ? __pfx_read_tsc+0x10/0x10 [ 12.924459] ? ktime_get_ts64+0x86/0x230 [ 12.924485] kunit_try_run_case+0x1a5/0x480 [ 12.924510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.924532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.924556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.924578] ? __kthread_parkme+0x82/0x180 [ 12.924599] ? preempt_count_sub+0x50/0x80 [ 12.924623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.924647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.924669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.924691] kthread+0x337/0x6f0 [ 12.924717] ? trace_preempt_on+0x20/0xc0 [ 12.924740] ? __pfx_kthread+0x10/0x10 [ 12.924761] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.924782] ? calculate_sigpending+0x7b/0xa0 [ 12.924806] ? __pfx_kthread+0x10/0x10 [ 12.924828] ret_from_fork+0x116/0x1d0 [ 12.924846] ? __pfx_kthread+0x10/0x10 [ 12.924867] ret_from_fork_asm+0x1a/0x30 [ 12.924899] </TASK> [ 12.924911] [ 12.937430] Allocated by task 161: [ 12.937636] kasan_save_stack+0x45/0x70 [ 12.937881] kasan_save_track+0x18/0x40 [ 12.938033] kasan_save_alloc_info+0x3b/0x50 [ 12.938203] __kasan_kmalloc+0xb7/0xc0 [ 12.938391] __kmalloc_cache_noprof+0x189/0x420 [ 12.938683] kmalloc_big_oob_right+0xa9/0x370 [ 12.939197] kunit_try_run_case+0x1a5/0x480 [ 12.939415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939666] kthread+0x337/0x6f0 [ 12.939819] ret_from_fork+0x116/0x1d0 [ 12.940104] ret_from_fork_asm+0x1a/0x30 [ 12.940377] [ 12.940550] The buggy address belongs to the object at ffff8881027ec000 [ 12.940550] which belongs to the cache kmalloc-8k of size 8192 [ 12.941141] The buggy address is located 0 bytes to the right of [ 12.941141] allocated 7936-byte region [ffff8881027ec000, ffff8881027edf00) [ 12.941610] [ 12.941689] The buggy address belongs to the physical page: [ 12.941993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e8 [ 12.942375] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.942740] flags: 0x200000000000040(head|node=0|zone=2) [ 12.943084] page_type: f5(slab) [ 12.943213] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.943733] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.944317] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.944621] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.945116] head: 0200000000000003 ffffea000409fa01 00000000ffffffff 00000000ffffffff [ 12.945544] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.945985] page dumped because: kasan: bad access detected [ 12.946181] [ 12.946255] Memory state around the buggy address: [ 12.946576] ffff8881027ede00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.947129] ffff8881027ede80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.947386] >ffff8881027edf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.947684] ^ [ 12.947834] ffff8881027edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.948402] ffff8881027ee000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.948755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.863916] ================================================================== [ 12.864427] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.864870] Write of size 1 at addr ffff8881031acd78 by task kunit_try_catch/159 [ 12.865164] [ 12.865268] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.865312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.865324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.865345] Call Trace: [ 12.865357] <TASK> [ 12.865372] dump_stack_lvl+0x73/0xb0 [ 12.865400] print_report+0xd1/0x650 [ 12.865422] ? __virt_addr_valid+0x1db/0x2d0 [ 12.865444] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.865468] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.865493] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.865517] kasan_report+0x141/0x180 [ 12.865544] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.865614] __asan_report_store1_noabort+0x1b/0x30 [ 12.865639] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.865704] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.865757] ? __schedule+0x10cc/0x2b60 [ 12.865779] ? __pfx_read_tsc+0x10/0x10 [ 12.865799] ? ktime_get_ts64+0x86/0x230 [ 12.865825] kunit_try_run_case+0x1a5/0x480 [ 12.865850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.865871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.865894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.865917] ? __kthread_parkme+0x82/0x180 [ 12.865938] ? preempt_count_sub+0x50/0x80 [ 12.865961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.866016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.866040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.866079] kthread+0x337/0x6f0 [ 12.866099] ? trace_preempt_on+0x20/0xc0 [ 12.866123] ? __pfx_kthread+0x10/0x10 [ 12.866198] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.866219] ? calculate_sigpending+0x7b/0xa0 [ 12.866242] ? __pfx_kthread+0x10/0x10 [ 12.866263] ret_from_fork+0x116/0x1d0 [ 12.866281] ? __pfx_kthread+0x10/0x10 [ 12.866301] ret_from_fork_asm+0x1a/0x30 [ 12.866334] </TASK> [ 12.866345] [ 12.875308] Allocated by task 159: [ 12.875448] kasan_save_stack+0x45/0x70 [ 12.875717] kasan_save_track+0x18/0x40 [ 12.876106] kasan_save_alloc_info+0x3b/0x50 [ 12.876495] __kasan_kmalloc+0xb7/0xc0 [ 12.876783] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.877161] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.877385] kunit_try_run_case+0x1a5/0x480 [ 12.877627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.877853] kthread+0x337/0x6f0 [ 12.878078] ret_from_fork+0x116/0x1d0 [ 12.878967] ret_from_fork_asm+0x1a/0x30 [ 12.879132] [ 12.879211] The buggy address belongs to the object at ffff8881031acd00 [ 12.879211] which belongs to the cache kmalloc-128 of size 128 [ 12.879595] The buggy address is located 0 bytes to the right of [ 12.879595] allocated 120-byte region [ffff8881031acd00, ffff8881031acd78) [ 12.880897] [ 12.881001] The buggy address belongs to the physical page: [ 12.881332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.881633] flags: 0x200000000000000(node=0|zone=2) [ 12.881889] page_type: f5(slab) [ 12.882090] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.882648] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.883127] page dumped because: kasan: bad access detected [ 12.883621] [ 12.883712] Memory state around the buggy address: [ 12.883880] ffff8881031acc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.884202] ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.884679] >ffff8881031acd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.885341] ^ [ 12.885717] ffff8881031acd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.886013] ffff8881031ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.886337] ================================================================== [ 12.887292] ================================================================== [ 12.887695] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.888177] Write of size 1 at addr ffff8881031ace78 by task kunit_try_catch/159 [ 12.888420] [ 12.888509] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.888550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.888562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.888619] Call Trace: [ 12.888631] <TASK> [ 12.888645] dump_stack_lvl+0x73/0xb0 [ 12.888683] print_report+0xd1/0x650 [ 12.888706] ? __virt_addr_valid+0x1db/0x2d0 [ 12.888727] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.888751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.888777] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.888801] kasan_report+0x141/0x180 [ 12.888823] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.888852] __asan_report_store1_noabort+0x1b/0x30 [ 12.888907] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.888931] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.888957] ? __schedule+0x10cc/0x2b60 [ 12.888990] ? __pfx_read_tsc+0x10/0x10 [ 12.889010] ? ktime_get_ts64+0x86/0x230 [ 12.889034] kunit_try_run_case+0x1a5/0x480 [ 12.889068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.889089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.889111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.889133] ? __kthread_parkme+0x82/0x180 [ 12.889153] ? preempt_count_sub+0x50/0x80 [ 12.889176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.889199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.889221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.889243] kthread+0x337/0x6f0 [ 12.889262] ? trace_preempt_on+0x20/0xc0 [ 12.889284] ? __pfx_kthread+0x10/0x10 [ 12.889304] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.889340] ? calculate_sigpending+0x7b/0xa0 [ 12.889363] ? __pfx_kthread+0x10/0x10 [ 12.889384] ret_from_fork+0x116/0x1d0 [ 12.889401] ? __pfx_kthread+0x10/0x10 [ 12.889422] ret_from_fork_asm+0x1a/0x30 [ 12.889453] </TASK> [ 12.889463] [ 12.903689] Allocated by task 159: [ 12.903835] kasan_save_stack+0x45/0x70 [ 12.903989] kasan_save_track+0x18/0x40 [ 12.904142] kasan_save_alloc_info+0x3b/0x50 [ 12.904355] __kasan_kmalloc+0xb7/0xc0 [ 12.904491] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.904862] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.905822] kunit_try_run_case+0x1a5/0x480 [ 12.906108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.907871] kthread+0x337/0x6f0 [ 12.908028] ret_from_fork+0x116/0x1d0 [ 12.908182] ret_from_fork_asm+0x1a/0x30 [ 12.908328] [ 12.908405] The buggy address belongs to the object at ffff8881031ace00 [ 12.908405] which belongs to the cache kmalloc-128 of size 128 [ 12.908781] The buggy address is located 0 bytes to the right of [ 12.908781] allocated 120-byte region [ffff8881031ace00, ffff8881031ace78) [ 12.909172] [ 12.909248] The buggy address belongs to the physical page: [ 12.909428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.909681] flags: 0x200000000000000(node=0|zone=2) [ 12.909851] page_type: f5(slab) [ 12.909978] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.912288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.912633] page dumped because: kasan: bad access detected [ 12.913348] [ 12.913789] Memory state around the buggy address: [ 12.914160] ffff8881031acd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.914614] ffff8881031acd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.915186] >ffff8881031ace00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.915690] ^ [ 12.916037] ffff8881031ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.916650] ffff8881031acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.830897] ================================================================== [ 12.831669] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.832438] Read of size 1 at addr ffff8881029ad000 by task kunit_try_catch/157 [ 12.832953] [ 12.833422] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.833562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.833578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.833599] Call Trace: [ 12.833612] <TASK> [ 12.833627] dump_stack_lvl+0x73/0xb0 [ 12.833656] print_report+0xd1/0x650 [ 12.833678] ? __virt_addr_valid+0x1db/0x2d0 [ 12.833700] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.833732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.833758] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.833783] kasan_report+0x141/0x180 [ 12.833805] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.833834] __asan_report_load1_noabort+0x18/0x20 [ 12.833858] kmalloc_node_oob_right+0x369/0x3c0 [ 12.833882] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.833906] ? __schedule+0x10cc/0x2b60 [ 12.833928] ? __pfx_read_tsc+0x10/0x10 [ 12.833950] ? ktime_get_ts64+0x86/0x230 [ 12.833975] kunit_try_run_case+0x1a5/0x480 [ 12.833999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.834020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.834043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.834078] ? __kthread_parkme+0x82/0x180 [ 12.834098] ? preempt_count_sub+0x50/0x80 [ 12.834122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.834145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.834168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.834190] kthread+0x337/0x6f0 [ 12.834210] ? trace_preempt_on+0x20/0xc0 [ 12.834232] ? __pfx_kthread+0x10/0x10 [ 12.834253] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.834274] ? calculate_sigpending+0x7b/0xa0 [ 12.834298] ? __pfx_kthread+0x10/0x10 [ 12.834320] ret_from_fork+0x116/0x1d0 [ 12.834338] ? __pfx_kthread+0x10/0x10 [ 12.834359] ret_from_fork_asm+0x1a/0x30 [ 12.834390] </TASK> [ 12.834401] [ 12.845544] Allocated by task 157: [ 12.845731] kasan_save_stack+0x45/0x70 [ 12.846244] kasan_save_track+0x18/0x40 [ 12.846442] kasan_save_alloc_info+0x3b/0x50 [ 12.846647] __kasan_kmalloc+0xb7/0xc0 [ 12.846890] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.847415] kmalloc_node_oob_right+0xab/0x3c0 [ 12.847847] kunit_try_run_case+0x1a5/0x480 [ 12.848188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.848443] kthread+0x337/0x6f0 [ 12.848608] ret_from_fork+0x116/0x1d0 [ 12.849019] ret_from_fork_asm+0x1a/0x30 [ 12.849339] [ 12.849420] The buggy address belongs to the object at ffff8881029ac000 [ 12.849420] which belongs to the cache kmalloc-4k of size 4096 [ 12.850327] The buggy address is located 0 bytes to the right of [ 12.850327] allocated 4096-byte region [ffff8881029ac000, ffff8881029ad000) [ 12.851150] [ 12.851419] The buggy address belongs to the physical page: [ 12.852128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a8 [ 12.853144] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.853464] flags: 0x200000000000040(head|node=0|zone=2) [ 12.854133] page_type: f5(slab) [ 12.854302] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.854659] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.855333] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.855875] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.856420] head: 0200000000000003 ffffea00040a6a01 00000000ffffffff 00000000ffffffff [ 12.856832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.857365] page dumped because: kasan: bad access detected [ 12.857778] [ 12.858018] Memory state around the buggy address: [ 12.858634] ffff8881029acf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.858972] ffff8881029acf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.859316] >ffff8881029ad000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.859705] ^ [ 12.859881] ffff8881029ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.860325] ffff8881029ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.860657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.804103] ================================================================== [ 12.804549] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.804949] Read of size 1 at addr ffff88810287305f by task kunit_try_catch/155 [ 12.805272] [ 12.805429] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.805488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.805661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.805685] Call Trace: [ 12.805697] <TASK> [ 12.805713] dump_stack_lvl+0x73/0xb0 [ 12.805741] print_report+0xd1/0x650 [ 12.805762] ? __virt_addr_valid+0x1db/0x2d0 [ 12.805785] ? kmalloc_oob_left+0x361/0x3c0 [ 12.805805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.805830] ? kmalloc_oob_left+0x361/0x3c0 [ 12.805850] kasan_report+0x141/0x180 [ 12.805872] ? kmalloc_oob_left+0x361/0x3c0 [ 12.805897] __asan_report_load1_noabort+0x18/0x20 [ 12.805921] kmalloc_oob_left+0x361/0x3c0 [ 12.805941] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.805963] ? __schedule+0x10cc/0x2b60 [ 12.805984] ? __pfx_read_tsc+0x10/0x10 [ 12.806004] ? ktime_get_ts64+0x86/0x230 [ 12.806029] kunit_try_run_case+0x1a5/0x480 [ 12.806062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.806083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.806105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.806127] ? __kthread_parkme+0x82/0x180 [ 12.806147] ? preempt_count_sub+0x50/0x80 [ 12.806170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.806192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.806214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.806236] kthread+0x337/0x6f0 [ 12.806255] ? trace_preempt_on+0x20/0xc0 [ 12.806277] ? __pfx_kthread+0x10/0x10 [ 12.806297] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.806317] ? calculate_sigpending+0x7b/0xa0 [ 12.806340] ? __pfx_kthread+0x10/0x10 [ 12.806360] ret_from_fork+0x116/0x1d0 [ 12.806378] ? __pfx_kthread+0x10/0x10 [ 12.806398] ret_from_fork_asm+0x1a/0x30 [ 12.806429] </TASK> [ 12.806441] [ 12.815242] Allocated by task 1: [ 12.815388] kasan_save_stack+0x45/0x70 [ 12.815616] kasan_save_track+0x18/0x40 [ 12.815923] kasan_save_alloc_info+0x3b/0x50 [ 12.816202] __kasan_kmalloc+0xb7/0xc0 [ 12.816422] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.816699] kstrdup+0x3e/0xa0 [ 12.816859] kstrdup_const+0x2c/0x40 [ 12.816998] __kernfs_new_node+0xa7/0x6d0 [ 12.817200] kernfs_new_node+0x140/0x1e0 [ 12.817497] kernfs_create_dir_ns+0x30/0x140 [ 12.817878] sysfs_create_dir_ns+0x130/0x290 [ 12.818044] kobject_add_internal+0x222/0x9b0 [ 12.818214] kobject_init_and_add+0xf1/0x160 [ 12.818592] sysfs_slab_add+0x19a/0x1f0 [ 12.819031] slab_sysfs_init+0x76/0x110 [ 12.819224] do_one_initcall+0xd8/0x370 [ 12.819589] kernel_init_freeable+0x420/0x6f0 [ 12.819914] kernel_init+0x23/0x1e0 [ 12.820131] ret_from_fork+0x116/0x1d0 [ 12.820459] ret_from_fork_asm+0x1a/0x30 [ 12.820615] [ 12.820695] The buggy address belongs to the object at ffff888102873040 [ 12.820695] which belongs to the cache kmalloc-16 of size 16 [ 12.821219] The buggy address is located 19 bytes to the right of [ 12.821219] allocated 12-byte region [ffff888102873040, ffff88810287304c) [ 12.821899] [ 12.822009] The buggy address belongs to the physical page: [ 12.822270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102873 [ 12.822536] flags: 0x200000000000000(node=0|zone=2) [ 12.823001] page_type: f5(slab) [ 12.823245] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.823818] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.824079] page dumped because: kasan: bad access detected [ 12.824265] [ 12.824341] Memory state around the buggy address: [ 12.824511] ffff888102872f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 12.825149] ffff888102872f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.825574] >ffff888102873000: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 07 fc fc [ 12.825919] ^ [ 12.826230] ffff888102873080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.826549] ffff888102873100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.826984] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.762005] ================================================================== [ 12.762375] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.762759] Write of size 1 at addr ffff8881031acc78 by task kunit_try_catch/153 [ 12.763157] [ 12.763299] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.763344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.763356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.763376] Call Trace: [ 12.763425] <TASK> [ 12.763441] dump_stack_lvl+0x73/0xb0 [ 12.763468] print_report+0xd1/0x650 [ 12.763502] ? __virt_addr_valid+0x1db/0x2d0 [ 12.763524] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.763573] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763595] kasan_report+0x141/0x180 [ 12.763617] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.763644] __asan_report_store1_noabort+0x1b/0x30 [ 12.763669] kmalloc_oob_right+0x6bd/0x7f0 [ 12.763691] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.763713] ? __schedule+0x10cc/0x2b60 [ 12.763757] ? __pfx_read_tsc+0x10/0x10 [ 12.763778] ? ktime_get_ts64+0x86/0x230 [ 12.763802] kunit_try_run_case+0x1a5/0x480 [ 12.763851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.763873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.763896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.763930] ? __kthread_parkme+0x82/0x180 [ 12.763950] ? preempt_count_sub+0x50/0x80 [ 12.763973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.763997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.764019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.764042] kthread+0x337/0x6f0 [ 12.764070] ? trace_preempt_on+0x20/0xc0 [ 12.764093] ? __pfx_kthread+0x10/0x10 [ 12.764114] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.764134] ? calculate_sigpending+0x7b/0xa0 [ 12.764157] ? __pfx_kthread+0x10/0x10 [ 12.764179] ret_from_fork+0x116/0x1d0 [ 12.764197] ? __pfx_kthread+0x10/0x10 [ 12.764218] ret_from_fork_asm+0x1a/0x30 [ 12.764250] </TASK> [ 12.764261] [ 12.771857] Allocated by task 153: [ 12.772019] kasan_save_stack+0x45/0x70 [ 12.772185] kasan_save_track+0x18/0x40 [ 12.772331] kasan_save_alloc_info+0x3b/0x50 [ 12.772609] __kasan_kmalloc+0xb7/0xc0 [ 12.772816] __kmalloc_cache_noprof+0x189/0x420 [ 12.773250] kmalloc_oob_right+0xa9/0x7f0 [ 12.773602] kunit_try_run_case+0x1a5/0x480 [ 12.773851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.774142] kthread+0x337/0x6f0 [ 12.774321] ret_from_fork+0x116/0x1d0 [ 12.774551] ret_from_fork_asm+0x1a/0x30 [ 12.774799] [ 12.774914] The buggy address belongs to the object at ffff8881031acc00 [ 12.774914] which belongs to the cache kmalloc-128 of size 128 [ 12.775407] The buggy address is located 5 bytes to the right of [ 12.775407] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.776090] [ 12.776169] The buggy address belongs to the physical page: [ 12.776708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.777232] flags: 0x200000000000000(node=0|zone=2) [ 12.777544] page_type: f5(slab) [ 12.777756] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.778150] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.778483] page dumped because: kasan: bad access detected [ 12.778843] [ 12.778922] Memory state around the buggy address: [ 12.779099] ffff8881031acb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.779334] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.779715] >ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.780102] ^ [ 12.780440] ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.780847] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.781213] ================================================================== [ 12.781676] ================================================================== [ 12.782131] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.782522] Read of size 1 at addr ffff8881031acc80 by task kunit_try_catch/153 [ 12.782894] [ 12.783084] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.783127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.783138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.783158] Call Trace: [ 12.783173] <TASK> [ 12.783187] dump_stack_lvl+0x73/0xb0 [ 12.783213] print_report+0xd1/0x650 [ 12.783235] ? __virt_addr_valid+0x1db/0x2d0 [ 12.783257] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.783302] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783324] kasan_report+0x141/0x180 [ 12.783346] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.783372] __asan_report_load1_noabort+0x18/0x20 [ 12.783432] kmalloc_oob_right+0x68a/0x7f0 [ 12.783454] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.783488] ? __schedule+0x10cc/0x2b60 [ 12.783510] ? __pfx_read_tsc+0x10/0x10 [ 12.783530] ? ktime_get_ts64+0x86/0x230 [ 12.783555] kunit_try_run_case+0x1a5/0x480 [ 12.783579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.783600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.783651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.783674] ? __kthread_parkme+0x82/0x180 [ 12.783694] ? preempt_count_sub+0x50/0x80 [ 12.783728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.783751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.783773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.783796] kthread+0x337/0x6f0 [ 12.783815] ? trace_preempt_on+0x20/0xc0 [ 12.783838] ? __pfx_kthread+0x10/0x10 [ 12.783860] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.783881] ? calculate_sigpending+0x7b/0xa0 [ 12.783904] ? __pfx_kthread+0x10/0x10 [ 12.783926] ret_from_fork+0x116/0x1d0 [ 12.783944] ? __pfx_kthread+0x10/0x10 [ 12.783964] ret_from_fork_asm+0x1a/0x30 [ 12.784024] </TASK> [ 12.784034] [ 12.791243] Allocated by task 153: [ 12.791476] kasan_save_stack+0x45/0x70 [ 12.791685] kasan_save_track+0x18/0x40 [ 12.791885] kasan_save_alloc_info+0x3b/0x50 [ 12.792295] __kasan_kmalloc+0xb7/0xc0 [ 12.792647] __kmalloc_cache_noprof+0x189/0x420 [ 12.792995] kmalloc_oob_right+0xa9/0x7f0 [ 12.793154] kunit_try_run_case+0x1a5/0x480 [ 12.793306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793486] kthread+0x337/0x6f0 [ 12.793616] ret_from_fork+0x116/0x1d0 [ 12.793908] ret_from_fork_asm+0x1a/0x30 [ 12.794169] [ 12.794269] The buggy address belongs to the object at ffff8881031acc00 [ 12.794269] which belongs to the cache kmalloc-128 of size 128 [ 12.794786] The buggy address is located 13 bytes to the right of [ 12.794786] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.795537] [ 12.795614] The buggy address belongs to the physical page: [ 12.795958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.796315] flags: 0x200000000000000(node=0|zone=2) [ 12.796488] page_type: f5(slab) [ 12.796612] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.797285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.797690] page dumped because: kasan: bad access detected [ 12.797956] [ 12.798031] Memory state around the buggy address: [ 12.798357] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.798751] ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.799083] >ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.799455] ^ [ 12.799577] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.799838] ffff8881031acd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800284] ================================================================== [ 12.731885] ================================================================== [ 12.732534] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.733398] Write of size 1 at addr ffff8881031acc73 by task kunit_try_catch/153 [ 12.733879] [ 12.735040] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.735441] Tainted: [N]=TEST [ 12.735473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.735694] Call Trace: [ 12.735763] <TASK> [ 12.735911] dump_stack_lvl+0x73/0xb0 [ 12.735999] print_report+0xd1/0x650 [ 12.736028] ? __virt_addr_valid+0x1db/0x2d0 [ 12.736067] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.736115] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736137] kasan_report+0x141/0x180 [ 12.736159] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.736187] __asan_report_store1_noabort+0x1b/0x30 [ 12.736211] kmalloc_oob_right+0x6f0/0x7f0 [ 12.736234] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.736256] ? __schedule+0x10cc/0x2b60 [ 12.736280] ? __pfx_read_tsc+0x10/0x10 [ 12.736301] ? ktime_get_ts64+0x86/0x230 [ 12.736328] kunit_try_run_case+0x1a5/0x480 [ 12.736356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.736402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.736425] ? __kthread_parkme+0x82/0x180 [ 12.736446] ? preempt_count_sub+0x50/0x80 [ 12.736471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.736495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.736517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.736540] kthread+0x337/0x6f0 [ 12.736560] ? trace_preempt_on+0x20/0xc0 [ 12.736584] ? __pfx_kthread+0x10/0x10 [ 12.736605] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.736626] ? calculate_sigpending+0x7b/0xa0 [ 12.736651] ? __pfx_kthread+0x10/0x10 [ 12.736673] ret_from_fork+0x116/0x1d0 [ 12.736691] ? __pfx_kthread+0x10/0x10 [ 12.736712] ret_from_fork_asm+0x1a/0x30 [ 12.736768] </TASK> [ 12.736832] [ 12.749407] Allocated by task 153: [ 12.749781] kasan_save_stack+0x45/0x70 [ 12.750020] kasan_save_track+0x18/0x40 [ 12.750188] kasan_save_alloc_info+0x3b/0x50 [ 12.750437] __kasan_kmalloc+0xb7/0xc0 [ 12.750579] __kmalloc_cache_noprof+0x189/0x420 [ 12.750805] kmalloc_oob_right+0xa9/0x7f0 [ 12.750984] kunit_try_run_case+0x1a5/0x480 [ 12.751143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.751349] kthread+0x337/0x6f0 [ 12.751627] ret_from_fork+0x116/0x1d0 [ 12.751841] ret_from_fork_asm+0x1a/0x30 [ 12.752044] [ 12.752220] The buggy address belongs to the object at ffff8881031acc00 [ 12.752220] which belongs to the cache kmalloc-128 of size 128 [ 12.752982] The buggy address is located 0 bytes to the right of [ 12.752982] allocated 115-byte region [ffff8881031acc00, ffff8881031acc73) [ 12.753628] [ 12.753782] The buggy address belongs to the physical page: [ 12.754512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031ac [ 12.755097] flags: 0x200000000000000(node=0|zone=2) [ 12.755753] page_type: f5(slab) [ 12.756616] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.756942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.757415] page dumped because: kasan: bad access detected [ 12.757649] [ 12.757797] Memory state around the buggy address: [ 12.758310] ffff8881031acb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.758660] ffff8881031acb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.759126] >ffff8881031acc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.759497] ^ [ 12.759909] ffff8881031acc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.760268] ffff8881031acd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.760624] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 151.503596] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 151.504582] Modules linked in: [ 151.505417] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 151.507059] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.507506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.508022] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 151.508765] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.510666] RSP: 0000:ffff888103897c78 EFLAGS: 00010286 [ 151.511470] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 151.512112] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbb032f34 [ 151.512876] RBP: ffff888103897ca0 R08: 0000000000000000 R09: ffffed1020ba5300 [ 151.513766] R10: ffff888105d29807 R11: 0000000000000000 R12: ffffffffbb032f20 [ 151.514353] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103897d38 [ 151.514580] FS: 0000000000000000(0000) GS:ffff88819e074000(0000) knlGS:0000000000000000 [ 151.514922] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.515371] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 151.515590] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050442 [ 151.515924] DR3: ffffffffbd050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.516684] Call Trace: [ 151.516875] <TASK> [ 151.516982] drm_test_rect_calc_vscale+0x108/0x270 [ 151.517181] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 151.517367] ? __schedule+0x10cc/0x2b60 [ 151.517523] ? __pfx_read_tsc+0x10/0x10 [ 151.517667] ? ktime_get_ts64+0x86/0x230 [ 151.518111] kunit_try_run_case+0x1a5/0x480 [ 151.518554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.519120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.519548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.520059] ? __kthread_parkme+0x82/0x180 [ 151.520815] ? preempt_count_sub+0x50/0x80 [ 151.521334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.521834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.522413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.522823] kthread+0x337/0x6f0 [ 151.523193] ? trace_preempt_on+0x20/0xc0 [ 151.523575] ? __pfx_kthread+0x10/0x10 [ 151.523817] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.524383] ? calculate_sigpending+0x7b/0xa0 [ 151.524820] ? __pfx_kthread+0x10/0x10 [ 151.524990] ret_from_fork+0x116/0x1d0 [ 151.525149] ? __pfx_kthread+0x10/0x10 [ 151.525295] ret_from_fork_asm+0x1a/0x30 [ 151.525454] </TASK> [ 151.525558] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 151.478917] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 151.479826] Modules linked in: [ 151.480329] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 151.481226] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.481418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.481703] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 151.481888] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.482504] RSP: 0000:ffff88810b72fc78 EFLAGS: 00010286 [ 151.482746] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 151.483535] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbb032efc [ 151.484055] RBP: ffff88810b72fca0 R08: 0000000000000000 R09: ffffed1020ba52c0 [ 151.484507] R10: ffff888105d29607 R11: 0000000000000000 R12: ffffffffbb032ee8 [ 151.485111] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b72fd38 [ 151.485631] FS: 0000000000000000(0000) GS:ffff88819e074000(0000) knlGS:0000000000000000 [ 151.486438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.486934] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 151.487263] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050442 [ 151.487958] DR3: ffffffffbd050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.488286] Call Trace: [ 151.488545] <TASK> [ 151.489071] drm_test_rect_calc_vscale+0x108/0x270 [ 151.489428] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 151.489995] ? __schedule+0x10cc/0x2b60 [ 151.490237] ? __pfx_read_tsc+0x10/0x10 [ 151.490538] ? ktime_get_ts64+0x86/0x230 [ 151.491020] kunit_try_run_case+0x1a5/0x480 [ 151.491307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.491516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.492120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.492517] ? __kthread_parkme+0x82/0x180 [ 151.493249] ? preempt_count_sub+0x50/0x80 [ 151.493489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.493993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.494412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.494971] kthread+0x337/0x6f0 [ 151.495172] ? trace_preempt_on+0x20/0xc0 [ 151.495403] ? __pfx_kthread+0x10/0x10 [ 151.495591] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.496323] ? calculate_sigpending+0x7b/0xa0 [ 151.496592] ? __pfx_kthread+0x10/0x10 [ 151.497189] ret_from_fork+0x116/0x1d0 [ 151.497509] ? __pfx_kthread+0x10/0x10 [ 151.497972] ret_from_fork_asm+0x1a/0x30 [ 151.498356] </TASK> [ 151.498489] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 151.434614] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 151.435649] Modules linked in: [ 151.436218] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 151.437510] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.438330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.439296] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 151.439896] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.440449] RSP: 0000:ffff88810b827c78 EFLAGS: 00010286 [ 151.440645] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 151.441800] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbb032f38 [ 151.443374] RBP: ffff88810b827ca0 R08: 0000000000000000 R09: ffffed10209ebc00 [ 151.444298] R10: ffff888104f5e007 R11: 0000000000000000 R12: ffffffffbb032f20 [ 151.445334] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b827d38 [ 151.446320] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 151.447181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.447914] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 151.448671] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 151.449526] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.450137] Call Trace: [ 151.450599] <TASK> [ 151.451081] drm_test_rect_calc_hscale+0x108/0x270 [ 151.451778] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 151.451988] ? __schedule+0x10cc/0x2b60 [ 151.452160] ? __pfx_read_tsc+0x10/0x10 [ 151.452314] ? ktime_get_ts64+0x86/0x230 [ 151.452470] kunit_try_run_case+0x1a5/0x480 [ 151.452632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.453552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.454429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.455390] ? __kthread_parkme+0x82/0x180 [ 151.456206] ? preempt_count_sub+0x50/0x80 [ 151.456877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.457526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.458367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.459284] kthread+0x337/0x6f0 [ 151.459943] ? trace_preempt_on+0x20/0xc0 [ 151.460513] ? __pfx_kthread+0x10/0x10 [ 151.461128] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.461313] ? calculate_sigpending+0x7b/0xa0 [ 151.461479] ? __pfx_kthread+0x10/0x10 [ 151.461632] ret_from_fork+0x116/0x1d0 [ 151.462237] ? __pfx_kthread+0x10/0x10 [ 151.462914] ret_from_fork_asm+0x1a/0x30 [ 151.463560] </TASK> [ 151.464043] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 151.402346] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 151.404097] Modules linked in: [ 151.404513] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 151.405413] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.405616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.405907] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 151.406806] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.409034] RSP: 0000:ffff888103897c78 EFLAGS: 00010286 [ 151.409978] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 151.410836] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbb032f00 [ 151.411295] RBP: ffff888103897ca0 R08: 0000000000000000 R09: ffffed1020ba5220 [ 151.411525] R10: ffff888105d29107 R11: 0000000000000000 R12: ffffffffbb032ee8 [ 151.412331] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103897d38 [ 151.413440] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 151.414525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.415550] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 151.416217] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 151.417176] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.417676] Call Trace: [ 151.418318] <TASK> [ 151.418948] drm_test_rect_calc_hscale+0x108/0x270 [ 151.419339] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 151.420153] ? __schedule+0x10cc/0x2b60 [ 151.420523] ? __pfx_read_tsc+0x10/0x10 [ 151.420678] ? ktime_get_ts64+0x86/0x230 [ 151.420841] kunit_try_run_case+0x1a5/0x480 [ 151.421000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.422243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.422791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.423443] ? __kthread_parkme+0x82/0x180 [ 151.424108] ? preempt_count_sub+0x50/0x80 [ 151.424689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.425498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.425969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.426634] kthread+0x337/0x6f0 [ 151.427200] ? trace_preempt_on+0x20/0xc0 [ 151.427621] ? __pfx_kthread+0x10/0x10 [ 151.428041] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.428558] ? calculate_sigpending+0x7b/0xa0 [ 151.429222] ? __pfx_kthread+0x10/0x10 [ 151.429894] ret_from_fork+0x116/0x1d0 [ 151.430069] ? __pfx_kthread+0x10/0x10 [ 151.430215] ret_from_fork_asm+0x1a/0x30 [ 151.430376] </TASK> [ 151.430471] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 150.709622] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 150.710060] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 150.712523] Modules linked in: [ 150.712928] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 150.714200] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.715066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.715364] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 150.715557] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 e0 7d fe ba 4c 89 f2 48 c7 c7 a0 7a fe ba 48 89 c6 e8 34 f5 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 150.717414] RSP: 0000:ffff88810ae0fd18 EFLAGS: 00010286 [ 150.718428] RAX: 0000000000000000 RBX: ffff888109074400 RCX: 1ffffffff77a4c80 [ 150.719316] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 150.720204] RBP: ffff88810ae0fd48 R08: 0000000000000000 R09: fffffbfff77a4c80 [ 150.720860] R10: 0000000000000003 R11: 0000000000038f30 R12: ffff88810ae64000 [ 150.721470] R13: ffff8881090744f8 R14: ffff888105c8df00 R15: ffff88810039fb40 [ 150.721981] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 150.723162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.723932] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 150.724347] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 150.724591] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.725368] Call Trace: [ 150.726071] <TASK> [ 150.726324] ? trace_preempt_on+0x20/0xc0 [ 150.726988] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 150.727829] drm_gem_shmem_free_wrapper+0x12/0x20 [ 150.728486] __kunit_action_free+0x57/0x70 [ 150.729088] kunit_remove_resource+0x133/0x200 [ 150.729276] ? preempt_count_sub+0x50/0x80 [ 150.729441] kunit_cleanup+0x7a/0x120 [ 150.729603] kunit_try_run_case_cleanup+0xbd/0xf0 [ 150.730331] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 150.731181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.732192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.732940] kthread+0x337/0x6f0 [ 150.733314] ? trace_preempt_on+0x20/0xc0 [ 150.733721] ? __pfx_kthread+0x10/0x10 [ 150.734283] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.734795] ? calculate_sigpending+0x7b/0xa0 [ 150.735010] ? __pfx_kthread+0x10/0x10 [ 150.735176] ret_from_fork+0x116/0x1d0 [ 150.735326] ? __pfx_kthread+0x10/0x10 [ 150.735477] ret_from_fork_asm+0x1a/0x30 [ 150.735643] </TASK> [ 150.735822] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 150.554141] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 150.554703] Modules linked in: [ 150.555393] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 150.555775] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.555966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.556263] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 150.556456] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 150.556990] RSP: 0000:ffff88810afdfb30 EFLAGS: 00010246 [ 150.557197] RAX: dffffc0000000000 RBX: ffff88810afdfc28 RCX: 0000000000000000 [ 150.557445] RDX: 1ffff110215fbf8e RSI: ffff88810afdfc28 RDI: ffff88810afdfc70 [ 150.558118] RBP: ffff88810afdfb70 R08: ffff88810af62000 R09: ffffffffbafd8120 [ 150.558642] R10: 0000000000000003 R11: 000000004dbb1b74 R12: ffff88810af62000 [ 150.559626] R13: ffff88810039fae8 R14: ffff88810afdfba8 R15: 0000000000000000 [ 150.560078] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 150.560667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.561204] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 150.561685] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 150.562067] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.562384] Call Trace: [ 150.562524] <TASK> [ 150.562626] ? add_dr+0xc1/0x1d0 [ 150.563512] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 150.564057] ? add_dr+0x148/0x1d0 [ 150.564262] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 150.564684] ? __drmm_add_action+0x1a4/0x280 [ 150.565240] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.565808] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.566179] ? __drmm_add_action_or_reset+0x22/0x50 [ 150.566541] ? __schedule+0x10cc/0x2b60 [ 150.566995] ? __pfx_read_tsc+0x10/0x10 [ 150.567628] ? ktime_get_ts64+0x86/0x230 [ 150.568063] kunit_try_run_case+0x1a5/0x480 [ 150.568494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.568953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.569242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 150.569681] ? __kthread_parkme+0x82/0x180 [ 150.570135] ? preempt_count_sub+0x50/0x80 [ 150.570484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.571105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.571484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.572067] kthread+0x337/0x6f0 [ 150.572455] ? trace_preempt_on+0x20/0xc0 [ 150.573060] ? __pfx_kthread+0x10/0x10 [ 150.573278] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.573607] ? calculate_sigpending+0x7b/0xa0 [ 150.574128] ? __pfx_kthread+0x10/0x10 [ 150.574479] ret_from_fork+0x116/0x1d0 [ 150.575153] ? __pfx_kthread+0x10/0x10 [ 150.575371] ret_from_fork_asm+0x1a/0x30 [ 150.575702] </TASK> [ 150.576094] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 150.508597] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 150.509011] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 150.510270] Modules linked in: [ 150.510442] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 150.510870] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.511417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.512196] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 150.514223] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 00 30 fd ba 4c 89 fa 48 c7 c7 60 30 fd ba 48 89 c6 e8 02 12 7f fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 150.514975] RSP: 0000:ffff88810ae77b68 EFLAGS: 00010282 [ 150.515188] RAX: 0000000000000000 RBX: ffff88810ae77c40 RCX: 1ffffffff77a4c80 [ 150.515425] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 150.515736] RBP: ffff88810ae77b90 R08: 0000000000000000 R09: fffffbfff77a4c80 [ 150.517267] R10: 0000000000000003 R11: 00000000000375c8 R12: ffff88810ae77c18 [ 150.517672] R13: ffff88810af5b800 R14: ffff88810b035000 R15: ffff888105c16700 [ 150.518090] FS: 0000000000000000(0000) GS:ffff88819e074000(0000) knlGS:0000000000000000 [ 150.518587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.518860] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 150.519431] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050442 [ 150.520860] DR3: ffffffffbd050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.521199] Call Trace: [ 150.521341] <TASK> [ 150.521915] drm_test_framebuffer_free+0x1ab/0x610 [ 150.522204] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 150.522557] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.523052] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.523339] ? __drmm_add_action_or_reset+0x22/0x50 [ 150.523599] ? __schedule+0x10cc/0x2b60 [ 150.523809] ? __pfx_read_tsc+0x10/0x10 [ 150.524676] ? ktime_get_ts64+0x86/0x230 [ 150.524854] kunit_try_run_case+0x1a5/0x480 [ 150.525020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.525218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.525388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 150.525567] ? __kthread_parkme+0x82/0x180 [ 150.525721] ? preempt_count_sub+0x50/0x80 [ 150.525879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.526523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.528569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.529546] kthread+0x337/0x6f0 [ 150.530573] ? trace_preempt_on+0x20/0xc0 [ 150.531406] ? __pfx_kthread+0x10/0x10 [ 150.532178] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.533136] ? calculate_sigpending+0x7b/0xa0 [ 150.533584] ? __pfx_kthread+0x10/0x10 [ 150.533755] ret_from_fork+0x116/0x1d0 [ 150.533912] ? __pfx_kthread+0x10/0x10 [ 150.534989] ret_from_fork_asm+0x1a/0x30 [ 150.535778] </TASK> [ 150.536260] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 148.951829] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 148.953146] Modules linked in: [ 148.953650] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 148.955071] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.955518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.956247] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 148.957081] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 1b 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 148.958218] RSP: 0000:ffff888109f3fc90 EFLAGS: 00010246 [ 148.958423] RAX: dffffc0000000000 RBX: ffff88810a2a8000 RCX: 0000000000000000 [ 148.958643] RDX: 1ffff11021455032 RSI: ffffffffb8202308 RDI: ffff88810a2a8190 [ 148.960165] RBP: ffff888109f3fca0 R08: 1ffff11020073f69 R09: ffffed10213e7f65 [ 148.960517] R10: 0000000000000003 R11: ffffffffb7784c28 R12: 0000000000000000 [ 148.960849] R13: ffff888109f3fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 148.961132] FS: 0000000000000000(0000) GS:ffff88819e074000(0000) knlGS:0000000000000000 [ 148.961382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.961576] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 148.961798] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050442 [ 148.962020] DR3: ffffffffbd050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.962770] Call Trace: [ 148.962959] <TASK> [ 148.963329] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 148.963809] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 148.966240] ? __schedule+0x10cc/0x2b60 [ 148.966426] ? __pfx_read_tsc+0x10/0x10 [ 148.966580] ? ktime_get_ts64+0x86/0x230 [ 148.966739] kunit_try_run_case+0x1a5/0x480 [ 148.967039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.967272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.967446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.967624] ? __kthread_parkme+0x82/0x180 [ 148.967782] ? preempt_count_sub+0x50/0x80 [ 148.967943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.968188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.968384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.968587] kthread+0x337/0x6f0 [ 148.968721] ? trace_preempt_on+0x20/0xc0 [ 148.968883] ? __pfx_kthread+0x10/0x10 [ 148.970057] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.970308] ? calculate_sigpending+0x7b/0xa0 [ 148.970548] ? __pfx_kthread+0x10/0x10 [ 148.971294] ret_from_fork+0x116/0x1d0 [ 148.971589] ? __pfx_kthread+0x10/0x10 [ 148.971860] ret_from_fork_asm+0x1a/0x30 [ 148.972024] </TASK> [ 148.972139] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 149.035288] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 149.036373] Modules linked in: [ 149.037003] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 149.037841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 149.038302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.038591] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 149.039241] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 1b 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 149.040233] RSP: 0000:ffff88810a017c90 EFLAGS: 00010246 [ 149.040491] RAX: dffffc0000000000 RBX: ffff88810a362000 RCX: 0000000000000000 [ 149.041078] RDX: 1ffff1102146c432 RSI: ffffffffb8202308 RDI: ffff88810a362190 [ 149.041492] RBP: ffff88810a017ca0 R08: 1ffff11020073f69 R09: ffffed1021402f65 [ 149.042262] R10: 0000000000000003 R11: ffffffffb7784c28 R12: 0000000000000000 [ 149.042613] R13: ffff88810a017d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 149.043244] FS: 0000000000000000(0000) GS:ffff88819e074000(0000) knlGS:0000000000000000 [ 149.043727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.044135] CR2: 00007ffff7ffe000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 149.044465] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050442 [ 149.045132] DR3: ffffffffbd050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 149.045553] Call Trace: [ 149.046121] <TASK> [ 149.046281] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 149.046719] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 149.047276] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 149.047964] kunit_try_run_case+0x1a5/0x480 [ 149.048215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.048563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.049092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.049349] ? __kthread_parkme+0x82/0x180 [ 149.049579] ? preempt_count_sub+0x50/0x80 [ 149.050373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.050653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.051199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.051509] kthread+0x337/0x6f0 [ 149.051699] ? trace_preempt_on+0x20/0xc0 [ 149.052282] ? __pfx_kthread+0x10/0x10 [ 149.052632] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.052984] ? calculate_sigpending+0x7b/0xa0 [ 149.053233] ? __pfx_kthread+0x10/0x10 [ 149.053662] ret_from_fork+0x116/0x1d0 [ 149.054194] ? __pfx_kthread+0x10/0x10 [ 149.054429] ret_from_fork_asm+0x1a/0x30 [ 149.054823] </TASK> [ 149.055098] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 116.740247] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 116.741338] Modules linked in: [ 116.741860] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 116.742432] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 116.742619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 116.743828] RIP: 0010:intlog10+0x2a/0x40 [ 116.744339] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 116.746213] RSP: 0000:ffff8881083b7cb0 EFLAGS: 00010246 [ 116.746869] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021076fb4 [ 116.747507] RDX: 1ffffffff75d2c9c RSI: 1ffff11021076fb3 RDI: 0000000000000000 [ 116.747943] RBP: ffff8881083b7d60 R08: 0000000000000000 R09: ffffed1020f4fa00 [ 116.748675] R10: ffff888107a7d007 R11: 0000000000000000 R12: 1ffff11021076f97 [ 116.749567] R13: ffffffffbae964e0 R14: 0000000000000000 R15: ffff8881083b7d38 [ 116.750204] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 116.750916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.751120] CR2: ffff88815a89e000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 116.751332] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 116.751541] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 116.752382] Call Trace: [ 116.753025] <TASK> [ 116.753318] ? intlog10_test+0xf2/0x220 [ 116.754007] ? __pfx_intlog10_test+0x10/0x10 [ 116.754600] ? __schedule+0x10cc/0x2b60 [ 116.755272] ? __pfx_read_tsc+0x10/0x10 [ 116.756059] ? ktime_get_ts64+0x86/0x230 [ 116.756578] kunit_try_run_case+0x1a5/0x480 [ 116.757355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 116.758086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 116.758701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 116.759295] ? __kthread_parkme+0x82/0x180 [ 116.759472] ? preempt_count_sub+0x50/0x80 [ 116.759632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 116.760275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 116.761267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 116.762076] kthread+0x337/0x6f0 [ 116.762678] ? trace_preempt_on+0x20/0xc0 [ 116.763385] ? __pfx_kthread+0x10/0x10 [ 116.764026] ? _raw_spin_unlock_irq+0x47/0x80 [ 116.764496] ? calculate_sigpending+0x7b/0xa0 [ 116.765116] ? __pfx_kthread+0x10/0x10 [ 116.765635] ret_from_fork+0x116/0x1d0 [ 116.766215] ? __pfx_kthread+0x10/0x10 [ 116.766789] ret_from_fork_asm+0x1a/0x30 [ 116.767183] </TASK> [ 116.767293] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 116.686553] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 116.687382] Modules linked in: [ 116.687884] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 116.688542] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 116.689045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 116.689649] RIP: 0010:intlog2+0xdf/0x110 [ 116.690066] Code: e9 ba c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 57 9f 86 02 89 45 e4 e8 cf 0f 56 ff 8b 45 e4 eb [ 116.691105] RSP: 0000:ffff8881082afcb0 EFLAGS: 00010246 [ 116.691541] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021055fb4 [ 116.692002] RDX: 1ffffffff75d2cf0 RSI: 1ffff11021055fb3 RDI: 0000000000000000 [ 116.692595] RBP: ffff8881082afd60 R08: 0000000000000000 R09: ffffed1020f4f2c0 [ 116.693171] R10: ffff888107a79607 R11: 0000000000000000 R12: 1ffff11021055f97 [ 116.693393] R13: ffffffffbae96780 R14: 0000000000000000 R15: ffff8881082afd38 [ 116.693612] FS: 0000000000000000(0000) GS:ffff88819e174000(0000) knlGS:0000000000000000 [ 116.695111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.696140] CR2: ffff88815a89e000 CR3: 00000001474bc000 CR4: 00000000000006f0 [ 116.697301] DR0: ffffffffbd050440 DR1: ffffffffbd050441 DR2: ffffffffbd050443 [ 116.698151] DR3: ffffffffbd050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 116.699257] Call Trace: [ 116.699870] <TASK> [ 116.700477] ? intlog2_test+0xf2/0x220 [ 116.701333] ? __pfx_intlog2_test+0x10/0x10 [ 116.701953] ? __schedule+0x10cc/0x2b60 [ 116.703058] ? __pfx_read_tsc+0x10/0x10 [ 116.703538] ? ktime_get_ts64+0x86/0x230 [ 116.704441] kunit_try_run_case+0x1a5/0x480 [ 116.705263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 116.705448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 116.705628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 116.706912] ? __kthread_parkme+0x82/0x180 [ 116.707402] ? preempt_count_sub+0x50/0x80 [ 116.708330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 116.709268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 116.710293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 116.711084] kthread+0x337/0x6f0 [ 116.711233] ? trace_preempt_on+0x20/0xc0 [ 116.711390] ? __pfx_kthread+0x10/0x10 [ 116.711533] ? _raw_spin_unlock_irq+0x47/0x80 [ 116.711691] ? calculate_sigpending+0x7b/0xa0 [ 116.713423] ? __pfx_kthread+0x10/0x10 [ 116.714275] ret_from_fork+0x116/0x1d0 [ 116.715126] ? __pfx_kthread+0x10/0x10 [ 116.715621] ret_from_fork_asm+0x1a/0x30 [ 116.716428] </TASK> [ 116.716961] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 116.068490] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI