Date
July 6, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.388779] ================================================================== [ 13.389254] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.390312] Write of size 128 at addr ffff888102aa0500 by task kunit_try_catch/188 [ 13.390744] [ 13.390954] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.391024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.391037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.391064] Call Trace: [ 13.391080] <TASK> [ 13.391098] dump_stack_lvl+0x73/0xb0 [ 13.391148] print_report+0xd1/0x650 [ 13.391172] ? __virt_addr_valid+0x1db/0x2d0 [ 13.391193] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.391213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.391236] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.391256] kasan_report+0x141/0x180 [ 13.391276] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.391300] kasan_check_range+0x10c/0x1c0 [ 13.391321] __asan_memset+0x27/0x50 [ 13.391338] kmalloc_oob_in_memset+0x15f/0x320 [ 13.391358] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.391378] ? __schedule+0x10cc/0x2b60 [ 13.391398] ? __pfx_read_tsc+0x10/0x10 [ 13.391417] ? ktime_get_ts64+0x86/0x230 [ 13.391440] kunit_try_run_case+0x1a5/0x480 [ 13.391463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.391483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.391508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.391538] ? __kthread_parkme+0x82/0x180 [ 13.391566] ? preempt_count_sub+0x50/0x80 [ 13.391605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.391662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.391704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.391744] kthread+0x337/0x6f0 [ 13.391781] ? trace_preempt_on+0x20/0xc0 [ 13.391825] ? __pfx_kthread+0x10/0x10 [ 13.391864] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.391902] ? calculate_sigpending+0x7b/0xa0 [ 13.391939] ? __pfx_kthread+0x10/0x10 [ 13.391968] ret_from_fork+0x116/0x1d0 [ 13.391995] ? __pfx_kthread+0x10/0x10 [ 13.392024] ret_from_fork_asm+0x1a/0x30 [ 13.392053] </TASK> [ 13.392066] [ 13.404155] Allocated by task 188: [ 13.404514] kasan_save_stack+0x45/0x70 [ 13.405496] kasan_save_track+0x18/0x40 [ 13.406236] kasan_save_alloc_info+0x3b/0x50 [ 13.406496] __kasan_kmalloc+0xb7/0xc0 [ 13.406969] __kmalloc_cache_noprof+0x189/0x420 [ 13.407239] kmalloc_oob_in_memset+0xac/0x320 [ 13.407443] kunit_try_run_case+0x1a5/0x480 [ 13.408231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.408788] kthread+0x337/0x6f0 [ 13.409093] ret_from_fork+0x116/0x1d0 [ 13.409416] ret_from_fork_asm+0x1a/0x30 [ 13.409897] [ 13.410019] The buggy address belongs to the object at ffff888102aa0500 [ 13.410019] which belongs to the cache kmalloc-128 of size 128 [ 13.410689] The buggy address is located 0 bytes inside of [ 13.410689] allocated 120-byte region [ffff888102aa0500, ffff888102aa0578) [ 13.411195] [ 13.411355] The buggy address belongs to the physical page: [ 13.412235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.412610] flags: 0x200000000000000(node=0|zone=2) [ 13.413484] page_type: f5(slab) [ 13.413780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.414001] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.414549] page dumped because: kasan: bad access detected [ 13.414816] [ 13.414916] Memory state around the buggy address: [ 13.415096] ffff888102aa0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.415504] ffff888102aa0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.415942] >ffff888102aa0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.416235] ^ [ 13.416680] ffff888102aa0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.416906] ffff888102aa0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.417144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.349410] ================================================================== [ 13.349870] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.350125] Read of size 16 at addr ffff888101c6db60 by task kunit_try_catch/186 [ 13.350728] [ 13.350929] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.351008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.351031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.351068] Call Trace: [ 13.351093] <TASK> [ 13.351127] dump_stack_lvl+0x73/0xb0 [ 13.351177] print_report+0xd1/0x650 [ 13.351210] ? __virt_addr_valid+0x1db/0x2d0 [ 13.351244] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.351277] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.351318] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.351350] kasan_report+0x141/0x180 [ 13.351386] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.351431] __asan_report_load16_noabort+0x18/0x20 [ 13.351474] kmalloc_uaf_16+0x47b/0x4c0 [ 13.351512] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.351547] ? __schedule+0x10cc/0x2b60 [ 13.351648] ? __pfx_read_tsc+0x10/0x10 [ 13.351684] ? ktime_get_ts64+0x86/0x230 [ 13.351732] kunit_try_run_case+0x1a5/0x480 [ 13.351777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.351817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.351860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.351903] ? __kthread_parkme+0x82/0x180 [ 13.351941] ? preempt_count_sub+0x50/0x80 [ 13.351986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.352030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.352062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.352092] kthread+0x337/0x6f0 [ 13.352145] ? trace_preempt_on+0x20/0xc0 [ 13.352168] ? __pfx_kthread+0x10/0x10 [ 13.352186] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.352205] ? calculate_sigpending+0x7b/0xa0 [ 13.352227] ? __pfx_kthread+0x10/0x10 [ 13.352246] ret_from_fork+0x116/0x1d0 [ 13.352289] ? __pfx_kthread+0x10/0x10 [ 13.352310] ret_from_fork_asm+0x1a/0x30 [ 13.352339] </TASK> [ 13.352351] [ 13.364592] Allocated by task 186: [ 13.365013] kasan_save_stack+0x45/0x70 [ 13.365376] kasan_save_track+0x18/0x40 [ 13.365954] kasan_save_alloc_info+0x3b/0x50 [ 13.366397] __kasan_kmalloc+0xb7/0xc0 [ 13.366564] __kmalloc_cache_noprof+0x189/0x420 [ 13.366870] kmalloc_uaf_16+0x15b/0x4c0 [ 13.367109] kunit_try_run_case+0x1a5/0x480 [ 13.367343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.367579] kthread+0x337/0x6f0 [ 13.367850] ret_from_fork+0x116/0x1d0 [ 13.368036] ret_from_fork_asm+0x1a/0x30 [ 13.368262] [ 13.369077] Freed by task 186: [ 13.369236] kasan_save_stack+0x45/0x70 [ 13.369391] kasan_save_track+0x18/0x40 [ 13.370412] kasan_save_free_info+0x3f/0x60 [ 13.370645] __kasan_slab_free+0x56/0x70 [ 13.370790] kfree+0x222/0x3f0 [ 13.371000] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.371441] kunit_try_run_case+0x1a5/0x480 [ 13.371882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.372352] kthread+0x337/0x6f0 [ 13.372848] ret_from_fork+0x116/0x1d0 [ 13.373047] ret_from_fork_asm+0x1a/0x30 [ 13.373921] [ 13.374028] The buggy address belongs to the object at ffff888101c6db60 [ 13.374028] which belongs to the cache kmalloc-16 of size 16 [ 13.374417] The buggy address is located 0 bytes inside of [ 13.374417] freed 16-byte region [ffff888101c6db60, ffff888101c6db70) [ 13.375254] [ 13.375450] The buggy address belongs to the physical page: [ 13.376396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c6d [ 13.376857] flags: 0x200000000000000(node=0|zone=2) [ 13.377072] page_type: f5(slab) [ 13.377731] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.378068] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.378825] page dumped because: kasan: bad access detected [ 13.379026] [ 13.379116] Memory state around the buggy address: [ 13.379748] ffff888101c6da00: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.380453] ffff888101c6da80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.380934] >ffff888101c6db00: 00 05 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 13.381783] ^ [ 13.382088] ffff888101c6db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.382423] ffff888101c6dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.383049] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 13.315189] ================================================================== [ 13.315670] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 13.316423] Write of size 16 at addr ffff8881024eb3e0 by task kunit_try_catch/184 [ 13.316820] [ 13.317369] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.317442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.317455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.317474] Call Trace: [ 13.317486] <TASK> [ 13.317505] dump_stack_lvl+0x73/0xb0 [ 13.317556] print_report+0xd1/0x650 [ 13.317592] ? __virt_addr_valid+0x1db/0x2d0 [ 13.317647] ? kmalloc_oob_16+0x452/0x4a0 [ 13.317680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.317722] ? kmalloc_oob_16+0x452/0x4a0 [ 13.317757] kasan_report+0x141/0x180 [ 13.317794] ? kmalloc_oob_16+0x452/0x4a0 [ 13.317837] __asan_report_store16_noabort+0x1b/0x30 [ 13.317865] kmalloc_oob_16+0x452/0x4a0 [ 13.317883] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 13.317903] ? __schedule+0x10cc/0x2b60 [ 13.317933] ? __pfx_read_tsc+0x10/0x10 [ 13.317953] ? ktime_get_ts64+0x86/0x230 [ 13.317977] kunit_try_run_case+0x1a5/0x480 [ 13.317999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.318018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.318038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.318058] ? __kthread_parkme+0x82/0x180 [ 13.318076] ? preempt_count_sub+0x50/0x80 [ 13.318097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.318129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.318157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.318190] kthread+0x337/0x6f0 [ 13.318223] ? trace_preempt_on+0x20/0xc0 [ 13.318263] ? __pfx_kthread+0x10/0x10 [ 13.318300] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.318336] ? calculate_sigpending+0x7b/0xa0 [ 13.318380] ? __pfx_kthread+0x10/0x10 [ 13.318420] ret_from_fork+0x116/0x1d0 [ 13.318456] ? __pfx_kthread+0x10/0x10 [ 13.318494] ret_from_fork_asm+0x1a/0x30 [ 13.318543] </TASK> [ 13.318561] [ 13.329712] Allocated by task 184: [ 13.331131] kasan_save_stack+0x45/0x70 [ 13.331461] kasan_save_track+0x18/0x40 [ 13.331893] kasan_save_alloc_info+0x3b/0x50 [ 13.332205] __kasan_kmalloc+0xb7/0xc0 [ 13.332603] __kmalloc_cache_noprof+0x189/0x420 [ 13.333325] kmalloc_oob_16+0xa8/0x4a0 [ 13.333778] kunit_try_run_case+0x1a5/0x480 [ 13.334203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.334974] kthread+0x337/0x6f0 [ 13.335299] ret_from_fork+0x116/0x1d0 [ 13.335865] ret_from_fork_asm+0x1a/0x30 [ 13.336241] [ 13.336349] The buggy address belongs to the object at ffff8881024eb3e0 [ 13.336349] which belongs to the cache kmalloc-16 of size 16 [ 13.337187] The buggy address is located 0 bytes inside of [ 13.337187] allocated 13-byte region [ffff8881024eb3e0, ffff8881024eb3ed) [ 13.337762] [ 13.337955] The buggy address belongs to the physical page: [ 13.338364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 13.338934] flags: 0x200000000000000(node=0|zone=2) [ 13.339312] page_type: f5(slab) [ 13.340057] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.340348] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.341013] page dumped because: kasan: bad access detected [ 13.341344] [ 13.341501] Memory state around the buggy address: [ 13.342005] ffff8881024eb280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.342436] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.342959] >ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.343424] ^ [ 13.344191] ffff8881024eb400: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.344565] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.345023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 13.273994] ================================================================== [ 13.274309] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 13.274921] Read of size 1 at addr ffff88810034ce00 by task kunit_try_catch/182 [ 13.275745] [ 13.275871] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.275983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.276007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.276126] Call Trace: [ 13.276159] <TASK> [ 13.276189] dump_stack_lvl+0x73/0xb0 [ 13.276259] print_report+0xd1/0x650 [ 13.276301] ? __virt_addr_valid+0x1db/0x2d0 [ 13.276333] ? krealloc_uaf+0x53c/0x5e0 [ 13.276354] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.276377] ? krealloc_uaf+0x53c/0x5e0 [ 13.276397] kasan_report+0x141/0x180 [ 13.276417] ? krealloc_uaf+0x53c/0x5e0 [ 13.276441] __asan_report_load1_noabort+0x18/0x20 [ 13.276463] krealloc_uaf+0x53c/0x5e0 [ 13.276482] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.276528] ? finish_task_switch.isra.0+0x153/0x700 [ 13.276568] ? __switch_to+0x47/0xf50 [ 13.276607] ? __schedule+0x10cc/0x2b60 [ 13.276651] ? __pfx_read_tsc+0x10/0x10 [ 13.276671] ? ktime_get_ts64+0x86/0x230 [ 13.276695] kunit_try_run_case+0x1a5/0x480 [ 13.276717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.276759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.276780] ? __kthread_parkme+0x82/0x180 [ 13.276798] ? preempt_count_sub+0x50/0x80 [ 13.276818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.276860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.276880] kthread+0x337/0x6f0 [ 13.276898] ? trace_preempt_on+0x20/0xc0 [ 13.276919] ? __pfx_kthread+0x10/0x10 [ 13.276937] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.276957] ? calculate_sigpending+0x7b/0xa0 [ 13.276978] ? __pfx_kthread+0x10/0x10 [ 13.276998] ret_from_fork+0x116/0x1d0 [ 13.277014] ? __pfx_kthread+0x10/0x10 [ 13.277033] ret_from_fork_asm+0x1a/0x30 [ 13.277061] </TASK> [ 13.277073] [ 13.289793] Allocated by task 182: [ 13.290071] kasan_save_stack+0x45/0x70 [ 13.290720] kasan_save_track+0x18/0x40 [ 13.290973] kasan_save_alloc_info+0x3b/0x50 [ 13.291234] __kasan_kmalloc+0xb7/0xc0 [ 13.291423] __kmalloc_cache_noprof+0x189/0x420 [ 13.291791] krealloc_uaf+0xbb/0x5e0 [ 13.292050] kunit_try_run_case+0x1a5/0x480 [ 13.292221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.292535] kthread+0x337/0x6f0 [ 13.292944] ret_from_fork+0x116/0x1d0 [ 13.293291] ret_from_fork_asm+0x1a/0x30 [ 13.293756] [ 13.293947] Freed by task 182: [ 13.294133] kasan_save_stack+0x45/0x70 [ 13.294448] kasan_save_track+0x18/0x40 [ 13.295220] kasan_save_free_info+0x3f/0x60 [ 13.295674] __kasan_slab_free+0x56/0x70 [ 13.295946] kfree+0x222/0x3f0 [ 13.296196] krealloc_uaf+0x13d/0x5e0 [ 13.296654] kunit_try_run_case+0x1a5/0x480 [ 13.296880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.297313] kthread+0x337/0x6f0 [ 13.297651] ret_from_fork+0x116/0x1d0 [ 13.297923] ret_from_fork_asm+0x1a/0x30 [ 13.298219] [ 13.298379] The buggy address belongs to the object at ffff88810034ce00 [ 13.298379] which belongs to the cache kmalloc-256 of size 256 [ 13.299071] The buggy address is located 0 bytes inside of [ 13.299071] freed 256-byte region [ffff88810034ce00, ffff88810034cf00) [ 13.300165] [ 13.300282] The buggy address belongs to the physical page: [ 13.300809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c [ 13.301262] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.301748] flags: 0x200000000000040(head|node=0|zone=2) [ 13.301968] page_type: f5(slab) [ 13.302252] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.302496] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.303130] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.303461] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.304138] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff [ 13.304953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.305285] page dumped because: kasan: bad access detected [ 13.305792] [ 13.305939] Memory state around the buggy address: [ 13.306220] ffff88810034cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.307137] ffff88810034cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.307463] >ffff88810034ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.308061] ^ [ 13.308293] ffff88810034ce80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.309028] ffff88810034cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309704] ================================================================== [ 13.236155] ================================================================== [ 13.236613] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 13.238030] Read of size 1 at addr ffff88810034ce00 by task kunit_try_catch/182 [ 13.238371] [ 13.238495] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.238558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.238576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.238602] Call Trace: [ 13.238629] <TASK> [ 13.238653] dump_stack_lvl+0x73/0xb0 [ 13.238704] print_report+0xd1/0x650 [ 13.238741] ? __virt_addr_valid+0x1db/0x2d0 [ 13.238776] ? krealloc_uaf+0x1b8/0x5e0 [ 13.238807] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.238848] ? krealloc_uaf+0x1b8/0x5e0 [ 13.238887] kasan_report+0x141/0x180 [ 13.238921] ? krealloc_uaf+0x1b8/0x5e0 [ 13.238957] ? krealloc_uaf+0x1b8/0x5e0 [ 13.238986] __kasan_check_byte+0x3d/0x50 [ 13.239021] krealloc_noprof+0x3f/0x340 [ 13.239060] krealloc_uaf+0x1b8/0x5e0 [ 13.239096] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.239130] ? finish_task_switch.isra.0+0x153/0x700 [ 13.239170] ? __switch_to+0x47/0xf50 [ 13.239215] ? __schedule+0x10cc/0x2b60 [ 13.239249] ? __pfx_read_tsc+0x10/0x10 [ 13.239276] ? ktime_get_ts64+0x86/0x230 [ 13.239307] kunit_try_run_case+0x1a5/0x480 [ 13.239336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.239356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.239377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.239398] ? __kthread_parkme+0x82/0x180 [ 13.239418] ? preempt_count_sub+0x50/0x80 [ 13.239438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.239459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.239479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.239501] kthread+0x337/0x6f0 [ 13.239527] ? trace_preempt_on+0x20/0xc0 [ 13.239557] ? __pfx_kthread+0x10/0x10 [ 13.239584] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.239613] ? calculate_sigpending+0x7b/0xa0 [ 13.239654] ? __pfx_kthread+0x10/0x10 [ 13.239673] ret_from_fork+0x116/0x1d0 [ 13.239690] ? __pfx_kthread+0x10/0x10 [ 13.239708] ret_from_fork_asm+0x1a/0x30 [ 13.239737] </TASK> [ 13.239748] [ 13.252507] Allocated by task 182: [ 13.252884] kasan_save_stack+0x45/0x70 [ 13.253182] kasan_save_track+0x18/0x40 [ 13.253392] kasan_save_alloc_info+0x3b/0x50 [ 13.253836] __kasan_kmalloc+0xb7/0xc0 [ 13.254296] __kmalloc_cache_noprof+0x189/0x420 [ 13.254814] krealloc_uaf+0xbb/0x5e0 [ 13.255332] kunit_try_run_case+0x1a5/0x480 [ 13.255811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.256288] kthread+0x337/0x6f0 [ 13.256443] ret_from_fork+0x116/0x1d0 [ 13.256611] ret_from_fork_asm+0x1a/0x30 [ 13.256903] [ 13.257096] Freed by task 182: [ 13.257765] kasan_save_stack+0x45/0x70 [ 13.257957] kasan_save_track+0x18/0x40 [ 13.258705] kasan_save_free_info+0x3f/0x60 [ 13.259154] __kasan_slab_free+0x56/0x70 [ 13.259578] kfree+0x222/0x3f0 [ 13.259745] krealloc_uaf+0x13d/0x5e0 [ 13.259861] kunit_try_run_case+0x1a5/0x480 [ 13.259975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.260093] kthread+0x337/0x6f0 [ 13.260382] ret_from_fork+0x116/0x1d0 [ 13.260780] ret_from_fork_asm+0x1a/0x30 [ 13.261361] [ 13.261607] The buggy address belongs to the object at ffff88810034ce00 [ 13.261607] which belongs to the cache kmalloc-256 of size 256 [ 13.262669] The buggy address is located 0 bytes inside of [ 13.262669] freed 256-byte region [ffff88810034ce00, ffff88810034cf00) [ 13.263450] [ 13.263843] The buggy address belongs to the physical page: [ 13.264062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c [ 13.264810] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.265030] flags: 0x200000000000040(head|node=0|zone=2) [ 13.265909] page_type: f5(slab) [ 13.266204] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.266417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.267310] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.267628] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.267992] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff [ 13.268503] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.268946] page dumped because: kasan: bad access detected [ 13.269172] [ 13.269571] Memory state around the buggy address: [ 13.269869] ffff88810034cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270777] ffff88810034cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270995] >ffff88810034ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.271486] ^ [ 13.271802] ffff88810034ce80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.272467] ffff88810034cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.272874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.904207] ================================================================== [ 12.905231] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.905962] Write of size 1 at addr ffff888100aa58d0 by task kunit_try_catch/176 [ 12.906942] [ 12.907416] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.907472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.907483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.907504] Call Trace: [ 12.907766] <TASK> [ 12.907799] dump_stack_lvl+0x73/0xb0 [ 12.907837] print_report+0xd1/0x650 [ 12.907857] ? __virt_addr_valid+0x1db/0x2d0 [ 12.907876] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.907896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.907917] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.907937] kasan_report+0x141/0x180 [ 12.907956] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.907980] __asan_report_store1_noabort+0x1b/0x30 [ 12.908000] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.908021] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.908041] ? finish_task_switch.isra.0+0x153/0x700 [ 12.908060] ? __switch_to+0x47/0xf50 [ 12.908082] ? __schedule+0x10cc/0x2b60 [ 12.908101] ? __pfx_read_tsc+0x10/0x10 [ 12.908134] krealloc_less_oob+0x1c/0x30 [ 12.908161] kunit_try_run_case+0x1a5/0x480 [ 12.908196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.908231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.908272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.908313] ? __kthread_parkme+0x82/0x180 [ 12.908348] ? preempt_count_sub+0x50/0x80 [ 12.908385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.908423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.908459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.908495] kthread+0x337/0x6f0 [ 12.908526] ? trace_preempt_on+0x20/0xc0 [ 12.908567] ? __pfx_kthread+0x10/0x10 [ 12.908604] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.908657] ? calculate_sigpending+0x7b/0xa0 [ 12.908715] ? __pfx_kthread+0x10/0x10 [ 12.908750] ret_from_fork+0x116/0x1d0 [ 12.908782] ? __pfx_kthread+0x10/0x10 [ 12.908819] ret_from_fork_asm+0x1a/0x30 [ 12.908877] </TASK> [ 12.908900] [ 12.921491] Allocated by task 176: [ 12.921793] kasan_save_stack+0x45/0x70 [ 12.922416] kasan_save_track+0x18/0x40 [ 12.922921] kasan_save_alloc_info+0x3b/0x50 [ 12.923537] __kasan_krealloc+0x190/0x1f0 [ 12.924019] krealloc_noprof+0xf3/0x340 [ 12.924368] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.924674] krealloc_less_oob+0x1c/0x30 [ 12.925071] kunit_try_run_case+0x1a5/0x480 [ 12.925423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.925794] kthread+0x337/0x6f0 [ 12.926134] ret_from_fork+0x116/0x1d0 [ 12.926761] ret_from_fork_asm+0x1a/0x30 [ 12.927277] [ 12.927424] The buggy address belongs to the object at ffff888100aa5800 [ 12.927424] which belongs to the cache kmalloc-256 of size 256 [ 12.927941] The buggy address is located 7 bytes to the right of [ 12.927941] allocated 201-byte region [ffff888100aa5800, ffff888100aa58c9) [ 12.928532] [ 12.928953] The buggy address belongs to the physical page: [ 12.929263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa4 [ 12.929880] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.930368] flags: 0x200000000000040(head|node=0|zone=2) [ 12.931021] page_type: f5(slab) [ 12.931304] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.931882] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.932328] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.933020] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.933446] head: 0200000000000001 ffffea000402a901 00000000ffffffff 00000000ffffffff [ 12.933931] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.934297] page dumped because: kasan: bad access detected [ 12.934645] [ 12.934803] Memory state around the buggy address: [ 12.935122] ffff888100aa5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.935456] ffff888100aa5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.936354] >ffff888100aa5880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.936843] ^ [ 12.937422] ffff888100aa5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.937701] ffff888100aa5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.938141] ================================================================== [ 13.153854] ================================================================== [ 13.154421] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.155051] Write of size 1 at addr ffff888102b320da by task kunit_try_catch/180 [ 13.155579] [ 13.155782] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.155990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.156019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.156054] Call Trace: [ 13.156094] <TASK> [ 13.156118] dump_stack_lvl+0x73/0xb0 [ 13.156173] print_report+0xd1/0x650 [ 13.156222] ? __virt_addr_valid+0x1db/0x2d0 [ 13.156262] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.156313] ? kasan_addr_to_slab+0x11/0xa0 [ 13.156360] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.156403] kasan_report+0x141/0x180 [ 13.156455] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.156499] __asan_report_store1_noabort+0x1b/0x30 [ 13.156930] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.157006] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.157047] ? finish_task_switch.isra.0+0x153/0x700 [ 13.157115] ? __switch_to+0x47/0xf50 [ 13.157158] ? __schedule+0x10cc/0x2b60 [ 13.157195] ? __pfx_read_tsc+0x10/0x10 [ 13.157247] krealloc_large_less_oob+0x1c/0x30 [ 13.157281] kunit_try_run_case+0x1a5/0x480 [ 13.157315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.157345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.157380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.157417] ? __kthread_parkme+0x82/0x180 [ 13.157455] ? preempt_count_sub+0x50/0x80 [ 13.157498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.157537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.157566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.157586] kthread+0x337/0x6f0 [ 13.157604] ? trace_preempt_on+0x20/0xc0 [ 13.157642] ? __pfx_kthread+0x10/0x10 [ 13.157662] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.157680] ? calculate_sigpending+0x7b/0xa0 [ 13.157701] ? __pfx_kthread+0x10/0x10 [ 13.157720] ret_from_fork+0x116/0x1d0 [ 13.157736] ? __pfx_kthread+0x10/0x10 [ 13.157754] ret_from_fork_asm+0x1a/0x30 [ 13.157781] </TASK> [ 13.157793] [ 13.169553] The buggy address belongs to the physical page: [ 13.170663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 13.171249] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.171673] flags: 0x200000000000040(head|node=0|zone=2) [ 13.172040] page_type: f8(unknown) [ 13.172686] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.172995] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.173408] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.174513] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.174964] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 13.175426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.175991] page dumped because: kasan: bad access detected [ 13.176237] [ 13.176342] Memory state around the buggy address: [ 13.176662] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.177399] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.177750] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.177990] ^ [ 13.178487] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.178950] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.179232] ================================================================== [ 13.005844] ================================================================== [ 13.006219] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.006460] Write of size 1 at addr ffff888100aa58eb by task kunit_try_catch/176 [ 13.007700] [ 13.007857] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.007929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.007945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.007975] Call Trace: [ 13.007992] <TASK> [ 13.008018] dump_stack_lvl+0x73/0xb0 [ 13.008063] print_report+0xd1/0x650 [ 13.008096] ? __virt_addr_valid+0x1db/0x2d0 [ 13.008206] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.008244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.008300] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.008340] kasan_report+0x141/0x180 [ 13.008392] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.008436] __asan_report_store1_noabort+0x1b/0x30 [ 13.008461] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.008484] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.008504] ? finish_task_switch.isra.0+0x153/0x700 [ 13.008524] ? __switch_to+0x47/0xf50 [ 13.008546] ? __schedule+0x10cc/0x2b60 [ 13.008565] ? __pfx_read_tsc+0x10/0x10 [ 13.008587] krealloc_less_oob+0x1c/0x30 [ 13.008605] kunit_try_run_case+0x1a5/0x480 [ 13.008643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.008663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.008684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.008704] ? __kthread_parkme+0x82/0x180 [ 13.008721] ? preempt_count_sub+0x50/0x80 [ 13.008741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.008760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.008780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.008799] kthread+0x337/0x6f0 [ 13.008816] ? trace_preempt_on+0x20/0xc0 [ 13.008837] ? __pfx_kthread+0x10/0x10 [ 13.008854] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.008872] ? calculate_sigpending+0x7b/0xa0 [ 13.008892] ? __pfx_kthread+0x10/0x10 [ 13.008910] ret_from_fork+0x116/0x1d0 [ 13.008926] ? __pfx_kthread+0x10/0x10 [ 13.008943] ret_from_fork_asm+0x1a/0x30 [ 13.008971] </TASK> [ 13.008983] [ 13.017596] Allocated by task 176: [ 13.017893] kasan_save_stack+0x45/0x70 [ 13.018326] kasan_save_track+0x18/0x40 [ 13.018592] kasan_save_alloc_info+0x3b/0x50 [ 13.018784] __kasan_krealloc+0x190/0x1f0 [ 13.018953] krealloc_noprof+0xf3/0x340 [ 13.019115] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.019476] krealloc_less_oob+0x1c/0x30 [ 13.019869] kunit_try_run_case+0x1a5/0x480 [ 13.020216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.020595] kthread+0x337/0x6f0 [ 13.020877] ret_from_fork+0x116/0x1d0 [ 13.021178] ret_from_fork_asm+0x1a/0x30 [ 13.021422] [ 13.021587] The buggy address belongs to the object at ffff888100aa5800 [ 13.021587] which belongs to the cache kmalloc-256 of size 256 [ 13.021968] The buggy address is located 34 bytes to the right of [ 13.021968] allocated 201-byte region [ffff888100aa5800, ffff888100aa58c9) [ 13.022656] [ 13.022829] The buggy address belongs to the physical page: [ 13.023226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa4 [ 13.023790] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.024419] flags: 0x200000000000040(head|node=0|zone=2) [ 13.024687] page_type: f5(slab) [ 13.024848] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.025090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.025736] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.026306] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.026800] head: 0200000000000001 ffffea000402a901 00000000ffffffff 00000000ffffffff [ 13.027076] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.027335] page dumped because: kasan: bad access detected [ 13.027584] [ 13.027752] Memory state around the buggy address: [ 13.028191] ffff888100aa5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.028662] ffff888100aa5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.029147] >ffff888100aa5880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.029445] ^ [ 13.029687] ffff888100aa5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.030167] ffff888100aa5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.030658] ================================================================== [ 13.179800] ================================================================== [ 13.180279] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.181149] Write of size 1 at addr ffff888102b320ea by task kunit_try_catch/180 [ 13.181614] [ 13.181948] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.182027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.182050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.182078] Call Trace: [ 13.182112] <TASK> [ 13.182137] dump_stack_lvl+0x73/0xb0 [ 13.182219] print_report+0xd1/0x650 [ 13.182254] ? __virt_addr_valid+0x1db/0x2d0 [ 13.182284] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.182322] ? kasan_addr_to_slab+0x11/0xa0 [ 13.182353] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.182399] kasan_report+0x141/0x180 [ 13.182437] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.182500] __asan_report_store1_noabort+0x1b/0x30 [ 13.182536] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.182578] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.182635] ? finish_task_switch.isra.0+0x153/0x700 [ 13.182672] ? __switch_to+0x47/0xf50 [ 13.182717] ? __schedule+0x10cc/0x2b60 [ 13.182755] ? __pfx_read_tsc+0x10/0x10 [ 13.182798] krealloc_large_less_oob+0x1c/0x30 [ 13.182836] kunit_try_run_case+0x1a5/0x480 [ 13.182879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.182917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.182958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.183004] ? __kthread_parkme+0x82/0x180 [ 13.183037] ? preempt_count_sub+0x50/0x80 [ 13.183093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.183133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.183174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.183215] kthread+0x337/0x6f0 [ 13.183252] ? trace_preempt_on+0x20/0xc0 [ 13.183294] ? __pfx_kthread+0x10/0x10 [ 13.183331] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.183368] ? calculate_sigpending+0x7b/0xa0 [ 13.183408] ? __pfx_kthread+0x10/0x10 [ 13.183516] ret_from_fork+0x116/0x1d0 [ 13.183560] ? __pfx_kthread+0x10/0x10 [ 13.183590] ret_from_fork_asm+0x1a/0x30 [ 13.183636] </TASK> [ 13.183651] [ 13.195095] The buggy address belongs to the physical page: [ 13.195487] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 13.196214] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.197149] flags: 0x200000000000040(head|node=0|zone=2) [ 13.197408] page_type: f8(unknown) [ 13.197734] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.198273] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.198961] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.199361] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.199993] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 13.200425] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.201373] page dumped because: kasan: bad access detected [ 13.201781] [ 13.201897] Memory state around the buggy address: [ 13.202254] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.202842] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.203375] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.203850] ^ [ 13.204219] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.204816] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.205101] ================================================================== [ 12.939402] ================================================================== [ 12.939927] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.940386] Write of size 1 at addr ffff888100aa58da by task kunit_try_catch/176 [ 12.940603] [ 12.940879] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.940956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.940976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.941010] Call Trace: [ 12.941045] <TASK> [ 12.941074] dump_stack_lvl+0x73/0xb0 [ 12.941123] print_report+0xd1/0x650 [ 12.941156] ? __virt_addr_valid+0x1db/0x2d0 [ 12.941190] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.941227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.941336] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.941391] kasan_report+0x141/0x180 [ 12.941431] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.941484] __asan_report_store1_noabort+0x1b/0x30 [ 12.941524] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.941712] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.941772] ? finish_task_switch.isra.0+0x153/0x700 [ 12.941808] ? __switch_to+0x47/0xf50 [ 12.941847] ? __schedule+0x10cc/0x2b60 [ 12.941885] ? __pfx_read_tsc+0x10/0x10 [ 12.941935] krealloc_less_oob+0x1c/0x30 [ 12.941972] kunit_try_run_case+0x1a5/0x480 [ 12.942011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.942075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.942142] ? __kthread_parkme+0x82/0x180 [ 12.942182] ? preempt_count_sub+0x50/0x80 [ 12.942224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.942309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.942329] kthread+0x337/0x6f0 [ 12.942347] ? trace_preempt_on+0x20/0xc0 [ 12.942369] ? __pfx_kthread+0x10/0x10 [ 12.942387] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.942405] ? calculate_sigpending+0x7b/0xa0 [ 12.942425] ? __pfx_kthread+0x10/0x10 [ 12.942443] ret_from_fork+0x116/0x1d0 [ 12.942460] ? __pfx_kthread+0x10/0x10 [ 12.942477] ret_from_fork_asm+0x1a/0x30 [ 12.942519] </TASK> [ 12.942539] [ 12.954463] Allocated by task 176: [ 12.954893] kasan_save_stack+0x45/0x70 [ 12.955212] kasan_save_track+0x18/0x40 [ 12.955380] kasan_save_alloc_info+0x3b/0x50 [ 12.955805] __kasan_krealloc+0x190/0x1f0 [ 12.956155] krealloc_noprof+0xf3/0x340 [ 12.956449] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.957176] krealloc_less_oob+0x1c/0x30 [ 12.957538] kunit_try_run_case+0x1a5/0x480 [ 12.957864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.958068] kthread+0x337/0x6f0 [ 12.958348] ret_from_fork+0x116/0x1d0 [ 12.958654] ret_from_fork_asm+0x1a/0x30 [ 12.958999] [ 12.959201] The buggy address belongs to the object at ffff888100aa5800 [ 12.959201] which belongs to the cache kmalloc-256 of size 256 [ 12.959891] The buggy address is located 17 bytes to the right of [ 12.959891] allocated 201-byte region [ffff888100aa5800, ffff888100aa58c9) [ 12.960960] [ 12.961130] The buggy address belongs to the physical page: [ 12.961331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa4 [ 12.962015] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.962348] flags: 0x200000000000040(head|node=0|zone=2) [ 12.962819] page_type: f5(slab) [ 12.963076] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.963720] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.964020] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.964898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.965395] head: 0200000000000001 ffffea000402a901 00000000ffffffff 00000000ffffffff [ 12.965738] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.966007] page dumped because: kasan: bad access detected [ 12.966603] [ 12.966744] Memory state around the buggy address: [ 12.967027] ffff888100aa5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.967406] ffff888100aa5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.967818] >ffff888100aa5880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.968218] ^ [ 12.969043] ffff888100aa5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969353] ffff888100aa5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969886] ================================================================== [ 13.099910] ================================================================== [ 13.100362] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.101379] Write of size 1 at addr ffff888102b320c9 by task kunit_try_catch/180 [ 13.102330] [ 13.102528] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.102607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.102645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.102683] Call Trace: [ 13.102708] <TASK> [ 13.102734] dump_stack_lvl+0x73/0xb0 [ 13.102789] print_report+0xd1/0x650 [ 13.102828] ? __virt_addr_valid+0x1db/0x2d0 [ 13.102869] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.102902] ? kasan_addr_to_slab+0x11/0xa0 [ 13.102929] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.102967] kasan_report+0x141/0x180 [ 13.103004] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.103050] __asan_report_store1_noabort+0x1b/0x30 [ 13.103085] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.103138] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.103176] ? finish_task_switch.isra.0+0x153/0x700 [ 13.103217] ? __switch_to+0x47/0xf50 [ 13.103266] ? __schedule+0x10cc/0x2b60 [ 13.103307] ? __pfx_read_tsc+0x10/0x10 [ 13.103337] krealloc_large_less_oob+0x1c/0x30 [ 13.103357] kunit_try_run_case+0x1a5/0x480 [ 13.103380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.103419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.103439] ? __kthread_parkme+0x82/0x180 [ 13.103457] ? preempt_count_sub+0x50/0x80 [ 13.103477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.103562] kthread+0x337/0x6f0 [ 13.103587] ? trace_preempt_on+0x20/0xc0 [ 13.103635] ? __pfx_kthread+0x10/0x10 [ 13.103666] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.103693] ? calculate_sigpending+0x7b/0xa0 [ 13.103725] ? __pfx_kthread+0x10/0x10 [ 13.103754] ret_from_fork+0x116/0x1d0 [ 13.103779] ? __pfx_kthread+0x10/0x10 [ 13.103806] ret_from_fork_asm+0x1a/0x30 [ 13.103852] </TASK> [ 13.103871] [ 13.115194] The buggy address belongs to the physical page: [ 13.115868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 13.116796] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.117323] flags: 0x200000000000040(head|node=0|zone=2) [ 13.117542] page_type: f8(unknown) [ 13.117710] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.117945] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.118165] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.118381] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.119787] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 13.120743] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.121241] page dumped because: kasan: bad access detected [ 13.121829] [ 13.121997] Memory state around the buggy address: [ 13.122731] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.123247] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.123475] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.124064] ^ [ 13.125223] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.125476] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.126375] ================================================================== [ 13.206062] ================================================================== [ 13.206580] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.206960] Write of size 1 at addr ffff888102b320eb by task kunit_try_catch/180 [ 13.207238] [ 13.207359] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.207436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.207459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.207484] Call Trace: [ 13.207502] <TASK> [ 13.207521] dump_stack_lvl+0x73/0xb0 [ 13.207554] print_report+0xd1/0x650 [ 13.207578] ? __virt_addr_valid+0x1db/0x2d0 [ 13.207603] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.208188] ? kasan_addr_to_slab+0x11/0xa0 [ 13.208233] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.208275] kasan_report+0x141/0x180 [ 13.208318] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.208372] __asan_report_store1_noabort+0x1b/0x30 [ 13.208416] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.208464] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.208916] ? finish_task_switch.isra.0+0x153/0x700 [ 13.208965] ? __switch_to+0x47/0xf50 [ 13.208990] ? __schedule+0x10cc/0x2b60 [ 13.209010] ? __pfx_read_tsc+0x10/0x10 [ 13.209031] krealloc_large_less_oob+0x1c/0x30 [ 13.209053] kunit_try_run_case+0x1a5/0x480 [ 13.209074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.209092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.209134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.209154] ? __kthread_parkme+0x82/0x180 [ 13.209171] ? preempt_count_sub+0x50/0x80 [ 13.209191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.209211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.209230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.209250] kthread+0x337/0x6f0 [ 13.209267] ? trace_preempt_on+0x20/0xc0 [ 13.209287] ? __pfx_kthread+0x10/0x10 [ 13.209305] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.209323] ? calculate_sigpending+0x7b/0xa0 [ 13.209343] ? __pfx_kthread+0x10/0x10 [ 13.209361] ret_from_fork+0x116/0x1d0 [ 13.209378] ? __pfx_kthread+0x10/0x10 [ 13.209395] ret_from_fork_asm+0x1a/0x30 [ 13.209423] </TASK> [ 13.209434] [ 13.221015] The buggy address belongs to the physical page: [ 13.221353] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 13.222343] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.222929] flags: 0x200000000000040(head|node=0|zone=2) [ 13.223164] page_type: f8(unknown) [ 13.223459] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.224098] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.224492] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.225093] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.225492] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 13.226274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.226614] page dumped because: kasan: bad access detected [ 13.227247] [ 13.227406] Memory state around the buggy address: [ 13.227700] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.228308] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.228536] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.229258] ^ [ 13.230070] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.230307] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.230935] ================================================================== [ 12.971730] ================================================================== [ 12.972181] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.972903] Write of size 1 at addr ffff888100aa58ea by task kunit_try_catch/176 [ 12.973148] [ 12.973287] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.973370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.973393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.973422] Call Trace: [ 12.973442] <TASK> [ 12.973462] dump_stack_lvl+0x73/0xb0 [ 12.973494] print_report+0xd1/0x650 [ 12.973514] ? __virt_addr_valid+0x1db/0x2d0 [ 12.973533] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.973557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.973590] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.973611] kasan_report+0x141/0x180 [ 12.973656] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.973693] __asan_report_store1_noabort+0x1b/0x30 [ 12.973724] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.973760] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.973790] ? finish_task_switch.isra.0+0x153/0x700 [ 12.973820] ? __switch_to+0x47/0xf50 [ 12.973855] ? __schedule+0x10cc/0x2b60 [ 12.973883] ? __pfx_read_tsc+0x10/0x10 [ 12.973925] krealloc_less_oob+0x1c/0x30 [ 12.973957] kunit_try_run_case+0x1a5/0x480 [ 12.973990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.974014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.974036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.974055] ? __kthread_parkme+0x82/0x180 [ 12.974073] ? preempt_count_sub+0x50/0x80 [ 12.974092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.974150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.974194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.974228] kthread+0x337/0x6f0 [ 12.974259] ? trace_preempt_on+0x20/0xc0 [ 12.974299] ? __pfx_kthread+0x10/0x10 [ 12.974336] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.974374] ? calculate_sigpending+0x7b/0xa0 [ 12.974417] ? __pfx_kthread+0x10/0x10 [ 12.974455] ret_from_fork+0x116/0x1d0 [ 12.974488] ? __pfx_kthread+0x10/0x10 [ 12.974539] ret_from_fork_asm+0x1a/0x30 [ 12.974600] </TASK> [ 12.974639] [ 12.986657] Allocated by task 176: [ 12.987462] kasan_save_stack+0x45/0x70 [ 12.987851] kasan_save_track+0x18/0x40 [ 12.987966] kasan_save_alloc_info+0x3b/0x50 [ 12.988058] __kasan_krealloc+0x190/0x1f0 [ 12.988274] krealloc_noprof+0xf3/0x340 [ 12.988660] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.989272] krealloc_less_oob+0x1c/0x30 [ 12.989754] kunit_try_run_case+0x1a5/0x480 [ 12.989951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.990414] kthread+0x337/0x6f0 [ 12.991082] ret_from_fork+0x116/0x1d0 [ 12.991447] ret_from_fork_asm+0x1a/0x30 [ 12.991840] [ 12.992080] The buggy address belongs to the object at ffff888100aa5800 [ 12.992080] which belongs to the cache kmalloc-256 of size 256 [ 12.992827] The buggy address is located 33 bytes to the right of [ 12.992827] allocated 201-byte region [ffff888100aa5800, ffff888100aa58c9) [ 12.993506] [ 12.993768] The buggy address belongs to the physical page: [ 12.994354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa4 [ 12.994866] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.995533] flags: 0x200000000000040(head|node=0|zone=2) [ 12.996285] page_type: f5(slab) [ 12.996483] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.996824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.997681] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.998130] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.998693] head: 0200000000000001 ffffea000402a901 00000000ffffffff 00000000ffffffff [ 12.999052] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.999493] page dumped because: kasan: bad access detected [ 12.999981] [ 13.000139] Memory state around the buggy address: [ 13.000568] ffff888100aa5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.000907] ffff888100aa5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.001358] >ffff888100aa5880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.002376] ^ [ 13.002674] ffff888100aa5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.003667] ffff888100aa5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.004179] ================================================================== [ 13.126823] ================================================================== [ 13.127425] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.128098] Write of size 1 at addr ffff888102b320d0 by task kunit_try_catch/180 [ 13.128471] [ 13.129154] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.129247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.129271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.129308] Call Trace: [ 13.129335] <TASK> [ 13.129362] dump_stack_lvl+0x73/0xb0 [ 13.129424] print_report+0xd1/0x650 [ 13.129463] ? __virt_addr_valid+0x1db/0x2d0 [ 13.129670] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.129715] ? kasan_addr_to_slab+0x11/0xa0 [ 13.129747] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.129784] kasan_report+0x141/0x180 [ 13.129821] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.129864] __asan_report_store1_noabort+0x1b/0x30 [ 13.129922] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.129983] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.130021] ? finish_task_switch.isra.0+0x153/0x700 [ 13.130060] ? __switch_to+0x47/0xf50 [ 13.130131] ? __schedule+0x10cc/0x2b60 [ 13.130172] ? __pfx_read_tsc+0x10/0x10 [ 13.130230] krealloc_large_less_oob+0x1c/0x30 [ 13.130270] kunit_try_run_case+0x1a5/0x480 [ 13.130293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.130312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.130333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.130353] ? __kthread_parkme+0x82/0x180 [ 13.130371] ? preempt_count_sub+0x50/0x80 [ 13.130391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.130410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.130430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.130449] kthread+0x337/0x6f0 [ 13.130466] ? trace_preempt_on+0x20/0xc0 [ 13.130487] ? __pfx_kthread+0x10/0x10 [ 13.130544] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.130585] ? calculate_sigpending+0x7b/0xa0 [ 13.130632] ? __pfx_kthread+0x10/0x10 [ 13.130664] ret_from_fork+0x116/0x1d0 [ 13.130691] ? __pfx_kthread+0x10/0x10 [ 13.130709] ret_from_fork_asm+0x1a/0x30 [ 13.130736] </TASK> [ 13.130748] [ 13.142990] The buggy address belongs to the physical page: [ 13.143401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 13.143873] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.144396] flags: 0x200000000000040(head|node=0|zone=2) [ 13.145159] page_type: f8(unknown) [ 13.145334] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.145980] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.146442] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.147141] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.147695] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 13.148173] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.148923] page dumped because: kasan: bad access detected [ 13.149265] [ 13.149411] Memory state around the buggy address: [ 13.149735] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.150190] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.150877] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.151343] ^ [ 13.151872] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.152475] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.153374] ================================================================== [ 12.871297] ================================================================== [ 12.872556] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.872912] Write of size 1 at addr ffff888100aa58c9 by task kunit_try_catch/176 [ 12.873816] [ 12.873979] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.874054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.874076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.874109] Call Trace: [ 12.874552] <TASK> [ 12.874602] dump_stack_lvl+0x73/0xb0 [ 12.874679] print_report+0xd1/0x650 [ 12.874713] ? __virt_addr_valid+0x1db/0x2d0 [ 12.874746] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.874768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.874789] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.874809] kasan_report+0x141/0x180 [ 12.874828] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.874853] __asan_report_store1_noabort+0x1b/0x30 [ 12.874873] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.874895] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.874915] ? finish_task_switch.isra.0+0x153/0x700 [ 12.874935] ? __switch_to+0x47/0xf50 [ 12.874958] ? __schedule+0x10cc/0x2b60 [ 12.874978] ? __pfx_read_tsc+0x10/0x10 [ 12.874999] krealloc_less_oob+0x1c/0x30 [ 12.875017] kunit_try_run_case+0x1a5/0x480 [ 12.875039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.875057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.875077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.875096] ? __kthread_parkme+0x82/0x180 [ 12.875123] ? preempt_count_sub+0x50/0x80 [ 12.875145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.875164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.875183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.875202] kthread+0x337/0x6f0 [ 12.875219] ? trace_preempt_on+0x20/0xc0 [ 12.875240] ? __pfx_kthread+0x10/0x10 [ 12.875258] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.875275] ? calculate_sigpending+0x7b/0xa0 [ 12.875297] ? __pfx_kthread+0x10/0x10 [ 12.875315] ret_from_fork+0x116/0x1d0 [ 12.875331] ? __pfx_kthread+0x10/0x10 [ 12.875349] ret_from_fork_asm+0x1a/0x30 [ 12.875376] </TASK> [ 12.875387] [ 12.886256] Allocated by task 176: [ 12.886727] kasan_save_stack+0x45/0x70 [ 12.887037] kasan_save_track+0x18/0x40 [ 12.887261] kasan_save_alloc_info+0x3b/0x50 [ 12.887423] __kasan_krealloc+0x190/0x1f0 [ 12.888352] krealloc_noprof+0xf3/0x340 [ 12.888659] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.889114] krealloc_less_oob+0x1c/0x30 [ 12.889298] kunit_try_run_case+0x1a5/0x480 [ 12.889788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.890257] kthread+0x337/0x6f0 [ 12.890690] ret_from_fork+0x116/0x1d0 [ 12.890937] ret_from_fork_asm+0x1a/0x30 [ 12.891088] [ 12.891488] The buggy address belongs to the object at ffff888100aa5800 [ 12.891488] which belongs to the cache kmalloc-256 of size 256 [ 12.891824] The buggy address is located 0 bytes to the right of [ 12.891824] allocated 201-byte region [ffff888100aa5800, ffff888100aa58c9) [ 12.892805] [ 12.893009] The buggy address belongs to the physical page: [ 12.893843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aa4 [ 12.894188] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.895071] flags: 0x200000000000040(head|node=0|zone=2) [ 12.895348] page_type: f5(slab) [ 12.895487] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.896114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.896420] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.897584] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.897953] head: 0200000000000001 ffffea000402a901 00000000ffffffff 00000000ffffffff [ 12.898953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.899286] page dumped because: kasan: bad access detected [ 12.899812] [ 12.899928] Memory state around the buggy address: [ 12.900137] ffff888100aa5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.900855] ffff888100aa5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.901145] >ffff888100aa5880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.901696] ^ [ 12.902031] ffff888100aa5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.902770] ffff888100aa5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.903388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.809959] ================================================================== [ 12.810419] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.811148] Write of size 1 at addr ffff88810034cceb by task kunit_try_catch/174 [ 12.811579] [ 12.811774] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.811860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.811881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.811915] Call Trace: [ 12.811940] <TASK> [ 12.811963] dump_stack_lvl+0x73/0xb0 [ 12.812015] print_report+0xd1/0x650 [ 12.812052] ? __virt_addr_valid+0x1db/0x2d0 [ 12.812090] ? krealloc_more_oob_helper+0x821/0x930 [ 12.812127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.812167] ? krealloc_more_oob_helper+0x821/0x930 [ 12.812202] kasan_report+0x141/0x180 [ 12.812287] ? krealloc_more_oob_helper+0x821/0x930 [ 12.812342] __asan_report_store1_noabort+0x1b/0x30 [ 12.812384] krealloc_more_oob_helper+0x821/0x930 [ 12.812425] ? __schedule+0x10cc/0x2b60 [ 12.812461] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.812496] ? finish_task_switch.isra.0+0x153/0x700 [ 12.812528] ? __switch_to+0x47/0xf50 [ 12.812570] ? __schedule+0x10cc/0x2b60 [ 12.812606] ? __pfx_read_tsc+0x10/0x10 [ 12.812691] krealloc_more_oob+0x1c/0x30 [ 12.812731] kunit_try_run_case+0x1a5/0x480 [ 12.812782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.812851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.812888] ? __kthread_parkme+0x82/0x180 [ 12.812923] ? preempt_count_sub+0x50/0x80 [ 12.812966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.813007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.813029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.813050] kthread+0x337/0x6f0 [ 12.813068] ? trace_preempt_on+0x20/0xc0 [ 12.813089] ? __pfx_kthread+0x10/0x10 [ 12.813113] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.813138] ? calculate_sigpending+0x7b/0xa0 [ 12.813160] ? __pfx_kthread+0x10/0x10 [ 12.813179] ret_from_fork+0x116/0x1d0 [ 12.813196] ? __pfx_kthread+0x10/0x10 [ 12.813214] ret_from_fork_asm+0x1a/0x30 [ 12.813243] </TASK> [ 12.813254] [ 12.825088] Allocated by task 174: [ 12.825546] kasan_save_stack+0x45/0x70 [ 12.825758] kasan_save_track+0x18/0x40 [ 12.825947] kasan_save_alloc_info+0x3b/0x50 [ 12.826505] __kasan_krealloc+0x190/0x1f0 [ 12.826878] krealloc_noprof+0xf3/0x340 [ 12.827145] krealloc_more_oob_helper+0x1a9/0x930 [ 12.827400] krealloc_more_oob+0x1c/0x30 [ 12.827672] kunit_try_run_case+0x1a5/0x480 [ 12.827896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.828199] kthread+0x337/0x6f0 [ 12.828475] ret_from_fork+0x116/0x1d0 [ 12.829022] ret_from_fork_asm+0x1a/0x30 [ 12.829416] [ 12.829675] The buggy address belongs to the object at ffff88810034cc00 [ 12.829675] which belongs to the cache kmalloc-256 of size 256 [ 12.830393] The buggy address is located 0 bytes to the right of [ 12.830393] allocated 235-byte region [ffff88810034cc00, ffff88810034cceb) [ 12.830959] [ 12.831142] The buggy address belongs to the physical page: [ 12.831531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c [ 12.831926] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.832257] flags: 0x200000000000040(head|node=0|zone=2) [ 12.832640] page_type: f5(slab) [ 12.832899] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.833288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.833538] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.833904] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.834423] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff [ 12.834824] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.835190] page dumped because: kasan: bad access detected [ 12.835430] [ 12.835571] Memory state around the buggy address: [ 12.835822] ffff88810034cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.836167] ffff88810034cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.836549] >ffff88810034cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.836991] ^ [ 12.837311] ffff88810034cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.837770] ffff88810034cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.838042] ================================================================== [ 13.037058] ================================================================== [ 13.037510] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.038032] Write of size 1 at addr ffff88810263e0eb by task kunit_try_catch/178 [ 13.038231] [ 13.038423] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.038501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.038522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.038561] Call Trace: [ 13.038587] <TASK> [ 13.038634] dump_stack_lvl+0x73/0xb0 [ 13.038697] print_report+0xd1/0x650 [ 13.038739] ? __virt_addr_valid+0x1db/0x2d0 [ 13.039388] ? krealloc_more_oob_helper+0x821/0x930 [ 13.039470] ? kasan_addr_to_slab+0x11/0xa0 [ 13.039503] ? krealloc_more_oob_helper+0x821/0x930 [ 13.039536] kasan_report+0x141/0x180 [ 13.039569] ? krealloc_more_oob_helper+0x821/0x930 [ 13.039636] __asan_report_store1_noabort+0x1b/0x30 [ 13.039679] krealloc_more_oob_helper+0x821/0x930 [ 13.039845] ? __schedule+0x10cc/0x2b60 [ 13.039873] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.039896] ? finish_task_switch.isra.0+0x153/0x700 [ 13.039918] ? __switch_to+0x47/0xf50 [ 13.039944] ? __schedule+0x10cc/0x2b60 [ 13.039962] ? __pfx_read_tsc+0x10/0x10 [ 13.039985] krealloc_large_more_oob+0x1c/0x30 [ 13.040006] kunit_try_run_case+0x1a5/0x480 [ 13.040029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.040049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.040071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.040090] ? __kthread_parkme+0x82/0x180 [ 13.040113] ? preempt_count_sub+0x50/0x80 [ 13.040154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.040187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.040246] kthread+0x337/0x6f0 [ 13.040273] ? trace_preempt_on+0x20/0xc0 [ 13.040306] ? __pfx_kthread+0x10/0x10 [ 13.040334] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.040362] ? calculate_sigpending+0x7b/0xa0 [ 13.040396] ? __pfx_kthread+0x10/0x10 [ 13.040428] ret_from_fork+0x116/0x1d0 [ 13.040454] ? __pfx_kthread+0x10/0x10 [ 13.040484] ret_from_fork_asm+0x1a/0x30 [ 13.040531] </TASK> [ 13.040551] [ 13.054281] The buggy address belongs to the physical page: [ 13.054689] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10263c [ 13.055507] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.056113] flags: 0x200000000000040(head|node=0|zone=2) [ 13.056309] page_type: f8(unknown) [ 13.056636] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.057258] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.057563] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.057787] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.059946] head: 0200000000000002 ffffea0004098f01 00000000ffffffff 00000000ffffffff [ 13.060480] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.060992] page dumped because: kasan: bad access detected [ 13.061498] [ 13.061676] Memory state around the buggy address: [ 13.062839] ffff88810263df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.064917] ffff88810263e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.065363] >ffff88810263e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.065593] ^ [ 13.066029] ffff88810263e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.066584] ffff88810263e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.066870] ================================================================== [ 12.841012] ================================================================== [ 12.841407] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.841755] Write of size 1 at addr ffff88810034ccf0 by task kunit_try_catch/174 [ 12.842212] [ 12.842337] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.842407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.842426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.842456] Call Trace: [ 12.842478] <TASK> [ 12.842503] dump_stack_lvl+0x73/0xb0 [ 12.842557] print_report+0xd1/0x650 [ 12.842594] ? __virt_addr_valid+0x1db/0x2d0 [ 12.842644] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.842686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.842730] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.842772] kasan_report+0x141/0x180 [ 12.842806] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.842847] __asan_report_store1_noabort+0x1b/0x30 [ 12.842884] krealloc_more_oob_helper+0x7eb/0x930 [ 12.842918] ? __schedule+0x10cc/0x2b60 [ 12.842958] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.842999] ? finish_task_switch.isra.0+0x153/0x700 [ 12.843037] ? __switch_to+0x47/0xf50 [ 12.843079] ? __schedule+0x10cc/0x2b60 [ 12.843148] ? __pfx_read_tsc+0x10/0x10 [ 12.843190] krealloc_more_oob+0x1c/0x30 [ 12.843229] kunit_try_run_case+0x1a5/0x480 [ 12.843268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.843302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.843337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.843375] ? __kthread_parkme+0x82/0x180 [ 12.843408] ? preempt_count_sub+0x50/0x80 [ 12.843449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.843484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.843505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.843526] kthread+0x337/0x6f0 [ 12.843544] ? trace_preempt_on+0x20/0xc0 [ 12.843565] ? __pfx_kthread+0x10/0x10 [ 12.843584] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.843602] ? calculate_sigpending+0x7b/0xa0 [ 12.843641] ? __pfx_kthread+0x10/0x10 [ 12.843662] ret_from_fork+0x116/0x1d0 [ 12.843680] ? __pfx_kthread+0x10/0x10 [ 12.843698] ret_from_fork_asm+0x1a/0x30 [ 12.843726] </TASK> [ 12.843738] [ 12.851837] Allocated by task 174: [ 12.852005] kasan_save_stack+0x45/0x70 [ 12.852297] kasan_save_track+0x18/0x40 [ 12.852556] kasan_save_alloc_info+0x3b/0x50 [ 12.852862] __kasan_krealloc+0x190/0x1f0 [ 12.853147] krealloc_noprof+0xf3/0x340 [ 12.853373] krealloc_more_oob_helper+0x1a9/0x930 [ 12.853562] krealloc_more_oob+0x1c/0x30 [ 12.853751] kunit_try_run_case+0x1a5/0x480 [ 12.854046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.854418] kthread+0x337/0x6f0 [ 12.854667] ret_from_fork+0x116/0x1d0 [ 12.854949] ret_from_fork_asm+0x1a/0x30 [ 12.855266] [ 12.855424] The buggy address belongs to the object at ffff88810034cc00 [ 12.855424] which belongs to the cache kmalloc-256 of size 256 [ 12.855943] The buggy address is located 5 bytes to the right of [ 12.855943] allocated 235-byte region [ffff88810034cc00, ffff88810034cceb) [ 12.856658] [ 12.856788] The buggy address belongs to the physical page: [ 12.857007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034c [ 12.857298] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.857540] flags: 0x200000000000040(head|node=0|zone=2) [ 12.857919] page_type: f5(slab) [ 12.858232] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.858720] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.860279] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.860774] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.861076] head: 0200000000000001 ffffea000400d301 00000000ffffffff 00000000ffffffff [ 12.862507] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.862800] page dumped because: kasan: bad access detected [ 12.862995] [ 12.863092] Memory state around the buggy address: [ 12.863585] ffff88810034cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.864441] ffff88810034cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.864907] >ffff88810034cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.865178] ^ [ 12.865609] ffff88810034cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.865968] ffff88810034cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.866218] ================================================================== [ 13.067557] ================================================================== [ 13.068499] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.068940] Write of size 1 at addr ffff88810263e0f0 by task kunit_try_catch/178 [ 13.069279] [ 13.069403] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.069473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.069489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.069521] Call Trace: [ 13.069545] <TASK> [ 13.069572] dump_stack_lvl+0x73/0xb0 [ 13.069613] print_report+0xd1/0x650 [ 13.071552] ? __virt_addr_valid+0x1db/0x2d0 [ 13.071665] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.071706] ? kasan_addr_to_slab+0x11/0xa0 [ 13.071739] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.071774] kasan_report+0x141/0x180 [ 13.071811] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.071856] __asan_report_store1_noabort+0x1b/0x30 [ 13.071896] krealloc_more_oob_helper+0x7eb/0x930 [ 13.071932] ? __schedule+0x10cc/0x2b60 [ 13.071969] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.072005] ? finish_task_switch.isra.0+0x153/0x700 [ 13.072041] ? __switch_to+0x47/0xf50 [ 13.072082] ? __schedule+0x10cc/0x2b60 [ 13.072400] ? __pfx_read_tsc+0x10/0x10 [ 13.072458] krealloc_large_more_oob+0x1c/0x30 [ 13.072530] kunit_try_run_case+0x1a5/0x480 [ 13.072568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.072598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.072662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.072690] ? __kthread_parkme+0x82/0x180 [ 13.072721] ? preempt_count_sub+0x50/0x80 [ 13.072758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.072790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.072828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.072862] kthread+0x337/0x6f0 [ 13.072892] ? trace_preempt_on+0x20/0xc0 [ 13.072928] ? __pfx_kthread+0x10/0x10 [ 13.072950] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.072968] ? calculate_sigpending+0x7b/0xa0 [ 13.072990] ? __pfx_kthread+0x10/0x10 [ 13.073009] ret_from_fork+0x116/0x1d0 [ 13.073026] ? __pfx_kthread+0x10/0x10 [ 13.073061] ret_from_fork_asm+0x1a/0x30 [ 13.073139] </TASK> [ 13.073161] [ 13.084458] The buggy address belongs to the physical page: [ 13.085301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10263c [ 13.085987] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.086410] flags: 0x200000000000040(head|node=0|zone=2) [ 13.086879] page_type: f8(unknown) [ 13.087172] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.087436] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.088131] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.088952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.089350] head: 0200000000000002 ffffea0004098f01 00000000ffffffff 00000000ffffffff [ 13.089945] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.090351] page dumped because: kasan: bad access detected [ 13.090836] [ 13.091004] Memory state around the buggy address: [ 13.091246] ffff88810263df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.091847] ffff88810263e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.092408] >ffff88810263e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.093219] ^ [ 13.093425] ffff88810263e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.093942] ffff88810263e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.094495] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.427420] ================================================================== [ 12.428446] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.429281] Write of size 1 at addr ffff88810254d173 by task kunit_try_catch/154 [ 12.429516] [ 12.431222] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.431936] Tainted: [N]=TEST [ 12.431987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.432244] Call Trace: [ 12.432331] <TASK> [ 12.432485] dump_stack_lvl+0x73/0xb0 [ 12.432664] print_report+0xd1/0x650 [ 12.432696] ? __virt_addr_valid+0x1db/0x2d0 [ 12.432721] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.432761] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432779] kasan_report+0x141/0x180 [ 12.432798] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.432822] __asan_report_store1_noabort+0x1b/0x30 [ 12.432843] kmalloc_oob_right+0x6f0/0x7f0 [ 12.432862] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.432881] ? __schedule+0x10cc/0x2b60 [ 12.432901] ? __pfx_read_tsc+0x10/0x10 [ 12.432920] ? ktime_get_ts64+0x86/0x230 [ 12.432944] kunit_try_run_case+0x1a5/0x480 [ 12.432967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.432985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.433007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.433026] ? __kthread_parkme+0x82/0x180 [ 12.433046] ? preempt_count_sub+0x50/0x80 [ 12.433068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.433128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.433150] kthread+0x337/0x6f0 [ 12.433168] ? trace_preempt_on+0x20/0xc0 [ 12.433189] ? __pfx_kthread+0x10/0x10 [ 12.433207] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.433225] ? calculate_sigpending+0x7b/0xa0 [ 12.433248] ? __pfx_kthread+0x10/0x10 [ 12.433266] ret_from_fork+0x116/0x1d0 [ 12.433283] ? __pfx_kthread+0x10/0x10 [ 12.433301] ret_from_fork_asm+0x1a/0x30 [ 12.433354] </TASK> [ 12.433423] [ 12.445421] Allocated by task 154: [ 12.446275] kasan_save_stack+0x45/0x70 [ 12.446922] kasan_save_track+0x18/0x40 [ 12.447301] kasan_save_alloc_info+0x3b/0x50 [ 12.447672] __kasan_kmalloc+0xb7/0xc0 [ 12.448049] __kmalloc_cache_noprof+0x189/0x420 [ 12.448686] kmalloc_oob_right+0xa9/0x7f0 [ 12.449072] kunit_try_run_case+0x1a5/0x480 [ 12.449339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.449909] kthread+0x337/0x6f0 [ 12.450188] ret_from_fork+0x116/0x1d0 [ 12.450454] ret_from_fork_asm+0x1a/0x30 [ 12.451023] [ 12.451333] The buggy address belongs to the object at ffff88810254d100 [ 12.451333] which belongs to the cache kmalloc-128 of size 128 [ 12.452943] The buggy address is located 0 bytes to the right of [ 12.452943] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.453863] [ 12.454211] The buggy address belongs to the physical page: [ 12.455157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.455965] flags: 0x200000000000000(node=0|zone=2) [ 12.456994] page_type: f5(slab) [ 12.457763] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.458337] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.458762] page dumped because: kasan: bad access detected [ 12.459185] [ 12.459392] Memory state around the buggy address: [ 12.460006] ffff88810254d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.460573] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.460908] >ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.461494] ^ [ 12.462002] ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.462352] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.462860] ================================================================== [ 12.493003] ================================================================== [ 12.493379] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.494066] Read of size 1 at addr ffff88810254d180 by task kunit_try_catch/154 [ 12.494765] [ 12.494953] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.495033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.495054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.495090] Call Trace: [ 12.495166] <TASK> [ 12.495200] dump_stack_lvl+0x73/0xb0 [ 12.495255] print_report+0xd1/0x650 [ 12.495293] ? __virt_addr_valid+0x1db/0x2d0 [ 12.495331] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.495422] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495454] kasan_report+0x141/0x180 [ 12.495492] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.495971] __asan_report_load1_noabort+0x18/0x20 [ 12.496018] kmalloc_oob_right+0x68a/0x7f0 [ 12.496058] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.496100] ? __schedule+0x10cc/0x2b60 [ 12.496160] ? __pfx_read_tsc+0x10/0x10 [ 12.496181] ? ktime_get_ts64+0x86/0x230 [ 12.496206] kunit_try_run_case+0x1a5/0x480 [ 12.496228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.496247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.496268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.496287] ? __kthread_parkme+0x82/0x180 [ 12.496305] ? preempt_count_sub+0x50/0x80 [ 12.496326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.496346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.496365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.496384] kthread+0x337/0x6f0 [ 12.496402] ? trace_preempt_on+0x20/0xc0 [ 12.496423] ? __pfx_kthread+0x10/0x10 [ 12.496441] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.496458] ? calculate_sigpending+0x7b/0xa0 [ 12.496479] ? __pfx_kthread+0x10/0x10 [ 12.496506] ret_from_fork+0x116/0x1d0 [ 12.496535] ? __pfx_kthread+0x10/0x10 [ 12.496563] ret_from_fork_asm+0x1a/0x30 [ 12.496604] </TASK> [ 12.496635] [ 12.507585] Allocated by task 154: [ 12.507801] kasan_save_stack+0x45/0x70 [ 12.508116] kasan_save_track+0x18/0x40 [ 12.508308] kasan_save_alloc_info+0x3b/0x50 [ 12.508599] __kasan_kmalloc+0xb7/0xc0 [ 12.509096] __kmalloc_cache_noprof+0x189/0x420 [ 12.509304] kmalloc_oob_right+0xa9/0x7f0 [ 12.510271] kunit_try_run_case+0x1a5/0x480 [ 12.510770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.511091] kthread+0x337/0x6f0 [ 12.511325] ret_from_fork+0x116/0x1d0 [ 12.511827] ret_from_fork_asm+0x1a/0x30 [ 12.512209] [ 12.512392] The buggy address belongs to the object at ffff88810254d100 [ 12.512392] which belongs to the cache kmalloc-128 of size 128 [ 12.514018] The buggy address is located 13 bytes to the right of [ 12.514018] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.514655] [ 12.514988] The buggy address belongs to the physical page: [ 12.515867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.516437] flags: 0x200000000000000(node=0|zone=2) [ 12.516843] page_type: f5(slab) [ 12.517417] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.518153] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.519063] page dumped because: kasan: bad access detected [ 12.519690] [ 12.519971] Memory state around the buggy address: [ 12.520195] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.520753] ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.521322] >ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521532] ^ [ 12.521960] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522372] ffff88810254d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522707] ================================================================== [ 12.464785] ================================================================== [ 12.465171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.465635] Write of size 1 at addr ffff88810254d178 by task kunit_try_catch/154 [ 12.465989] [ 12.466222] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.466298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.466320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.466355] Call Trace: [ 12.466376] <TASK> [ 12.466407] dump_stack_lvl+0x73/0xb0 [ 12.466456] print_report+0xd1/0x650 [ 12.466486] ? __virt_addr_valid+0x1db/0x2d0 [ 12.466517] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.466576] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466605] kasan_report+0x141/0x180 [ 12.466658] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.466701] __asan_report_store1_noabort+0x1b/0x30 [ 12.466737] kmalloc_oob_right+0x6bd/0x7f0 [ 12.466767] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.466829] ? __schedule+0x10cc/0x2b60 [ 12.466878] ? __pfx_read_tsc+0x10/0x10 [ 12.466913] ? ktime_get_ts64+0x86/0x230 [ 12.466957] kunit_try_run_case+0x1a5/0x480 [ 12.467001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.467080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.467148] ? __kthread_parkme+0x82/0x180 [ 12.467188] ? preempt_count_sub+0x50/0x80 [ 12.467227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.467334] kthread+0x337/0x6f0 [ 12.467366] ? trace_preempt_on+0x20/0xc0 [ 12.467412] ? __pfx_kthread+0x10/0x10 [ 12.467449] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.467503] ? calculate_sigpending+0x7b/0xa0 [ 12.467546] ? __pfx_kthread+0x10/0x10 [ 12.467585] ret_from_fork+0x116/0x1d0 [ 12.467632] ? __pfx_kthread+0x10/0x10 [ 12.467672] ret_from_fork_asm+0x1a/0x30 [ 12.467733] </TASK> [ 12.467757] [ 12.476264] Allocated by task 154: [ 12.476588] kasan_save_stack+0x45/0x70 [ 12.476844] kasan_save_track+0x18/0x40 [ 12.477009] kasan_save_alloc_info+0x3b/0x50 [ 12.477305] __kasan_kmalloc+0xb7/0xc0 [ 12.478926] __kmalloc_cache_noprof+0x189/0x420 [ 12.479460] kmalloc_oob_right+0xa9/0x7f0 [ 12.480684] kunit_try_run_case+0x1a5/0x480 [ 12.480953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.481857] kthread+0x337/0x6f0 [ 12.482326] ret_from_fork+0x116/0x1d0 [ 12.482475] ret_from_fork_asm+0x1a/0x30 [ 12.483070] [ 12.483411] The buggy address belongs to the object at ffff88810254d100 [ 12.483411] which belongs to the cache kmalloc-128 of size 128 [ 12.483812] The buggy address is located 5 bytes to the right of [ 12.483812] allocated 115-byte region [ffff88810254d100, ffff88810254d173) [ 12.484548] [ 12.484672] The buggy address belongs to the physical page: [ 12.485469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 12.486580] flags: 0x200000000000000(node=0|zone=2) [ 12.486971] page_type: f5(slab) [ 12.487494] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.487880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.488225] page dumped because: kasan: bad access detected [ 12.488750] [ 12.488875] Memory state around the buggy address: [ 12.489035] ffff88810254d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.489497] ffff88810254d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.490232] >ffff88810254d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.490520] ^ [ 12.490968] ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.491238] ffff88810254d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492089] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 145.033594] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 145.034141] Modules linked in: [ 145.034470] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 145.034975] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.035207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.036301] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 145.037157] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.037973] RSP: 0000:ffff888102847c78 EFLAGS: 00010286 [ 145.038180] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 145.038977] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa4832efc [ 145.039441] RBP: ffff888102847ca0 R08: 0000000000000000 R09: ffffed1020c41960 [ 145.039661] R10: ffff88810620cb07 R11: 0000000000000000 R12: ffffffffa4832ee8 [ 145.040210] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102847d38 [ 145.040871] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 145.041465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.042088] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 145.042431] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 145.043640] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.043950] Call Trace: [ 145.044240] <TASK> [ 145.044376] drm_test_rect_calc_vscale+0x108/0x270 [ 145.044714] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 145.045390] ? __schedule+0x10cc/0x2b60 [ 145.046106] ? __pfx_read_tsc+0x10/0x10 [ 145.046476] ? ktime_get_ts64+0x86/0x230 [ 145.047075] kunit_try_run_case+0x1a5/0x480 [ 145.047260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.047625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.048209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.048497] ? __kthread_parkme+0x82/0x180 [ 145.049042] ? preempt_count_sub+0x50/0x80 [ 145.049365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.049689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.050041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.050664] kthread+0x337/0x6f0 [ 145.051080] ? trace_preempt_on+0x20/0xc0 [ 145.051323] ? __pfx_kthread+0x10/0x10 [ 145.052134] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.052484] ? calculate_sigpending+0x7b/0xa0 [ 145.052812] ? __pfx_kthread+0x10/0x10 [ 145.053327] ret_from_fork+0x116/0x1d0 [ 145.053902] ? __pfx_kthread+0x10/0x10 [ 145.054144] ret_from_fork_asm+0x1a/0x30 [ 145.054441] </TASK> [ 145.055051] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 145.059079] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 145.059607] Modules linked in: [ 145.059900] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 145.060350] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.061379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.062258] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 145.062841] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.064099] RSP: 0000:ffff888103a0fc78 EFLAGS: 00010286 [ 145.064767] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 145.065117] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa4832f34 [ 145.065450] RBP: ffff888103a0fca0 R08: 0000000000000000 R09: ffffed1020c419a0 [ 145.066075] R10: ffff88810620cd07 R11: 0000000000000000 R12: ffffffffa4832f20 [ 145.066359] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103a0fd38 [ 145.067013] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 145.067315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.067709] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 145.068002] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 145.068323] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.068620] Call Trace: [ 145.068819] <TASK> [ 145.069030] drm_test_rect_calc_vscale+0x108/0x270 [ 145.069884] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 145.070192] ? __schedule+0x10cc/0x2b60 [ 145.070458] ? __pfx_read_tsc+0x10/0x10 [ 145.070856] ? ktime_get_ts64+0x86/0x230 [ 145.071221] kunit_try_run_case+0x1a5/0x480 [ 145.071485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.072223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.072403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.072970] ? __kthread_parkme+0x82/0x180 [ 145.073312] ? preempt_count_sub+0x50/0x80 [ 145.073801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.074206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.074724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.075202] kthread+0x337/0x6f0 [ 145.075415] ? trace_preempt_on+0x20/0xc0 [ 145.076189] ? __pfx_kthread+0x10/0x10 [ 145.076416] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.076769] ? calculate_sigpending+0x7b/0xa0 [ 145.077024] ? __pfx_kthread+0x10/0x10 [ 145.077232] ret_from_fork+0x116/0x1d0 [ 145.077492] ? __pfx_kthread+0x10/0x10 [ 145.078006] ret_from_fork_asm+0x1a/0x30 [ 145.078329] </TASK> [ 145.078742] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 144.965516] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.966663] Modules linked in: [ 144.966824] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.967013] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.968201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.968836] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.969221] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.970205] RSP: 0000:ffff888102b9fc78 EFLAGS: 00010286 [ 144.970355] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.970475] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa4832f00 [ 144.971194] RBP: ffff888102b9fca0 R08: 0000000000000000 R09: ffffed1020c62480 [ 144.971782] R10: ffff888106312407 R11: 0000000000000000 R12: ffffffffa4832ee8 [ 144.972510] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102b9fd38 [ 144.973386] FS: 0000000000000000(0000) GS:ffff8881b4874000(0000) knlGS:0000000000000000 [ 144.974185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.974454] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 144.975431] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850442 [ 144.976213] DR3: ffffffffa6850443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.976814] Call Trace: [ 144.976994] <TASK> [ 144.977181] drm_test_rect_calc_hscale+0x108/0x270 [ 144.977416] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.978148] ? __schedule+0x10cc/0x2b60 [ 144.978939] ? __pfx_read_tsc+0x10/0x10 [ 144.979409] ? ktime_get_ts64+0x86/0x230 [ 144.979967] kunit_try_run_case+0x1a5/0x480 [ 144.980219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.980440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.981233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.981479] ? __kthread_parkme+0x82/0x180 [ 144.982004] ? preempt_count_sub+0x50/0x80 [ 144.982232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.982445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.983300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.983914] kthread+0x337/0x6f0 [ 144.984149] ? trace_preempt_on+0x20/0xc0 [ 144.984362] ? __pfx_kthread+0x10/0x10 [ 144.984678] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.984914] ? calculate_sigpending+0x7b/0xa0 [ 144.985357] ? __pfx_kthread+0x10/0x10 [ 144.985599] ret_from_fork+0x116/0x1d0 [ 144.986182] ? __pfx_kthread+0x10/0x10 [ 144.987064] ret_from_fork_asm+0x1a/0x30 [ 144.987483] </TASK> [ 144.987955] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.992410] WARNING: CPU: 1 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.994238] Modules linked in: [ 144.994463] CPU: 1 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.995013] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.995279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.996255] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.996506] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d2 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.997802] RSP: 0000:ffff888102c0fc78 EFLAGS: 00010286 [ 144.998087] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.998661] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa4832f38 [ 144.999528] RBP: ffff888102c0fca0 R08: 0000000000000000 R09: ffffed1020c418a0 [ 144.999993] R10: ffff88810620c507 R11: 0000000000000000 R12: ffffffffa4832f20 [ 145.000484] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102c0fd38 [ 145.001019] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 145.001741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.002066] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 145.002435] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 145.003710] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.004030] Call Trace: [ 145.004157] <TASK> [ 145.004758] drm_test_rect_calc_hscale+0x108/0x270 [ 145.005120] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 145.005467] ? __schedule+0x10cc/0x2b60 [ 145.005770] ? __pfx_read_tsc+0x10/0x10 [ 145.006270] ? ktime_get_ts64+0x86/0x230 [ 145.006618] kunit_try_run_case+0x1a5/0x480 [ 145.007395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.007741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.008308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.008631] ? __kthread_parkme+0x82/0x180 [ 145.008869] ? preempt_count_sub+0x50/0x80 [ 145.009465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.010002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.010269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.011165] kthread+0x337/0x6f0 [ 145.011400] ? trace_preempt_on+0x20/0xc0 [ 145.011606] ? __pfx_kthread+0x10/0x10 [ 145.011966] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.012445] ? calculate_sigpending+0x7b/0xa0 [ 145.012913] ? __pfx_kthread+0x10/0x10 [ 145.013202] ret_from_fork+0x116/0x1d0 [ 145.013505] ? __pfx_kthread+0x10/0x10 [ 145.014049] ret_from_fork_asm+0x1a/0x30 [ 145.014421] </TASK> [ 145.014767] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.253674] ================================================================== [ 51.254015] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 51.254015] [ 51.254438] Use-after-free read at 0x(____ptrval____) (in kfence-#156): [ 51.254899] test_krealloc+0x6fc/0xbe0 [ 51.255240] kunit_try_run_case+0x1a5/0x480 [ 51.255471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.255723] kthread+0x337/0x6f0 [ 51.255895] ret_from_fork+0x116/0x1d0 [ 51.256181] ret_from_fork_asm+0x1a/0x30 [ 51.256490] [ 51.256647] kfence-#156: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.256647] [ 51.257016] allocated by task 355 on cpu 1 at 51.252855s (0.004157s ago): [ 51.257511] test_alloc+0x364/0x10f0 [ 51.257745] test_krealloc+0xad/0xbe0 [ 51.258032] kunit_try_run_case+0x1a5/0x480 [ 51.258258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.258607] kthread+0x337/0x6f0 [ 51.258873] ret_from_fork+0x116/0x1d0 [ 51.259059] ret_from_fork_asm+0x1a/0x30 [ 51.259226] [ 51.259332] freed by task 355 on cpu 1 at 51.253161s (0.006167s ago): [ 51.259573] krealloc_noprof+0x108/0x340 [ 51.259951] test_krealloc+0x226/0xbe0 [ 51.260257] kunit_try_run_case+0x1a5/0x480 [ 51.260696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.261075] kthread+0x337/0x6f0 [ 51.261297] ret_from_fork+0x116/0x1d0 [ 51.261463] ret_from_fork_asm+0x1a/0x30 [ 51.261740] [ 51.261948] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.262548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.262731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.262995] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.169030] ================================================================== [ 51.169424] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.169424] [ 51.169788] Use-after-free read at 0x(____ptrval____) (in kfence-#155): [ 51.170329] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 51.170765] kunit_try_run_case+0x1a5/0x480 [ 51.171300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.171764] kthread+0x337/0x6f0 [ 51.172061] ret_from_fork+0x116/0x1d0 [ 51.172480] ret_from_fork_asm+0x1a/0x30 [ 51.172733] [ 51.172877] kfence-#155: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 51.172877] [ 51.173397] allocated by task 353 on cpu 1 at 51.150874s (0.022518s ago): [ 51.173920] test_alloc+0x2a6/0x10f0 [ 51.174102] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 51.174393] kunit_try_run_case+0x1a5/0x480 [ 51.174897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.175344] kthread+0x337/0x6f0 [ 51.175771] ret_from_fork+0x116/0x1d0 [ 51.176067] ret_from_fork_asm+0x1a/0x30 [ 51.176442] [ 51.176578] freed by task 353 on cpu 1 at 51.150988s (0.025586s ago): [ 51.176891] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 51.177116] kunit_try_run_case+0x1a5/0x480 [ 51.177392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.177649] kthread+0x337/0x6f0 [ 51.177803] ret_from_fork+0x116/0x1d0 [ 51.178090] ret_from_fork_asm+0x1a/0x30 [ 51.178380] [ 51.178571] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 51.178964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.179295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.179728] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.201085] ================================================================== [ 26.201665] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 26.201665] [ 26.202173] Invalid read at 0x(____ptrval____): [ 26.202961] test_invalid_access+0xf0/0x210 [ 26.203661] kunit_try_run_case+0x1a5/0x480 [ 26.204026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.204391] kthread+0x337/0x6f0 [ 26.204555] ret_from_fork+0x116/0x1d0 [ 26.205448] ret_from_fork_asm+0x1a/0x30 [ 26.205967] [ 26.206488] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 26.207449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.207847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.208411] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.973239] ================================================================== [ 25.973591] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.973591] [ 25.974051] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#150): [ 25.975142] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.975721] kunit_try_run_case+0x1a5/0x480 [ 25.976068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.976315] kthread+0x337/0x6f0 [ 25.976487] ret_from_fork+0x116/0x1d0 [ 25.976697] ret_from_fork_asm+0x1a/0x30 [ 25.977000] [ 25.977192] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.977192] [ 25.977634] allocated by task 343 on cpu 0 at 25.972918s (0.004711s ago): [ 25.977968] test_alloc+0x364/0x10f0 [ 25.978244] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 25.978494] kunit_try_run_case+0x1a5/0x480 [ 25.978804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.979123] kthread+0x337/0x6f0 [ 25.979313] ret_from_fork+0x116/0x1d0 [ 25.979482] ret_from_fork_asm+0x1a/0x30 [ 25.979770] [ 25.979912] freed by task 343 on cpu 0 at 25.973099s (0.006809s ago): [ 25.980353] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.980644] kunit_try_run_case+0x1a5/0x480 [ 25.980928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.981288] kthread+0x337/0x6f0 [ 25.981538] ret_from_fork+0x116/0x1d0 [ 25.981794] ret_from_fork_asm+0x1a/0x30 [ 25.981992] [ 25.982179] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.982657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.982944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.983560] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.557105] ================================================================== [ 25.557529] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.557529] [ 25.557986] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#146): [ 25.558413] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.558665] kunit_try_run_case+0x1a5/0x480 [ 25.558827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.559115] kthread+0x337/0x6f0 [ 25.559386] ret_from_fork+0x116/0x1d0 [ 25.559759] ret_from_fork_asm+0x1a/0x30 [ 25.560082] [ 25.560287] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.560287] [ 25.560945] allocated by task 341 on cpu 1 at 25.556842s (0.004099s ago): [ 25.561533] test_alloc+0x364/0x10f0 [ 25.561924] test_kmalloc_aligned_oob_read+0x105/0x560 [ 25.562368] kunit_try_run_case+0x1a5/0x480 [ 25.562758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.563219] kthread+0x337/0x6f0 [ 25.563501] ret_from_fork+0x116/0x1d0 [ 25.563831] ret_from_fork_asm+0x1a/0x30 [ 25.564158] [ 25.564476] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 25.565053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.565298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.565694] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.877247] ================================================================== [ 20.877703] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 20.877703] [ 20.877965] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 20.879573] test_corruption+0x2d2/0x3e0 [ 20.879816] kunit_try_run_case+0x1a5/0x480 [ 20.879996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.880253] kthread+0x337/0x6f0 [ 20.880534] ret_from_fork+0x116/0x1d0 [ 20.880791] ret_from_fork_asm+0x1a/0x30 [ 20.880970] [ 20.881078] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.881078] [ 20.881596] allocated by task 329 on cpu 1 at 20.877014s (0.004577s ago): [ 20.881982] test_alloc+0x364/0x10f0 [ 20.882309] test_corruption+0xe6/0x3e0 [ 20.882546] kunit_try_run_case+0x1a5/0x480 [ 20.882747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.882949] kthread+0x337/0x6f0 [ 20.883230] ret_from_fork+0x116/0x1d0 [ 20.883473] ret_from_fork_asm+0x1a/0x30 [ 20.883685] [ 20.883842] freed by task 329 on cpu 1 at 20.877156s (0.006681s ago): [ 20.884305] test_corruption+0x2d2/0x3e0 [ 20.884526] kunit_try_run_case+0x1a5/0x480 [ 20.884841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.885093] kthread+0x337/0x6f0 [ 20.885281] ret_from_fork+0x116/0x1d0 [ 20.885450] ret_from_fork_asm+0x1a/0x30 [ 20.885752] [ 20.885969] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.886690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.886903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.887335] ================================================================== [ 20.981427] ================================================================== [ 20.981798] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 20.981798] [ 20.982035] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#102): [ 20.982591] test_corruption+0x2df/0x3e0 [ 20.982919] kunit_try_run_case+0x1a5/0x480 [ 20.983265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.983481] kthread+0x337/0x6f0 [ 20.983653] ret_from_fork+0x116/0x1d0 [ 20.983893] ret_from_fork_asm+0x1a/0x30 [ 20.984177] [ 20.984377] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.984377] [ 20.984908] allocated by task 329 on cpu 1 at 20.981072s (0.003832s ago): [ 20.985317] test_alloc+0x364/0x10f0 [ 20.985599] test_corruption+0x1cb/0x3e0 [ 20.985884] kunit_try_run_case+0x1a5/0x480 [ 20.986249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.986519] kthread+0x337/0x6f0 [ 20.986747] ret_from_fork+0x116/0x1d0 [ 20.986928] ret_from_fork_asm+0x1a/0x30 [ 20.987100] [ 20.987203] freed by task 329 on cpu 1 at 20.981230s (0.005969s ago): [ 20.987448] test_corruption+0x2df/0x3e0 [ 20.987781] kunit_try_run_case+0x1a5/0x480 [ 20.988125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.988507] kthread+0x337/0x6f0 [ 20.988785] ret_from_fork+0x116/0x1d0 [ 20.989074] ret_from_fork_asm+0x1a/0x30 [ 20.989336] [ 20.989493] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.990155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.990386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.990829] ================================================================== [ 21.293251] ================================================================== [ 21.293638] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 21.293638] [ 21.293944] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#105): [ 21.294653] test_corruption+0x216/0x3e0 [ 21.294832] kunit_try_run_case+0x1a5/0x480 [ 21.295046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.295337] kthread+0x337/0x6f0 [ 21.295624] ret_from_fork+0x116/0x1d0 [ 21.296005] ret_from_fork_asm+0x1a/0x30 [ 21.296330] [ 21.296518] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.296518] [ 21.296950] allocated by task 331 on cpu 1 at 21.293055s (0.003890s ago): [ 21.297376] test_alloc+0x2a6/0x10f0 [ 21.297545] test_corruption+0x1cb/0x3e0 [ 21.297725] kunit_try_run_case+0x1a5/0x480 [ 21.298081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.298460] kthread+0x337/0x6f0 [ 21.298737] ret_from_fork+0x116/0x1d0 [ 21.299037] ret_from_fork_asm+0x1a/0x30 [ 21.299346] [ 21.299496] freed by task 331 on cpu 1 at 21.293145s (0.006347s ago): [ 21.299821] test_corruption+0x216/0x3e0 [ 21.300019] kunit_try_run_case+0x1a5/0x480 [ 21.300237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.300675] kthread+0x337/0x6f0 [ 21.300994] ret_from_fork+0x116/0x1d0 [ 21.301358] ret_from_fork_asm+0x1a/0x30 [ 21.301676] [ 21.301887] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 21.302527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.302815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.303097] ================================================================== [ 21.189416] ================================================================== [ 21.189883] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 21.189883] [ 21.190182] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#104): [ 21.191251] test_corruption+0x131/0x3e0 [ 21.191435] kunit_try_run_case+0x1a5/0x480 [ 21.191750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.192112] kthread+0x337/0x6f0 [ 21.192329] ret_from_fork+0x116/0x1d0 [ 21.192507] ret_from_fork_asm+0x1a/0x30 [ 21.192694] [ 21.192824] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.192824] [ 21.193377] allocated by task 331 on cpu 1 at 21.189194s (0.004178s ago): [ 21.193980] test_alloc+0x2a6/0x10f0 [ 21.194320] test_corruption+0xe6/0x3e0 [ 21.194595] kunit_try_run_case+0x1a5/0x480 [ 21.194902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.195310] kthread+0x337/0x6f0 [ 21.195498] ret_from_fork+0x116/0x1d0 [ 21.195822] ret_from_fork_asm+0x1a/0x30 [ 21.196049] [ 21.196211] freed by task 331 on cpu 1 at 21.189289s (0.006918s ago): [ 21.196540] test_corruption+0x131/0x3e0 [ 21.196850] kunit_try_run_case+0x1a5/0x480 [ 21.197192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.197456] kthread+0x337/0x6f0 [ 21.197674] ret_from_fork+0x116/0x1d0 [ 21.197974] ret_from_fork_asm+0x1a/0x30 [ 21.198339] [ 21.198513] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 21.198990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.199412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.199762] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.461067] ================================================================== [ 20.461345] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 20.461345] [ 20.461691] Invalid free of 0x(____ptrval____) (in kfence-#97): [ 20.461981] test_invalid_addr_free+0xfb/0x260 [ 20.462308] kunit_try_run_case+0x1a5/0x480 [ 20.462510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.462829] kthread+0x337/0x6f0 [ 20.463014] ret_from_fork+0x116/0x1d0 [ 20.463219] ret_from_fork_asm+0x1a/0x30 [ 20.463454] [ 20.463565] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.463565] [ 20.463845] allocated by task 327 on cpu 0 at 20.460933s (0.002908s ago): [ 20.464134] test_alloc+0x2a6/0x10f0 [ 20.464306] test_invalid_addr_free+0xdb/0x260 [ 20.464639] kunit_try_run_case+0x1a5/0x480 [ 20.464928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.465331] kthread+0x337/0x6f0 [ 20.465607] ret_from_fork+0x116/0x1d0 [ 20.465891] ret_from_fork_asm+0x1a/0x30 [ 20.466211] [ 20.466413] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.466992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.467200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.467801] ================================================================== [ 20.357026] ================================================================== [ 20.357354] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 20.357354] [ 20.357577] Invalid free of 0x(____ptrval____) (in kfence-#96): [ 20.358021] test_invalid_addr_free+0x1e1/0x260 [ 20.358393] kunit_try_run_case+0x1a5/0x480 [ 20.358719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.359044] kthread+0x337/0x6f0 [ 20.359196] ret_from_fork+0x116/0x1d0 [ 20.359405] ret_from_fork_asm+0x1a/0x30 [ 20.359734] [ 20.359903] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.359903] [ 20.360499] allocated by task 325 on cpu 1 at 20.356871s (0.003624s ago): [ 20.360884] test_alloc+0x364/0x10f0 [ 20.361208] test_invalid_addr_free+0xdb/0x260 [ 20.361540] kunit_try_run_case+0x1a5/0x480 [ 20.361771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.362171] kthread+0x337/0x6f0 [ 20.362391] ret_from_fork+0x116/0x1d0 [ 20.362564] ret_from_fork_asm+0x1a/0x30 [ 20.362883] [ 20.363110] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.363633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.363833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.364413] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.253275] ================================================================== [ 20.253755] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 20.253755] [ 20.253996] Invalid free of 0x(____ptrval____) (in kfence-#95): [ 20.254347] test_double_free+0x112/0x260 [ 20.254659] kunit_try_run_case+0x1a5/0x480 [ 20.254968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.255148] kthread+0x337/0x6f0 [ 20.255464] ret_from_fork+0x116/0x1d0 [ 20.255716] ret_from_fork_asm+0x1a/0x30 [ 20.255887] [ 20.255998] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.255998] [ 20.256561] allocated by task 323 on cpu 0 at 20.253026s (0.003531s ago): [ 20.256912] test_alloc+0x2a6/0x10f0 [ 20.257083] test_double_free+0xdb/0x260 [ 20.257383] kunit_try_run_case+0x1a5/0x480 [ 20.257698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.258068] kthread+0x337/0x6f0 [ 20.258257] ret_from_fork+0x116/0x1d0 [ 20.258506] ret_from_fork_asm+0x1a/0x30 [ 20.258744] [ 20.258905] freed by task 323 on cpu 0 at 20.253113s (0.005788s ago): [ 20.259343] test_double_free+0xfa/0x260 [ 20.259651] kunit_try_run_case+0x1a5/0x480 [ 20.259884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.260119] kthread+0x337/0x6f0 [ 20.260274] ret_from_fork+0x116/0x1d0 [ 20.260439] ret_from_fork_asm+0x1a/0x30 [ 20.260630] [ 20.260805] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.261593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.261935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.262470] ================================================================== [ 20.149376] ================================================================== [ 20.149830] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 20.149830] [ 20.150099] Invalid free of 0x(____ptrval____) (in kfence-#94): [ 20.150769] test_double_free+0x1d3/0x260 [ 20.151054] kunit_try_run_case+0x1a5/0x480 [ 20.151566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.151836] kthread+0x337/0x6f0 [ 20.152006] ret_from_fork+0x116/0x1d0 [ 20.152165] ret_from_fork_asm+0x1a/0x30 [ 20.152262] [ 20.152317] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.152317] [ 20.152505] allocated by task 321 on cpu 1 at 20.149089s (0.003413s ago): [ 20.152659] test_alloc+0x364/0x10f0 [ 20.152749] test_double_free+0xdb/0x260 [ 20.152833] kunit_try_run_case+0x1a5/0x480 [ 20.152918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.153015] kthread+0x337/0x6f0 [ 20.153090] ret_from_fork+0x116/0x1d0 [ 20.153168] ret_from_fork_asm+0x1a/0x30 [ 20.153250] [ 20.153300] freed by task 321 on cpu 1 at 20.149192s (0.004105s ago): [ 20.153418] test_double_free+0x1e0/0x260 [ 20.153501] kunit_try_run_case+0x1a5/0x480 [ 20.153587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.154033] kthread+0x337/0x6f0 [ 20.154404] ret_from_fork+0x116/0x1d0 [ 20.154795] ret_from_fork_asm+0x1a/0x30 [ 20.155205] [ 20.155522] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.156426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.156780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.157421] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.837213] ================================================================== [ 19.837685] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.837685] [ 19.838256] Use-after-free read at 0x(____ptrval____) (in kfence-#91): [ 19.839187] test_use_after_free_read+0x129/0x270 [ 19.839440] kunit_try_run_case+0x1a5/0x480 [ 19.839646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.839826] kthread+0x337/0x6f0 [ 19.840030] ret_from_fork+0x116/0x1d0 [ 19.840306] ret_from_fork_asm+0x1a/0x30 [ 19.840587] [ 19.840929] kfence-#91: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.840929] [ 19.841510] allocated by task 315 on cpu 0 at 19.837038s (0.004467s ago): [ 19.841934] test_alloc+0x2a6/0x10f0 [ 19.842234] test_use_after_free_read+0xdc/0x270 [ 19.842449] kunit_try_run_case+0x1a5/0x480 [ 19.842708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.842906] kthread+0x337/0x6f0 [ 19.843136] ret_from_fork+0x116/0x1d0 [ 19.843403] ret_from_fork_asm+0x1a/0x30 [ 19.843728] [ 19.843846] freed by task 315 on cpu 0 at 19.837102s (0.006740s ago): [ 19.844134] test_use_after_free_read+0xfb/0x270 [ 19.844455] kunit_try_run_case+0x1a5/0x480 [ 19.844764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.845170] kthread+0x337/0x6f0 [ 19.845438] ret_from_fork+0x116/0x1d0 [ 19.845628] ret_from_fork_asm+0x1a/0x30 [ 19.845880] [ 19.846090] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.846599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.846835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.847300] ================================================================== [ 19.733259] ================================================================== [ 19.733747] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.733747] [ 19.734168] Use-after-free read at 0x(____ptrval____) (in kfence-#90): [ 19.734470] test_use_after_free_read+0x129/0x270 [ 19.734791] kunit_try_run_case+0x1a5/0x480 [ 19.735923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.736218] kthread+0x337/0x6f0 [ 19.736371] ret_from_fork+0x116/0x1d0 [ 19.736659] ret_from_fork_asm+0x1a/0x30 [ 19.736892] [ 19.737051] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.737051] [ 19.738134] allocated by task 313 on cpu 0 at 19.732991s (0.005138s ago): [ 19.738446] test_alloc+0x364/0x10f0 [ 19.738696] test_use_after_free_read+0xdc/0x270 [ 19.739380] kunit_try_run_case+0x1a5/0x480 [ 19.739599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.739794] kthread+0x337/0x6f0 [ 19.740222] ret_from_fork+0x116/0x1d0 [ 19.740386] ret_from_fork_asm+0x1a/0x30 [ 19.740805] [ 19.740922] freed by task 313 on cpu 0 at 19.733111s (0.007806s ago): [ 19.741605] test_use_after_free_read+0x1e7/0x270 [ 19.741824] kunit_try_run_case+0x1a5/0x480 [ 19.741978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.742431] kthread+0x337/0x6f0 [ 19.742910] ret_from_fork+0x116/0x1d0 [ 19.743365] ret_from_fork_asm+0x1a/0x30 [ 19.743532] [ 19.743695] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.744113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.744299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.744657] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.213337] ================================================================== [ 19.213802] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.213802] [ 19.214125] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#85): [ 19.214719] test_out_of_bounds_write+0x10d/0x260 [ 19.214973] kunit_try_run_case+0x1a5/0x480 [ 19.215264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.215525] kthread+0x337/0x6f0 [ 19.215701] ret_from_fork+0x116/0x1d0 [ 19.215871] ret_from_fork_asm+0x1a/0x30 [ 19.216385] [ 19.216806] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.216806] [ 19.217754] allocated by task 309 on cpu 1 at 19.213115s (0.004634s ago): [ 19.218083] test_alloc+0x364/0x10f0 [ 19.218640] test_out_of_bounds_write+0xd4/0x260 [ 19.218931] kunit_try_run_case+0x1a5/0x480 [ 19.219188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.219518] kthread+0x337/0x6f0 [ 19.219798] ret_from_fork+0x116/0x1d0 [ 19.220016] ret_from_fork_asm+0x1a/0x30 [ 19.220358] [ 19.220541] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.221157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.221348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.221972] ================================================================== [ 19.629225] ================================================================== [ 19.629853] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.629853] [ 19.630154] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#89): [ 19.630487] test_out_of_bounds_write+0x10d/0x260 [ 19.630837] kunit_try_run_case+0x1a5/0x480 [ 19.631035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.631213] kthread+0x337/0x6f0 [ 19.631376] ret_from_fork+0x116/0x1d0 [ 19.631680] ret_from_fork_asm+0x1a/0x30 [ 19.631972] [ 19.632137] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.632137] [ 19.632668] allocated by task 311 on cpu 0 at 19.629125s (0.003539s ago): [ 19.633026] test_alloc+0x2a6/0x10f0 [ 19.633380] test_out_of_bounds_write+0xd4/0x260 [ 19.633597] kunit_try_run_case+0x1a5/0x480 [ 19.633941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.634325] kthread+0x337/0x6f0 [ 19.634560] ret_from_fork+0x116/0x1d0 [ 19.634856] ret_from_fork_asm+0x1a/0x30 [ 19.635033] [ 19.635256] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.635876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.636048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.636327] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.693061] ================================================================== [ 18.693461] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.693461] [ 18.693792] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#80): [ 18.694267] test_out_of_bounds_read+0x216/0x4e0 [ 18.694510] kunit_try_run_case+0x1a5/0x480 [ 18.694687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.695031] kthread+0x337/0x6f0 [ 18.695309] ret_from_fork+0x116/0x1d0 [ 18.695531] ret_from_fork_asm+0x1a/0x30 [ 18.695800] [ 18.695958] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.695958] [ 18.696337] allocated by task 307 on cpu 0 at 18.692973s (0.003359s ago): [ 18.696633] test_alloc+0x2a6/0x10f0 [ 18.696892] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.697218] kunit_try_run_case+0x1a5/0x480 [ 18.697558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.697855] kthread+0x337/0x6f0 [ 18.698024] ret_from_fork+0x116/0x1d0 [ 18.698268] ret_from_fork_asm+0x1a/0x30 [ 18.698593] [ 18.698808] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.699462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.699648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.700082] ================================================================== [ 18.589058] ================================================================== [ 18.589498] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.589498] [ 18.589932] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#79): [ 18.590178] test_out_of_bounds_read+0x126/0x4e0 [ 18.590609] kunit_try_run_case+0x1a5/0x480 [ 18.590943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.591234] kthread+0x337/0x6f0 [ 18.591461] ret_from_fork+0x116/0x1d0 [ 18.591718] ret_from_fork_asm+0x1a/0x30 [ 18.591960] [ 18.592105] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.592105] [ 18.592436] allocated by task 307 on cpu 0 at 18.588974s (0.003457s ago): [ 18.592950] test_alloc+0x2a6/0x10f0 [ 18.593138] test_out_of_bounds_read+0xed/0x4e0 [ 18.593466] kunit_try_run_case+0x1a5/0x480 [ 18.593776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.593978] kthread+0x337/0x6f0 [ 18.594134] ret_from_fork+0x116/0x1d0 [ 18.594453] ret_from_fork_asm+0x1a/0x30 [ 18.594885] [ 18.595082] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.595518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.595698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.596052] ================================================================== [ 18.381293] ================================================================== [ 18.381717] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.381717] [ 18.382143] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#77): [ 18.382699] test_out_of_bounds_read+0x126/0x4e0 [ 18.382959] kunit_try_run_case+0x1a5/0x480 [ 18.383147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.383504] kthread+0x337/0x6f0 [ 18.383750] ret_from_fork+0x116/0x1d0 [ 18.383915] ret_from_fork_asm+0x1a/0x30 [ 18.384107] [ 18.384254] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.384254] [ 18.385028] allocated by task 305 on cpu 0 at 18.380976s (0.004048s ago): [ 18.385406] test_alloc+0x364/0x10f0 [ 18.385748] test_out_of_bounds_read+0xed/0x4e0 [ 18.385974] kunit_try_run_case+0x1a5/0x480 [ 18.386151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.386345] kthread+0x337/0x6f0 [ 18.386605] ret_from_fork+0x116/0x1d0 [ 18.386900] ret_from_fork_asm+0x1a/0x30 [ 18.387296] [ 18.387517] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.388120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.388310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.388732] ================================================================== [ 18.485246] ================================================================== [ 18.485669] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.485669] [ 18.486166] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#78): [ 18.486570] test_out_of_bounds_read+0x216/0x4e0 [ 18.486881] kunit_try_run_case+0x1a5/0x480 [ 18.487045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.487464] kthread+0x337/0x6f0 [ 18.487838] ret_from_fork+0x116/0x1d0 [ 18.488000] ret_from_fork_asm+0x1a/0x30 [ 18.488172] [ 18.488274] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.488274] [ 18.488867] allocated by task 305 on cpu 0 at 18.485006s (0.003857s ago): [ 18.489340] test_alloc+0x364/0x10f0 [ 18.489682] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.489902] kunit_try_run_case+0x1a5/0x480 [ 18.490093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.490290] kthread+0x337/0x6f0 [ 18.490564] ret_from_fork+0x116/0x1d0 [ 18.490837] ret_from_fork_asm+0x1a/0x30 [ 18.491122] [ 18.491326] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.491974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.492142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.492457] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-memset_orig
[ 13.654451] ================================================================== [ 13.655309] BUG: KFENCE: use-after-free write in memset_orig+0x72/0xb0 [ 13.655309] [ 13.655970] Use-after-free write at 0x(____ptrval____) (in kfence-#53): [ 13.656924] memset_orig+0x72/0xb0 [ 13.657440] kmalloc_uaf_memset+0x1a3/0x360 [ 13.658285] kunit_try_run_case+0x1a5/0x480 [ 13.658667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.659013] kthread+0x337/0x6f0 [ 13.659568] ret_from_fork+0x116/0x1d0 [ 13.659952] ret_from_fork_asm+0x1a/0x30 [ 13.660195] [ 13.660371] kfence-#53: 0x(____ptrval____)-0x(____ptrval____), size=33, cache=kmalloc-64 [ 13.660371] [ 13.660973] allocated by task 204 on cpu 1 at 13.653254s (0.007714s ago): [ 13.661476] kmalloc_uaf_memset+0xa9/0x360 [ 13.662044] kunit_try_run_case+0x1a5/0x480 [ 13.662743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.663038] kthread+0x337/0x6f0 [ 13.663381] ret_from_fork+0x116/0x1d0 [ 13.663701] ret_from_fork_asm+0x1a/0x30 [ 13.663922] [ 13.664050] freed by task 204 on cpu 1 at 13.653328s (0.010717s ago): [ 13.664280] kmalloc_uaf_memset+0x12b/0x360 [ 13.664806] kunit_try_run_case+0x1a5/0x480 [ 13.665042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.665427] kthread+0x337/0x6f0 [ 13.666224] ret_from_fork+0x116/0x1d0 [ 13.666372] ret_from_fork_asm+0x1a/0x30 [ 13.666525] [ 13.667276] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.667937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.668498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.669278] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 12.640438] ================================================================== [ 12.641718] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 12.641718] [ 12.642214] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#44): [ 12.643884] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.644363] kunit_try_run_case+0x1a5/0x480 [ 12.644724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.645266] kthread+0x337/0x6f0 [ 12.645444] ret_from_fork+0x116/0x1d0 [ 12.645900] ret_from_fork_asm+0x1a/0x30 [ 12.646439] [ 12.646965] kfence-#44: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.646965] [ 12.647802] allocated by task 160 on cpu 0 at 12.638212s (0.009460s ago): [ 12.648445] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.648770] kunit_try_run_case+0x1a5/0x480 [ 12.649262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.649466] kthread+0x337/0x6f0 [ 12.649764] ret_from_fork+0x116/0x1d0 [ 12.650000] ret_from_fork_asm+0x1a/0x30 [ 12.650332] [ 12.651121] freed by task 160 on cpu 0 at 12.639943s (0.010606s ago): [ 12.651489] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.651975] kunit_try_run_case+0x1a5/0x480 [ 12.652232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.652470] kthread+0x337/0x6f0 [ 12.652984] ret_from_fork+0x116/0x1d0 [ 12.653316] ret_from_fork_asm+0x1a/0x30 [ 12.653837] [ 12.654064] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.655129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.655401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.656100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.199338] ================================================================== [ 18.200386] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 18.200843] Write of size 1 at addr ffff88810254dc78 by task kunit_try_catch/303 [ 18.201348] [ 18.201523] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.201610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.201650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.201691] Call Trace: [ 18.201726] <TASK> [ 18.201756] dump_stack_lvl+0x73/0xb0 [ 18.201817] print_report+0xd1/0x650 [ 18.201855] ? __virt_addr_valid+0x1db/0x2d0 [ 18.201890] ? strncpy_from_user+0x1a5/0x1d0 [ 18.201940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.201986] ? strncpy_from_user+0x1a5/0x1d0 [ 18.202032] kasan_report+0x141/0x180 [ 18.202078] ? strncpy_from_user+0x1a5/0x1d0 [ 18.202132] __asan_report_store1_noabort+0x1b/0x30 [ 18.202179] strncpy_from_user+0x1a5/0x1d0 [ 18.202247] copy_user_test_oob+0x760/0x10f0 [ 18.202300] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.202324] ? finish_task_switch.isra.0+0x153/0x700 [ 18.202354] ? __switch_to+0x47/0xf50 [ 18.202381] ? __schedule+0x10cc/0x2b60 [ 18.202402] ? __pfx_read_tsc+0x10/0x10 [ 18.202422] ? ktime_get_ts64+0x86/0x230 [ 18.202445] kunit_try_run_case+0x1a5/0x480 [ 18.202469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.202489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.202511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.202532] ? __kthread_parkme+0x82/0x180 [ 18.202551] ? preempt_count_sub+0x50/0x80 [ 18.202573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.202594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.202632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.202657] kthread+0x337/0x6f0 [ 18.202677] ? trace_preempt_on+0x20/0xc0 [ 18.202699] ? __pfx_kthread+0x10/0x10 [ 18.202719] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.202738] ? calculate_sigpending+0x7b/0xa0 [ 18.202761] ? __pfx_kthread+0x10/0x10 [ 18.202781] ret_from_fork+0x116/0x1d0 [ 18.202799] ? __pfx_kthread+0x10/0x10 [ 18.202818] ret_from_fork_asm+0x1a/0x30 [ 18.202847] </TASK> [ 18.202862] [ 18.213022] Allocated by task 303: [ 18.213336] kasan_save_stack+0x45/0x70 [ 18.213938] kasan_save_track+0x18/0x40 [ 18.214795] kasan_save_alloc_info+0x3b/0x50 [ 18.215071] __kasan_kmalloc+0xb7/0xc0 [ 18.215743] __kmalloc_noprof+0x1c9/0x500 [ 18.215920] kunit_kmalloc_array+0x25/0x60 [ 18.216229] copy_user_test_oob+0xab/0x10f0 [ 18.216837] kunit_try_run_case+0x1a5/0x480 [ 18.217166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.217514] kthread+0x337/0x6f0 [ 18.217783] ret_from_fork+0x116/0x1d0 [ 18.218010] ret_from_fork_asm+0x1a/0x30 [ 18.218272] [ 18.218784] The buggy address belongs to the object at ffff88810254dc00 [ 18.218784] which belongs to the cache kmalloc-128 of size 128 [ 18.219264] The buggy address is located 0 bytes to the right of [ 18.219264] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.219707] [ 18.219834] The buggy address belongs to the physical page: [ 18.220507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.220859] flags: 0x200000000000000(node=0|zone=2) [ 18.221101] page_type: f5(slab) [ 18.221654] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.222097] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.222682] page dumped because: kasan: bad access detected [ 18.222963] [ 18.223120] Memory state around the buggy address: [ 18.223666] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.224268] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.224559] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.224984] ^ [ 18.225698] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226275] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226497] ================================================================== [ 18.171636] ================================================================== [ 18.172565] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 18.172854] Write of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.173470] [ 18.173736] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.173840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.173871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.173919] Call Trace: [ 18.173957] <TASK> [ 18.173994] dump_stack_lvl+0x73/0xb0 [ 18.174056] print_report+0xd1/0x650 [ 18.174113] ? __virt_addr_valid+0x1db/0x2d0 [ 18.174164] ? strncpy_from_user+0x2e/0x1d0 [ 18.174212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.174255] ? strncpy_from_user+0x2e/0x1d0 [ 18.174292] kasan_report+0x141/0x180 [ 18.174334] ? strncpy_from_user+0x2e/0x1d0 [ 18.174381] kasan_check_range+0x10c/0x1c0 [ 18.174423] __kasan_check_write+0x18/0x20 [ 18.174462] strncpy_from_user+0x2e/0x1d0 [ 18.174503] ? __kasan_check_read+0x15/0x20 [ 18.174536] copy_user_test_oob+0x760/0x10f0 [ 18.174584] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.174632] ? finish_task_switch.isra.0+0x153/0x700 [ 18.174669] ? __switch_to+0x47/0xf50 [ 18.174708] ? __schedule+0x10cc/0x2b60 [ 18.174744] ? __pfx_read_tsc+0x10/0x10 [ 18.174779] ? ktime_get_ts64+0x86/0x230 [ 18.174822] kunit_try_run_case+0x1a5/0x480 [ 18.174863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.174900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.174938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.174974] ? __kthread_parkme+0x82/0x180 [ 18.175008] ? preempt_count_sub+0x50/0x80 [ 18.175051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.175091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.175131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.175169] kthread+0x337/0x6f0 [ 18.175202] ? trace_preempt_on+0x20/0xc0 [ 18.175243] ? __pfx_kthread+0x10/0x10 [ 18.175279] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.175314] ? calculate_sigpending+0x7b/0xa0 [ 18.175356] ? __pfx_kthread+0x10/0x10 [ 18.175393] ret_from_fork+0x116/0x1d0 [ 18.175426] ? __pfx_kthread+0x10/0x10 [ 18.175459] ret_from_fork_asm+0x1a/0x30 [ 18.175510] </TASK> [ 18.175533] [ 18.185790] Allocated by task 303: [ 18.185966] kasan_save_stack+0x45/0x70 [ 18.186245] kasan_save_track+0x18/0x40 [ 18.186538] kasan_save_alloc_info+0x3b/0x50 [ 18.186879] __kasan_kmalloc+0xb7/0xc0 [ 18.187224] __kmalloc_noprof+0x1c9/0x500 [ 18.187550] kunit_kmalloc_array+0x25/0x60 [ 18.187891] copy_user_test_oob+0xab/0x10f0 [ 18.188271] kunit_try_run_case+0x1a5/0x480 [ 18.188574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.188972] kthread+0x337/0x6f0 [ 18.189277] ret_from_fork+0x116/0x1d0 [ 18.189581] ret_from_fork_asm+0x1a/0x30 [ 18.189899] [ 18.190082] The buggy address belongs to the object at ffff88810254dc00 [ 18.190082] which belongs to the cache kmalloc-128 of size 128 [ 18.190922] The buggy address is located 0 bytes inside of [ 18.190922] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.191832] [ 18.192051] The buggy address belongs to the physical page: [ 18.192477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.193057] flags: 0x200000000000000(node=0|zone=2) [ 18.193646] page_type: f5(slab) [ 18.193867] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.194153] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.194548] page dumped because: kasan: bad access detected [ 18.194944] [ 18.195061] Memory state around the buggy address: [ 18.195238] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.196234] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196470] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.197073] ^ [ 18.197663] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.197965] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.198640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.063751] ================================================================== [ 18.064163] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 18.064683] Write of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.065189] [ 18.065396] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.065466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.065484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.065513] Call Trace: [ 18.065534] <TASK> [ 18.065557] dump_stack_lvl+0x73/0xb0 [ 18.065601] print_report+0xd1/0x650 [ 18.065660] ? __virt_addr_valid+0x1db/0x2d0 [ 18.065700] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.065743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.065785] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.065825] kasan_report+0x141/0x180 [ 18.065868] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.065930] kasan_check_range+0x10c/0x1c0 [ 18.065979] __kasan_check_write+0x18/0x20 [ 18.066021] copy_user_test_oob+0x3fd/0x10f0 [ 18.066092] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.066188] ? finish_task_switch.isra.0+0x153/0x700 [ 18.066239] ? __switch_to+0x47/0xf50 [ 18.066293] ? __schedule+0x10cc/0x2b60 [ 18.066339] ? __pfx_read_tsc+0x10/0x10 [ 18.066381] ? ktime_get_ts64+0x86/0x230 [ 18.066424] kunit_try_run_case+0x1a5/0x480 [ 18.066472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.066505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.066534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.066557] ? __kthread_parkme+0x82/0x180 [ 18.066577] ? preempt_count_sub+0x50/0x80 [ 18.066598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.066642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.066669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.066690] kthread+0x337/0x6f0 [ 18.066709] ? trace_preempt_on+0x20/0xc0 [ 18.066733] ? __pfx_kthread+0x10/0x10 [ 18.066753] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.066773] ? calculate_sigpending+0x7b/0xa0 [ 18.066795] ? __pfx_kthread+0x10/0x10 [ 18.066816] ret_from_fork+0x116/0x1d0 [ 18.066833] ? __pfx_kthread+0x10/0x10 [ 18.066853] ret_from_fork_asm+0x1a/0x30 [ 18.066882] </TASK> [ 18.066896] [ 18.076905] Allocated by task 303: [ 18.077263] kasan_save_stack+0x45/0x70 [ 18.077661] kasan_save_track+0x18/0x40 [ 18.078023] kasan_save_alloc_info+0x3b/0x50 [ 18.078393] __kasan_kmalloc+0xb7/0xc0 [ 18.078629] __kmalloc_noprof+0x1c9/0x500 [ 18.078783] kunit_kmalloc_array+0x25/0x60 [ 18.079064] copy_user_test_oob+0xab/0x10f0 [ 18.079513] kunit_try_run_case+0x1a5/0x480 [ 18.079747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.079971] kthread+0x337/0x6f0 [ 18.080518] ret_from_fork+0x116/0x1d0 [ 18.080818] ret_from_fork_asm+0x1a/0x30 [ 18.081041] [ 18.081388] The buggy address belongs to the object at ffff88810254dc00 [ 18.081388] which belongs to the cache kmalloc-128 of size 128 [ 18.082138] The buggy address is located 0 bytes inside of [ 18.082138] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.082777] [ 18.082956] The buggy address belongs to the physical page: [ 18.083306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.083682] flags: 0x200000000000000(node=0|zone=2) [ 18.084014] page_type: f5(slab) [ 18.084311] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.084579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.085012] page dumped because: kasan: bad access detected [ 18.085589] [ 18.085901] Memory state around the buggy address: [ 18.086100] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.086914] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.087474] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.087713] ^ [ 18.088535] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.088853] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.089691] ================================================================== [ 18.090352] ================================================================== [ 18.090766] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 18.091095] Read of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.091601] [ 18.091857] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.091949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.091977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.092019] Call Trace: [ 18.092052] <TASK> [ 18.092084] dump_stack_lvl+0x73/0xb0 [ 18.092185] print_report+0xd1/0x650 [ 18.092249] ? __virt_addr_valid+0x1db/0x2d0 [ 18.092295] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.092375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.092420] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.092459] kasan_report+0x141/0x180 [ 18.092498] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.092572] kasan_check_range+0x10c/0x1c0 [ 18.092632] __kasan_check_read+0x15/0x20 [ 18.092681] copy_user_test_oob+0x4aa/0x10f0 [ 18.092731] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.092792] ? finish_task_switch.isra.0+0x153/0x700 [ 18.092833] ? __switch_to+0x47/0xf50 [ 18.092896] ? __schedule+0x10cc/0x2b60 [ 18.092943] ? __pfx_read_tsc+0x10/0x10 [ 18.092984] ? ktime_get_ts64+0x86/0x230 [ 18.093033] kunit_try_run_case+0x1a5/0x480 [ 18.093081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.093139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.093165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.093187] ? __kthread_parkme+0x82/0x180 [ 18.093207] ? preempt_count_sub+0x50/0x80 [ 18.093228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.093250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.093273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.093294] kthread+0x337/0x6f0 [ 18.093313] ? trace_preempt_on+0x20/0xc0 [ 18.093336] ? __pfx_kthread+0x10/0x10 [ 18.093355] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.093375] ? calculate_sigpending+0x7b/0xa0 [ 18.093398] ? __pfx_kthread+0x10/0x10 [ 18.093418] ret_from_fork+0x116/0x1d0 [ 18.093435] ? __pfx_kthread+0x10/0x10 [ 18.093455] ret_from_fork_asm+0x1a/0x30 [ 18.093483] </TASK> [ 18.093498] [ 18.102962] Allocated by task 303: [ 18.103312] kasan_save_stack+0x45/0x70 [ 18.103647] kasan_save_track+0x18/0x40 [ 18.103935] kasan_save_alloc_info+0x3b/0x50 [ 18.104289] __kasan_kmalloc+0xb7/0xc0 [ 18.104597] __kmalloc_noprof+0x1c9/0x500 [ 18.104786] kunit_kmalloc_array+0x25/0x60 [ 18.105173] copy_user_test_oob+0xab/0x10f0 [ 18.105542] kunit_try_run_case+0x1a5/0x480 [ 18.105839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.106291] kthread+0x337/0x6f0 [ 18.106559] ret_from_fork+0x116/0x1d0 [ 18.106890] ret_from_fork_asm+0x1a/0x30 [ 18.107212] [ 18.107415] The buggy address belongs to the object at ffff88810254dc00 [ 18.107415] which belongs to the cache kmalloc-128 of size 128 [ 18.108003] The buggy address is located 0 bytes inside of [ 18.108003] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.108797] [ 18.108946] The buggy address belongs to the physical page: [ 18.109366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.110012] flags: 0x200000000000000(node=0|zone=2) [ 18.110415] page_type: f5(slab) [ 18.110599] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.110872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.111297] page dumped because: kasan: bad access detected [ 18.111752] [ 18.111914] Memory state around the buggy address: [ 18.112378] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.112940] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113330] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.113815] ^ [ 18.114315] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.114577] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.115095] ================================================================== [ 18.115861] ================================================================== [ 18.116372] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 18.116889] Write of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.117380] [ 18.117578] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.117694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.117722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.117789] Call Trace: [ 18.117821] <TASK> [ 18.117868] dump_stack_lvl+0x73/0xb0 [ 18.117907] print_report+0xd1/0x650 [ 18.117940] ? __virt_addr_valid+0x1db/0x2d0 [ 18.117963] ? copy_user_test_oob+0x557/0x10f0 [ 18.117986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.118014] ? copy_user_test_oob+0x557/0x10f0 [ 18.118052] kasan_report+0x141/0x180 [ 18.118088] ? copy_user_test_oob+0x557/0x10f0 [ 18.118171] kasan_check_range+0x10c/0x1c0 [ 18.118242] __kasan_check_write+0x18/0x20 [ 18.118283] copy_user_test_oob+0x557/0x10f0 [ 18.118348] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.118390] ? finish_task_switch.isra.0+0x153/0x700 [ 18.118455] ? __switch_to+0x47/0xf50 [ 18.118509] ? __schedule+0x10cc/0x2b60 [ 18.118567] ? __pfx_read_tsc+0x10/0x10 [ 18.118606] ? ktime_get_ts64+0x86/0x230 [ 18.118688] kunit_try_run_case+0x1a5/0x480 [ 18.118750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.118791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.118835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.118878] ? __kthread_parkme+0x82/0x180 [ 18.118918] ? preempt_count_sub+0x50/0x80 [ 18.118964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.119010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.119053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.119076] kthread+0x337/0x6f0 [ 18.119106] ? trace_preempt_on+0x20/0xc0 [ 18.119175] ? __pfx_kthread+0x10/0x10 [ 18.119229] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.119277] ? calculate_sigpending+0x7b/0xa0 [ 18.119337] ? __pfx_kthread+0x10/0x10 [ 18.119398] ret_from_fork+0x116/0x1d0 [ 18.119436] ? __pfx_kthread+0x10/0x10 [ 18.119470] ret_from_fork_asm+0x1a/0x30 [ 18.119501] </TASK> [ 18.119516] [ 18.130722] Allocated by task 303: [ 18.130875] kasan_save_stack+0x45/0x70 [ 18.131039] kasan_save_track+0x18/0x40 [ 18.131183] kasan_save_alloc_info+0x3b/0x50 [ 18.131349] __kasan_kmalloc+0xb7/0xc0 [ 18.131501] __kmalloc_noprof+0x1c9/0x500 [ 18.131672] kunit_kmalloc_array+0x25/0x60 [ 18.131822] copy_user_test_oob+0xab/0x10f0 [ 18.131982] kunit_try_run_case+0x1a5/0x480 [ 18.132121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.132665] kthread+0x337/0x6f0 [ 18.132852] ret_from_fork+0x116/0x1d0 [ 18.133022] ret_from_fork_asm+0x1a/0x30 [ 18.133189] [ 18.133342] The buggy address belongs to the object at ffff88810254dc00 [ 18.133342] which belongs to the cache kmalloc-128 of size 128 [ 18.134136] The buggy address is located 0 bytes inside of [ 18.134136] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.135761] [ 18.135883] The buggy address belongs to the physical page: [ 18.136052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.136791] flags: 0x200000000000000(node=0|zone=2) [ 18.138780] page_type: f5(slab) [ 18.138974] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.139684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.139915] page dumped because: kasan: bad access detected [ 18.140095] [ 18.140210] Memory state around the buggy address: [ 18.140377] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.140737] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.141177] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.141657] ^ [ 18.142109] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.142532] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.142968] ================================================================== [ 18.144687] ================================================================== [ 18.145005] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 18.145764] Read of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.146132] [ 18.146581] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.146666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.146693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.146733] Call Trace: [ 18.146765] <TASK> [ 18.146902] dump_stack_lvl+0x73/0xb0 [ 18.146965] print_report+0xd1/0x650 [ 18.146991] ? __virt_addr_valid+0x1db/0x2d0 [ 18.147013] ? copy_user_test_oob+0x604/0x10f0 [ 18.147036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.147060] ? copy_user_test_oob+0x604/0x10f0 [ 18.147081] kasan_report+0x141/0x180 [ 18.147114] ? copy_user_test_oob+0x604/0x10f0 [ 18.147147] kasan_check_range+0x10c/0x1c0 [ 18.147169] __kasan_check_read+0x15/0x20 [ 18.147188] copy_user_test_oob+0x604/0x10f0 [ 18.147212] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.147233] ? finish_task_switch.isra.0+0x153/0x700 [ 18.147255] ? __switch_to+0x47/0xf50 [ 18.147280] ? __schedule+0x10cc/0x2b60 [ 18.147301] ? __pfx_read_tsc+0x10/0x10 [ 18.147321] ? ktime_get_ts64+0x86/0x230 [ 18.147344] kunit_try_run_case+0x1a5/0x480 [ 18.147367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.147387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.147408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.147429] ? __kthread_parkme+0x82/0x180 [ 18.147449] ? preempt_count_sub+0x50/0x80 [ 18.147470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.147492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.147514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.147535] kthread+0x337/0x6f0 [ 18.147554] ? trace_preempt_on+0x20/0xc0 [ 18.147576] ? __pfx_kthread+0x10/0x10 [ 18.147596] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.147632] ? calculate_sigpending+0x7b/0xa0 [ 18.147658] ? __pfx_kthread+0x10/0x10 [ 18.147679] ret_from_fork+0x116/0x1d0 [ 18.147698] ? __pfx_kthread+0x10/0x10 [ 18.147717] ret_from_fork_asm+0x1a/0x30 [ 18.147746] </TASK> [ 18.147760] [ 18.158681] Allocated by task 303: [ 18.158971] kasan_save_stack+0x45/0x70 [ 18.159300] kasan_save_track+0x18/0x40 [ 18.159572] kasan_save_alloc_info+0x3b/0x50 [ 18.159791] __kasan_kmalloc+0xb7/0xc0 [ 18.160060] __kmalloc_noprof+0x1c9/0x500 [ 18.160403] kunit_kmalloc_array+0x25/0x60 [ 18.160731] copy_user_test_oob+0xab/0x10f0 [ 18.161060] kunit_try_run_case+0x1a5/0x480 [ 18.161319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.161597] kthread+0x337/0x6f0 [ 18.161985] ret_from_fork+0x116/0x1d0 [ 18.162346] ret_from_fork_asm+0x1a/0x30 [ 18.162661] [ 18.162771] The buggy address belongs to the object at ffff88810254dc00 [ 18.162771] which belongs to the cache kmalloc-128 of size 128 [ 18.163625] The buggy address is located 0 bytes inside of [ 18.163625] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.164319] [ 18.164450] The buggy address belongs to the physical page: [ 18.164700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.165225] flags: 0x200000000000000(node=0|zone=2) [ 18.165714] page_type: f5(slab) [ 18.165979] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.166378] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.166903] page dumped because: kasan: bad access detected [ 18.167196] [ 18.167350] Memory state around the buggy address: [ 18.167553] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.167991] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.168500] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.168829] ^ [ 18.169255] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169573] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 18.026353] ================================================================== [ 18.026899] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 18.027187] Read of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 18.027646] [ 18.027783] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.027864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.027885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.027921] Call Trace: [ 18.027951] <TASK> [ 18.027981] dump_stack_lvl+0x73/0xb0 [ 18.028033] print_report+0xd1/0x650 [ 18.028069] ? __virt_addr_valid+0x1db/0x2d0 [ 18.028102] ? _copy_to_user+0x3c/0x70 [ 18.028131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.028169] ? _copy_to_user+0x3c/0x70 [ 18.028199] kasan_report+0x141/0x180 [ 18.028234] ? _copy_to_user+0x3c/0x70 [ 18.028273] kasan_check_range+0x10c/0x1c0 [ 18.028310] __kasan_check_read+0x15/0x20 [ 18.028340] _copy_to_user+0x3c/0x70 [ 18.028371] copy_user_test_oob+0x364/0x10f0 [ 18.028411] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.028445] ? finish_task_switch.isra.0+0x153/0x700 [ 18.028481] ? __switch_to+0x47/0xf50 [ 18.028521] ? __schedule+0x10cc/0x2b60 [ 18.028558] ? __pfx_read_tsc+0x10/0x10 [ 18.028589] ? ktime_get_ts64+0x86/0x230 [ 18.028640] kunit_try_run_case+0x1a5/0x480 [ 18.028677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.028707] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.028744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.028783] ? __kthread_parkme+0x82/0x180 [ 18.028818] ? preempt_count_sub+0x50/0x80 [ 18.028860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.029373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.029422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.029502] kthread+0x337/0x6f0 [ 18.029540] ? trace_preempt_on+0x20/0xc0 [ 18.029577] ? __pfx_kthread+0x10/0x10 [ 18.029610] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.029660] ? calculate_sigpending+0x7b/0xa0 [ 18.029696] ? __pfx_kthread+0x10/0x10 [ 18.029729] ret_from_fork+0x116/0x1d0 [ 18.029756] ? __pfx_kthread+0x10/0x10 [ 18.029789] ret_from_fork_asm+0x1a/0x30 [ 18.029843] </TASK> [ 18.029868] [ 18.041954] Allocated by task 303: [ 18.042468] kasan_save_stack+0x45/0x70 [ 18.042697] kasan_save_track+0x18/0x40 [ 18.042990] kasan_save_alloc_info+0x3b/0x50 [ 18.043267] __kasan_kmalloc+0xb7/0xc0 [ 18.043424] __kmalloc_noprof+0x1c9/0x500 [ 18.043750] kunit_kmalloc_array+0x25/0x60 [ 18.043967] copy_user_test_oob+0xab/0x10f0 [ 18.044267] kunit_try_run_case+0x1a5/0x480 [ 18.044461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.044892] kthread+0x337/0x6f0 [ 18.045159] ret_from_fork+0x116/0x1d0 [ 18.045331] ret_from_fork_asm+0x1a/0x30 [ 18.045681] [ 18.045889] The buggy address belongs to the object at ffff88810254dc00 [ 18.045889] which belongs to the cache kmalloc-128 of size 128 [ 18.046657] The buggy address is located 0 bytes inside of [ 18.046657] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.047286] [ 18.047405] The buggy address belongs to the physical page: [ 18.047852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.048448] flags: 0x200000000000000(node=0|zone=2) [ 18.048836] page_type: f5(slab) [ 18.049176] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.049553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.049966] page dumped because: kasan: bad access detected [ 18.050252] [ 18.050390] Memory state around the buggy address: [ 18.050652] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.051874] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.052463] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.053299] ^ [ 18.053909] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.054147] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.054337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 17.996213] ================================================================== [ 17.996944] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 17.997592] Write of size 121 at addr ffff88810254dc00 by task kunit_try_catch/303 [ 17.998242] [ 17.998477] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.998569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.998596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.998660] Call Trace: [ 17.998688] <TASK> [ 17.998737] dump_stack_lvl+0x73/0xb0 [ 17.998802] print_report+0xd1/0x650 [ 17.998836] ? __virt_addr_valid+0x1db/0x2d0 [ 17.998868] ? _copy_from_user+0x32/0x90 [ 17.998893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.998925] ? _copy_from_user+0x32/0x90 [ 17.998950] kasan_report+0x141/0x180 [ 17.998977] ? _copy_from_user+0x32/0x90 [ 17.999008] kasan_check_range+0x10c/0x1c0 [ 17.999037] __kasan_check_write+0x18/0x20 [ 17.999061] _copy_from_user+0x32/0x90 [ 17.999088] copy_user_test_oob+0x2be/0x10f0 [ 17.999139] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.999160] ? finish_task_switch.isra.0+0x153/0x700 [ 17.999183] ? __switch_to+0x47/0xf50 [ 17.999209] ? __schedule+0x10cc/0x2b60 [ 17.999231] ? __pfx_read_tsc+0x10/0x10 [ 17.999252] ? ktime_get_ts64+0x86/0x230 [ 17.999276] kunit_try_run_case+0x1a5/0x480 [ 17.999298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.999319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.999341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.999362] ? __kthread_parkme+0x82/0x180 [ 17.999382] ? preempt_count_sub+0x50/0x80 [ 17.999404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.999426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.999447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.999469] kthread+0x337/0x6f0 [ 17.999488] ? trace_preempt_on+0x20/0xc0 [ 17.999511] ? __pfx_kthread+0x10/0x10 [ 17.999530] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.999549] ? calculate_sigpending+0x7b/0xa0 [ 17.999572] ? __pfx_kthread+0x10/0x10 [ 17.999592] ret_from_fork+0x116/0x1d0 [ 17.999611] ? __pfx_kthread+0x10/0x10 [ 17.999648] ret_from_fork_asm+0x1a/0x30 [ 17.999678] </TASK> [ 17.999692] [ 18.010604] Allocated by task 303: [ 18.010916] kasan_save_stack+0x45/0x70 [ 18.011136] kasan_save_track+0x18/0x40 [ 18.011450] kasan_save_alloc_info+0x3b/0x50 [ 18.011740] __kasan_kmalloc+0xb7/0xc0 [ 18.011910] __kmalloc_noprof+0x1c9/0x500 [ 18.012085] kunit_kmalloc_array+0x25/0x60 [ 18.012323] copy_user_test_oob+0xab/0x10f0 [ 18.012969] kunit_try_run_case+0x1a5/0x480 [ 18.013371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.013777] kthread+0x337/0x6f0 [ 18.014038] ret_from_fork+0x116/0x1d0 [ 18.014337] ret_from_fork_asm+0x1a/0x30 [ 18.014720] [ 18.014905] The buggy address belongs to the object at ffff88810254dc00 [ 18.014905] which belongs to the cache kmalloc-128 of size 128 [ 18.015731] The buggy address is located 0 bytes inside of [ 18.015731] allocated 120-byte region [ffff88810254dc00, ffff88810254dc78) [ 18.016278] [ 18.016445] The buggy address belongs to the physical page: [ 18.016729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 18.017152] flags: 0x200000000000000(node=0|zone=2) [ 18.017441] page_type: f5(slab) [ 18.017684] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.018060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.018537] page dumped because: kasan: bad access detected [ 18.018767] [ 18.018924] Memory state around the buggy address: [ 18.019272] ffff88810254db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.019566] ffff88810254db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.020017] >ffff88810254dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.020348] ^ [ 18.020793] ffff88810254dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021133] ffff88810254dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021564] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 17.923485] ================================================================== [ 17.924160] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 17.924900] Read of size 8 at addr ffff888102abe578 by task kunit_try_catch/299 [ 17.925131] [ 17.925332] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.925447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.925485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.925563] Call Trace: [ 17.925591] <TASK> [ 17.925645] dump_stack_lvl+0x73/0xb0 [ 17.925704] print_report+0xd1/0x650 [ 17.925743] ? __virt_addr_valid+0x1db/0x2d0 [ 17.925779] ? copy_to_kernel_nofault+0x225/0x260 [ 17.925822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.926254] ? copy_to_kernel_nofault+0x225/0x260 [ 17.926295] kasan_report+0x141/0x180 [ 17.926322] ? copy_to_kernel_nofault+0x225/0x260 [ 17.926350] __asan_report_load8_noabort+0x18/0x20 [ 17.926375] copy_to_kernel_nofault+0x225/0x260 [ 17.926400] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 17.926426] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.926449] ? finish_task_switch.isra.0+0x153/0x700 [ 17.926471] ? __schedule+0x10cc/0x2b60 [ 17.926493] ? trace_hardirqs_on+0x37/0xe0 [ 17.926540] ? __pfx_read_tsc+0x10/0x10 [ 17.926573] ? ktime_get_ts64+0x86/0x230 [ 17.926610] kunit_try_run_case+0x1a5/0x480 [ 17.926662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.926685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.926708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.926730] ? __kthread_parkme+0x82/0x180 [ 17.926751] ? preempt_count_sub+0x50/0x80 [ 17.926773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.926795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.926818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.926840] kthread+0x337/0x6f0 [ 17.926859] ? trace_preempt_on+0x20/0xc0 [ 17.926880] ? __pfx_kthread+0x10/0x10 [ 17.926901] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.926921] ? calculate_sigpending+0x7b/0xa0 [ 17.926944] ? __pfx_kthread+0x10/0x10 [ 17.926965] ret_from_fork+0x116/0x1d0 [ 17.926983] ? __pfx_kthread+0x10/0x10 [ 17.927003] ret_from_fork_asm+0x1a/0x30 [ 17.927033] </TASK> [ 17.927047] [ 17.939082] Allocated by task 299: [ 17.939282] kasan_save_stack+0x45/0x70 [ 17.939515] kasan_save_track+0x18/0x40 [ 17.939789] kasan_save_alloc_info+0x3b/0x50 [ 17.940093] __kasan_kmalloc+0xb7/0xc0 [ 17.940286] __kmalloc_cache_noprof+0x189/0x420 [ 17.940558] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.940796] kunit_try_run_case+0x1a5/0x480 [ 17.940976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.941490] kthread+0x337/0x6f0 [ 17.941806] ret_from_fork+0x116/0x1d0 [ 17.942064] ret_from_fork_asm+0x1a/0x30 [ 17.942366] [ 17.942456] The buggy address belongs to the object at ffff888102abe500 [ 17.942456] which belongs to the cache kmalloc-128 of size 128 [ 17.942993] The buggy address is located 0 bytes to the right of [ 17.942993] allocated 120-byte region [ffff888102abe500, ffff888102abe578) [ 17.943737] [ 17.943891] The buggy address belongs to the physical page: [ 17.944298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abe [ 17.944554] flags: 0x200000000000000(node=0|zone=2) [ 17.944757] page_type: f5(slab) [ 17.944911] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.945156] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.945386] page dumped because: kasan: bad access detected [ 17.945574] [ 17.945686] Memory state around the buggy address: [ 17.945858] ffff888102abe400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.946092] ffff888102abe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.946317] >ffff888102abe500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.946535] ^ [ 17.947053] ffff888102abe580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.947582] ffff888102abe600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.948087] ================================================================== [ 17.949060] ================================================================== [ 17.949696] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 17.950314] Write of size 8 at addr ffff888102abe578 by task kunit_try_catch/299 [ 17.950893] [ 17.951096] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.951198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.951223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.951260] Call Trace: [ 17.951291] <TASK> [ 17.951321] dump_stack_lvl+0x73/0xb0 [ 17.951385] print_report+0xd1/0x650 [ 17.951433] ? __virt_addr_valid+0x1db/0x2d0 [ 17.951479] ? copy_to_kernel_nofault+0x99/0x260 [ 17.951518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.951556] ? copy_to_kernel_nofault+0x99/0x260 [ 17.951589] kasan_report+0x141/0x180 [ 17.951644] ? copy_to_kernel_nofault+0x99/0x260 [ 17.951694] kasan_check_range+0x10c/0x1c0 [ 17.951733] __kasan_check_write+0x18/0x20 [ 17.951764] copy_to_kernel_nofault+0x99/0x260 [ 17.951801] copy_to_kernel_nofault_oob+0x288/0x560 [ 17.951838] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.951872] ? finish_task_switch.isra.0+0x153/0x700 [ 17.951907] ? __schedule+0x10cc/0x2b60 [ 17.951941] ? trace_hardirqs_on+0x37/0xe0 [ 17.951989] ? __pfx_read_tsc+0x10/0x10 [ 17.952022] ? ktime_get_ts64+0x86/0x230 [ 17.952063] kunit_try_run_case+0x1a5/0x480 [ 17.952106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.952143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.952184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.952225] ? __kthread_parkme+0x82/0x180 [ 17.952262] ? preempt_count_sub+0x50/0x80 [ 17.952302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.952337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.952372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.952408] kthread+0x337/0x6f0 [ 17.952444] ? trace_preempt_on+0x20/0xc0 [ 17.952486] ? __pfx_kthread+0x10/0x10 [ 17.952526] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.952570] ? calculate_sigpending+0x7b/0xa0 [ 17.952658] ? __pfx_kthread+0x10/0x10 [ 17.952708] ret_from_fork+0x116/0x1d0 [ 17.952748] ? __pfx_kthread+0x10/0x10 [ 17.952791] ret_from_fork_asm+0x1a/0x30 [ 17.952855] </TASK> [ 17.952883] [ 17.964829] Allocated by task 299: [ 17.965116] kasan_save_stack+0x45/0x70 [ 17.965449] kasan_save_track+0x18/0x40 [ 17.965674] kasan_save_alloc_info+0x3b/0x50 [ 17.966021] __kasan_kmalloc+0xb7/0xc0 [ 17.966404] __kmalloc_cache_noprof+0x189/0x420 [ 17.966758] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.967013] kunit_try_run_case+0x1a5/0x480 [ 17.968013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.968422] kthread+0x337/0x6f0 [ 17.968720] ret_from_fork+0x116/0x1d0 [ 17.969305] ret_from_fork_asm+0x1a/0x30 [ 17.969627] [ 17.969908] The buggy address belongs to the object at ffff888102abe500 [ 17.969908] which belongs to the cache kmalloc-128 of size 128 [ 17.970608] The buggy address is located 0 bytes to the right of [ 17.970608] allocated 120-byte region [ffff888102abe500, ffff888102abe578) [ 17.971597] [ 17.972130] The buggy address belongs to the physical page: [ 17.972483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abe [ 17.973204] flags: 0x200000000000000(node=0|zone=2) [ 17.973544] page_type: f5(slab) [ 17.973917] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.974610] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.975145] page dumped because: kasan: bad access detected [ 17.975427] [ 17.975643] Memory state around the buggy address: [ 17.976054] ffff888102abe400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.976962] ffff888102abe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.977739] >ffff888102abe500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.978131] ^ [ 17.978480] ffff888102abe580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.978724] ffff888102abe600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.979438] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.042392] ================================================================== [ 17.043016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 17.043752] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.044281] [ 17.044426] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.044511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.044539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.044578] Call Trace: [ 17.044608] <TASK> [ 17.044653] dump_stack_lvl+0x73/0xb0 [ 17.044712] print_report+0xd1/0x650 [ 17.044756] ? __virt_addr_valid+0x1db/0x2d0 [ 17.044791] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.044829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.044872] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.044908] kasan_report+0x141/0x180 [ 17.044993] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.045055] kasan_check_range+0x10c/0x1c0 [ 17.045131] __kasan_check_write+0x18/0x20 [ 17.045174] kasan_atomics_helper+0x12e6/0x5450 [ 17.045240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.045297] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.045345] ? trace_hardirqs_on+0x37/0xe0 [ 17.045389] ? kasan_atomics+0x152/0x310 [ 17.045448] kasan_atomics+0x1dc/0x310 [ 17.045493] ? __pfx_kasan_atomics+0x10/0x10 [ 17.045539] ? __pfx_kasan_atomics+0x10/0x10 [ 17.045589] kunit_try_run_case+0x1a5/0x480 [ 17.045638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.045668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.045698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.045729] ? __kthread_parkme+0x82/0x180 [ 17.045755] ? preempt_count_sub+0x50/0x80 [ 17.045785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.045813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.045835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.045857] kthread+0x337/0x6f0 [ 17.045877] ? trace_preempt_on+0x20/0xc0 [ 17.045899] ? __pfx_kthread+0x10/0x10 [ 17.045930] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.045951] ? calculate_sigpending+0x7b/0xa0 [ 17.045975] ? __pfx_kthread+0x10/0x10 [ 17.045996] ret_from_fork+0x116/0x1d0 [ 17.046015] ? __pfx_kthread+0x10/0x10 [ 17.046035] ret_from_fork_asm+0x1a/0x30 [ 17.046065] </TASK> [ 17.046079] [ 17.056393] Allocated by task 283: [ 17.056576] kasan_save_stack+0x45/0x70 [ 17.056867] kasan_save_track+0x18/0x40 [ 17.057168] kasan_save_alloc_info+0x3b/0x50 [ 17.057443] __kasan_kmalloc+0xb7/0xc0 [ 17.057736] __kmalloc_cache_noprof+0x189/0x420 [ 17.057935] kasan_atomics+0x95/0x310 [ 17.058102] kunit_try_run_case+0x1a5/0x480 [ 17.058281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.058487] kthread+0x337/0x6f0 [ 17.058759] ret_from_fork+0x116/0x1d0 [ 17.059068] ret_from_fork_asm+0x1a/0x30 [ 17.059408] [ 17.059678] The buggy address belongs to the object at ffff888102ac4100 [ 17.059678] which belongs to the cache kmalloc-64 of size 64 [ 17.061358] The buggy address is located 0 bytes to the right of [ 17.061358] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.061810] [ 17.062499] The buggy address belongs to the physical page: [ 17.062834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.063110] flags: 0x200000000000000(node=0|zone=2) [ 17.063743] page_type: f5(slab) [ 17.064119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.064820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.065127] page dumped because: kasan: bad access detected [ 17.065580] [ 17.065759] Memory state around the buggy address: [ 17.066039] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066479] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.067382] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.067792] ^ [ 17.068289] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.068688] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.069077] ================================================================== [ 17.277736] ================================================================== [ 17.278475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 17.278748] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.279394] [ 17.279565] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.279678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.279706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.279740] Call Trace: [ 17.279774] <TASK> [ 17.279804] dump_stack_lvl+0x73/0xb0 [ 17.279871] print_report+0xd1/0x650 [ 17.279933] ? __virt_addr_valid+0x1db/0x2d0 [ 17.279972] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.280007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.280033] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.280055] kasan_report+0x141/0x180 [ 17.280077] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.280110] kasan_check_range+0x10c/0x1c0 [ 17.280148] __kasan_check_write+0x18/0x20 [ 17.280185] kasan_atomics_helper+0x16e7/0x5450 [ 17.280230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.280277] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.280321] ? trace_hardirqs_on+0x37/0xe0 [ 17.280359] ? kasan_atomics+0x152/0x310 [ 17.280404] kasan_atomics+0x1dc/0x310 [ 17.280447] ? __pfx_kasan_atomics+0x10/0x10 [ 17.280493] ? __pfx_kasan_atomics+0x10/0x10 [ 17.280547] kunit_try_run_case+0x1a5/0x480 [ 17.280588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.280611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.280665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.280687] ? __kthread_parkme+0x82/0x180 [ 17.280708] ? preempt_count_sub+0x50/0x80 [ 17.280732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.280756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.280778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.280800] kthread+0x337/0x6f0 [ 17.280820] ? trace_preempt_on+0x20/0xc0 [ 17.280841] ? __pfx_kthread+0x10/0x10 [ 17.280862] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.280882] ? calculate_sigpending+0x7b/0xa0 [ 17.280905] ? __pfx_kthread+0x10/0x10 [ 17.280926] ret_from_fork+0x116/0x1d0 [ 17.280945] ? __pfx_kthread+0x10/0x10 [ 17.280965] ret_from_fork_asm+0x1a/0x30 [ 17.280995] </TASK> [ 17.281008] [ 17.289708] Allocated by task 283: [ 17.289963] kasan_save_stack+0x45/0x70 [ 17.290144] kasan_save_track+0x18/0x40 [ 17.290314] kasan_save_alloc_info+0x3b/0x50 [ 17.290493] __kasan_kmalloc+0xb7/0xc0 [ 17.290668] __kmalloc_cache_noprof+0x189/0x420 [ 17.291006] kasan_atomics+0x95/0x310 [ 17.291291] kunit_try_run_case+0x1a5/0x480 [ 17.291711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.292091] kthread+0x337/0x6f0 [ 17.292405] ret_from_fork+0x116/0x1d0 [ 17.292667] ret_from_fork_asm+0x1a/0x30 [ 17.292857] [ 17.293017] The buggy address belongs to the object at ffff888102ac4100 [ 17.293017] which belongs to the cache kmalloc-64 of size 64 [ 17.293372] The buggy address is located 0 bytes to the right of [ 17.293372] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.293904] [ 17.294070] The buggy address belongs to the physical page: [ 17.294573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.295200] flags: 0x200000000000000(node=0|zone=2) [ 17.295463] page_type: f5(slab) [ 17.295633] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.295890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.296131] page dumped because: kasan: bad access detected [ 17.296504] [ 17.296667] Memory state around the buggy address: [ 17.297126] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.297578] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.298053] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.298372] ^ [ 17.298632] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.298949] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.299506] ================================================================== [ 16.497858] ================================================================== [ 16.499028] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 16.499514] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.499822] [ 16.500029] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.500154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.500183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.500221] Call Trace: [ 16.500257] <TASK> [ 16.500290] dump_stack_lvl+0x73/0xb0 [ 16.500362] print_report+0xd1/0x650 [ 16.500403] ? __virt_addr_valid+0x1db/0x2d0 [ 16.500446] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.500494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.500557] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.500603] kasan_report+0x141/0x180 [ 16.500664] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.500712] kasan_check_range+0x10c/0x1c0 [ 16.500759] __kasan_check_write+0x18/0x20 [ 16.500800] kasan_atomics_helper+0x7c7/0x5450 [ 16.500842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.500875] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.500901] ? trace_hardirqs_on+0x37/0xe0 [ 16.500925] ? kasan_atomics+0x152/0x310 [ 16.500951] kasan_atomics+0x1dc/0x310 [ 16.500975] ? __pfx_kasan_atomics+0x10/0x10 [ 16.500997] ? __pfx_kasan_atomics+0x10/0x10 [ 16.501024] kunit_try_run_case+0x1a5/0x480 [ 16.501047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.501092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.501151] ? __kthread_parkme+0x82/0x180 [ 16.501171] ? preempt_count_sub+0x50/0x80 [ 16.501196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.501219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.501263] kthread+0x337/0x6f0 [ 16.501283] ? trace_preempt_on+0x20/0xc0 [ 16.501304] ? __pfx_kthread+0x10/0x10 [ 16.501324] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.501345] ? calculate_sigpending+0x7b/0xa0 [ 16.501368] ? __pfx_kthread+0x10/0x10 [ 16.501389] ret_from_fork+0x116/0x1d0 [ 16.501407] ? __pfx_kthread+0x10/0x10 [ 16.501427] ret_from_fork_asm+0x1a/0x30 [ 16.501457] </TASK> [ 16.501470] [ 16.510740] Allocated by task 283: [ 16.510963] kasan_save_stack+0x45/0x70 [ 16.511206] kasan_save_track+0x18/0x40 [ 16.511481] kasan_save_alloc_info+0x3b/0x50 [ 16.511806] __kasan_kmalloc+0xb7/0xc0 [ 16.512079] __kmalloc_cache_noprof+0x189/0x420 [ 16.512380] kasan_atomics+0x95/0x310 [ 16.512554] kunit_try_run_case+0x1a5/0x480 [ 16.512850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.513137] kthread+0x337/0x6f0 [ 16.513402] ret_from_fork+0x116/0x1d0 [ 16.513573] ret_from_fork_asm+0x1a/0x30 [ 16.513756] [ 16.513900] The buggy address belongs to the object at ffff888102ac4100 [ 16.513900] which belongs to the cache kmalloc-64 of size 64 [ 16.514703] The buggy address is located 0 bytes to the right of [ 16.514703] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.515217] [ 16.515329] The buggy address belongs to the physical page: [ 16.515701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.516227] flags: 0x200000000000000(node=0|zone=2) [ 16.516556] page_type: f5(slab) [ 16.516788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.517257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.517609] page dumped because: kasan: bad access detected [ 16.517837] [ 16.517996] Memory state around the buggy address: [ 16.518305] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.518545] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.518792] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.519024] ^ [ 16.519379] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.519871] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.520372] ================================================================== [ 17.092347] ================================================================== [ 17.092800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 17.093280] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.093581] [ 17.093778] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.093858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.093885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.093925] Call Trace: [ 17.093955] <TASK> [ 17.093983] dump_stack_lvl+0x73/0xb0 [ 17.094035] print_report+0xd1/0x650 [ 17.094074] ? __virt_addr_valid+0x1db/0x2d0 [ 17.094148] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.094186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.094231] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.094272] kasan_report+0x141/0x180 [ 17.094310] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.094356] kasan_check_range+0x10c/0x1c0 [ 17.094400] __kasan_check_read+0x15/0x20 [ 17.094436] kasan_atomics_helper+0x13b5/0x5450 [ 17.094480] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.094523] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.094571] ? trace_hardirqs_on+0x37/0xe0 [ 17.094628] ? kasan_atomics+0x152/0x310 [ 17.094684] kasan_atomics+0x1dc/0x310 [ 17.094730] ? __pfx_kasan_atomics+0x10/0x10 [ 17.094778] ? __pfx_kasan_atomics+0x10/0x10 [ 17.094833] kunit_try_run_case+0x1a5/0x480 [ 17.094879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.094923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.094970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.095015] ? __kthread_parkme+0x82/0x180 [ 17.095057] ? preempt_count_sub+0x50/0x80 [ 17.095125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.095210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.095256] kthread+0x337/0x6f0 [ 17.095296] ? trace_preempt_on+0x20/0xc0 [ 17.095341] ? __pfx_kthread+0x10/0x10 [ 17.095386] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.095429] ? calculate_sigpending+0x7b/0xa0 [ 17.095477] ? __pfx_kthread+0x10/0x10 [ 17.095523] ret_from_fork+0x116/0x1d0 [ 17.095562] ? __pfx_kthread+0x10/0x10 [ 17.095605] ret_from_fork_asm+0x1a/0x30 [ 17.095683] </TASK> [ 17.095709] [ 17.104438] Allocated by task 283: [ 17.104677] kasan_save_stack+0x45/0x70 [ 17.104901] kasan_save_track+0x18/0x40 [ 17.105183] kasan_save_alloc_info+0x3b/0x50 [ 17.105425] __kasan_kmalloc+0xb7/0xc0 [ 17.105612] __kmalloc_cache_noprof+0x189/0x420 [ 17.105923] kasan_atomics+0x95/0x310 [ 17.106190] kunit_try_run_case+0x1a5/0x480 [ 17.106463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.106675] kthread+0x337/0x6f0 [ 17.106930] ret_from_fork+0x116/0x1d0 [ 17.107185] ret_from_fork_asm+0x1a/0x30 [ 17.107388] [ 17.107541] The buggy address belongs to the object at ffff888102ac4100 [ 17.107541] which belongs to the cache kmalloc-64 of size 64 [ 17.108006] The buggy address is located 0 bytes to the right of [ 17.108006] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.108709] [ 17.108861] The buggy address belongs to the physical page: [ 17.109049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.109331] flags: 0x200000000000000(node=0|zone=2) [ 17.109531] page_type: f5(slab) [ 17.109699] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.109957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.110223] page dumped because: kasan: bad access detected [ 17.110420] [ 17.110525] Memory state around the buggy address: [ 17.110793] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.111284] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.111768] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.112262] ^ [ 17.112542] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.113010] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.113507] ================================================================== [ 17.195082] ================================================================== [ 17.195439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 17.196137] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.196473] [ 17.196696] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.196776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.196801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.196839] Call Trace: [ 17.196881] <TASK> [ 17.196910] dump_stack_lvl+0x73/0xb0 [ 17.196977] print_report+0xd1/0x650 [ 17.197033] ? __virt_addr_valid+0x1db/0x2d0 [ 17.197085] ? kasan_atomics_helper+0x151d/0x5450 [ 17.197126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.197185] ? kasan_atomics_helper+0x151d/0x5450 [ 17.197237] kasan_report+0x141/0x180 [ 17.197291] ? kasan_atomics_helper+0x151d/0x5450 [ 17.197354] kasan_check_range+0x10c/0x1c0 [ 17.197411] __kasan_check_write+0x18/0x20 [ 17.197451] kasan_atomics_helper+0x151d/0x5450 [ 17.197506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.197560] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.197629] ? trace_hardirqs_on+0x37/0xe0 [ 17.197672] ? kasan_atomics+0x152/0x310 [ 17.197725] kasan_atomics+0x1dc/0x310 [ 17.197789] ? __pfx_kasan_atomics+0x10/0x10 [ 17.197829] ? __pfx_kasan_atomics+0x10/0x10 [ 17.197880] kunit_try_run_case+0x1a5/0x480 [ 17.197935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.197980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.198028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.198075] ? __kthread_parkme+0x82/0x180 [ 17.198114] ? preempt_count_sub+0x50/0x80 [ 17.198161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.198208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.198254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.198299] kthread+0x337/0x6f0 [ 17.198339] ? trace_preempt_on+0x20/0xc0 [ 17.198387] ? __pfx_kthread+0x10/0x10 [ 17.198431] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.198473] ? calculate_sigpending+0x7b/0xa0 [ 17.198520] ? __pfx_kthread+0x10/0x10 [ 17.198564] ret_from_fork+0x116/0x1d0 [ 17.198604] ? __pfx_kthread+0x10/0x10 [ 17.198660] ret_from_fork_asm+0x1a/0x30 [ 17.198723] </TASK> [ 17.198751] [ 17.210390] Allocated by task 283: [ 17.210728] kasan_save_stack+0x45/0x70 [ 17.211040] kasan_save_track+0x18/0x40 [ 17.211409] kasan_save_alloc_info+0x3b/0x50 [ 17.211752] __kasan_kmalloc+0xb7/0xc0 [ 17.211936] __kmalloc_cache_noprof+0x189/0x420 [ 17.212195] kasan_atomics+0x95/0x310 [ 17.212365] kunit_try_run_case+0x1a5/0x480 [ 17.212547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.212961] kthread+0x337/0x6f0 [ 17.213303] ret_from_fork+0x116/0x1d0 [ 17.213691] ret_from_fork_asm+0x1a/0x30 [ 17.214033] [ 17.214230] The buggy address belongs to the object at ffff888102ac4100 [ 17.214230] which belongs to the cache kmalloc-64 of size 64 [ 17.215015] The buggy address is located 0 bytes to the right of [ 17.215015] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.215594] [ 17.215782] The buggy address belongs to the physical page: [ 17.216193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.216653] flags: 0x200000000000000(node=0|zone=2) [ 17.216946] page_type: f5(slab) [ 17.217269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.217647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.217980] page dumped because: kasan: bad access detected [ 17.218423] [ 17.218584] Memory state around the buggy address: [ 17.218896] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.219427] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.219777] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.220214] ^ [ 17.220576] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.220969] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.221440] ================================================================== [ 17.069989] ================================================================== [ 17.070539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 17.071166] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.071706] [ 17.071902] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.071979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.072006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.072046] Call Trace: [ 17.072074] <TASK> [ 17.072138] dump_stack_lvl+0x73/0xb0 [ 17.072198] print_report+0xd1/0x650 [ 17.072240] ? __virt_addr_valid+0x1db/0x2d0 [ 17.072280] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.072320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.072360] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.072404] kasan_report+0x141/0x180 [ 17.072448] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.072501] __asan_report_load4_noabort+0x18/0x20 [ 17.072549] kasan_atomics_helper+0x49ce/0x5450 [ 17.072596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.072655] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.072701] ? trace_hardirqs_on+0x37/0xe0 [ 17.072738] ? kasan_atomics+0x152/0x310 [ 17.072787] kasan_atomics+0x1dc/0x310 [ 17.072827] ? __pfx_kasan_atomics+0x10/0x10 [ 17.072865] ? __pfx_kasan_atomics+0x10/0x10 [ 17.072914] kunit_try_run_case+0x1a5/0x480 [ 17.072957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.073000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.073044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.073081] ? __kthread_parkme+0x82/0x180 [ 17.073150] ? preempt_count_sub+0x50/0x80 [ 17.073194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.073240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.073288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.073332] kthread+0x337/0x6f0 [ 17.073360] ? trace_preempt_on+0x20/0xc0 [ 17.073383] ? __pfx_kthread+0x10/0x10 [ 17.073403] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.073424] ? calculate_sigpending+0x7b/0xa0 [ 17.073448] ? __pfx_kthread+0x10/0x10 [ 17.073469] ret_from_fork+0x116/0x1d0 [ 17.073488] ? __pfx_kthread+0x10/0x10 [ 17.073508] ret_from_fork_asm+0x1a/0x30 [ 17.073539] </TASK> [ 17.073553] [ 17.081812] Allocated by task 283: [ 17.081997] kasan_save_stack+0x45/0x70 [ 17.082317] kasan_save_track+0x18/0x40 [ 17.082606] kasan_save_alloc_info+0x3b/0x50 [ 17.082934] __kasan_kmalloc+0xb7/0xc0 [ 17.083233] __kmalloc_cache_noprof+0x189/0x420 [ 17.083537] kasan_atomics+0x95/0x310 [ 17.083842] kunit_try_run_case+0x1a5/0x480 [ 17.084051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.084424] kthread+0x337/0x6f0 [ 17.084696] ret_from_fork+0x116/0x1d0 [ 17.084881] ret_from_fork_asm+0x1a/0x30 [ 17.085175] [ 17.085334] The buggy address belongs to the object at ffff888102ac4100 [ 17.085334] which belongs to the cache kmalloc-64 of size 64 [ 17.085921] The buggy address is located 0 bytes to the right of [ 17.085921] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.086378] [ 17.086541] The buggy address belongs to the physical page: [ 17.086901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.087195] flags: 0x200000000000000(node=0|zone=2) [ 17.087393] page_type: f5(slab) [ 17.087552] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.087919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.088421] page dumped because: kasan: bad access detected [ 17.088816] [ 17.088978] Memory state around the buggy address: [ 17.089347] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.089820] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.090130] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.090475] ^ [ 17.090753] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.090994] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.091465] ================================================================== [ 16.521212] ================================================================== [ 16.521594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 16.522131] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.522513] [ 16.522723] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.522802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.522827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.522866] Call Trace: [ 16.522895] <TASK> [ 16.522924] dump_stack_lvl+0x73/0xb0 [ 16.522980] print_report+0xd1/0x650 [ 16.523022] ? __virt_addr_valid+0x1db/0x2d0 [ 16.523059] ? kasan_atomics_helper+0x860/0x5450 [ 16.523131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.523183] ? kasan_atomics_helper+0x860/0x5450 [ 16.523225] kasan_report+0x141/0x180 [ 16.523266] ? kasan_atomics_helper+0x860/0x5450 [ 16.523316] kasan_check_range+0x10c/0x1c0 [ 16.523363] __kasan_check_write+0x18/0x20 [ 16.523403] kasan_atomics_helper+0x860/0x5450 [ 16.523446] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.523489] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.523529] ? trace_hardirqs_on+0x37/0xe0 [ 16.523570] ? kasan_atomics+0x152/0x310 [ 16.523634] kasan_atomics+0x1dc/0x310 [ 16.523681] ? __pfx_kasan_atomics+0x10/0x10 [ 16.523726] ? __pfx_kasan_atomics+0x10/0x10 [ 16.523776] kunit_try_run_case+0x1a5/0x480 [ 16.523820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.523860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.523906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.523952] ? __kthread_parkme+0x82/0x180 [ 16.523990] ? preempt_count_sub+0x50/0x80 [ 16.524034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.524078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.524154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.524200] kthread+0x337/0x6f0 [ 16.524241] ? trace_preempt_on+0x20/0xc0 [ 16.524285] ? __pfx_kthread+0x10/0x10 [ 16.524322] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.524359] ? calculate_sigpending+0x7b/0xa0 [ 16.524400] ? __pfx_kthread+0x10/0x10 [ 16.524443] ret_from_fork+0x116/0x1d0 [ 16.524481] ? __pfx_kthread+0x10/0x10 [ 16.524523] ret_from_fork_asm+0x1a/0x30 [ 16.524582] </TASK> [ 16.524602] [ 16.533132] Allocated by task 283: [ 16.533315] kasan_save_stack+0x45/0x70 [ 16.533500] kasan_save_track+0x18/0x40 [ 16.533714] kasan_save_alloc_info+0x3b/0x50 [ 16.534046] __kasan_kmalloc+0xb7/0xc0 [ 16.534364] __kmalloc_cache_noprof+0x189/0x420 [ 16.534728] kasan_atomics+0x95/0x310 [ 16.535028] kunit_try_run_case+0x1a5/0x480 [ 16.535949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.536397] kthread+0x337/0x6f0 [ 16.536658] ret_from_fork+0x116/0x1d0 [ 16.536932] ret_from_fork_asm+0x1a/0x30 [ 16.537198] [ 16.537311] The buggy address belongs to the object at ffff888102ac4100 [ 16.537311] which belongs to the cache kmalloc-64 of size 64 [ 16.537682] The buggy address is located 0 bytes to the right of [ 16.537682] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.538057] [ 16.538196] The buggy address belongs to the physical page: [ 16.538548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.539093] flags: 0x200000000000000(node=0|zone=2) [ 16.539484] page_type: f5(slab) [ 16.539746] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.540283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.540784] page dumped because: kasan: bad access detected [ 16.541187] [ 16.541344] Memory state around the buggy address: [ 16.541675] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542163] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542450] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.542811] ^ [ 16.543095] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543380] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543827] ================================================================== [ 16.404735] ================================================================== [ 16.404907] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 16.405175] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.405609] [ 16.405856] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.405947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.406002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.406043] Call Trace: [ 16.406073] <TASK> [ 16.406103] dump_stack_lvl+0x73/0xb0 [ 16.406159] print_report+0xd1/0x650 [ 16.406204] ? __virt_addr_valid+0x1db/0x2d0 [ 16.406248] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.406290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.406344] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.406385] kasan_report+0x141/0x180 [ 16.406459] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.406514] kasan_check_range+0x10c/0x1c0 [ 16.406557] __kasan_check_write+0x18/0x20 [ 16.406594] kasan_atomics_helper+0x5fe/0x5450 [ 16.406653] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.406696] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.406881] ? trace_hardirqs_on+0x37/0xe0 [ 16.406924] ? kasan_atomics+0x152/0x310 [ 16.406974] kasan_atomics+0x1dc/0x310 [ 16.407017] ? __pfx_kasan_atomics+0x10/0x10 [ 16.407063] ? __pfx_kasan_atomics+0x10/0x10 [ 16.407111] kunit_try_run_case+0x1a5/0x480 [ 16.407174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.407260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.407307] ? __kthread_parkme+0x82/0x180 [ 16.407350] ? preempt_count_sub+0x50/0x80 [ 16.407397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.407441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.407506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.407635] kthread+0x337/0x6f0 [ 16.407676] ? trace_preempt_on+0x20/0xc0 [ 16.407719] ? __pfx_kthread+0x10/0x10 [ 16.407761] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.407804] ? calculate_sigpending+0x7b/0xa0 [ 16.407851] ? __pfx_kthread+0x10/0x10 [ 16.407889] ret_from_fork+0x116/0x1d0 [ 16.407924] ? __pfx_kthread+0x10/0x10 [ 16.407964] ret_from_fork_asm+0x1a/0x30 [ 16.408026] </TASK> [ 16.408053] [ 16.420405] Allocated by task 283: [ 16.420837] kasan_save_stack+0x45/0x70 [ 16.421159] kasan_save_track+0x18/0x40 [ 16.421327] kasan_save_alloc_info+0x3b/0x50 [ 16.421790] __kasan_kmalloc+0xb7/0xc0 [ 16.421991] __kmalloc_cache_noprof+0x189/0x420 [ 16.422344] kasan_atomics+0x95/0x310 [ 16.422677] kunit_try_run_case+0x1a5/0x480 [ 16.422882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423275] kthread+0x337/0x6f0 [ 16.423955] ret_from_fork+0x116/0x1d0 [ 16.424236] ret_from_fork_asm+0x1a/0x30 [ 16.424552] [ 16.424734] The buggy address belongs to the object at ffff888102ac4100 [ 16.424734] which belongs to the cache kmalloc-64 of size 64 [ 16.425223] The buggy address is located 0 bytes to the right of [ 16.425223] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.425963] [ 16.426164] The buggy address belongs to the physical page: [ 16.426375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.426983] flags: 0x200000000000000(node=0|zone=2) [ 16.427329] page_type: f5(slab) [ 16.428007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.428362] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.429143] page dumped because: kasan: bad access detected [ 16.429539] [ 16.429985] Memory state around the buggy address: [ 16.430393] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.431007] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.431435] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.432171] ^ [ 16.432479] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433022] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433395] ================================================================== [ 16.434475] ================================================================== [ 16.435027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 16.435372] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.436069] [ 16.436413] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.436507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.436540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.436574] Call Trace: [ 16.436600] <TASK> [ 16.436642] dump_stack_lvl+0x73/0xb0 [ 16.436693] print_report+0xd1/0x650 [ 16.436727] ? __virt_addr_valid+0x1db/0x2d0 [ 16.436763] ? kasan_atomics_helper+0x697/0x5450 [ 16.436795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.436833] ? kasan_atomics_helper+0x697/0x5450 [ 16.436864] kasan_report+0x141/0x180 [ 16.436899] ? kasan_atomics_helper+0x697/0x5450 [ 16.436948] kasan_check_range+0x10c/0x1c0 [ 16.436989] __kasan_check_write+0x18/0x20 [ 16.437020] kasan_atomics_helper+0x697/0x5450 [ 16.437081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.437109] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.437168] ? trace_hardirqs_on+0x37/0xe0 [ 16.437201] ? kasan_atomics+0x152/0x310 [ 16.437228] kasan_atomics+0x1dc/0x310 [ 16.437251] ? __pfx_kasan_atomics+0x10/0x10 [ 16.437274] ? __pfx_kasan_atomics+0x10/0x10 [ 16.437300] kunit_try_run_case+0x1a5/0x480 [ 16.437327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.437349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.437371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.437393] ? __kthread_parkme+0x82/0x180 [ 16.437413] ? preempt_count_sub+0x50/0x80 [ 16.437435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.437459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.437481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.437504] kthread+0x337/0x6f0 [ 16.437523] ? trace_preempt_on+0x20/0xc0 [ 16.437545] ? __pfx_kthread+0x10/0x10 [ 16.437564] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.437585] ? calculate_sigpending+0x7b/0xa0 [ 16.437607] ? __pfx_kthread+0x10/0x10 [ 16.437654] ret_from_fork+0x116/0x1d0 [ 16.437685] ? __pfx_kthread+0x10/0x10 [ 16.437723] ret_from_fork_asm+0x1a/0x30 [ 16.437777] </TASK> [ 16.437793] [ 16.451272] Allocated by task 283: [ 16.451458] kasan_save_stack+0x45/0x70 [ 16.451645] kasan_save_track+0x18/0x40 [ 16.452348] kasan_save_alloc_info+0x3b/0x50 [ 16.453132] __kasan_kmalloc+0xb7/0xc0 [ 16.453416] __kmalloc_cache_noprof+0x189/0x420 [ 16.453799] kasan_atomics+0x95/0x310 [ 16.454024] kunit_try_run_case+0x1a5/0x480 [ 16.454409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.454963] kthread+0x337/0x6f0 [ 16.455262] ret_from_fork+0x116/0x1d0 [ 16.455451] ret_from_fork_asm+0x1a/0x30 [ 16.455816] [ 16.455990] The buggy address belongs to the object at ffff888102ac4100 [ 16.455990] which belongs to the cache kmalloc-64 of size 64 [ 16.456873] The buggy address is located 0 bytes to the right of [ 16.456873] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.457698] [ 16.457862] The buggy address belongs to the physical page: [ 16.458608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.458942] flags: 0x200000000000000(node=0|zone=2) [ 16.459281] page_type: f5(slab) [ 16.459465] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.460288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.460781] page dumped because: kasan: bad access detected [ 16.461307] [ 16.461424] Memory state around the buggy address: [ 16.461591] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.462072] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.462520] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.462858] ^ [ 16.463035] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463238] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.465191] ================================================================== [ 17.374059] ================================================================== [ 17.374633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 17.375092] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.375644] [ 17.375873] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.375949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.375970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.376011] Call Trace: [ 17.376040] <TASK> [ 17.376094] dump_stack_lvl+0x73/0xb0 [ 17.376211] print_report+0xd1/0x650 [ 17.376288] ? __virt_addr_valid+0x1db/0x2d0 [ 17.376352] ? kasan_atomics_helper+0x194a/0x5450 [ 17.376403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.376454] ? kasan_atomics_helper+0x194a/0x5450 [ 17.376496] kasan_report+0x141/0x180 [ 17.376544] ? kasan_atomics_helper+0x194a/0x5450 [ 17.376600] kasan_check_range+0x10c/0x1c0 [ 17.376661] __kasan_check_write+0x18/0x20 [ 17.376703] kasan_atomics_helper+0x194a/0x5450 [ 17.376750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.376796] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.376844] ? trace_hardirqs_on+0x37/0xe0 [ 17.376888] ? kasan_atomics+0x152/0x310 [ 17.376943] kasan_atomics+0x1dc/0x310 [ 17.376990] ? __pfx_kasan_atomics+0x10/0x10 [ 17.377039] ? __pfx_kasan_atomics+0x10/0x10 [ 17.377084] kunit_try_run_case+0x1a5/0x480 [ 17.377157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.377196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.377276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.377331] ? __kthread_parkme+0x82/0x180 [ 17.377374] ? preempt_count_sub+0x50/0x80 [ 17.377442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.377491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.377550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.377588] kthread+0x337/0x6f0 [ 17.377640] ? trace_preempt_on+0x20/0xc0 [ 17.377685] ? __pfx_kthread+0x10/0x10 [ 17.377729] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.377771] ? calculate_sigpending+0x7b/0xa0 [ 17.377799] ? __pfx_kthread+0x10/0x10 [ 17.377821] ret_from_fork+0x116/0x1d0 [ 17.377841] ? __pfx_kthread+0x10/0x10 [ 17.377861] ret_from_fork_asm+0x1a/0x30 [ 17.377892] </TASK> [ 17.377905] [ 17.388883] Allocated by task 283: [ 17.389258] kasan_save_stack+0x45/0x70 [ 17.389442] kasan_save_track+0x18/0x40 [ 17.389791] kasan_save_alloc_info+0x3b/0x50 [ 17.390186] __kasan_kmalloc+0xb7/0xc0 [ 17.390357] __kmalloc_cache_noprof+0x189/0x420 [ 17.390698] kasan_atomics+0x95/0x310 [ 17.390949] kunit_try_run_case+0x1a5/0x480 [ 17.391245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.391584] kthread+0x337/0x6f0 [ 17.391890] ret_from_fork+0x116/0x1d0 [ 17.392144] ret_from_fork_asm+0x1a/0x30 [ 17.392485] [ 17.392633] The buggy address belongs to the object at ffff888102ac4100 [ 17.392633] which belongs to the cache kmalloc-64 of size 64 [ 17.393230] The buggy address is located 0 bytes to the right of [ 17.393230] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.393748] [ 17.393943] The buggy address belongs to the physical page: [ 17.394324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.394741] flags: 0x200000000000000(node=0|zone=2) [ 17.394954] page_type: f5(slab) [ 17.395281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.395734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.396133] page dumped because: kasan: bad access detected [ 17.396450] [ 17.396611] Memory state around the buggy address: [ 17.396888] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.397234] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.397744] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.398047] ^ [ 17.398398] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398783] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.399228] ================================================================== [ 17.694822] ================================================================== [ 17.695388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 17.696418] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.696679] [ 17.696813] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.696895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.696913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.696936] Call Trace: [ 17.696954] <TASK> [ 17.696972] dump_stack_lvl+0x73/0xb0 [ 17.697008] print_report+0xd1/0x650 [ 17.697041] ? __virt_addr_valid+0x1db/0x2d0 [ 17.697076] ? kasan_atomics_helper+0x2006/0x5450 [ 17.697109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.697566] ? kasan_atomics_helper+0x2006/0x5450 [ 17.697639] kasan_report+0x141/0x180 [ 17.697694] ? kasan_atomics_helper+0x2006/0x5450 [ 17.697737] kasan_check_range+0x10c/0x1c0 [ 17.697762] __kasan_check_write+0x18/0x20 [ 17.697781] kasan_atomics_helper+0x2006/0x5450 [ 17.697811] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.697835] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.697859] ? trace_hardirqs_on+0x37/0xe0 [ 17.697882] ? kasan_atomics+0x152/0x310 [ 17.697908] kasan_atomics+0x1dc/0x310 [ 17.697941] ? __pfx_kasan_atomics+0x10/0x10 [ 17.697964] ? __pfx_kasan_atomics+0x10/0x10 [ 17.698007] kunit_try_run_case+0x1a5/0x480 [ 17.698032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.698054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.698127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.698168] ? __kthread_parkme+0x82/0x180 [ 17.698200] ? preempt_count_sub+0x50/0x80 [ 17.698228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.698250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.698273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.698296] kthread+0x337/0x6f0 [ 17.698315] ? trace_preempt_on+0x20/0xc0 [ 17.698336] ? __pfx_kthread+0x10/0x10 [ 17.698357] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.698377] ? calculate_sigpending+0x7b/0xa0 [ 17.698400] ? __pfx_kthread+0x10/0x10 [ 17.698421] ret_from_fork+0x116/0x1d0 [ 17.698439] ? __pfx_kthread+0x10/0x10 [ 17.698459] ret_from_fork_asm+0x1a/0x30 [ 17.698489] </TASK> [ 17.698502] [ 17.708971] Allocated by task 283: [ 17.709177] kasan_save_stack+0x45/0x70 [ 17.709364] kasan_save_track+0x18/0x40 [ 17.709529] kasan_save_alloc_info+0x3b/0x50 [ 17.709847] __kasan_kmalloc+0xb7/0xc0 [ 17.710180] __kmalloc_cache_noprof+0x189/0x420 [ 17.710523] kasan_atomics+0x95/0x310 [ 17.710705] kunit_try_run_case+0x1a5/0x480 [ 17.711016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.711386] kthread+0x337/0x6f0 [ 17.711546] ret_from_fork+0x116/0x1d0 [ 17.711723] ret_from_fork_asm+0x1a/0x30 [ 17.712038] [ 17.712239] The buggy address belongs to the object at ffff888102ac4100 [ 17.712239] which belongs to the cache kmalloc-64 of size 64 [ 17.712913] The buggy address is located 0 bytes to the right of [ 17.712913] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.713322] [ 17.713434] The buggy address belongs to the physical page: [ 17.713787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.714380] flags: 0x200000000000000(node=0|zone=2) [ 17.714757] page_type: f5(slab) [ 17.715024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.715543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.715836] page dumped because: kasan: bad access detected [ 17.716136] [ 17.716290] Memory state around the buggy address: [ 17.716664] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.717033] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.717478] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.717867] ^ [ 17.718198] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.718536] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.719017] ================================================================== [ 16.279879] ================================================================== [ 16.280266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 16.280841] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.281211] [ 16.281418] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.281904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.281961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.282006] Call Trace: [ 16.282042] <TASK> [ 16.282075] dump_stack_lvl+0x73/0xb0 [ 16.282140] print_report+0xd1/0x650 [ 16.282185] ? __virt_addr_valid+0x1db/0x2d0 [ 16.282222] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.282258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.282332] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.282374] kasan_report+0x141/0x180 [ 16.282415] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.282490] __asan_report_load4_noabort+0x18/0x20 [ 16.282704] kasan_atomics_helper+0x4b54/0x5450 [ 16.282749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.282792] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.282834] ? trace_hardirqs_on+0x37/0xe0 [ 16.282858] ? kasan_atomics+0x152/0x310 [ 16.282886] kasan_atomics+0x1dc/0x310 [ 16.282908] ? __pfx_kasan_atomics+0x10/0x10 [ 16.282931] ? __pfx_kasan_atomics+0x10/0x10 [ 16.282957] kunit_try_run_case+0x1a5/0x480 [ 16.282981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.283002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.283026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.283047] ? __kthread_parkme+0x82/0x180 [ 16.283068] ? preempt_count_sub+0x50/0x80 [ 16.283092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.283115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.283138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.283159] kthread+0x337/0x6f0 [ 16.283179] ? trace_preempt_on+0x20/0xc0 [ 16.283201] ? __pfx_kthread+0x10/0x10 [ 16.283232] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.283260] ? calculate_sigpending+0x7b/0xa0 [ 16.283287] ? __pfx_kthread+0x10/0x10 [ 16.283308] ret_from_fork+0x116/0x1d0 [ 16.283327] ? __pfx_kthread+0x10/0x10 [ 16.283346] ret_from_fork_asm+0x1a/0x30 [ 16.283376] </TASK> [ 16.283389] [ 16.294687] Allocated by task 283: [ 16.294868] kasan_save_stack+0x45/0x70 [ 16.295169] kasan_save_track+0x18/0x40 [ 16.295482] kasan_save_alloc_info+0x3b/0x50 [ 16.295991] __kasan_kmalloc+0xb7/0xc0 [ 16.296321] __kmalloc_cache_noprof+0x189/0x420 [ 16.296817] kasan_atomics+0x95/0x310 [ 16.297181] kunit_try_run_case+0x1a5/0x480 [ 16.297895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.298388] kthread+0x337/0x6f0 [ 16.298636] ret_from_fork+0x116/0x1d0 [ 16.298874] ret_from_fork_asm+0x1a/0x30 [ 16.299296] [ 16.299471] The buggy address belongs to the object at ffff888102ac4100 [ 16.299471] which belongs to the cache kmalloc-64 of size 64 [ 16.300283] The buggy address is located 0 bytes to the right of [ 16.300283] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.301056] [ 16.301274] The buggy address belongs to the physical page: [ 16.302026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.302717] flags: 0x200000000000000(node=0|zone=2) [ 16.303043] page_type: f5(slab) [ 16.303366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.303955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.304347] page dumped because: kasan: bad access detected [ 16.304780] [ 16.304943] Memory state around the buggy address: [ 16.305263] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.305674] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.306089] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.307090] ^ [ 16.307392] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.307994] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.308640] ================================================================== [ 16.852897] ================================================================== [ 16.853479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 16.854005] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.854513] [ 16.854731] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.854816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.854840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.854879] Call Trace: [ 16.854926] <TASK> [ 16.854956] dump_stack_lvl+0x73/0xb0 [ 16.855010] print_report+0xd1/0x650 [ 16.855055] ? __virt_addr_valid+0x1db/0x2d0 [ 16.855143] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.855190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.855238] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.855282] kasan_report+0x141/0x180 [ 16.855326] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.855393] __asan_report_load4_noabort+0x18/0x20 [ 16.855442] kasan_atomics_helper+0x4a36/0x5450 [ 16.855486] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.855544] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.855593] ? trace_hardirqs_on+0x37/0xe0 [ 16.855649] ? kasan_atomics+0x152/0x310 [ 16.855718] kasan_atomics+0x1dc/0x310 [ 16.855763] ? __pfx_kasan_atomics+0x10/0x10 [ 16.855807] ? __pfx_kasan_atomics+0x10/0x10 [ 16.855856] kunit_try_run_case+0x1a5/0x480 [ 16.855916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.855961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.856017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.856069] ? __kthread_parkme+0x82/0x180 [ 16.856136] ? preempt_count_sub+0x50/0x80 [ 16.856188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.856235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.856283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.856330] kthread+0x337/0x6f0 [ 16.856372] ? trace_preempt_on+0x20/0xc0 [ 16.856418] ? __pfx_kthread+0x10/0x10 [ 16.856460] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.856499] ? calculate_sigpending+0x7b/0xa0 [ 16.856536] ? __pfx_kthread+0x10/0x10 [ 16.856571] ret_from_fork+0x116/0x1d0 [ 16.856606] ? __pfx_kthread+0x10/0x10 [ 16.856659] ret_from_fork_asm+0x1a/0x30 [ 16.856737] </TASK> [ 16.856763] [ 16.866422] Allocated by task 283: [ 16.866604] kasan_save_stack+0x45/0x70 [ 16.866921] kasan_save_track+0x18/0x40 [ 16.867254] kasan_save_alloc_info+0x3b/0x50 [ 16.867518] __kasan_kmalloc+0xb7/0xc0 [ 16.867774] __kmalloc_cache_noprof+0x189/0x420 [ 16.867981] kasan_atomics+0x95/0x310 [ 16.868311] kunit_try_run_case+0x1a5/0x480 [ 16.868567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.868912] kthread+0x337/0x6f0 [ 16.869122] ret_from_fork+0x116/0x1d0 [ 16.869418] ret_from_fork_asm+0x1a/0x30 [ 16.869656] [ 16.869820] The buggy address belongs to the object at ffff888102ac4100 [ 16.869820] which belongs to the cache kmalloc-64 of size 64 [ 16.870447] The buggy address is located 0 bytes to the right of [ 16.870447] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.871017] [ 16.871194] The buggy address belongs to the physical page: [ 16.871429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.871747] flags: 0x200000000000000(node=0|zone=2) [ 16.871968] page_type: f5(slab) [ 16.872272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.872821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.873359] page dumped because: kasan: bad access detected [ 16.873750] [ 16.873924] Memory state around the buggy address: [ 16.874298] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.874778] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.875298] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.875791] ^ [ 16.876167] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876539] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876863] ================================================================== [ 17.866036] ================================================================== [ 17.866729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 17.867428] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.867946] [ 17.868117] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.868197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.868225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.868265] Call Trace: [ 17.868296] <TASK> [ 17.868326] dump_stack_lvl+0x73/0xb0 [ 17.868387] print_report+0xd1/0x650 [ 17.868434] ? __virt_addr_valid+0x1db/0x2d0 [ 17.868479] ? kasan_atomics_helper+0x5115/0x5450 [ 17.868523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.868577] ? kasan_atomics_helper+0x5115/0x5450 [ 17.868635] kasan_report+0x141/0x180 [ 17.868684] ? kasan_atomics_helper+0x5115/0x5450 [ 17.868740] __asan_report_load8_noabort+0x18/0x20 [ 17.868790] kasan_atomics_helper+0x5115/0x5450 [ 17.868837] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.868883] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.868931] ? trace_hardirqs_on+0x37/0xe0 [ 17.868974] ? kasan_atomics+0x152/0x310 [ 17.869031] kasan_atomics+0x1dc/0x310 [ 17.869080] ? __pfx_kasan_atomics+0x10/0x10 [ 17.869129] ? __pfx_kasan_atomics+0x10/0x10 [ 17.869174] kunit_try_run_case+0x1a5/0x480 [ 17.869218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.869257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.869301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.869344] ? __kthread_parkme+0x82/0x180 [ 17.869378] ? preempt_count_sub+0x50/0x80 [ 17.869421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.869464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.869504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.869540] kthread+0x337/0x6f0 [ 17.869575] ? trace_preempt_on+0x20/0xc0 [ 17.869632] ? __pfx_kthread+0x10/0x10 [ 17.869675] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.869718] ? calculate_sigpending+0x7b/0xa0 [ 17.869764] ? __pfx_kthread+0x10/0x10 [ 17.869809] ret_from_fork+0x116/0x1d0 [ 17.869850] ? __pfx_kthread+0x10/0x10 [ 17.869892] ret_from_fork_asm+0x1a/0x30 [ 17.869961] </TASK> [ 17.869987] [ 17.878268] Allocated by task 283: [ 17.878564] kasan_save_stack+0x45/0x70 [ 17.878872] kasan_save_track+0x18/0x40 [ 17.879182] kasan_save_alloc_info+0x3b/0x50 [ 17.879505] __kasan_kmalloc+0xb7/0xc0 [ 17.879803] __kmalloc_cache_noprof+0x189/0x420 [ 17.880147] kasan_atomics+0x95/0x310 [ 17.880414] kunit_try_run_case+0x1a5/0x480 [ 17.880745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.881104] kthread+0x337/0x6f0 [ 17.881324] ret_from_fork+0x116/0x1d0 [ 17.881488] ret_from_fork_asm+0x1a/0x30 [ 17.882943] [ 17.883145] The buggy address belongs to the object at ffff888102ac4100 [ 17.883145] which belongs to the cache kmalloc-64 of size 64 [ 17.883928] The buggy address is located 0 bytes to the right of [ 17.883928] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.886833] [ 17.887025] The buggy address belongs to the physical page: [ 17.887522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.887804] flags: 0x200000000000000(node=0|zone=2) [ 17.888005] page_type: f5(slab) [ 17.889372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.889945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.890876] page dumped because: kasan: bad access detected [ 17.891533] [ 17.891801] Memory state around the buggy address: [ 17.892391] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.892664] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.893138] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.893576] ^ [ 17.893810] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894142] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894497] ================================================================== [ 17.503817] ================================================================== [ 17.504025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 17.505343] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.506044] [ 17.506835] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.506957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.506987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.507026] Call Trace: [ 17.507057] <TASK> [ 17.507083] dump_stack_lvl+0x73/0xb0 [ 17.507152] print_report+0xd1/0x650 [ 17.507176] ? __virt_addr_valid+0x1db/0x2d0 [ 17.507199] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.507219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.507244] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.507266] kasan_report+0x141/0x180 [ 17.507287] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.507313] __asan_report_load8_noabort+0x18/0x20 [ 17.507336] kasan_atomics_helper+0x4f30/0x5450 [ 17.507358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.507380] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.507403] ? trace_hardirqs_on+0x37/0xe0 [ 17.507424] ? kasan_atomics+0x152/0x310 [ 17.507451] kasan_atomics+0x1dc/0x310 [ 17.507473] ? __pfx_kasan_atomics+0x10/0x10 [ 17.507495] ? __pfx_kasan_atomics+0x10/0x10 [ 17.507521] kunit_try_run_case+0x1a5/0x480 [ 17.507544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.507566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.507589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.507611] ? __kthread_parkme+0x82/0x180 [ 17.507649] ? preempt_count_sub+0x50/0x80 [ 17.507672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.507696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.507718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.507741] kthread+0x337/0x6f0 [ 17.507760] ? trace_preempt_on+0x20/0xc0 [ 17.507782] ? __pfx_kthread+0x10/0x10 [ 17.507802] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.507823] ? calculate_sigpending+0x7b/0xa0 [ 17.507846] ? __pfx_kthread+0x10/0x10 [ 17.507867] ret_from_fork+0x116/0x1d0 [ 17.507885] ? __pfx_kthread+0x10/0x10 [ 17.507905] ret_from_fork_asm+0x1a/0x30 [ 17.507935] </TASK> [ 17.507948] [ 17.519158] Allocated by task 283: [ 17.519435] kasan_save_stack+0x45/0x70 [ 17.519850] kasan_save_track+0x18/0x40 [ 17.520171] kasan_save_alloc_info+0x3b/0x50 [ 17.520570] __kasan_kmalloc+0xb7/0xc0 [ 17.520916] __kmalloc_cache_noprof+0x189/0x420 [ 17.521267] kasan_atomics+0x95/0x310 [ 17.521583] kunit_try_run_case+0x1a5/0x480 [ 17.521944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.522220] kthread+0x337/0x6f0 [ 17.522483] ret_from_fork+0x116/0x1d0 [ 17.522732] ret_from_fork_asm+0x1a/0x30 [ 17.523064] [ 17.523296] The buggy address belongs to the object at ffff888102ac4100 [ 17.523296] which belongs to the cache kmalloc-64 of size 64 [ 17.524285] The buggy address is located 0 bytes to the right of [ 17.524285] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.525694] [ 17.525945] The buggy address belongs to the physical page: [ 17.527027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.528055] flags: 0x200000000000000(node=0|zone=2) [ 17.528653] page_type: f5(slab) [ 17.528818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.529052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.530803] page dumped because: kasan: bad access detected [ 17.531021] [ 17.531130] Memory state around the buggy address: [ 17.531291] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.531504] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.531858] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.532260] ^ [ 17.532534] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.534052] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.534686] ================================================================== [ 17.248164] ================================================================== [ 17.248555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 17.249086] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.249515] [ 17.249682] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.249772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.249801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.249843] Call Trace: [ 17.249875] <TASK> [ 17.249906] dump_stack_lvl+0x73/0xb0 [ 17.249973] print_report+0xd1/0x650 [ 17.250019] ? __virt_addr_valid+0x1db/0x2d0 [ 17.250064] ? kasan_atomics_helper+0x164f/0x5450 [ 17.250137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.250193] ? kasan_atomics_helper+0x164f/0x5450 [ 17.250230] kasan_report+0x141/0x180 [ 17.250270] ? kasan_atomics_helper+0x164f/0x5450 [ 17.250317] kasan_check_range+0x10c/0x1c0 [ 17.250360] __kasan_check_write+0x18/0x20 [ 17.250400] kasan_atomics_helper+0x164f/0x5450 [ 17.250443] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.250486] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.250530] ? trace_hardirqs_on+0x37/0xe0 [ 17.250575] ? kasan_atomics+0x152/0x310 [ 17.250641] kasan_atomics+0x1dc/0x310 [ 17.250687] ? __pfx_kasan_atomics+0x10/0x10 [ 17.250734] ? __pfx_kasan_atomics+0x10/0x10 [ 17.250789] kunit_try_run_case+0x1a5/0x480 [ 17.250838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.250879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.250913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.250944] ? __kthread_parkme+0x82/0x180 [ 17.250970] ? preempt_count_sub+0x50/0x80 [ 17.251001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.251031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.251055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.251078] kthread+0x337/0x6f0 [ 17.251105] ? trace_preempt_on+0x20/0xc0 [ 17.251152] ? __pfx_kthread+0x10/0x10 [ 17.251173] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.251194] ? calculate_sigpending+0x7b/0xa0 [ 17.251218] ? __pfx_kthread+0x10/0x10 [ 17.251239] ret_from_fork+0x116/0x1d0 [ 17.251258] ? __pfx_kthread+0x10/0x10 [ 17.251278] ret_from_fork_asm+0x1a/0x30 [ 17.251309] </TASK> [ 17.251322] [ 17.261844] Allocated by task 283: [ 17.262086] kasan_save_stack+0x45/0x70 [ 17.263041] kasan_save_track+0x18/0x40 [ 17.263357] kasan_save_alloc_info+0x3b/0x50 [ 17.264805] __kasan_kmalloc+0xb7/0xc0 [ 17.265139] __kmalloc_cache_noprof+0x189/0x420 [ 17.265468] kasan_atomics+0x95/0x310 [ 17.265733] kunit_try_run_case+0x1a5/0x480 [ 17.266041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.266380] kthread+0x337/0x6f0 [ 17.267258] ret_from_fork+0x116/0x1d0 [ 17.267784] ret_from_fork_asm+0x1a/0x30 [ 17.268878] [ 17.269667] The buggy address belongs to the object at ffff888102ac4100 [ 17.269667] which belongs to the cache kmalloc-64 of size 64 [ 17.270439] The buggy address is located 0 bytes to the right of [ 17.270439] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.271246] [ 17.271358] The buggy address belongs to the physical page: [ 17.271554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.271857] flags: 0x200000000000000(node=0|zone=2) [ 17.272045] page_type: f5(slab) [ 17.272272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.272723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.272970] page dumped because: kasan: bad access detected [ 17.273217] [ 17.273305] Memory state around the buggy address: [ 17.273471] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.273770] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.274328] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.274850] ^ [ 17.275226] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.275566] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.275944] ================================================================== [ 17.668057] ================================================================== [ 17.668357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 17.668991] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.669517] [ 17.669697] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.669759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.669776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.669799] Call Trace: [ 17.669816] <TASK> [ 17.669834] dump_stack_lvl+0x73/0xb0 [ 17.669867] print_report+0xd1/0x650 [ 17.669889] ? __virt_addr_valid+0x1db/0x2d0 [ 17.669919] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.669944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.669969] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.669991] kasan_report+0x141/0x180 [ 17.670013] ? kasan_atomics_helper+0x4f71/0x5450 [ 17.670038] __asan_report_load8_noabort+0x18/0x20 [ 17.670062] kasan_atomics_helper+0x4f71/0x5450 [ 17.670084] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.670111] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.670148] ? trace_hardirqs_on+0x37/0xe0 [ 17.670186] ? kasan_atomics+0x152/0x310 [ 17.670232] kasan_atomics+0x1dc/0x310 [ 17.670275] ? __pfx_kasan_atomics+0x10/0x10 [ 17.670322] ? __pfx_kasan_atomics+0x10/0x10 [ 17.670378] kunit_try_run_case+0x1a5/0x480 [ 17.670426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.670469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.670512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.670555] ? __kthread_parkme+0x82/0x180 [ 17.670597] ? preempt_count_sub+0x50/0x80 [ 17.670659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.670707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.670755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.670794] kthread+0x337/0x6f0 [ 17.670845] ? trace_preempt_on+0x20/0xc0 [ 17.670885] ? __pfx_kthread+0x10/0x10 [ 17.670928] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.670969] ? calculate_sigpending+0x7b/0xa0 [ 17.671017] ? __pfx_kthread+0x10/0x10 [ 17.671064] ret_from_fork+0x116/0x1d0 [ 17.671101] ? __pfx_kthread+0x10/0x10 [ 17.671142] ret_from_fork_asm+0x1a/0x30 [ 17.671205] </TASK> [ 17.671231] [ 17.682410] Allocated by task 283: [ 17.682758] kasan_save_stack+0x45/0x70 [ 17.683113] kasan_save_track+0x18/0x40 [ 17.683479] kasan_save_alloc_info+0x3b/0x50 [ 17.683843] __kasan_kmalloc+0xb7/0xc0 [ 17.684079] __kmalloc_cache_noprof+0x189/0x420 [ 17.684269] kasan_atomics+0x95/0x310 [ 17.684568] kunit_try_run_case+0x1a5/0x480 [ 17.684890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.685096] kthread+0x337/0x6f0 [ 17.685520] ret_from_fork+0x116/0x1d0 [ 17.685851] ret_from_fork_asm+0x1a/0x30 [ 17.686167] [ 17.686385] The buggy address belongs to the object at ffff888102ac4100 [ 17.686385] which belongs to the cache kmalloc-64 of size 64 [ 17.687112] The buggy address is located 0 bytes to the right of [ 17.687112] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.687723] [ 17.687929] The buggy address belongs to the physical page: [ 17.688359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.688817] flags: 0x200000000000000(node=0|zone=2) [ 17.689267] page_type: f5(slab) [ 17.689500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.689768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.690389] page dumped because: kasan: bad access detected [ 17.690659] [ 17.690763] Memory state around the buggy address: [ 17.690974] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.691681] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.692054] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.692641] ^ [ 17.692973] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.693378] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.693802] ================================================================== [ 17.842057] ================================================================== [ 17.842710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 17.843257] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.843752] [ 17.843930] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.844011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.844038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.844079] Call Trace: [ 17.844107] <TASK> [ 17.845190] dump_stack_lvl+0x73/0xb0 [ 17.845262] print_report+0xd1/0x650 [ 17.845302] ? __virt_addr_valid+0x1db/0x2d0 [ 17.845344] ? kasan_atomics_helper+0x224c/0x5450 [ 17.845384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.845427] ? kasan_atomics_helper+0x224c/0x5450 [ 17.845469] kasan_report+0x141/0x180 [ 17.845510] ? kasan_atomics_helper+0x224c/0x5450 [ 17.845562] kasan_check_range+0x10c/0x1c0 [ 17.845606] __kasan_check_write+0x18/0x20 [ 17.845660] kasan_atomics_helper+0x224c/0x5450 [ 17.845701] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.845738] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.845784] ? trace_hardirqs_on+0x37/0xe0 [ 17.845826] ? kasan_atomics+0x152/0x310 [ 17.845881] kasan_atomics+0x1dc/0x310 [ 17.845940] ? __pfx_kasan_atomics+0x10/0x10 [ 17.845989] ? __pfx_kasan_atomics+0x10/0x10 [ 17.846045] kunit_try_run_case+0x1a5/0x480 [ 17.846094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.846133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.846173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.846215] ? __kthread_parkme+0x82/0x180 [ 17.846257] ? preempt_count_sub+0x50/0x80 [ 17.846308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.846355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.846402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.846444] kthread+0x337/0x6f0 [ 17.846477] ? trace_preempt_on+0x20/0xc0 [ 17.846519] ? __pfx_kthread+0x10/0x10 [ 17.846556] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.846592] ? calculate_sigpending+0x7b/0xa0 [ 17.846644] ? __pfx_kthread+0x10/0x10 [ 17.846684] ret_from_fork+0x116/0x1d0 [ 17.846722] ? __pfx_kthread+0x10/0x10 [ 17.846758] ret_from_fork_asm+0x1a/0x30 [ 17.846817] </TASK> [ 17.846839] [ 17.856443] Allocated by task 283: [ 17.856736] kasan_save_stack+0x45/0x70 [ 17.857001] kasan_save_track+0x18/0x40 [ 17.857321] kasan_save_alloc_info+0x3b/0x50 [ 17.857507] __kasan_kmalloc+0xb7/0xc0 [ 17.857687] __kmalloc_cache_noprof+0x189/0x420 [ 17.857878] kasan_atomics+0x95/0x310 [ 17.858056] kunit_try_run_case+0x1a5/0x480 [ 17.858365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.858831] kthread+0x337/0x6f0 [ 17.859100] ret_from_fork+0x116/0x1d0 [ 17.859381] ret_from_fork_asm+0x1a/0x30 [ 17.859611] [ 17.859784] The buggy address belongs to the object at ffff888102ac4100 [ 17.859784] which belongs to the cache kmalloc-64 of size 64 [ 17.860180] The buggy address is located 0 bytes to the right of [ 17.860180] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.860843] [ 17.860957] The buggy address belongs to the physical page: [ 17.861180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.861710] flags: 0x200000000000000(node=0|zone=2) [ 17.862014] page_type: f5(slab) [ 17.862293] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.862683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.862966] page dumped because: kasan: bad access detected [ 17.863255] [ 17.863412] Memory state around the buggy address: [ 17.863758] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.864246] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.864559] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.864805] ^ [ 17.864990] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865222] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865454] ================================================================== [ 16.904852] ================================================================== [ 16.905264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 16.905759] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.906140] [ 16.906310] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.906413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.906441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.906475] Call Trace: [ 16.906505] <TASK> [ 16.906536] dump_stack_lvl+0x73/0xb0 [ 16.906592] print_report+0xd1/0x650 [ 16.906645] ? __virt_addr_valid+0x1db/0x2d0 [ 16.906686] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.906722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.906769] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.906811] kasan_report+0x141/0x180 [ 16.906848] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.906931] __asan_report_load4_noabort+0x18/0x20 [ 16.906979] kasan_atomics_helper+0x4a1c/0x5450 [ 16.907028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.907075] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.907109] ? trace_hardirqs_on+0x37/0xe0 [ 16.907154] ? kasan_atomics+0x152/0x310 [ 16.907182] kasan_atomics+0x1dc/0x310 [ 16.907206] ? __pfx_kasan_atomics+0x10/0x10 [ 16.907229] ? __pfx_kasan_atomics+0x10/0x10 [ 16.907255] kunit_try_run_case+0x1a5/0x480 [ 16.907278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.907300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.907323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.907345] ? __kthread_parkme+0x82/0x180 [ 16.907364] ? preempt_count_sub+0x50/0x80 [ 16.907387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.907410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.907432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.907455] kthread+0x337/0x6f0 [ 16.907474] ? trace_preempt_on+0x20/0xc0 [ 16.907495] ? __pfx_kthread+0x10/0x10 [ 16.907516] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.907536] ? calculate_sigpending+0x7b/0xa0 [ 16.907559] ? __pfx_kthread+0x10/0x10 [ 16.907580] ret_from_fork+0x116/0x1d0 [ 16.907599] ? __pfx_kthread+0x10/0x10 [ 16.907636] ret_from_fork_asm+0x1a/0x30 [ 16.907668] </TASK> [ 16.907681] [ 16.919479] Allocated by task 283: [ 16.919655] kasan_save_stack+0x45/0x70 [ 16.919951] kasan_save_track+0x18/0x40 [ 16.920636] kasan_save_alloc_info+0x3b/0x50 [ 16.920850] __kasan_kmalloc+0xb7/0xc0 [ 16.920995] __kmalloc_cache_noprof+0x189/0x420 [ 16.921628] kasan_atomics+0x95/0x310 [ 16.921797] kunit_try_run_case+0x1a5/0x480 [ 16.922071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.922650] kthread+0x337/0x6f0 [ 16.922867] ret_from_fork+0x116/0x1d0 [ 16.923018] ret_from_fork_asm+0x1a/0x30 [ 16.923653] [ 16.923771] The buggy address belongs to the object at ffff888102ac4100 [ 16.923771] which belongs to the cache kmalloc-64 of size 64 [ 16.924098] The buggy address is located 0 bytes to the right of [ 16.924098] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.924994] [ 16.925301] The buggy address belongs to the physical page: [ 16.925523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.925843] flags: 0x200000000000000(node=0|zone=2) [ 16.926086] page_type: f5(slab) [ 16.926702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.927059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.927667] page dumped because: kasan: bad access detected [ 16.927847] [ 16.927970] Memory state around the buggy address: [ 16.928298] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.928662] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.929192] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.929457] ^ [ 16.929900] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.930471] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.930797] ================================================================== [ 17.563464] ================================================================== [ 17.563882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 17.564403] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.564848] [ 17.564987] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.565073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.565129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.565175] Call Trace: [ 17.565206] <TASK> [ 17.565240] dump_stack_lvl+0x73/0xb0 [ 17.565300] print_report+0xd1/0x650 [ 17.565347] ? __virt_addr_valid+0x1db/0x2d0 [ 17.565390] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.565424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.565501] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.565556] kasan_report+0x141/0x180 [ 17.565625] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.565681] kasan_check_range+0x10c/0x1c0 [ 17.565737] __kasan_check_write+0x18/0x20 [ 17.565785] kasan_atomics_helper+0x1d7a/0x5450 [ 17.565835] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.565889] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.565946] ? trace_hardirqs_on+0x37/0xe0 [ 17.565990] ? kasan_atomics+0x152/0x310 [ 17.566047] kasan_atomics+0x1dc/0x310 [ 17.566093] ? __pfx_kasan_atomics+0x10/0x10 [ 17.566170] ? __pfx_kasan_atomics+0x10/0x10 [ 17.566210] kunit_try_run_case+0x1a5/0x480 [ 17.566236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.566258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.566281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.566303] ? __kthread_parkme+0x82/0x180 [ 17.566323] ? preempt_count_sub+0x50/0x80 [ 17.566346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.566368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.566390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.566413] kthread+0x337/0x6f0 [ 17.566432] ? trace_preempt_on+0x20/0xc0 [ 17.566454] ? __pfx_kthread+0x10/0x10 [ 17.566474] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.566494] ? calculate_sigpending+0x7b/0xa0 [ 17.566517] ? __pfx_kthread+0x10/0x10 [ 17.566537] ret_from_fork+0x116/0x1d0 [ 17.566556] ? __pfx_kthread+0x10/0x10 [ 17.566576] ret_from_fork_asm+0x1a/0x30 [ 17.566605] </TASK> [ 17.566634] [ 17.576771] Allocated by task 283: [ 17.577078] kasan_save_stack+0x45/0x70 [ 17.577352] kasan_save_track+0x18/0x40 [ 17.577528] kasan_save_alloc_info+0x3b/0x50 [ 17.577717] __kasan_kmalloc+0xb7/0xc0 [ 17.577881] __kmalloc_cache_noprof+0x189/0x420 [ 17.578297] kasan_atomics+0x95/0x310 [ 17.578647] kunit_try_run_case+0x1a5/0x480 [ 17.578990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.579401] kthread+0x337/0x6f0 [ 17.579729] ret_from_fork+0x116/0x1d0 [ 17.580051] ret_from_fork_asm+0x1a/0x30 [ 17.580434] [ 17.580632] The buggy address belongs to the object at ffff888102ac4100 [ 17.580632] which belongs to the cache kmalloc-64 of size 64 [ 17.581044] The buggy address is located 0 bytes to the right of [ 17.581044] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.581447] [ 17.581551] The buggy address belongs to the physical page: [ 17.582035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.582635] flags: 0x200000000000000(node=0|zone=2) [ 17.582999] page_type: f5(slab) [ 17.583339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.583911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.584498] page dumped because: kasan: bad access detected [ 17.584716] [ 17.584821] Memory state around the buggy address: [ 17.585010] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.585496] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.586038] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.586588] ^ [ 17.586986] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.587530] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.588308] ================================================================== [ 17.114247] ================================================================== [ 17.115445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 17.115955] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.116336] [ 17.116505] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.116583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.116607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.116655] Call Trace: [ 17.116684] <TASK> [ 17.116714] dump_stack_lvl+0x73/0xb0 [ 17.116763] print_report+0xd1/0x650 [ 17.116806] ? __virt_addr_valid+0x1db/0x2d0 [ 17.116845] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.116879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.116914] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.116937] kasan_report+0x141/0x180 [ 17.116959] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.116985] __asan_report_load8_noabort+0x18/0x20 [ 17.117008] kasan_atomics_helper+0x4eae/0x5450 [ 17.117036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.117075] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.117111] ? trace_hardirqs_on+0x37/0xe0 [ 17.117152] ? kasan_atomics+0x152/0x310 [ 17.117203] kasan_atomics+0x1dc/0x310 [ 17.117245] ? __pfx_kasan_atomics+0x10/0x10 [ 17.117290] ? __pfx_kasan_atomics+0x10/0x10 [ 17.117340] kunit_try_run_case+0x1a5/0x480 [ 17.117386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.117427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.117471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.117514] ? __kthread_parkme+0x82/0x180 [ 17.117555] ? preempt_count_sub+0x50/0x80 [ 17.117604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.118675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.118736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.118787] kthread+0x337/0x6f0 [ 17.118833] ? trace_preempt_on+0x20/0xc0 [ 17.118883] ? __pfx_kthread+0x10/0x10 [ 17.118929] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.118972] ? calculate_sigpending+0x7b/0xa0 [ 17.119020] ? __pfx_kthread+0x10/0x10 [ 17.119066] ret_from_fork+0x116/0x1d0 [ 17.119106] ? __pfx_kthread+0x10/0x10 [ 17.119152] ret_from_fork_asm+0x1a/0x30 [ 17.119218] </TASK> [ 17.119244] [ 17.130440] Allocated by task 283: [ 17.130687] kasan_save_stack+0x45/0x70 [ 17.131024] kasan_save_track+0x18/0x40 [ 17.131341] kasan_save_alloc_info+0x3b/0x50 [ 17.131604] __kasan_kmalloc+0xb7/0xc0 [ 17.132655] __kmalloc_cache_noprof+0x189/0x420 [ 17.133044] kasan_atomics+0x95/0x310 [ 17.133280] kunit_try_run_case+0x1a5/0x480 [ 17.133468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.133866] kthread+0x337/0x6f0 [ 17.134129] ret_from_fork+0x116/0x1d0 [ 17.134680] ret_from_fork_asm+0x1a/0x30 [ 17.134902] [ 17.135013] The buggy address belongs to the object at ffff888102ac4100 [ 17.135013] which belongs to the cache kmalloc-64 of size 64 [ 17.136238] The buggy address is located 0 bytes to the right of [ 17.136238] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.136805] [ 17.136965] The buggy address belongs to the physical page: [ 17.137396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.138062] flags: 0x200000000000000(node=0|zone=2) [ 17.138439] page_type: f5(slab) [ 17.138585] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.139001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.139773] page dumped because: kasan: bad access detected [ 17.139992] [ 17.140080] Memory state around the buggy address: [ 17.140331] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.140944] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.141512] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.141814] ^ [ 17.142146] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.143110] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.143407] ================================================================== [ 16.250640] ================================================================== [ 16.251375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 16.252276] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.253079] [ 16.253453] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.253516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.253577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.253632] Call Trace: [ 16.253666] <TASK> [ 16.253931] dump_stack_lvl+0x73/0xb0 [ 16.254021] print_report+0xd1/0x650 [ 16.254062] ? __virt_addr_valid+0x1db/0x2d0 [ 16.254091] ? kasan_atomics_helper+0x3df/0x5450 [ 16.254133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.254160] ? kasan_atomics_helper+0x3df/0x5450 [ 16.254181] kasan_report+0x141/0x180 [ 16.254203] ? kasan_atomics_helper+0x3df/0x5450 [ 16.254228] kasan_check_range+0x10c/0x1c0 [ 16.254251] __kasan_check_read+0x15/0x20 [ 16.254271] kasan_atomics_helper+0x3df/0x5450 [ 16.254293] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.254314] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.254338] ? trace_hardirqs_on+0x37/0xe0 [ 16.254360] ? kasan_atomics+0x152/0x310 [ 16.254387] kasan_atomics+0x1dc/0x310 [ 16.254409] ? __pfx_kasan_atomics+0x10/0x10 [ 16.254432] ? __pfx_kasan_atomics+0x10/0x10 [ 16.254458] kunit_try_run_case+0x1a5/0x480 [ 16.254482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.254507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.254550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.254583] ? __kthread_parkme+0x82/0x180 [ 16.254631] ? preempt_count_sub+0x50/0x80 [ 16.254668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.254699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.254722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.254746] kthread+0x337/0x6f0 [ 16.254767] ? trace_preempt_on+0x20/0xc0 [ 16.254788] ? __pfx_kthread+0x10/0x10 [ 16.254809] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.254829] ? calculate_sigpending+0x7b/0xa0 [ 16.254852] ? __pfx_kthread+0x10/0x10 [ 16.254873] ret_from_fork+0x116/0x1d0 [ 16.254892] ? __pfx_kthread+0x10/0x10 [ 16.254914] ret_from_fork_asm+0x1a/0x30 [ 16.254944] </TASK> [ 16.254958] [ 16.266860] Allocated by task 283: [ 16.267057] kasan_save_stack+0x45/0x70 [ 16.267256] kasan_save_track+0x18/0x40 [ 16.267528] kasan_save_alloc_info+0x3b/0x50 [ 16.267906] __kasan_kmalloc+0xb7/0xc0 [ 16.268094] __kmalloc_cache_noprof+0x189/0x420 [ 16.268320] kasan_atomics+0x95/0x310 [ 16.268489] kunit_try_run_case+0x1a5/0x480 [ 16.268923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269335] kthread+0x337/0x6f0 [ 16.270028] ret_from_fork+0x116/0x1d0 [ 16.270375] ret_from_fork_asm+0x1a/0x30 [ 16.270827] [ 16.270986] The buggy address belongs to the object at ffff888102ac4100 [ 16.270986] which belongs to the cache kmalloc-64 of size 64 [ 16.271856] The buggy address is located 0 bytes to the right of [ 16.271856] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.272289] [ 16.272485] The buggy address belongs to the physical page: [ 16.272983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.273933] flags: 0x200000000000000(node=0|zone=2) [ 16.274344] page_type: f5(slab) [ 16.274634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.274895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.275385] page dumped because: kasan: bad access detected [ 16.275632] [ 16.275798] Memory state around the buggy address: [ 16.276089] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.276455] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.276971] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.277434] ^ [ 16.278133] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.278656] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.279093] ================================================================== [ 16.545461] ================================================================== [ 16.546375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 16.546713] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.546966] [ 16.547128] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.547214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.547242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.547282] Call Trace: [ 16.547308] <TASK> [ 16.547334] dump_stack_lvl+0x73/0xb0 [ 16.547391] print_report+0xd1/0x650 [ 16.547437] ? __virt_addr_valid+0x1db/0x2d0 [ 16.547481] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.547526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.547576] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.547635] kasan_report+0x141/0x180 [ 16.547684] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.547741] kasan_check_range+0x10c/0x1c0 [ 16.547791] __kasan_check_write+0x18/0x20 [ 16.547829] kasan_atomics_helper+0x8f9/0x5450 [ 16.547875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.547920] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.547961] ? trace_hardirqs_on+0x37/0xe0 [ 16.547997] ? kasan_atomics+0x152/0x310 [ 16.548045] kasan_atomics+0x1dc/0x310 [ 16.548085] ? __pfx_kasan_atomics+0x10/0x10 [ 16.548154] ? __pfx_kasan_atomics+0x10/0x10 [ 16.548205] kunit_try_run_case+0x1a5/0x480 [ 16.548250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.548291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.548333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.548374] ? __kthread_parkme+0x82/0x180 [ 16.548413] ? preempt_count_sub+0x50/0x80 [ 16.548462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.548509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.548552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.548595] kthread+0x337/0x6f0 [ 16.548649] ? trace_preempt_on+0x20/0xc0 [ 16.548695] ? __pfx_kthread+0x10/0x10 [ 16.548737] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.548773] ? calculate_sigpending+0x7b/0xa0 [ 16.548899] ? __pfx_kthread+0x10/0x10 [ 16.548952] ret_from_fork+0x116/0x1d0 [ 16.548993] ? __pfx_kthread+0x10/0x10 [ 16.549308] ret_from_fork_asm+0x1a/0x30 [ 16.549423] </TASK> [ 16.549493] [ 16.559453] Allocated by task 283: [ 16.559657] kasan_save_stack+0x45/0x70 [ 16.559988] kasan_save_track+0x18/0x40 [ 16.560318] kasan_save_alloc_info+0x3b/0x50 [ 16.560800] __kasan_kmalloc+0xb7/0xc0 [ 16.561203] __kmalloc_cache_noprof+0x189/0x420 [ 16.561577] kasan_atomics+0x95/0x310 [ 16.561889] kunit_try_run_case+0x1a5/0x480 [ 16.562331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.562602] kthread+0x337/0x6f0 [ 16.562954] ret_from_fork+0x116/0x1d0 [ 16.563343] ret_from_fork_asm+0x1a/0x30 [ 16.563724] [ 16.563920] The buggy address belongs to the object at ffff888102ac4100 [ 16.563920] which belongs to the cache kmalloc-64 of size 64 [ 16.564649] The buggy address is located 0 bytes to the right of [ 16.564649] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.565306] [ 16.565480] The buggy address belongs to the physical page: [ 16.565732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.566266] flags: 0x200000000000000(node=0|zone=2) [ 16.566626] page_type: f5(slab) [ 16.566923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.567370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.567790] page dumped because: kasan: bad access detected [ 16.568139] [ 16.568310] Memory state around the buggy address: [ 16.568564] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.569038] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.569394] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.569787] ^ [ 16.570213] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.570557] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.570985] ================================================================== [ 16.958951] ================================================================== [ 16.959512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 16.960505] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.960871] [ 16.960998] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.961057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.961074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.961101] Call Trace: [ 16.961517] <TASK> [ 16.961571] dump_stack_lvl+0x73/0xb0 [ 16.961659] print_report+0xd1/0x650 [ 16.961697] ? __virt_addr_valid+0x1db/0x2d0 [ 16.961721] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.961742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.961767] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.961788] kasan_report+0x141/0x180 [ 16.961810] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.961835] __asan_report_load4_noabort+0x18/0x20 [ 16.961858] kasan_atomics_helper+0x4a02/0x5450 [ 16.961879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.961901] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.961936] ? trace_hardirqs_on+0x37/0xe0 [ 16.961959] ? kasan_atomics+0x152/0x310 [ 16.961986] kasan_atomics+0x1dc/0x310 [ 16.962009] ? __pfx_kasan_atomics+0x10/0x10 [ 16.962033] ? __pfx_kasan_atomics+0x10/0x10 [ 16.962059] kunit_try_run_case+0x1a5/0x480 [ 16.962082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.962109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.962143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.962165] ? __kthread_parkme+0x82/0x180 [ 16.962185] ? preempt_count_sub+0x50/0x80 [ 16.962208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.962231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.962254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.962276] kthread+0x337/0x6f0 [ 16.962296] ? trace_preempt_on+0x20/0xc0 [ 16.962344] ? __pfx_kthread+0x10/0x10 [ 16.962367] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.962387] ? calculate_sigpending+0x7b/0xa0 [ 16.962411] ? __pfx_kthread+0x10/0x10 [ 16.962432] ret_from_fork+0x116/0x1d0 [ 16.962452] ? __pfx_kthread+0x10/0x10 [ 16.962473] ret_from_fork_asm+0x1a/0x30 [ 16.962502] </TASK> [ 16.962515] [ 16.973825] Allocated by task 283: [ 16.974025] kasan_save_stack+0x45/0x70 [ 16.974744] kasan_save_track+0x18/0x40 [ 16.975009] kasan_save_alloc_info+0x3b/0x50 [ 16.975446] __kasan_kmalloc+0xb7/0xc0 [ 16.975628] __kmalloc_cache_noprof+0x189/0x420 [ 16.975932] kasan_atomics+0x95/0x310 [ 16.976199] kunit_try_run_case+0x1a5/0x480 [ 16.976412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.976689] kthread+0x337/0x6f0 [ 16.976895] ret_from_fork+0x116/0x1d0 [ 16.977474] ret_from_fork_asm+0x1a/0x30 [ 16.977762] [ 16.977861] The buggy address belongs to the object at ffff888102ac4100 [ 16.977861] which belongs to the cache kmalloc-64 of size 64 [ 16.978766] The buggy address is located 0 bytes to the right of [ 16.978766] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.979604] [ 16.979734] The buggy address belongs to the physical page: [ 16.980042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.980338] flags: 0x200000000000000(node=0|zone=2) [ 16.980732] page_type: f5(slab) [ 16.980923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.981496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.981856] page dumped because: kasan: bad access detected [ 16.982275] [ 16.982564] Memory state around the buggy address: [ 16.982819] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.983441] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.983812] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.984097] ^ [ 16.984644] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.985308] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.985636] ================================================================== [ 17.820238] ================================================================== [ 17.820512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 17.820942] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.821356] [ 17.821532] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.821605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.821639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.821667] Call Trace: [ 17.821689] <TASK> [ 17.821711] dump_stack_lvl+0x73/0xb0 [ 17.821756] print_report+0xd1/0x650 [ 17.821788] ? __virt_addr_valid+0x1db/0x2d0 [ 17.821819] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.821847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.821881] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.821919] kasan_report+0x141/0x180 [ 17.821953] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.821991] __asan_report_load8_noabort+0x18/0x20 [ 17.822025] kasan_atomics_helper+0x4fa5/0x5450 [ 17.822171] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.822210] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.822250] ? trace_hardirqs_on+0x37/0xe0 [ 17.822284] ? kasan_atomics+0x152/0x310 [ 17.822361] kasan_atomics+0x1dc/0x310 [ 17.822406] ? __pfx_kasan_atomics+0x10/0x10 [ 17.822448] ? __pfx_kasan_atomics+0x10/0x10 [ 17.822494] kunit_try_run_case+0x1a5/0x480 [ 17.822542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.822587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.822647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.822695] ? __kthread_parkme+0x82/0x180 [ 17.822733] ? preempt_count_sub+0x50/0x80 [ 17.822780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.822822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.822861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.822904] kthread+0x337/0x6f0 [ 17.822940] ? trace_preempt_on+0x20/0xc0 [ 17.822985] ? __pfx_kthread+0x10/0x10 [ 17.823023] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.823064] ? calculate_sigpending+0x7b/0xa0 [ 17.823104] ? __pfx_kthread+0x10/0x10 [ 17.823156] ret_from_fork+0x116/0x1d0 [ 17.823192] ? __pfx_kthread+0x10/0x10 [ 17.823233] ret_from_fork_asm+0x1a/0x30 [ 17.823289] </TASK> [ 17.823313] [ 17.831632] Allocated by task 283: [ 17.832012] kasan_save_stack+0x45/0x70 [ 17.832414] kasan_save_track+0x18/0x40 [ 17.832730] kasan_save_alloc_info+0x3b/0x50 [ 17.832924] __kasan_kmalloc+0xb7/0xc0 [ 17.833090] __kmalloc_cache_noprof+0x189/0x420 [ 17.833409] kasan_atomics+0x95/0x310 [ 17.833661] kunit_try_run_case+0x1a5/0x480 [ 17.833976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.834306] kthread+0x337/0x6f0 [ 17.834555] ret_from_fork+0x116/0x1d0 [ 17.834730] ret_from_fork_asm+0x1a/0x30 [ 17.834963] [ 17.835077] The buggy address belongs to the object at ffff888102ac4100 [ 17.835077] which belongs to the cache kmalloc-64 of size 64 [ 17.835746] The buggy address is located 0 bytes to the right of [ 17.835746] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.836374] [ 17.836506] The buggy address belongs to the physical page: [ 17.836825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.837091] flags: 0x200000000000000(node=0|zone=2) [ 17.837451] page_type: f5(slab) [ 17.837705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.838168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.838472] page dumped because: kasan: bad access detected [ 17.838730] [ 17.838837] Memory state around the buggy address: [ 17.839023] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.839598] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.840064] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.840489] ^ [ 17.840757] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.841075] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.841354] ================================================================== [ 17.588968] ================================================================== [ 17.589504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 17.589962] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.590206] [ 17.590332] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.590411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.590439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.590480] Call Trace: [ 17.590510] <TASK> [ 17.590538] dump_stack_lvl+0x73/0xb0 [ 17.590590] print_report+0xd1/0x650 [ 17.590649] ? __virt_addr_valid+0x1db/0x2d0 [ 17.590691] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.590733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.590783] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.590825] kasan_report+0x141/0x180 [ 17.590860] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.590901] kasan_check_range+0x10c/0x1c0 [ 17.590945] __kasan_check_write+0x18/0x20 [ 17.590979] kasan_atomics_helper+0x1e12/0x5450 [ 17.591022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.591068] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.591138] ? trace_hardirqs_on+0x37/0xe0 [ 17.591178] ? kasan_atomics+0x152/0x310 [ 17.591278] kasan_atomics+0x1dc/0x310 [ 17.591346] ? __pfx_kasan_atomics+0x10/0x10 [ 17.591400] ? __pfx_kasan_atomics+0x10/0x10 [ 17.591451] kunit_try_run_case+0x1a5/0x480 [ 17.591514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.591560] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.591605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.591669] ? __kthread_parkme+0x82/0x180 [ 17.591713] ? preempt_count_sub+0x50/0x80 [ 17.591761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.591807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.591854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.591901] kthread+0x337/0x6f0 [ 17.591941] ? trace_preempt_on+0x20/0xc0 [ 17.591967] ? __pfx_kthread+0x10/0x10 [ 17.591987] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.592008] ? calculate_sigpending+0x7b/0xa0 [ 17.592032] ? __pfx_kthread+0x10/0x10 [ 17.592052] ret_from_fork+0x116/0x1d0 [ 17.592071] ? __pfx_kthread+0x10/0x10 [ 17.592090] ret_from_fork_asm+0x1a/0x30 [ 17.592138] </TASK> [ 17.592151] [ 17.601744] Allocated by task 283: [ 17.601985] kasan_save_stack+0x45/0x70 [ 17.602203] kasan_save_track+0x18/0x40 [ 17.602449] kasan_save_alloc_info+0x3b/0x50 [ 17.602991] __kasan_kmalloc+0xb7/0xc0 [ 17.603300] __kmalloc_cache_noprof+0x189/0x420 [ 17.603769] kasan_atomics+0x95/0x310 [ 17.604141] kunit_try_run_case+0x1a5/0x480 [ 17.604540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.604953] kthread+0x337/0x6f0 [ 17.605279] ret_from_fork+0x116/0x1d0 [ 17.605502] ret_from_fork_asm+0x1a/0x30 [ 17.605864] [ 17.606006] The buggy address belongs to the object at ffff888102ac4100 [ 17.606006] which belongs to the cache kmalloc-64 of size 64 [ 17.606546] The buggy address is located 0 bytes to the right of [ 17.606546] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.606973] [ 17.607098] The buggy address belongs to the physical page: [ 17.607317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.607900] flags: 0x200000000000000(node=0|zone=2) [ 17.608310] page_type: f5(slab) [ 17.608572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.609082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.609639] page dumped because: kasan: bad access detected [ 17.610070] [ 17.610282] Memory state around the buggy address: [ 17.610587] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.611052] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.611320] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.611550] ^ [ 17.611746] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.612195] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.612901] ================================================================== [ 17.720336] ================================================================== [ 17.721718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 17.722037] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.722573] [ 17.722781] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.722908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.722938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.722978] Call Trace: [ 17.723010] <TASK> [ 17.723042] dump_stack_lvl+0x73/0xb0 [ 17.723144] print_report+0xd1/0x650 [ 17.723202] ? __virt_addr_valid+0x1db/0x2d0 [ 17.723259] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.723298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.723344] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.723412] kasan_report+0x141/0x180 [ 17.723456] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.723524] __asan_report_load8_noabort+0x18/0x20 [ 17.723589] kasan_atomics_helper+0x4f98/0x5450 [ 17.723655] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.723701] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.723734] ? trace_hardirqs_on+0x37/0xe0 [ 17.723757] ? kasan_atomics+0x152/0x310 [ 17.723785] kasan_atomics+0x1dc/0x310 [ 17.723808] ? __pfx_kasan_atomics+0x10/0x10 [ 17.723831] ? __pfx_kasan_atomics+0x10/0x10 [ 17.723863] kunit_try_run_case+0x1a5/0x480 [ 17.723899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.723922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.723945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.723968] ? __kthread_parkme+0x82/0x180 [ 17.723988] ? preempt_count_sub+0x50/0x80 [ 17.724012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.724035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.724058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.724080] kthread+0x337/0x6f0 [ 17.724111] ? trace_preempt_on+0x20/0xc0 [ 17.724140] ? __pfx_kthread+0x10/0x10 [ 17.724160] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.724181] ? calculate_sigpending+0x7b/0xa0 [ 17.724204] ? __pfx_kthread+0x10/0x10 [ 17.724225] ret_from_fork+0x116/0x1d0 [ 17.724243] ? __pfx_kthread+0x10/0x10 [ 17.724263] ret_from_fork_asm+0x1a/0x30 [ 17.724293] </TASK> [ 17.724306] [ 17.733213] Allocated by task 283: [ 17.733391] kasan_save_stack+0x45/0x70 [ 17.733771] kasan_save_track+0x18/0x40 [ 17.734076] kasan_save_alloc_info+0x3b/0x50 [ 17.734448] __kasan_kmalloc+0xb7/0xc0 [ 17.734757] __kmalloc_cache_noprof+0x189/0x420 [ 17.735146] kasan_atomics+0x95/0x310 [ 17.735449] kunit_try_run_case+0x1a5/0x480 [ 17.735799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.736066] kthread+0x337/0x6f0 [ 17.736329] ret_from_fork+0x116/0x1d0 [ 17.736497] ret_from_fork_asm+0x1a/0x30 [ 17.736769] [ 17.736938] The buggy address belongs to the object at ffff888102ac4100 [ 17.736938] which belongs to the cache kmalloc-64 of size 64 [ 17.737584] The buggy address is located 0 bytes to the right of [ 17.737584] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.738214] [ 17.738329] The buggy address belongs to the physical page: [ 17.738532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.739049] flags: 0x200000000000000(node=0|zone=2) [ 17.739442] page_type: f5(slab) [ 17.739742] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.740281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.740686] page dumped because: kasan: bad access detected [ 17.740891] [ 17.740994] Memory state around the buggy address: [ 17.741306] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.741801] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.742223] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.742651] ^ [ 17.742846] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.743300] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.743828] ================================================================== [ 17.613954] ================================================================== [ 17.614341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 17.615340] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.616005] [ 17.616227] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.616431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.616458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.616502] Call Trace: [ 17.616532] <TASK> [ 17.616564] dump_stack_lvl+0x73/0xb0 [ 17.616638] print_report+0xd1/0x650 [ 17.616678] ? __virt_addr_valid+0x1db/0x2d0 [ 17.616719] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.617200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.617334] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.617383] kasan_report+0x141/0x180 [ 17.617430] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.617482] kasan_check_range+0x10c/0x1c0 [ 17.617548] __kasan_check_write+0x18/0x20 [ 17.617604] kasan_atomics_helper+0x1eaa/0x5450 [ 17.617660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.617700] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.617745] ? trace_hardirqs_on+0x37/0xe0 [ 17.617814] ? kasan_atomics+0x152/0x310 [ 17.617882] kasan_atomics+0x1dc/0x310 [ 17.617933] ? __pfx_kasan_atomics+0x10/0x10 [ 17.618001] ? __pfx_kasan_atomics+0x10/0x10 [ 17.618065] kunit_try_run_case+0x1a5/0x480 [ 17.618111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.618149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.618192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.618259] ? __kthread_parkme+0x82/0x180 [ 17.618311] ? preempt_count_sub+0x50/0x80 [ 17.618360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.618406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.618474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.618533] kthread+0x337/0x6f0 [ 17.618567] ? trace_preempt_on+0x20/0xc0 [ 17.618598] ? __pfx_kthread+0x10/0x10 [ 17.618641] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.618670] ? calculate_sigpending+0x7b/0xa0 [ 17.618699] ? __pfx_kthread+0x10/0x10 [ 17.618727] ret_from_fork+0x116/0x1d0 [ 17.618750] ? __pfx_kthread+0x10/0x10 [ 17.618775] ret_from_fork_asm+0x1a/0x30 [ 17.618804] </TASK> [ 17.618818] [ 17.628917] Allocated by task 283: [ 17.629173] kasan_save_stack+0x45/0x70 [ 17.629520] kasan_save_track+0x18/0x40 [ 17.629805] kasan_save_alloc_info+0x3b/0x50 [ 17.630082] __kasan_kmalloc+0xb7/0xc0 [ 17.630461] __kmalloc_cache_noprof+0x189/0x420 [ 17.630850] kasan_atomics+0x95/0x310 [ 17.631104] kunit_try_run_case+0x1a5/0x480 [ 17.631596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.631878] kthread+0x337/0x6f0 [ 17.632156] ret_from_fork+0x116/0x1d0 [ 17.632334] ret_from_fork_asm+0x1a/0x30 [ 17.632680] [ 17.632845] The buggy address belongs to the object at ffff888102ac4100 [ 17.632845] which belongs to the cache kmalloc-64 of size 64 [ 17.633562] The buggy address is located 0 bytes to the right of [ 17.633562] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.634313] [ 17.634518] The buggy address belongs to the physical page: [ 17.634916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.635284] flags: 0x200000000000000(node=0|zone=2) [ 17.635485] page_type: f5(slab) [ 17.635683] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.636202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.636911] page dumped because: kasan: bad access detected [ 17.637368] [ 17.637535] Memory state around the buggy address: [ 17.637926] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.638168] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.638535] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.639176] ^ [ 17.639586] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.639948] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.640179] ================================================================== [ 16.828899] ================================================================== [ 16.829354] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 16.829820] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.830295] [ 16.830474] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.830573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.830602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.830654] Call Trace: [ 16.830685] <TASK> [ 16.830715] dump_stack_lvl+0x73/0xb0 [ 16.830772] print_report+0xd1/0x650 [ 16.830832] ? __virt_addr_valid+0x1db/0x2d0 [ 16.830876] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.830916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.830956] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.830984] kasan_report+0x141/0x180 [ 16.831023] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.831065] kasan_check_range+0x10c/0x1c0 [ 16.831136] __kasan_check_write+0x18/0x20 [ 16.831196] kasan_atomics_helper+0xfa9/0x5450 [ 16.831239] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.831282] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.831328] ? trace_hardirqs_on+0x37/0xe0 [ 16.831382] ? kasan_atomics+0x152/0x310 [ 16.831444] kasan_atomics+0x1dc/0x310 [ 16.831499] ? __pfx_kasan_atomics+0x10/0x10 [ 16.831545] ? __pfx_kasan_atomics+0x10/0x10 [ 16.831598] kunit_try_run_case+0x1a5/0x480 [ 16.831672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.831725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.831766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.831809] ? __kthread_parkme+0x82/0x180 [ 16.831846] ? preempt_count_sub+0x50/0x80 [ 16.831891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.831937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.831984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.832032] kthread+0x337/0x6f0 [ 16.832072] ? trace_preempt_on+0x20/0xc0 [ 16.832153] ? __pfx_kthread+0x10/0x10 [ 16.832198] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.832237] ? calculate_sigpending+0x7b/0xa0 [ 16.832262] ? __pfx_kthread+0x10/0x10 [ 16.832284] ret_from_fork+0x116/0x1d0 [ 16.832303] ? __pfx_kthread+0x10/0x10 [ 16.832353] ret_from_fork_asm+0x1a/0x30 [ 16.832386] </TASK> [ 16.832399] [ 16.841447] Allocated by task 283: [ 16.841677] kasan_save_stack+0x45/0x70 [ 16.841993] kasan_save_track+0x18/0x40 [ 16.842369] kasan_save_alloc_info+0x3b/0x50 [ 16.842731] __kasan_kmalloc+0xb7/0xc0 [ 16.843030] __kmalloc_cache_noprof+0x189/0x420 [ 16.843403] kasan_atomics+0x95/0x310 [ 16.843581] kunit_try_run_case+0x1a5/0x480 [ 16.843914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.844242] kthread+0x337/0x6f0 [ 16.844425] ret_from_fork+0x116/0x1d0 [ 16.844633] ret_from_fork_asm+0x1a/0x30 [ 16.844843] [ 16.844961] The buggy address belongs to the object at ffff888102ac4100 [ 16.844961] which belongs to the cache kmalloc-64 of size 64 [ 16.845410] The buggy address is located 0 bytes to the right of [ 16.845410] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.846231] [ 16.846403] The buggy address belongs to the physical page: [ 16.846799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.847345] flags: 0x200000000000000(node=0|zone=2) [ 16.847712] page_type: f5(slab) [ 16.847971] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.848507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.849015] page dumped because: kasan: bad access detected [ 16.849241] [ 16.849409] Memory state around the buggy address: [ 16.849770] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.850218] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.850508] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.850765] ^ [ 16.850949] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.851394] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.851856] ================================================================== [ 17.172017] ================================================================== [ 17.172377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 17.172652] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.173208] [ 17.173417] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.173497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.173521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.173557] Call Trace: [ 17.173584] <TASK> [ 17.173651] dump_stack_lvl+0x73/0xb0 [ 17.173716] print_report+0xd1/0x650 [ 17.173753] ? __virt_addr_valid+0x1db/0x2d0 [ 17.173792] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.173831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.173879] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.173931] kasan_report+0x141/0x180 [ 17.173976] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.174023] __asan_report_store8_noabort+0x1b/0x30 [ 17.174068] kasan_atomics_helper+0x50d4/0x5450 [ 17.174159] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.174205] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.174252] ? trace_hardirqs_on+0x37/0xe0 [ 17.174294] ? kasan_atomics+0x152/0x310 [ 17.174360] kasan_atomics+0x1dc/0x310 [ 17.174405] ? __pfx_kasan_atomics+0x10/0x10 [ 17.174450] ? __pfx_kasan_atomics+0x10/0x10 [ 17.174498] kunit_try_run_case+0x1a5/0x480 [ 17.174531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.174553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.174576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.174599] ? __kthread_parkme+0x82/0x180 [ 17.174635] ? preempt_count_sub+0x50/0x80 [ 17.174663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.174687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.174709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.174732] kthread+0x337/0x6f0 [ 17.174752] ? trace_preempt_on+0x20/0xc0 [ 17.174774] ? __pfx_kthread+0x10/0x10 [ 17.174795] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.174816] ? calculate_sigpending+0x7b/0xa0 [ 17.174838] ? __pfx_kthread+0x10/0x10 [ 17.174859] ret_from_fork+0x116/0x1d0 [ 17.174877] ? __pfx_kthread+0x10/0x10 [ 17.174898] ret_from_fork_asm+0x1a/0x30 [ 17.174927] </TASK> [ 17.174940] [ 17.184119] Allocated by task 283: [ 17.184431] kasan_save_stack+0x45/0x70 [ 17.184704] kasan_save_track+0x18/0x40 [ 17.184901] kasan_save_alloc_info+0x3b/0x50 [ 17.185106] __kasan_kmalloc+0xb7/0xc0 [ 17.185292] __kmalloc_cache_noprof+0x189/0x420 [ 17.185511] kasan_atomics+0x95/0x310 [ 17.185793] kunit_try_run_case+0x1a5/0x480 [ 17.186124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.186594] kthread+0x337/0x6f0 [ 17.186873] ret_from_fork+0x116/0x1d0 [ 17.187166] ret_from_fork_asm+0x1a/0x30 [ 17.187407] [ 17.187518] The buggy address belongs to the object at ffff888102ac4100 [ 17.187518] which belongs to the cache kmalloc-64 of size 64 [ 17.188206] The buggy address is located 0 bytes to the right of [ 17.188206] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.188839] [ 17.189022] The buggy address belongs to the physical page: [ 17.189502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.189898] flags: 0x200000000000000(node=0|zone=2) [ 17.190162] page_type: f5(slab) [ 17.190428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.190730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.191212] page dumped because: kasan: bad access detected [ 17.191440] [ 17.191594] Memory state around the buggy address: [ 17.191892] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.192496] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.192758] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.193252] ^ [ 17.193510] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.193883] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.194351] ================================================================== [ 17.641263] ================================================================== [ 17.641799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 17.642146] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.642385] [ 17.642514] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.642600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.642863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.642930] Call Trace: [ 17.642965] <TASK> [ 17.642997] dump_stack_lvl+0x73/0xb0 [ 17.643063] print_report+0xd1/0x650 [ 17.643110] ? __virt_addr_valid+0x1db/0x2d0 [ 17.643165] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.643209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.643263] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.643310] kasan_report+0x141/0x180 [ 17.643355] ? kasan_atomics_helper+0x1f43/0x5450 [ 17.643411] kasan_check_range+0x10c/0x1c0 [ 17.643460] __kasan_check_write+0x18/0x20 [ 17.643502] kasan_atomics_helper+0x1f43/0x5450 [ 17.643550] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.643598] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.643664] ? trace_hardirqs_on+0x37/0xe0 [ 17.643711] ? kasan_atomics+0x152/0x310 [ 17.643767] kasan_atomics+0x1dc/0x310 [ 17.643817] ? __pfx_kasan_atomics+0x10/0x10 [ 17.643865] ? __pfx_kasan_atomics+0x10/0x10 [ 17.643920] kunit_try_run_case+0x1a5/0x480 [ 17.643966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.644012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.644058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.644104] ? __kthread_parkme+0x82/0x180 [ 17.644147] ? preempt_count_sub+0x50/0x80 [ 17.644190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.644231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.644305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.644346] kthread+0x337/0x6f0 [ 17.644403] ? trace_preempt_on+0x20/0xc0 [ 17.644447] ? __pfx_kthread+0x10/0x10 [ 17.644485] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.644519] ? calculate_sigpending+0x7b/0xa0 [ 17.644557] ? __pfx_kthread+0x10/0x10 [ 17.644598] ret_from_fork+0x116/0x1d0 [ 17.644674] ? __pfx_kthread+0x10/0x10 [ 17.644716] ret_from_fork_asm+0x1a/0x30 [ 17.644792] </TASK> [ 17.644819] [ 17.655537] Allocated by task 283: [ 17.655847] kasan_save_stack+0x45/0x70 [ 17.656045] kasan_save_track+0x18/0x40 [ 17.656209] kasan_save_alloc_info+0x3b/0x50 [ 17.656392] __kasan_kmalloc+0xb7/0xc0 [ 17.656711] __kmalloc_cache_noprof+0x189/0x420 [ 17.657071] kasan_atomics+0x95/0x310 [ 17.657417] kunit_try_run_case+0x1a5/0x480 [ 17.657742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.658145] kthread+0x337/0x6f0 [ 17.658345] ret_from_fork+0x116/0x1d0 [ 17.658515] ret_from_fork_asm+0x1a/0x30 [ 17.658710] [ 17.658894] The buggy address belongs to the object at ffff888102ac4100 [ 17.658894] which belongs to the cache kmalloc-64 of size 64 [ 17.659893] The buggy address is located 0 bytes to the right of [ 17.659893] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.660895] [ 17.661071] The buggy address belongs to the physical page: [ 17.661520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.662033] flags: 0x200000000000000(node=0|zone=2) [ 17.662237] page_type: f5(slab) [ 17.662389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.662654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.663189] page dumped because: kasan: bad access detected [ 17.663627] [ 17.663840] Memory state around the buggy address: [ 17.664232] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.664836] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.665079] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.665313] ^ [ 17.665530] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.666118] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.666606] ================================================================== [ 17.346391] ================================================================== [ 17.347008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 17.347388] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.347739] [ 17.347902] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.347986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.348014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.348054] Call Trace: [ 17.348085] <TASK> [ 17.348113] dump_stack_lvl+0x73/0xb0 [ 17.348164] print_report+0xd1/0x650 [ 17.348206] ? __virt_addr_valid+0x1db/0x2d0 [ 17.348246] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.348279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.348325] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.348364] kasan_report+0x141/0x180 [ 17.348405] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.348459] kasan_check_range+0x10c/0x1c0 [ 17.348508] __kasan_check_write+0x18/0x20 [ 17.348547] kasan_atomics_helper+0x18b1/0x5450 [ 17.348595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.348653] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.348704] ? trace_hardirqs_on+0x37/0xe0 [ 17.348751] ? kasan_atomics+0x152/0x310 [ 17.348805] kasan_atomics+0x1dc/0x310 [ 17.348850] ? __pfx_kasan_atomics+0x10/0x10 [ 17.348897] ? __pfx_kasan_atomics+0x10/0x10 [ 17.348953] kunit_try_run_case+0x1a5/0x480 [ 17.349000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.349045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.349094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.349138] ? __kthread_parkme+0x82/0x180 [ 17.349180] ? preempt_count_sub+0x50/0x80 [ 17.349230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.349278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.349324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.349371] kthread+0x337/0x6f0 [ 17.349413] ? trace_preempt_on+0x20/0xc0 [ 17.349461] ? __pfx_kthread+0x10/0x10 [ 17.349504] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.349548] ? calculate_sigpending+0x7b/0xa0 [ 17.349594] ? __pfx_kthread+0x10/0x10 [ 17.349648] ret_from_fork+0x116/0x1d0 [ 17.349683] ? __pfx_kthread+0x10/0x10 [ 17.349728] ret_from_fork_asm+0x1a/0x30 [ 17.349786] </TASK> [ 17.349812] [ 17.362429] Allocated by task 283: [ 17.362753] kasan_save_stack+0x45/0x70 [ 17.363068] kasan_save_track+0x18/0x40 [ 17.363418] kasan_save_alloc_info+0x3b/0x50 [ 17.363695] __kasan_kmalloc+0xb7/0xc0 [ 17.363870] __kmalloc_cache_noprof+0x189/0x420 [ 17.364058] kasan_atomics+0x95/0x310 [ 17.364288] kunit_try_run_case+0x1a5/0x480 [ 17.364666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.365057] kthread+0x337/0x6f0 [ 17.365388] ret_from_fork+0x116/0x1d0 [ 17.365696] ret_from_fork_asm+0x1a/0x30 [ 17.365998] [ 17.366234] The buggy address belongs to the object at ffff888102ac4100 [ 17.366234] which belongs to the cache kmalloc-64 of size 64 [ 17.366778] The buggy address is located 0 bytes to the right of [ 17.366778] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.367192] [ 17.367304] The buggy address belongs to the physical page: [ 17.367520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.368086] flags: 0x200000000000000(node=0|zone=2) [ 17.368506] page_type: f5(slab) [ 17.368806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.369380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.369971] page dumped because: kasan: bad access detected [ 17.370388] [ 17.370565] Memory state around the buggy address: [ 17.370783] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.371028] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.371439] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.371982] ^ [ 17.372480] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.372980] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.373417] ================================================================== [ 17.479690] ================================================================== [ 17.480306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 17.480652] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.481153] [ 17.481308] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.481376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.481399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.481440] Call Trace: [ 17.481470] <TASK> [ 17.481503] dump_stack_lvl+0x73/0xb0 [ 17.481556] print_report+0xd1/0x650 [ 17.481599] ? __virt_addr_valid+0x1db/0x2d0 [ 17.481711] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.481750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.481791] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.481831] kasan_report+0x141/0x180 [ 17.481875] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.481936] kasan_check_range+0x10c/0x1c0 [ 17.481987] __kasan_check_write+0x18/0x20 [ 17.482029] kasan_atomics_helper+0x1c18/0x5450 [ 17.482072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.482145] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.482197] ? trace_hardirqs_on+0x37/0xe0 [ 17.482241] ? kasan_atomics+0x152/0x310 [ 17.482298] kasan_atomics+0x1dc/0x310 [ 17.482339] ? __pfx_kasan_atomics+0x10/0x10 [ 17.482383] ? __pfx_kasan_atomics+0x10/0x10 [ 17.482438] kunit_try_run_case+0x1a5/0x480 [ 17.482484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.482522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.482547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.482569] ? __kthread_parkme+0x82/0x180 [ 17.482589] ? preempt_count_sub+0x50/0x80 [ 17.482611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.482652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.482676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.482697] kthread+0x337/0x6f0 [ 17.482716] ? trace_preempt_on+0x20/0xc0 [ 17.482738] ? __pfx_kthread+0x10/0x10 [ 17.482759] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.482779] ? calculate_sigpending+0x7b/0xa0 [ 17.482803] ? __pfx_kthread+0x10/0x10 [ 17.482825] ret_from_fork+0x116/0x1d0 [ 17.482844] ? __pfx_kthread+0x10/0x10 [ 17.482864] ret_from_fork_asm+0x1a/0x30 [ 17.482895] </TASK> [ 17.482907] [ 17.491431] Allocated by task 283: [ 17.491758] kasan_save_stack+0x45/0x70 [ 17.491977] kasan_save_track+0x18/0x40 [ 17.492290] kasan_save_alloc_info+0x3b/0x50 [ 17.492528] __kasan_kmalloc+0xb7/0xc0 [ 17.492790] __kmalloc_cache_noprof+0x189/0x420 [ 17.493137] kasan_atomics+0x95/0x310 [ 17.493370] kunit_try_run_case+0x1a5/0x480 [ 17.493701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.493929] kthread+0x337/0x6f0 [ 17.494181] ret_from_fork+0x116/0x1d0 [ 17.494585] ret_from_fork_asm+0x1a/0x30 [ 17.494807] [ 17.494907] The buggy address belongs to the object at ffff888102ac4100 [ 17.494907] which belongs to the cache kmalloc-64 of size 64 [ 17.495256] The buggy address is located 0 bytes to the right of [ 17.495256] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.495633] [ 17.495741] The buggy address belongs to the physical page: [ 17.495936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.496594] flags: 0x200000000000000(node=0|zone=2) [ 17.496985] page_type: f5(slab) [ 17.497248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.497962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.498572] page dumped because: kasan: bad access detected [ 17.498842] [ 17.498947] Memory state around the buggy address: [ 17.499130] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.499679] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.500501] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.501091] ^ [ 17.501737] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.502217] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.502604] ================================================================== [ 16.153508] ================================================================== [ 16.154054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 16.154518] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.154925] [ 16.155490] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.155832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.155862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.155892] Call Trace: [ 16.155910] <TASK> [ 16.155929] dump_stack_lvl+0x73/0xb0 [ 16.155962] print_report+0xd1/0x650 [ 16.155983] ? __virt_addr_valid+0x1db/0x2d0 [ 16.156004] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.156024] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.156048] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.156067] kasan_report+0x141/0x180 [ 16.156087] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.156119] __asan_report_store4_noabort+0x1b/0x30 [ 16.156153] kasan_atomics_helper+0x4ba2/0x5450 [ 16.156185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.156214] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.156248] ? trace_hardirqs_on+0x37/0xe0 [ 16.156280] ? kasan_atomics+0x152/0x310 [ 16.156313] kasan_atomics+0x1dc/0x310 [ 16.156334] ? __pfx_kasan_atomics+0x10/0x10 [ 16.156356] ? __pfx_kasan_atomics+0x10/0x10 [ 16.156381] kunit_try_run_case+0x1a5/0x480 [ 16.156403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.156424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.156452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.156484] ? __kthread_parkme+0x82/0x180 [ 16.156515] ? preempt_count_sub+0x50/0x80 [ 16.156556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.156594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.156678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.156729] kthread+0x337/0x6f0 [ 16.156763] ? trace_preempt_on+0x20/0xc0 [ 16.156797] ? __pfx_kthread+0x10/0x10 [ 16.156828] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.156857] ? calculate_sigpending+0x7b/0xa0 [ 16.156891] ? __pfx_kthread+0x10/0x10 [ 16.156923] ret_from_fork+0x116/0x1d0 [ 16.156951] ? __pfx_kthread+0x10/0x10 [ 16.156981] ret_from_fork_asm+0x1a/0x30 [ 16.157031] </TASK> [ 16.157051] [ 16.168679] Allocated by task 283: [ 16.168972] kasan_save_stack+0x45/0x70 [ 16.169323] kasan_save_track+0x18/0x40 [ 16.169779] kasan_save_alloc_info+0x3b/0x50 [ 16.170058] __kasan_kmalloc+0xb7/0xc0 [ 16.170383] __kmalloc_cache_noprof+0x189/0x420 [ 16.170774] kasan_atomics+0x95/0x310 [ 16.171133] kunit_try_run_case+0x1a5/0x480 [ 16.171399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.172078] kthread+0x337/0x6f0 [ 16.172365] ret_from_fork+0x116/0x1d0 [ 16.172648] ret_from_fork_asm+0x1a/0x30 [ 16.172957] [ 16.173085] The buggy address belongs to the object at ffff888102ac4100 [ 16.173085] which belongs to the cache kmalloc-64 of size 64 [ 16.174032] The buggy address is located 0 bytes to the right of [ 16.174032] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.174818] [ 16.175012] The buggy address belongs to the physical page: [ 16.175426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.176261] flags: 0x200000000000000(node=0|zone=2) [ 16.176559] page_type: f5(slab) [ 16.177024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.177777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.178059] page dumped because: kasan: bad access detected [ 16.178488] [ 16.178773] Memory state around the buggy address: [ 16.179043] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.179482] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.179938] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.180394] ^ [ 16.180632] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180946] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.181217] ================================================================== [ 16.121054] ================================================================== [ 16.121982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 16.122502] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.123061] [ 16.123348] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.123430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.123454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.123520] Call Trace: [ 16.123560] <TASK> [ 16.123589] dump_stack_lvl+0x73/0xb0 [ 16.123807] print_report+0xd1/0x650 [ 16.124129] ? __virt_addr_valid+0x1db/0x2d0 [ 16.124171] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.124241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.124283] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.124334] kasan_report+0x141/0x180 [ 16.124379] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.124426] __asan_report_load4_noabort+0x18/0x20 [ 16.124493] kasan_atomics_helper+0x4bbc/0x5450 [ 16.124535] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.124591] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.124646] ? trace_hardirqs_on+0x37/0xe0 [ 16.124682] ? kasan_atomics+0x152/0x310 [ 16.124721] kasan_atomics+0x1dc/0x310 [ 16.124754] ? __pfx_kasan_atomics+0x10/0x10 [ 16.124789] ? __pfx_kasan_atomics+0x10/0x10 [ 16.124816] kunit_try_run_case+0x1a5/0x480 [ 16.124839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.124859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.124882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.124903] ? __kthread_parkme+0x82/0x180 [ 16.124922] ? preempt_count_sub+0x50/0x80 [ 16.124944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.124966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.124987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.125009] kthread+0x337/0x6f0 [ 16.125028] ? trace_preempt_on+0x20/0xc0 [ 16.125048] ? __pfx_kthread+0x10/0x10 [ 16.125067] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.125086] ? calculate_sigpending+0x7b/0xa0 [ 16.125113] ? __pfx_kthread+0x10/0x10 [ 16.125139] ret_from_fork+0x116/0x1d0 [ 16.125157] ? __pfx_kthread+0x10/0x10 [ 16.125175] ret_from_fork_asm+0x1a/0x30 [ 16.125204] </TASK> [ 16.125215] [ 16.137738] Allocated by task 283: [ 16.138257] kasan_save_stack+0x45/0x70 [ 16.138986] kasan_save_track+0x18/0x40 [ 16.139307] kasan_save_alloc_info+0x3b/0x50 [ 16.139692] __kasan_kmalloc+0xb7/0xc0 [ 16.140079] __kmalloc_cache_noprof+0x189/0x420 [ 16.140482] kasan_atomics+0x95/0x310 [ 16.140992] kunit_try_run_case+0x1a5/0x480 [ 16.141329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.141758] kthread+0x337/0x6f0 [ 16.142178] ret_from_fork+0x116/0x1d0 [ 16.142418] ret_from_fork_asm+0x1a/0x30 [ 16.142690] [ 16.143342] The buggy address belongs to the object at ffff888102ac4100 [ 16.143342] which belongs to the cache kmalloc-64 of size 64 [ 16.144295] The buggy address is located 0 bytes to the right of [ 16.144295] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.145113] [ 16.145310] The buggy address belongs to the physical page: [ 16.145802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.146085] flags: 0x200000000000000(node=0|zone=2) [ 16.146359] page_type: f5(slab) [ 16.147004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.147525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.147785] page dumped because: kasan: bad access detected [ 16.148408] [ 16.148743] Memory state around the buggy address: [ 16.149792] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.150101] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.150655] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.151351] ^ [ 16.151526] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152129] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152786] ================================================================== [ 17.016979] ================================================================== [ 17.017446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 17.017905] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.018472] [ 17.018744] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.018853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.018881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.018921] Call Trace: [ 17.018949] <TASK> [ 17.018980] dump_stack_lvl+0x73/0xb0 [ 17.019041] print_report+0xd1/0x650 [ 17.019087] ? __virt_addr_valid+0x1db/0x2d0 [ 17.019144] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.019780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.019884] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.019928] kasan_report+0x141/0x180 [ 17.019974] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.020022] __asan_report_load4_noabort+0x18/0x20 [ 17.020068] kasan_atomics_helper+0x49e8/0x5450 [ 17.020146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.020189] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.020225] ? trace_hardirqs_on+0x37/0xe0 [ 17.020256] ? kasan_atomics+0x152/0x310 [ 17.020290] kasan_atomics+0x1dc/0x310 [ 17.020319] ? __pfx_kasan_atomics+0x10/0x10 [ 17.020348] ? __pfx_kasan_atomics+0x10/0x10 [ 17.020383] kunit_try_run_case+0x1a5/0x480 [ 17.020412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.020439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.020468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.020496] ? __kthread_parkme+0x82/0x180 [ 17.020522] ? preempt_count_sub+0x50/0x80 [ 17.020553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.020581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.020655] kthread+0x337/0x6f0 [ 17.020680] ? trace_preempt_on+0x20/0xc0 [ 17.020701] ? __pfx_kthread+0x10/0x10 [ 17.020721] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.020741] ? calculate_sigpending+0x7b/0xa0 [ 17.020764] ? __pfx_kthread+0x10/0x10 [ 17.020784] ret_from_fork+0x116/0x1d0 [ 17.020802] ? __pfx_kthread+0x10/0x10 [ 17.020822] ret_from_fork_asm+0x1a/0x30 [ 17.020853] </TASK> [ 17.020866] [ 17.029847] Allocated by task 283: [ 17.030032] kasan_save_stack+0x45/0x70 [ 17.030247] kasan_save_track+0x18/0x40 [ 17.030569] kasan_save_alloc_info+0x3b/0x50 [ 17.030919] __kasan_kmalloc+0xb7/0xc0 [ 17.031256] __kmalloc_cache_noprof+0x189/0x420 [ 17.031603] kasan_atomics+0x95/0x310 [ 17.031907] kunit_try_run_case+0x1a5/0x480 [ 17.032181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.032451] kthread+0x337/0x6f0 [ 17.032652] ret_from_fork+0x116/0x1d0 [ 17.032820] ret_from_fork_asm+0x1a/0x30 [ 17.032996] [ 17.033112] The buggy address belongs to the object at ffff888102ac4100 [ 17.033112] which belongs to the cache kmalloc-64 of size 64 [ 17.033467] The buggy address is located 0 bytes to the right of [ 17.033467] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.034426] [ 17.034802] The buggy address belongs to the physical page: [ 17.035255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.035880] flags: 0x200000000000000(node=0|zone=2) [ 17.036333] page_type: f5(slab) [ 17.036571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.036983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.037267] page dumped because: kasan: bad access detected [ 17.037465] [ 17.037570] Memory state around the buggy address: [ 17.037923] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.038424] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.038996] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.039500] ^ [ 17.039930] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.040388] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.040840] ================================================================== [ 17.145089] ================================================================== [ 17.145391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 17.145604] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.146310] [ 17.146498] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.146584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.146610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.146666] Call Trace: [ 17.146692] <TASK> [ 17.146717] dump_stack_lvl+0x73/0xb0 [ 17.146773] print_report+0xd1/0x650 [ 17.146840] ? __virt_addr_valid+0x1db/0x2d0 [ 17.146895] ? kasan_atomics_helper+0x1467/0x5450 [ 17.146934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.146984] ? kasan_atomics_helper+0x1467/0x5450 [ 17.147038] kasan_report+0x141/0x180 [ 17.147090] ? kasan_atomics_helper+0x1467/0x5450 [ 17.147162] kasan_check_range+0x10c/0x1c0 [ 17.147207] __kasan_check_write+0x18/0x20 [ 17.147244] kasan_atomics_helper+0x1467/0x5450 [ 17.147290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.147334] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.147385] ? trace_hardirqs_on+0x37/0xe0 [ 17.147429] ? kasan_atomics+0x152/0x310 [ 17.147484] kasan_atomics+0x1dc/0x310 [ 17.147527] ? __pfx_kasan_atomics+0x10/0x10 [ 17.147563] ? __pfx_kasan_atomics+0x10/0x10 [ 17.147591] kunit_try_run_case+0x1a5/0x480 [ 17.147633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.147658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.147682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.147704] ? __kthread_parkme+0x82/0x180 [ 17.147724] ? preempt_count_sub+0x50/0x80 [ 17.147747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.147770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.147794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.147816] kthread+0x337/0x6f0 [ 17.147835] ? trace_preempt_on+0x20/0xc0 [ 17.147857] ? __pfx_kthread+0x10/0x10 [ 17.147878] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.147898] ? calculate_sigpending+0x7b/0xa0 [ 17.147921] ? __pfx_kthread+0x10/0x10 [ 17.147942] ret_from_fork+0x116/0x1d0 [ 17.147961] ? __pfx_kthread+0x10/0x10 [ 17.147981] ret_from_fork_asm+0x1a/0x30 [ 17.148010] </TASK> [ 17.148022] [ 17.158823] Allocated by task 283: [ 17.159008] kasan_save_stack+0x45/0x70 [ 17.159335] kasan_save_track+0x18/0x40 [ 17.159634] kasan_save_alloc_info+0x3b/0x50 [ 17.160034] __kasan_kmalloc+0xb7/0xc0 [ 17.160384] __kmalloc_cache_noprof+0x189/0x420 [ 17.160594] kasan_atomics+0x95/0x310 [ 17.160782] kunit_try_run_case+0x1a5/0x480 [ 17.160972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.161633] kthread+0x337/0x6f0 [ 17.161906] ret_from_fork+0x116/0x1d0 [ 17.162086] ret_from_fork_asm+0x1a/0x30 [ 17.162675] [ 17.162886] The buggy address belongs to the object at ffff888102ac4100 [ 17.162886] which belongs to the cache kmalloc-64 of size 64 [ 17.163586] The buggy address is located 0 bytes to the right of [ 17.163586] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.164525] [ 17.164718] The buggy address belongs to the physical page: [ 17.165118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.165583] flags: 0x200000000000000(node=0|zone=2) [ 17.165903] page_type: f5(slab) [ 17.166232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.166762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.167425] page dumped because: kasan: bad access detected [ 17.167738] [ 17.167887] Memory state around the buggy address: [ 17.168469] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.168777] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.169053] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.170075] ^ [ 17.170352] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.170802] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.171138] ================================================================== [ 16.753337] ================================================================== [ 16.753779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 16.754046] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.755130] [ 16.755367] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.755460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.755487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.755529] Call Trace: [ 16.755563] <TASK> [ 16.755595] dump_stack_lvl+0x73/0xb0 [ 16.755656] print_report+0xd1/0x650 [ 16.755688] ? __virt_addr_valid+0x1db/0x2d0 [ 16.755717] ? kasan_atomics_helper+0xde0/0x5450 [ 16.755742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.755767] ? kasan_atomics_helper+0xde0/0x5450 [ 16.755788] kasan_report+0x141/0x180 [ 16.755810] ? kasan_atomics_helper+0xde0/0x5450 [ 16.755834] kasan_check_range+0x10c/0x1c0 [ 16.755857] __kasan_check_write+0x18/0x20 [ 16.755876] kasan_atomics_helper+0xde0/0x5450 [ 16.755898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.755919] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.755942] ? trace_hardirqs_on+0x37/0xe0 [ 16.755964] ? kasan_atomics+0x152/0x310 [ 16.755990] kasan_atomics+0x1dc/0x310 [ 16.756012] ? __pfx_kasan_atomics+0x10/0x10 [ 16.756035] ? __pfx_kasan_atomics+0x10/0x10 [ 16.756061] kunit_try_run_case+0x1a5/0x480 [ 16.756084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.756110] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.756147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.756186] ? __kthread_parkme+0x82/0x180 [ 16.756216] ? preempt_count_sub+0x50/0x80 [ 16.756253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.756293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.756334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.756372] kthread+0x337/0x6f0 [ 16.756403] ? trace_preempt_on+0x20/0xc0 [ 16.756440] ? __pfx_kthread+0x10/0x10 [ 16.756478] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.756517] ? calculate_sigpending+0x7b/0xa0 [ 16.756560] ? __pfx_kthread+0x10/0x10 [ 16.756599] ret_from_fork+0x116/0x1d0 [ 16.756650] ? __pfx_kthread+0x10/0x10 [ 16.756689] ret_from_fork_asm+0x1a/0x30 [ 16.756745] </TASK> [ 16.756770] [ 16.767037] Allocated by task 283: [ 16.767342] kasan_save_stack+0x45/0x70 [ 16.767675] kasan_save_track+0x18/0x40 [ 16.767973] kasan_save_alloc_info+0x3b/0x50 [ 16.768268] __kasan_kmalloc+0xb7/0xc0 [ 16.768560] __kmalloc_cache_noprof+0x189/0x420 [ 16.768930] kasan_atomics+0x95/0x310 [ 16.769232] kunit_try_run_case+0x1a5/0x480 [ 16.769513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.769797] kthread+0x337/0x6f0 [ 16.769960] ret_from_fork+0x116/0x1d0 [ 16.770161] ret_from_fork_asm+0x1a/0x30 [ 16.770336] [ 16.770447] The buggy address belongs to the object at ffff888102ac4100 [ 16.770447] which belongs to the cache kmalloc-64 of size 64 [ 16.771046] The buggy address is located 0 bytes to the right of [ 16.771046] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.771882] [ 16.772033] The buggy address belongs to the physical page: [ 16.772257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.772798] flags: 0x200000000000000(node=0|zone=2) [ 16.773152] page_type: f5(slab) [ 16.773368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.773635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.773885] page dumped because: kasan: bad access detected [ 16.774088] [ 16.774235] Memory state around the buggy address: [ 16.774527] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.775007] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.775498] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.775959] ^ [ 16.776311] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776789] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.777152] ================================================================== [ 16.597835] ================================================================== [ 16.598172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 16.598696] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.599027] [ 16.599194] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.599278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.599306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.599347] Call Trace: [ 16.599375] <TASK> [ 16.599402] dump_stack_lvl+0x73/0xb0 [ 16.599454] print_report+0xd1/0x650 [ 16.599496] ? __virt_addr_valid+0x1db/0x2d0 [ 16.599544] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.599584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.599659] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.599701] kasan_report+0x141/0x180 [ 16.599744] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.599798] kasan_check_range+0x10c/0x1c0 [ 16.599850] __kasan_check_write+0x18/0x20 [ 16.599889] kasan_atomics_helper+0xa2b/0x5450 [ 16.599945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.599990] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.600039] ? trace_hardirqs_on+0x37/0xe0 [ 16.600083] ? kasan_atomics+0x152/0x310 [ 16.600170] kasan_atomics+0x1dc/0x310 [ 16.600214] ? __pfx_kasan_atomics+0x10/0x10 [ 16.600252] ? __pfx_kasan_atomics+0x10/0x10 [ 16.600287] kunit_try_run_case+0x1a5/0x480 [ 16.600318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.600339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.600363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.600386] ? __kthread_parkme+0x82/0x180 [ 16.600406] ? preempt_count_sub+0x50/0x80 [ 16.600429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.600452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.600474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.600496] kthread+0x337/0x6f0 [ 16.600515] ? trace_preempt_on+0x20/0xc0 [ 16.600537] ? __pfx_kthread+0x10/0x10 [ 16.600558] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.600578] ? calculate_sigpending+0x7b/0xa0 [ 16.600601] ? __pfx_kthread+0x10/0x10 [ 16.600642] ret_from_fork+0x116/0x1d0 [ 16.600663] ? __pfx_kthread+0x10/0x10 [ 16.600684] ret_from_fork_asm+0x1a/0x30 [ 16.600714] </TASK> [ 16.600728] [ 16.609871] Allocated by task 283: [ 16.610191] kasan_save_stack+0x45/0x70 [ 16.610389] kasan_save_track+0x18/0x40 [ 16.610551] kasan_save_alloc_info+0x3b/0x50 [ 16.610900] __kasan_kmalloc+0xb7/0xc0 [ 16.611232] __kmalloc_cache_noprof+0x189/0x420 [ 16.611581] kasan_atomics+0x95/0x310 [ 16.611884] kunit_try_run_case+0x1a5/0x480 [ 16.612221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.612652] kthread+0x337/0x6f0 [ 16.612829] ret_from_fork+0x116/0x1d0 [ 16.612975] ret_from_fork_asm+0x1a/0x30 [ 16.613326] [ 16.613468] The buggy address belongs to the object at ffff888102ac4100 [ 16.613468] which belongs to the cache kmalloc-64 of size 64 [ 16.614133] The buggy address is located 0 bytes to the right of [ 16.614133] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.614746] [ 16.614934] The buggy address belongs to the physical page: [ 16.615235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.615627] flags: 0x200000000000000(node=0|zone=2) [ 16.616015] page_type: f5(slab) [ 16.616315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.616625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.617170] page dumped because: kasan: bad access detected [ 16.617455] [ 16.617639] Memory state around the buggy address: [ 16.617924] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618384] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618721] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.619084] ^ [ 16.619303] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.619542] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620000] ================================================================== [ 17.400183] ================================================================== [ 17.400732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 17.401054] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.401537] [ 17.401686] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.401777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.401803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.401842] Call Trace: [ 17.401871] <TASK> [ 17.401904] dump_stack_lvl+0x73/0xb0 [ 17.401969] print_report+0xd1/0x650 [ 17.402009] ? __virt_addr_valid+0x1db/0x2d0 [ 17.402041] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.402072] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.402142] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.402189] kasan_report+0x141/0x180 [ 17.402232] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.402289] kasan_check_range+0x10c/0x1c0 [ 17.402325] __kasan_check_write+0x18/0x20 [ 17.402353] kasan_atomics_helper+0x19e3/0x5450 [ 17.402385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.402417] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.402450] ? trace_hardirqs_on+0x37/0xe0 [ 17.402485] ? kasan_atomics+0x152/0x310 [ 17.402554] kasan_atomics+0x1dc/0x310 [ 17.402601] ? __pfx_kasan_atomics+0x10/0x10 [ 17.402661] ? __pfx_kasan_atomics+0x10/0x10 [ 17.402716] kunit_try_run_case+0x1a5/0x480 [ 17.402766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.402811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.402856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.402901] ? __kthread_parkme+0x82/0x180 [ 17.402944] ? preempt_count_sub+0x50/0x80 [ 17.402986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.403024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.403063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.403128] kthread+0x337/0x6f0 [ 17.403176] ? trace_preempt_on+0x20/0xc0 [ 17.403220] ? __pfx_kthread+0x10/0x10 [ 17.403280] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.403319] ? calculate_sigpending+0x7b/0xa0 [ 17.403376] ? __pfx_kthread+0x10/0x10 [ 17.403418] ret_from_fork+0x116/0x1d0 [ 17.403451] ? __pfx_kthread+0x10/0x10 [ 17.403491] ret_from_fork_asm+0x1a/0x30 [ 17.403554] </TASK> [ 17.403580] [ 17.413036] Allocated by task 283: [ 17.413303] kasan_save_stack+0x45/0x70 [ 17.413641] kasan_save_track+0x18/0x40 [ 17.413928] kasan_save_alloc_info+0x3b/0x50 [ 17.414285] __kasan_kmalloc+0xb7/0xc0 [ 17.414596] __kmalloc_cache_noprof+0x189/0x420 [ 17.414852] kasan_atomics+0x95/0x310 [ 17.415027] kunit_try_run_case+0x1a5/0x480 [ 17.415374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.415779] kthread+0x337/0x6f0 [ 17.416047] ret_from_fork+0x116/0x1d0 [ 17.416319] ret_from_fork_asm+0x1a/0x30 [ 17.416497] [ 17.416604] The buggy address belongs to the object at ffff888102ac4100 [ 17.416604] which belongs to the cache kmalloc-64 of size 64 [ 17.417430] The buggy address is located 0 bytes to the right of [ 17.417430] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.417941] [ 17.418167] The buggy address belongs to the physical page: [ 17.418546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.418825] flags: 0x200000000000000(node=0|zone=2) [ 17.419020] page_type: f5(slab) [ 17.419212] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.419465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.420058] page dumped because: kasan: bad access detected [ 17.420552] [ 17.420754] Memory state around the buggy address: [ 17.421131] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.421607] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.422157] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.422606] ^ [ 17.422910] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.423417] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.423841] ================================================================== [ 16.571836] ================================================================== [ 16.572447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 16.573021] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.573330] [ 16.573520] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.573635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.573664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.573704] Call Trace: [ 16.573733] <TASK> [ 16.573765] dump_stack_lvl+0x73/0xb0 [ 16.573824] print_report+0xd1/0x650 [ 16.573865] ? __virt_addr_valid+0x1db/0x2d0 [ 16.573906] ? kasan_atomics_helper+0x992/0x5450 [ 16.573952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.574015] ? kasan_atomics_helper+0x992/0x5450 [ 16.574058] kasan_report+0x141/0x180 [ 16.574130] ? kasan_atomics_helper+0x992/0x5450 [ 16.574179] kasan_check_range+0x10c/0x1c0 [ 16.574225] __kasan_check_write+0x18/0x20 [ 16.574280] kasan_atomics_helper+0x992/0x5450 [ 16.574323] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.574364] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.574406] ? trace_hardirqs_on+0x37/0xe0 [ 16.574450] ? kasan_atomics+0x152/0x310 [ 16.574517] kasan_atomics+0x1dc/0x310 [ 16.574560] ? __pfx_kasan_atomics+0x10/0x10 [ 16.574601] ? __pfx_kasan_atomics+0x10/0x10 [ 16.574664] kunit_try_run_case+0x1a5/0x480 [ 16.574701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.574723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.574747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.574769] ? __kthread_parkme+0x82/0x180 [ 16.574789] ? preempt_count_sub+0x50/0x80 [ 16.574812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.574835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.574857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.574880] kthread+0x337/0x6f0 [ 16.574899] ? trace_preempt_on+0x20/0xc0 [ 16.574922] ? __pfx_kthread+0x10/0x10 [ 16.574942] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.574962] ? calculate_sigpending+0x7b/0xa0 [ 16.574985] ? __pfx_kthread+0x10/0x10 [ 16.575006] ret_from_fork+0x116/0x1d0 [ 16.575025] ? __pfx_kthread+0x10/0x10 [ 16.575044] ret_from_fork_asm+0x1a/0x30 [ 16.575075] </TASK> [ 16.575088] [ 16.585544] Allocated by task 283: [ 16.585795] kasan_save_stack+0x45/0x70 [ 16.586195] kasan_save_track+0x18/0x40 [ 16.586374] kasan_save_alloc_info+0x3b/0x50 [ 16.586560] __kasan_kmalloc+0xb7/0xc0 [ 16.586905] __kmalloc_cache_noprof+0x189/0x420 [ 16.587282] kasan_atomics+0x95/0x310 [ 16.587671] kunit_try_run_case+0x1a5/0x480 [ 16.588011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.588386] kthread+0x337/0x6f0 [ 16.588658] ret_from_fork+0x116/0x1d0 [ 16.589007] ret_from_fork_asm+0x1a/0x30 [ 16.589328] [ 16.589516] The buggy address belongs to the object at ffff888102ac4100 [ 16.589516] which belongs to the cache kmalloc-64 of size 64 [ 16.590155] The buggy address is located 0 bytes to the right of [ 16.590155] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.590781] [ 16.590952] The buggy address belongs to the physical page: [ 16.591338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.591787] flags: 0x200000000000000(node=0|zone=2) [ 16.592134] page_type: f5(slab) [ 16.592421] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.592727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.593300] page dumped because: kasan: bad access detected [ 16.593643] [ 16.593752] Memory state around the buggy address: [ 16.593948] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.594473] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.594978] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.595413] ^ [ 16.595690] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.596162] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.596560] ================================================================== [ 17.452141] ================================================================== [ 17.452695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 17.453524] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.453844] [ 17.454046] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.454164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.454192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.454227] Call Trace: [ 17.454257] <TASK> [ 17.454284] dump_stack_lvl+0x73/0xb0 [ 17.454355] print_report+0xd1/0x650 [ 17.454414] ? __virt_addr_valid+0x1db/0x2d0 [ 17.454453] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.454493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.454540] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.454585] kasan_report+0x141/0x180 [ 17.454647] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.454700] kasan_check_range+0x10c/0x1c0 [ 17.454746] __kasan_check_write+0x18/0x20 [ 17.454790] kasan_atomics_helper+0x1b22/0x5450 [ 17.454837] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.454894] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.454929] ? trace_hardirqs_on+0x37/0xe0 [ 17.454953] ? kasan_atomics+0x152/0x310 [ 17.454980] kasan_atomics+0x1dc/0x310 [ 17.455003] ? __pfx_kasan_atomics+0x10/0x10 [ 17.455026] ? __pfx_kasan_atomics+0x10/0x10 [ 17.455058] kunit_try_run_case+0x1a5/0x480 [ 17.455105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.455152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.455177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.455199] ? __kthread_parkme+0x82/0x180 [ 17.455219] ? preempt_count_sub+0x50/0x80 [ 17.455243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.455266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.455288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.455311] kthread+0x337/0x6f0 [ 17.455330] ? trace_preempt_on+0x20/0xc0 [ 17.455352] ? __pfx_kthread+0x10/0x10 [ 17.455373] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.455394] ? calculate_sigpending+0x7b/0xa0 [ 17.455417] ? __pfx_kthread+0x10/0x10 [ 17.455438] ret_from_fork+0x116/0x1d0 [ 17.455456] ? __pfx_kthread+0x10/0x10 [ 17.455476] ret_from_fork_asm+0x1a/0x30 [ 17.455505] </TASK> [ 17.455519] [ 17.468060] Allocated by task 283: [ 17.468653] kasan_save_stack+0x45/0x70 [ 17.468907] kasan_save_track+0x18/0x40 [ 17.469055] kasan_save_alloc_info+0x3b/0x50 [ 17.469389] __kasan_kmalloc+0xb7/0xc0 [ 17.469584] __kmalloc_cache_noprof+0x189/0x420 [ 17.469805] kasan_atomics+0x95/0x310 [ 17.470006] kunit_try_run_case+0x1a5/0x480 [ 17.470206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.470439] kthread+0x337/0x6f0 [ 17.470780] ret_from_fork+0x116/0x1d0 [ 17.470956] ret_from_fork_asm+0x1a/0x30 [ 17.471159] [ 17.471270] The buggy address belongs to the object at ffff888102ac4100 [ 17.471270] which belongs to the cache kmalloc-64 of size 64 [ 17.471936] The buggy address is located 0 bytes to the right of [ 17.471936] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.472870] [ 17.473066] The buggy address belongs to the physical page: [ 17.473378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.473731] flags: 0x200000000000000(node=0|zone=2) [ 17.473944] page_type: f5(slab) [ 17.474132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.474586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.475175] page dumped because: kasan: bad access detected [ 17.475565] [ 17.475733] Memory state around the buggy address: [ 17.476158] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.476658] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.476937] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.477445] ^ [ 17.477850] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.478264] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.478660] ================================================================== [ 16.620884] ================================================================== [ 16.621391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 16.621900] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.622242] [ 16.622464] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.622545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.622573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.622828] Call Trace: [ 16.622879] <TASK> [ 16.622927] dump_stack_lvl+0x73/0xb0 [ 16.622999] print_report+0xd1/0x650 [ 16.623059] ? __virt_addr_valid+0x1db/0x2d0 [ 16.623094] ? kasan_atomics_helper+0xac7/0x5450 [ 16.623150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.623176] ? kasan_atomics_helper+0xac7/0x5450 [ 16.623197] kasan_report+0x141/0x180 [ 16.623220] ? kasan_atomics_helper+0xac7/0x5450 [ 16.623264] kasan_check_range+0x10c/0x1c0 [ 16.623303] __kasan_check_write+0x18/0x20 [ 16.623334] kasan_atomics_helper+0xac7/0x5450 [ 16.623375] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.623416] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.623467] ? trace_hardirqs_on+0x37/0xe0 [ 16.623511] ? kasan_atomics+0x152/0x310 [ 16.623577] kasan_atomics+0x1dc/0x310 [ 16.623635] ? __pfx_kasan_atomics+0x10/0x10 [ 16.623678] ? __pfx_kasan_atomics+0x10/0x10 [ 16.623740] kunit_try_run_case+0x1a5/0x480 [ 16.623802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.623844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.623895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.623941] ? __kthread_parkme+0x82/0x180 [ 16.623994] ? preempt_count_sub+0x50/0x80 [ 16.624040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.624085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.624128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.624173] kthread+0x337/0x6f0 [ 16.624215] ? trace_preempt_on+0x20/0xc0 [ 16.624260] ? __pfx_kthread+0x10/0x10 [ 16.624303] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.624345] ? calculate_sigpending+0x7b/0xa0 [ 16.624394] ? __pfx_kthread+0x10/0x10 [ 16.624437] ret_from_fork+0x116/0x1d0 [ 16.624475] ? __pfx_kthread+0x10/0x10 [ 16.624514] ret_from_fork_asm+0x1a/0x30 [ 16.624578] </TASK> [ 16.624626] [ 16.636036] Allocated by task 283: [ 16.636597] kasan_save_stack+0x45/0x70 [ 16.637007] kasan_save_track+0x18/0x40 [ 16.637357] kasan_save_alloc_info+0x3b/0x50 [ 16.637712] __kasan_kmalloc+0xb7/0xc0 [ 16.637969] __kmalloc_cache_noprof+0x189/0x420 [ 16.638360] kasan_atomics+0x95/0x310 [ 16.638534] kunit_try_run_case+0x1a5/0x480 [ 16.638863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.639080] kthread+0x337/0x6f0 [ 16.639348] ret_from_fork+0x116/0x1d0 [ 16.639570] ret_from_fork_asm+0x1a/0x30 [ 16.639897] [ 16.640023] The buggy address belongs to the object at ffff888102ac4100 [ 16.640023] which belongs to the cache kmalloc-64 of size 64 [ 16.640641] The buggy address is located 0 bytes to the right of [ 16.640641] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.641344] [ 16.641477] The buggy address belongs to the physical page: [ 16.641820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.642387] flags: 0x200000000000000(node=0|zone=2) [ 16.642699] page_type: f5(slab) [ 16.642860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.643357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.643749] page dumped because: kasan: bad access detected [ 16.644056] [ 16.644243] Memory state around the buggy address: [ 16.644583] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.644944] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.645423] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.645806] ^ [ 16.646085] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646362] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646628] ================================================================== [ 16.372231] ================================================================== [ 16.372548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 16.372945] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.373709] [ 16.373926] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.374017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.374046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.374085] Call Trace: [ 16.374115] <TASK> [ 16.374144] dump_stack_lvl+0x73/0xb0 [ 16.374198] print_report+0xd1/0x650 [ 16.374237] ? __virt_addr_valid+0x1db/0x2d0 [ 16.374278] ? kasan_atomics_helper+0x565/0x5450 [ 16.374318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.374369] ? kasan_atomics_helper+0x565/0x5450 [ 16.374406] kasan_report+0x141/0x180 [ 16.374453] ? kasan_atomics_helper+0x565/0x5450 [ 16.374502] kasan_check_range+0x10c/0x1c0 [ 16.374965] __kasan_check_write+0x18/0x20 [ 16.375016] kasan_atomics_helper+0x565/0x5450 [ 16.375063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.375109] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.375154] ? trace_hardirqs_on+0x37/0xe0 [ 16.375199] ? kasan_atomics+0x152/0x310 [ 16.375253] kasan_atomics+0x1dc/0x310 [ 16.375279] ? __pfx_kasan_atomics+0x10/0x10 [ 16.375302] ? __pfx_kasan_atomics+0x10/0x10 [ 16.375329] kunit_try_run_case+0x1a5/0x480 [ 16.375352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.375375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.375398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.375420] ? __kthread_parkme+0x82/0x180 [ 16.375440] ? preempt_count_sub+0x50/0x80 [ 16.375464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.375486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.375586] kthread+0x337/0x6f0 [ 16.375635] ? trace_preempt_on+0x20/0xc0 [ 16.375662] ? __pfx_kthread+0x10/0x10 [ 16.375683] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.375705] ? calculate_sigpending+0x7b/0xa0 [ 16.375728] ? __pfx_kthread+0x10/0x10 [ 16.375749] ret_from_fork+0x116/0x1d0 [ 16.375767] ? __pfx_kthread+0x10/0x10 [ 16.375787] ret_from_fork_asm+0x1a/0x30 [ 16.375816] </TASK> [ 16.375830] [ 16.389391] Allocated by task 283: [ 16.389856] kasan_save_stack+0x45/0x70 [ 16.390243] kasan_save_track+0x18/0x40 [ 16.390755] kasan_save_alloc_info+0x3b/0x50 [ 16.391067] __kasan_kmalloc+0xb7/0xc0 [ 16.391257] __kmalloc_cache_noprof+0x189/0x420 [ 16.391910] kasan_atomics+0x95/0x310 [ 16.392468] kunit_try_run_case+0x1a5/0x480 [ 16.392956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.393185] kthread+0x337/0x6f0 [ 16.393538] ret_from_fork+0x116/0x1d0 [ 16.394026] ret_from_fork_asm+0x1a/0x30 [ 16.394225] [ 16.394325] The buggy address belongs to the object at ffff888102ac4100 [ 16.394325] which belongs to the cache kmalloc-64 of size 64 [ 16.395419] The buggy address is located 0 bytes to the right of [ 16.395419] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.396709] [ 16.396857] The buggy address belongs to the physical page: [ 16.397303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.397957] flags: 0x200000000000000(node=0|zone=2) [ 16.398528] page_type: f5(slab) [ 16.398940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.399301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.399945] page dumped because: kasan: bad access detected [ 16.400676] [ 16.400866] Memory state around the buggy address: [ 16.401091] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.401389] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.401787] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.402160] ^ [ 16.402563] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403326] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404045] ================================================================== [ 16.182353] ================================================================== [ 16.182837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 16.183137] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.183453] [ 16.183817] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.183903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.183926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.183962] Call Trace: [ 16.183991] <TASK> [ 16.184022] dump_stack_lvl+0x73/0xb0 [ 16.184077] print_report+0xd1/0x650 [ 16.184151] ? __virt_addr_valid+0x1db/0x2d0 [ 16.184195] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.184235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.184300] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.184337] kasan_report+0x141/0x180 [ 16.184373] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.184418] __asan_report_load4_noabort+0x18/0x20 [ 16.184461] kasan_atomics_helper+0x4b88/0x5450 [ 16.184659] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.184714] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.184763] ? trace_hardirqs_on+0x37/0xe0 [ 16.184793] ? kasan_atomics+0x152/0x310 [ 16.184821] kasan_atomics+0x1dc/0x310 [ 16.184843] ? __pfx_kasan_atomics+0x10/0x10 [ 16.184866] ? __pfx_kasan_atomics+0x10/0x10 [ 16.184891] kunit_try_run_case+0x1a5/0x480 [ 16.184914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.184934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.184956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.184977] ? __kthread_parkme+0x82/0x180 [ 16.184997] ? preempt_count_sub+0x50/0x80 [ 16.185020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.185063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.185083] kthread+0x337/0x6f0 [ 16.185102] ? trace_preempt_on+0x20/0xc0 [ 16.185122] ? __pfx_kthread+0x10/0x10 [ 16.185142] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.185161] ? calculate_sigpending+0x7b/0xa0 [ 16.185183] ? __pfx_kthread+0x10/0x10 [ 16.185203] ret_from_fork+0x116/0x1d0 [ 16.185230] ? __pfx_kthread+0x10/0x10 [ 16.185258] ret_from_fork_asm+0x1a/0x30 [ 16.185287] </TASK> [ 16.185299] [ 16.198046] Allocated by task 283: [ 16.198501] kasan_save_stack+0x45/0x70 [ 16.199435] kasan_save_track+0x18/0x40 [ 16.199809] kasan_save_alloc_info+0x3b/0x50 [ 16.200116] __kasan_kmalloc+0xb7/0xc0 [ 16.200376] __kmalloc_cache_noprof+0x189/0x420 [ 16.200572] kasan_atomics+0x95/0x310 [ 16.200724] kunit_try_run_case+0x1a5/0x480 [ 16.200870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.201092] kthread+0x337/0x6f0 [ 16.201271] ret_from_fork+0x116/0x1d0 [ 16.201462] ret_from_fork_asm+0x1a/0x30 [ 16.203424] [ 16.203541] The buggy address belongs to the object at ffff888102ac4100 [ 16.203541] which belongs to the cache kmalloc-64 of size 64 [ 16.203893] The buggy address is located 0 bytes to the right of [ 16.203893] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.207431] [ 16.207560] The buggy address belongs to the physical page: [ 16.207756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.207980] flags: 0x200000000000000(node=0|zone=2) [ 16.208153] page_type: f5(slab) [ 16.209542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.209852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.211451] page dumped because: kasan: bad access detected [ 16.212346] [ 16.212808] Memory state around the buggy address: [ 16.213045] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.213423] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.214101] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.214697] ^ [ 16.215051] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.215577] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.216387] ================================================================== [ 17.793376] ================================================================== [ 17.796846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 17.797130] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.797361] [ 17.797476] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.797552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.797575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.797646] Call Trace: [ 17.797676] <TASK> [ 17.797706] dump_stack_lvl+0x73/0xb0 [ 17.797748] print_report+0xd1/0x650 [ 17.797805] ? __virt_addr_valid+0x1db/0x2d0 [ 17.797845] ? kasan_atomics_helper+0x218a/0x5450 [ 17.797881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.797936] ? kasan_atomics_helper+0x218a/0x5450 [ 17.797978] kasan_report+0x141/0x180 [ 17.798021] ? kasan_atomics_helper+0x218a/0x5450 [ 17.798075] kasan_check_range+0x10c/0x1c0 [ 17.798128] __kasan_check_write+0x18/0x20 [ 17.798162] kasan_atomics_helper+0x218a/0x5450 [ 17.798200] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.798234] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.798275] ? trace_hardirqs_on+0x37/0xe0 [ 17.798314] ? kasan_atomics+0x152/0x310 [ 17.798360] kasan_atomics+0x1dc/0x310 [ 17.798394] ? __pfx_kasan_atomics+0x10/0x10 [ 17.798431] ? __pfx_kasan_atomics+0x10/0x10 [ 17.798475] kunit_try_run_case+0x1a5/0x480 [ 17.798512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.798547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.798587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.798656] ? __kthread_parkme+0x82/0x180 [ 17.798693] ? preempt_count_sub+0x50/0x80 [ 17.798739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.798779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.798818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.798855] kthread+0x337/0x6f0 [ 17.798888] ? trace_preempt_on+0x20/0xc0 [ 17.799749] ? __pfx_kthread+0x10/0x10 [ 17.799796] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.799836] ? calculate_sigpending+0x7b/0xa0 [ 17.799884] ? __pfx_kthread+0x10/0x10 [ 17.799922] ret_from_fork+0x116/0x1d0 [ 17.799960] ? __pfx_kthread+0x10/0x10 [ 17.800003] ret_from_fork_asm+0x1a/0x30 [ 17.800066] </TASK> [ 17.800090] [ 17.809633] Allocated by task 283: [ 17.809883] kasan_save_stack+0x45/0x70 [ 17.810227] kasan_save_track+0x18/0x40 [ 17.810493] kasan_save_alloc_info+0x3b/0x50 [ 17.810826] __kasan_kmalloc+0xb7/0xc0 [ 17.811111] __kmalloc_cache_noprof+0x189/0x420 [ 17.811311] kasan_atomics+0x95/0x310 [ 17.811506] kunit_try_run_case+0x1a5/0x480 [ 17.811815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.812209] kthread+0x337/0x6f0 [ 17.812469] ret_from_fork+0x116/0x1d0 [ 17.812699] ret_from_fork_asm+0x1a/0x30 [ 17.812899] [ 17.813024] The buggy address belongs to the object at ffff888102ac4100 [ 17.813024] which belongs to the cache kmalloc-64 of size 64 [ 17.813678] The buggy address is located 0 bytes to the right of [ 17.813678] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.814194] [ 17.814303] The buggy address belongs to the physical page: [ 17.814491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.814764] flags: 0x200000000000000(node=0|zone=2) [ 17.814961] page_type: f5(slab) [ 17.815119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.815370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.815612] page dumped because: kasan: bad access detected [ 17.816014] [ 17.816152] Memory state around the buggy address: [ 17.816497] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.816995] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.817568] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.818055] ^ [ 17.818475] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.818967] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.819550] ================================================================== [ 16.466774] ================================================================== [ 16.467734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 16.468400] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.468648] [ 16.468776] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.468854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.468877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.468913] Call Trace: [ 16.468939] <TASK> [ 16.468968] dump_stack_lvl+0x73/0xb0 [ 16.469021] print_report+0xd1/0x650 [ 16.469054] ? __virt_addr_valid+0x1db/0x2d0 [ 16.469089] ? kasan_atomics_helper+0x72f/0x5450 [ 16.469126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.469170] ? kasan_atomics_helper+0x72f/0x5450 [ 16.469207] kasan_report+0x141/0x180 [ 16.469250] ? kasan_atomics_helper+0x72f/0x5450 [ 16.469304] kasan_check_range+0x10c/0x1c0 [ 16.469351] __kasan_check_write+0x18/0x20 [ 16.469387] kasan_atomics_helper+0x72f/0x5450 [ 16.469430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.469471] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.469509] ? trace_hardirqs_on+0x37/0xe0 [ 16.469546] ? kasan_atomics+0x152/0x310 [ 16.469588] kasan_atomics+0x1dc/0x310 [ 16.469652] ? __pfx_kasan_atomics+0x10/0x10 [ 16.469692] ? __pfx_kasan_atomics+0x10/0x10 [ 16.469735] kunit_try_run_case+0x1a5/0x480 [ 16.469771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.469846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.469883] ? __kthread_parkme+0x82/0x180 [ 16.469924] ? preempt_count_sub+0x50/0x80 [ 16.469970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.470010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.470048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.470087] kthread+0x337/0x6f0 [ 16.470121] ? trace_preempt_on+0x20/0xc0 [ 16.470159] ? __pfx_kthread+0x10/0x10 [ 16.470195] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.470232] ? calculate_sigpending+0x7b/0xa0 [ 16.470272] ? __pfx_kthread+0x10/0x10 [ 16.470306] ret_from_fork+0x116/0x1d0 [ 16.470339] ? __pfx_kthread+0x10/0x10 [ 16.470374] ret_from_fork_asm+0x1a/0x30 [ 16.470429] </TASK> [ 16.470450] [ 16.486350] Allocated by task 283: [ 16.486594] kasan_save_stack+0x45/0x70 [ 16.486799] kasan_save_track+0x18/0x40 [ 16.487478] kasan_save_alloc_info+0x3b/0x50 [ 16.487931] __kasan_kmalloc+0xb7/0xc0 [ 16.488137] __kmalloc_cache_noprof+0x189/0x420 [ 16.488297] kasan_atomics+0x95/0x310 [ 16.488996] kunit_try_run_case+0x1a5/0x480 [ 16.489495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.489717] kthread+0x337/0x6f0 [ 16.489861] ret_from_fork+0x116/0x1d0 [ 16.490011] ret_from_fork_asm+0x1a/0x30 [ 16.490170] [ 16.490263] The buggy address belongs to the object at ffff888102ac4100 [ 16.490263] which belongs to the cache kmalloc-64 of size 64 [ 16.490582] The buggy address is located 0 bytes to the right of [ 16.490582] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.490927] [ 16.491026] The buggy address belongs to the physical page: [ 16.491201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.491445] flags: 0x200000000000000(node=0|zone=2) [ 16.492465] page_type: f5(slab) [ 16.492665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.492924] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.493211] page dumped because: kasan: bad access detected [ 16.493410] [ 16.493512] Memory state around the buggy address: [ 16.493689] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.494106] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.494532] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.495121] ^ [ 16.495987] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.496649] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.496961] ================================================================== [ 17.300345] ================================================================== [ 17.300784] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 17.301090] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.301551] [ 17.301720] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.301797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.301824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.301865] Call Trace: [ 17.301900] <TASK> [ 17.301941] dump_stack_lvl+0x73/0xb0 [ 17.301998] print_report+0xd1/0x650 [ 17.302044] ? __virt_addr_valid+0x1db/0x2d0 [ 17.302088] ? kasan_atomics_helper+0x177f/0x5450 [ 17.302132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.302182] ? kasan_atomics_helper+0x177f/0x5450 [ 17.302228] kasan_report+0x141/0x180 [ 17.302275] ? kasan_atomics_helper+0x177f/0x5450 [ 17.302358] kasan_check_range+0x10c/0x1c0 [ 17.302411] __kasan_check_write+0x18/0x20 [ 17.302455] kasan_atomics_helper+0x177f/0x5450 [ 17.302502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.302548] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.302597] ? trace_hardirqs_on+0x37/0xe0 [ 17.303383] ? kasan_atomics+0x152/0x310 [ 17.303440] kasan_atomics+0x1dc/0x310 [ 17.303487] ? __pfx_kasan_atomics+0x10/0x10 [ 17.303529] ? __pfx_kasan_atomics+0x10/0x10 [ 17.303583] kunit_try_run_case+0x1a5/0x480 [ 17.303646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.303692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.303741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.303787] ? __kthread_parkme+0x82/0x180 [ 17.303829] ? preempt_count_sub+0x50/0x80 [ 17.303879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.303928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.303977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.304025] kthread+0x337/0x6f0 [ 17.304066] ? trace_preempt_on+0x20/0xc0 [ 17.304116] ? __pfx_kthread+0x10/0x10 [ 17.304150] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.304183] ? calculate_sigpending+0x7b/0xa0 [ 17.304225] ? __pfx_kthread+0x10/0x10 [ 17.304266] ret_from_fork+0x116/0x1d0 [ 17.304305] ? __pfx_kthread+0x10/0x10 [ 17.304345] ret_from_fork_asm+0x1a/0x30 [ 17.304409] </TASK> [ 17.304436] [ 17.313415] Allocated by task 283: [ 17.313596] kasan_save_stack+0x45/0x70 [ 17.313795] kasan_save_track+0x18/0x40 [ 17.313972] kasan_save_alloc_info+0x3b/0x50 [ 17.314166] __kasan_kmalloc+0xb7/0xc0 [ 17.314451] __kmalloc_cache_noprof+0x189/0x420 [ 17.314802] kasan_atomics+0x95/0x310 [ 17.315155] kunit_try_run_case+0x1a5/0x480 [ 17.315459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.315815] kthread+0x337/0x6f0 [ 17.316068] ret_from_fork+0x116/0x1d0 [ 17.316287] ret_from_fork_asm+0x1a/0x30 [ 17.316463] [ 17.316572] The buggy address belongs to the object at ffff888102ac4100 [ 17.316572] which belongs to the cache kmalloc-64 of size 64 [ 17.316950] The buggy address is located 0 bytes to the right of [ 17.316950] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.317344] [ 17.317496] The buggy address belongs to the physical page: [ 17.317838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.318434] flags: 0x200000000000000(node=0|zone=2) [ 17.318780] page_type: f5(slab) [ 17.319042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.319688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.320160] page dumped because: kasan: bad access detected [ 17.320517] [ 17.320689] Memory state around the buggy address: [ 17.320919] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.321338] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.321579] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.321825] ^ [ 17.322016] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.322251] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.322511] ================================================================== [ 16.217412] ================================================================== [ 16.218185] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 16.218594] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.219111] [ 16.219307] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.219395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.219418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.219453] Call Trace: [ 16.219482] <TASK> [ 16.219514] dump_stack_lvl+0x73/0xb0 [ 16.219591] print_report+0xd1/0x650 [ 16.219656] ? __virt_addr_valid+0x1db/0x2d0 [ 16.219697] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.219737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.219768] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.219788] kasan_report+0x141/0x180 [ 16.219809] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.219834] __asan_report_store4_noabort+0x1b/0x30 [ 16.219857] kasan_atomics_helper+0x4b6e/0x5450 [ 16.219878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.219907] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.219942] ? trace_hardirqs_on+0x37/0xe0 [ 16.219981] ? kasan_atomics+0x152/0x310 [ 16.220029] kasan_atomics+0x1dc/0x310 [ 16.220070] ? __pfx_kasan_atomics+0x10/0x10 [ 16.220111] ? __pfx_kasan_atomics+0x10/0x10 [ 16.220534] kunit_try_run_case+0x1a5/0x480 [ 16.220633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.220662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.220686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.220708] ? __kthread_parkme+0x82/0x180 [ 16.220728] ? preempt_count_sub+0x50/0x80 [ 16.220751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.220773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.220794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.220815] kthread+0x337/0x6f0 [ 16.220833] ? trace_preempt_on+0x20/0xc0 [ 16.220855] ? __pfx_kthread+0x10/0x10 [ 16.220874] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.220894] ? calculate_sigpending+0x7b/0xa0 [ 16.220916] ? __pfx_kthread+0x10/0x10 [ 16.220936] ret_from_fork+0x116/0x1d0 [ 16.220953] ? __pfx_kthread+0x10/0x10 [ 16.220971] ret_from_fork_asm+0x1a/0x30 [ 16.221000] </TASK> [ 16.221012] [ 16.234954] Allocated by task 283: [ 16.235431] kasan_save_stack+0x45/0x70 [ 16.235839] kasan_save_track+0x18/0x40 [ 16.236075] kasan_save_alloc_info+0x3b/0x50 [ 16.236661] __kasan_kmalloc+0xb7/0xc0 [ 16.236862] __kmalloc_cache_noprof+0x189/0x420 [ 16.237016] kasan_atomics+0x95/0x310 [ 16.237934] kunit_try_run_case+0x1a5/0x480 [ 16.238168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.238327] kthread+0x337/0x6f0 [ 16.238902] ret_from_fork+0x116/0x1d0 [ 16.239058] ret_from_fork_asm+0x1a/0x30 [ 16.239520] [ 16.240067] The buggy address belongs to the object at ffff888102ac4100 [ 16.240067] which belongs to the cache kmalloc-64 of size 64 [ 16.240804] The buggy address is located 0 bytes to the right of [ 16.240804] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.241849] [ 16.242270] The buggy address belongs to the physical page: [ 16.242560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.243111] flags: 0x200000000000000(node=0|zone=2) [ 16.243516] page_type: f5(slab) [ 16.243959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.244450] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.245014] page dumped because: kasan: bad access detected [ 16.245436] [ 16.245799] Memory state around the buggy address: [ 16.246408] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.247047] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.247285] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.248017] ^ [ 16.248320] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.248907] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.249449] ================================================================== [ 16.803793] ================================================================== [ 16.804235] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 16.804528] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.804871] [ 16.805086] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.805224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.805251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.805308] Call Trace: [ 16.805340] <TASK> [ 16.805385] dump_stack_lvl+0x73/0xb0 [ 16.805461] print_report+0xd1/0x650 [ 16.805516] ? __virt_addr_valid+0x1db/0x2d0 [ 16.805556] ? kasan_atomics_helper+0xf10/0x5450 [ 16.805595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.805661] ? kasan_atomics_helper+0xf10/0x5450 [ 16.805706] kasan_report+0x141/0x180 [ 16.805752] ? kasan_atomics_helper+0xf10/0x5450 [ 16.805807] kasan_check_range+0x10c/0x1c0 [ 16.805854] __kasan_check_write+0x18/0x20 [ 16.805894] kasan_atomics_helper+0xf10/0x5450 [ 16.805947] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.805992] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.806041] ? trace_hardirqs_on+0x37/0xe0 [ 16.806086] ? kasan_atomics+0x152/0x310 [ 16.806174] kasan_atomics+0x1dc/0x310 [ 16.806216] ? __pfx_kasan_atomics+0x10/0x10 [ 16.806257] ? __pfx_kasan_atomics+0x10/0x10 [ 16.806306] kunit_try_run_case+0x1a5/0x480 [ 16.806393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.806433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.806477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.806519] ? __kthread_parkme+0x82/0x180 [ 16.806587] ? preempt_count_sub+0x50/0x80 [ 16.806649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.806694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.806729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.806752] kthread+0x337/0x6f0 [ 16.806773] ? trace_preempt_on+0x20/0xc0 [ 16.806795] ? __pfx_kthread+0x10/0x10 [ 16.806815] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.806837] ? calculate_sigpending+0x7b/0xa0 [ 16.806860] ? __pfx_kthread+0x10/0x10 [ 16.806881] ret_from_fork+0x116/0x1d0 [ 16.806899] ? __pfx_kthread+0x10/0x10 [ 16.806920] ret_from_fork_asm+0x1a/0x30 [ 16.806950] </TASK> [ 16.806963] [ 16.817420] Allocated by task 283: [ 16.817991] kasan_save_stack+0x45/0x70 [ 16.818388] kasan_save_track+0x18/0x40 [ 16.818632] kasan_save_alloc_info+0x3b/0x50 [ 16.818823] __kasan_kmalloc+0xb7/0xc0 [ 16.819119] __kmalloc_cache_noprof+0x189/0x420 [ 16.819403] kasan_atomics+0x95/0x310 [ 16.819582] kunit_try_run_case+0x1a5/0x480 [ 16.819780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.820181] kthread+0x337/0x6f0 [ 16.820447] ret_from_fork+0x116/0x1d0 [ 16.820746] ret_from_fork_asm+0x1a/0x30 [ 16.821056] [ 16.821232] The buggy address belongs to the object at ffff888102ac4100 [ 16.821232] which belongs to the cache kmalloc-64 of size 64 [ 16.821766] The buggy address is located 0 bytes to the right of [ 16.821766] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.822242] [ 16.822381] The buggy address belongs to the physical page: [ 16.822743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.823296] flags: 0x200000000000000(node=0|zone=2) [ 16.823694] page_type: f5(slab) [ 16.823912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.824286] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.824800] page dumped because: kasan: bad access detected [ 16.825027] [ 16.825200] Memory state around the buggy address: [ 16.825555] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.825941] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.826313] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.826778] ^ [ 16.827030] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827499] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827815] ================================================================== [ 17.770404] ================================================================== [ 17.771035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 17.771409] Read of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.771774] [ 17.771912] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.771995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.772022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.772063] Call Trace: [ 17.772090] <TASK> [ 17.772148] dump_stack_lvl+0x73/0xb0 [ 17.772207] print_report+0xd1/0x650 [ 17.772247] ? __virt_addr_valid+0x1db/0x2d0 [ 17.772303] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.772392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.772446] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.772493] kasan_report+0x141/0x180 [ 17.772540] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.772596] __asan_report_load8_noabort+0x18/0x20 [ 17.772657] kasan_atomics_helper+0x4fb2/0x5450 [ 17.772696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.772736] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.772777] ? trace_hardirqs_on+0x37/0xe0 [ 17.772826] ? kasan_atomics+0x152/0x310 [ 17.772886] kasan_atomics+0x1dc/0x310 [ 17.772933] ? __pfx_kasan_atomics+0x10/0x10 [ 17.772976] ? __pfx_kasan_atomics+0x10/0x10 [ 17.773026] kunit_try_run_case+0x1a5/0x480 [ 17.773074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.773128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.773184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.773209] ? __kthread_parkme+0x82/0x180 [ 17.773229] ? preempt_count_sub+0x50/0x80 [ 17.773253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.773276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.773306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.773344] kthread+0x337/0x6f0 [ 17.773382] ? trace_preempt_on+0x20/0xc0 [ 17.773422] ? __pfx_kthread+0x10/0x10 [ 17.773455] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.773493] ? calculate_sigpending+0x7b/0xa0 [ 17.773535] ? __pfx_kthread+0x10/0x10 [ 17.773577] ret_from_fork+0x116/0x1d0 [ 17.773611] ? __pfx_kthread+0x10/0x10 [ 17.773665] ret_from_fork_asm+0x1a/0x30 [ 17.773725] </TASK> [ 17.773750] [ 17.782225] Allocated by task 283: [ 17.782445] kasan_save_stack+0x45/0x70 [ 17.782648] kasan_save_track+0x18/0x40 [ 17.782815] kasan_save_alloc_info+0x3b/0x50 [ 17.783108] __kasan_kmalloc+0xb7/0xc0 [ 17.783385] __kmalloc_cache_noprof+0x189/0x420 [ 17.783716] kasan_atomics+0x95/0x310 [ 17.784008] kunit_try_run_case+0x1a5/0x480 [ 17.784396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.784601] kthread+0x337/0x6f0 [ 17.784774] ret_from_fork+0x116/0x1d0 [ 17.784937] ret_from_fork_asm+0x1a/0x30 [ 17.785107] [ 17.785215] The buggy address belongs to the object at ffff888102ac4100 [ 17.785215] which belongs to the cache kmalloc-64 of size 64 [ 17.786004] The buggy address is located 0 bytes to the right of [ 17.786004] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.786720] [ 17.786813] The buggy address belongs to the physical page: [ 17.786974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.787357] flags: 0x200000000000000(node=0|zone=2) [ 17.787657] page_type: f5(slab) [ 17.787818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.788073] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.790687] page dumped because: kasan: bad access detected [ 17.791081] [ 17.791182] Memory state around the buggy address: [ 17.791370] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.791605] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.791847] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.792062] ^ [ 17.792230] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.792481] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.792781] ================================================================== [ 16.931313] ================================================================== [ 16.932379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 16.932814] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.933304] [ 16.934096] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.934177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.934191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.934213] Call Trace: [ 16.934230] <TASK> [ 16.934247] dump_stack_lvl+0x73/0xb0 [ 16.934281] print_report+0xd1/0x650 [ 16.934303] ? __virt_addr_valid+0x1db/0x2d0 [ 16.934325] ? kasan_atomics_helper+0x1148/0x5450 [ 16.934346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.934371] ? kasan_atomics_helper+0x1148/0x5450 [ 16.934392] kasan_report+0x141/0x180 [ 16.934414] ? kasan_atomics_helper+0x1148/0x5450 [ 16.934439] kasan_check_range+0x10c/0x1c0 [ 16.934461] __kasan_check_write+0x18/0x20 [ 16.934481] kasan_atomics_helper+0x1148/0x5450 [ 16.934502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.934524] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.934547] ? trace_hardirqs_on+0x37/0xe0 [ 16.934569] ? kasan_atomics+0x152/0x310 [ 16.934595] kasan_atomics+0x1dc/0x310 [ 16.934634] ? __pfx_kasan_atomics+0x10/0x10 [ 16.934659] ? __pfx_kasan_atomics+0x10/0x10 [ 16.934686] kunit_try_run_case+0x1a5/0x480 [ 16.934710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.934731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.934753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.934775] ? __kthread_parkme+0x82/0x180 [ 16.934795] ? preempt_count_sub+0x50/0x80 [ 16.934818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.934841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.934862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.934885] kthread+0x337/0x6f0 [ 16.934904] ? trace_preempt_on+0x20/0xc0 [ 16.934926] ? __pfx_kthread+0x10/0x10 [ 16.934946] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.934967] ? calculate_sigpending+0x7b/0xa0 [ 16.934990] ? __pfx_kthread+0x10/0x10 [ 16.935010] ret_from_fork+0x116/0x1d0 [ 16.935029] ? __pfx_kthread+0x10/0x10 [ 16.935049] ret_from_fork_asm+0x1a/0x30 [ 16.935079] </TASK> [ 16.935092] [ 16.946084] Allocated by task 283: [ 16.946304] kasan_save_stack+0x45/0x70 [ 16.946517] kasan_save_track+0x18/0x40 [ 16.946712] kasan_save_alloc_info+0x3b/0x50 [ 16.946902] __kasan_kmalloc+0xb7/0xc0 [ 16.947073] __kmalloc_cache_noprof+0x189/0x420 [ 16.948105] kasan_atomics+0x95/0x310 [ 16.948307] kunit_try_run_case+0x1a5/0x480 [ 16.948523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.948756] kthread+0x337/0x6f0 [ 16.948918] ret_from_fork+0x116/0x1d0 [ 16.949091] ret_from_fork_asm+0x1a/0x30 [ 16.949286] [ 16.949387] The buggy address belongs to the object at ffff888102ac4100 [ 16.949387] which belongs to the cache kmalloc-64 of size 64 [ 16.949859] The buggy address is located 0 bytes to the right of [ 16.949859] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.951275] [ 16.951405] The buggy address belongs to the physical page: [ 16.952001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.952528] flags: 0x200000000000000(node=0|zone=2) [ 16.952909] page_type: f5(slab) [ 16.953114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.953712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.954034] page dumped because: kasan: bad access detected [ 16.954659] [ 16.954900] Memory state around the buggy address: [ 16.955154] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.955662] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.956106] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.956380] ^ [ 16.956768] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.957157] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.957806] ================================================================== [ 17.744729] ================================================================== [ 17.745157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 17.745436] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.745806] [ 17.745989] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.746072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.746125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.746170] Call Trace: [ 17.746220] <TASK> [ 17.746252] dump_stack_lvl+0x73/0xb0 [ 17.746306] print_report+0xd1/0x650 [ 17.746344] ? __virt_addr_valid+0x1db/0x2d0 [ 17.746381] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.746419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.746467] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.746531] kasan_report+0x141/0x180 [ 17.746570] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.746631] kasan_check_range+0x10c/0x1c0 [ 17.746678] __kasan_check_write+0x18/0x20 [ 17.746736] kasan_atomics_helper+0x20c8/0x5450 [ 17.746781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.746824] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.746874] ? trace_hardirqs_on+0x37/0xe0 [ 17.746920] ? kasan_atomics+0x152/0x310 [ 17.746977] kasan_atomics+0x1dc/0x310 [ 17.747024] ? __pfx_kasan_atomics+0x10/0x10 [ 17.747071] ? __pfx_kasan_atomics+0x10/0x10 [ 17.747159] kunit_try_run_case+0x1a5/0x480 [ 17.747212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.747259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.747306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.747345] ? __kthread_parkme+0x82/0x180 [ 17.747383] ? preempt_count_sub+0x50/0x80 [ 17.747427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.747496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.747539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.747591] kthread+0x337/0x6f0 [ 17.747645] ? trace_preempt_on+0x20/0xc0 [ 17.747706] ? __pfx_kthread+0x10/0x10 [ 17.747745] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.747783] ? calculate_sigpending+0x7b/0xa0 [ 17.747826] ? __pfx_kthread+0x10/0x10 [ 17.747867] ret_from_fork+0x116/0x1d0 [ 17.747919] ? __pfx_kthread+0x10/0x10 [ 17.747961] ret_from_fork_asm+0x1a/0x30 [ 17.748018] </TASK> [ 17.748043] [ 17.758225] Allocated by task 283: [ 17.758402] kasan_save_stack+0x45/0x70 [ 17.758593] kasan_save_track+0x18/0x40 [ 17.758774] kasan_save_alloc_info+0x3b/0x50 [ 17.759159] __kasan_kmalloc+0xb7/0xc0 [ 17.759565] __kmalloc_cache_noprof+0x189/0x420 [ 17.759994] kasan_atomics+0x95/0x310 [ 17.760363] kunit_try_run_case+0x1a5/0x480 [ 17.760719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.761187] kthread+0x337/0x6f0 [ 17.761629] ret_from_fork+0x116/0x1d0 [ 17.761983] ret_from_fork_asm+0x1a/0x30 [ 17.762363] [ 17.762552] The buggy address belongs to the object at ffff888102ac4100 [ 17.762552] which belongs to the cache kmalloc-64 of size 64 [ 17.763345] The buggy address is located 0 bytes to the right of [ 17.763345] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.764140] [ 17.764331] The buggy address belongs to the physical page: [ 17.764659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.765015] flags: 0x200000000000000(node=0|zone=2) [ 17.765268] page_type: f5(slab) [ 17.765521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.765893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.766453] page dumped because: kasan: bad access detected [ 17.766982] [ 17.767091] Memory state around the buggy address: [ 17.767463] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.767929] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.768456] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.768758] ^ [ 17.769163] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.769512] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.769783] ================================================================== [ 16.778236] ================================================================== [ 16.778806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 16.779993] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.780494] [ 16.780691] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.780774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.780797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.780834] Call Trace: [ 16.780864] <TASK> [ 16.780894] dump_stack_lvl+0x73/0xb0 [ 16.780953] print_report+0xd1/0x650 [ 16.780997] ? __virt_addr_valid+0x1db/0x2d0 [ 16.781041] ? kasan_atomics_helper+0xe78/0x5450 [ 16.781080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.781166] ? kasan_atomics_helper+0xe78/0x5450 [ 16.781212] kasan_report+0x141/0x180 [ 16.781251] ? kasan_atomics_helper+0xe78/0x5450 [ 16.781295] kasan_check_range+0x10c/0x1c0 [ 16.781337] __kasan_check_write+0x18/0x20 [ 16.781376] kasan_atomics_helper+0xe78/0x5450 [ 16.781420] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.781465] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.781513] ? trace_hardirqs_on+0x37/0xe0 [ 16.781558] ? kasan_atomics+0x152/0x310 [ 16.781625] kasan_atomics+0x1dc/0x310 [ 16.781674] ? __pfx_kasan_atomics+0x10/0x10 [ 16.781724] ? __pfx_kasan_atomics+0x10/0x10 [ 16.781777] kunit_try_run_case+0x1a5/0x480 [ 16.781818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.781841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.781865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.781888] ? __kthread_parkme+0x82/0x180 [ 16.781908] ? preempt_count_sub+0x50/0x80 [ 16.781943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.781967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.781989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.782011] kthread+0x337/0x6f0 [ 16.782031] ? trace_preempt_on+0x20/0xc0 [ 16.782053] ? __pfx_kthread+0x10/0x10 [ 16.782073] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.782094] ? calculate_sigpending+0x7b/0xa0 [ 16.782142] ? __pfx_kthread+0x10/0x10 [ 16.782164] ret_from_fork+0x116/0x1d0 [ 16.782183] ? __pfx_kthread+0x10/0x10 [ 16.782203] ret_from_fork_asm+0x1a/0x30 [ 16.782233] </TASK> [ 16.782248] [ 16.791725] Allocated by task 283: [ 16.792014] kasan_save_stack+0x45/0x70 [ 16.792416] kasan_save_track+0x18/0x40 [ 16.792726] kasan_save_alloc_info+0x3b/0x50 [ 16.793026] __kasan_kmalloc+0xb7/0xc0 [ 16.793353] __kmalloc_cache_noprof+0x189/0x420 [ 16.793591] kasan_atomics+0x95/0x310 [ 16.793779] kunit_try_run_case+0x1a5/0x480 [ 16.793966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.794166] kthread+0x337/0x6f0 [ 16.794322] ret_from_fork+0x116/0x1d0 [ 16.794485] ret_from_fork_asm+0x1a/0x30 [ 16.794684] [ 16.794850] The buggy address belongs to the object at ffff888102ac4100 [ 16.794850] which belongs to the cache kmalloc-64 of size 64 [ 16.795671] The buggy address is located 0 bytes to the right of [ 16.795671] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.797258] [ 16.797388] The buggy address belongs to the physical page: [ 16.797714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.798094] flags: 0x200000000000000(node=0|zone=2) [ 16.798368] page_type: f5(slab) [ 16.798527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.799487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.800075] page dumped because: kasan: bad access detected [ 16.800484] [ 16.800656] Memory state around the buggy address: [ 16.800968] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.801435] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.801759] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.802033] ^ [ 16.802391] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.802678] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803103] ================================================================== [ 17.536483] ================================================================== [ 17.536955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 17.537419] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.537835] [ 17.537930] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.537979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.537992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.538015] Call Trace: [ 17.538032] <TASK> [ 17.538049] dump_stack_lvl+0x73/0xb0 [ 17.538081] print_report+0xd1/0x650 [ 17.538145] ? __virt_addr_valid+0x1db/0x2d0 [ 17.538192] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.538231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.538396] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.538450] kasan_report+0x141/0x180 [ 17.538494] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.538559] kasan_check_range+0x10c/0x1c0 [ 17.538598] __kasan_check_write+0x18/0x20 [ 17.538660] kasan_atomics_helper+0x1ce1/0x5450 [ 17.538698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.538736] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.538781] ? trace_hardirqs_on+0x37/0xe0 [ 17.538824] ? kasan_atomics+0x152/0x310 [ 17.538877] kasan_atomics+0x1dc/0x310 [ 17.538916] ? __pfx_kasan_atomics+0x10/0x10 [ 17.538950] ? __pfx_kasan_atomics+0x10/0x10 [ 17.538999] kunit_try_run_case+0x1a5/0x480 [ 17.539047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.539089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.539130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.539182] ? __kthread_parkme+0x82/0x180 [ 17.539202] ? preempt_count_sub+0x50/0x80 [ 17.539227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.539250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.539272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.539295] kthread+0x337/0x6f0 [ 17.539315] ? trace_preempt_on+0x20/0xc0 [ 17.539336] ? __pfx_kthread+0x10/0x10 [ 17.539357] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.539377] ? calculate_sigpending+0x7b/0xa0 [ 17.539401] ? __pfx_kthread+0x10/0x10 [ 17.539422] ret_from_fork+0x116/0x1d0 [ 17.539440] ? __pfx_kthread+0x10/0x10 [ 17.539460] ret_from_fork_asm+0x1a/0x30 [ 17.539490] </TASK> [ 17.539503] [ 17.550558] Allocated by task 283: [ 17.550719] kasan_save_stack+0x45/0x70 [ 17.550905] kasan_save_track+0x18/0x40 [ 17.551076] kasan_save_alloc_info+0x3b/0x50 [ 17.551301] __kasan_kmalloc+0xb7/0xc0 [ 17.551598] __kmalloc_cache_noprof+0x189/0x420 [ 17.551945] kasan_atomics+0x95/0x310 [ 17.552231] kunit_try_run_case+0x1a5/0x480 [ 17.553153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.553397] kthread+0x337/0x6f0 [ 17.553665] ret_from_fork+0x116/0x1d0 [ 17.553873] ret_from_fork_asm+0x1a/0x30 [ 17.554043] [ 17.554696] The buggy address belongs to the object at ffff888102ac4100 [ 17.554696] which belongs to the cache kmalloc-64 of size 64 [ 17.555381] The buggy address is located 0 bytes to the right of [ 17.555381] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.556258] [ 17.556362] The buggy address belongs to the physical page: [ 17.556836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.557555] flags: 0x200000000000000(node=0|zone=2) [ 17.557822] page_type: f5(slab) [ 17.557968] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.558564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.558874] page dumped because: kasan: bad access detected [ 17.559130] [ 17.559573] Memory state around the buggy address: [ 17.559975] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.560405] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.560830] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.561426] ^ [ 17.561686] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.562316] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.562692] ================================================================== [ 16.341114] ================================================================== [ 16.341750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 16.342000] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.342272] [ 16.342530] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.342641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.342664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.342703] Call Trace: [ 16.342730] <TASK> [ 16.342759] dump_stack_lvl+0x73/0xb0 [ 16.342820] print_report+0xd1/0x650 [ 16.342864] ? __virt_addr_valid+0x1db/0x2d0 [ 16.342902] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.342940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.342985] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.343310] kasan_report+0x141/0x180 [ 16.343354] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.343403] __asan_report_store4_noabort+0x1b/0x30 [ 16.343453] kasan_atomics_helper+0x4b3a/0x5450 [ 16.343500] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.343544] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.343588] ? trace_hardirqs_on+0x37/0xe0 [ 16.343651] ? kasan_atomics+0x152/0x310 [ 16.343705] kasan_atomics+0x1dc/0x310 [ 16.343743] ? __pfx_kasan_atomics+0x10/0x10 [ 16.343781] ? __pfx_kasan_atomics+0x10/0x10 [ 16.343822] kunit_try_run_case+0x1a5/0x480 [ 16.343862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.343910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.343933] ? __kthread_parkme+0x82/0x180 [ 16.343953] ? preempt_count_sub+0x50/0x80 [ 16.343977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344045] kthread+0x337/0x6f0 [ 16.344066] ? trace_preempt_on+0x20/0xc0 [ 16.344087] ? __pfx_kthread+0x10/0x10 [ 16.344114] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.344138] ? calculate_sigpending+0x7b/0xa0 [ 16.344161] ? __pfx_kthread+0x10/0x10 [ 16.344183] ret_from_fork+0x116/0x1d0 [ 16.344201] ? __pfx_kthread+0x10/0x10 [ 16.344222] ret_from_fork_asm+0x1a/0x30 [ 16.344251] </TASK> [ 16.344264] [ 16.355923] Allocated by task 283: [ 16.356178] kasan_save_stack+0x45/0x70 [ 16.356460] kasan_save_track+0x18/0x40 [ 16.357567] kasan_save_alloc_info+0x3b/0x50 [ 16.357755] __kasan_kmalloc+0xb7/0xc0 [ 16.358588] __kmalloc_cache_noprof+0x189/0x420 [ 16.358888] kasan_atomics+0x95/0x310 [ 16.359044] kunit_try_run_case+0x1a5/0x480 [ 16.359787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.360004] kthread+0x337/0x6f0 [ 16.360144] ret_from_fork+0x116/0x1d0 [ 16.360655] ret_from_fork_asm+0x1a/0x30 [ 16.361018] [ 16.361226] The buggy address belongs to the object at ffff888102ac4100 [ 16.361226] which belongs to the cache kmalloc-64 of size 64 [ 16.362007] The buggy address is located 0 bytes to the right of [ 16.362007] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.363572] [ 16.363770] The buggy address belongs to the physical page: [ 16.364349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.364811] flags: 0x200000000000000(node=0|zone=2) [ 16.365142] page_type: f5(slab) [ 16.365725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.365977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.366664] page dumped because: kasan: bad access detected [ 16.367394] [ 16.367569] Memory state around the buggy address: [ 16.368071] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.368446] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.369543] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.369848] ^ [ 16.370051] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.370838] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.371204] ================================================================== [ 17.323481] ================================================================== [ 17.324050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 17.324568] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.325069] [ 17.325294] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.325380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.325407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.325447] Call Trace: [ 17.325477] <TASK> [ 17.325509] dump_stack_lvl+0x73/0xb0 [ 17.325567] print_report+0xd1/0x650 [ 17.325612] ? __virt_addr_valid+0x1db/0x2d0 [ 17.325674] ? kasan_atomics_helper+0x1818/0x5450 [ 17.325717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.325769] ? kasan_atomics_helper+0x1818/0x5450 [ 17.325814] kasan_report+0x141/0x180 [ 17.325860] ? kasan_atomics_helper+0x1818/0x5450 [ 17.325922] kasan_check_range+0x10c/0x1c0 [ 17.325971] __kasan_check_write+0x18/0x20 [ 17.326013] kasan_atomics_helper+0x1818/0x5450 [ 17.326059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.326105] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.326149] ? trace_hardirqs_on+0x37/0xe0 [ 17.326184] ? kasan_atomics+0x152/0x310 [ 17.326230] kasan_atomics+0x1dc/0x310 [ 17.326272] ? __pfx_kasan_atomics+0x10/0x10 [ 17.326313] ? __pfx_kasan_atomics+0x10/0x10 [ 17.326367] kunit_try_run_case+0x1a5/0x480 [ 17.326417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.326463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.326511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.326556] ? __kthread_parkme+0x82/0x180 [ 17.326599] ? preempt_count_sub+0x50/0x80 [ 17.326664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.326705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.326742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.326783] kthread+0x337/0x6f0 [ 17.326817] ? trace_preempt_on+0x20/0xc0 [ 17.326857] ? __pfx_kthread+0x10/0x10 [ 17.326890] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.326927] ? calculate_sigpending+0x7b/0xa0 [ 17.326970] ? __pfx_kthread+0x10/0x10 [ 17.327011] ret_from_fork+0x116/0x1d0 [ 17.327050] ? __pfx_kthread+0x10/0x10 [ 17.327088] ret_from_fork_asm+0x1a/0x30 [ 17.327161] </TASK> [ 17.327187] [ 17.335573] Allocated by task 283: [ 17.335758] kasan_save_stack+0x45/0x70 [ 17.335947] kasan_save_track+0x18/0x40 [ 17.336113] kasan_save_alloc_info+0x3b/0x50 [ 17.336434] __kasan_kmalloc+0xb7/0xc0 [ 17.336747] __kmalloc_cache_noprof+0x189/0x420 [ 17.337091] kasan_atomics+0x95/0x310 [ 17.337386] kunit_try_run_case+0x1a5/0x480 [ 17.337696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.338085] kthread+0x337/0x6f0 [ 17.338351] ret_from_fork+0x116/0x1d0 [ 17.338642] ret_from_fork_asm+0x1a/0x30 [ 17.338820] [ 17.338930] The buggy address belongs to the object at ffff888102ac4100 [ 17.338930] which belongs to the cache kmalloc-64 of size 64 [ 17.339684] The buggy address is located 0 bytes to the right of [ 17.339684] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.340446] [ 17.340605] The buggy address belongs to the physical page: [ 17.340848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.341114] flags: 0x200000000000000(node=0|zone=2) [ 17.341489] page_type: f5(slab) [ 17.341765] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.342308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.342580] page dumped because: kasan: bad access detected [ 17.342796] [ 17.342901] Memory state around the buggy address: [ 17.343088] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.343585] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.344065] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.344547] ^ [ 17.344895] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.345225] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.345521] ================================================================== [ 17.222041] ================================================================== [ 17.222672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 17.223271] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.223705] [ 17.223911] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.223996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.224021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.224056] Call Trace: [ 17.224086] <TASK> [ 17.224177] dump_stack_lvl+0x73/0xb0 [ 17.224239] print_report+0xd1/0x650 [ 17.224277] ? __virt_addr_valid+0x1db/0x2d0 [ 17.224316] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.224349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.224392] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.224432] kasan_report+0x141/0x180 [ 17.224473] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.224526] kasan_check_range+0x10c/0x1c0 [ 17.224573] __kasan_check_write+0x18/0x20 [ 17.224627] kasan_atomics_helper+0x15b6/0x5450 [ 17.224672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.224715] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.224761] ? trace_hardirqs_on+0x37/0xe0 [ 17.224805] ? kasan_atomics+0x152/0x310 [ 17.224859] kasan_atomics+0x1dc/0x310 [ 17.224901] ? __pfx_kasan_atomics+0x10/0x10 [ 17.224966] ? __pfx_kasan_atomics+0x10/0x10 [ 17.225014] kunit_try_run_case+0x1a5/0x480 [ 17.225058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.225132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.225183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.225231] ? __kthread_parkme+0x82/0x180 [ 17.225272] ? preempt_count_sub+0x50/0x80 [ 17.225322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.225370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.225416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.225455] kthread+0x337/0x6f0 [ 17.225477] ? trace_preempt_on+0x20/0xc0 [ 17.225499] ? __pfx_kthread+0x10/0x10 [ 17.225520] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.225542] ? calculate_sigpending+0x7b/0xa0 [ 17.225565] ? __pfx_kthread+0x10/0x10 [ 17.225587] ret_from_fork+0x116/0x1d0 [ 17.225606] ? __pfx_kthread+0x10/0x10 [ 17.225644] ret_from_fork_asm+0x1a/0x30 [ 17.225674] </TASK> [ 17.225687] [ 17.235403] Allocated by task 283: [ 17.235742] kasan_save_stack+0x45/0x70 [ 17.236143] kasan_save_track+0x18/0x40 [ 17.236495] kasan_save_alloc_info+0x3b/0x50 [ 17.236878] __kasan_kmalloc+0xb7/0xc0 [ 17.237220] __kmalloc_cache_noprof+0x189/0x420 [ 17.237522] kasan_atomics+0x95/0x310 [ 17.237822] kunit_try_run_case+0x1a5/0x480 [ 17.238172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.238533] kthread+0x337/0x6f0 [ 17.238841] ret_from_fork+0x116/0x1d0 [ 17.239140] ret_from_fork_asm+0x1a/0x30 [ 17.239410] [ 17.239624] The buggy address belongs to the object at ffff888102ac4100 [ 17.239624] which belongs to the cache kmalloc-64 of size 64 [ 17.240293] The buggy address is located 0 bytes to the right of [ 17.240293] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.240922] [ 17.241094] The buggy address belongs to the physical page: [ 17.241573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.241989] flags: 0x200000000000000(node=0|zone=2) [ 17.242448] page_type: f5(slab) [ 17.242747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.243257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.243640] page dumped because: kasan: bad access detected [ 17.244027] [ 17.244244] Memory state around the buggy address: [ 17.244588] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.245037] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.245489] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.245933] ^ [ 17.246307] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.246731] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.247022] ================================================================== [ 16.674025] ================================================================== [ 16.674511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 16.675110] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.675664] [ 16.675883] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.675976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.676004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.676058] Call Trace: [ 16.676084] <TASK> [ 16.676112] dump_stack_lvl+0x73/0xb0 [ 16.676170] print_report+0xd1/0x650 [ 16.676210] ? __virt_addr_valid+0x1db/0x2d0 [ 16.676252] ? kasan_atomics_helper+0xc70/0x5450 [ 16.676293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.676367] ? kasan_atomics_helper+0xc70/0x5450 [ 16.676411] kasan_report+0x141/0x180 [ 16.676463] ? kasan_atomics_helper+0xc70/0x5450 [ 16.676520] kasan_check_range+0x10c/0x1c0 [ 16.676570] __kasan_check_write+0x18/0x20 [ 16.676604] kasan_atomics_helper+0xc70/0x5450 [ 16.676652] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.676676] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.676699] ? trace_hardirqs_on+0x37/0xe0 [ 16.676722] ? kasan_atomics+0x152/0x310 [ 16.676749] kasan_atomics+0x1dc/0x310 [ 16.676771] ? __pfx_kasan_atomics+0x10/0x10 [ 16.676794] ? __pfx_kasan_atomics+0x10/0x10 [ 16.676820] kunit_try_run_case+0x1a5/0x480 [ 16.676844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.676865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.676887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.676909] ? __kthread_parkme+0x82/0x180 [ 16.676929] ? preempt_count_sub+0x50/0x80 [ 16.676952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.676975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.676996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.677018] kthread+0x337/0x6f0 [ 16.677038] ? trace_preempt_on+0x20/0xc0 [ 16.677059] ? __pfx_kthread+0x10/0x10 [ 16.677079] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.677109] ? calculate_sigpending+0x7b/0xa0 [ 16.677147] ? __pfx_kthread+0x10/0x10 [ 16.677167] ret_from_fork+0x116/0x1d0 [ 16.677186] ? __pfx_kthread+0x10/0x10 [ 16.677205] ret_from_fork_asm+0x1a/0x30 [ 16.677235] </TASK> [ 16.677247] [ 16.687428] Allocated by task 283: [ 16.687666] kasan_save_stack+0x45/0x70 [ 16.687986] kasan_save_track+0x18/0x40 [ 16.688303] kasan_save_alloc_info+0x3b/0x50 [ 16.688567] __kasan_kmalloc+0xb7/0xc0 [ 16.688751] __kmalloc_cache_noprof+0x189/0x420 [ 16.688943] kasan_atomics+0x95/0x310 [ 16.689109] kunit_try_run_case+0x1a5/0x480 [ 16.689366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.689750] kthread+0x337/0x6f0 [ 16.690055] ret_from_fork+0x116/0x1d0 [ 16.690396] ret_from_fork_asm+0x1a/0x30 [ 16.690892] [ 16.691246] The buggy address belongs to the object at ffff888102ac4100 [ 16.691246] which belongs to the cache kmalloc-64 of size 64 [ 16.692130] The buggy address is located 0 bytes to the right of [ 16.692130] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.692737] [ 16.692885] The buggy address belongs to the physical page: [ 16.693210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.693850] flags: 0x200000000000000(node=0|zone=2) [ 16.694090] page_type: f5(slab) [ 16.694362] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.694777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.695230] page dumped because: kasan: bad access detected [ 16.695413] [ 16.695569] Memory state around the buggy address: [ 16.695864] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.696300] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.696758] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.697756] ^ [ 16.698063] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698519] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699010] ================================================================== [ 16.309286] ================================================================== [ 16.310173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 16.310591] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.311277] [ 16.311492] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.311737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.311766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.311808] Call Trace: [ 16.311839] <TASK> [ 16.311870] dump_stack_lvl+0x73/0xb0 [ 16.311922] print_report+0xd1/0x650 [ 16.311960] ? __virt_addr_valid+0x1db/0x2d0 [ 16.312001] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.312063] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.312139] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.312183] kasan_report+0x141/0x180 [ 16.312241] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.312289] kasan_check_range+0x10c/0x1c0 [ 16.312367] __kasan_check_write+0x18/0x20 [ 16.312406] kasan_atomics_helper+0x4a0/0x5450 [ 16.312448] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.312471] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.312495] ? trace_hardirqs_on+0x37/0xe0 [ 16.312556] ? kasan_atomics+0x152/0x310 [ 16.312594] kasan_atomics+0x1dc/0x310 [ 16.312645] ? __pfx_kasan_atomics+0x10/0x10 [ 16.312677] ? __pfx_kasan_atomics+0x10/0x10 [ 16.312703] kunit_try_run_case+0x1a5/0x480 [ 16.312727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.312772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.312794] ? __kthread_parkme+0x82/0x180 [ 16.312814] ? preempt_count_sub+0x50/0x80 [ 16.312837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.312882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.312904] kthread+0x337/0x6f0 [ 16.312924] ? trace_preempt_on+0x20/0xc0 [ 16.312946] ? __pfx_kthread+0x10/0x10 [ 16.312967] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.312986] ? calculate_sigpending+0x7b/0xa0 [ 16.313009] ? __pfx_kthread+0x10/0x10 [ 16.313030] ret_from_fork+0x116/0x1d0 [ 16.313048] ? __pfx_kthread+0x10/0x10 [ 16.313067] ret_from_fork_asm+0x1a/0x30 [ 16.313098] </TASK> [ 16.313115] [ 16.326476] Allocated by task 283: [ 16.327013] kasan_save_stack+0x45/0x70 [ 16.327343] kasan_save_track+0x18/0x40 [ 16.327510] kasan_save_alloc_info+0x3b/0x50 [ 16.327864] __kasan_kmalloc+0xb7/0xc0 [ 16.328065] __kmalloc_cache_noprof+0x189/0x420 [ 16.328654] kasan_atomics+0x95/0x310 [ 16.328873] kunit_try_run_case+0x1a5/0x480 [ 16.329217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.329451] kthread+0x337/0x6f0 [ 16.329963] ret_from_fork+0x116/0x1d0 [ 16.330212] ret_from_fork_asm+0x1a/0x30 [ 16.330500] [ 16.330681] The buggy address belongs to the object at ffff888102ac4100 [ 16.330681] which belongs to the cache kmalloc-64 of size 64 [ 16.331634] The buggy address is located 0 bytes to the right of [ 16.331634] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.332548] [ 16.332701] The buggy address belongs to the physical page: [ 16.333028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.333863] flags: 0x200000000000000(node=0|zone=2) [ 16.334083] page_type: f5(slab) [ 16.334350] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.335048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.335461] page dumped because: kasan: bad access detected [ 16.335713] [ 16.335873] Memory state around the buggy address: [ 16.336189] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.336467] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.337393] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.337908] ^ [ 16.338561] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.338928] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.339688] ================================================================== [ 16.724031] ================================================================== [ 16.724791] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 16.725096] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.725440] [ 16.725640] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.725729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.725756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.725798] Call Trace: [ 16.725830] <TASK> [ 16.725862] dump_stack_lvl+0x73/0xb0 [ 16.725919] print_report+0xd1/0x650 [ 16.725960] ? __virt_addr_valid+0x1db/0x2d0 [ 16.726000] ? kasan_atomics_helper+0xd47/0x5450 [ 16.726037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.726079] ? kasan_atomics_helper+0xd47/0x5450 [ 16.726152] kasan_report+0x141/0x180 [ 16.726198] ? kasan_atomics_helper+0xd47/0x5450 [ 16.726251] kasan_check_range+0x10c/0x1c0 [ 16.726294] __kasan_check_write+0x18/0x20 [ 16.726329] kasan_atomics_helper+0xd47/0x5450 [ 16.726372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.726415] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.726461] ? trace_hardirqs_on+0x37/0xe0 [ 16.726502] ? kasan_atomics+0x152/0x310 [ 16.726552] kasan_atomics+0x1dc/0x310 [ 16.726596] ? __pfx_kasan_atomics+0x10/0x10 [ 16.726655] ? __pfx_kasan_atomics+0x10/0x10 [ 16.726689] kunit_try_run_case+0x1a5/0x480 [ 16.726714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.726737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.726760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.726781] ? __kthread_parkme+0x82/0x180 [ 16.726801] ? preempt_count_sub+0x50/0x80 [ 16.726837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.726879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.726923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.726963] kthread+0x337/0x6f0 [ 16.726996] ? trace_preempt_on+0x20/0xc0 [ 16.727038] ? __pfx_kthread+0x10/0x10 [ 16.727085] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.727158] ? calculate_sigpending+0x7b/0xa0 [ 16.727200] ? __pfx_kthread+0x10/0x10 [ 16.727237] ret_from_fork+0x116/0x1d0 [ 16.727273] ? __pfx_kthread+0x10/0x10 [ 16.727313] ret_from_fork_asm+0x1a/0x30 [ 16.727375] </TASK> [ 16.727399] [ 16.742527] Allocated by task 283: [ 16.742837] kasan_save_stack+0x45/0x70 [ 16.743060] kasan_save_track+0x18/0x40 [ 16.743314] kasan_save_alloc_info+0x3b/0x50 [ 16.743500] __kasan_kmalloc+0xb7/0xc0 [ 16.743722] __kmalloc_cache_noprof+0x189/0x420 [ 16.744022] kasan_atomics+0x95/0x310 [ 16.744320] kunit_try_run_case+0x1a5/0x480 [ 16.744658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.745016] kthread+0x337/0x6f0 [ 16.745275] ret_from_fork+0x116/0x1d0 [ 16.745508] ret_from_fork_asm+0x1a/0x30 [ 16.745694] [ 16.745807] The buggy address belongs to the object at ffff888102ac4100 [ 16.745807] which belongs to the cache kmalloc-64 of size 64 [ 16.746231] The buggy address is located 0 bytes to the right of [ 16.746231] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.747035] [ 16.747216] The buggy address belongs to the physical page: [ 16.747606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.748052] flags: 0x200000000000000(node=0|zone=2) [ 16.748381] page_type: f5(slab) [ 16.748646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.748972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.749309] page dumped because: kasan: bad access detected [ 16.749645] [ 16.749801] Memory state around the buggy address: [ 16.750179] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.750468] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.750812] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.751289] ^ [ 16.751523] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.751982] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.752280] ================================================================== [ 17.424704] ================================================================== [ 17.425310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 17.425760] Write of size 8 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 17.426188] [ 17.426429] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.426539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.426581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.426638] Call Trace: [ 17.426668] <TASK> [ 17.426719] dump_stack_lvl+0x73/0xb0 [ 17.426795] print_report+0xd1/0x650 [ 17.426839] ? __virt_addr_valid+0x1db/0x2d0 [ 17.426911] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.426956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.427008] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.427052] kasan_report+0x141/0x180 [ 17.427095] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.427201] kasan_check_range+0x10c/0x1c0 [ 17.427263] __kasan_check_write+0x18/0x20 [ 17.427304] kasan_atomics_helper+0x1a7f/0x5450 [ 17.427363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.427419] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.427468] ? trace_hardirqs_on+0x37/0xe0 [ 17.427513] ? kasan_atomics+0x152/0x310 [ 17.427569] kasan_atomics+0x1dc/0x310 [ 17.427627] ? __pfx_kasan_atomics+0x10/0x10 [ 17.427677] ? __pfx_kasan_atomics+0x10/0x10 [ 17.427733] kunit_try_run_case+0x1a5/0x480 [ 17.427782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.427823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.427862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.427899] ? __kthread_parkme+0x82/0x180 [ 17.427933] ? preempt_count_sub+0x50/0x80 [ 17.427976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.428052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.428152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.428214] kthread+0x337/0x6f0 [ 17.428259] ? trace_preempt_on+0x20/0xc0 [ 17.428304] ? __pfx_kthread+0x10/0x10 [ 17.428345] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.428410] ? calculate_sigpending+0x7b/0xa0 [ 17.428479] ? __pfx_kthread+0x10/0x10 [ 17.428522] ret_from_fork+0x116/0x1d0 [ 17.428560] ? __pfx_kthread+0x10/0x10 [ 17.428611] ret_from_fork_asm+0x1a/0x30 [ 17.428693] </TASK> [ 17.428725] [ 17.439676] Allocated by task 283: [ 17.440019] kasan_save_stack+0x45/0x70 [ 17.440242] kasan_save_track+0x18/0x40 [ 17.440414] kasan_save_alloc_info+0x3b/0x50 [ 17.440599] __kasan_kmalloc+0xb7/0xc0 [ 17.440987] __kmalloc_cache_noprof+0x189/0x420 [ 17.441533] kasan_atomics+0x95/0x310 [ 17.441848] kunit_try_run_case+0x1a5/0x480 [ 17.442266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.442755] kthread+0x337/0x6f0 [ 17.443035] ret_from_fork+0x116/0x1d0 [ 17.443364] ret_from_fork_asm+0x1a/0x30 [ 17.443631] [ 17.443744] The buggy address belongs to the object at ffff888102ac4100 [ 17.443744] which belongs to the cache kmalloc-64 of size 64 [ 17.444589] The buggy address is located 0 bytes to the right of [ 17.444589] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.445253] [ 17.445367] The buggy address belongs to the physical page: [ 17.445711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.446421] flags: 0x200000000000000(node=0|zone=2) [ 17.446835] page_type: f5(slab) [ 17.447008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.447358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.447901] page dumped because: kasan: bad access detected [ 17.448357] [ 17.448481] Memory state around the buggy address: [ 17.448683] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.449324] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.449736] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.450230] ^ [ 17.450449] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.450981] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.451492] ================================================================== [ 16.986523] ================================================================== [ 16.987461] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.988025] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.988461] [ 16.988823] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.988885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.988903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.988937] Call Trace: [ 16.988968] <TASK> [ 16.988994] dump_stack_lvl+0x73/0xb0 [ 16.989042] print_report+0xd1/0x650 [ 16.989073] ? __virt_addr_valid+0x1db/0x2d0 [ 16.989107] ? kasan_atomics_helper+0x1217/0x5450 [ 16.989144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.989183] ? kasan_atomics_helper+0x1217/0x5450 [ 16.989215] kasan_report+0x141/0x180 [ 16.989248] ? kasan_atomics_helper+0x1217/0x5450 [ 16.989293] kasan_check_range+0x10c/0x1c0 [ 16.989333] __kasan_check_write+0x18/0x20 [ 16.989367] kasan_atomics_helper+0x1217/0x5450 [ 16.989400] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.989432] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.989749] ? trace_hardirqs_on+0x37/0xe0 [ 16.989791] ? kasan_atomics+0x152/0x310 [ 16.989834] kasan_atomics+0x1dc/0x310 [ 16.989868] ? __pfx_kasan_atomics+0x10/0x10 [ 16.989903] ? __pfx_kasan_atomics+0x10/0x10 [ 16.989959] kunit_try_run_case+0x1a5/0x480 [ 16.989997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.990034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.990073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.990110] ? __kthread_parkme+0x82/0x180 [ 16.990703] ? preempt_count_sub+0x50/0x80 [ 16.990751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.990787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.990824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.990859] kthread+0x337/0x6f0 [ 16.990887] ? trace_preempt_on+0x20/0xc0 [ 16.990921] ? __pfx_kthread+0x10/0x10 [ 16.990954] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.990990] ? calculate_sigpending+0x7b/0xa0 [ 16.991029] ? __pfx_kthread+0x10/0x10 [ 16.991065] ret_from_fork+0x116/0x1d0 [ 16.991098] ? __pfx_kthread+0x10/0x10 [ 16.991141] ret_from_fork_asm+0x1a/0x30 [ 16.991193] </TASK> [ 16.991211] [ 17.003417] Allocated by task 283: [ 17.003721] kasan_save_stack+0x45/0x70 [ 17.004430] kasan_save_track+0x18/0x40 [ 17.005381] kasan_save_alloc_info+0x3b/0x50 [ 17.006162] __kasan_kmalloc+0xb7/0xc0 [ 17.006667] __kmalloc_cache_noprof+0x189/0x420 [ 17.006913] kasan_atomics+0x95/0x310 [ 17.007168] kunit_try_run_case+0x1a5/0x480 [ 17.007503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.007911] kthread+0x337/0x6f0 [ 17.008265] ret_from_fork+0x116/0x1d0 [ 17.008630] ret_from_fork_asm+0x1a/0x30 [ 17.008805] [ 17.008904] The buggy address belongs to the object at ffff888102ac4100 [ 17.008904] which belongs to the cache kmalloc-64 of size 64 [ 17.009612] The buggy address is located 0 bytes to the right of [ 17.009612] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 17.010272] [ 17.010462] The buggy address belongs to the physical page: [ 17.010735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 17.011245] flags: 0x200000000000000(node=0|zone=2) [ 17.011648] page_type: f5(slab) [ 17.011812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.012261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.012608] page dumped because: kasan: bad access detected [ 17.012921] [ 17.013125] Memory state around the buggy address: [ 17.013469] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.013859] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.014286] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.014769] ^ [ 17.015067] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.015435] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.015842] ================================================================== [ 16.699781] ================================================================== [ 16.700559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 16.701089] Read of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.701393] [ 16.701523] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.701604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.701645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.701684] Call Trace: [ 16.701714] <TASK> [ 16.701741] dump_stack_lvl+0x73/0xb0 [ 16.701794] print_report+0xd1/0x650 [ 16.701835] ? __virt_addr_valid+0x1db/0x2d0 [ 16.701877] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.701926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.701972] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.702011] kasan_report+0x141/0x180 [ 16.702053] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.702111] __asan_report_load4_noabort+0x18/0x20 [ 16.702157] kasan_atomics_helper+0x4a84/0x5450 [ 16.702200] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.702239] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.702278] ? trace_hardirqs_on+0x37/0xe0 [ 16.702319] ? kasan_atomics+0x152/0x310 [ 16.702366] kasan_atomics+0x1dc/0x310 [ 16.702407] ? __pfx_kasan_atomics+0x10/0x10 [ 16.702449] ? __pfx_kasan_atomics+0x10/0x10 [ 16.702500] kunit_try_run_case+0x1a5/0x480 [ 16.702560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.702586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.702612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.702651] ? __kthread_parkme+0x82/0x180 [ 16.702672] ? preempt_count_sub+0x50/0x80 [ 16.702695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.702718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.702764] kthread+0x337/0x6f0 [ 16.702783] ? trace_preempt_on+0x20/0xc0 [ 16.702806] ? __pfx_kthread+0x10/0x10 [ 16.702826] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.702846] ? calculate_sigpending+0x7b/0xa0 [ 16.702870] ? __pfx_kthread+0x10/0x10 [ 16.702891] ret_from_fork+0x116/0x1d0 [ 16.702909] ? __pfx_kthread+0x10/0x10 [ 16.702929] ret_from_fork_asm+0x1a/0x30 [ 16.702959] </TASK> [ 16.702972] [ 16.712636] Allocated by task 283: [ 16.712923] kasan_save_stack+0x45/0x70 [ 16.713110] kasan_save_track+0x18/0x40 [ 16.713408] kasan_save_alloc_info+0x3b/0x50 [ 16.713756] __kasan_kmalloc+0xb7/0xc0 [ 16.714012] __kmalloc_cache_noprof+0x189/0x420 [ 16.714191] kasan_atomics+0x95/0x310 [ 16.714459] kunit_try_run_case+0x1a5/0x480 [ 16.715101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.715518] kthread+0x337/0x6f0 [ 16.715740] ret_from_fork+0x116/0x1d0 [ 16.715906] ret_from_fork_asm+0x1a/0x30 [ 16.716272] [ 16.716839] The buggy address belongs to the object at ffff888102ac4100 [ 16.716839] which belongs to the cache kmalloc-64 of size 64 [ 16.717543] The buggy address is located 0 bytes to the right of [ 16.717543] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.718320] [ 16.718451] The buggy address belongs to the physical page: [ 16.718773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.719087] flags: 0x200000000000000(node=0|zone=2) [ 16.719482] page_type: f5(slab) [ 16.719764] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.720210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.720429] page dumped because: kasan: bad access detected [ 16.720736] [ 16.720894] Memory state around the buggy address: [ 16.721153] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.721466] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.721819] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.722056] ^ [ 16.722411] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.722718] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.723204] ================================================================== [ 16.877835] ================================================================== [ 16.878437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 16.878779] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.879034] [ 16.879189] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.879284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.879310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.879349] Call Trace: [ 16.879378] <TASK> [ 16.879407] dump_stack_lvl+0x73/0xb0 [ 16.879458] print_report+0xd1/0x650 [ 16.879493] ? __virt_addr_valid+0x1db/0x2d0 [ 16.879527] ? kasan_atomics_helper+0x1079/0x5450 [ 16.879566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.879643] ? kasan_atomics_helper+0x1079/0x5450 [ 16.879685] kasan_report+0x141/0x180 [ 16.879725] ? kasan_atomics_helper+0x1079/0x5450 [ 16.879776] kasan_check_range+0x10c/0x1c0 [ 16.879823] __kasan_check_write+0x18/0x20 [ 16.879861] kasan_atomics_helper+0x1079/0x5450 [ 16.879921] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.879966] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.880011] ? trace_hardirqs_on+0x37/0xe0 [ 16.880053] ? kasan_atomics+0x152/0x310 [ 16.880151] kasan_atomics+0x1dc/0x310 [ 16.880197] ? __pfx_kasan_atomics+0x10/0x10 [ 16.880256] ? __pfx_kasan_atomics+0x10/0x10 [ 16.880312] kunit_try_run_case+0x1a5/0x480 [ 16.880359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.880399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.880443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.880490] ? __kthread_parkme+0x82/0x180 [ 16.880545] ? preempt_count_sub+0x50/0x80 [ 16.880594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.880653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.880715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.880759] kthread+0x337/0x6f0 [ 16.880800] ? trace_preempt_on+0x20/0xc0 [ 16.880841] ? __pfx_kthread+0x10/0x10 [ 16.880882] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.880923] ? calculate_sigpending+0x7b/0xa0 [ 16.880954] ? __pfx_kthread+0x10/0x10 [ 16.880992] ret_from_fork+0x116/0x1d0 [ 16.881024] ? __pfx_kthread+0x10/0x10 [ 16.881056] ret_from_fork_asm+0x1a/0x30 [ 16.881142] </TASK> [ 16.881189] [ 16.892663] Allocated by task 283: [ 16.892924] kasan_save_stack+0x45/0x70 [ 16.893323] kasan_save_track+0x18/0x40 [ 16.893669] kasan_save_alloc_info+0x3b/0x50 [ 16.894049] __kasan_kmalloc+0xb7/0xc0 [ 16.894427] __kmalloc_cache_noprof+0x189/0x420 [ 16.894779] kasan_atomics+0x95/0x310 [ 16.894939] kunit_try_run_case+0x1a5/0x480 [ 16.895233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.895586] kthread+0x337/0x6f0 [ 16.895780] ret_from_fork+0x116/0x1d0 [ 16.895926] ret_from_fork_asm+0x1a/0x30 [ 16.896229] [ 16.896380] The buggy address belongs to the object at ffff888102ac4100 [ 16.896380] which belongs to the cache kmalloc-64 of size 64 [ 16.896919] The buggy address is located 0 bytes to the right of [ 16.896919] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.897322] [ 16.897426] The buggy address belongs to the physical page: [ 16.897825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.898405] flags: 0x200000000000000(node=0|zone=2) [ 16.898789] page_type: f5(slab) [ 16.899066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.899601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.899942] page dumped because: kasan: bad access detected [ 16.900360] [ 16.900484] Memory state around the buggy address: [ 16.900820] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.901062] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.901345] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.901833] ^ [ 16.902220] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.902649] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.902900] ================================================================== [ 16.647635] ================================================================== [ 16.648205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 16.648492] Write of size 4 at addr ffff888102ac4130 by task kunit_try_catch/283 [ 16.649005] [ 16.649180] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.649265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.649309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.649347] Call Trace: [ 16.649375] <TASK> [ 16.649401] dump_stack_lvl+0x73/0xb0 [ 16.649454] print_report+0xd1/0x650 [ 16.649498] ? __virt_addr_valid+0x1db/0x2d0 [ 16.649538] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.649580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.649642] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.649672] kasan_report+0x141/0x180 [ 16.649702] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.649734] kasan_check_range+0x10c/0x1c0 [ 16.649763] __kasan_check_write+0x18/0x20 [ 16.649788] kasan_atomics_helper+0xb6a/0x5450 [ 16.649826] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.649862] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.649905] ? trace_hardirqs_on+0x37/0xe0 [ 16.649956] ? kasan_atomics+0x152/0x310 [ 16.650007] kasan_atomics+0x1dc/0x310 [ 16.650052] ? __pfx_kasan_atomics+0x10/0x10 [ 16.650097] ? __pfx_kasan_atomics+0x10/0x10 [ 16.650143] kunit_try_run_case+0x1a5/0x480 [ 16.650190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.650277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.650321] ? __kthread_parkme+0x82/0x180 [ 16.650362] ? preempt_count_sub+0x50/0x80 [ 16.650409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.650494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.650531] kthread+0x337/0x6f0 [ 16.650563] ? trace_preempt_on+0x20/0xc0 [ 16.650601] ? __pfx_kthread+0x10/0x10 [ 16.650656] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.650697] ? calculate_sigpending+0x7b/0xa0 [ 16.650741] ? __pfx_kthread+0x10/0x10 [ 16.650786] ret_from_fork+0x116/0x1d0 [ 16.650825] ? __pfx_kthread+0x10/0x10 [ 16.650866] ret_from_fork_asm+0x1a/0x30 [ 16.650929] </TASK> [ 16.650956] [ 16.660603] Allocated by task 283: [ 16.660795] kasan_save_stack+0x45/0x70 [ 16.661110] kasan_save_track+0x18/0x40 [ 16.662490] kasan_save_alloc_info+0x3b/0x50 [ 16.662862] __kasan_kmalloc+0xb7/0xc0 [ 16.663078] __kmalloc_cache_noprof+0x189/0x420 [ 16.663433] kasan_atomics+0x95/0x310 [ 16.663752] kunit_try_run_case+0x1a5/0x480 [ 16.663968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.664224] kthread+0x337/0x6f0 [ 16.664403] ret_from_fork+0x116/0x1d0 [ 16.664550] ret_from_fork_asm+0x1a/0x30 [ 16.664933] [ 16.665073] The buggy address belongs to the object at ffff888102ac4100 [ 16.665073] which belongs to the cache kmalloc-64 of size 64 [ 16.665465] The buggy address is located 0 bytes to the right of [ 16.665465] allocated 48-byte region [ffff888102ac4100, ffff888102ac4130) [ 16.666368] [ 16.666591] The buggy address belongs to the physical page: [ 16.667033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 16.667458] flags: 0x200000000000000(node=0|zone=2) [ 16.667673] page_type: f5(slab) [ 16.667831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.668456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.669001] page dumped because: kasan: bad access detected [ 16.669428] [ 16.669589] Memory state around the buggy address: [ 16.669879] ffff888102ac4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.670311] ffff888102ac4080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.670715] >ffff888102ac4100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.671010] ^ [ 16.671235] ffff888102ac4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671782] ffff888102ac4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.897317] ================================================================== [ 15.897833] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.898480] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.898887] [ 15.899022] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.899157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.899181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.899215] Call Trace: [ 15.899257] <TASK> [ 15.899286] dump_stack_lvl+0x73/0xb0 [ 15.899361] print_report+0xd1/0x650 [ 15.899420] ? __virt_addr_valid+0x1db/0x2d0 [ 15.899477] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.899540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.899590] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.899664] kasan_report+0x141/0x180 [ 15.899714] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.899768] kasan_check_range+0x10c/0x1c0 [ 15.899834] __kasan_check_write+0x18/0x20 [ 15.899873] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.899944] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.899999] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.900053] ? trace_hardirqs_on+0x37/0xe0 [ 15.900097] ? kasan_bitops_generic+0x92/0x1c0 [ 15.900168] kasan_bitops_generic+0x121/0x1c0 [ 15.900190] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.900212] ? __pfx_read_tsc+0x10/0x10 [ 15.900231] ? ktime_get_ts64+0x86/0x230 [ 15.900254] kunit_try_run_case+0x1a5/0x480 [ 15.900276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.900295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.900316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.900335] ? __kthread_parkme+0x82/0x180 [ 15.900354] ? preempt_count_sub+0x50/0x80 [ 15.900376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.900396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.900417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.900437] kthread+0x337/0x6f0 [ 15.900455] ? trace_preempt_on+0x20/0xc0 [ 15.900475] ? __pfx_kthread+0x10/0x10 [ 15.900493] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.900513] ? calculate_sigpending+0x7b/0xa0 [ 15.900534] ? __pfx_kthread+0x10/0x10 [ 15.900553] ret_from_fork+0x116/0x1d0 [ 15.900570] ? __pfx_kthread+0x10/0x10 [ 15.900588] ret_from_fork_asm+0x1a/0x30 [ 15.900632] </TASK> [ 15.900647] [ 15.911321] Allocated by task 279: [ 15.911573] kasan_save_stack+0x45/0x70 [ 15.911918] kasan_save_track+0x18/0x40 [ 15.912159] kasan_save_alloc_info+0x3b/0x50 [ 15.912353] __kasan_kmalloc+0xb7/0xc0 [ 15.912541] __kmalloc_cache_noprof+0x189/0x420 [ 15.912761] kasan_bitops_generic+0x92/0x1c0 [ 15.913039] kunit_try_run_case+0x1a5/0x480 [ 15.913408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.913806] kthread+0x337/0x6f0 [ 15.914077] ret_from_fork+0x116/0x1d0 [ 15.914391] ret_from_fork_asm+0x1a/0x30 [ 15.914695] [ 15.914850] The buggy address belongs to the object at ffff8881024eb440 [ 15.914850] which belongs to the cache kmalloc-16 of size 16 [ 15.915737] The buggy address is located 8 bytes inside of [ 15.915737] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.916399] [ 15.916587] The buggy address belongs to the physical page: [ 15.916867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.917137] flags: 0x200000000000000(node=0|zone=2) [ 15.917338] page_type: f5(slab) [ 15.917601] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.918208] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.918664] page dumped because: kasan: bad access detected [ 15.919087] [ 15.919286] Memory state around the buggy address: [ 15.919589] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.920155] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.920439] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.920890] ^ [ 15.921087] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.921343] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.921862] ================================================================== [ 16.003982] ================================================================== [ 16.005052] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.005475] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 16.005956] [ 16.006094] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.006508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.006533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.006562] Call Trace: [ 16.006577] <TASK> [ 16.006592] dump_stack_lvl+0x73/0xb0 [ 16.006643] print_report+0xd1/0x650 [ 16.006665] ? __virt_addr_valid+0x1db/0x2d0 [ 16.006684] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.006708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.006730] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.006754] kasan_report+0x141/0x180 [ 16.006774] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.006803] kasan_check_range+0x10c/0x1c0 [ 16.006824] __kasan_check_write+0x18/0x20 [ 16.006841] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.006864] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.006888] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.006909] ? trace_hardirqs_on+0x37/0xe0 [ 16.006929] ? kasan_bitops_generic+0x92/0x1c0 [ 16.006953] kasan_bitops_generic+0x121/0x1c0 [ 16.006974] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.006996] ? __pfx_read_tsc+0x10/0x10 [ 16.007014] ? ktime_get_ts64+0x86/0x230 [ 16.007036] kunit_try_run_case+0x1a5/0x480 [ 16.007057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.007076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.007096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.007133] ? __kthread_parkme+0x82/0x180 [ 16.007151] ? preempt_count_sub+0x50/0x80 [ 16.007173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.007194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.007214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.007234] kthread+0x337/0x6f0 [ 16.007251] ? trace_preempt_on+0x20/0xc0 [ 16.007272] ? __pfx_kthread+0x10/0x10 [ 16.007289] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.007308] ? calculate_sigpending+0x7b/0xa0 [ 16.007329] ? __pfx_kthread+0x10/0x10 [ 16.007348] ret_from_fork+0x116/0x1d0 [ 16.007365] ? __pfx_kthread+0x10/0x10 [ 16.007383] ret_from_fork_asm+0x1a/0x30 [ 16.007411] </TASK> [ 16.007422] [ 16.019771] Allocated by task 279: [ 16.019954] kasan_save_stack+0x45/0x70 [ 16.020602] kasan_save_track+0x18/0x40 [ 16.020884] kasan_save_alloc_info+0x3b/0x50 [ 16.021072] __kasan_kmalloc+0xb7/0xc0 [ 16.021441] __kmalloc_cache_noprof+0x189/0x420 [ 16.021704] kasan_bitops_generic+0x92/0x1c0 [ 16.021918] kunit_try_run_case+0x1a5/0x480 [ 16.022281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023053] kthread+0x337/0x6f0 [ 16.023300] ret_from_fork+0x116/0x1d0 [ 16.023791] ret_from_fork_asm+0x1a/0x30 [ 16.024150] [ 16.024327] The buggy address belongs to the object at ffff8881024eb440 [ 16.024327] which belongs to the cache kmalloc-16 of size 16 [ 16.025082] The buggy address is located 8 bytes inside of [ 16.025082] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 16.026046] [ 16.026269] The buggy address belongs to the physical page: [ 16.026561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 16.027016] flags: 0x200000000000000(node=0|zone=2) [ 16.027312] page_type: f5(slab) [ 16.027870] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.028329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.028748] page dumped because: kasan: bad access detected [ 16.029084] [ 16.029261] Memory state around the buggy address: [ 16.029664] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.030079] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.030721] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.031093] ^ [ 16.031578] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031963] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.032516] ================================================================== [ 16.085666] ================================================================== [ 16.086003] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.086760] Read of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 16.086986] [ 16.087206] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.087283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.087304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.087341] Call Trace: [ 16.087396] <TASK> [ 16.087423] dump_stack_lvl+0x73/0xb0 [ 16.087495] print_report+0xd1/0x650 [ 16.087534] ? __virt_addr_valid+0x1db/0x2d0 [ 16.087573] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.087654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.087715] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.087749] kasan_report+0x141/0x180 [ 16.087770] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.087798] __asan_report_load8_noabort+0x18/0x20 [ 16.087819] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.087843] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.087867] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.087900] ? trace_hardirqs_on+0x37/0xe0 [ 16.087935] ? kasan_bitops_generic+0x92/0x1c0 [ 16.087980] kasan_bitops_generic+0x121/0x1c0 [ 16.088048] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.088109] ? __pfx_read_tsc+0x10/0x10 [ 16.088141] ? ktime_get_ts64+0x86/0x230 [ 16.088198] kunit_try_run_case+0x1a5/0x480 [ 16.088262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.088300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.088358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.088396] ? __kthread_parkme+0x82/0x180 [ 16.088422] ? preempt_count_sub+0x50/0x80 [ 16.088444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.088465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.088486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.088507] kthread+0x337/0x6f0 [ 16.088525] ? trace_preempt_on+0x20/0xc0 [ 16.088546] ? __pfx_kthread+0x10/0x10 [ 16.088564] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.088582] ? calculate_sigpending+0x7b/0xa0 [ 16.088603] ? __pfx_kthread+0x10/0x10 [ 16.088640] ret_from_fork+0x116/0x1d0 [ 16.088659] ? __pfx_kthread+0x10/0x10 [ 16.088678] ret_from_fork_asm+0x1a/0x30 [ 16.088706] </TASK> [ 16.088718] [ 16.099227] Allocated by task 279: [ 16.099528] kasan_save_stack+0x45/0x70 [ 16.099889] kasan_save_track+0x18/0x40 [ 16.100264] kasan_save_alloc_info+0x3b/0x50 [ 16.100647] __kasan_kmalloc+0xb7/0xc0 [ 16.100981] __kmalloc_cache_noprof+0x189/0x420 [ 16.101351] kasan_bitops_generic+0x92/0x1c0 [ 16.101604] kunit_try_run_case+0x1a5/0x480 [ 16.101877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102165] kthread+0x337/0x6f0 [ 16.102393] ret_from_fork+0x116/0x1d0 [ 16.102718] ret_from_fork_asm+0x1a/0x30 [ 16.103033] [ 16.103220] The buggy address belongs to the object at ffff8881024eb440 [ 16.103220] which belongs to the cache kmalloc-16 of size 16 [ 16.103994] The buggy address is located 8 bytes inside of [ 16.103994] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 16.104871] [ 16.105073] The buggy address belongs to the physical page: [ 16.105494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 16.106001] flags: 0x200000000000000(node=0|zone=2) [ 16.106389] page_type: f5(slab) [ 16.106722] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.106989] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.107482] page dumped because: kasan: bad access detected [ 16.107962] [ 16.108154] Memory state around the buggy address: [ 16.108500] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.108899] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.109406] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.109671] ^ [ 16.109873] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.110112] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.110670] ================================================================== [ 15.871272] ================================================================== [ 15.871689] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.871981] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.872404] [ 15.872580] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.872811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.872842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.872907] Call Trace: [ 15.872961] <TASK> [ 15.872990] dump_stack_lvl+0x73/0xb0 [ 15.873046] print_report+0xd1/0x650 [ 15.873086] ? __virt_addr_valid+0x1db/0x2d0 [ 15.873154] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.873203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.873250] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.873301] kasan_report+0x141/0x180 [ 15.873343] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.873404] kasan_check_range+0x10c/0x1c0 [ 15.873450] __kasan_check_write+0x18/0x20 [ 15.873486] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.873537] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.873589] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.873648] ? trace_hardirqs_on+0x37/0xe0 [ 15.873693] ? kasan_bitops_generic+0x92/0x1c0 [ 15.873897] kasan_bitops_generic+0x121/0x1c0 [ 15.873941] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.873976] ? __pfx_read_tsc+0x10/0x10 [ 15.874006] ? ktime_get_ts64+0x86/0x230 [ 15.874041] kunit_try_run_case+0x1a5/0x480 [ 15.874074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.874142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.874257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.874308] ? __kthread_parkme+0x82/0x180 [ 15.874343] ? preempt_count_sub+0x50/0x80 [ 15.874383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.874426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.874470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.874512] kthread+0x337/0x6f0 [ 15.874541] ? trace_preempt_on+0x20/0xc0 [ 15.874563] ? __pfx_kthread+0x10/0x10 [ 15.874581] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.874600] ? calculate_sigpending+0x7b/0xa0 [ 15.874641] ? __pfx_kthread+0x10/0x10 [ 15.874662] ret_from_fork+0x116/0x1d0 [ 15.874680] ? __pfx_kthread+0x10/0x10 [ 15.874698] ret_from_fork_asm+0x1a/0x30 [ 15.874726] </TASK> [ 15.874739] [ 15.884949] Allocated by task 279: [ 15.885309] kasan_save_stack+0x45/0x70 [ 15.885648] kasan_save_track+0x18/0x40 [ 15.885955] kasan_save_alloc_info+0x3b/0x50 [ 15.886293] __kasan_kmalloc+0xb7/0xc0 [ 15.886645] __kmalloc_cache_noprof+0x189/0x420 [ 15.886970] kasan_bitops_generic+0x92/0x1c0 [ 15.887263] kunit_try_run_case+0x1a5/0x480 [ 15.887523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.887920] kthread+0x337/0x6f0 [ 15.888246] ret_from_fork+0x116/0x1d0 [ 15.888498] ret_from_fork_asm+0x1a/0x30 [ 15.888682] [ 15.888790] The buggy address belongs to the object at ffff8881024eb440 [ 15.888790] which belongs to the cache kmalloc-16 of size 16 [ 15.889626] The buggy address is located 8 bytes inside of [ 15.889626] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.890353] [ 15.890528] The buggy address belongs to the physical page: [ 15.890827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.891084] flags: 0x200000000000000(node=0|zone=2) [ 15.891516] page_type: f5(slab) [ 15.891799] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.892418] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.892912] page dumped because: kasan: bad access detected [ 15.893142] [ 15.893243] Memory state around the buggy address: [ 15.893426] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.894027] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.894590] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.895012] ^ [ 15.895415] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.895833] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.896293] ================================================================== [ 16.059817] ================================================================== [ 16.060115] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.060407] Read of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 16.060936] [ 16.061178] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.061260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.061284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.061323] Call Trace: [ 16.061352] <TASK> [ 16.061382] dump_stack_lvl+0x73/0xb0 [ 16.061435] print_report+0xd1/0x650 [ 16.061473] ? __virt_addr_valid+0x1db/0x2d0 [ 16.061504] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.061549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.061590] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.061674] kasan_report+0x141/0x180 [ 16.061717] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.061781] kasan_check_range+0x10c/0x1c0 [ 16.061826] __kasan_check_read+0x15/0x20 [ 16.061859] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.061901] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.061957] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.062002] ? trace_hardirqs_on+0x37/0xe0 [ 16.062045] ? kasan_bitops_generic+0x92/0x1c0 [ 16.062111] kasan_bitops_generic+0x121/0x1c0 [ 16.062163] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.062204] ? __pfx_read_tsc+0x10/0x10 [ 16.062238] ? ktime_get_ts64+0x86/0x230 [ 16.062295] kunit_try_run_case+0x1a5/0x480 [ 16.062372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.062446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.062485] ? __kthread_parkme+0x82/0x180 [ 16.062521] ? preempt_count_sub+0x50/0x80 [ 16.062566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.062705] kthread+0x337/0x6f0 [ 16.062742] ? trace_preempt_on+0x20/0xc0 [ 16.062807] ? __pfx_kthread+0x10/0x10 [ 16.062846] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.062886] ? calculate_sigpending+0x7b/0xa0 [ 16.062929] ? __pfx_kthread+0x10/0x10 [ 16.062963] ret_from_fork+0x116/0x1d0 [ 16.062982] ? __pfx_kthread+0x10/0x10 [ 16.063001] ret_from_fork_asm+0x1a/0x30 [ 16.063030] </TASK> [ 16.063042] [ 16.072002] Allocated by task 279: [ 16.072172] kasan_save_stack+0x45/0x70 [ 16.072572] kasan_save_track+0x18/0x40 [ 16.072885] kasan_save_alloc_info+0x3b/0x50 [ 16.073201] __kasan_kmalloc+0xb7/0xc0 [ 16.073477] __kmalloc_cache_noprof+0x189/0x420 [ 16.073813] kasan_bitops_generic+0x92/0x1c0 [ 16.074099] kunit_try_run_case+0x1a5/0x480 [ 16.074399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.074678] kthread+0x337/0x6f0 [ 16.074944] ret_from_fork+0x116/0x1d0 [ 16.075203] ret_from_fork_asm+0x1a/0x30 [ 16.075482] [ 16.075665] The buggy address belongs to the object at ffff8881024eb440 [ 16.075665] which belongs to the cache kmalloc-16 of size 16 [ 16.076193] The buggy address is located 8 bytes inside of [ 16.076193] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 16.076607] [ 16.076726] The buggy address belongs to the physical page: [ 16.076915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 16.077226] flags: 0x200000000000000(node=0|zone=2) [ 16.077574] page_type: f5(slab) [ 16.077850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.078553] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.079077] page dumped because: kasan: bad access detected [ 16.079437] [ 16.079539] Memory state around the buggy address: [ 16.079737] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.080001] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.080480] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.080977] ^ [ 16.081354] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081735] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082114] ================================================================== [ 15.922781] ================================================================== [ 15.923589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.924192] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.924633] [ 15.924865] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.924945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.924969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.925032] Call Trace: [ 15.925061] <TASK> [ 15.925129] dump_stack_lvl+0x73/0xb0 [ 15.925214] print_report+0xd1/0x650 [ 15.925257] ? __virt_addr_valid+0x1db/0x2d0 [ 15.925323] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.925388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.925669] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.925722] kasan_report+0x141/0x180 [ 15.925949] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.926002] kasan_check_range+0x10c/0x1c0 [ 15.926030] __kasan_check_write+0x18/0x20 [ 15.926048] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.926073] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.926097] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.926137] ? trace_hardirqs_on+0x37/0xe0 [ 15.926160] ? kasan_bitops_generic+0x92/0x1c0 [ 15.926185] kasan_bitops_generic+0x121/0x1c0 [ 15.926206] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.926228] ? __pfx_read_tsc+0x10/0x10 [ 15.926247] ? ktime_get_ts64+0x86/0x230 [ 15.926269] kunit_try_run_case+0x1a5/0x480 [ 15.926290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.926311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.926333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.926353] ? __kthread_parkme+0x82/0x180 [ 15.926371] ? preempt_count_sub+0x50/0x80 [ 15.926393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.926414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.926434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.926454] kthread+0x337/0x6f0 [ 15.926472] ? trace_preempt_on+0x20/0xc0 [ 15.926492] ? __pfx_kthread+0x10/0x10 [ 15.926511] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.926530] ? calculate_sigpending+0x7b/0xa0 [ 15.926551] ? __pfx_kthread+0x10/0x10 [ 15.926571] ret_from_fork+0x116/0x1d0 [ 15.926587] ? __pfx_kthread+0x10/0x10 [ 15.926606] ret_from_fork_asm+0x1a/0x30 [ 15.926651] </TASK> [ 15.926664] [ 15.937563] Allocated by task 279: [ 15.937863] kasan_save_stack+0x45/0x70 [ 15.938048] kasan_save_track+0x18/0x40 [ 15.938352] kasan_save_alloc_info+0x3b/0x50 [ 15.938518] __kasan_kmalloc+0xb7/0xc0 [ 15.938812] __kmalloc_cache_noprof+0x189/0x420 [ 15.938980] kasan_bitops_generic+0x92/0x1c0 [ 15.939243] kunit_try_run_case+0x1a5/0x480 [ 15.939462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939794] kthread+0x337/0x6f0 [ 15.940074] ret_from_fork+0x116/0x1d0 [ 15.940321] ret_from_fork_asm+0x1a/0x30 [ 15.940942] [ 15.941814] The buggy address belongs to the object at ffff8881024eb440 [ 15.941814] which belongs to the cache kmalloc-16 of size 16 [ 15.944196] The buggy address is located 8 bytes inside of [ 15.944196] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.944550] [ 15.944714] The buggy address belongs to the physical page: [ 15.945084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.945364] flags: 0x200000000000000(node=0|zone=2) [ 15.945542] page_type: f5(slab) [ 15.945731] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.945963] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.946329] page dumped because: kasan: bad access detected [ 15.946650] [ 15.946808] Memory state around the buggy address: [ 15.947157] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.947659] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.948149] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.948375] ^ [ 15.948566] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.948801] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.949014] ================================================================== [ 15.949757] ================================================================== [ 15.950382] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.951079] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.951447] [ 15.951610] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.951693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.951723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.951758] Call Trace: [ 15.951796] <TASK> [ 15.951824] dump_stack_lvl+0x73/0xb0 [ 15.951874] print_report+0xd1/0x650 [ 15.951914] ? __virt_addr_valid+0x1db/0x2d0 [ 15.951959] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.952010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.952069] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.952145] kasan_report+0x141/0x180 [ 15.952197] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.952266] kasan_check_range+0x10c/0x1c0 [ 15.952341] __kasan_check_write+0x18/0x20 [ 15.952380] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.952432] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.952495] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.952540] ? trace_hardirqs_on+0x37/0xe0 [ 15.952582] ? kasan_bitops_generic+0x92/0x1c0 [ 15.952655] kasan_bitops_generic+0x121/0x1c0 [ 15.952701] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.952759] ? __pfx_read_tsc+0x10/0x10 [ 15.952793] ? ktime_get_ts64+0x86/0x230 [ 15.952837] kunit_try_run_case+0x1a5/0x480 [ 15.952879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.952984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.953024] ? __kthread_parkme+0x82/0x180 [ 15.953060] ? preempt_count_sub+0x50/0x80 [ 15.953137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.953199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.953242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.953284] kthread+0x337/0x6f0 [ 15.953327] ? trace_preempt_on+0x20/0xc0 [ 15.953383] ? __pfx_kthread+0x10/0x10 [ 15.953423] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.953462] ? calculate_sigpending+0x7b/0xa0 [ 15.953512] ? __pfx_kthread+0x10/0x10 [ 15.953554] ret_from_fork+0x116/0x1d0 [ 15.953604] ? __pfx_kthread+0x10/0x10 [ 15.953667] ret_from_fork_asm+0x1a/0x30 [ 15.953732] </TASK> [ 15.953755] [ 15.963580] Allocated by task 279: [ 15.963871] kasan_save_stack+0x45/0x70 [ 15.964225] kasan_save_track+0x18/0x40 [ 15.964452] kasan_save_alloc_info+0x3b/0x50 [ 15.964765] __kasan_kmalloc+0xb7/0xc0 [ 15.964933] __kmalloc_cache_noprof+0x189/0x420 [ 15.965146] kasan_bitops_generic+0x92/0x1c0 [ 15.965328] kunit_try_run_case+0x1a5/0x480 [ 15.965598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.966014] kthread+0x337/0x6f0 [ 15.966312] ret_from_fork+0x116/0x1d0 [ 15.966595] ret_from_fork_asm+0x1a/0x30 [ 15.966885] [ 15.967041] The buggy address belongs to the object at ffff8881024eb440 [ 15.967041] which belongs to the cache kmalloc-16 of size 16 [ 15.967586] The buggy address is located 8 bytes inside of [ 15.967586] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.967953] [ 15.968097] The buggy address belongs to the physical page: [ 15.968516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.969055] flags: 0x200000000000000(node=0|zone=2) [ 15.969456] page_type: f5(slab) [ 15.969736] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.970162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.970562] page dumped because: kasan: bad access detected [ 15.970877] [ 15.971069] Memory state around the buggy address: [ 15.971385] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.971798] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.972198] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.972531] ^ [ 15.972878] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.973305] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.973536] ================================================================== [ 15.975078] ================================================================== [ 15.976267] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.976769] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.977297] [ 15.977457] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.977550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.977569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.977592] Call Trace: [ 15.977611] <TASK> [ 15.977645] dump_stack_lvl+0x73/0xb0 [ 15.977685] print_report+0xd1/0x650 [ 15.977716] ? __virt_addr_valid+0x1db/0x2d0 [ 15.977752] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.977787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.977825] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.977871] kasan_report+0x141/0x180 [ 15.977908] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.977974] kasan_check_range+0x10c/0x1c0 [ 15.978028] __kasan_check_write+0x18/0x20 [ 15.978067] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.978142] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.978199] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.978258] ? trace_hardirqs_on+0x37/0xe0 [ 15.978300] ? kasan_bitops_generic+0x92/0x1c0 [ 15.978351] kasan_bitops_generic+0x121/0x1c0 [ 15.978394] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.978440] ? __pfx_read_tsc+0x10/0x10 [ 15.978477] ? ktime_get_ts64+0x86/0x230 [ 15.978524] kunit_try_run_case+0x1a5/0x480 [ 15.978569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.978611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.978668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.978714] ? __kthread_parkme+0x82/0x180 [ 15.978752] ? preempt_count_sub+0x50/0x80 [ 15.978809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.978854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.978901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.978943] kthread+0x337/0x6f0 [ 15.978982] ? trace_preempt_on+0x20/0xc0 [ 15.979025] ? __pfx_kthread+0x10/0x10 [ 15.979064] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.979133] ? calculate_sigpending+0x7b/0xa0 [ 15.979181] ? __pfx_kthread+0x10/0x10 [ 15.979224] ret_from_fork+0x116/0x1d0 [ 15.979255] ? __pfx_kthread+0x10/0x10 [ 15.979289] ret_from_fork_asm+0x1a/0x30 [ 15.979336] </TASK> [ 15.979356] [ 15.990151] Allocated by task 279: [ 15.990335] kasan_save_stack+0x45/0x70 [ 15.990524] kasan_save_track+0x18/0x40 [ 15.991712] kasan_save_alloc_info+0x3b/0x50 [ 15.991928] __kasan_kmalloc+0xb7/0xc0 [ 15.992401] __kmalloc_cache_noprof+0x189/0x420 [ 15.992678] kasan_bitops_generic+0x92/0x1c0 [ 15.992884] kunit_try_run_case+0x1a5/0x480 [ 15.993067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.993753] kthread+0x337/0x6f0 [ 15.993954] ret_from_fork+0x116/0x1d0 [ 15.994238] ret_from_fork_asm+0x1a/0x30 [ 15.994419] [ 15.994577] The buggy address belongs to the object at ffff8881024eb440 [ 15.994577] which belongs to the cache kmalloc-16 of size 16 [ 15.995689] The buggy address is located 8 bytes inside of [ 15.995689] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.996520] [ 15.996751] The buggy address belongs to the physical page: [ 15.996947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.997398] flags: 0x200000000000000(node=0|zone=2) [ 15.997651] page_type: f5(slab) [ 15.997838] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.998561] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.998864] page dumped because: kasan: bad access detected [ 15.999593] [ 15.999702] Memory state around the buggy address: [ 15.999896] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.000426] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.000710] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.001111] ^ [ 16.001733] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.002466] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.002960] ================================================================== [ 16.033586] ================================================================== [ 16.034201] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.034667] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 16.034965] [ 16.035092] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.035628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.035648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.035668] Call Trace: [ 16.035685] <TASK> [ 16.035702] dump_stack_lvl+0x73/0xb0 [ 16.035733] print_report+0xd1/0x650 [ 16.035754] ? __virt_addr_valid+0x1db/0x2d0 [ 16.035773] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.035797] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.035819] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.035842] kasan_report+0x141/0x180 [ 16.035861] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.035889] kasan_check_range+0x10c/0x1c0 [ 16.035910] __kasan_check_write+0x18/0x20 [ 16.035928] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.035952] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.035976] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.035997] ? trace_hardirqs_on+0x37/0xe0 [ 16.036017] ? kasan_bitops_generic+0x92/0x1c0 [ 16.036042] kasan_bitops_generic+0x121/0x1c0 [ 16.036062] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.036084] ? __pfx_read_tsc+0x10/0x10 [ 16.036106] ? ktime_get_ts64+0x86/0x230 [ 16.036143] kunit_try_run_case+0x1a5/0x480 [ 16.036164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.036204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.036224] ? __kthread_parkme+0x82/0x180 [ 16.036242] ? preempt_count_sub+0x50/0x80 [ 16.036263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.036303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.036322] kthread+0x337/0x6f0 [ 16.036340] ? trace_preempt_on+0x20/0xc0 [ 16.036359] ? __pfx_kthread+0x10/0x10 [ 16.036377] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.036395] ? calculate_sigpending+0x7b/0xa0 [ 16.036416] ? __pfx_kthread+0x10/0x10 [ 16.036435] ret_from_fork+0x116/0x1d0 [ 16.036451] ? __pfx_kthread+0x10/0x10 [ 16.036469] ret_from_fork_asm+0x1a/0x30 [ 16.036497] </TASK> [ 16.036507] [ 16.047691] Allocated by task 279: [ 16.048079] kasan_save_stack+0x45/0x70 [ 16.048385] kasan_save_track+0x18/0x40 [ 16.048836] kasan_save_alloc_info+0x3b/0x50 [ 16.049140] __kasan_kmalloc+0xb7/0xc0 [ 16.049341] __kmalloc_cache_noprof+0x189/0x420 [ 16.049713] kasan_bitops_generic+0x92/0x1c0 [ 16.050249] kunit_try_run_case+0x1a5/0x480 [ 16.050603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.051084] kthread+0x337/0x6f0 [ 16.051250] ret_from_fork+0x116/0x1d0 [ 16.051708] ret_from_fork_asm+0x1a/0x30 [ 16.051937] [ 16.052088] The buggy address belongs to the object at ffff8881024eb440 [ 16.052088] which belongs to the cache kmalloc-16 of size 16 [ 16.052826] The buggy address is located 8 bytes inside of [ 16.052826] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 16.053350] [ 16.053548] The buggy address belongs to the physical page: [ 16.053963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 16.054296] flags: 0x200000000000000(node=0|zone=2) [ 16.054566] page_type: f5(slab) [ 16.054866] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.055435] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.055688] page dumped because: kasan: bad access detected [ 16.056074] [ 16.056199] Memory state around the buggy address: [ 16.056629] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.056890] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.057124] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.057633] ^ [ 16.058018] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058413] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.816181] ================================================================== [ 15.816954] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.817557] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.818012] [ 15.818201] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.818283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.818305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.818342] Call Trace: [ 15.818370] <TASK> [ 15.818397] dump_stack_lvl+0x73/0xb0 [ 15.818448] print_report+0xd1/0x650 [ 15.818471] ? __virt_addr_valid+0x1db/0x2d0 [ 15.818495] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.818519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.818542] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.818563] kasan_report+0x141/0x180 [ 15.818583] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.818662] kasan_check_range+0x10c/0x1c0 [ 15.818711] __kasan_check_write+0x18/0x20 [ 15.818749] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.818796] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.818845] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.818887] ? trace_hardirqs_on+0x37/0xe0 [ 15.818932] ? kasan_bitops_generic+0x92/0x1c0 [ 15.818984] kasan_bitops_generic+0x116/0x1c0 [ 15.819009] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.819031] ? __pfx_read_tsc+0x10/0x10 [ 15.819050] ? ktime_get_ts64+0x86/0x230 [ 15.819072] kunit_try_run_case+0x1a5/0x480 [ 15.819093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.819132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.819155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.819175] ? __kthread_parkme+0x82/0x180 [ 15.819193] ? preempt_count_sub+0x50/0x80 [ 15.819215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.819235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.819255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.819276] kthread+0x337/0x6f0 [ 15.819294] ? trace_preempt_on+0x20/0xc0 [ 15.819313] ? __pfx_kthread+0x10/0x10 [ 15.819332] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.819350] ? calculate_sigpending+0x7b/0xa0 [ 15.819371] ? __pfx_kthread+0x10/0x10 [ 15.819392] ret_from_fork+0x116/0x1d0 [ 15.819409] ? __pfx_kthread+0x10/0x10 [ 15.819427] ret_from_fork_asm+0x1a/0x30 [ 15.819456] </TASK> [ 15.819468] [ 15.831142] Allocated by task 279: [ 15.831437] kasan_save_stack+0x45/0x70 [ 15.831735] kasan_save_track+0x18/0x40 [ 15.831984] kasan_save_alloc_info+0x3b/0x50 [ 15.832339] __kasan_kmalloc+0xb7/0xc0 [ 15.832595] __kmalloc_cache_noprof+0x189/0x420 [ 15.832969] kasan_bitops_generic+0x92/0x1c0 [ 15.833316] kunit_try_run_case+0x1a5/0x480 [ 15.833687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833993] kthread+0x337/0x6f0 [ 15.834273] ret_from_fork+0x116/0x1d0 [ 15.834549] ret_from_fork_asm+0x1a/0x30 [ 15.834739] [ 15.834897] The buggy address belongs to the object at ffff8881024eb440 [ 15.834897] which belongs to the cache kmalloc-16 of size 16 [ 15.835750] The buggy address is located 8 bytes inside of [ 15.835750] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.836301] [ 15.836489] The buggy address belongs to the physical page: [ 15.836815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.837290] flags: 0x200000000000000(node=0|zone=2) [ 15.837612] page_type: f5(slab) [ 15.837783] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.838337] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.838840] page dumped because: kasan: bad access detected [ 15.839331] [ 15.839531] Memory state around the buggy address: [ 15.839961] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.840312] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.840456] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.840572] ^ [ 15.840737] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841204] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841697] ================================================================== [ 15.751114] ================================================================== [ 15.751597] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.751909] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.752517] [ 15.753342] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.753435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.753459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.753499] Call Trace: [ 15.753526] <TASK> [ 15.753562] dump_stack_lvl+0x73/0xb0 [ 15.753640] print_report+0xd1/0x650 [ 15.753676] ? __virt_addr_valid+0x1db/0x2d0 [ 15.753709] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.753743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.753777] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.753806] kasan_report+0x141/0x180 [ 15.753827] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.753853] kasan_check_range+0x10c/0x1c0 [ 15.753873] __kasan_check_write+0x18/0x20 [ 15.753891] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.753923] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.753949] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.753971] ? trace_hardirqs_on+0x37/0xe0 [ 15.753992] ? kasan_bitops_generic+0x92/0x1c0 [ 15.754017] kasan_bitops_generic+0x116/0x1c0 [ 15.754038] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.754060] ? __pfx_read_tsc+0x10/0x10 [ 15.754078] ? ktime_get_ts64+0x86/0x230 [ 15.754102] kunit_try_run_case+0x1a5/0x480 [ 15.754132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.754172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.754192] ? __kthread_parkme+0x82/0x180 [ 15.754210] ? preempt_count_sub+0x50/0x80 [ 15.754232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.754272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.754292] kthread+0x337/0x6f0 [ 15.754310] ? trace_preempt_on+0x20/0xc0 [ 15.754330] ? __pfx_kthread+0x10/0x10 [ 15.754349] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.754367] ? calculate_sigpending+0x7b/0xa0 [ 15.754388] ? __pfx_kthread+0x10/0x10 [ 15.754408] ret_from_fork+0x116/0x1d0 [ 15.754424] ? __pfx_kthread+0x10/0x10 [ 15.754442] ret_from_fork_asm+0x1a/0x30 [ 15.754470] </TASK> [ 15.754481] [ 15.766708] Allocated by task 279: [ 15.767094] kasan_save_stack+0x45/0x70 [ 15.767495] kasan_save_track+0x18/0x40 [ 15.767987] kasan_save_alloc_info+0x3b/0x50 [ 15.768341] __kasan_kmalloc+0xb7/0xc0 [ 15.768509] __kmalloc_cache_noprof+0x189/0x420 [ 15.769450] kasan_bitops_generic+0x92/0x1c0 [ 15.770019] kunit_try_run_case+0x1a5/0x480 [ 15.770349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.770782] kthread+0x337/0x6f0 [ 15.771121] ret_from_fork+0x116/0x1d0 [ 15.771457] ret_from_fork_asm+0x1a/0x30 [ 15.771934] [ 15.772050] The buggy address belongs to the object at ffff8881024eb440 [ 15.772050] which belongs to the cache kmalloc-16 of size 16 [ 15.773019] The buggy address is located 8 bytes inside of [ 15.773019] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.773800] [ 15.774455] The buggy address belongs to the physical page: [ 15.774878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.775341] flags: 0x200000000000000(node=0|zone=2) [ 15.775697] page_type: f5(slab) [ 15.775981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.776397] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.777181] page dumped because: kasan: bad access detected [ 15.777640] [ 15.777944] Memory state around the buggy address: [ 15.778220] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.779120] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.779802] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.780235] ^ [ 15.780696] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781452] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782185] ================================================================== [ 15.625124] ================================================================== [ 15.625535] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.626059] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.626673] [ 15.626829] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.626893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.626909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.626936] Call Trace: [ 15.626956] <TASK> [ 15.626979] dump_stack_lvl+0x73/0xb0 [ 15.627022] print_report+0xd1/0x650 [ 15.627049] ? __virt_addr_valid+0x1db/0x2d0 [ 15.627078] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.627108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.627645] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.627711] kasan_report+0x141/0x180 [ 15.627757] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.627806] kasan_check_range+0x10c/0x1c0 [ 15.627842] __kasan_check_write+0x18/0x20 [ 15.627876] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.627919] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.627984] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.628029] ? trace_hardirqs_on+0x37/0xe0 [ 15.628064] ? kasan_bitops_generic+0x92/0x1c0 [ 15.628126] kasan_bitops_generic+0x116/0x1c0 [ 15.628168] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.628209] ? __pfx_read_tsc+0x10/0x10 [ 15.628286] ? ktime_get_ts64+0x86/0x230 [ 15.628335] kunit_try_run_case+0x1a5/0x480 [ 15.628375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.628396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.628419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.628440] ? __kthread_parkme+0x82/0x180 [ 15.628458] ? preempt_count_sub+0x50/0x80 [ 15.628480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.628512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.628572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.628604] kthread+0x337/0x6f0 [ 15.628649] ? trace_preempt_on+0x20/0xc0 [ 15.628672] ? __pfx_kthread+0x10/0x10 [ 15.628691] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.628710] ? calculate_sigpending+0x7b/0xa0 [ 15.628732] ? __pfx_kthread+0x10/0x10 [ 15.628752] ret_from_fork+0x116/0x1d0 [ 15.628768] ? __pfx_kthread+0x10/0x10 [ 15.628787] ret_from_fork_asm+0x1a/0x30 [ 15.628815] </TASK> [ 15.628828] [ 15.641492] Allocated by task 279: [ 15.641929] kasan_save_stack+0x45/0x70 [ 15.642198] kasan_save_track+0x18/0x40 [ 15.642564] kasan_save_alloc_info+0x3b/0x50 [ 15.642807] __kasan_kmalloc+0xb7/0xc0 [ 15.643556] __kmalloc_cache_noprof+0x189/0x420 [ 15.643925] kasan_bitops_generic+0x92/0x1c0 [ 15.644246] kunit_try_run_case+0x1a5/0x480 [ 15.644696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.645096] kthread+0x337/0x6f0 [ 15.645411] ret_from_fork+0x116/0x1d0 [ 15.645769] ret_from_fork_asm+0x1a/0x30 [ 15.646074] [ 15.646228] The buggy address belongs to the object at ffff8881024eb440 [ 15.646228] which belongs to the cache kmalloc-16 of size 16 [ 15.647010] The buggy address is located 8 bytes inside of [ 15.647010] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.648123] [ 15.648409] The buggy address belongs to the physical page: [ 15.648757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.649367] flags: 0x200000000000000(node=0|zone=2) [ 15.649760] page_type: f5(slab) [ 15.650041] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.650340] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.650725] page dumped because: kasan: bad access detected [ 15.650972] [ 15.651373] Memory state around the buggy address: [ 15.652046] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.652461] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.652846] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.653056] ^ [ 15.653841] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.654430] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.654765] ================================================================== [ 15.655246] ================================================================== [ 15.655833] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.656354] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.656958] [ 15.657121] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.657203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.657227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.657264] Call Trace: [ 15.657286] <TASK> [ 15.657312] dump_stack_lvl+0x73/0xb0 [ 15.657368] print_report+0xd1/0x650 [ 15.657408] ? __virt_addr_valid+0x1db/0x2d0 [ 15.657449] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.657625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.657684] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.657730] kasan_report+0x141/0x180 [ 15.657774] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.657831] kasan_check_range+0x10c/0x1c0 [ 15.657874] __kasan_check_write+0x18/0x20 [ 15.657917] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.657962] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.657998] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.658025] ? trace_hardirqs_on+0x37/0xe0 [ 15.658045] ? kasan_bitops_generic+0x92/0x1c0 [ 15.658070] kasan_bitops_generic+0x116/0x1c0 [ 15.658091] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.658120] ? __pfx_read_tsc+0x10/0x10 [ 15.658142] ? ktime_get_ts64+0x86/0x230 [ 15.658164] kunit_try_run_case+0x1a5/0x480 [ 15.658184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.658203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.658224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.658243] ? __kthread_parkme+0x82/0x180 [ 15.658261] ? preempt_count_sub+0x50/0x80 [ 15.658282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.658302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.658322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.658342] kthread+0x337/0x6f0 [ 15.658359] ? trace_preempt_on+0x20/0xc0 [ 15.658379] ? __pfx_kthread+0x10/0x10 [ 15.658396] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.658414] ? calculate_sigpending+0x7b/0xa0 [ 15.658435] ? __pfx_kthread+0x10/0x10 [ 15.658453] ret_from_fork+0x116/0x1d0 [ 15.658470] ? __pfx_kthread+0x10/0x10 [ 15.658488] ret_from_fork_asm+0x1a/0x30 [ 15.658528] </TASK> [ 15.658544] [ 15.671045] Allocated by task 279: [ 15.671466] kasan_save_stack+0x45/0x70 [ 15.671664] kasan_save_track+0x18/0x40 [ 15.671878] kasan_save_alloc_info+0x3b/0x50 [ 15.672596] __kasan_kmalloc+0xb7/0xc0 [ 15.673063] __kmalloc_cache_noprof+0x189/0x420 [ 15.673574] kasan_bitops_generic+0x92/0x1c0 [ 15.673774] kunit_try_run_case+0x1a5/0x480 [ 15.673920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674098] kthread+0x337/0x6f0 [ 15.674215] ret_from_fork+0x116/0x1d0 [ 15.674770] ret_from_fork_asm+0x1a/0x30 [ 15.675075] [ 15.675954] The buggy address belongs to the object at ffff8881024eb440 [ 15.675954] which belongs to the cache kmalloc-16 of size 16 [ 15.676498] The buggy address is located 8 bytes inside of [ 15.676498] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.678980] [ 15.679441] The buggy address belongs to the physical page: [ 15.679976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.681243] flags: 0x200000000000000(node=0|zone=2) [ 15.682161] page_type: f5(slab) [ 15.682437] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.682694] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.682902] page dumped because: kasan: bad access detected [ 15.683075] [ 15.683164] Memory state around the buggy address: [ 15.683897] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.684697] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.685340] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.685997] ^ [ 15.686463] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.687166] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.687532] ================================================================== [ 15.718182] ================================================================== [ 15.718647] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.719161] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.719682] [ 15.719811] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.719867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.719905] Call Trace: [ 15.719923] <TASK> [ 15.719943] dump_stack_lvl+0x73/0xb0 [ 15.719977] print_report+0xd1/0x650 [ 15.719997] ? __virt_addr_valid+0x1db/0x2d0 [ 15.720018] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.720040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.720063] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.720086] kasan_report+0x141/0x180 [ 15.720111] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.720153] kasan_check_range+0x10c/0x1c0 [ 15.720191] __kasan_check_write+0x18/0x20 [ 15.720223] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.720261] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.720298] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.720337] ? trace_hardirqs_on+0x37/0xe0 [ 15.720375] ? kasan_bitops_generic+0x92/0x1c0 [ 15.720425] kasan_bitops_generic+0x116/0x1c0 [ 15.720463] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.720503] ? __pfx_read_tsc+0x10/0x10 [ 15.720538] ? ktime_get_ts64+0x86/0x230 [ 15.720585] kunit_try_run_case+0x1a5/0x480 [ 15.720734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.720822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.720859] ? __kthread_parkme+0x82/0x180 [ 15.720896] ? preempt_count_sub+0x50/0x80 [ 15.720941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.721015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.721055] kthread+0x337/0x6f0 [ 15.721091] ? trace_preempt_on+0x20/0xc0 [ 15.721130] ? __pfx_kthread+0x10/0x10 [ 15.721168] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.721205] ? calculate_sigpending+0x7b/0xa0 [ 15.721245] ? __pfx_kthread+0x10/0x10 [ 15.721286] ret_from_fork+0x116/0x1d0 [ 15.721320] ? __pfx_kthread+0x10/0x10 [ 15.721361] ret_from_fork_asm+0x1a/0x30 [ 15.721415] </TASK> [ 15.721436] [ 15.735934] Allocated by task 279: [ 15.736283] kasan_save_stack+0x45/0x70 [ 15.736491] kasan_save_track+0x18/0x40 [ 15.736673] kasan_save_alloc_info+0x3b/0x50 [ 15.737019] __kasan_kmalloc+0xb7/0xc0 [ 15.737336] __kmalloc_cache_noprof+0x189/0x420 [ 15.737672] kasan_bitops_generic+0x92/0x1c0 [ 15.737849] kunit_try_run_case+0x1a5/0x480 [ 15.738157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.738386] kthread+0x337/0x6f0 [ 15.738535] ret_from_fork+0x116/0x1d0 [ 15.738997] ret_from_fork_asm+0x1a/0x30 [ 15.739393] [ 15.739541] The buggy address belongs to the object at ffff8881024eb440 [ 15.739541] which belongs to the cache kmalloc-16 of size 16 [ 15.740106] The buggy address is located 8 bytes inside of [ 15.740106] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.741091] [ 15.741205] The buggy address belongs to the physical page: [ 15.741845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.742799] flags: 0x200000000000000(node=0|zone=2) [ 15.743581] page_type: f5(slab) [ 15.744015] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.744371] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.744873] page dumped because: kasan: bad access detected [ 15.745105] [ 15.745253] Memory state around the buggy address: [ 15.746032] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.746635] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.747071] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.747553] ^ [ 15.748132] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.748355] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.749404] ================================================================== [ 15.842738] ================================================================== [ 15.843228] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.843783] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.844057] [ 15.844261] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.844353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.844372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.844402] Call Trace: [ 15.844423] <TASK> [ 15.844460] dump_stack_lvl+0x73/0xb0 [ 15.844529] print_report+0xd1/0x650 [ 15.844567] ? __virt_addr_valid+0x1db/0x2d0 [ 15.844604] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.844659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.844704] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.844748] kasan_report+0x141/0x180 [ 15.844832] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.844885] kasan_check_range+0x10c/0x1c0 [ 15.844925] __kasan_check_write+0x18/0x20 [ 15.844958] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.845005] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.845054] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.845099] ? trace_hardirqs_on+0x37/0xe0 [ 15.845181] ? kasan_bitops_generic+0x92/0x1c0 [ 15.845237] kasan_bitops_generic+0x116/0x1c0 [ 15.845281] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.845330] ? __pfx_read_tsc+0x10/0x10 [ 15.845368] ? ktime_get_ts64+0x86/0x230 [ 15.845415] kunit_try_run_case+0x1a5/0x480 [ 15.845461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.845504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.845549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.845591] ? __kthread_parkme+0x82/0x180 [ 15.845635] ? preempt_count_sub+0x50/0x80 [ 15.845673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.845707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.845738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.845770] kthread+0x337/0x6f0 [ 15.845799] ? trace_preempt_on+0x20/0xc0 [ 15.845821] ? __pfx_kthread+0x10/0x10 [ 15.845839] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.845858] ? calculate_sigpending+0x7b/0xa0 [ 15.845880] ? __pfx_kthread+0x10/0x10 [ 15.845899] ret_from_fork+0x116/0x1d0 [ 15.845926] ? __pfx_kthread+0x10/0x10 [ 15.845946] ret_from_fork_asm+0x1a/0x30 [ 15.845974] </TASK> [ 15.845986] [ 15.858297] Allocated by task 279: [ 15.858574] kasan_save_stack+0x45/0x70 [ 15.858804] kasan_save_track+0x18/0x40 [ 15.859063] kasan_save_alloc_info+0x3b/0x50 [ 15.859665] __kasan_kmalloc+0xb7/0xc0 [ 15.859911] __kmalloc_cache_noprof+0x189/0x420 [ 15.860150] kasan_bitops_generic+0x92/0x1c0 [ 15.860489] kunit_try_run_case+0x1a5/0x480 [ 15.860743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.860949] kthread+0x337/0x6f0 [ 15.861218] ret_from_fork+0x116/0x1d0 [ 15.861510] ret_from_fork_asm+0x1a/0x30 [ 15.861754] [ 15.861888] The buggy address belongs to the object at ffff8881024eb440 [ 15.861888] which belongs to the cache kmalloc-16 of size 16 [ 15.862783] The buggy address is located 8 bytes inside of [ 15.862783] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.863817] [ 15.863930] The buggy address belongs to the physical page: [ 15.864126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.865010] flags: 0x200000000000000(node=0|zone=2) [ 15.865193] page_type: f5(slab) [ 15.865717] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.866264] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.866574] page dumped because: kasan: bad access detected [ 15.866886] [ 15.867016] Memory state around the buggy address: [ 15.867628] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.868067] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.868505] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.869035] ^ [ 15.869577] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.869995] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.870403] ================================================================== [ 15.783055] ================================================================== [ 15.783330] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.783962] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.784296] [ 15.784429] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.784512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.784537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.784579] Call Trace: [ 15.784607] <TASK> [ 15.784650] dump_stack_lvl+0x73/0xb0 [ 15.784707] print_report+0xd1/0x650 [ 15.784750] ? __virt_addr_valid+0x1db/0x2d0 [ 15.784790] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.784836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.784904] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.784940] kasan_report+0x141/0x180 [ 15.784972] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.785014] kasan_check_range+0x10c/0x1c0 [ 15.785048] __kasan_check_write+0x18/0x20 [ 15.785077] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.785148] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.785212] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.785255] ? trace_hardirqs_on+0x37/0xe0 [ 15.785293] ? kasan_bitops_generic+0x92/0x1c0 [ 15.785343] kasan_bitops_generic+0x116/0x1c0 [ 15.785388] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.785433] ? __pfx_read_tsc+0x10/0x10 [ 15.785473] ? ktime_get_ts64+0x86/0x230 [ 15.785528] kunit_try_run_case+0x1a5/0x480 [ 15.785576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.785678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.785722] ? __kthread_parkme+0x82/0x180 [ 15.785762] ? preempt_count_sub+0x50/0x80 [ 15.785805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.785937] kthread+0x337/0x6f0 [ 15.785971] ? trace_preempt_on+0x20/0xc0 [ 15.786063] ? __pfx_kthread+0x10/0x10 [ 15.786094] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.786145] ? calculate_sigpending+0x7b/0xa0 [ 15.786181] ? __pfx_kthread+0x10/0x10 [ 15.786231] ret_from_fork+0x116/0x1d0 [ 15.786268] ? __pfx_kthread+0x10/0x10 [ 15.786300] ret_from_fork_asm+0x1a/0x30 [ 15.786332] </TASK> [ 15.786345] [ 15.800554] Allocated by task 279: [ 15.800737] kasan_save_stack+0x45/0x70 [ 15.800978] kasan_save_track+0x18/0x40 [ 15.801254] kasan_save_alloc_info+0x3b/0x50 [ 15.802287] __kasan_kmalloc+0xb7/0xc0 [ 15.803038] __kmalloc_cache_noprof+0x189/0x420 [ 15.803480] kasan_bitops_generic+0x92/0x1c0 [ 15.803892] kunit_try_run_case+0x1a5/0x480 [ 15.804067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.804453] kthread+0x337/0x6f0 [ 15.805002] ret_from_fork+0x116/0x1d0 [ 15.805565] ret_from_fork_asm+0x1a/0x30 [ 15.805757] [ 15.805848] The buggy address belongs to the object at ffff8881024eb440 [ 15.805848] which belongs to the cache kmalloc-16 of size 16 [ 15.806458] The buggy address is located 8 bytes inside of [ 15.806458] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.807777] [ 15.807886] The buggy address belongs to the physical page: [ 15.808092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.808511] flags: 0x200000000000000(node=0|zone=2) [ 15.809217] page_type: f5(slab) [ 15.809416] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.809936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.810336] page dumped because: kasan: bad access detected [ 15.810736] [ 15.811207] Memory state around the buggy address: [ 15.811397] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.812248] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.812566] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.813177] ^ [ 15.813433] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.814042] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.814847] ================================================================== [ 15.688270] ================================================================== [ 15.688687] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.689216] Write of size 8 at addr ffff8881024eb448 by task kunit_try_catch/279 [ 15.689703] [ 15.689964] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.690042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.690067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.690129] Call Trace: [ 15.690160] <TASK> [ 15.690190] dump_stack_lvl+0x73/0xb0 [ 15.690241] print_report+0xd1/0x650 [ 15.690277] ? __virt_addr_valid+0x1db/0x2d0 [ 15.690312] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.690353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.690431] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.690492] kasan_report+0x141/0x180 [ 15.690541] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.690599] kasan_check_range+0x10c/0x1c0 [ 15.690661] __kasan_check_write+0x18/0x20 [ 15.690699] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.690746] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.690783] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.690824] ? trace_hardirqs_on+0x37/0xe0 [ 15.690860] ? kasan_bitops_generic+0x92/0x1c0 [ 15.690905] kasan_bitops_generic+0x116/0x1c0 [ 15.690943] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.690984] ? __pfx_read_tsc+0x10/0x10 [ 15.691017] ? ktime_get_ts64+0x86/0x230 [ 15.691059] kunit_try_run_case+0x1a5/0x480 [ 15.691101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.691167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.691187] ? __kthread_parkme+0x82/0x180 [ 15.691205] ? preempt_count_sub+0x50/0x80 [ 15.691227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.691267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.691287] kthread+0x337/0x6f0 [ 15.691304] ? trace_preempt_on+0x20/0xc0 [ 15.691324] ? __pfx_kthread+0x10/0x10 [ 15.691342] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.691360] ? calculate_sigpending+0x7b/0xa0 [ 15.691381] ? __pfx_kthread+0x10/0x10 [ 15.691399] ret_from_fork+0x116/0x1d0 [ 15.691417] ? __pfx_kthread+0x10/0x10 [ 15.691435] ret_from_fork_asm+0x1a/0x30 [ 15.691462] </TASK> [ 15.691474] [ 15.704664] Allocated by task 279: [ 15.704934] kasan_save_stack+0x45/0x70 [ 15.705221] kasan_save_track+0x18/0x40 [ 15.705402] kasan_save_alloc_info+0x3b/0x50 [ 15.706234] __kasan_kmalloc+0xb7/0xc0 [ 15.706614] __kmalloc_cache_noprof+0x189/0x420 [ 15.707061] kasan_bitops_generic+0x92/0x1c0 [ 15.707365] kunit_try_run_case+0x1a5/0x480 [ 15.707641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.708085] kthread+0x337/0x6f0 [ 15.708403] ret_from_fork+0x116/0x1d0 [ 15.708734] ret_from_fork_asm+0x1a/0x30 [ 15.709051] [ 15.709236] The buggy address belongs to the object at ffff8881024eb440 [ 15.709236] which belongs to the cache kmalloc-16 of size 16 [ 15.709962] The buggy address is located 8 bytes inside of [ 15.709962] allocated 9-byte region [ffff8881024eb440, ffff8881024eb449) [ 15.711056] [ 15.711272] The buggy address belongs to the physical page: [ 15.711596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 15.712003] flags: 0x200000000000000(node=0|zone=2) [ 15.712636] page_type: f5(slab) [ 15.712813] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.713437] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.714006] page dumped because: kasan: bad access detected [ 15.714262] [ 15.714421] Memory state around the buggy address: [ 15.714871] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.715279] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.715653] >ffff8881024eb400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.716148] ^ [ 15.716391] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.716814] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.717186] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.584875] ================================================================== [ 15.585264] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.585818] Read of size 1 at addr ffff888102ab8f90 by task kunit_try_catch/277 [ 15.586367] [ 15.586940] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.587040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.587065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.587103] Call Trace: [ 15.587132] <TASK> [ 15.587161] dump_stack_lvl+0x73/0xb0 [ 15.587214] print_report+0xd1/0x650 [ 15.587254] ? __virt_addr_valid+0x1db/0x2d0 [ 15.587294] ? strnlen+0x73/0x80 [ 15.587325] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.587365] ? strnlen+0x73/0x80 [ 15.587419] kasan_report+0x141/0x180 [ 15.587465] ? strnlen+0x73/0x80 [ 15.587504] __asan_report_load1_noabort+0x18/0x20 [ 15.587534] strnlen+0x73/0x80 [ 15.587561] kasan_strings+0x615/0xe80 [ 15.587581] ? trace_hardirqs_on+0x37/0xe0 [ 15.587602] ? __pfx_kasan_strings+0x10/0x10 [ 15.587641] ? finish_task_switch.isra.0+0x153/0x700 [ 15.587674] ? __switch_to+0x47/0xf50 [ 15.587709] ? __schedule+0x10cc/0x2b60 [ 15.587740] ? __pfx_read_tsc+0x10/0x10 [ 15.587768] ? ktime_get_ts64+0x86/0x230 [ 15.587803] kunit_try_run_case+0x1a5/0x480 [ 15.587843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.587881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.587922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.587966] ? __kthread_parkme+0x82/0x180 [ 15.588001] ? preempt_count_sub+0x50/0x80 [ 15.588057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.588091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.588144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.588169] kthread+0x337/0x6f0 [ 15.588187] ? trace_preempt_on+0x20/0xc0 [ 15.588209] ? __pfx_kthread+0x10/0x10 [ 15.588228] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.588247] ? calculate_sigpending+0x7b/0xa0 [ 15.588269] ? __pfx_kthread+0x10/0x10 [ 15.588289] ret_from_fork+0x116/0x1d0 [ 15.588306] ? __pfx_kthread+0x10/0x10 [ 15.588325] ret_from_fork_asm+0x1a/0x30 [ 15.588353] </TASK> [ 15.588365] [ 15.602105] Allocated by task 277: [ 15.602266] kasan_save_stack+0x45/0x70 [ 15.602583] kasan_save_track+0x18/0x40 [ 15.602865] kasan_save_alloc_info+0x3b/0x50 [ 15.603703] __kasan_kmalloc+0xb7/0xc0 [ 15.603917] __kmalloc_cache_noprof+0x189/0x420 [ 15.604115] kasan_strings+0xc0/0xe80 [ 15.604285] kunit_try_run_case+0x1a5/0x480 [ 15.604580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.605433] kthread+0x337/0x6f0 [ 15.605848] ret_from_fork+0x116/0x1d0 [ 15.606141] ret_from_fork_asm+0x1a/0x30 [ 15.606681] [ 15.606797] Freed by task 277: [ 15.606944] kasan_save_stack+0x45/0x70 [ 15.607120] kasan_save_track+0x18/0x40 [ 15.607769] kasan_save_free_info+0x3f/0x60 [ 15.608196] __kasan_slab_free+0x56/0x70 [ 15.608574] kfree+0x222/0x3f0 [ 15.608937] kasan_strings+0x2aa/0xe80 [ 15.609223] kunit_try_run_case+0x1a5/0x480 [ 15.609822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.610079] kthread+0x337/0x6f0 [ 15.610296] ret_from_fork+0x116/0x1d0 [ 15.610593] ret_from_fork_asm+0x1a/0x30 [ 15.611307] [ 15.611485] The buggy address belongs to the object at ffff888102ab8f80 [ 15.611485] which belongs to the cache kmalloc-32 of size 32 [ 15.612808] The buggy address is located 16 bytes inside of [ 15.612808] freed 32-byte region [ffff888102ab8f80, ffff888102ab8fa0) [ 15.613340] [ 15.613502] The buggy address belongs to the physical page: [ 15.613882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.614174] flags: 0x200000000000000(node=0|zone=2) [ 15.614416] page_type: f5(slab) [ 15.614560] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.615517] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.616111] page dumped because: kasan: bad access detected [ 15.616572] [ 15.616961] Memory state around the buggy address: [ 15.617361] ffff888102ab8e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.617819] ffff888102ab8f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.618051] >ffff888102ab8f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.618522] ^ [ 15.618785] ffff888102ab9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.619163] ffff888102ab9080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 15.619456] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 15.550833] ================================================================== [ 15.551315] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 15.551573] Read of size 1 at addr ffff888102ab8f90 by task kunit_try_catch/277 [ 15.552960] [ 15.553148] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.553238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.553260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.553298] Call Trace: [ 15.553315] <TASK> [ 15.553338] dump_stack_lvl+0x73/0xb0 [ 15.553393] print_report+0xd1/0x650 [ 15.553433] ? __virt_addr_valid+0x1db/0x2d0 [ 15.553463] ? strlen+0x8f/0xb0 [ 15.553494] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.553529] ? strlen+0x8f/0xb0 [ 15.553559] kasan_report+0x141/0x180 [ 15.553594] ? strlen+0x8f/0xb0 [ 15.553654] __asan_report_load1_noabort+0x18/0x20 [ 15.553692] strlen+0x8f/0xb0 [ 15.553725] kasan_strings+0x57b/0xe80 [ 15.553766] ? trace_hardirqs_on+0x37/0xe0 [ 15.553819] ? __pfx_kasan_strings+0x10/0x10 [ 15.553854] ? finish_task_switch.isra.0+0x153/0x700 [ 15.553895] ? __switch_to+0x47/0xf50 [ 15.553983] ? __schedule+0x10cc/0x2b60 [ 15.554019] ? __pfx_read_tsc+0x10/0x10 [ 15.554046] ? ktime_get_ts64+0x86/0x230 [ 15.554069] kunit_try_run_case+0x1a5/0x480 [ 15.554091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.554151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.554172] ? __kthread_parkme+0x82/0x180 [ 15.554191] ? preempt_count_sub+0x50/0x80 [ 15.554212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.554276] kthread+0x337/0x6f0 [ 15.554294] ? trace_preempt_on+0x20/0xc0 [ 15.554315] ? __pfx_kthread+0x10/0x10 [ 15.554333] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.554353] ? calculate_sigpending+0x7b/0xa0 [ 15.554375] ? __pfx_kthread+0x10/0x10 [ 15.554394] ret_from_fork+0x116/0x1d0 [ 15.554412] ? __pfx_kthread+0x10/0x10 [ 15.554430] ret_from_fork_asm+0x1a/0x30 [ 15.554458] </TASK> [ 15.554469] [ 15.565326] Allocated by task 277: [ 15.565640] kasan_save_stack+0x45/0x70 [ 15.566193] kasan_save_track+0x18/0x40 [ 15.566597] kasan_save_alloc_info+0x3b/0x50 [ 15.567135] __kasan_kmalloc+0xb7/0xc0 [ 15.567363] __kmalloc_cache_noprof+0x189/0x420 [ 15.567881] kasan_strings+0xc0/0xe80 [ 15.568077] kunit_try_run_case+0x1a5/0x480 [ 15.568419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.568834] kthread+0x337/0x6f0 [ 15.569071] ret_from_fork+0x116/0x1d0 [ 15.569460] ret_from_fork_asm+0x1a/0x30 [ 15.569671] [ 15.569775] Freed by task 277: [ 15.569921] kasan_save_stack+0x45/0x70 [ 15.570189] kasan_save_track+0x18/0x40 [ 15.570493] kasan_save_free_info+0x3f/0x60 [ 15.571247] __kasan_slab_free+0x56/0x70 [ 15.571599] kfree+0x222/0x3f0 [ 15.571775] kasan_strings+0x2aa/0xe80 [ 15.572068] kunit_try_run_case+0x1a5/0x480 [ 15.572486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.573712] kthread+0x337/0x6f0 [ 15.574325] ret_from_fork+0x116/0x1d0 [ 15.574955] ret_from_fork_asm+0x1a/0x30 [ 15.575501] [ 15.575572] The buggy address belongs to the object at ffff888102ab8f80 [ 15.575572] which belongs to the cache kmalloc-32 of size 32 [ 15.576186] The buggy address is located 16 bytes inside of [ 15.576186] freed 32-byte region [ffff888102ab8f80, ffff888102ab8fa0) [ 15.577049] [ 15.577270] The buggy address belongs to the physical page: [ 15.577864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.578417] flags: 0x200000000000000(node=0|zone=2) [ 15.579113] page_type: f5(slab) [ 15.579380] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.579762] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.580036] page dumped because: kasan: bad access detected [ 15.580696] [ 15.580795] Memory state around the buggy address: [ 15.581035] ffff888102ab8e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.581466] ffff888102ab8f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.582132] >ffff888102ab8f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.582497] ^ [ 15.582811] ffff888102ab9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.583669] ffff888102ab9080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 15.583889] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 15.515337] ================================================================== [ 15.515968] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 15.516218] Read of size 1 at addr ffff888102ab8f90 by task kunit_try_catch/277 [ 15.516745] [ 15.516933] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.517010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.517030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.517065] Call Trace: [ 15.517092] <TASK> [ 15.517160] dump_stack_lvl+0x73/0xb0 [ 15.517221] print_report+0xd1/0x650 [ 15.517262] ? __virt_addr_valid+0x1db/0x2d0 [ 15.517298] ? kasan_strings+0xcbc/0xe80 [ 15.517333] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.517375] ? kasan_strings+0xcbc/0xe80 [ 15.517642] kasan_report+0x141/0x180 [ 15.517709] ? kasan_strings+0xcbc/0xe80 [ 15.517751] __asan_report_load1_noabort+0x18/0x20 [ 15.517801] kasan_strings+0xcbc/0xe80 [ 15.517848] ? trace_hardirqs_on+0x37/0xe0 [ 15.517894] ? __pfx_kasan_strings+0x10/0x10 [ 15.517934] ? finish_task_switch.isra.0+0x153/0x700 [ 15.517973] ? __switch_to+0x47/0xf50 [ 15.518018] ? __schedule+0x10cc/0x2b60 [ 15.518054] ? __pfx_read_tsc+0x10/0x10 [ 15.518092] ? ktime_get_ts64+0x86/0x230 [ 15.518175] kunit_try_run_case+0x1a5/0x480 [ 15.518203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.518225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.518248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.518269] ? __kthread_parkme+0x82/0x180 [ 15.518289] ? preempt_count_sub+0x50/0x80 [ 15.518310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.518331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.518352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.518373] kthread+0x337/0x6f0 [ 15.518390] ? trace_preempt_on+0x20/0xc0 [ 15.518411] ? __pfx_kthread+0x10/0x10 [ 15.518430] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.518448] ? calculate_sigpending+0x7b/0xa0 [ 15.518470] ? __pfx_kthread+0x10/0x10 [ 15.518490] ret_from_fork+0x116/0x1d0 [ 15.518535] ? __pfx_kthread+0x10/0x10 [ 15.518574] ret_from_fork_asm+0x1a/0x30 [ 15.518635] </TASK> [ 15.518653] [ 15.531205] Allocated by task 277: [ 15.531490] kasan_save_stack+0x45/0x70 [ 15.532184] kasan_save_track+0x18/0x40 [ 15.532414] kasan_save_alloc_info+0x3b/0x50 [ 15.532886] __kasan_kmalloc+0xb7/0xc0 [ 15.533230] __kmalloc_cache_noprof+0x189/0x420 [ 15.533445] kasan_strings+0xc0/0xe80 [ 15.533607] kunit_try_run_case+0x1a5/0x480 [ 15.533794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534378] kthread+0x337/0x6f0 [ 15.534865] ret_from_fork+0x116/0x1d0 [ 15.535224] ret_from_fork_asm+0x1a/0x30 [ 15.535893] [ 15.536116] Freed by task 277: [ 15.536369] kasan_save_stack+0x45/0x70 [ 15.536639] kasan_save_track+0x18/0x40 [ 15.536861] kasan_save_free_info+0x3f/0x60 [ 15.537356] __kasan_slab_free+0x56/0x70 [ 15.537557] kfree+0x222/0x3f0 [ 15.537981] kasan_strings+0x2aa/0xe80 [ 15.538261] kunit_try_run_case+0x1a5/0x480 [ 15.538658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.539032] kthread+0x337/0x6f0 [ 15.539288] ret_from_fork+0x116/0x1d0 [ 15.539527] ret_from_fork_asm+0x1a/0x30 [ 15.540275] [ 15.540403] The buggy address belongs to the object at ffff888102ab8f80 [ 15.540403] which belongs to the cache kmalloc-32 of size 32 [ 15.540787] The buggy address is located 16 bytes inside of [ 15.540787] freed 32-byte region [ffff888102ab8f80, ffff888102ab8fa0) [ 15.541731] [ 15.541923] The buggy address belongs to the physical page: [ 15.542291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.543127] flags: 0x200000000000000(node=0|zone=2) [ 15.543354] page_type: f5(slab) [ 15.543505] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.544468] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.545042] page dumped because: kasan: bad access detected [ 15.545241] [ 15.545331] Memory state around the buggy address: [ 15.545728] ffff888102ab8e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.546432] ffff888102ab8f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.547093] >ffff888102ab8f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.548071] ^ [ 15.548425] ffff888102ab9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.548860] ffff888102ab9080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 15.549090] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 15.480611] ================================================================== [ 15.482044] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 15.482728] Read of size 1 at addr ffff888102ab8f90 by task kunit_try_catch/277 [ 15.483083] [ 15.483252] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.483422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.483450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.483489] Call Trace: [ 15.483514] <TASK> [ 15.483845] dump_stack_lvl+0x73/0xb0 [ 15.483903] print_report+0xd1/0x650 [ 15.483927] ? __virt_addr_valid+0x1db/0x2d0 [ 15.483948] ? strcmp+0xb0/0xc0 [ 15.483967] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.483992] ? strcmp+0xb0/0xc0 [ 15.484011] kasan_report+0x141/0x180 [ 15.484031] ? strcmp+0xb0/0xc0 [ 15.484054] __asan_report_load1_noabort+0x18/0x20 [ 15.484077] strcmp+0xb0/0xc0 [ 15.484099] kasan_strings+0x431/0xe80 [ 15.484127] ? trace_hardirqs_on+0x37/0xe0 [ 15.484163] ? __pfx_kasan_strings+0x10/0x10 [ 15.484195] ? finish_task_switch.isra.0+0x153/0x700 [ 15.484235] ? __switch_to+0x47/0xf50 [ 15.484287] ? __schedule+0x10cc/0x2b60 [ 15.484329] ? __pfx_read_tsc+0x10/0x10 [ 15.484367] ? ktime_get_ts64+0x86/0x230 [ 15.484414] kunit_try_run_case+0x1a5/0x480 [ 15.484455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.484494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.484551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.484594] ? __kthread_parkme+0x82/0x180 [ 15.484639] ? preempt_count_sub+0x50/0x80 [ 15.484666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.484688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.484709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.484731] kthread+0x337/0x6f0 [ 15.484749] ? trace_preempt_on+0x20/0xc0 [ 15.484770] ? __pfx_kthread+0x10/0x10 [ 15.484789] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.484809] ? calculate_sigpending+0x7b/0xa0 [ 15.484831] ? __pfx_kthread+0x10/0x10 [ 15.484850] ret_from_fork+0x116/0x1d0 [ 15.484867] ? __pfx_kthread+0x10/0x10 [ 15.484886] ret_from_fork_asm+0x1a/0x30 [ 15.484914] </TASK> [ 15.484925] [ 15.496525] Allocated by task 277: [ 15.496722] kasan_save_stack+0x45/0x70 [ 15.497032] kasan_save_track+0x18/0x40 [ 15.497312] kasan_save_alloc_info+0x3b/0x50 [ 15.497575] __kasan_kmalloc+0xb7/0xc0 [ 15.498204] __kmalloc_cache_noprof+0x189/0x420 [ 15.498770] kasan_strings+0xc0/0xe80 [ 15.499140] kunit_try_run_case+0x1a5/0x480 [ 15.499399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.500158] kthread+0x337/0x6f0 [ 15.500377] ret_from_fork+0x116/0x1d0 [ 15.500711] ret_from_fork_asm+0x1a/0x30 [ 15.500890] [ 15.500996] Freed by task 277: [ 15.501120] kasan_save_stack+0x45/0x70 [ 15.501312] kasan_save_track+0x18/0x40 [ 15.501762] kasan_save_free_info+0x3f/0x60 [ 15.502082] __kasan_slab_free+0x56/0x70 [ 15.502593] kfree+0x222/0x3f0 [ 15.503089] kasan_strings+0x2aa/0xe80 [ 15.503253] kunit_try_run_case+0x1a5/0x480 [ 15.503516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.504163] kthread+0x337/0x6f0 [ 15.504387] ret_from_fork+0x116/0x1d0 [ 15.504970] ret_from_fork_asm+0x1a/0x30 [ 15.505419] [ 15.505549] The buggy address belongs to the object at ffff888102ab8f80 [ 15.505549] which belongs to the cache kmalloc-32 of size 32 [ 15.506022] The buggy address is located 16 bytes inside of [ 15.506022] freed 32-byte region [ffff888102ab8f80, ffff888102ab8fa0) [ 15.506956] [ 15.507075] The buggy address belongs to the physical page: [ 15.507469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.508173] flags: 0x200000000000000(node=0|zone=2) [ 15.508427] page_type: f5(slab) [ 15.508918] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.509387] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.509847] page dumped because: kasan: bad access detected [ 15.510420] [ 15.510656] Memory state around the buggy address: [ 15.511026] ffff888102ab8e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.511418] ffff888102ab8f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.512026] >ffff888102ab8f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.512450] ^ [ 15.512931] ffff888102ab9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.513358] ffff888102ab9080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 15.513917] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 15.444475] ================================================================== [ 15.445396] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.445711] Read of size 1 at addr ffff888102ab8e58 by task kunit_try_catch/275 [ 15.446524] [ 15.446773] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.446859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.446879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.446910] Call Trace: [ 15.446932] <TASK> [ 15.446957] dump_stack_lvl+0x73/0xb0 [ 15.446994] print_report+0xd1/0x650 [ 15.447016] ? __virt_addr_valid+0x1db/0x2d0 [ 15.447038] ? memcmp+0x1b4/0x1d0 [ 15.447054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.447078] ? memcmp+0x1b4/0x1d0 [ 15.447095] kasan_report+0x141/0x180 [ 15.447151] ? memcmp+0x1b4/0x1d0 [ 15.447199] __asan_report_load1_noabort+0x18/0x20 [ 15.447241] memcmp+0x1b4/0x1d0 [ 15.447275] kasan_memcmp+0x18f/0x390 [ 15.447343] ? trace_hardirqs_on+0x37/0xe0 [ 15.447383] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.447418] ? finish_task_switch.isra.0+0x153/0x700 [ 15.447466] ? __switch_to+0x47/0xf50 [ 15.447522] ? __pfx_read_tsc+0x10/0x10 [ 15.447555] ? ktime_get_ts64+0x86/0x230 [ 15.447593] kunit_try_run_case+0x1a5/0x480 [ 15.447645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.447703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.447725] ? __kthread_parkme+0x82/0x180 [ 15.447743] ? preempt_count_sub+0x50/0x80 [ 15.447765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.447809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.447830] kthread+0x337/0x6f0 [ 15.447848] ? trace_preempt_on+0x20/0xc0 [ 15.447869] ? __pfx_kthread+0x10/0x10 [ 15.447889] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.447908] ? calculate_sigpending+0x7b/0xa0 [ 15.447930] ? __pfx_kthread+0x10/0x10 [ 15.447949] ret_from_fork+0x116/0x1d0 [ 15.447967] ? __pfx_kthread+0x10/0x10 [ 15.447985] ret_from_fork_asm+0x1a/0x30 [ 15.448014] </TASK> [ 15.448026] [ 15.459928] Allocated by task 275: [ 15.460427] kasan_save_stack+0x45/0x70 [ 15.460895] kasan_save_track+0x18/0x40 [ 15.461261] kasan_save_alloc_info+0x3b/0x50 [ 15.461683] __kasan_kmalloc+0xb7/0xc0 [ 15.461918] __kmalloc_cache_noprof+0x189/0x420 [ 15.462115] kasan_memcmp+0xb7/0x390 [ 15.462274] kunit_try_run_case+0x1a5/0x480 [ 15.462844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.463297] kthread+0x337/0x6f0 [ 15.463560] ret_from_fork+0x116/0x1d0 [ 15.463999] ret_from_fork_asm+0x1a/0x30 [ 15.464299] [ 15.464505] The buggy address belongs to the object at ffff888102ab8e40 [ 15.464505] which belongs to the cache kmalloc-32 of size 32 [ 15.465038] The buggy address is located 0 bytes to the right of [ 15.465038] allocated 24-byte region [ffff888102ab8e40, ffff888102ab8e58) [ 15.466140] [ 15.466328] The buggy address belongs to the physical page: [ 15.466653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 15.467003] flags: 0x200000000000000(node=0|zone=2) [ 15.467643] page_type: f5(slab) [ 15.468087] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.468645] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.469137] page dumped because: kasan: bad access detected [ 15.469463] [ 15.469836] Memory state around the buggy address: [ 15.470121] ffff888102ab8d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.470713] ffff888102ab8d80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 15.470955] >ffff888102ab8e00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.471752] ^ [ 15.471989] ffff888102ab8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472401] ffff888102ab8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472967] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 15.412473] ================================================================== [ 15.413671] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 15.413964] Read of size 1 at addr ffff888103aafc4a by task kunit_try_catch/271 [ 15.414219] [ 15.414337] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.414406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.414423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.414453] Call Trace: [ 15.414474] <TASK> [ 15.414644] dump_stack_lvl+0x73/0xb0 [ 15.414713] print_report+0xd1/0x650 [ 15.414755] ? __virt_addr_valid+0x1db/0x2d0 [ 15.414795] ? kasan_alloca_oob_right+0x329/0x390 [ 15.414836] ? kasan_addr_to_slab+0x11/0xa0 [ 15.414872] ? kasan_alloca_oob_right+0x329/0x390 [ 15.414915] kasan_report+0x141/0x180 [ 15.414957] ? kasan_alloca_oob_right+0x329/0x390 [ 15.415002] __asan_report_load1_noabort+0x18/0x20 [ 15.415041] kasan_alloca_oob_right+0x329/0x390 [ 15.415073] ? __kasan_check_write+0x18/0x20 [ 15.415135] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.415175] ? finish_task_switch.isra.0+0x153/0x700 [ 15.415211] ? __ww_mutex_lock.constprop.0+0x1dbe/0x1e90 [ 15.415252] ? trace_hardirqs_on+0x37/0xe0 [ 15.415295] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 15.415338] ? __schedule+0x10cc/0x2b60 [ 15.415374] ? __pfx_read_tsc+0x10/0x10 [ 15.415408] ? ktime_get_ts64+0x86/0x230 [ 15.415449] kunit_try_run_case+0x1a5/0x480 [ 15.415489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.415653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.415695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.415732] ? __kthread_parkme+0x82/0x180 [ 15.415767] ? preempt_count_sub+0x50/0x80 [ 15.415807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.415847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.415923] kthread+0x337/0x6f0 [ 15.415956] ? trace_preempt_on+0x20/0xc0 [ 15.415994] ? __pfx_kthread+0x10/0x10 [ 15.416025] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.416053] ? calculate_sigpending+0x7b/0xa0 [ 15.416086] ? __pfx_kthread+0x10/0x10 [ 15.416143] ret_from_fork+0x116/0x1d0 [ 15.416178] ? __pfx_kthread+0x10/0x10 [ 15.416214] ret_from_fork_asm+0x1a/0x30 [ 15.416274] </TASK> [ 15.416296] [ 15.429612] The buggy address belongs to stack of task kunit_try_catch/271 [ 15.430143] [ 15.430286] The buggy address belongs to the physical page: [ 15.430823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 15.431376] flags: 0x200000000000000(node=0|zone=2) [ 15.431951] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 15.432464] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.432928] page dumped because: kasan: bad access detected [ 15.433345] [ 15.433486] Memory state around the buggy address: [ 15.433773] ffff888103aafb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.434170] ffff888103aafb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.434480] >ffff888103aafc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.434957] ^ [ 15.435204] ffff888103aafc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.435786] ffff888103aafd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.436164] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 15.380012] ================================================================== [ 15.380732] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 15.381265] Read of size 1 at addr ffff8881039afc3f by task kunit_try_catch/269 [ 15.382379] [ 15.382664] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.383003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.383037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.383063] Call Trace: [ 15.383078] <TASK> [ 15.383095] dump_stack_lvl+0x73/0xb0 [ 15.383149] print_report+0xd1/0x650 [ 15.383170] ? __virt_addr_valid+0x1db/0x2d0 [ 15.383190] ? kasan_alloca_oob_left+0x320/0x380 [ 15.383210] ? kasan_addr_to_slab+0x11/0xa0 [ 15.383228] ? kasan_alloca_oob_left+0x320/0x380 [ 15.383246] kasan_report+0x141/0x180 [ 15.383265] ? kasan_alloca_oob_left+0x320/0x380 [ 15.383290] __asan_report_load1_noabort+0x18/0x20 [ 15.383311] kasan_alloca_oob_left+0x320/0x380 [ 15.383331] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.383351] ? finish_task_switch.isra.0+0x153/0x700 [ 15.383370] ? __ww_mutex_lock.constprop.0+0x1dbe/0x1e90 [ 15.383393] ? trace_hardirqs_on+0x37/0xe0 [ 15.383416] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 15.383438] ? __schedule+0x10cc/0x2b60 [ 15.383457] ? __pfx_read_tsc+0x10/0x10 [ 15.383474] ? ktime_get_ts64+0x86/0x230 [ 15.383496] kunit_try_run_case+0x1a5/0x480 [ 15.383560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.383643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.383666] ? __kthread_parkme+0x82/0x180 [ 15.383685] ? preempt_count_sub+0x50/0x80 [ 15.383705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.383747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.383767] kthread+0x337/0x6f0 [ 15.383784] ? trace_preempt_on+0x20/0xc0 [ 15.383804] ? __pfx_kthread+0x10/0x10 [ 15.383822] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.383841] ? calculate_sigpending+0x7b/0xa0 [ 15.383862] ? __pfx_kthread+0x10/0x10 [ 15.383881] ret_from_fork+0x116/0x1d0 [ 15.383898] ? __pfx_kthread+0x10/0x10 [ 15.383915] ret_from_fork_asm+0x1a/0x30 [ 15.383943] </TASK> [ 15.383954] [ 15.396611] The buggy address belongs to stack of task kunit_try_catch/269 [ 15.397098] [ 15.397212] The buggy address belongs to the physical page: [ 15.397400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039af [ 15.398330] flags: 0x200000000000000(node=0|zone=2) [ 15.398759] raw: 0200000000000000 ffffea00040e6bc8 ffffea00040e6bc8 0000000000000000 [ 15.399566] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.400014] page dumped because: kasan: bad access detected [ 15.400769] [ 15.400958] Memory state around the buggy address: [ 15.401191] ffff8881039afb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.402034] ffff8881039afb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.402450] >ffff8881039afc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.403023] ^ [ 15.403689] ffff8881039afc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.403904] ffff8881039afd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.404540] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 15.352767] ================================================================== [ 15.353727] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 15.354147] Read of size 1 at addr ffff888103aafd02 by task kunit_try_catch/267 [ 15.354546] [ 15.354729] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.354810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.354830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.354863] Call Trace: [ 15.354885] <TASK> [ 15.354912] dump_stack_lvl+0x73/0xb0 [ 15.354967] print_report+0xd1/0x650 [ 15.355006] ? __virt_addr_valid+0x1db/0x2d0 [ 15.355045] ? kasan_stack_oob+0x2b5/0x300 [ 15.355076] ? kasan_addr_to_slab+0x11/0xa0 [ 15.355142] ? kasan_stack_oob+0x2b5/0x300 [ 15.355178] kasan_report+0x141/0x180 [ 15.355214] ? kasan_stack_oob+0x2b5/0x300 [ 15.355256] __asan_report_load1_noabort+0x18/0x20 [ 15.355298] kasan_stack_oob+0x2b5/0x300 [ 15.355353] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.355387] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.355437] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.355481] kunit_try_run_case+0x1a5/0x480 [ 15.355523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.355562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.355605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.355672] ? __kthread_parkme+0x82/0x180 [ 15.355702] ? preempt_count_sub+0x50/0x80 [ 15.355738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.355774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.355815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.355851] kthread+0x337/0x6f0 [ 15.355884] ? trace_preempt_on+0x20/0xc0 [ 15.355926] ? __pfx_kthread+0x10/0x10 [ 15.355965] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.355991] ? calculate_sigpending+0x7b/0xa0 [ 15.356026] ? __pfx_kthread+0x10/0x10 [ 15.356051] ret_from_fork+0x116/0x1d0 [ 15.356069] ? __pfx_kthread+0x10/0x10 [ 15.356089] ret_from_fork_asm+0x1a/0x30 [ 15.356136] </TASK> [ 15.356149] [ 15.367007] The buggy address belongs to stack of task kunit_try_catch/267 [ 15.367913] and is located at offset 138 in frame: [ 15.368271] kasan_stack_oob+0x0/0x300 [ 15.369207] [ 15.369423] This frame has 4 objects: [ 15.369712] [48, 49) '__assertion' [ 15.369744] [64, 72) 'array' [ 15.369831] [96, 112) '__assertion' [ 15.369922] [128, 138) 'stack_array' [ 15.370019] [ 15.370138] The buggy address belongs to the physical page: [ 15.370240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 15.370376] flags: 0x200000000000000(node=0|zone=2) [ 15.370486] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 15.370612] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.371254] page dumped because: kasan: bad access detected [ 15.372062] [ 15.372281] Memory state around the buggy address: [ 15.372931] ffff888103aafc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.373323] ffff888103aafc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 15.373814] >ffff888103aafd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.374281] ^ [ 15.374566] ffff888103aafd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 15.374952] ffff888103aafe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.375467] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 15.327390] ================================================================== [ 15.328203] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 15.328830] Read of size 1 at addr ffffffffa6861e8d by task kunit_try_catch/263 [ 15.329455] [ 15.329749] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.329849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.329872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.329907] Call Trace: [ 15.329939] <TASK> [ 15.329970] dump_stack_lvl+0x73/0xb0 [ 15.330029] print_report+0xd1/0x650 [ 15.330068] ? __virt_addr_valid+0x1db/0x2d0 [ 15.330104] ? kasan_global_oob_right+0x286/0x2d0 [ 15.330144] ? kasan_addr_to_slab+0x11/0xa0 [ 15.330162] ? kasan_global_oob_right+0x286/0x2d0 [ 15.330182] kasan_report+0x141/0x180 [ 15.330202] ? kasan_global_oob_right+0x286/0x2d0 [ 15.330226] __asan_report_load1_noabort+0x18/0x20 [ 15.330246] kasan_global_oob_right+0x286/0x2d0 [ 15.330265] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 15.330286] ? __schedule+0x10cc/0x2b60 [ 15.330306] ? __pfx_read_tsc+0x10/0x10 [ 15.330326] ? ktime_get_ts64+0x86/0x230 [ 15.330348] kunit_try_run_case+0x1a5/0x480 [ 15.330370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.330389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.330410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.330430] ? __kthread_parkme+0x82/0x180 [ 15.330449] ? preempt_count_sub+0x50/0x80 [ 15.330471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.330492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.330514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.330533] kthread+0x337/0x6f0 [ 15.330550] ? trace_preempt_on+0x20/0xc0 [ 15.330572] ? __pfx_kthread+0x10/0x10 [ 15.330591] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.330609] ? calculate_sigpending+0x7b/0xa0 [ 15.330650] ? __pfx_kthread+0x10/0x10 [ 15.330671] ret_from_fork+0x116/0x1d0 [ 15.330688] ? __pfx_kthread+0x10/0x10 [ 15.330707] ret_from_fork_asm+0x1a/0x30 [ 15.330736] </TASK> [ 15.330748] [ 15.339445] The buggy address belongs to the variable: [ 15.339830] global_array+0xd/0x40 [ 15.340205] [ 15.340459] The buggy address belongs to the physical page: [ 15.340725] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25e61 [ 15.341295] flags: 0x100000000002000(reserved|node=0|zone=1) [ 15.341662] raw: 0100000000002000 ffffea0000979848 ffffea0000979848 0000000000000000 [ 15.342136] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.342544] page dumped because: kasan: bad access detected [ 15.342894] [ 15.343010] Memory state around the buggy address: [ 15.343353] ffffffffa6861d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.343626] ffffffffa6861e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.343864] >ffffffffa6861e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 15.344087] ^ [ 15.344659] ffffffffa6861f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 15.345025] ffffffffa6861f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 15.345481] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 15.296876] ================================================================== [ 15.297400] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.298106] Free of addr ffff888103ad8001 by task kunit_try_catch/261 [ 15.298471] [ 15.298656] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.298726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.298746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.298776] Call Trace: [ 15.298798] <TASK> [ 15.298824] dump_stack_lvl+0x73/0xb0 [ 15.298879] print_report+0xd1/0x650 [ 15.298921] ? __virt_addr_valid+0x1db/0x2d0 [ 15.298962] ? kasan_addr_to_slab+0x11/0xa0 [ 15.298998] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.299045] kasan_report_invalid_free+0x10a/0x130 [ 15.299083] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.299122] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.299156] __kasan_mempool_poison_object+0x102/0x1d0 [ 15.299194] mempool_free+0x2ec/0x380 [ 15.299240] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.299285] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.299331] ? __kasan_check_write+0x18/0x20 [ 15.299363] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.299399] ? finish_task_switch.isra.0+0x153/0x700 [ 15.299451] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 15.299488] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 15.299553] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.299608] ? __pfx_mempool_kfree+0x10/0x10 [ 15.299677] ? __pfx_read_tsc+0x10/0x10 [ 15.299735] ? ktime_get_ts64+0x86/0x230 [ 15.299797] kunit_try_run_case+0x1a5/0x480 [ 15.299862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.299908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.299970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.300033] ? __kthread_parkme+0x82/0x180 [ 15.300068] ? preempt_count_sub+0x50/0x80 [ 15.300111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.300142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.300164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.300185] kthread+0x337/0x6f0 [ 15.300203] ? trace_preempt_on+0x20/0xc0 [ 15.300226] ? __pfx_kthread+0x10/0x10 [ 15.300244] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.300263] ? calculate_sigpending+0x7b/0xa0 [ 15.300285] ? __pfx_kthread+0x10/0x10 [ 15.300304] ret_from_fork+0x116/0x1d0 [ 15.300321] ? __pfx_kthread+0x10/0x10 [ 15.300339] ret_from_fork_asm+0x1a/0x30 [ 15.300368] </TASK> [ 15.300380] [ 15.312473] The buggy address belongs to the physical page: [ 15.313001] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ad8 [ 15.313705] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.314255] flags: 0x200000000000040(head|node=0|zone=2) [ 15.314963] page_type: f8(unknown) [ 15.315262] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.315947] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.316605] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.317182] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.317818] head: 0200000000000002 ffffea00040eb601 00000000ffffffff 00000000ffffffff [ 15.318275] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.318875] page dumped because: kasan: bad access detected [ 15.319156] [ 15.319317] Memory state around the buggy address: [ 15.319995] ffff888103ad7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.320244] ffff888103ad7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.320867] >ffff888103ad8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.321185] ^ [ 15.321477] ffff888103ad8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.322068] ffff888103ad8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.322677] ================================================================== [ 15.258317] ================================================================== [ 15.259321] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.259946] Free of addr ffff888102abe201 by task kunit_try_catch/259 [ 15.260456] [ 15.260838] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.260933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.260953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.260986] Call Trace: [ 15.261008] <TASK> [ 15.261032] dump_stack_lvl+0x73/0xb0 [ 15.261091] print_report+0xd1/0x650 [ 15.261149] ? __virt_addr_valid+0x1db/0x2d0 [ 15.261197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.261260] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.261305] kasan_report_invalid_free+0x10a/0x130 [ 15.261358] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.261405] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.261431] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.261453] check_slab_allocation+0x11f/0x130 [ 15.261474] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.261498] mempool_free+0x2ec/0x380 [ 15.261648] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.261675] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.261701] ? __kasan_check_write+0x18/0x20 [ 15.261720] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.261740] ? finish_task_switch.isra.0+0x153/0x700 [ 15.261766] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.261788] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 15.261812] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.261832] ? __pfx_mempool_kfree+0x10/0x10 [ 15.261855] ? __pfx_read_tsc+0x10/0x10 [ 15.261875] ? ktime_get_ts64+0x86/0x230 [ 15.261899] kunit_try_run_case+0x1a5/0x480 [ 15.261933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.261954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.261977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.261998] ? __kthread_parkme+0x82/0x180 [ 15.262017] ? preempt_count_sub+0x50/0x80 [ 15.262039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262104] kthread+0x337/0x6f0 [ 15.262129] ? trace_preempt_on+0x20/0xc0 [ 15.262152] ? __pfx_kthread+0x10/0x10 [ 15.262171] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.262190] ? calculate_sigpending+0x7b/0xa0 [ 15.262213] ? __pfx_kthread+0x10/0x10 [ 15.262232] ret_from_fork+0x116/0x1d0 [ 15.262249] ? __pfx_kthread+0x10/0x10 [ 15.262268] ret_from_fork_asm+0x1a/0x30 [ 15.262305] </TASK> [ 15.262321] [ 15.278177] Allocated by task 259: [ 15.278349] kasan_save_stack+0x45/0x70 [ 15.278541] kasan_save_track+0x18/0x40 [ 15.279118] kasan_save_alloc_info+0x3b/0x50 [ 15.279338] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.279565] remove_element+0x11e/0x190 [ 15.279750] mempool_alloc_preallocated+0x4d/0x90 [ 15.279963] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 15.280824] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.281437] kunit_try_run_case+0x1a5/0x480 [ 15.282088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.282321] kthread+0x337/0x6f0 [ 15.282891] ret_from_fork+0x116/0x1d0 [ 15.283095] ret_from_fork_asm+0x1a/0x30 [ 15.283295] [ 15.283398] The buggy address belongs to the object at ffff888102abe200 [ 15.283398] which belongs to the cache kmalloc-128 of size 128 [ 15.284681] The buggy address is located 1 bytes inside of [ 15.284681] 128-byte region [ffff888102abe200, ffff888102abe280) [ 15.285463] [ 15.285884] The buggy address belongs to the physical page: [ 15.286255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abe [ 15.286721] flags: 0x200000000000000(node=0|zone=2) [ 15.286880] page_type: f5(slab) [ 15.286964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.287090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.287961] page dumped because: kasan: bad access detected [ 15.288192] [ 15.288388] Memory state around the buggy address: [ 15.288780] ffff888102abe100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.289133] ffff888102abe180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289843] >ffff888102abe200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.290216] ^ [ 15.290360] ffff888102abe280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290797] ffff888102abe300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.291230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 15.163901] ================================================================== [ 15.164325] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.165137] Free of addr ffff88810254d900 by task kunit_try_catch/253 [ 15.165814] [ 15.166025] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.166092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.166109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.166174] Call Trace: [ 15.166204] <TASK> [ 15.166236] dump_stack_lvl+0x73/0xb0 [ 15.166298] print_report+0xd1/0x650 [ 15.166338] ? __virt_addr_valid+0x1db/0x2d0 [ 15.166387] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.166428] ? mempool_double_free_helper+0x184/0x370 [ 15.166496] kasan_report_invalid_free+0x10a/0x130 [ 15.166591] ? mempool_double_free_helper+0x184/0x370 [ 15.166653] ? mempool_double_free_helper+0x184/0x370 [ 15.166696] ? mempool_double_free_helper+0x184/0x370 [ 15.166740] check_slab_allocation+0x101/0x130 [ 15.166782] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.166816] mempool_free+0x2ec/0x380 [ 15.166852] ? __wake_up+0x49/0x60 [ 15.166889] mempool_double_free_helper+0x184/0x370 [ 15.166921] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.166943] ? __kasan_check_write+0x18/0x20 [ 15.166960] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.166979] ? finish_task_switch.isra.0+0x153/0x700 [ 15.167003] mempool_kmalloc_double_free+0xed/0x140 [ 15.167023] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 15.167045] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.167065] ? __pfx_mempool_kfree+0x10/0x10 [ 15.167086] ? __pfx_read_tsc+0x10/0x10 [ 15.167110] ? ktime_get_ts64+0x86/0x230 [ 15.167138] kunit_try_run_case+0x1a5/0x480 [ 15.167160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.167201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.167221] ? __kthread_parkme+0x82/0x180 [ 15.167239] ? preempt_count_sub+0x50/0x80 [ 15.167261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.167300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.167321] kthread+0x337/0x6f0 [ 15.167338] ? trace_preempt_on+0x20/0xc0 [ 15.167360] ? __pfx_kthread+0x10/0x10 [ 15.167378] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.167396] ? calculate_sigpending+0x7b/0xa0 [ 15.167417] ? __pfx_kthread+0x10/0x10 [ 15.167437] ret_from_fork+0x116/0x1d0 [ 15.167454] ? __pfx_kthread+0x10/0x10 [ 15.167472] ret_from_fork_asm+0x1a/0x30 [ 15.167504] </TASK> [ 15.167525] [ 15.181333] Allocated by task 253: [ 15.181718] kasan_save_stack+0x45/0x70 [ 15.182058] kasan_save_track+0x18/0x40 [ 15.182342] kasan_save_alloc_info+0x3b/0x50 [ 15.182842] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.183284] remove_element+0x11e/0x190 [ 15.183998] mempool_alloc_preallocated+0x4d/0x90 [ 15.184433] mempool_double_free_helper+0x8a/0x370 [ 15.184860] mempool_kmalloc_double_free+0xed/0x140 [ 15.185341] kunit_try_run_case+0x1a5/0x480 [ 15.185792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186218] kthread+0x337/0x6f0 [ 15.186478] ret_from_fork+0x116/0x1d0 [ 15.186888] ret_from_fork_asm+0x1a/0x30 [ 15.187162] [ 15.187317] Freed by task 253: [ 15.187982] kasan_save_stack+0x45/0x70 [ 15.188239] kasan_save_track+0x18/0x40 [ 15.188686] kasan_save_free_info+0x3f/0x60 [ 15.189024] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.189362] mempool_free+0x2ec/0x380 [ 15.189702] mempool_double_free_helper+0x109/0x370 [ 15.190164] mempool_kmalloc_double_free+0xed/0x140 [ 15.190470] kunit_try_run_case+0x1a5/0x480 [ 15.190981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.191289] kthread+0x337/0x6f0 [ 15.191788] ret_from_fork+0x116/0x1d0 [ 15.192097] ret_from_fork_asm+0x1a/0x30 [ 15.192298] [ 15.192454] The buggy address belongs to the object at ffff88810254d900 [ 15.192454] which belongs to the cache kmalloc-128 of size 128 [ 15.193098] The buggy address is located 0 bytes inside of [ 15.193098] 128-byte region [ffff88810254d900, ffff88810254d980) [ 15.193767] [ 15.193973] The buggy address belongs to the physical page: [ 15.194376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 15.195182] flags: 0x200000000000000(node=0|zone=2) [ 15.195609] page_type: f5(slab) [ 15.195776] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.196288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.196695] page dumped because: kasan: bad access detected [ 15.196982] [ 15.197142] Memory state around the buggy address: [ 15.197391] ffff88810254d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.198067] ffff88810254d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198828] >ffff88810254d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.199324] ^ [ 15.199692] ffff88810254d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200129] ffff88810254da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.200725] ================================================================== [ 15.205074] ================================================================== [ 15.205509] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.206481] Free of addr ffff888102b48000 by task kunit_try_catch/255 [ 15.206904] [ 15.207146] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.207271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.207292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.207345] Call Trace: [ 15.207370] <TASK> [ 15.207401] dump_stack_lvl+0x73/0xb0 [ 15.207461] print_report+0xd1/0x650 [ 15.207500] ? __virt_addr_valid+0x1db/0x2d0 [ 15.207543] ? kasan_addr_to_slab+0x11/0xa0 [ 15.207561] ? mempool_double_free_helper+0x184/0x370 [ 15.207583] kasan_report_invalid_free+0x10a/0x130 [ 15.207607] ? mempool_double_free_helper+0x184/0x370 [ 15.207655] ? mempool_double_free_helper+0x184/0x370 [ 15.207687] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 15.207720] mempool_free+0x2ec/0x380 [ 15.207759] mempool_double_free_helper+0x184/0x370 [ 15.207793] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.207814] ? update_load_avg+0x1be/0x21b0 [ 15.207835] ? dequeue_entities+0x27e/0x1740 [ 15.207857] ? finish_task_switch.isra.0+0x153/0x700 [ 15.207880] mempool_kmalloc_large_double_free+0xed/0x140 [ 15.207901] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 15.207925] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.207945] ? __pfx_mempool_kfree+0x10/0x10 [ 15.207966] ? __pfx_read_tsc+0x10/0x10 [ 15.207985] ? ktime_get_ts64+0x86/0x230 [ 15.208007] kunit_try_run_case+0x1a5/0x480 [ 15.208028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.208069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.208088] ? __kthread_parkme+0x82/0x180 [ 15.208110] ? preempt_count_sub+0x50/0x80 [ 15.208138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.208199] kthread+0x337/0x6f0 [ 15.208216] ? trace_preempt_on+0x20/0xc0 [ 15.208237] ? __pfx_kthread+0x10/0x10 [ 15.208256] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.208274] ? calculate_sigpending+0x7b/0xa0 [ 15.208295] ? __pfx_kthread+0x10/0x10 [ 15.208315] ret_from_fork+0x116/0x1d0 [ 15.208331] ? __pfx_kthread+0x10/0x10 [ 15.208350] ret_from_fork_asm+0x1a/0x30 [ 15.208377] </TASK> [ 15.208390] [ 15.220353] The buggy address belongs to the physical page: [ 15.220819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48 [ 15.221255] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.221829] flags: 0x200000000000040(head|node=0|zone=2) [ 15.222072] page_type: f8(unknown) [ 15.222264] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.222690] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.223209] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.223858] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.224279] head: 0200000000000002 ffffea00040ad201 00000000ffffffff 00000000ffffffff [ 15.224665] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.225170] page dumped because: kasan: bad access detected [ 15.225737] [ 15.225894] Memory state around the buggy address: [ 15.226237] ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.226758] ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.227161] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.227488] ^ [ 15.227884] ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.228181] ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.228633] ================================================================== [ 15.235217] ================================================================== [ 15.235711] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.236173] Free of addr ffff888102b48000 by task kunit_try_catch/257 [ 15.236784] [ 15.236923] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.237004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.237023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.237059] Call Trace: [ 15.237084] <TASK> [ 15.237111] dump_stack_lvl+0x73/0xb0 [ 15.237162] print_report+0xd1/0x650 [ 15.237202] ? __virt_addr_valid+0x1db/0x2d0 [ 15.237245] ? kasan_addr_to_slab+0x11/0xa0 [ 15.237283] ? mempool_double_free_helper+0x184/0x370 [ 15.237325] kasan_report_invalid_free+0x10a/0x130 [ 15.237367] ? mempool_double_free_helper+0x184/0x370 [ 15.237448] ? mempool_double_free_helper+0x184/0x370 [ 15.237487] __kasan_mempool_poison_pages+0x115/0x130 [ 15.237531] mempool_free+0x290/0x380 [ 15.237581] mempool_double_free_helper+0x184/0x370 [ 15.237639] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.237693] ? finish_task_switch.isra.0+0x153/0x700 [ 15.237744] mempool_page_alloc_double_free+0xe8/0x140 [ 15.237783] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 15.237817] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.237838] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.237861] ? __pfx_read_tsc+0x10/0x10 [ 15.237880] ? ktime_get_ts64+0x86/0x230 [ 15.237903] kunit_try_run_case+0x1a5/0x480 [ 15.237939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.237993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.238013] ? __kthread_parkme+0x82/0x180 [ 15.238031] ? preempt_count_sub+0x50/0x80 [ 15.238051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.238071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.238091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.238134] kthread+0x337/0x6f0 [ 15.238153] ? trace_preempt_on+0x20/0xc0 [ 15.238175] ? __pfx_kthread+0x10/0x10 [ 15.238193] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.238212] ? calculate_sigpending+0x7b/0xa0 [ 15.238234] ? __pfx_kthread+0x10/0x10 [ 15.238253] ret_from_fork+0x116/0x1d0 [ 15.238270] ? __pfx_kthread+0x10/0x10 [ 15.238288] ret_from_fork_asm+0x1a/0x30 [ 15.238316] </TASK> [ 15.238330] [ 15.249011] The buggy address belongs to the physical page: [ 15.249458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48 [ 15.249852] flags: 0x200000000000000(node=0|zone=2) [ 15.250272] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.250547] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.250858] page dumped because: kasan: bad access detected [ 15.251279] [ 15.251419] Memory state around the buggy address: [ 15.251669] ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.252151] ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.252400] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.252639] ^ [ 15.252785] ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.253038] ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.253290] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 15.130094] ================================================================== [ 15.130526] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.131136] Read of size 1 at addr ffff888102b48000 by task kunit_try_catch/251 [ 15.131871] [ 15.132362] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.132502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.132765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.132797] Call Trace: [ 15.132812] <TASK> [ 15.132832] dump_stack_lvl+0x73/0xb0 [ 15.132869] print_report+0xd1/0x650 [ 15.132891] ? __virt_addr_valid+0x1db/0x2d0 [ 15.132912] ? mempool_uaf_helper+0x392/0x400 [ 15.132931] ? kasan_addr_to_slab+0x11/0xa0 [ 15.132950] ? mempool_uaf_helper+0x392/0x400 [ 15.132969] kasan_report+0x141/0x180 [ 15.132989] ? mempool_uaf_helper+0x392/0x400 [ 15.133013] __asan_report_load1_noabort+0x18/0x20 [ 15.133034] mempool_uaf_helper+0x392/0x400 [ 15.133055] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.133076] ? __kasan_check_write+0x18/0x20 [ 15.133094] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.133135] ? finish_task_switch.isra.0+0x153/0x700 [ 15.133160] mempool_page_alloc_uaf+0xed/0x140 [ 15.133181] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 15.133204] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.133226] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.133247] ? __pfx_read_tsc+0x10/0x10 [ 15.133265] ? ktime_get_ts64+0x86/0x230 [ 15.133288] kunit_try_run_case+0x1a5/0x480 [ 15.133310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.133329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.133351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.133371] ? __kthread_parkme+0x82/0x180 [ 15.133389] ? preempt_count_sub+0x50/0x80 [ 15.133410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.133430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.133450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.133471] kthread+0x337/0x6f0 [ 15.133487] ? trace_preempt_on+0x20/0xc0 [ 15.133535] ? __pfx_kthread+0x10/0x10 [ 15.133575] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.133608] ? calculate_sigpending+0x7b/0xa0 [ 15.133653] ? __pfx_kthread+0x10/0x10 [ 15.133674] ret_from_fork+0x116/0x1d0 [ 15.133692] ? __pfx_kthread+0x10/0x10 [ 15.133711] ret_from_fork_asm+0x1a/0x30 [ 15.133738] </TASK> [ 15.133751] [ 15.146832] The buggy address belongs to the physical page: [ 15.147037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48 [ 15.147256] flags: 0x200000000000000(node=0|zone=2) [ 15.147449] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.148902] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.149956] page dumped because: kasan: bad access detected [ 15.150598] [ 15.151014] Memory state around the buggy address: [ 15.151796] ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.152732] ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.153511] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.154837] ^ [ 15.155387] ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.156189] ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.157347] ================================================================== [ 15.054203] ================================================================== [ 15.054660] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.055185] Read of size 1 at addr ffff888102b48000 by task kunit_try_catch/247 [ 15.055415] [ 15.055543] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.055636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.055656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.055689] Call Trace: [ 15.055708] <TASK> [ 15.055731] dump_stack_lvl+0x73/0xb0 [ 15.055773] print_report+0xd1/0x650 [ 15.055801] ? __virt_addr_valid+0x1db/0x2d0 [ 15.055829] ? mempool_uaf_helper+0x392/0x400 [ 15.055855] ? kasan_addr_to_slab+0x11/0xa0 [ 15.055879] ? mempool_uaf_helper+0x392/0x400 [ 15.055904] kasan_report+0x141/0x180 [ 15.055930] ? mempool_uaf_helper+0x392/0x400 [ 15.055957] __asan_report_load1_noabort+0x18/0x20 [ 15.055978] mempool_uaf_helper+0x392/0x400 [ 15.055997] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.056020] ? finish_task_switch.isra.0+0x153/0x700 [ 15.056044] mempool_kmalloc_large_uaf+0xef/0x140 [ 15.056065] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.056089] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.056136] ? __pfx_mempool_kfree+0x10/0x10 [ 15.056185] ? __pfx_read_tsc+0x10/0x10 [ 15.056222] ? ktime_get_ts64+0x86/0x230 [ 15.056266] kunit_try_run_case+0x1a5/0x480 [ 15.056305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.056336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.056375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.056412] ? __kthread_parkme+0x82/0x180 [ 15.056449] ? preempt_count_sub+0x50/0x80 [ 15.056491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.056544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.056585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.056641] kthread+0x337/0x6f0 [ 15.056680] ? trace_preempt_on+0x20/0xc0 [ 15.056718] ? __pfx_kthread+0x10/0x10 [ 15.056747] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.056780] ? calculate_sigpending+0x7b/0xa0 [ 15.056820] ? __pfx_kthread+0x10/0x10 [ 15.056856] ret_from_fork+0x116/0x1d0 [ 15.056894] ? __pfx_kthread+0x10/0x10 [ 15.056934] ret_from_fork_asm+0x1a/0x30 [ 15.056997] </TASK> [ 15.057021] [ 15.069211] The buggy address belongs to the physical page: [ 15.069462] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48 [ 15.069757] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.070724] flags: 0x200000000000040(head|node=0|zone=2) [ 15.071154] page_type: f8(unknown) [ 15.071426] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.071924] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.072463] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.073061] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.073356] head: 0200000000000002 ffffea00040ad201 00000000ffffffff 00000000ffffffff [ 15.073991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.074843] page dumped because: kasan: bad access detected [ 15.075264] [ 15.075382] Memory state around the buggy address: [ 15.075870] ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.076340] ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.076894] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.077270] ^ [ 15.077442] ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.078055] ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.078413] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 15.014255] ================================================================== [ 15.014838] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.015148] Read of size 1 at addr ffff888102aa0e00 by task kunit_try_catch/245 [ 15.015542] [ 15.015712] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.015796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.015819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.015859] Call Trace: [ 15.015886] <TASK> [ 15.015916] dump_stack_lvl+0x73/0xb0 [ 15.015977] print_report+0xd1/0x650 [ 15.016021] ? __virt_addr_valid+0x1db/0x2d0 [ 15.016061] ? mempool_uaf_helper+0x392/0x400 [ 15.016092] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.016136] ? mempool_uaf_helper+0x392/0x400 [ 15.016178] kasan_report+0x141/0x180 [ 15.016213] ? mempool_uaf_helper+0x392/0x400 [ 15.016258] __asan_report_load1_noabort+0x18/0x20 [ 15.016301] mempool_uaf_helper+0x392/0x400 [ 15.016344] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.016389] ? __kasan_check_write+0x18/0x20 [ 15.016428] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.016471] ? finish_task_switch.isra.0+0x153/0x700 [ 15.016511] mempool_kmalloc_uaf+0xef/0x140 [ 15.016582] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 15.016647] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.016678] ? __pfx_mempool_kfree+0x10/0x10 [ 15.016701] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.016726] ? __pfx_read_tsc+0x10/0x10 [ 15.016746] ? ktime_get_ts64+0x86/0x230 [ 15.016765] ? trace_hardirqs_on+0x37/0xe0 [ 15.016789] kunit_try_run_case+0x1a5/0x480 [ 15.016813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.016833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.016857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.016878] ? __kthread_parkme+0x82/0x180 [ 15.016896] ? preempt_count_sub+0x50/0x80 [ 15.016918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.016940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.016959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.016980] kthread+0x337/0x6f0 [ 15.016998] ? trace_preempt_on+0x20/0xc0 [ 15.017018] ? __pfx_kthread+0x10/0x10 [ 15.017036] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.017055] ? calculate_sigpending+0x7b/0xa0 [ 15.017078] ? __pfx_kthread+0x10/0x10 [ 15.017097] ret_from_fork+0x116/0x1d0 [ 15.017125] ? __pfx_kthread+0x10/0x10 [ 15.017147] ret_from_fork_asm+0x1a/0x30 [ 15.017177] </TASK> [ 15.017189] [ 15.029427] Allocated by task 245: [ 15.029848] kasan_save_stack+0x45/0x70 [ 15.030203] kasan_save_track+0x18/0x40 [ 15.030453] kasan_save_alloc_info+0x3b/0x50 [ 15.030908] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.031284] remove_element+0x11e/0x190 [ 15.031732] mempool_alloc_preallocated+0x4d/0x90 [ 15.031937] mempool_uaf_helper+0x96/0x400 [ 15.032169] mempool_kmalloc_uaf+0xef/0x140 [ 15.032463] kunit_try_run_case+0x1a5/0x480 [ 15.032804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.033426] kthread+0x337/0x6f0 [ 15.033852] ret_from_fork+0x116/0x1d0 [ 15.034211] ret_from_fork_asm+0x1a/0x30 [ 15.034444] [ 15.034649] Freed by task 245: [ 15.035004] kasan_save_stack+0x45/0x70 [ 15.035335] kasan_save_track+0x18/0x40 [ 15.035642] kasan_save_free_info+0x3f/0x60 [ 15.036165] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.037213] mempool_free+0x2ec/0x380 [ 15.038025] mempool_uaf_helper+0x11a/0x400 [ 15.038602] mempool_kmalloc_uaf+0xef/0x140 [ 15.038854] kunit_try_run_case+0x1a5/0x480 [ 15.039005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039878] kthread+0x337/0x6f0 [ 15.040255] ret_from_fork+0x116/0x1d0 [ 15.040686] ret_from_fork_asm+0x1a/0x30 [ 15.041002] [ 15.041125] The buggy address belongs to the object at ffff888102aa0e00 [ 15.041125] which belongs to the cache kmalloc-128 of size 128 [ 15.041715] The buggy address is located 0 bytes inside of [ 15.041715] freed 128-byte region [ffff888102aa0e00, ffff888102aa0e80) [ 15.042244] [ 15.042981] The buggy address belongs to the physical page: [ 15.043606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 15.043958] flags: 0x200000000000000(node=0|zone=2) [ 15.044514] page_type: f5(slab) [ 15.045193] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.045365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.045492] page dumped because: kasan: bad access detected [ 15.045666] [ 15.046299] Memory state around the buggy address: [ 15.046497] ffff888102aa0d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.047185] ffff888102aa0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.047731] >ffff888102aa0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.047959] ^ [ 15.048325] ffff888102aa0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.048971] ffff888102aa0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.049667] ================================================================== [ 15.084115] ================================================================== [ 15.084543] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.085232] Read of size 1 at addr ffff888102abb240 by task kunit_try_catch/249 [ 15.085952] [ 15.086116] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.086206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.086231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.086270] Call Trace: [ 15.086297] <TASK> [ 15.086348] dump_stack_lvl+0x73/0xb0 [ 15.086660] print_report+0xd1/0x650 [ 15.086698] ? __virt_addr_valid+0x1db/0x2d0 [ 15.086723] ? mempool_uaf_helper+0x392/0x400 [ 15.086745] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.086769] ? mempool_uaf_helper+0x392/0x400 [ 15.086789] kasan_report+0x141/0x180 [ 15.086808] ? mempool_uaf_helper+0x392/0x400 [ 15.086832] __asan_report_load1_noabort+0x18/0x20 [ 15.086854] mempool_uaf_helper+0x392/0x400 [ 15.086875] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.086898] ? __pfx_sched_clock_cpu+0x10/0x10 [ 15.086920] ? finish_task_switch.isra.0+0x153/0x700 [ 15.086943] mempool_slab_uaf+0xea/0x140 [ 15.086964] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.086987] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.087011] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.087034] ? __pfx_read_tsc+0x10/0x10 [ 15.087054] ? ktime_get_ts64+0x86/0x230 [ 15.087076] kunit_try_run_case+0x1a5/0x480 [ 15.087111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.087139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.087162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.087183] ? __kthread_parkme+0x82/0x180 [ 15.087203] ? preempt_count_sub+0x50/0x80 [ 15.087224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.087246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.087267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.087288] kthread+0x337/0x6f0 [ 15.087307] ? trace_preempt_on+0x20/0xc0 [ 15.087329] ? __pfx_kthread+0x10/0x10 [ 15.087348] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.087367] ? calculate_sigpending+0x7b/0xa0 [ 15.087390] ? __pfx_kthread+0x10/0x10 [ 15.087409] ret_from_fork+0x116/0x1d0 [ 15.087427] ? __pfx_kthread+0x10/0x10 [ 15.087445] ret_from_fork_asm+0x1a/0x30 [ 15.087475] </TASK> [ 15.087488] [ 15.099985] Allocated by task 249: [ 15.100367] kasan_save_stack+0x45/0x70 [ 15.100540] kasan_save_track+0x18/0x40 [ 15.101097] kasan_save_alloc_info+0x3b/0x50 [ 15.101345] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.102004] remove_element+0x11e/0x190 [ 15.102439] mempool_alloc_preallocated+0x4d/0x90 [ 15.102653] mempool_uaf_helper+0x96/0x400 [ 15.103355] mempool_slab_uaf+0xea/0x140 [ 15.103668] kunit_try_run_case+0x1a5/0x480 [ 15.104213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104403] kthread+0x337/0x6f0 [ 15.104871] ret_from_fork+0x116/0x1d0 [ 15.105027] ret_from_fork_asm+0x1a/0x30 [ 15.105383] [ 15.105481] Freed by task 249: [ 15.106113] kasan_save_stack+0x45/0x70 [ 15.106903] kasan_save_track+0x18/0x40 [ 15.107098] kasan_save_free_info+0x3f/0x60 [ 15.107645] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.107841] mempool_free+0x2ec/0x380 [ 15.108355] mempool_uaf_helper+0x11a/0x400 [ 15.109017] mempool_slab_uaf+0xea/0x140 [ 15.109270] kunit_try_run_case+0x1a5/0x480 [ 15.109433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.110097] kthread+0x337/0x6f0 [ 15.110411] ret_from_fork+0x116/0x1d0 [ 15.110561] ret_from_fork_asm+0x1a/0x30 [ 15.111115] [ 15.111287] The buggy address belongs to the object at ffff888102abb240 [ 15.111287] which belongs to the cache test_cache of size 123 [ 15.112170] The buggy address is located 0 bytes inside of [ 15.112170] freed 123-byte region [ffff888102abb240, ffff888102abb2bb) [ 15.112935] [ 15.113291] The buggy address belongs to the physical page: [ 15.113691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abb [ 15.114308] flags: 0x200000000000000(node=0|zone=2) [ 15.114547] page_type: f5(slab) [ 15.115216] raw: 0200000000000000 ffff888102ab9000 dead000000000122 0000000000000000 [ 15.115381] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.115632] page dumped because: kasan: bad access detected [ 15.115953] [ 15.116177] Memory state around the buggy address: [ 15.116456] ffff888102abb100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.116962] ffff888102abb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.117756] >ffff888102abb200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 15.118352] ^ [ 15.118560] ffff888102abb280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.119215] ffff888102abb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.119544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.940467] ================================================================== [ 14.940968] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.941537] Read of size 1 at addr ffff888103a76001 by task kunit_try_catch/241 [ 14.942149] [ 14.942449] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.942568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.942600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.942650] Call Trace: [ 14.942674] <TASK> [ 14.942703] dump_stack_lvl+0x73/0xb0 [ 14.942756] print_report+0xd1/0x650 [ 14.942788] ? __virt_addr_valid+0x1db/0x2d0 [ 14.942823] ? mempool_oob_right_helper+0x318/0x380 [ 14.942856] ? kasan_addr_to_slab+0x11/0xa0 [ 14.942887] ? mempool_oob_right_helper+0x318/0x380 [ 14.942959] kasan_report+0x141/0x180 [ 14.942994] ? mempool_oob_right_helper+0x318/0x380 [ 14.943059] __asan_report_load1_noabort+0x18/0x20 [ 14.943101] mempool_oob_right_helper+0x318/0x380 [ 14.943170] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.943214] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.943289] ? finish_task_switch.isra.0+0x153/0x700 [ 14.943354] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.943399] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.943430] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.943454] ? __pfx_mempool_kfree+0x10/0x10 [ 14.943477] ? __pfx_read_tsc+0x10/0x10 [ 14.943497] ? ktime_get_ts64+0x86/0x230 [ 14.943854] kunit_try_run_case+0x1a5/0x480 [ 14.943936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.943972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.943997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.944023] ? __kthread_parkme+0x82/0x180 [ 14.944044] ? preempt_count_sub+0x50/0x80 [ 14.944067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.944088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.944138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.944164] kthread+0x337/0x6f0 [ 14.944184] ? trace_preempt_on+0x20/0xc0 [ 14.944205] ? __pfx_kthread+0x10/0x10 [ 14.944224] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.944243] ? calculate_sigpending+0x7b/0xa0 [ 14.944267] ? __pfx_kthread+0x10/0x10 [ 14.944287] ret_from_fork+0x116/0x1d0 [ 14.944304] ? __pfx_kthread+0x10/0x10 [ 14.944323] ret_from_fork_asm+0x1a/0x30 [ 14.944352] </TASK> [ 14.944365] [ 14.955280] The buggy address belongs to the physical page: [ 14.955839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a74 [ 14.956385] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.957239] flags: 0x200000000000040(head|node=0|zone=2) [ 14.957738] page_type: f8(unknown) [ 14.958027] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.958650] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.958931] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.959177] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.959877] head: 0200000000000002 ffffea00040e9d01 00000000ffffffff 00000000ffffffff [ 14.960413] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.961149] page dumped because: kasan: bad access detected [ 14.961402] [ 14.961749] Memory state around the buggy address: [ 14.962084] ffff888103a75f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.962465] ffff888103a75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.963032] >ffff888103a76000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.963311] ^ [ 14.963581] ffff888103a76080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.963912] ffff888103a76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.964276] ================================================================== [ 14.905358] ================================================================== [ 14.905877] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.906217] Read of size 1 at addr ffff888102aa0a73 by task kunit_try_catch/239 [ 14.906444] [ 14.906584] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.906681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.906701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.906741] Call Trace: [ 14.906762] <TASK> [ 14.906797] dump_stack_lvl+0x73/0xb0 [ 14.907738] print_report+0xd1/0x650 [ 14.907814] ? __virt_addr_valid+0x1db/0x2d0 [ 14.907844] ? mempool_oob_right_helper+0x318/0x380 [ 14.907867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.907892] ? mempool_oob_right_helper+0x318/0x380 [ 14.907914] kasan_report+0x141/0x180 [ 14.907934] ? mempool_oob_right_helper+0x318/0x380 [ 14.907961] __asan_report_load1_noabort+0x18/0x20 [ 14.907983] mempool_oob_right_helper+0x318/0x380 [ 14.908005] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.908034] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.908056] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.908079] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.908107] ? __pfx_mempool_kfree+0x10/0x10 [ 14.908153] ? __pfx_read_tsc+0x10/0x10 [ 14.908175] ? ktime_get_ts64+0x86/0x230 [ 14.908200] kunit_try_run_case+0x1a5/0x480 [ 14.908226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.908246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.908272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.908293] ? __kthread_parkme+0x82/0x180 [ 14.908315] ? preempt_count_sub+0x50/0x80 [ 14.908338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.908360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.908381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.908402] kthread+0x337/0x6f0 [ 14.908419] ? trace_preempt_on+0x20/0xc0 [ 14.908442] ? __pfx_kthread+0x10/0x10 [ 14.908461] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.908481] ? calculate_sigpending+0x7b/0xa0 [ 14.908508] ? __pfx_kthread+0x10/0x10 [ 14.908540] ret_from_fork+0x116/0x1d0 [ 14.908567] ? __pfx_kthread+0x10/0x10 [ 14.908597] ret_from_fork_asm+0x1a/0x30 [ 14.908658] </TASK> [ 14.908677] [ 14.919543] Allocated by task 239: [ 14.919928] kasan_save_stack+0x45/0x70 [ 14.920306] kasan_save_track+0x18/0x40 [ 14.920659] kasan_save_alloc_info+0x3b/0x50 [ 14.921038] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.921524] remove_element+0x11e/0x190 [ 14.921947] mempool_alloc_preallocated+0x4d/0x90 [ 14.922434] mempool_oob_right_helper+0x8a/0x380 [ 14.922999] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.923436] kunit_try_run_case+0x1a5/0x480 [ 14.923864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.924301] kthread+0x337/0x6f0 [ 14.924585] ret_from_fork+0x116/0x1d0 [ 14.924935] ret_from_fork_asm+0x1a/0x30 [ 14.925421] [ 14.925835] The buggy address belongs to the object at ffff888102aa0a00 [ 14.925835] which belongs to the cache kmalloc-128 of size 128 [ 14.926942] The buggy address is located 0 bytes to the right of [ 14.926942] allocated 115-byte region [ffff888102aa0a00, ffff888102aa0a73) [ 14.927659] [ 14.927999] The buggy address belongs to the physical page: [ 14.928410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 14.928726] flags: 0x200000000000000(node=0|zone=2) [ 14.929310] page_type: f5(slab) [ 14.929472] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.930305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.930642] page dumped because: kasan: bad access detected [ 14.931035] [ 14.931195] Memory state around the buggy address: [ 14.931473] ffff888102aa0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.931862] ffff888102aa0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932372] >ffff888102aa0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.933197] ^ [ 14.933765] ffff888102aa0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934225] ffff888102aa0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.934632] ================================================================== [ 14.970964] ================================================================== [ 14.971602] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.972477] Read of size 1 at addr ffff8881025722bb by task kunit_try_catch/243 [ 14.973001] [ 14.973190] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.973282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.973302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.973337] Call Trace: [ 14.973364] <TASK> [ 14.973392] dump_stack_lvl+0x73/0xb0 [ 14.973450] print_report+0xd1/0x650 [ 14.973488] ? __virt_addr_valid+0x1db/0x2d0 [ 14.973565] ? mempool_oob_right_helper+0x318/0x380 [ 14.973604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.973655] ? mempool_oob_right_helper+0x318/0x380 [ 14.973686] kasan_report+0x141/0x180 [ 14.973720] ? mempool_oob_right_helper+0x318/0x380 [ 14.973749] __asan_report_load1_noabort+0x18/0x20 [ 14.973770] mempool_oob_right_helper+0x318/0x380 [ 14.973793] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.973820] mempool_slab_oob_right+0xed/0x140 [ 14.973841] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.973865] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.973888] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.973910] ? __pfx_read_tsc+0x10/0x10 [ 14.973942] ? ktime_get_ts64+0x86/0x230 [ 14.973966] kunit_try_run_case+0x1a5/0x480 [ 14.973990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.974009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.974031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.974050] ? __kthread_parkme+0x82/0x180 [ 14.974070] ? preempt_count_sub+0x50/0x80 [ 14.974093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.974132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.974153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.974173] kthread+0x337/0x6f0 [ 14.974192] ? trace_preempt_on+0x20/0xc0 [ 14.974213] ? __pfx_kthread+0x10/0x10 [ 14.974232] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.974250] ? calculate_sigpending+0x7b/0xa0 [ 14.974273] ? __pfx_kthread+0x10/0x10 [ 14.974292] ret_from_fork+0x116/0x1d0 [ 14.974309] ? __pfx_kthread+0x10/0x10 [ 14.974328] ret_from_fork_asm+0x1a/0x30 [ 14.974356] </TASK> [ 14.974368] [ 14.987643] Allocated by task 243: [ 14.987898] kasan_save_stack+0x45/0x70 [ 14.988278] kasan_save_track+0x18/0x40 [ 14.988813] kasan_save_alloc_info+0x3b/0x50 [ 14.989052] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.990184] remove_element+0x11e/0x190 [ 14.990409] mempool_alloc_preallocated+0x4d/0x90 [ 14.990652] mempool_oob_right_helper+0x8a/0x380 [ 14.991374] mempool_slab_oob_right+0xed/0x140 [ 14.991704] kunit_try_run_case+0x1a5/0x480 [ 14.991883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992535] kthread+0x337/0x6f0 [ 14.992887] ret_from_fork+0x116/0x1d0 [ 14.993095] ret_from_fork_asm+0x1a/0x30 [ 14.993449] [ 14.993759] The buggy address belongs to the object at ffff888102572240 [ 14.993759] which belongs to the cache test_cache of size 123 [ 14.994290] The buggy address is located 0 bytes to the right of [ 14.994290] allocated 123-byte region [ffff888102572240, ffff8881025722bb) [ 14.995097] [ 14.995328] The buggy address belongs to the physical page: [ 14.995866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102572 [ 14.996431] flags: 0x200000000000000(node=0|zone=2) [ 14.996833] page_type: f5(slab) [ 14.996990] raw: 0200000000000000 ffff888102568280 dead000000000122 0000000000000000 [ 14.997493] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.998027] page dumped because: kasan: bad access detected [ 14.998441] [ 14.998787] Memory state around the buggy address: [ 14.998975] ffff888102572180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.999676] ffff888102572200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 15.000151] >ffff888102572280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 15.000544] ^ [ 15.001072] ffff888102572300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001410] ffff888102572380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001962] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 14.313042] ================================================================== [ 14.313354] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 14.313987] Read of size 1 at addr ffff888102568000 by task kunit_try_catch/233 [ 14.315012] [ 14.315281] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.315371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.315393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.315426] Call Trace: [ 14.315442] <TASK> [ 14.315465] dump_stack_lvl+0x73/0xb0 [ 14.315514] print_report+0xd1/0x650 [ 14.315538] ? __virt_addr_valid+0x1db/0x2d0 [ 14.315565] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.315599] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.315825] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.315873] kasan_report+0x141/0x180 [ 14.315896] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.315919] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.315940] __kasan_check_byte+0x3d/0x50 [ 14.315958] kmem_cache_destroy+0x25/0x1d0 [ 14.315980] kmem_cache_double_destroy+0x1bf/0x380 [ 14.316001] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 14.316020] ? finish_task_switch.isra.0+0x153/0x700 [ 14.316041] ? __switch_to+0x47/0xf50 [ 14.316067] ? __pfx_read_tsc+0x10/0x10 [ 14.316086] ? ktime_get_ts64+0x86/0x230 [ 14.316108] kunit_try_run_case+0x1a5/0x480 [ 14.316152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.316171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.316452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.316475] ? __kthread_parkme+0x82/0x180 [ 14.316496] ? preempt_count_sub+0x50/0x80 [ 14.316538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.316568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.316646] kthread+0x337/0x6f0 [ 14.316676] ? trace_preempt_on+0x20/0xc0 [ 14.316714] ? __pfx_kthread+0x10/0x10 [ 14.316742] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.316773] ? calculate_sigpending+0x7b/0xa0 [ 14.316806] ? __pfx_kthread+0x10/0x10 [ 14.316834] ret_from_fork+0x116/0x1d0 [ 14.316852] ? __pfx_kthread+0x10/0x10 [ 14.316871] ret_from_fork_asm+0x1a/0x30 [ 14.316899] </TASK> [ 14.316914] [ 14.328398] Allocated by task 233: [ 14.329073] kasan_save_stack+0x45/0x70 [ 14.329405] kasan_save_track+0x18/0x40 [ 14.329565] kasan_save_alloc_info+0x3b/0x50 [ 14.330076] __kasan_slab_alloc+0x91/0xa0 [ 14.330392] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.330768] __kmem_cache_create_args+0x169/0x240 [ 14.331173] kmem_cache_double_destroy+0xd5/0x380 [ 14.331731] kunit_try_run_case+0x1a5/0x480 [ 14.331976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332283] kthread+0x337/0x6f0 [ 14.332544] ret_from_fork+0x116/0x1d0 [ 14.333299] ret_from_fork_asm+0x1a/0x30 [ 14.333597] [ 14.333969] Freed by task 233: [ 14.334236] kasan_save_stack+0x45/0x70 [ 14.334446] kasan_save_track+0x18/0x40 [ 14.334905] kasan_save_free_info+0x3f/0x60 [ 14.335177] __kasan_slab_free+0x56/0x70 [ 14.335466] kmem_cache_free+0x249/0x420 [ 14.335878] slab_kmem_cache_release+0x2e/0x40 [ 14.336252] kmem_cache_release+0x16/0x20 [ 14.336954] kobject_put+0x181/0x450 [ 14.337266] sysfs_slab_release+0x16/0x20 [ 14.337472] kmem_cache_destroy+0xf0/0x1d0 [ 14.337957] kmem_cache_double_destroy+0x14e/0x380 [ 14.338341] kunit_try_run_case+0x1a5/0x480 [ 14.338799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.339020] kthread+0x337/0x6f0 [ 14.339338] ret_from_fork+0x116/0x1d0 [ 14.339799] ret_from_fork_asm+0x1a/0x30 [ 14.339996] [ 14.340095] The buggy address belongs to the object at ffff888102568000 [ 14.340095] which belongs to the cache kmem_cache of size 208 [ 14.341157] The buggy address is located 0 bytes inside of [ 14.341157] freed 208-byte region [ffff888102568000, ffff8881025680d0) [ 14.342039] [ 14.342284] The buggy address belongs to the physical page: [ 14.342824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 14.343257] flags: 0x200000000000000(node=0|zone=2) [ 14.343486] page_type: f5(slab) [ 14.343866] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 14.344405] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 14.344781] page dumped because: kasan: bad access detected [ 14.344984] [ 14.345132] Memory state around the buggy address: [ 14.345579] ffff888102567f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 14.346581] ffff888102567f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.346989] >ffff888102568000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.347713] ^ [ 14.347900] ffff888102568080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 14.348208] ffff888102568100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.348478] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 14.245921] ================================================================== [ 14.246326] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.247099] Read of size 1 at addr ffff888102ab6000 by task kunit_try_catch/231 [ 14.247426] [ 14.248013] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.248099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.248129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.248163] Call Trace: [ 14.248186] <TASK> [ 14.248214] dump_stack_lvl+0x73/0xb0 [ 14.248272] print_report+0xd1/0x650 [ 14.248310] ? __virt_addr_valid+0x1db/0x2d0 [ 14.248346] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.248379] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.248413] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.248448] kasan_report+0x141/0x180 [ 14.248481] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.248525] __asan_report_load1_noabort+0x18/0x20 [ 14.248564] kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.248674] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 14.248722] ? finish_task_switch.isra.0+0x153/0x700 [ 14.248756] ? __switch_to+0x47/0xf50 [ 14.248800] ? __pfx_read_tsc+0x10/0x10 [ 14.248830] ? ktime_get_ts64+0x86/0x230 [ 14.248865] kunit_try_run_case+0x1a5/0x480 [ 14.248902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.248933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.248969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.248994] ? __kthread_parkme+0x82/0x180 [ 14.249013] ? preempt_count_sub+0x50/0x80 [ 14.249034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.249055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.249076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.249098] kthread+0x337/0x6f0 [ 14.249121] ? trace_preempt_on+0x20/0xc0 [ 14.249149] ? __pfx_kthread+0x10/0x10 [ 14.249168] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.249186] ? calculate_sigpending+0x7b/0xa0 [ 14.249209] ? __pfx_kthread+0x10/0x10 [ 14.249228] ret_from_fork+0x116/0x1d0 [ 14.249245] ? __pfx_kthread+0x10/0x10 [ 14.249263] ret_from_fork_asm+0x1a/0x30 [ 14.249292] </TASK> [ 14.249304] [ 14.259688] Allocated by task 231: [ 14.259885] kasan_save_stack+0x45/0x70 [ 14.260063] kasan_save_track+0x18/0x40 [ 14.260226] kasan_save_alloc_info+0x3b/0x50 [ 14.260404] __kasan_slab_alloc+0x91/0xa0 [ 14.260571] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.260911] kmem_cache_rcu_uaf+0x155/0x510 [ 14.261222] kunit_try_run_case+0x1a5/0x480 [ 14.261568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262169] kthread+0x337/0x6f0 [ 14.262396] ret_from_fork+0x116/0x1d0 [ 14.262718] ret_from_fork_asm+0x1a/0x30 [ 14.263030] [ 14.263194] Freed by task 0: [ 14.263489] kasan_save_stack+0x45/0x70 [ 14.264279] kasan_save_track+0x18/0x40 [ 14.265289] kasan_save_free_info+0x3f/0x60 [ 14.265458] __kasan_slab_free+0x56/0x70 [ 14.265817] slab_free_after_rcu_debug+0xe4/0x310 [ 14.266275] rcu_core+0x66f/0x1c40 [ 14.266692] rcu_core_si+0x12/0x20 [ 14.266966] handle_softirqs+0x209/0x730 [ 14.267188] __irq_exit_rcu+0xc9/0x110 [ 14.267375] irq_exit_rcu+0x12/0x20 [ 14.267817] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.268470] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.268846] [ 14.269004] Last potentially related work creation: [ 14.269355] kasan_save_stack+0x45/0x70 [ 14.269825] kasan_record_aux_stack+0xb2/0xc0 [ 14.270113] kmem_cache_free+0x131/0x420 [ 14.270311] kmem_cache_rcu_uaf+0x194/0x510 [ 14.270503] kunit_try_run_case+0x1a5/0x480 [ 14.270687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.270865] kthread+0x337/0x6f0 [ 14.271062] ret_from_fork+0x116/0x1d0 [ 14.271347] ret_from_fork_asm+0x1a/0x30 [ 14.271987] [ 14.272221] The buggy address belongs to the object at ffff888102ab6000 [ 14.272221] which belongs to the cache test_cache of size 200 [ 14.273135] The buggy address is located 0 bytes inside of [ 14.273135] freed 200-byte region [ffff888102ab6000, ffff888102ab60c8) [ 14.273798] [ 14.273997] The buggy address belongs to the physical page: [ 14.274233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab6 [ 14.274964] flags: 0x200000000000000(node=0|zone=2) [ 14.275319] page_type: f5(slab) [ 14.275698] raw: 0200000000000000 ffff888100a55c80 dead000000000122 0000000000000000 [ 14.276068] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.276847] page dumped because: kasan: bad access detected [ 14.277124] [ 14.277291] Memory state around the buggy address: [ 14.277456] ffff888102ab5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278094] ffff888102ab5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278478] >ffff888102ab6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.278961] ^ [ 14.279269] ffff888102ab6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.279604] ffff888102ab6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.280246] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 14.181402] ================================================================== [ 14.181856] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 14.182540] Free of addr ffff888102568001 by task kunit_try_catch/229 [ 14.182849] [ 14.183014] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.183126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.183152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.183187] Call Trace: [ 14.183214] <TASK> [ 14.183247] dump_stack_lvl+0x73/0xb0 [ 14.183309] print_report+0xd1/0x650 [ 14.183345] ? __virt_addr_valid+0x1db/0x2d0 [ 14.183420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.183479] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.183524] kasan_report_invalid_free+0x10a/0x130 [ 14.183568] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.183609] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.183650] check_slab_allocation+0x11f/0x130 [ 14.183670] __kasan_slab_pre_free+0x28/0x40 [ 14.183688] kmem_cache_free+0xed/0x420 [ 14.183705] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.183723] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.183746] kmem_cache_invalid_free+0x1d8/0x460 [ 14.183767] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 14.183786] ? finish_task_switch.isra.0+0x153/0x700 [ 14.183807] ? __switch_to+0x47/0xf50 [ 14.183833] ? __pfx_read_tsc+0x10/0x10 [ 14.183851] ? ktime_get_ts64+0x86/0x230 [ 14.183873] kunit_try_run_case+0x1a5/0x480 [ 14.183895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.183914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.183935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.183954] ? __kthread_parkme+0x82/0x180 [ 14.183972] ? preempt_count_sub+0x50/0x80 [ 14.183993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.184013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.184032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.184053] kthread+0x337/0x6f0 [ 14.184069] ? trace_preempt_on+0x20/0xc0 [ 14.184091] ? __pfx_kthread+0x10/0x10 [ 14.184133] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.184152] ? calculate_sigpending+0x7b/0xa0 [ 14.184173] ? __pfx_kthread+0x10/0x10 [ 14.184192] ret_from_fork+0x116/0x1d0 [ 14.184209] ? __pfx_kthread+0x10/0x10 [ 14.184226] ret_from_fork_asm+0x1a/0x30 [ 14.184253] </TASK> [ 14.184266] [ 14.195336] Allocated by task 229: [ 14.195654] kasan_save_stack+0x45/0x70 [ 14.195921] kasan_save_track+0x18/0x40 [ 14.196238] kasan_save_alloc_info+0x3b/0x50 [ 14.196552] __kasan_slab_alloc+0x91/0xa0 [ 14.196879] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.197144] kmem_cache_invalid_free+0x157/0x460 [ 14.197477] kunit_try_run_case+0x1a5/0x480 [ 14.197768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.198175] kthread+0x337/0x6f0 [ 14.198457] ret_from_fork+0x116/0x1d0 [ 14.198711] ret_from_fork_asm+0x1a/0x30 [ 14.199050] [ 14.199246] The buggy address belongs to the object at ffff888102568000 [ 14.199246] which belongs to the cache test_cache of size 200 [ 14.199820] The buggy address is located 1 bytes inside of [ 14.199820] 200-byte region [ffff888102568000, ffff8881025680c8) [ 14.200528] [ 14.200657] The buggy address belongs to the physical page: [ 14.201018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 14.201408] flags: 0x200000000000000(node=0|zone=2) [ 14.201639] page_type: f5(slab) [ 14.201792] raw: 0200000000000000 ffff888101f27dc0 dead000000000122 0000000000000000 [ 14.202043] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.202317] page dumped because: kasan: bad access detected [ 14.202773] [ 14.202932] Memory state around the buggy address: [ 14.203326] ffff888102567f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.203875] ffff888102567f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.204230] >ffff888102568000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.204463] ^ [ 14.204609] ffff888102568080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.205206] ffff888102568100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205720] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 14.139094] ================================================================== [ 14.139542] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.140000] Free of addr ffff888102567000 by task kunit_try_catch/227 [ 14.140381] [ 14.140574] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.140670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.140692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.140749] Call Trace: [ 14.140775] <TASK> [ 14.140806] dump_stack_lvl+0x73/0xb0 [ 14.140969] print_report+0xd1/0x650 [ 14.141013] ? __virt_addr_valid+0x1db/0x2d0 [ 14.141056] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.141119] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141160] kasan_report_invalid_free+0x10a/0x130 [ 14.141202] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141242] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141282] check_slab_allocation+0x101/0x130 [ 14.141317] __kasan_slab_pre_free+0x28/0x40 [ 14.141368] kmem_cache_free+0xed/0x420 [ 14.141405] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.141442] ? kmem_cache_double_free+0x1e5/0x480 [ 14.141486] kmem_cache_double_free+0x1e5/0x480 [ 14.141519] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.141549] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.141572] ? kmem_cache_double_free+0x29/0x480 [ 14.141594] kunit_try_run_case+0x1a5/0x480 [ 14.141635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.141667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.141707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.141744] ? __kthread_parkme+0x82/0x180 [ 14.141917] ? preempt_count_sub+0x50/0x80 [ 14.141963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.142001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.142040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.142079] kthread+0x337/0x6f0 [ 14.142113] ? trace_preempt_on+0x20/0xc0 [ 14.142157] ? __pfx_kthread+0x10/0x10 [ 14.142189] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.142208] ? calculate_sigpending+0x7b/0xa0 [ 14.142231] ? __pfx_kthread+0x10/0x10 [ 14.142249] ret_from_fork+0x116/0x1d0 [ 14.142266] ? __pfx_kthread+0x10/0x10 [ 14.142314] ret_from_fork_asm+0x1a/0x30 [ 14.142343] </TASK> [ 14.142355] [ 14.154066] Allocated by task 227: [ 14.154343] kasan_save_stack+0x45/0x70 [ 14.154614] kasan_save_track+0x18/0x40 [ 14.154796] kasan_save_alloc_info+0x3b/0x50 [ 14.155109] __kasan_slab_alloc+0x91/0xa0 [ 14.155312] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.155872] kmem_cache_double_free+0x14f/0x480 [ 14.156239] kunit_try_run_case+0x1a5/0x480 [ 14.156476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156818] kthread+0x337/0x6f0 [ 14.156972] ret_from_fork+0x116/0x1d0 [ 14.157149] ret_from_fork_asm+0x1a/0x30 [ 14.157434] [ 14.157856] Freed by task 227: [ 14.158140] kasan_save_stack+0x45/0x70 [ 14.158701] kasan_save_track+0x18/0x40 [ 14.159040] kasan_save_free_info+0x3f/0x60 [ 14.159441] __kasan_slab_free+0x56/0x70 [ 14.160237] kmem_cache_free+0x249/0x420 [ 14.160717] kmem_cache_double_free+0x16a/0x480 [ 14.161086] kunit_try_run_case+0x1a5/0x480 [ 14.161536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162146] kthread+0x337/0x6f0 [ 14.162331] ret_from_fork+0x116/0x1d0 [ 14.162772] ret_from_fork_asm+0x1a/0x30 [ 14.162991] [ 14.163158] The buggy address belongs to the object at ffff888102567000 [ 14.163158] which belongs to the cache test_cache of size 200 [ 14.164236] The buggy address is located 0 bytes inside of [ 14.164236] 200-byte region [ffff888102567000, ffff8881025670c8) [ 14.164975] [ 14.165724] The buggy address belongs to the physical page: [ 14.166071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102567 [ 14.166291] flags: 0x200000000000000(node=0|zone=2) [ 14.166397] page_type: f5(slab) [ 14.166478] raw: 0200000000000000 ffff888101f27c80 dead000000000122 0000000000000000 [ 14.167037] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.167449] page dumped because: kasan: bad access detected [ 14.167765] [ 14.167886] Memory state around the buggy address: [ 14.168146] ffff888102566f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168539] ffff888102566f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168796] >ffff888102567000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.169022] ^ [ 14.169263] ffff888102567080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.169883] ffff888102567100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.170380] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 14.089207] ================================================================== [ 14.089457] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 14.090032] Read of size 1 at addr ffff888102ab20c8 by task kunit_try_catch/225 [ 14.090387] [ 14.090567] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.090660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.090682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.090721] Call Trace: [ 14.090746] <TASK> [ 14.090774] dump_stack_lvl+0x73/0xb0 [ 14.090830] print_report+0xd1/0x650 [ 14.090864] ? __virt_addr_valid+0x1db/0x2d0 [ 14.090902] ? kmem_cache_oob+0x402/0x530 [ 14.090941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.090986] ? kmem_cache_oob+0x402/0x530 [ 14.091024] kasan_report+0x141/0x180 [ 14.091061] ? kmem_cache_oob+0x402/0x530 [ 14.091110] __asan_report_load1_noabort+0x18/0x20 [ 14.091148] kmem_cache_oob+0x402/0x530 [ 14.091182] ? trace_hardirqs_on+0x37/0xe0 [ 14.091225] ? __pfx_kmem_cache_oob+0x10/0x10 [ 14.091266] ? finish_task_switch.isra.0+0x153/0x700 [ 14.091304] ? __switch_to+0x47/0xf50 [ 14.091354] ? __pfx_read_tsc+0x10/0x10 [ 14.091386] ? ktime_get_ts64+0x86/0x230 [ 14.091427] kunit_try_run_case+0x1a5/0x480 [ 14.091467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.091538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.091575] ? __kthread_parkme+0x82/0x180 [ 14.091608] ? preempt_count_sub+0x50/0x80 [ 14.091805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.091925] kthread+0x337/0x6f0 [ 14.091946] ? trace_preempt_on+0x20/0xc0 [ 14.091968] ? __pfx_kthread+0x10/0x10 [ 14.091986] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.092006] ? calculate_sigpending+0x7b/0xa0 [ 14.092028] ? __pfx_kthread+0x10/0x10 [ 14.092047] ret_from_fork+0x116/0x1d0 [ 14.092063] ? __pfx_kthread+0x10/0x10 [ 14.092081] ret_from_fork_asm+0x1a/0x30 [ 14.092130] </TASK> [ 14.092146] [ 14.102451] Allocated by task 225: [ 14.102769] kasan_save_stack+0x45/0x70 [ 14.103083] kasan_save_track+0x18/0x40 [ 14.103342] kasan_save_alloc_info+0x3b/0x50 [ 14.103644] __kasan_slab_alloc+0x91/0xa0 [ 14.103828] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.104147] kmem_cache_oob+0x157/0x530 [ 14.104461] kunit_try_run_case+0x1a5/0x480 [ 14.104903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.105265] kthread+0x337/0x6f0 [ 14.105461] ret_from_fork+0x116/0x1d0 [ 14.105857] ret_from_fork_asm+0x1a/0x30 [ 14.106084] [ 14.106268] The buggy address belongs to the object at ffff888102ab2000 [ 14.106268] which belongs to the cache test_cache of size 200 [ 14.106843] The buggy address is located 0 bytes to the right of [ 14.106843] allocated 200-byte region [ffff888102ab2000, ffff888102ab20c8) [ 14.108686] [ 14.109165] The buggy address belongs to the physical page: [ 14.110082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab2 [ 14.111702] flags: 0x200000000000000(node=0|zone=2) [ 14.111961] page_type: f5(slab) [ 14.112098] raw: 0200000000000000 ffff888100a55b40 dead000000000122 0000000000000000 [ 14.113852] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.115306] page dumped because: kasan: bad access detected [ 14.116448] [ 14.116728] Memory state around the buggy address: [ 14.116911] ffff888102ab1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.117138] ffff888102ab2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.117359] >ffff888102ab2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.117566] ^ [ 14.117762] ffff888102ab2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.118005] ffff888102ab2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.118201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 14.041274] ================================================================== [ 14.041953] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 14.042720] Read of size 8 at addr ffff888102aaa840 by task kunit_try_catch/218 [ 14.042975] [ 14.043162] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.043239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.043260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.043297] Call Trace: [ 14.043320] <TASK> [ 14.043347] dump_stack_lvl+0x73/0xb0 [ 14.043457] print_report+0xd1/0x650 [ 14.043498] ? __virt_addr_valid+0x1db/0x2d0 [ 14.043539] ? workqueue_uaf+0x4d6/0x560 [ 14.043571] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.043605] ? workqueue_uaf+0x4d6/0x560 [ 14.043651] kasan_report+0x141/0x180 [ 14.043682] ? workqueue_uaf+0x4d6/0x560 [ 14.043721] __asan_report_load8_noabort+0x18/0x20 [ 14.043759] workqueue_uaf+0x4d6/0x560 [ 14.043795] ? __pfx_workqueue_uaf+0x10/0x10 [ 14.043828] ? __schedule+0x10cc/0x2b60 [ 14.043877] ? __pfx_read_tsc+0x10/0x10 [ 14.043927] ? ktime_get_ts64+0x86/0x230 [ 14.043976] kunit_try_run_case+0x1a5/0x480 [ 14.044017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.044068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.044139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.044181] ? __kthread_parkme+0x82/0x180 [ 14.044213] ? preempt_count_sub+0x50/0x80 [ 14.044255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.044294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.044341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.044396] kthread+0x337/0x6f0 [ 14.044432] ? trace_preempt_on+0x20/0xc0 [ 14.044476] ? __pfx_kthread+0x10/0x10 [ 14.044536] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.044574] ? calculate_sigpending+0x7b/0xa0 [ 14.044631] ? __pfx_kthread+0x10/0x10 [ 14.044664] ret_from_fork+0x116/0x1d0 [ 14.044692] ? __pfx_kthread+0x10/0x10 [ 14.044721] ret_from_fork_asm+0x1a/0x30 [ 14.044775] </TASK> [ 14.044798] [ 14.054864] Allocated by task 218: [ 14.055047] kasan_save_stack+0x45/0x70 [ 14.055397] kasan_save_track+0x18/0x40 [ 14.055826] kasan_save_alloc_info+0x3b/0x50 [ 14.056171] __kasan_kmalloc+0xb7/0xc0 [ 14.056471] __kmalloc_cache_noprof+0x189/0x420 [ 14.056920] workqueue_uaf+0x152/0x560 [ 14.057216] kunit_try_run_case+0x1a5/0x480 [ 14.057447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.058246] kthread+0x337/0x6f0 [ 14.058713] ret_from_fork+0x116/0x1d0 [ 14.059023] ret_from_fork_asm+0x1a/0x30 [ 14.059262] [ 14.059373] Freed by task 9: [ 14.059638] kasan_save_stack+0x45/0x70 [ 14.059989] kasan_save_track+0x18/0x40 [ 14.060316] kasan_save_free_info+0x3f/0x60 [ 14.060766] __kasan_slab_free+0x56/0x70 [ 14.061078] kfree+0x222/0x3f0 [ 14.061332] workqueue_uaf_work+0x12/0x20 [ 14.061715] process_one_work+0x5ee/0xf60 [ 14.062077] worker_thread+0x758/0x1220 [ 14.062360] kthread+0x337/0x6f0 [ 14.063135] ret_from_fork+0x116/0x1d0 [ 14.063373] ret_from_fork_asm+0x1a/0x30 [ 14.063853] [ 14.063959] Last potentially related work creation: [ 14.064299] kasan_save_stack+0x45/0x70 [ 14.064667] kasan_record_aux_stack+0xb2/0xc0 [ 14.065020] __queue_work+0x626/0xeb0 [ 14.065280] queue_work_on+0xb6/0xc0 [ 14.065710] workqueue_uaf+0x26d/0x560 [ 14.066026] kunit_try_run_case+0x1a5/0x480 [ 14.066266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.066795] kthread+0x337/0x6f0 [ 14.067090] ret_from_fork+0x116/0x1d0 [ 14.067298] ret_from_fork_asm+0x1a/0x30 [ 14.067816] [ 14.068015] The buggy address belongs to the object at ffff888102aaa840 [ 14.068015] which belongs to the cache kmalloc-32 of size 32 [ 14.068993] The buggy address is located 0 bytes inside of [ 14.068993] freed 32-byte region [ffff888102aaa840, ffff888102aaa860) [ 14.069860] [ 14.070003] The buggy address belongs to the physical page: [ 14.070188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aaa [ 14.070933] flags: 0x200000000000000(node=0|zone=2) [ 14.071233] page_type: f5(slab) [ 14.071596] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.071934] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.072447] page dumped because: kasan: bad access detected [ 14.073236] [ 14.073420] Memory state around the buggy address: [ 14.073773] ffff888102aaa700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.074292] ffff888102aaa780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.074661] >ffff888102aaa800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.075155] ^ [ 14.075375] ffff888102aaa880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.075994] ffff888102aaa900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.076419] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.990684] ================================================================== [ 13.991254] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.991709] Read of size 4 at addr ffff888102aaa780 by task swapper/0/0 [ 13.992026] [ 13.992219] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.992294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.992315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.992349] Call Trace: [ 13.992398] <IRQ> [ 13.992428] dump_stack_lvl+0x73/0xb0 [ 13.992486] print_report+0xd1/0x650 [ 13.992523] ? __virt_addr_valid+0x1db/0x2d0 [ 13.992562] ? rcu_uaf_reclaim+0x50/0x60 [ 13.992595] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.992649] ? rcu_uaf_reclaim+0x50/0x60 [ 13.992681] kasan_report+0x141/0x180 [ 13.992717] ? rcu_uaf_reclaim+0x50/0x60 [ 13.992757] __asan_report_load4_noabort+0x18/0x20 [ 13.992798] rcu_uaf_reclaim+0x50/0x60 [ 13.992834] rcu_core+0x66f/0x1c40 [ 13.992886] ? __pfx_rcu_core+0x10/0x10 [ 13.992920] ? ktime_get+0x6b/0x150 [ 13.992956] ? handle_softirqs+0x18e/0x730 [ 13.992998] rcu_core_si+0x12/0x20 [ 13.993031] handle_softirqs+0x209/0x730 [ 13.993066] ? hrtimer_interrupt+0x2fe/0x780 [ 13.993144] ? __pfx_handle_softirqs+0x10/0x10 [ 13.993184] __irq_exit_rcu+0xc9/0x110 [ 13.993215] irq_exit_rcu+0x12/0x20 [ 13.993250] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.993291] </IRQ> [ 13.993348] <TASK> [ 13.993371] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.993529] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.993867] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 ba 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.993967] RSP: 0000:ffffffffa5407dd8 EFLAGS: 00010216 [ 13.994064] RAX: ffff8881b4874000 RBX: ffffffffa541cac0 RCX: ffffffffa42700e5 [ 13.994116] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000006a1c [ 13.994162] RBP: ffffffffa5407de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.994203] R10: ffff88815b030c53 R11: 000000000001d000 R12: 0000000000000000 [ 13.994244] R13: fffffbfff4a83958 R14: ffffffffa5fb0e90 R15: 0000000000000000 [ 13.994304] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.994362] ? default_idle+0xd/0x20 [ 13.994385] arch_cpu_idle+0xd/0x20 [ 13.994406] default_idle_call+0x48/0x80 [ 13.994426] do_idle+0x379/0x4f0 [ 13.994449] ? __pfx_do_idle+0x10/0x10 [ 13.994475] cpu_startup_entry+0x5c/0x70 [ 13.994496] rest_init+0x11a/0x140 [ 13.994581] ? acpi_subsystem_init+0x5d/0x150 [ 13.994606] start_kernel+0x330/0x410 [ 13.994648] x86_64_start_reservations+0x1c/0x30 [ 13.994671] x86_64_start_kernel+0x10d/0x120 [ 13.994692] common_startup_64+0x13e/0x148 [ 13.994723] </TASK> [ 13.994735] [ 14.010363] Allocated by task 216: [ 14.010849] kasan_save_stack+0x45/0x70 [ 14.011206] kasan_save_track+0x18/0x40 [ 14.011629] kasan_save_alloc_info+0x3b/0x50 [ 14.011899] __kasan_kmalloc+0xb7/0xc0 [ 14.012240] __kmalloc_cache_noprof+0x189/0x420 [ 14.012551] rcu_uaf+0xb0/0x330 [ 14.013060] kunit_try_run_case+0x1a5/0x480 [ 14.013432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013835] kthread+0x337/0x6f0 [ 14.014180] ret_from_fork+0x116/0x1d0 [ 14.014573] ret_from_fork_asm+0x1a/0x30 [ 14.015010] [ 14.015244] Freed by task 0: [ 14.015462] kasan_save_stack+0x45/0x70 [ 14.015779] kasan_save_track+0x18/0x40 [ 14.016156] kasan_save_free_info+0x3f/0x60 [ 14.016578] __kasan_slab_free+0x56/0x70 [ 14.017016] kfree+0x222/0x3f0 [ 14.017327] rcu_uaf_reclaim+0x1f/0x60 [ 14.017935] rcu_core+0x66f/0x1c40 [ 14.018155] rcu_core_si+0x12/0x20 [ 14.018455] handle_softirqs+0x209/0x730 [ 14.018715] __irq_exit_rcu+0xc9/0x110 [ 14.019094] irq_exit_rcu+0x12/0x20 [ 14.019301] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.019875] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.020089] [ 14.020331] Last potentially related work creation: [ 14.020694] kasan_save_stack+0x45/0x70 [ 14.020986] kasan_record_aux_stack+0xb2/0xc0 [ 14.021305] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 14.021807] call_rcu+0x12/0x20 [ 14.022070] rcu_uaf+0x168/0x330 [ 14.022398] kunit_try_run_case+0x1a5/0x480 [ 14.022892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.023284] kthread+0x337/0x6f0 [ 14.023496] ret_from_fork+0x116/0x1d0 [ 14.023922] ret_from_fork_asm+0x1a/0x30 [ 14.024280] [ 14.024466] The buggy address belongs to the object at ffff888102aaa780 [ 14.024466] which belongs to the cache kmalloc-32 of size 32 [ 14.025103] The buggy address is located 0 bytes inside of [ 14.025103] freed 32-byte region [ffff888102aaa780, ffff888102aaa7a0) [ 14.025827] [ 14.026146] The buggy address belongs to the physical page: [ 14.026647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aaa [ 14.026983] flags: 0x200000000000000(node=0|zone=2) [ 14.027390] page_type: f5(slab) [ 14.027874] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.028172] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.028680] page dumped because: kasan: bad access detected [ 14.029050] [ 14.029172] Memory state around the buggy address: [ 14.029369] ffff888102aaa680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.029791] ffff888102aaa700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.030119] >ffff888102aaa780: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030457] ^ [ 14.030909] ffff888102aaa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.031268] ffff888102aaa880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.031833] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.944934] ================================================================== [ 13.945730] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.946267] Read of size 1 at addr ffff88810254d678 by task kunit_try_catch/214 [ 13.947189] [ 13.947374] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.947672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.947707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.947741] Call Trace: [ 13.947767] <TASK> [ 13.947795] dump_stack_lvl+0x73/0xb0 [ 13.947851] print_report+0xd1/0x650 [ 13.947893] ? __virt_addr_valid+0x1db/0x2d0 [ 13.947934] ? ksize_uaf+0x5e4/0x6c0 [ 13.947971] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.948014] ? ksize_uaf+0x5e4/0x6c0 [ 13.948044] kasan_report+0x141/0x180 [ 13.948080] ? ksize_uaf+0x5e4/0x6c0 [ 13.948174] __asan_report_load1_noabort+0x18/0x20 [ 13.948215] ksize_uaf+0x5e4/0x6c0 [ 13.948251] ? __pfx_ksize_uaf+0x10/0x10 [ 13.948290] ? __schedule+0x10cc/0x2b60 [ 13.948325] ? __pfx_read_tsc+0x10/0x10 [ 13.948351] ? ktime_get_ts64+0x86/0x230 [ 13.948375] kunit_try_run_case+0x1a5/0x480 [ 13.948396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.948415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.948435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.948454] ? __kthread_parkme+0x82/0x180 [ 13.948472] ? preempt_count_sub+0x50/0x80 [ 13.948492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.948553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.948593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.948639] kthread+0x337/0x6f0 [ 13.948664] ? trace_preempt_on+0x20/0xc0 [ 13.948686] ? __pfx_kthread+0x10/0x10 [ 13.948704] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.948722] ? calculate_sigpending+0x7b/0xa0 [ 13.948743] ? __pfx_kthread+0x10/0x10 [ 13.948762] ret_from_fork+0x116/0x1d0 [ 13.948778] ? __pfx_kthread+0x10/0x10 [ 13.948795] ret_from_fork_asm+0x1a/0x30 [ 13.948823] </TASK> [ 13.948834] [ 13.960401] Allocated by task 214: [ 13.960755] kasan_save_stack+0x45/0x70 [ 13.961033] kasan_save_track+0x18/0x40 [ 13.961275] kasan_save_alloc_info+0x3b/0x50 [ 13.961782] __kasan_kmalloc+0xb7/0xc0 [ 13.962149] __kmalloc_cache_noprof+0x189/0x420 [ 13.962472] ksize_uaf+0xaa/0x6c0 [ 13.963235] kunit_try_run_case+0x1a5/0x480 [ 13.963775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.964009] kthread+0x337/0x6f0 [ 13.964224] ret_from_fork+0x116/0x1d0 [ 13.964654] ret_from_fork_asm+0x1a/0x30 [ 13.964999] [ 13.965188] Freed by task 214: [ 13.965432] kasan_save_stack+0x45/0x70 [ 13.965900] kasan_save_track+0x18/0x40 [ 13.966233] kasan_save_free_info+0x3f/0x60 [ 13.966397] __kasan_slab_free+0x56/0x70 [ 13.967081] kfree+0x222/0x3f0 [ 13.967281] ksize_uaf+0x12c/0x6c0 [ 13.967529] kunit_try_run_case+0x1a5/0x480 [ 13.967851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.968131] kthread+0x337/0x6f0 [ 13.968283] ret_from_fork+0x116/0x1d0 [ 13.968443] ret_from_fork_asm+0x1a/0x30 [ 13.968738] [ 13.968898] The buggy address belongs to the object at ffff88810254d600 [ 13.968898] which belongs to the cache kmalloc-128 of size 128 [ 13.969370] The buggy address is located 120 bytes inside of [ 13.969370] freed 128-byte region [ffff88810254d600, ffff88810254d680) [ 13.970215] [ 13.970391] The buggy address belongs to the physical page: [ 13.971192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.971760] flags: 0x200000000000000(node=0|zone=2) [ 13.972038] page_type: f5(slab) [ 13.972314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.972899] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.973346] page dumped because: kasan: bad access detected [ 13.973843] [ 13.973999] Memory state around the buggy address: [ 13.974235] ffff88810254d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.975073] ffff88810254d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.975643] >ffff88810254d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.976096] ^ [ 13.976412] ffff88810254d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.976986] ffff88810254d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.977403] ================================================================== [ 13.912468] ================================================================== [ 13.913026] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.913464] Read of size 1 at addr ffff88810254d600 by task kunit_try_catch/214 [ 13.913763] [ 13.913955] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.914037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.914058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.914093] Call Trace: [ 13.914117] <TASK> [ 13.914145] dump_stack_lvl+0x73/0xb0 [ 13.914197] print_report+0xd1/0x650 [ 13.914232] ? __virt_addr_valid+0x1db/0x2d0 [ 13.914270] ? ksize_uaf+0x5fe/0x6c0 [ 13.914302] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.914343] ? ksize_uaf+0x5fe/0x6c0 [ 13.914377] kasan_report+0x141/0x180 [ 13.914410] ? ksize_uaf+0x5fe/0x6c0 [ 13.914452] __asan_report_load1_noabort+0x18/0x20 [ 13.914492] ksize_uaf+0x5fe/0x6c0 [ 13.914526] ? __pfx_ksize_uaf+0x10/0x10 [ 13.914547] ? __schedule+0x10cc/0x2b60 [ 13.914578] ? __pfx_read_tsc+0x10/0x10 [ 13.914608] ? ktime_get_ts64+0x86/0x230 [ 13.915093] kunit_try_run_case+0x1a5/0x480 [ 13.915141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.915162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.915183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.915203] ? __kthread_parkme+0x82/0x180 [ 13.915220] ? preempt_count_sub+0x50/0x80 [ 13.915241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.915260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.915280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.915299] kthread+0x337/0x6f0 [ 13.915316] ? trace_preempt_on+0x20/0xc0 [ 13.915336] ? __pfx_kthread+0x10/0x10 [ 13.915354] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.915371] ? calculate_sigpending+0x7b/0xa0 [ 13.915391] ? __pfx_kthread+0x10/0x10 [ 13.915410] ret_from_fork+0x116/0x1d0 [ 13.915426] ? __pfx_kthread+0x10/0x10 [ 13.915443] ret_from_fork_asm+0x1a/0x30 [ 13.915470] </TASK> [ 13.915482] [ 13.927256] Allocated by task 214: [ 13.927425] kasan_save_stack+0x45/0x70 [ 13.927652] kasan_save_track+0x18/0x40 [ 13.927938] kasan_save_alloc_info+0x3b/0x50 [ 13.928240] __kasan_kmalloc+0xb7/0xc0 [ 13.928507] __kmalloc_cache_noprof+0x189/0x420 [ 13.928855] ksize_uaf+0xaa/0x6c0 [ 13.929110] kunit_try_run_case+0x1a5/0x480 [ 13.929410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930417] kthread+0x337/0x6f0 [ 13.930855] ret_from_fork+0x116/0x1d0 [ 13.931077] ret_from_fork_asm+0x1a/0x30 [ 13.931283] [ 13.931446] Freed by task 214: [ 13.931872] kasan_save_stack+0x45/0x70 [ 13.932228] kasan_save_track+0x18/0x40 [ 13.932703] kasan_save_free_info+0x3f/0x60 [ 13.933005] __kasan_slab_free+0x56/0x70 [ 13.933253] kfree+0x222/0x3f0 [ 13.933448] ksize_uaf+0x12c/0x6c0 [ 13.934200] kunit_try_run_case+0x1a5/0x480 [ 13.934650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.935082] kthread+0x337/0x6f0 [ 13.935388] ret_from_fork+0x116/0x1d0 [ 13.935795] ret_from_fork_asm+0x1a/0x30 [ 13.936135] [ 13.936317] The buggy address belongs to the object at ffff88810254d600 [ 13.936317] which belongs to the cache kmalloc-128 of size 128 [ 13.937078] The buggy address is located 0 bytes inside of [ 13.937078] freed 128-byte region [ffff88810254d600, ffff88810254d680) [ 13.937541] [ 13.937656] The buggy address belongs to the physical page: [ 13.937879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.939188] flags: 0x200000000000000(node=0|zone=2) [ 13.939382] page_type: f5(slab) [ 13.939894] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.940128] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.940752] page dumped because: kasan: bad access detected [ 13.940990] [ 13.941095] Memory state around the buggy address: [ 13.941398] ffff88810254d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.941677] ffff88810254d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.942148] >ffff88810254d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.942434] ^ [ 13.942758] ffff88810254d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.943061] ffff88810254d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.943899] ================================================================== [ 13.878014] ================================================================== [ 13.878853] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.879189] Read of size 1 at addr ffff88810254d600 by task kunit_try_catch/214 [ 13.879665] [ 13.879859] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.879941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.879960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.879996] Call Trace: [ 13.880020] <TASK> [ 13.880045] dump_stack_lvl+0x73/0xb0 [ 13.880100] print_report+0xd1/0x650 [ 13.880136] ? __virt_addr_valid+0x1db/0x2d0 [ 13.880176] ? ksize_uaf+0x19d/0x6c0 [ 13.880210] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.880253] ? ksize_uaf+0x19d/0x6c0 [ 13.880290] kasan_report+0x141/0x180 [ 13.880325] ? ksize_uaf+0x19d/0x6c0 [ 13.880383] ? ksize_uaf+0x19d/0x6c0 [ 13.880420] __kasan_check_byte+0x3d/0x50 [ 13.880456] ksize+0x20/0x60 [ 13.880492] ksize_uaf+0x19d/0x6c0 [ 13.880525] ? __pfx_ksize_uaf+0x10/0x10 [ 13.880560] ? __schedule+0x10cc/0x2b60 [ 13.880601] ? __pfx_read_tsc+0x10/0x10 [ 13.880652] ? ktime_get_ts64+0x86/0x230 [ 13.880699] kunit_try_run_case+0x1a5/0x480 [ 13.880743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.880781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.880822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.880861] ? __kthread_parkme+0x82/0x180 [ 13.880896] ? preempt_count_sub+0x50/0x80 [ 13.880937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.880977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.881017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.881056] kthread+0x337/0x6f0 [ 13.881083] ? trace_preempt_on+0x20/0xc0 [ 13.881116] ? __pfx_kthread+0x10/0x10 [ 13.881143] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.881170] ? calculate_sigpending+0x7b/0xa0 [ 13.881204] ? __pfx_kthread+0x10/0x10 [ 13.881231] ret_from_fork+0x116/0x1d0 [ 13.881256] ? __pfx_kthread+0x10/0x10 [ 13.881286] ret_from_fork_asm+0x1a/0x30 [ 13.881342] </TASK> [ 13.881362] [ 13.893432] Allocated by task 214: [ 13.893666] kasan_save_stack+0x45/0x70 [ 13.893993] kasan_save_track+0x18/0x40 [ 13.894301] kasan_save_alloc_info+0x3b/0x50 [ 13.894601] __kasan_kmalloc+0xb7/0xc0 [ 13.895208] __kmalloc_cache_noprof+0x189/0x420 [ 13.895710] ksize_uaf+0xaa/0x6c0 [ 13.895912] kunit_try_run_case+0x1a5/0x480 [ 13.896243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.896878] kthread+0x337/0x6f0 [ 13.897201] ret_from_fork+0x116/0x1d0 [ 13.897640] ret_from_fork_asm+0x1a/0x30 [ 13.897882] [ 13.898059] Freed by task 214: [ 13.898334] kasan_save_stack+0x45/0x70 [ 13.899200] kasan_save_track+0x18/0x40 [ 13.899365] kasan_save_free_info+0x3f/0x60 [ 13.899803] __kasan_slab_free+0x56/0x70 [ 13.900084] kfree+0x222/0x3f0 [ 13.900373] ksize_uaf+0x12c/0x6c0 [ 13.900859] kunit_try_run_case+0x1a5/0x480 [ 13.901156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.901717] kthread+0x337/0x6f0 [ 13.901979] ret_from_fork+0x116/0x1d0 [ 13.902303] ret_from_fork_asm+0x1a/0x30 [ 13.902461] [ 13.903031] The buggy address belongs to the object at ffff88810254d600 [ 13.903031] which belongs to the cache kmalloc-128 of size 128 [ 13.903830] The buggy address is located 0 bytes inside of [ 13.903830] freed 128-byte region [ffff88810254d600, ffff88810254d680) [ 13.904451] [ 13.904881] The buggy address belongs to the physical page: [ 13.905277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.905815] flags: 0x200000000000000(node=0|zone=2) [ 13.906043] page_type: f5(slab) [ 13.906359] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.906772] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.907475] page dumped because: kasan: bad access detected [ 13.907951] [ 13.908064] Memory state around the buggy address: [ 13.908342] ffff88810254d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.909008] ffff88810254d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.909435] >ffff88810254d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.909895] ^ [ 13.910218] ffff88810254d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.910472] ffff88810254d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.911338] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.817760] ================================================================== [ 13.818184] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.818600] Read of size 1 at addr ffff888102aa0778 by task kunit_try_catch/212 [ 13.819145] [ 13.819322] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.819402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.819423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.819456] Call Trace: [ 13.819481] <TASK> [ 13.819506] dump_stack_lvl+0x73/0xb0 [ 13.819748] print_report+0xd1/0x650 [ 13.819790] ? __virt_addr_valid+0x1db/0x2d0 [ 13.819827] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.819868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.819926] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.819976] kasan_report+0x141/0x180 [ 13.820015] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.820062] __asan_report_load1_noabort+0x18/0x20 [ 13.820103] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.820138] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.820176] ? finish_task_switch.isra.0+0x153/0x700 [ 13.820216] ? __switch_to+0x47/0xf50 [ 13.820264] ? __schedule+0x10cc/0x2b60 [ 13.820305] ? __pfx_read_tsc+0x10/0x10 [ 13.820342] ? ktime_get_ts64+0x86/0x230 [ 13.820379] kunit_try_run_case+0x1a5/0x480 [ 13.820419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.820455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.820514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.820552] ? __kthread_parkme+0x82/0x180 [ 13.820586] ? preempt_count_sub+0x50/0x80 [ 13.821180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.821241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.821265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.821286] kthread+0x337/0x6f0 [ 13.821306] ? trace_preempt_on+0x20/0xc0 [ 13.821328] ? __pfx_kthread+0x10/0x10 [ 13.821347] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.821366] ? calculate_sigpending+0x7b/0xa0 [ 13.821387] ? __pfx_kthread+0x10/0x10 [ 13.821407] ret_from_fork+0x116/0x1d0 [ 13.821423] ? __pfx_kthread+0x10/0x10 [ 13.821441] ret_from_fork_asm+0x1a/0x30 [ 13.821468] </TASK> [ 13.821480] [ 13.831870] Allocated by task 212: [ 13.832160] kasan_save_stack+0x45/0x70 [ 13.832502] kasan_save_track+0x18/0x40 [ 13.833493] kasan_save_alloc_info+0x3b/0x50 [ 13.833759] __kasan_kmalloc+0xb7/0xc0 [ 13.833935] __kmalloc_cache_noprof+0x189/0x420 [ 13.834140] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.834337] kunit_try_run_case+0x1a5/0x480 [ 13.834520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.834715] kthread+0x337/0x6f0 [ 13.835777] ret_from_fork+0x116/0x1d0 [ 13.836129] ret_from_fork_asm+0x1a/0x30 [ 13.836457] [ 13.836773] The buggy address belongs to the object at ffff888102aa0700 [ 13.836773] which belongs to the cache kmalloc-128 of size 128 [ 13.837489] The buggy address is located 5 bytes to the right of [ 13.837489] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.838444] [ 13.839099] The buggy address belongs to the physical page: [ 13.839494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.840142] flags: 0x200000000000000(node=0|zone=2) [ 13.840436] page_type: f5(slab) [ 13.840892] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.841289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.841845] page dumped because: kasan: bad access detected [ 13.842232] [ 13.842322] Memory state around the buggy address: [ 13.842475] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.843403] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843999] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.844237] ^ [ 13.844447] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.844801] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845004] ================================================================== [ 13.789180] ================================================================== [ 13.789588] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.790436] Read of size 1 at addr ffff888102aa0773 by task kunit_try_catch/212 [ 13.790922] [ 13.791151] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.791239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.791261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.791297] Call Trace: [ 13.791320] <TASK> [ 13.791348] dump_stack_lvl+0x73/0xb0 [ 13.791405] print_report+0xd1/0x650 [ 13.791441] ? __virt_addr_valid+0x1db/0x2d0 [ 13.791481] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.791589] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791640] kasan_report+0x141/0x180 [ 13.791680] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791728] __asan_report_load1_noabort+0x18/0x20 [ 13.791764] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.791805] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.791838] ? finish_task_switch.isra.0+0x153/0x700 [ 13.791880] ? __switch_to+0x47/0xf50 [ 13.791933] ? __schedule+0x10cc/0x2b60 [ 13.791971] ? __pfx_read_tsc+0x10/0x10 [ 13.792003] ? ktime_get_ts64+0x86/0x230 [ 13.792029] kunit_try_run_case+0x1a5/0x480 [ 13.792052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.792072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.792094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.792137] ? __kthread_parkme+0x82/0x180 [ 13.792164] ? preempt_count_sub+0x50/0x80 [ 13.792194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.792225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.792258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.792289] kthread+0x337/0x6f0 [ 13.792311] ? trace_preempt_on+0x20/0xc0 [ 13.792333] ? __pfx_kthread+0x10/0x10 [ 13.792353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.792371] ? calculate_sigpending+0x7b/0xa0 [ 13.792394] ? __pfx_kthread+0x10/0x10 [ 13.792414] ret_from_fork+0x116/0x1d0 [ 13.792430] ? __pfx_kthread+0x10/0x10 [ 13.792448] ret_from_fork_asm+0x1a/0x30 [ 13.792477] </TASK> [ 13.792489] [ 13.803936] Allocated by task 212: [ 13.804227] kasan_save_stack+0x45/0x70 [ 13.804438] kasan_save_track+0x18/0x40 [ 13.804974] kasan_save_alloc_info+0x3b/0x50 [ 13.805354] __kasan_kmalloc+0xb7/0xc0 [ 13.805784] __kmalloc_cache_noprof+0x189/0x420 [ 13.806132] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.806437] kunit_try_run_case+0x1a5/0x480 [ 13.806709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807052] kthread+0x337/0x6f0 [ 13.807319] ret_from_fork+0x116/0x1d0 [ 13.807510] ret_from_fork_asm+0x1a/0x30 [ 13.807990] [ 13.808185] The buggy address belongs to the object at ffff888102aa0700 [ 13.808185] which belongs to the cache kmalloc-128 of size 128 [ 13.808955] The buggy address is located 0 bytes to the right of [ 13.808955] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.809861] [ 13.810042] The buggy address belongs to the physical page: [ 13.810344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.810937] flags: 0x200000000000000(node=0|zone=2) [ 13.811337] page_type: f5(slab) [ 13.811758] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.812220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.812885] page dumped because: kasan: bad access detected [ 13.813281] [ 13.813409] Memory state around the buggy address: [ 13.813899] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.814279] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814859] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.815320] ^ [ 13.815825] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816204] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816582] ================================================================== [ 13.845816] ================================================================== [ 13.846124] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.846377] Read of size 1 at addr ffff888102aa077f by task kunit_try_catch/212 [ 13.846597] [ 13.847099] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.847203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.847224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.847294] Call Trace: [ 13.847320] <TASK> [ 13.847372] dump_stack_lvl+0x73/0xb0 [ 13.847423] print_report+0xd1/0x650 [ 13.847462] ? __virt_addr_valid+0x1db/0x2d0 [ 13.847935] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.848086] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848151] kasan_report+0x141/0x180 [ 13.848186] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848224] __asan_report_load1_noabort+0x18/0x20 [ 13.848256] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.848291] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.848321] ? finish_task_switch.isra.0+0x153/0x700 [ 13.848354] ? __switch_to+0x47/0xf50 [ 13.848388] ? __schedule+0x10cc/0x2b60 [ 13.848418] ? __pfx_read_tsc+0x10/0x10 [ 13.848444] ? ktime_get_ts64+0x86/0x230 [ 13.848479] kunit_try_run_case+0x1a5/0x480 [ 13.848513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.848544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.848576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.848608] ? __kthread_parkme+0x82/0x180 [ 13.849422] ? preempt_count_sub+0x50/0x80 [ 13.849477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.849521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.849559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.849592] kthread+0x337/0x6f0 [ 13.850327] ? trace_preempt_on+0x20/0xc0 [ 13.850393] ? __pfx_kthread+0x10/0x10 [ 13.850427] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.850461] ? calculate_sigpending+0x7b/0xa0 [ 13.850497] ? __pfx_kthread+0x10/0x10 [ 13.850530] ret_from_fork+0x116/0x1d0 [ 13.850558] ? __pfx_kthread+0x10/0x10 [ 13.850587] ret_from_fork_asm+0x1a/0x30 [ 13.850652] </TASK> [ 13.850671] [ 13.862190] Allocated by task 212: [ 13.862394] kasan_save_stack+0x45/0x70 [ 13.862607] kasan_save_track+0x18/0x40 [ 13.862850] kasan_save_alloc_info+0x3b/0x50 [ 13.863146] __kasan_kmalloc+0xb7/0xc0 [ 13.863311] __kmalloc_cache_noprof+0x189/0x420 [ 13.863497] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.863845] kunit_try_run_case+0x1a5/0x480 [ 13.864146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.864514] kthread+0x337/0x6f0 [ 13.864774] ret_from_fork+0x116/0x1d0 [ 13.865041] ret_from_fork_asm+0x1a/0x30 [ 13.865334] [ 13.865468] The buggy address belongs to the object at ffff888102aa0700 [ 13.865468] which belongs to the cache kmalloc-128 of size 128 [ 13.866018] The buggy address is located 12 bytes to the right of [ 13.866018] allocated 115-byte region [ffff888102aa0700, ffff888102aa0773) [ 13.866611] [ 13.866740] The buggy address belongs to the physical page: [ 13.866993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.867421] flags: 0x200000000000000(node=0|zone=2) [ 13.867665] page_type: f5(slab) [ 13.867902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.868215] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.868454] page dumped because: kasan: bad access detected [ 13.868653] [ 13.868803] Memory state around the buggy address: [ 13.869152] ffff888102aa0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.869636] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.870121] >ffff888102aa0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.870554] ^ [ 13.870797] ffff888102aa0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.871216] ffff888102aa0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.871665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.749523] ================================================================== [ 13.750735] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.751174] Free of addr ffff8881024eb420 by task kunit_try_catch/210 [ 13.751748] [ 13.752367] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.752464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.752482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.752514] Call Trace: [ 13.752533] <TASK> [ 13.752558] dump_stack_lvl+0x73/0xb0 [ 13.752604] print_report+0xd1/0x650 [ 13.752651] ? __virt_addr_valid+0x1db/0x2d0 [ 13.752683] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.752715] ? kfree_sensitive+0x2e/0x90 [ 13.752746] kasan_report_invalid_free+0x10a/0x130 [ 13.752780] ? kfree_sensitive+0x2e/0x90 [ 13.752809] ? kfree_sensitive+0x2e/0x90 [ 13.752837] check_slab_allocation+0x101/0x130 [ 13.752869] __kasan_slab_pre_free+0x28/0x40 [ 13.752898] kfree+0xf0/0x3f0 [ 13.752931] ? kfree_sensitive+0x2e/0x90 [ 13.752965] kfree_sensitive+0x2e/0x90 [ 13.752993] kmalloc_double_kzfree+0x19c/0x350 [ 13.753018] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.753039] ? __schedule+0x10cc/0x2b60 [ 13.753058] ? __pfx_read_tsc+0x10/0x10 [ 13.753076] ? ktime_get_ts64+0x86/0x230 [ 13.753097] kunit_try_run_case+0x1a5/0x480 [ 13.753297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.753347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.753391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.753432] ? __kthread_parkme+0x82/0x180 [ 13.753479] ? preempt_count_sub+0x50/0x80 [ 13.753548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.753588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.753643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.753684] kthread+0x337/0x6f0 [ 13.753721] ? trace_preempt_on+0x20/0xc0 [ 13.753765] ? __pfx_kthread+0x10/0x10 [ 13.753802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.753834] ? calculate_sigpending+0x7b/0xa0 [ 13.753865] ? __pfx_kthread+0x10/0x10 [ 13.753894] ret_from_fork+0x116/0x1d0 [ 13.753927] ? __pfx_kthread+0x10/0x10 [ 13.753957] ret_from_fork_asm+0x1a/0x30 [ 13.753995] </TASK> [ 13.754007] [ 13.765407] Allocated by task 210: [ 13.765893] kasan_save_stack+0x45/0x70 [ 13.766261] kasan_save_track+0x18/0x40 [ 13.766656] kasan_save_alloc_info+0x3b/0x50 [ 13.766915] __kasan_kmalloc+0xb7/0xc0 [ 13.767081] __kmalloc_cache_noprof+0x189/0x420 [ 13.767290] kmalloc_double_kzfree+0xa9/0x350 [ 13.767467] kunit_try_run_case+0x1a5/0x480 [ 13.768238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768814] kthread+0x337/0x6f0 [ 13.769097] ret_from_fork+0x116/0x1d0 [ 13.769412] ret_from_fork_asm+0x1a/0x30 [ 13.769964] [ 13.770160] Freed by task 210: [ 13.770443] kasan_save_stack+0x45/0x70 [ 13.770779] kasan_save_track+0x18/0x40 [ 13.771236] kasan_save_free_info+0x3f/0x60 [ 13.771948] __kasan_slab_free+0x56/0x70 [ 13.772305] kfree+0x222/0x3f0 [ 13.772511] kfree_sensitive+0x67/0x90 [ 13.773024] kmalloc_double_kzfree+0x12b/0x350 [ 13.773308] kunit_try_run_case+0x1a5/0x480 [ 13.773841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.774134] kthread+0x337/0x6f0 [ 13.774353] ret_from_fork+0x116/0x1d0 [ 13.774794] ret_from_fork_asm+0x1a/0x30 [ 13.775137] [ 13.775321] The buggy address belongs to the object at ffff8881024eb420 [ 13.775321] which belongs to the cache kmalloc-16 of size 16 [ 13.776340] The buggy address is located 0 bytes inside of [ 13.776340] 16-byte region [ffff8881024eb420, ffff8881024eb430) [ 13.777295] [ 13.777472] The buggy address belongs to the physical page: [ 13.777998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 13.778481] flags: 0x200000000000000(node=0|zone=2) [ 13.779037] page_type: f5(slab) [ 13.779249] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.780051] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.780316] page dumped because: kasan: bad access detected [ 13.780723] [ 13.781030] Memory state around the buggy address: [ 13.781341] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.781882] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.782397] >ffff8881024eb400: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.782964] ^ [ 13.783249] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.783979] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.784306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.715080] ================================================================== [ 13.715647] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.716502] Read of size 1 at addr ffff8881024eb420 by task kunit_try_catch/210 [ 13.717367] [ 13.717563] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.717658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.717678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.717708] Call Trace: [ 13.717730] <TASK> [ 13.717755] dump_stack_lvl+0x73/0xb0 [ 13.717807] print_report+0xd1/0x650 [ 13.717836] ? __virt_addr_valid+0x1db/0x2d0 [ 13.717869] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.717899] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.717942] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.717974] kasan_report+0x141/0x180 [ 13.718006] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.718041] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.718070] __kasan_check_byte+0x3d/0x50 [ 13.718099] kfree_sensitive+0x22/0x90 [ 13.718131] kmalloc_double_kzfree+0x19c/0x350 [ 13.718160] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.718197] ? __schedule+0x10cc/0x2b60 [ 13.718233] ? __pfx_read_tsc+0x10/0x10 [ 13.718268] ? ktime_get_ts64+0x86/0x230 [ 13.718306] kunit_try_run_case+0x1a5/0x480 [ 13.718335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.718375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.718394] ? __kthread_parkme+0x82/0x180 [ 13.718413] ? preempt_count_sub+0x50/0x80 [ 13.718434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.718454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.718493] kthread+0x337/0x6f0 [ 13.718539] ? trace_preempt_on+0x20/0xc0 [ 13.718583] ? __pfx_kthread+0x10/0x10 [ 13.718613] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.718654] ? calculate_sigpending+0x7b/0xa0 [ 13.718677] ? __pfx_kthread+0x10/0x10 [ 13.718696] ret_from_fork+0x116/0x1d0 [ 13.718713] ? __pfx_kthread+0x10/0x10 [ 13.718730] ret_from_fork_asm+0x1a/0x30 [ 13.718759] </TASK> [ 13.718771] [ 13.731777] Allocated by task 210: [ 13.731935] kasan_save_stack+0x45/0x70 [ 13.732270] kasan_save_track+0x18/0x40 [ 13.732502] kasan_save_alloc_info+0x3b/0x50 [ 13.732879] __kasan_kmalloc+0xb7/0xc0 [ 13.733159] __kmalloc_cache_noprof+0x189/0x420 [ 13.733361] kmalloc_double_kzfree+0xa9/0x350 [ 13.733551] kunit_try_run_case+0x1a5/0x480 [ 13.733850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.734150] kthread+0x337/0x6f0 [ 13.734303] ret_from_fork+0x116/0x1d0 [ 13.734491] ret_from_fork_asm+0x1a/0x30 [ 13.734807] [ 13.734969] Freed by task 210: [ 13.735222] kasan_save_stack+0x45/0x70 [ 13.735724] kasan_save_track+0x18/0x40 [ 13.736044] kasan_save_free_info+0x3f/0x60 [ 13.737134] __kasan_slab_free+0x56/0x70 [ 13.737382] kfree+0x222/0x3f0 [ 13.737668] kfree_sensitive+0x67/0x90 [ 13.737885] kmalloc_double_kzfree+0x12b/0x350 [ 13.738264] kunit_try_run_case+0x1a5/0x480 [ 13.738457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738908] kthread+0x337/0x6f0 [ 13.739169] ret_from_fork+0x116/0x1d0 [ 13.739356] ret_from_fork_asm+0x1a/0x30 [ 13.739675] [ 13.739811] The buggy address belongs to the object at ffff8881024eb420 [ 13.739811] which belongs to the cache kmalloc-16 of size 16 [ 13.740799] The buggy address is located 0 bytes inside of [ 13.740799] freed 16-byte region [ffff8881024eb420, ffff8881024eb430) [ 13.741661] [ 13.741832] The buggy address belongs to the physical page: [ 13.742008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024eb [ 13.742779] flags: 0x200000000000000(node=0|zone=2) [ 13.743053] page_type: f5(slab) [ 13.743358] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.744076] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.744665] page dumped because: kasan: bad access detected [ 13.745072] [ 13.745265] Memory state around the buggy address: [ 13.745695] ffff8881024eb300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.746209] ffff8881024eb380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.746699] >ffff8881024eb400: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.746917] ^ [ 13.747210] ffff8881024eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.748190] ffff8881024eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.748765] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.674376] ================================================================== [ 13.675126] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.675601] Read of size 1 at addr ffff888102aad228 by task kunit_try_catch/206 [ 13.675891] [ 13.676073] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.676149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.676169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.676204] Call Trace: [ 13.676231] <TASK> [ 13.676260] dump_stack_lvl+0x73/0xb0 [ 13.676313] print_report+0xd1/0x650 [ 13.676351] ? __virt_addr_valid+0x1db/0x2d0 [ 13.676391] ? kmalloc_uaf2+0x4a8/0x520 [ 13.676426] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.676471] ? kmalloc_uaf2+0x4a8/0x520 [ 13.676504] kasan_report+0x141/0x180 [ 13.676544] ? kmalloc_uaf2+0x4a8/0x520 [ 13.676586] __asan_report_load1_noabort+0x18/0x20 [ 13.676664] kmalloc_uaf2+0x4a8/0x520 [ 13.676701] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.676734] ? finish_task_switch.isra.0+0x153/0x700 [ 13.676771] ? __switch_to+0x47/0xf50 [ 13.676820] ? __schedule+0x10cc/0x2b60 [ 13.676858] ? __pfx_read_tsc+0x10/0x10 [ 13.676890] ? ktime_get_ts64+0x86/0x230 [ 13.676927] kunit_try_run_case+0x1a5/0x480 [ 13.676966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.676997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.677028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.677106] ? __kthread_parkme+0x82/0x180 [ 13.677148] ? preempt_count_sub+0x50/0x80 [ 13.677188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.677233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.677276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.677309] kthread+0x337/0x6f0 [ 13.677330] ? trace_preempt_on+0x20/0xc0 [ 13.677352] ? __pfx_kthread+0x10/0x10 [ 13.677370] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.677389] ? calculate_sigpending+0x7b/0xa0 [ 13.677410] ? __pfx_kthread+0x10/0x10 [ 13.677429] ret_from_fork+0x116/0x1d0 [ 13.677445] ? __pfx_kthread+0x10/0x10 [ 13.677463] ret_from_fork_asm+0x1a/0x30 [ 13.677492] </TASK> [ 13.677507] [ 13.689707] Allocated by task 206: [ 13.689945] kasan_save_stack+0x45/0x70 [ 13.690354] kasan_save_track+0x18/0x40 [ 13.690830] kasan_save_alloc_info+0x3b/0x50 [ 13.690983] __kasan_kmalloc+0xb7/0xc0 [ 13.691358] __kmalloc_cache_noprof+0x189/0x420 [ 13.692095] kmalloc_uaf2+0xc6/0x520 [ 13.692314] kunit_try_run_case+0x1a5/0x480 [ 13.692463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.693370] kthread+0x337/0x6f0 [ 13.693781] ret_from_fork+0x116/0x1d0 [ 13.693946] ret_from_fork_asm+0x1a/0x30 [ 13.694424] [ 13.694541] Freed by task 206: [ 13.694682] kasan_save_stack+0x45/0x70 [ 13.695251] kasan_save_track+0x18/0x40 [ 13.695803] kasan_save_free_info+0x3f/0x60 [ 13.696016] __kasan_slab_free+0x56/0x70 [ 13.696642] kfree+0x222/0x3f0 [ 13.696865] kmalloc_uaf2+0x14c/0x520 [ 13.696997] kunit_try_run_case+0x1a5/0x480 [ 13.697250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.697614] kthread+0x337/0x6f0 [ 13.697890] ret_from_fork+0x116/0x1d0 [ 13.698239] ret_from_fork_asm+0x1a/0x30 [ 13.698582] [ 13.698961] The buggy address belongs to the object at ffff888102aad200 [ 13.698961] which belongs to the cache kmalloc-64 of size 64 [ 13.699855] The buggy address is located 40 bytes inside of [ 13.699855] freed 64-byte region [ffff888102aad200, ffff888102aad240) [ 13.700476] [ 13.700803] The buggy address belongs to the physical page: [ 13.701124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aad [ 13.701707] flags: 0x200000000000000(node=0|zone=2) [ 13.701941] page_type: f5(slab) [ 13.702086] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.702778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.703320] page dumped because: kasan: bad access detected [ 13.703772] [ 13.703886] Memory state around the buggy address: [ 13.704214] ffff888102aad100: 00 00 00 00 02 fc fc fc fc fc fc fc fc fc fc fc [ 13.704600] ffff888102aad180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.704988] >ffff888102aad200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.705261] ^ [ 13.705571] ffff888102aad280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.705931] ffff888102aad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.706165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.620338] ================================================================== [ 13.621169] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.621551] Read of size 1 at addr ffff888101c6db88 by task kunit_try_catch/202 [ 13.621846] [ 13.621975] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.622033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.622047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.622072] Call Trace: [ 13.622090] <TASK> [ 13.622112] dump_stack_lvl+0x73/0xb0 [ 13.622154] print_report+0xd1/0x650 [ 13.622185] ? __virt_addr_valid+0x1db/0x2d0 [ 13.622218] ? kmalloc_uaf+0x320/0x380 [ 13.622251] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.622286] ? kmalloc_uaf+0x320/0x380 [ 13.622316] kasan_report+0x141/0x180 [ 13.622377] ? kmalloc_uaf+0x320/0x380 [ 13.622433] __asan_report_load1_noabort+0x18/0x20 [ 13.622476] kmalloc_uaf+0x320/0x380 [ 13.622522] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.622569] ? __schedule+0x10cc/0x2b60 [ 13.622602] ? __pfx_read_tsc+0x10/0x10 [ 13.622645] ? ktime_get_ts64+0x86/0x230 [ 13.622686] kunit_try_run_case+0x1a5/0x480 [ 13.622724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.622761] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.622804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.622845] ? __kthread_parkme+0x82/0x180 [ 13.622882] ? preempt_count_sub+0x50/0x80 [ 13.622924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.622967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.623008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.623043] kthread+0x337/0x6f0 [ 13.623074] ? trace_preempt_on+0x20/0xc0 [ 13.623113] ? __pfx_kthread+0x10/0x10 [ 13.623165] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.623206] ? calculate_sigpending+0x7b/0xa0 [ 13.623244] ? __pfx_kthread+0x10/0x10 [ 13.623277] ret_from_fork+0x116/0x1d0 [ 13.623309] ? __pfx_kthread+0x10/0x10 [ 13.623342] ret_from_fork_asm+0x1a/0x30 [ 13.623392] </TASK> [ 13.623414] [ 13.632884] Allocated by task 202: [ 13.633110] kasan_save_stack+0x45/0x70 [ 13.633379] kasan_save_track+0x18/0x40 [ 13.633543] kasan_save_alloc_info+0x3b/0x50 [ 13.633875] __kasan_kmalloc+0xb7/0xc0 [ 13.634185] __kmalloc_cache_noprof+0x189/0x420 [ 13.634473] kmalloc_uaf+0xaa/0x380 [ 13.634699] kunit_try_run_case+0x1a5/0x480 [ 13.634991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.635562] kthread+0x337/0x6f0 [ 13.635920] ret_from_fork+0x116/0x1d0 [ 13.636261] ret_from_fork_asm+0x1a/0x30 [ 13.636511] [ 13.636680] Freed by task 202: [ 13.637310] kasan_save_stack+0x45/0x70 [ 13.637492] kasan_save_track+0x18/0x40 [ 13.637651] kasan_save_free_info+0x3f/0x60 [ 13.637968] __kasan_slab_free+0x56/0x70 [ 13.638248] kfree+0x222/0x3f0 [ 13.638503] kmalloc_uaf+0x12c/0x380 [ 13.639156] kunit_try_run_case+0x1a5/0x480 [ 13.639519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639796] kthread+0x337/0x6f0 [ 13.640043] ret_from_fork+0x116/0x1d0 [ 13.640294] ret_from_fork_asm+0x1a/0x30 [ 13.640485] [ 13.640644] The buggy address belongs to the object at ffff888101c6db80 [ 13.640644] which belongs to the cache kmalloc-16 of size 16 [ 13.641309] The buggy address is located 8 bytes inside of [ 13.641309] freed 16-byte region [ffff888101c6db80, ffff888101c6db90) [ 13.641830] [ 13.641968] The buggy address belongs to the physical page: [ 13.642362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c6d [ 13.643092] flags: 0x200000000000000(node=0|zone=2) [ 13.643723] page_type: f5(slab) [ 13.644033] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.644493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.644873] page dumped because: kasan: bad access detected [ 13.645161] [ 13.645331] Memory state around the buggy address: [ 13.645655] ffff888101c6da80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.646069] ffff888101c6db00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.646601] >ffff888101c6db80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.646970] ^ [ 13.647246] ffff888101c6dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.647639] ffff888101c6dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.647913] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.585715] ================================================================== [ 13.588358] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.588872] Read of size 64 at addr ffff888102aad004 by task kunit_try_catch/200 [ 13.590661] [ 13.591370] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.591464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.591485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.592006] Call Trace: [ 13.592052] <TASK> [ 13.592081] dump_stack_lvl+0x73/0xb0 [ 13.592139] print_report+0xd1/0x650 [ 13.592178] ? __virt_addr_valid+0x1db/0x2d0 [ 13.592211] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.592234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.592257] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.592311] kasan_report+0x141/0x180 [ 13.592332] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.592358] kasan_check_range+0x10c/0x1c0 [ 13.592379] __asan_memmove+0x27/0x70 [ 13.592396] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.592418] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.592440] ? __schedule+0x10cc/0x2b60 [ 13.592460] ? __pfx_read_tsc+0x10/0x10 [ 13.592479] ? ktime_get_ts64+0x86/0x230 [ 13.592506] kunit_try_run_case+0x1a5/0x480 [ 13.592539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.592568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.592600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.592674] ? __kthread_parkme+0x82/0x180 [ 13.592694] ? preempt_count_sub+0x50/0x80 [ 13.592716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.592737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.592758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.592778] kthread+0x337/0x6f0 [ 13.592796] ? trace_preempt_on+0x20/0xc0 [ 13.592818] ? __pfx_kthread+0x10/0x10 [ 13.592836] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.592855] ? calculate_sigpending+0x7b/0xa0 [ 13.592878] ? __pfx_kthread+0x10/0x10 [ 13.592897] ret_from_fork+0x116/0x1d0 [ 13.592913] ? __pfx_kthread+0x10/0x10 [ 13.592931] ret_from_fork_asm+0x1a/0x30 [ 13.592959] </TASK> [ 13.592972] [ 13.604487] Allocated by task 200: [ 13.605101] kasan_save_stack+0x45/0x70 [ 13.605250] kasan_save_track+0x18/0x40 [ 13.605447] kasan_save_alloc_info+0x3b/0x50 [ 13.605802] __kasan_kmalloc+0xb7/0xc0 [ 13.606066] __kmalloc_cache_noprof+0x189/0x420 [ 13.606280] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.606544] kunit_try_run_case+0x1a5/0x480 [ 13.606945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.607255] kthread+0x337/0x6f0 [ 13.607605] ret_from_fork+0x116/0x1d0 [ 13.607917] ret_from_fork_asm+0x1a/0x30 [ 13.608086] [ 13.608278] The buggy address belongs to the object at ffff888102aad000 [ 13.608278] which belongs to the cache kmalloc-64 of size 64 [ 13.608911] The buggy address is located 4 bytes inside of [ 13.608911] allocated 64-byte region [ffff888102aad000, ffff888102aad040) [ 13.609681] [ 13.609798] The buggy address belongs to the physical page: [ 13.610206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aad [ 13.610487] flags: 0x200000000000000(node=0|zone=2) [ 13.611314] page_type: f5(slab) [ 13.611756] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.612145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.612430] page dumped because: kasan: bad access detected [ 13.612905] [ 13.613064] Memory state around the buggy address: [ 13.613358] ffff888102aacf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.613909] ffff888102aacf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.614266] >ffff888102aad000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.614720] ^ [ 13.614933] ffff888102aad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.615372] ffff888102aad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.615789] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.549281] ================================================================== [ 13.549739] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.550355] Read of size 18446744073709551614 at addr ffff888102560004 by task kunit_try_catch/198 [ 13.550674] [ 13.551160] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.551514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.551560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.551595] Call Trace: [ 13.551632] <TASK> [ 13.551660] dump_stack_lvl+0x73/0xb0 [ 13.551717] print_report+0xd1/0x650 [ 13.551753] ? __virt_addr_valid+0x1db/0x2d0 [ 13.551794] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.551838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.551883] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.551946] kasan_report+0x141/0x180 [ 13.551967] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.551993] kasan_check_range+0x10c/0x1c0 [ 13.552013] __asan_memmove+0x27/0x70 [ 13.552030] kmalloc_memmove_negative_size+0x171/0x330 [ 13.552051] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.552072] ? __schedule+0x10cc/0x2b60 [ 13.552092] ? __pfx_read_tsc+0x10/0x10 [ 13.552138] ? ktime_get_ts64+0x86/0x230 [ 13.552165] kunit_try_run_case+0x1a5/0x480 [ 13.552188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.552207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.552228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.552247] ? __kthread_parkme+0x82/0x180 [ 13.552292] ? preempt_count_sub+0x50/0x80 [ 13.552316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.552336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.552356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.552376] kthread+0x337/0x6f0 [ 13.552393] ? trace_preempt_on+0x20/0xc0 [ 13.552415] ? __pfx_kthread+0x10/0x10 [ 13.552433] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.552451] ? calculate_sigpending+0x7b/0xa0 [ 13.552472] ? __pfx_kthread+0x10/0x10 [ 13.552491] ret_from_fork+0x116/0x1d0 [ 13.552600] ? __pfx_kthread+0x10/0x10 [ 13.552639] ret_from_fork_asm+0x1a/0x30 [ 13.552669] </TASK> [ 13.552682] [ 13.564873] Allocated by task 198: [ 13.565254] kasan_save_stack+0x45/0x70 [ 13.565677] kasan_save_track+0x18/0x40 [ 13.566052] kasan_save_alloc_info+0x3b/0x50 [ 13.566455] __kasan_kmalloc+0xb7/0xc0 [ 13.567267] __kmalloc_cache_noprof+0x189/0x420 [ 13.567567] kmalloc_memmove_negative_size+0xac/0x330 [ 13.567956] kunit_try_run_case+0x1a5/0x480 [ 13.568558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.568964] kthread+0x337/0x6f0 [ 13.569456] ret_from_fork+0x116/0x1d0 [ 13.569815] ret_from_fork_asm+0x1a/0x30 [ 13.570177] [ 13.570370] The buggy address belongs to the object at ffff888102560000 [ 13.570370] which belongs to the cache kmalloc-64 of size 64 [ 13.571371] The buggy address is located 4 bytes inside of [ 13.571371] 64-byte region [ffff888102560000, ffff888102560040) [ 13.572376] [ 13.572755] The buggy address belongs to the physical page: [ 13.573191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102560 [ 13.573638] flags: 0x200000000000000(node=0|zone=2) [ 13.574080] page_type: f5(slab) [ 13.574399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.575074] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.575384] page dumped because: kasan: bad access detected [ 13.575933] [ 13.576131] Memory state around the buggy address: [ 13.576397] ffff88810255ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.577068] ffff88810255ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.577491] >ffff888102560000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.578078] ^ [ 13.578401] ffff888102560080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579155] ffff888102560100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579715] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.516417] ================================================================== [ 13.517091] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.517415] Write of size 16 at addr ffff88810254d469 by task kunit_try_catch/196 [ 13.517694] [ 13.517813] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.517888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.517909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.517955] Call Trace: [ 13.517980] <TASK> [ 13.518007] dump_stack_lvl+0x73/0xb0 [ 13.518060] print_report+0xd1/0x650 [ 13.518100] ? __virt_addr_valid+0x1db/0x2d0 [ 13.518136] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.518600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.518694] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.518728] kasan_report+0x141/0x180 [ 13.518762] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.518800] kasan_check_range+0x10c/0x1c0 [ 13.518837] __asan_memset+0x27/0x50 [ 13.518870] kmalloc_oob_memset_16+0x166/0x330 [ 13.518907] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.518948] ? __schedule+0x10cc/0x2b60 [ 13.518991] ? __pfx_read_tsc+0x10/0x10 [ 13.519028] ? ktime_get_ts64+0x86/0x230 [ 13.519074] kunit_try_run_case+0x1a5/0x480 [ 13.519129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.519166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.519208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.519250] ? __kthread_parkme+0x82/0x180 [ 13.519288] ? preempt_count_sub+0x50/0x80 [ 13.519333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.519375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.519417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.519456] kthread+0x337/0x6f0 [ 13.519483] ? trace_preempt_on+0x20/0xc0 [ 13.519510] ? __pfx_kthread+0x10/0x10 [ 13.519546] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.519573] ? calculate_sigpending+0x7b/0xa0 [ 13.519604] ? __pfx_kthread+0x10/0x10 [ 13.519649] ret_from_fork+0x116/0x1d0 [ 13.519669] ? __pfx_kthread+0x10/0x10 [ 13.519687] ret_from_fork_asm+0x1a/0x30 [ 13.519715] </TASK> [ 13.519727] [ 13.529840] Allocated by task 196: [ 13.530299] kasan_save_stack+0x45/0x70 [ 13.530744] kasan_save_track+0x18/0x40 [ 13.531284] kasan_save_alloc_info+0x3b/0x50 [ 13.531735] __kasan_kmalloc+0xb7/0xc0 [ 13.532036] __kmalloc_cache_noprof+0x189/0x420 [ 13.532664] kmalloc_oob_memset_16+0xac/0x330 [ 13.532994] kunit_try_run_case+0x1a5/0x480 [ 13.533276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.533526] kthread+0x337/0x6f0 [ 13.533698] ret_from_fork+0x116/0x1d0 [ 13.533859] ret_from_fork_asm+0x1a/0x30 [ 13.534035] [ 13.534137] The buggy address belongs to the object at ffff88810254d400 [ 13.534137] which belongs to the cache kmalloc-128 of size 128 [ 13.534966] The buggy address is located 105 bytes inside of [ 13.534966] allocated 120-byte region [ffff88810254d400, ffff88810254d478) [ 13.535802] [ 13.535959] The buggy address belongs to the physical page: [ 13.537061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.537406] flags: 0x200000000000000(node=0|zone=2) [ 13.537612] page_type: f5(slab) [ 13.537781] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.538035] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.538274] page dumped because: kasan: bad access detected [ 13.538632] [ 13.538807] Memory state around the buggy address: [ 13.539133] ffff88810254d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.539803] ffff88810254d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.540342] >ffff88810254d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.541043] ^ [ 13.541670] ffff88810254d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.542921] ffff88810254d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.543500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.485715] ================================================================== [ 13.486152] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.486652] Write of size 8 at addr ffff88810254d371 by task kunit_try_catch/194 [ 13.487172] [ 13.487392] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.487568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.487590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.487635] Call Trace: [ 13.487660] <TASK> [ 13.487684] dump_stack_lvl+0x73/0xb0 [ 13.487741] print_report+0xd1/0x650 [ 13.487780] ? __virt_addr_valid+0x1db/0x2d0 [ 13.487817] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.487850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.487892] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.487931] kasan_report+0x141/0x180 [ 13.487968] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.488004] kasan_check_range+0x10c/0x1c0 [ 13.488031] __asan_memset+0x27/0x50 [ 13.488054] kmalloc_oob_memset_8+0x166/0x330 [ 13.488080] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.488106] ? __schedule+0x10cc/0x2b60 [ 13.488137] ? __pfx_read_tsc+0x10/0x10 [ 13.488162] ? ktime_get_ts64+0x86/0x230 [ 13.488197] kunit_try_run_case+0x1a5/0x480 [ 13.488232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.488266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.488445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.488521] ? __kthread_parkme+0x82/0x180 [ 13.488592] ? preempt_count_sub+0x50/0x80 [ 13.488643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.488677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.488711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.488742] kthread+0x337/0x6f0 [ 13.488773] ? trace_preempt_on+0x20/0xc0 [ 13.488812] ? __pfx_kthread+0x10/0x10 [ 13.488844] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.488880] ? calculate_sigpending+0x7b/0xa0 [ 13.488920] ? __pfx_kthread+0x10/0x10 [ 13.488955] ret_from_fork+0x116/0x1d0 [ 13.488982] ? __pfx_kthread+0x10/0x10 [ 13.489013] ret_from_fork_asm+0x1a/0x30 [ 13.489065] </TASK> [ 13.489088] [ 13.499943] Allocated by task 194: [ 13.500279] kasan_save_stack+0x45/0x70 [ 13.500603] kasan_save_track+0x18/0x40 [ 13.500755] kasan_save_alloc_info+0x3b/0x50 [ 13.500905] __kasan_kmalloc+0xb7/0xc0 [ 13.501051] __kmalloc_cache_noprof+0x189/0x420 [ 13.501864] kmalloc_oob_memset_8+0xac/0x330 [ 13.502275] kunit_try_run_case+0x1a5/0x480 [ 13.502757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.503168] kthread+0x337/0x6f0 [ 13.503323] ret_from_fork+0x116/0x1d0 [ 13.503485] ret_from_fork_asm+0x1a/0x30 [ 13.503985] [ 13.504171] The buggy address belongs to the object at ffff88810254d300 [ 13.504171] which belongs to the cache kmalloc-128 of size 128 [ 13.504771] The buggy address is located 113 bytes inside of [ 13.504771] allocated 120-byte region [ffff88810254d300, ffff88810254d378) [ 13.505442] [ 13.505610] The buggy address belongs to the physical page: [ 13.505929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.506302] flags: 0x200000000000000(node=0|zone=2) [ 13.506544] page_type: f5(slab) [ 13.507163] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.507877] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.508219] page dumped because: kasan: bad access detected [ 13.508642] [ 13.508823] Memory state around the buggy address: [ 13.509059] ffff88810254d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.509345] ffff88810254d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.509859] >ffff88810254d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.510285] ^ [ 13.511027] ffff88810254d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511449] ffff88810254d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.454702] ================================================================== [ 13.455541] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.456208] Write of size 4 at addr ffff888102aa0675 by task kunit_try_catch/192 [ 13.456458] [ 13.456660] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.456759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.456797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.456837] Call Trace: [ 13.456874] <TASK> [ 13.456902] dump_stack_lvl+0x73/0xb0 [ 13.456988] print_report+0xd1/0x650 [ 13.457195] ? __virt_addr_valid+0x1db/0x2d0 [ 13.457254] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.457297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.457337] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.457363] kasan_report+0x141/0x180 [ 13.457384] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.457408] kasan_check_range+0x10c/0x1c0 [ 13.457429] __asan_memset+0x27/0x50 [ 13.457446] kmalloc_oob_memset_4+0x166/0x330 [ 13.457466] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.457486] ? __schedule+0x10cc/0x2b60 [ 13.457512] ? __pfx_read_tsc+0x10/0x10 [ 13.457540] ? ktime_get_ts64+0x86/0x230 [ 13.457574] kunit_try_run_case+0x1a5/0x480 [ 13.457608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.457646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.457669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.457689] ? __kthread_parkme+0x82/0x180 [ 13.457707] ? preempt_count_sub+0x50/0x80 [ 13.457727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.457748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.457769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.457788] kthread+0x337/0x6f0 [ 13.457806] ? trace_preempt_on+0x20/0xc0 [ 13.457826] ? __pfx_kthread+0x10/0x10 [ 13.457845] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.457863] ? calculate_sigpending+0x7b/0xa0 [ 13.457884] ? __pfx_kthread+0x10/0x10 [ 13.457902] ret_from_fork+0x116/0x1d0 [ 13.457929] ? __pfx_kthread+0x10/0x10 [ 13.457949] ret_from_fork_asm+0x1a/0x30 [ 13.457977] </TASK> [ 13.457989] [ 13.469682] Allocated by task 192: [ 13.470050] kasan_save_stack+0x45/0x70 [ 13.470363] kasan_save_track+0x18/0x40 [ 13.470673] kasan_save_alloc_info+0x3b/0x50 [ 13.471365] __kasan_kmalloc+0xb7/0xc0 [ 13.471691] __kmalloc_cache_noprof+0x189/0x420 [ 13.472306] kmalloc_oob_memset_4+0xac/0x330 [ 13.472719] kunit_try_run_case+0x1a5/0x480 [ 13.473224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.473637] kthread+0x337/0x6f0 [ 13.474082] ret_from_fork+0x116/0x1d0 [ 13.474678] ret_from_fork_asm+0x1a/0x30 [ 13.474786] [ 13.474840] The buggy address belongs to the object at ffff888102aa0600 [ 13.474840] which belongs to the cache kmalloc-128 of size 128 [ 13.475026] The buggy address is located 117 bytes inside of [ 13.475026] allocated 120-byte region [ffff888102aa0600, ffff888102aa0678) [ 13.475312] [ 13.475419] The buggy address belongs to the physical page: [ 13.475707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 13.476327] flags: 0x200000000000000(node=0|zone=2) [ 13.476580] page_type: f5(slab) [ 13.476737] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.476962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.477477] page dumped because: kasan: bad access detected [ 13.478073] [ 13.478314] Memory state around the buggy address: [ 13.478771] ffff888102aa0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.479273] ffff888102aa0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.479484] >ffff888102aa0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.480083] ^ [ 13.480401] ffff888102aa0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.481015] ffff888102aa0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.481322] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.422410] ================================================================== [ 13.423439] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.424004] Write of size 2 at addr ffff88810254d277 by task kunit_try_catch/190 [ 13.424246] [ 13.424382] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.424454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.424475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.424510] Call Trace: [ 13.424537] <TASK> [ 13.424568] dump_stack_lvl+0x73/0xb0 [ 13.424645] print_report+0xd1/0x650 [ 13.424687] ? __virt_addr_valid+0x1db/0x2d0 [ 13.424724] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.424757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.424797] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.424831] kasan_report+0x141/0x180 [ 13.424863] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.424905] kasan_check_range+0x10c/0x1c0 [ 13.424942] __asan_memset+0x27/0x50 [ 13.424972] kmalloc_oob_memset_2+0x166/0x330 [ 13.425011] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.425052] ? __schedule+0x10cc/0x2b60 [ 13.425090] ? __pfx_read_tsc+0x10/0x10 [ 13.425122] ? ktime_get_ts64+0x86/0x230 [ 13.425160] kunit_try_run_case+0x1a5/0x480 [ 13.425199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.425236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.425275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.425303] ? __kthread_parkme+0x82/0x180 [ 13.425322] ? preempt_count_sub+0x50/0x80 [ 13.425343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.425363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.425383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.425403] kthread+0x337/0x6f0 [ 13.425420] ? trace_preempt_on+0x20/0xc0 [ 13.425448] ? __pfx_kthread+0x10/0x10 [ 13.425480] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.425516] ? calculate_sigpending+0x7b/0xa0 [ 13.425548] ? __pfx_kthread+0x10/0x10 [ 13.425577] ret_from_fork+0x116/0x1d0 [ 13.425603] ? __pfx_kthread+0x10/0x10 [ 13.425646] ret_from_fork_asm+0x1a/0x30 [ 13.425691] </TASK> [ 13.425709] [ 13.436431] Allocated by task 190: [ 13.436870] kasan_save_stack+0x45/0x70 [ 13.437216] kasan_save_track+0x18/0x40 [ 13.437898] kasan_save_alloc_info+0x3b/0x50 [ 13.438300] __kasan_kmalloc+0xb7/0xc0 [ 13.438490] __kmalloc_cache_noprof+0x189/0x420 [ 13.438788] kmalloc_oob_memset_2+0xac/0x330 [ 13.439021] kunit_try_run_case+0x1a5/0x480 [ 13.439315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.439517] kthread+0x337/0x6f0 [ 13.439966] ret_from_fork+0x116/0x1d0 [ 13.440270] ret_from_fork_asm+0x1a/0x30 [ 13.440495] [ 13.440770] The buggy address belongs to the object at ffff88810254d200 [ 13.440770] which belongs to the cache kmalloc-128 of size 128 [ 13.441468] The buggy address is located 119 bytes inside of [ 13.441468] allocated 120-byte region [ffff88810254d200, ffff88810254d278) [ 13.442481] [ 13.442824] The buggy address belongs to the physical page: [ 13.443220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254d [ 13.443760] flags: 0x200000000000000(node=0|zone=2) [ 13.444119] page_type: f5(slab) [ 13.444371] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.444846] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.445331] page dumped because: kasan: bad access detected [ 13.446122] [ 13.446244] Memory state around the buggy address: [ 13.446431] ffff88810254d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.447051] ffff88810254d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.447676] >ffff88810254d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.448140] ^ [ 13.448764] ffff88810254d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449039] ffff88810254d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.449905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.778404] ================================================================== [ 12.779139] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.779956] Read of size 1 at addr ffff888103a00000 by task kunit_try_catch/172 [ 12.780200] [ 12.780426] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.780501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.780890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.780932] Call Trace: [ 12.780958] <TASK> [ 12.780984] dump_stack_lvl+0x73/0xb0 [ 12.781044] print_report+0xd1/0x650 [ 12.781083] ? __virt_addr_valid+0x1db/0x2d0 [ 12.781234] ? page_alloc_uaf+0x356/0x3d0 [ 12.781427] ? kasan_addr_to_slab+0x11/0xa0 [ 12.781472] ? page_alloc_uaf+0x356/0x3d0 [ 12.781509] kasan_report+0x141/0x180 [ 12.781545] ? page_alloc_uaf+0x356/0x3d0 [ 12.781582] __asan_report_load1_noabort+0x18/0x20 [ 12.781633] page_alloc_uaf+0x356/0x3d0 [ 12.781669] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.781702] ? __schedule+0x10cc/0x2b60 [ 12.781723] ? __pfx_read_tsc+0x10/0x10 [ 12.781744] ? ktime_get_ts64+0x86/0x230 [ 12.781767] kunit_try_run_case+0x1a5/0x480 [ 12.781789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.781809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.781831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.781851] ? __kthread_parkme+0x82/0x180 [ 12.781869] ? preempt_count_sub+0x50/0x80 [ 12.781891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.781912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.781944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.781965] kthread+0x337/0x6f0 [ 12.781983] ? trace_preempt_on+0x20/0xc0 [ 12.782004] ? __pfx_kthread+0x10/0x10 [ 12.782022] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.782041] ? calculate_sigpending+0x7b/0xa0 [ 12.782062] ? __pfx_kthread+0x10/0x10 [ 12.782082] ret_from_fork+0x116/0x1d0 [ 12.782098] ? __pfx_kthread+0x10/0x10 [ 12.782127] ret_from_fork_asm+0x1a/0x30 [ 12.782173] </TASK> [ 12.782194] [ 12.793060] The buggy address belongs to the physical page: [ 12.794055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 12.794409] flags: 0x200000000000000(node=0|zone=2) [ 12.794859] page_type: f0(buddy) [ 12.795056] raw: 0200000000000000 ffff88817fffb5c8 ffff88817fffb5c8 0000000000000000 [ 12.795270] raw: 0000000000000000 0000000000000009 00000000f0000000 0000000000000000 [ 12.795472] page dumped because: kasan: bad access detected [ 12.795649] [ 12.795741] Memory state around the buggy address: [ 12.795971] ffff8881039fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.796267] ffff8881039fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.796454] >ffff888103a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.797469] ^ [ 12.798276] ffff888103a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.799287] ffff888103a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.799822] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.750050] ================================================================== [ 12.750602] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.751089] Free of addr ffff88810263c001 by task kunit_try_catch/168 [ 12.751723] [ 12.751910] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.751988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.752010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.752044] Call Trace: [ 12.752063] <TASK> [ 12.752080] dump_stack_lvl+0x73/0xb0 [ 12.752409] print_report+0xd1/0x650 [ 12.752442] ? __virt_addr_valid+0x1db/0x2d0 [ 12.752465] ? kasan_addr_to_slab+0x11/0xa0 [ 12.752483] ? kfree+0x274/0x3f0 [ 12.752504] kasan_report_invalid_free+0x10a/0x130 [ 12.752526] ? kfree+0x274/0x3f0 [ 12.752547] ? kfree+0x274/0x3f0 [ 12.752566] __kasan_kfree_large+0x86/0xd0 [ 12.752585] free_large_kmalloc+0x4b/0x110 [ 12.752606] kfree+0x274/0x3f0 [ 12.752647] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.752669] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.752691] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.752715] kunit_try_run_case+0x1a5/0x480 [ 12.752737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.752757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.752779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.752799] ? __kthread_parkme+0x82/0x180 [ 12.752817] ? preempt_count_sub+0x50/0x80 [ 12.752839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.752860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.752880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.752900] kthread+0x337/0x6f0 [ 12.752917] ? trace_preempt_on+0x20/0xc0 [ 12.752938] ? __pfx_kthread+0x10/0x10 [ 12.752957] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.752975] ? calculate_sigpending+0x7b/0xa0 [ 12.752996] ? __pfx_kthread+0x10/0x10 [ 12.753015] ret_from_fork+0x116/0x1d0 [ 12.753032] ? __pfx_kthread+0x10/0x10 [ 12.753050] ret_from_fork_asm+0x1a/0x30 [ 12.753077] </TASK> [ 12.753089] [ 12.763048] The buggy address belongs to the physical page: [ 12.763530] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10263c [ 12.764029] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.764544] flags: 0x200000000000040(head|node=0|zone=2) [ 12.764809] page_type: f8(unknown) [ 12.765092] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.765452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.765853] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.766338] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.766584] head: 0200000000000002 ffffea0004098f01 00000000ffffffff 00000000ffffffff [ 12.767016] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.767574] page dumped because: kasan: bad access detected [ 12.767918] [ 12.768002] Memory state around the buggy address: [ 12.768373] ffff88810263bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768698] ffff88810263bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769050] >ffff88810263c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.769486] ^ [ 12.770260] ffff88810263c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.770573] ffff88810263c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.770950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.725201] ================================================================== [ 12.725699] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.726529] Read of size 1 at addr ffff88810263c000 by task kunit_try_catch/166 [ 12.726944] [ 12.727023] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.727068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.727079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.727099] Call Trace: [ 12.727114] <TASK> [ 12.727137] dump_stack_lvl+0x73/0xb0 [ 12.727171] print_report+0xd1/0x650 [ 12.727192] ? __virt_addr_valid+0x1db/0x2d0 [ 12.727212] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.727230] ? kasan_addr_to_slab+0x11/0xa0 [ 12.727248] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.727266] kasan_report+0x141/0x180 [ 12.727286] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.727309] __asan_report_load1_noabort+0x18/0x20 [ 12.727331] kmalloc_large_uaf+0x2f1/0x340 [ 12.727349] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.727368] ? __schedule+0x10cc/0x2b60 [ 12.727388] ? __pfx_read_tsc+0x10/0x10 [ 12.727408] ? ktime_get_ts64+0x86/0x230 [ 12.727431] kunit_try_run_case+0x1a5/0x480 [ 12.727452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.727472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.727493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.727513] ? __kthread_parkme+0x82/0x180 [ 12.727531] ? preempt_count_sub+0x50/0x80 [ 12.727552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.727573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.727593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.727613] kthread+0x337/0x6f0 [ 12.727659] ? trace_preempt_on+0x20/0xc0 [ 12.727695] ? __pfx_kthread+0x10/0x10 [ 12.727725] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.727756] ? calculate_sigpending+0x7b/0xa0 [ 12.727797] ? __pfx_kthread+0x10/0x10 [ 12.727835] ret_from_fork+0x116/0x1d0 [ 12.727869] ? __pfx_kthread+0x10/0x10 [ 12.727903] ret_from_fork_asm+0x1a/0x30 [ 12.727932] </TASK> [ 12.727944] [ 12.739069] The buggy address belongs to the physical page: [ 12.739606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10263c [ 12.739990] flags: 0x200000000000000(node=0|zone=2) [ 12.740408] raw: 0200000000000000 ffff88815b039f80 ffff88815b039f80 0000000000000000 [ 12.740711] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.741132] page dumped because: kasan: bad access detected [ 12.741557] [ 12.741852] Memory state around the buggy address: [ 12.742158] ffff88810263bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.742719] ffff88810263bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.743126] >ffff88810263c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.743720] ^ [ 12.743986] ffff88810263c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.744407] ffff88810263c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.744829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.695959] ================================================================== [ 12.696416] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.697028] Write of size 1 at addr ffff88810263e00a by task kunit_try_catch/164 [ 12.697558] [ 12.697800] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.697877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.697899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.697939] Call Trace: [ 12.697966] <TASK> [ 12.697996] dump_stack_lvl+0x73/0xb0 [ 12.698058] print_report+0xd1/0x650 [ 12.698097] ? __virt_addr_valid+0x1db/0x2d0 [ 12.698131] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.698151] ? kasan_addr_to_slab+0x11/0xa0 [ 12.698169] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.698189] kasan_report+0x141/0x180 [ 12.698208] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.698233] __asan_report_store1_noabort+0x1b/0x30 [ 12.698268] kmalloc_large_oob_right+0x2e9/0x330 [ 12.698290] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.698312] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.698336] kunit_try_run_case+0x1a5/0x480 [ 12.698359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.698379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.698401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.698421] ? __kthread_parkme+0x82/0x180 [ 12.698441] ? preempt_count_sub+0x50/0x80 [ 12.698464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.698486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.698584] kthread+0x337/0x6f0 [ 12.698638] ? trace_preempt_on+0x20/0xc0 [ 12.698676] ? __pfx_kthread+0x10/0x10 [ 12.698711] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.698747] ? calculate_sigpending+0x7b/0xa0 [ 12.698790] ? __pfx_kthread+0x10/0x10 [ 12.698830] ret_from_fork+0x116/0x1d0 [ 12.698866] ? __pfx_kthread+0x10/0x10 [ 12.698905] ret_from_fork_asm+0x1a/0x30 [ 12.698967] </TASK> [ 12.698991] [ 12.710992] The buggy address belongs to the physical page: [ 12.711786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10263c [ 12.712648] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.712981] flags: 0x200000000000040(head|node=0|zone=2) [ 12.713338] page_type: f8(unknown) [ 12.713824] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.714066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.714823] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.715462] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.715892] head: 0200000000000002 ffffea0004098f01 00000000ffffffff 00000000ffffffff [ 12.716678] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.717002] page dumped because: kasan: bad access detected [ 12.717456] [ 12.717964] Memory state around the buggy address: [ 12.718311] ffff88810263df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.718532] ffff88810263df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.718863] >ffff88810263e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.719668] ^ [ 12.719937] ffff88810263e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.720148] ffff88810263e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.721041] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.660399] ================================================================== [ 12.660862] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.661122] Write of size 1 at addr ffff888103999f00 by task kunit_try_catch/162 [ 12.662125] [ 12.662315] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.662391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.662412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.662442] Call Trace: [ 12.662463] <TASK> [ 12.662489] dump_stack_lvl+0x73/0xb0 [ 12.662543] print_report+0xd1/0x650 [ 12.662580] ? __virt_addr_valid+0x1db/0x2d0 [ 12.662637] ? kmalloc_big_oob_right+0x316/0x370 [ 12.662678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.662724] ? kmalloc_big_oob_right+0x316/0x370 [ 12.662764] kasan_report+0x141/0x180 [ 12.662807] ? kmalloc_big_oob_right+0x316/0x370 [ 12.662859] __asan_report_store1_noabort+0x1b/0x30 [ 12.662891] kmalloc_big_oob_right+0x316/0x370 [ 12.662912] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.662933] ? __schedule+0x10cc/0x2b60 [ 12.662953] ? __pfx_read_tsc+0x10/0x10 [ 12.662971] ? ktime_get_ts64+0x86/0x230 [ 12.662994] kunit_try_run_case+0x1a5/0x480 [ 12.663015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.663033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.663054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.663073] ? __kthread_parkme+0x82/0x180 [ 12.663091] ? preempt_count_sub+0x50/0x80 [ 12.663129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.663149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.663168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.663188] kthread+0x337/0x6f0 [ 12.663205] ? trace_preempt_on+0x20/0xc0 [ 12.663227] ? __pfx_kthread+0x10/0x10 [ 12.663247] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.663276] ? calculate_sigpending+0x7b/0xa0 [ 12.663306] ? __pfx_kthread+0x10/0x10 [ 12.663334] ret_from_fork+0x116/0x1d0 [ 12.663359] ? __pfx_kthread+0x10/0x10 [ 12.663384] ret_from_fork_asm+0x1a/0x30 [ 12.663412] </TASK> [ 12.663424] [ 12.675945] Allocated by task 162: [ 12.676549] kasan_save_stack+0x45/0x70 [ 12.676738] kasan_save_track+0x18/0x40 [ 12.676875] kasan_save_alloc_info+0x3b/0x50 [ 12.677103] __kasan_kmalloc+0xb7/0xc0 [ 12.677462] __kmalloc_cache_noprof+0x189/0x420 [ 12.678220] kmalloc_big_oob_right+0xa9/0x370 [ 12.678837] kunit_try_run_case+0x1a5/0x480 [ 12.679099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.679450] kthread+0x337/0x6f0 [ 12.679628] ret_from_fork+0x116/0x1d0 [ 12.679866] ret_from_fork_asm+0x1a/0x30 [ 12.680309] [ 12.680477] The buggy address belongs to the object at ffff888103998000 [ 12.680477] which belongs to the cache kmalloc-8k of size 8192 [ 12.681354] The buggy address is located 0 bytes to the right of [ 12.681354] allocated 7936-byte region [ffff888103998000, ffff888103999f00) [ 12.682116] [ 12.682217] The buggy address belongs to the physical page: [ 12.682352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103998 [ 12.682492] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.682685] flags: 0x200000000000040(head|node=0|zone=2) [ 12.683852] page_type: f5(slab) [ 12.684215] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.684781] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.685112] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.685416] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.686374] head: 0200000000000003 ffffea00040e6601 00000000ffffffff 00000000ffffffff [ 12.686877] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.687516] page dumped because: kasan: bad access detected [ 12.687721] [ 12.688149] Memory state around the buggy address: [ 12.688544] ffff888103999e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.688910] ffff888103999e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.689472] >ffff888103999f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.689901] ^ [ 12.690297] ffff888103999f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.690708] ffff88810399a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.691156] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.608281] ================================================================== [ 12.608964] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.609722] Write of size 1 at addr ffff888102aa0378 by task kunit_try_catch/160 [ 12.610475] [ 12.610831] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.610922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.610945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.611010] Call Trace: [ 12.611036] <TASK> [ 12.611079] dump_stack_lvl+0x73/0xb0 [ 12.611138] print_report+0xd1/0x650 [ 12.611170] ? __virt_addr_valid+0x1db/0x2d0 [ 12.611193] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.611216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.611239] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.611262] kasan_report+0x141/0x180 [ 12.611281] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.611307] __asan_report_store1_noabort+0x1b/0x30 [ 12.611329] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.611351] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.611374] ? __schedule+0x10cc/0x2b60 [ 12.611394] ? __pfx_read_tsc+0x10/0x10 [ 12.611413] ? ktime_get_ts64+0x86/0x230 [ 12.611436] kunit_try_run_case+0x1a5/0x480 [ 12.611458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.611501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.611531] ? __kthread_parkme+0x82/0x180 [ 12.611559] ? preempt_count_sub+0x50/0x80 [ 12.611590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.611663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.611684] kthread+0x337/0x6f0 [ 12.611702] ? trace_preempt_on+0x20/0xc0 [ 12.611724] ? __pfx_kthread+0x10/0x10 [ 12.611743] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.611761] ? calculate_sigpending+0x7b/0xa0 [ 12.611784] ? __pfx_kthread+0x10/0x10 [ 12.611804] ret_from_fork+0x116/0x1d0 [ 12.611821] ? __pfx_kthread+0x10/0x10 [ 12.611839] ret_from_fork_asm+0x1a/0x30 [ 12.611867] </TASK> [ 12.611880] [ 12.622014] Allocated by task 160: [ 12.622300] kasan_save_stack+0x45/0x70 [ 12.622682] kasan_save_track+0x18/0x40 [ 12.622980] kasan_save_alloc_info+0x3b/0x50 [ 12.623340] __kasan_kmalloc+0xb7/0xc0 [ 12.623557] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.624081] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.624320] kunit_try_run_case+0x1a5/0x480 [ 12.624742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.624910] kthread+0x337/0x6f0 [ 12.625055] ret_from_fork+0x116/0x1d0 [ 12.625359] ret_from_fork_asm+0x1a/0x30 [ 12.625709] [ 12.625819] The buggy address belongs to the object at ffff888102aa0300 [ 12.625819] which belongs to the cache kmalloc-128 of size 128 [ 12.626535] The buggy address is located 0 bytes to the right of [ 12.626535] allocated 120-byte region [ffff888102aa0300, ffff888102aa0378) [ 12.628906] [ 12.629025] The buggy address belongs to the physical page: [ 12.629184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 12.629808] flags: 0x200000000000000(node=0|zone=2) [ 12.630667] page_type: f5(slab) [ 12.630857] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.631074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.631809] page dumped because: kasan: bad access detected [ 12.632030] [ 12.632178] Memory state around the buggy address: [ 12.632459] ffff888102aa0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.633654] ffff888102aa0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.633965] >ffff888102aa0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.634828] ^ [ 12.635150] ffff888102aa0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.635553] ffff888102aa0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.635830] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.568855] ================================================================== [ 12.569952] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.570710] Read of size 1 at addr ffff8881027d5000 by task kunit_try_catch/158 [ 12.570963] [ 12.571418] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.571477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.571496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.571829] Call Trace: [ 12.571858] <TASK> [ 12.571880] dump_stack_lvl+0x73/0xb0 [ 12.571917] print_report+0xd1/0x650 [ 12.571938] ? __virt_addr_valid+0x1db/0x2d0 [ 12.571958] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.571978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.572000] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.572019] kasan_report+0x141/0x180 [ 12.572038] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.572063] __asan_report_load1_noabort+0x18/0x20 [ 12.572082] kmalloc_node_oob_right+0x369/0x3c0 [ 12.572103] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.572124] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.572148] kunit_try_run_case+0x1a5/0x480 [ 12.572169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.572207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.572243] ? __kthread_parkme+0x82/0x180 [ 12.572291] ? preempt_count_sub+0x50/0x80 [ 12.572314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.572353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.572373] kthread+0x337/0x6f0 [ 12.572389] ? trace_preempt_on+0x20/0xc0 [ 12.572410] ? __pfx_kthread+0x10/0x10 [ 12.572428] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.572445] ? calculate_sigpending+0x7b/0xa0 [ 12.572466] ? __pfx_kthread+0x10/0x10 [ 12.572485] ret_from_fork+0x116/0x1d0 [ 12.572503] ? __pfx_kthread+0x10/0x10 [ 12.572532] ret_from_fork_asm+0x1a/0x30 [ 12.572574] </TASK> [ 12.572592] [ 12.584999] Allocated by task 158: [ 12.585727] kasan_save_stack+0x45/0x70 [ 12.586171] kasan_save_track+0x18/0x40 [ 12.586884] kasan_save_alloc_info+0x3b/0x50 [ 12.587274] __kasan_kmalloc+0xb7/0xc0 [ 12.587454] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.588118] kmalloc_node_oob_right+0xab/0x3c0 [ 12.588365] kunit_try_run_case+0x1a5/0x480 [ 12.588786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.589041] kthread+0x337/0x6f0 [ 12.589494] ret_from_fork+0x116/0x1d0 [ 12.590028] ret_from_fork_asm+0x1a/0x30 [ 12.590338] [ 12.590663] The buggy address belongs to the object at ffff8881027d4000 [ 12.590663] which belongs to the cache kmalloc-4k of size 4096 [ 12.591416] The buggy address is located 0 bytes to the right of [ 12.591416] allocated 4096-byte region [ffff8881027d4000, ffff8881027d5000) [ 12.592185] [ 12.592454] The buggy address belongs to the physical page: [ 12.592939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.594147] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.594509] flags: 0x200000000000040(head|node=0|zone=2) [ 12.594909] page_type: f5(slab) [ 12.595075] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.595917] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.596944] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.597657] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.597985] head: 0200000000000003 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.598684] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.599291] page dumped because: kasan: bad access detected [ 12.599542] [ 12.599801] Memory state around the buggy address: [ 12.600406] ffff8881027d4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.601215] ffff8881027d4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.601708] >ffff8881027d5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.601930] ^ [ 12.602178] ffff8881027d5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.602687] ffff8881027d5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.603122] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.528856] ================================================================== [ 12.529302] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.529671] Read of size 1 at addr ffff888101c6db1f by task kunit_try_catch/156 [ 12.529874] [ 12.530010] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.530086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.530103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.531990] Call Trace: [ 12.532054] <TASK> [ 12.532088] dump_stack_lvl+0x73/0xb0 [ 12.532149] print_report+0xd1/0x650 [ 12.532187] ? __virt_addr_valid+0x1db/0x2d0 [ 12.532226] ? kmalloc_oob_left+0x361/0x3c0 [ 12.532257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.532293] ? kmalloc_oob_left+0x361/0x3c0 [ 12.532327] kasan_report+0x141/0x180 [ 12.532363] ? kmalloc_oob_left+0x361/0x3c0 [ 12.532406] __asan_report_load1_noabort+0x18/0x20 [ 12.532443] kmalloc_oob_left+0x361/0x3c0 [ 12.532479] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.532514] ? __schedule+0x10cc/0x2b60 [ 12.532550] ? __pfx_read_tsc+0x10/0x10 [ 12.532584] ? ktime_get_ts64+0x86/0x230 [ 12.532645] kunit_try_run_case+0x1a5/0x480 [ 12.532689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.532723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.532760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.532795] ? __kthread_parkme+0x82/0x180 [ 12.532827] ? preempt_count_sub+0x50/0x80 [ 12.532867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.532904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.532940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.532976] kthread+0x337/0x6f0 [ 12.533007] ? trace_preempt_on+0x20/0xc0 [ 12.533046] ? __pfx_kthread+0x10/0x10 [ 12.533080] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.533112] ? calculate_sigpending+0x7b/0xa0 [ 12.533143] ? __pfx_kthread+0x10/0x10 [ 12.533198] ret_from_fork+0x116/0x1d0 [ 12.533224] ? __pfx_kthread+0x10/0x10 [ 12.533251] ret_from_fork_asm+0x1a/0x30 [ 12.534250] </TASK> [ 12.534307] [ 12.549341] Allocated by task 1: [ 12.549681] kasan_save_stack+0x45/0x70 [ 12.549851] kasan_save_track+0x18/0x40 [ 12.550044] kasan_save_alloc_info+0x3b/0x50 [ 12.550744] __kasan_kmalloc+0xb7/0xc0 [ 12.551143] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.551843] kvasprintf+0xc5/0x150 [ 12.552051] __kthread_create_on_node+0x18b/0x3a0 [ 12.552476] kthread_create_on_node+0xab/0xe0 [ 12.553033] create_worker+0x3e5/0x7b0 [ 12.553191] alloc_unbound_pwq+0x8ea/0xdb0 [ 12.553530] apply_wqattrs_prepare+0x332/0xd20 [ 12.553785] apply_workqueue_attrs_locked+0x4d/0xa0 [ 12.553991] alloc_workqueue+0xcc7/0x1ad0 [ 12.554333] latency_fsnotify_init+0x1b/0x50 [ 12.554539] do_one_initcall+0xd8/0x370 [ 12.554713] kernel_init_freeable+0x420/0x6f0 [ 12.555117] kernel_init+0x23/0x1e0 [ 12.555368] ret_from_fork+0x116/0x1d0 [ 12.555590] ret_from_fork_asm+0x1a/0x30 [ 12.555861] [ 12.555945] The buggy address belongs to the object at ffff888101c6db00 [ 12.555945] which belongs to the cache kmalloc-16 of size 16 [ 12.556546] The buggy address is located 18 bytes to the right of [ 12.556546] allocated 13-byte region [ffff888101c6db00, ffff888101c6db0d) [ 12.556951] [ 12.557113] The buggy address belongs to the physical page: [ 12.557560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c6d [ 12.557928] flags: 0x200000000000000(node=0|zone=2) [ 12.558159] page_type: f5(slab) [ 12.558369] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.558615] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.559580] page dumped because: kasan: bad access detected [ 12.559873] [ 12.559977] Memory state around the buggy address: [ 12.560158] ffff888101c6da00: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.560899] ffff888101c6da80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.561387] >ffff888101c6db00: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 12.561906] ^ [ 12.562152] ffff888101c6db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.562479] ffff888101c6dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.562721] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 144.142533] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 144.142849] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 144.144280] Modules linked in: [ 144.144672] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.145470] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.146045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.146773] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 144.147069] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 e0 7d 7e a4 4c 89 f2 48 c7 c7 a0 7a 7e a4 48 89 c6 e8 34 f5 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 144.148187] RSP: 0000:ffff888102fb7d18 EFLAGS: 00010286 [ 144.148455] RAX: 0000000000000000 RBX: ffff88810a80c800 RCX: 1ffffffff4aa4c80 [ 144.149125] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 144.150147] RBP: ffff888102fb7d48 R08: 0000000000000000 R09: fffffbfff4aa4c80 [ 144.150434] R10: 0000000000000003 R11: 0000000000037f18 R12: ffff8881035d5800 [ 144.150851] R13: ffff88810a80c8f8 R14: ffff88810a8f4380 R15: ffff88810039fb40 [ 144.151302] FS: 0000000000000000(0000) GS:ffff8881b4874000(0000) knlGS:0000000000000000 [ 144.152109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.152339] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 144.153002] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850442 [ 144.153271] DR3: ffffffffa6850443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.153777] Call Trace: [ 144.153953] <TASK> [ 144.154144] ? trace_preempt_on+0x20/0xc0 [ 144.154373] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 144.155255] drm_gem_shmem_free_wrapper+0x12/0x20 [ 144.155700] __kunit_action_free+0x57/0x70 [ 144.155926] kunit_remove_resource+0x133/0x200 [ 144.156204] ? preempt_count_sub+0x50/0x80 [ 144.156405] kunit_cleanup+0x7a/0x120 [ 144.157325] kunit_try_run_case_cleanup+0xbd/0xf0 [ 144.157601] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 144.158060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.158423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.158823] kthread+0x337/0x6f0 [ 144.159310] ? trace_preempt_on+0x20/0xc0 [ 144.160046] ? __pfx_kthread+0x10/0x10 [ 144.160359] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.160900] ? calculate_sigpending+0x7b/0xa0 [ 144.161138] ? __pfx_kthread+0x10/0x10 [ 144.161416] ret_from_fork+0x116/0x1d0 [ 144.162023] ? __pfx_kthread+0x10/0x10 [ 144.162322] ret_from_fork_asm+0x1a/0x30 [ 144.162662] </TASK> [ 144.163151] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 143.971129] WARNING: CPU: 0 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 143.971692] Modules linked in: [ 143.972014] CPU: 0 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.972660] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.973143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.973830] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 143.974166] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 143.975087] RSP: 0000:ffff8881038afb30 EFLAGS: 00010246 [ 143.976412] RAX: dffffc0000000000 RBX: ffff8881038afc28 RCX: 0000000000000000 [ 143.977075] RDX: 1ffff11020715f8e RSI: ffff8881038afc28 RDI: ffff8881038afc70 [ 143.977387] RBP: ffff8881038afb70 R08: ffff888103b37000 R09: ffffffffa47d8120 [ 143.978123] R10: 0000000000000003 R11: 0000000001627100 R12: ffff888103b37000 [ 143.978403] R13: ffff88810039fae8 R14: ffff8881038afba8 R15: 0000000000000000 [ 143.979158] FS: 0000000000000000(0000) GS:ffff8881b4874000(0000) knlGS:0000000000000000 [ 143.980058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.980462] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 143.980954] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850442 [ 143.981208] DR3: ffffffffa6850443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.981336] Call Trace: [ 143.981407] <TASK> [ 143.981469] ? add_dr+0xc1/0x1d0 [ 143.982294] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.982996] ? add_dr+0x148/0x1d0 [ 143.983724] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.984232] ? __drmm_add_action+0x1a4/0x280 [ 143.984658] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.985002] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.985326] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.985789] ? __schedule+0x10cc/0x2b60 [ 143.986169] ? __pfx_read_tsc+0x10/0x10 [ 143.986348] ? ktime_get_ts64+0x86/0x230 [ 143.987277] kunit_try_run_case+0x1a5/0x480 [ 143.987674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.988251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.988561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.989177] ? __kthread_parkme+0x82/0x180 [ 143.989358] ? preempt_count_sub+0x50/0x80 [ 143.989672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.990051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.990959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.991300] kthread+0x337/0x6f0 [ 143.991465] ? trace_preempt_on+0x20/0xc0 [ 143.992258] ? __pfx_kthread+0x10/0x10 [ 143.992693] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.993001] ? calculate_sigpending+0x7b/0xa0 [ 143.993295] ? __pfx_kthread+0x10/0x10 [ 143.993662] ret_from_fork+0x116/0x1d0 [ 143.994616] ? __pfx_kthread+0x10/0x10 [ 143.994886] ret_from_fork_asm+0x1a/0x30 [ 143.995081] </TASK> [ 143.995259] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 143.924528] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 143.924755] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.925765] Modules linked in: [ 143.926071] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.926816] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.928873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.929276] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.930456] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 00 30 7d a4 4c 89 fa 48 c7 c7 60 30 7d a4 48 89 c6 e8 02 12 7f fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.931744] RSP: 0000:ffff8881038c7b68 EFLAGS: 00010282 [ 143.931977] RAX: 0000000000000000 RBX: ffff8881038c7c40 RCX: 1ffffffff4aa4c80 [ 143.932383] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.932828] RBP: ffff8881038c7b90 R08: 0000000000000000 R09: fffffbfff4aa4c80 [ 143.933394] R10: 0000000000000003 R11: 0000000000036558 R12: ffff8881038c7c18 [ 143.933889] R13: ffff88810332c000 R14: ffff888103595000 R15: ffff88810b291b00 [ 143.934169] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 143.935003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.935439] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 143.936004] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 143.936853] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.937435] Call Trace: [ 143.937816] <TASK> [ 143.938036] drm_test_framebuffer_free+0x1ab/0x610 [ 143.938285] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.939053] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.939414] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.939816] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.941113] ? __schedule+0x10cc/0x2b60 [ 143.941402] ? __pfx_read_tsc+0x10/0x10 [ 143.941788] ? ktime_get_ts64+0x86/0x230 [ 143.942081] kunit_try_run_case+0x1a5/0x480 [ 143.942324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.942895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.943239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.943427] ? __kthread_parkme+0x82/0x180 [ 143.944151] ? preempt_count_sub+0x50/0x80 [ 143.945107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.945447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.946232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.946702] kthread+0x337/0x6f0 [ 143.946972] ? trace_preempt_on+0x20/0xc0 [ 143.947251] ? __pfx_kthread+0x10/0x10 [ 143.947785] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.948419] ? calculate_sigpending+0x7b/0xa0 [ 143.948641] ? __pfx_kthread+0x10/0x10 [ 143.949097] ret_from_fork+0x116/0x1d0 [ 143.949436] ? __pfx_kthread+0x10/0x10 [ 143.949640] ret_from_fork_asm+0x1a/0x30 [ 143.950333] </TASK> [ 143.950565] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 142.119136] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.120577] Modules linked in: [ 142.120855] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.121980] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.122361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.122859] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.123441] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 1b 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.124559] RSP: 0000:ffff88810aaa7c90 EFLAGS: 00010246 [ 142.125012] RAX: dffffc0000000000 RBX: ffff88810ab6a000 RCX: 0000000000000000 [ 142.125250] RDX: 1ffff1102156d432 RSI: ffffffffa1a02308 RDI: ffff88810ab6a190 [ 142.125677] RBP: ffff88810aaa7ca0 R08: 1ffff11020073f69 R09: ffffed1021554f65 [ 142.126082] R10: 0000000000000003 R11: ffffffffa0f84c28 R12: 0000000000000000 [ 142.126831] R13: ffff88810aaa7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.127298] FS: 0000000000000000(0000) GS:ffff8881b4874000(0000) knlGS:0000000000000000 [ 142.127583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.128069] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 142.128276] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850442 [ 142.129064] DR3: ffffffffa6850443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.129447] Call Trace: [ 142.129727] <TASK> [ 142.129992] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 142.130457] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 142.131140] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 142.132260] ? trace_hardirqs_on+0x37/0xe0 [ 142.132701] ? __pfx_read_tsc+0x10/0x10 [ 142.132928] ? ktime_get_ts64+0x86/0x230 [ 142.133309] kunit_try_run_case+0x1a5/0x480 [ 142.133706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.134033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.134421] ? __kthread_parkme+0x82/0x180 [ 142.135023] ? preempt_count_sub+0x50/0x80 [ 142.135641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.136020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.136330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.136804] kthread+0x337/0x6f0 [ 142.137117] ? trace_preempt_on+0x20/0xc0 [ 142.137329] ? __pfx_kthread+0x10/0x10 [ 142.137770] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.138047] ? calculate_sigpending+0x7b/0xa0 [ 142.138406] ? __pfx_kthread+0x10/0x10 [ 142.138883] ret_from_fork+0x116/0x1d0 [ 142.139091] ? __pfx_kthread+0x10/0x10 [ 142.139339] ret_from_fork_asm+0x1a/0x30 [ 142.139801] </TASK> [ 142.139991] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.217421] WARNING: CPU: 1 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.218255] Modules linked in: [ 142.218647] CPU: 1 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.219202] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.219692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.220183] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.220785] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 1b 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.221485] RSP: 0000:ffff88810aae7c90 EFLAGS: 00010246 [ 142.221751] RAX: dffffc0000000000 RBX: ffff88810adb0000 RCX: 0000000000000000 [ 142.222475] RDX: 1ffff110215b6032 RSI: ffffffffa1a02308 RDI: ffff88810adb0190 [ 142.222981] RBP: ffff88810aae7ca0 R08: 1ffff11020073f69 R09: ffffed102155cf65 [ 142.223343] R10: 0000000000000003 R11: ffffffffa0f84c28 R12: 0000000000000000 [ 142.223711] R13: ffff88810aae7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.224299] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 142.224600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.225063] CR2: 00007ffff7ffe000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 142.225291] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 142.225560] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.226323] Call Trace: [ 142.226585] <TASK> [ 142.226901] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 142.227349] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 142.227615] ? __schedule+0x10cc/0x2b60 [ 142.227808] ? __pfx_read_tsc+0x10/0x10 [ 142.227981] ? ktime_get_ts64+0x86/0x230 [ 142.228570] kunit_try_run_case+0x1a5/0x480 [ 142.228948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.229451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.229988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.230402] ? __kthread_parkme+0x82/0x180 [ 142.230756] ? preempt_count_sub+0x50/0x80 [ 142.231081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.231293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.231828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.232190] kthread+0x337/0x6f0 [ 142.232688] ? trace_preempt_on+0x20/0xc0 [ 142.232922] ? __pfx_kthread+0x10/0x10 [ 142.233397] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.233650] ? calculate_sigpending+0x7b/0xa0 [ 142.234181] ? __pfx_kthread+0x10/0x10 [ 142.234420] ret_from_fork+0x116/0x1d0 [ 142.234775] ? __pfx_kthread+0x10/0x10 [ 142.235135] ret_from_fork_asm+0x1a/0x30 [ 142.235558] </TASK> [ 142.235933] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 112.802183] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 112.802594] Modules linked in: [ 112.803251] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 112.804009] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 112.804347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 112.804967] RIP: 0010:intlog10+0x2a/0x40 [ 112.805213] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 112.806093] RSP: 0000:ffff888108cefcb0 EFLAGS: 00010246 [ 112.806383] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102119dfb4 [ 112.806729] RDX: 1ffffffff48d2c9c RSI: 1ffff1102119dfb3 RDI: 0000000000000000 [ 112.807063] RBP: ffff888108cefd60 R08: 0000000000000000 R09: ffffed10210630a0 [ 112.807450] R10: ffff888108318507 R11: 0000000000000000 R12: 1ffff1102119df97 [ 112.808418] R13: ffffffffa46964e0 R14: 0000000000000000 R15: ffff888108cefd38 [ 112.809061] FS: 0000000000000000(0000) GS:ffff8881b4874000(0000) knlGS:0000000000000000 [ 112.809374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.810038] CR2: ffff88815a8bcfe0 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 112.810309] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850442 [ 112.810975] DR3: ffffffffa6850443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 112.811316] Call Trace: [ 112.811501] <TASK> [ 112.811968] ? intlog10_test+0xf2/0x220 [ 112.812284] ? __pfx_intlog10_test+0x10/0x10 [ 112.812529] ? __schedule+0x10cc/0x2b60 [ 112.812966] ? __pfx_read_tsc+0x10/0x10 [ 112.813259] ? ktime_get_ts64+0x86/0x230 [ 112.813519] kunit_try_run_case+0x1a5/0x480 [ 112.814042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.814701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 112.815258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 112.815456] ? __kthread_parkme+0x82/0x180 [ 112.816102] ? preempt_count_sub+0x50/0x80 [ 112.816453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.816748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 112.817513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 112.818306] kthread+0x337/0x6f0 [ 112.818882] ? trace_preempt_on+0x20/0xc0 [ 112.819192] ? __pfx_kthread+0x10/0x10 [ 112.819355] ? _raw_spin_unlock_irq+0x47/0x80 [ 112.819619] ? calculate_sigpending+0x7b/0xa0 [ 112.820192] ? __pfx_kthread+0x10/0x10 [ 112.820449] ret_from_fork+0x116/0x1d0 [ 112.821353] ? __pfx_kthread+0x10/0x10 [ 112.821621] ret_from_fork_asm+0x1a/0x30 [ 112.821896] </TASK> [ 112.822080] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 112.752261] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 112.753270] Modules linked in: [ 112.753938] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 112.754329] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 112.754886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 112.755330] RIP: 0010:intlog2+0xdf/0x110 [ 112.755834] Code: 69 a4 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 57 9f 86 02 89 45 e4 e8 cf 0f 56 ff 8b 45 e4 eb [ 112.757114] RSP: 0000:ffff888108cefcb0 EFLAGS: 00010246 [ 112.757446] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102119dfb4 [ 112.758002] RDX: 1ffffffff48d2cf0 RSI: 1ffff1102119dfb3 RDI: 0000000000000000 [ 112.758434] RBP: ffff888108cefd60 R08: 0000000000000000 R09: ffffed102077b0e0 [ 112.758959] R10: ffff888103bd8707 R11: 0000000000000000 R12: 1ffff1102119df97 [ 112.759369] R13: ffffffffa4696780 R14: 0000000000000000 R15: ffff888108cefd38 [ 112.759853] FS: 0000000000000000(0000) GS:ffff8881b4974000(0000) knlGS:0000000000000000 [ 112.760338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.760769] CR2: dffffc0000000000 CR3: 0000000024abc000 CR4: 00000000000006f0 [ 112.761118] DR0: ffffffffa6850440 DR1: ffffffffa6850441 DR2: ffffffffa6850443 [ 112.761347] DR3: ffffffffa6850445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 112.761999] Call Trace: [ 112.762221] <TASK> [ 112.762426] ? intlog2_test+0xf2/0x220 [ 112.762942] ? __pfx_intlog2_test+0x10/0x10 [ 112.763245] ? __schedule+0x10cc/0x2b60 [ 112.763840] ? __pfx_read_tsc+0x10/0x10 [ 112.764149] ? ktime_get_ts64+0x86/0x230 [ 112.764317] kunit_try_run_case+0x1a5/0x480 [ 112.764892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.765221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 112.765494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 112.765900] ? __kthread_parkme+0x82/0x180 [ 112.766145] ? preempt_count_sub+0x50/0x80 [ 112.766495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.766834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 112.767195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 112.767988] kthread+0x337/0x6f0 [ 112.768387] ? trace_preempt_on+0x20/0xc0 [ 112.768583] ? __pfx_kthread+0x10/0x10 [ 112.768929] ? _raw_spin_unlock_irq+0x47/0x80 [ 112.769345] ? calculate_sigpending+0x7b/0xa0 [ 112.769848] ? __pfx_kthread+0x10/0x10 [ 112.770107] ret_from_fork+0x116/0x1d0 [ 112.770429] ? __pfx_kthread+0x10/0x10 [ 112.771090] ret_from_fork_asm+0x1a/0x30 [ 112.771423] </TASK> [ 112.771914] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 112.109982] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI