Date
July 17, 2025, 11:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.545361] ================================================================== [ 12.546156] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.546480] Write of size 33 at addr ffff8881026b9300 by task kunit_try_catch/203 [ 12.546804] [ 12.546970] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.547043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.547066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.547105] Call Trace: [ 12.547118] <TASK> [ 12.547135] dump_stack_lvl+0x73/0xb0 [ 12.547181] print_report+0xd1/0x610 [ 12.547217] ? __virt_addr_valid+0x1db/0x2d0 [ 12.547240] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.547260] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.547282] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.547303] kasan_report+0x141/0x180 [ 12.547324] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.547351] kasan_check_range+0x10c/0x1c0 [ 12.547374] __asan_memset+0x27/0x50 [ 12.547392] kmalloc_uaf_memset+0x1a3/0x360 [ 12.547413] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.547434] ? __schedule+0x10cc/0x2b60 [ 12.547457] ? __pfx_read_tsc+0x10/0x10 [ 12.547477] ? ktime_get_ts64+0x86/0x230 [ 12.547501] kunit_try_run_case+0x1a5/0x480 [ 12.547526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.547547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.547571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.547605] ? __kthread_parkme+0x82/0x180 [ 12.547625] ? preempt_count_sub+0x50/0x80 [ 12.547649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.547672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.547695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.547720] kthread+0x337/0x6f0 [ 12.547738] ? trace_preempt_on+0x20/0xc0 [ 12.547761] ? __pfx_kthread+0x10/0x10 [ 12.547780] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.547801] ? calculate_sigpending+0x7b/0xa0 [ 12.547835] ? __pfx_kthread+0x10/0x10 [ 12.547855] ret_from_fork+0x116/0x1d0 [ 12.547873] ? __pfx_kthread+0x10/0x10 [ 12.547893] ret_from_fork_asm+0x1a/0x30 [ 12.547926] </TASK> [ 12.547936] [ 12.556622] Allocated by task 203: [ 12.556800] kasan_save_stack+0x45/0x70 [ 12.556998] kasan_save_track+0x18/0x40 [ 12.557152] kasan_save_alloc_info+0x3b/0x50 [ 12.557464] __kasan_kmalloc+0xb7/0xc0 [ 12.557667] __kmalloc_cache_noprof+0x189/0x420 [ 12.558429] kmalloc_uaf_memset+0xa9/0x360 [ 12.558873] kunit_try_run_case+0x1a5/0x480 [ 12.559111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.559340] kthread+0x337/0x6f0 [ 12.559496] ret_from_fork+0x116/0x1d0 [ 12.560094] ret_from_fork_asm+0x1a/0x30 [ 12.560423] [ 12.560519] Freed by task 203: [ 12.560844] kasan_save_stack+0x45/0x70 [ 12.561098] kasan_save_track+0x18/0x40 [ 12.561279] kasan_save_free_info+0x3f/0x60 [ 12.561468] __kasan_slab_free+0x56/0x70 [ 12.561905] kfree+0x222/0x3f0 [ 12.562223] kmalloc_uaf_memset+0x12b/0x360 [ 12.562577] kunit_try_run_case+0x1a5/0x480 [ 12.562953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563241] kthread+0x337/0x6f0 [ 12.563513] ret_from_fork+0x116/0x1d0 [ 12.563712] ret_from_fork_asm+0x1a/0x30 [ 12.564061] [ 12.564301] The buggy address belongs to the object at ffff8881026b9300 [ 12.564301] which belongs to the cache kmalloc-64 of size 64 [ 12.565071] The buggy address is located 0 bytes inside of [ 12.565071] freed 64-byte region [ffff8881026b9300, ffff8881026b9340) [ 12.565541] [ 12.565849] The buggy address belongs to the physical page: [ 12.566338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b9 [ 12.566840] flags: 0x200000000000000(node=0|zone=2) [ 12.567431] page_type: f5(slab) [ 12.567772] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.568574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.569272] page dumped because: kasan: bad access detected [ 12.569585] [ 12.569806] Memory state around the buggy address: [ 12.570072] ffff8881026b9200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.570374] ffff8881026b9280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.571109] >ffff8881026b9300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.571608] ^ [ 12.572015] ffff8881026b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572330] ffff8881026b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.506655] ================================================================== [ 12.507109] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.507334] Read of size 1 at addr ffff8881022efca8 by task kunit_try_catch/201 [ 12.507558] [ 12.507652] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.507699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.507710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.507732] Call Trace: [ 12.507743] <TASK> [ 12.507760] dump_stack_lvl+0x73/0xb0 [ 12.507788] print_report+0xd1/0x610 [ 12.507808] ? __virt_addr_valid+0x1db/0x2d0 [ 12.507831] ? kmalloc_uaf+0x320/0x380 [ 12.507848] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.507869] ? kmalloc_uaf+0x320/0x380 [ 12.507888] kasan_report+0x141/0x180 [ 12.507908] ? kmalloc_uaf+0x320/0x380 [ 12.507933] __asan_report_load1_noabort+0x18/0x20 [ 12.507955] kmalloc_uaf+0x320/0x380 [ 12.507973] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.507993] ? __schedule+0x10cc/0x2b60 [ 12.508015] ? __pfx_read_tsc+0x10/0x10 [ 12.508035] ? ktime_get_ts64+0x86/0x230 [ 12.508102] kunit_try_run_case+0x1a5/0x480 [ 12.508129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.508151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.508175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.508198] ? __kthread_parkme+0x82/0x180 [ 12.508219] ? preempt_count_sub+0x50/0x80 [ 12.508244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.508267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.508290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.508313] kthread+0x337/0x6f0 [ 12.508332] ? trace_preempt_on+0x20/0xc0 [ 12.508355] ? __pfx_kthread+0x10/0x10 [ 12.508376] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.508397] ? calculate_sigpending+0x7b/0xa0 [ 12.508421] ? __pfx_kthread+0x10/0x10 [ 12.508442] ret_from_fork+0x116/0x1d0 [ 12.508460] ? __pfx_kthread+0x10/0x10 [ 12.508480] ret_from_fork_asm+0x1a/0x30 [ 12.508512] </TASK> [ 12.508523] [ 12.522039] Allocated by task 201: [ 12.522515] kasan_save_stack+0x45/0x70 [ 12.522991] kasan_save_track+0x18/0x40 [ 12.523385] kasan_save_alloc_info+0x3b/0x50 [ 12.523852] __kasan_kmalloc+0xb7/0xc0 [ 12.524242] __kmalloc_cache_noprof+0x189/0x420 [ 12.524718] kmalloc_uaf+0xaa/0x380 [ 12.525161] kunit_try_run_case+0x1a5/0x480 [ 12.525590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.526167] kthread+0x337/0x6f0 [ 12.526513] ret_from_fork+0x116/0x1d0 [ 12.526932] ret_from_fork_asm+0x1a/0x30 [ 12.527421] [ 12.527605] Freed by task 201: [ 12.527980] kasan_save_stack+0x45/0x70 [ 12.528332] kasan_save_track+0x18/0x40 [ 12.528732] kasan_save_free_info+0x3f/0x60 [ 12.529182] __kasan_slab_free+0x56/0x70 [ 12.529369] kfree+0x222/0x3f0 [ 12.529489] kmalloc_uaf+0x12c/0x380 [ 12.529808] kunit_try_run_case+0x1a5/0x480 [ 12.530291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.530906] kthread+0x337/0x6f0 [ 12.531243] ret_from_fork+0x116/0x1d0 [ 12.531539] ret_from_fork_asm+0x1a/0x30 [ 12.532009] [ 12.532124] The buggy address belongs to the object at ffff8881022efca0 [ 12.532124] which belongs to the cache kmalloc-16 of size 16 [ 12.532485] The buggy address is located 8 bytes inside of [ 12.532485] freed 16-byte region [ffff8881022efca0, ffff8881022efcb0) [ 12.533662] [ 12.533879] The buggy address belongs to the physical page: [ 12.534433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ef [ 12.535378] flags: 0x200000000000000(node=0|zone=2) [ 12.536134] page_type: f5(slab) [ 12.536425] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.536976] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.537407] page dumped because: kasan: bad access detected [ 12.537600] [ 12.537834] Memory state around the buggy address: [ 12.538396] ffff8881022efb80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.539067] ffff8881022efc00: 00 04 fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 12.539695] >ffff8881022efc80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.540335] ^ [ 12.540498] ffff8881022efd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.541152] ffff8881022efd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.541814] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.477797] ================================================================== [ 12.478476] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.478852] Read of size 64 at addr ffff888102f44004 by task kunit_try_catch/199 [ 12.479280] [ 12.479395] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.479456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.479467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.479489] Call Trace: [ 12.479501] <TASK> [ 12.479518] dump_stack_lvl+0x73/0xb0 [ 12.479548] print_report+0xd1/0x610 [ 12.479569] ? __virt_addr_valid+0x1db/0x2d0 [ 12.479980] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.480011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.480034] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.480073] kasan_report+0x141/0x180 [ 12.480098] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.480127] kasan_check_range+0x10c/0x1c0 [ 12.480150] __asan_memmove+0x27/0x70 [ 12.480169] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.480192] ? __kasan_check_write+0x18/0x20 [ 12.480211] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.480237] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.480264] ? __pfx_read_tsc+0x10/0x10 [ 12.480285] ? ktime_get_ts64+0x86/0x230 [ 12.480310] kunit_try_run_case+0x1a5/0x480 [ 12.480334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.480356] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.480377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.480400] ? __kthread_parkme+0x82/0x180 [ 12.480421] ? preempt_count_sub+0x50/0x80 [ 12.480444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.480467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.480490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.480513] kthread+0x337/0x6f0 [ 12.480531] ? trace_preempt_on+0x20/0xc0 [ 12.480554] ? __pfx_kthread+0x10/0x10 [ 12.480573] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.480609] ? calculate_sigpending+0x7b/0xa0 [ 12.480633] ? __pfx_kthread+0x10/0x10 [ 12.480653] ret_from_fork+0x116/0x1d0 [ 12.480670] ? __pfx_kthread+0x10/0x10 [ 12.480689] ret_from_fork_asm+0x1a/0x30 [ 12.480721] </TASK> [ 12.480732] [ 12.492197] Allocated by task 199: [ 12.492376] kasan_save_stack+0x45/0x70 [ 12.493114] kasan_save_track+0x18/0x40 [ 12.493333] kasan_save_alloc_info+0x3b/0x50 [ 12.493548] __kasan_kmalloc+0xb7/0xc0 [ 12.493701] __kmalloc_cache_noprof+0x189/0x420 [ 12.494131] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.494468] kunit_try_run_case+0x1a5/0x480 [ 12.494844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.495108] kthread+0x337/0x6f0 [ 12.495266] ret_from_fork+0x116/0x1d0 [ 12.495446] ret_from_fork_asm+0x1a/0x30 [ 12.495866] [ 12.495955] The buggy address belongs to the object at ffff888102f44000 [ 12.495955] which belongs to the cache kmalloc-64 of size 64 [ 12.496743] The buggy address is located 4 bytes inside of [ 12.496743] allocated 64-byte region [ffff888102f44000, ffff888102f44040) [ 12.497263] [ 12.497350] The buggy address belongs to the physical page: [ 12.497807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f44 [ 12.498076] flags: 0x200000000000000(node=0|zone=2) [ 12.498416] page_type: f5(slab) [ 12.498907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.499356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.499838] page dumped because: kasan: bad access detected [ 12.500219] [ 12.500323] Memory state around the buggy address: [ 12.500704] ffff888102f43f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.501275] ffff888102f43f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.501534] >ffff888102f44000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.502076] ^ [ 12.502471] ffff888102f44080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.502800] ffff888102f44100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.503362] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.450006] ================================================================== [ 12.450502] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.451077] Read of size 18446744073709551614 at addr ffff888102f3bf84 by task kunit_try_catch/197 [ 12.451523] [ 12.451655] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.451706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.451717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.451741] Call Trace: [ 12.451755] <TASK> [ 12.451776] dump_stack_lvl+0x73/0xb0 [ 12.451810] print_report+0xd1/0x610 [ 12.451833] ? __virt_addr_valid+0x1db/0x2d0 [ 12.452096] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.452127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.452150] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.452196] kasan_report+0x141/0x180 [ 12.452218] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.452248] kasan_check_range+0x10c/0x1c0 [ 12.452271] __asan_memmove+0x27/0x70 [ 12.452290] kmalloc_memmove_negative_size+0x171/0x330 [ 12.452312] ? __kasan_check_write+0x18/0x20 [ 12.452331] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.452355] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.452381] ? trace_hardirqs_on+0x37/0xe0 [ 12.452405] ? __pfx_read_tsc+0x10/0x10 [ 12.452426] ? ktime_get_ts64+0x86/0x230 [ 12.452451] kunit_try_run_case+0x1a5/0x480 [ 12.452479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.452502] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.452527] ? __kthread_parkme+0x82/0x180 [ 12.452547] ? preempt_count_sub+0x50/0x80 [ 12.452572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.452607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.452630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.452652] kthread+0x337/0x6f0 [ 12.452671] ? trace_preempt_on+0x20/0xc0 [ 12.452692] ? __pfx_kthread+0x10/0x10 [ 12.452711] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.452732] ? calculate_sigpending+0x7b/0xa0 [ 12.452756] ? __pfx_kthread+0x10/0x10 [ 12.452776] ret_from_fork+0x116/0x1d0 [ 12.452794] ? __pfx_kthread+0x10/0x10 [ 12.452831] ret_from_fork_asm+0x1a/0x30 [ 12.452864] </TASK> [ 12.452875] [ 12.464104] Allocated by task 197: [ 12.464305] kasan_save_stack+0x45/0x70 [ 12.464491] kasan_save_track+0x18/0x40 [ 12.464718] kasan_save_alloc_info+0x3b/0x50 [ 12.465341] __kasan_kmalloc+0xb7/0xc0 [ 12.465615] __kmalloc_cache_noprof+0x189/0x420 [ 12.465792] kmalloc_memmove_negative_size+0xac/0x330 [ 12.466208] kunit_try_run_case+0x1a5/0x480 [ 12.466418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.466860] kthread+0x337/0x6f0 [ 12.467001] ret_from_fork+0x116/0x1d0 [ 12.467212] ret_from_fork_asm+0x1a/0x30 [ 12.467388] [ 12.467482] The buggy address belongs to the object at ffff888102f3bf80 [ 12.467482] which belongs to the cache kmalloc-64 of size 64 [ 12.468398] The buggy address is located 4 bytes inside of [ 12.468398] 64-byte region [ffff888102f3bf80, ffff888102f3bfc0) [ 12.469244] [ 12.469330] The buggy address belongs to the physical page: [ 12.469674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f3b [ 12.470035] flags: 0x200000000000000(node=0|zone=2) [ 12.470302] page_type: f5(slab) [ 12.470443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.470751] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.471140] page dumped because: kasan: bad access detected [ 12.471593] [ 12.471683] Memory state around the buggy address: [ 12.471856] ffff888102f3be80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.472265] ffff888102f3bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.472741] >ffff888102f3bf80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.472971] ^ [ 12.473298] ffff888102f3c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.473596] ffff888102f3c080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.473878] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.416514] ================================================================== [ 12.417462] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.418254] Write of size 16 at addr ffff8881026a6b69 by task kunit_try_catch/195 [ 12.418753] [ 12.418986] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.419039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.419064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.419087] Call Trace: [ 12.419099] <TASK> [ 12.419118] dump_stack_lvl+0x73/0xb0 [ 12.419149] print_report+0xd1/0x610 [ 12.419172] ? __virt_addr_valid+0x1db/0x2d0 [ 12.419196] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.419217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.419240] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.419261] kasan_report+0x141/0x180 [ 12.419282] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.419309] kasan_check_range+0x10c/0x1c0 [ 12.419332] __asan_memset+0x27/0x50 [ 12.419350] kmalloc_oob_memset_16+0x166/0x330 [ 12.419372] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.419394] ? __schedule+0x10cc/0x2b60 [ 12.419416] ? __pfx_read_tsc+0x10/0x10 [ 12.419437] ? ktime_get_ts64+0x86/0x230 [ 12.419461] kunit_try_run_case+0x1a5/0x480 [ 12.419485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.419507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.419530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.419552] ? __kthread_parkme+0x82/0x180 [ 12.419573] ? preempt_count_sub+0x50/0x80 [ 12.419755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.419784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.419891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.419915] kthread+0x337/0x6f0 [ 12.419933] ? trace_preempt_on+0x20/0xc0 [ 12.419958] ? __pfx_kthread+0x10/0x10 [ 12.419977] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.419998] ? calculate_sigpending+0x7b/0xa0 [ 12.420022] ? __pfx_kthread+0x10/0x10 [ 12.420042] ret_from_fork+0x116/0x1d0 [ 12.420071] ? __pfx_kthread+0x10/0x10 [ 12.420090] ret_from_fork_asm+0x1a/0x30 [ 12.420122] </TASK> [ 12.420134] [ 12.432496] Allocated by task 195: [ 12.433026] kasan_save_stack+0x45/0x70 [ 12.433304] kasan_save_track+0x18/0x40 [ 12.433727] kasan_save_alloc_info+0x3b/0x50 [ 12.433991] __kasan_kmalloc+0xb7/0xc0 [ 12.434182] __kmalloc_cache_noprof+0x189/0x420 [ 12.434385] kmalloc_oob_memset_16+0xac/0x330 [ 12.434575] kunit_try_run_case+0x1a5/0x480 [ 12.434759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435569] kthread+0x337/0x6f0 [ 12.436090] ret_from_fork+0x116/0x1d0 [ 12.436366] ret_from_fork_asm+0x1a/0x30 [ 12.436753] [ 12.436952] The buggy address belongs to the object at ffff8881026a6b00 [ 12.436952] which belongs to the cache kmalloc-128 of size 128 [ 12.437859] The buggy address is located 105 bytes inside of [ 12.437859] allocated 120-byte region [ffff8881026a6b00, ffff8881026a6b78) [ 12.438553] [ 12.438815] The buggy address belongs to the physical page: [ 12.439233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.439569] flags: 0x200000000000000(node=0|zone=2) [ 12.440029] page_type: f5(slab) [ 12.440432] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.440923] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.441253] page dumped because: kasan: bad access detected [ 12.441482] [ 12.441566] Memory state around the buggy address: [ 12.442299] ffff8881026a6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.442773] ffff8881026a6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.443138] >ffff8881026a6b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.443424] ^ [ 12.444127] ffff8881026a6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.444514] ffff8881026a6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.445266] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.386606] ================================================================== [ 12.387306] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.387619] Write of size 8 at addr ffff8881026a6a71 by task kunit_try_catch/193 [ 12.388032] [ 12.388155] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.388200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.388211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.388233] Call Trace: [ 12.388244] <TASK> [ 12.388261] dump_stack_lvl+0x73/0xb0 [ 12.388291] print_report+0xd1/0x610 [ 12.388313] ? __virt_addr_valid+0x1db/0x2d0 [ 12.388337] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.388357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.388379] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.388400] kasan_report+0x141/0x180 [ 12.388422] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.388448] kasan_check_range+0x10c/0x1c0 [ 12.388471] __asan_memset+0x27/0x50 [ 12.388490] kmalloc_oob_memset_8+0x166/0x330 [ 12.388512] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.388535] ? __schedule+0x10cc/0x2b60 [ 12.388558] ? __pfx_read_tsc+0x10/0x10 [ 12.388578] ? ktime_get_ts64+0x86/0x230 [ 12.388603] kunit_try_run_case+0x1a5/0x480 [ 12.388636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.388657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.388681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.388704] ? __kthread_parkme+0x82/0x180 [ 12.388724] ? preempt_count_sub+0x50/0x80 [ 12.388748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.388771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.388794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.388818] kthread+0x337/0x6f0 [ 12.388836] ? trace_preempt_on+0x20/0xc0 [ 12.388859] ? __pfx_kthread+0x10/0x10 [ 12.388879] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.388899] ? calculate_sigpending+0x7b/0xa0 [ 12.388923] ? __pfx_kthread+0x10/0x10 [ 12.388943] ret_from_fork+0x116/0x1d0 [ 12.388961] ? __pfx_kthread+0x10/0x10 [ 12.388980] ret_from_fork_asm+0x1a/0x30 [ 12.389013] </TASK> [ 12.389022] [ 12.397726] Allocated by task 193: [ 12.397948] kasan_save_stack+0x45/0x70 [ 12.398164] kasan_save_track+0x18/0x40 [ 12.398364] kasan_save_alloc_info+0x3b/0x50 [ 12.398584] __kasan_kmalloc+0xb7/0xc0 [ 12.400007] __kmalloc_cache_noprof+0x189/0x420 [ 12.400435] kmalloc_oob_memset_8+0xac/0x330 [ 12.400606] kunit_try_run_case+0x1a5/0x480 [ 12.400758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.400938] kthread+0x337/0x6f0 [ 12.401068] ret_from_fork+0x116/0x1d0 [ 12.401201] ret_from_fork_asm+0x1a/0x30 [ 12.401343] [ 12.401416] The buggy address belongs to the object at ffff8881026a6a00 [ 12.401416] which belongs to the cache kmalloc-128 of size 128 [ 12.401784] The buggy address is located 113 bytes inside of [ 12.401784] allocated 120-byte region [ffff8881026a6a00, ffff8881026a6a78) [ 12.402495] [ 12.402743] The buggy address belongs to the physical page: [ 12.403433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.404267] flags: 0x200000000000000(node=0|zone=2) [ 12.404985] page_type: f5(slab) [ 12.405372] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.406164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.406950] page dumped because: kasan: bad access detected [ 12.407482] [ 12.407708] Memory state around the buggy address: [ 12.408254] ffff8881026a6900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.408963] ffff8881026a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.409656] >ffff8881026a6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.410389] ^ [ 12.411197] ffff8881026a6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.411890] ffff8881026a6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.412336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.355799] ================================================================== [ 12.356359] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.356684] Write of size 4 at addr ffff888102f42075 by task kunit_try_catch/191 [ 12.356965] [ 12.357092] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.357138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.357148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.357169] Call Trace: [ 12.357181] <TASK> [ 12.357200] dump_stack_lvl+0x73/0xb0 [ 12.357231] print_report+0xd1/0x610 [ 12.357253] ? __virt_addr_valid+0x1db/0x2d0 [ 12.357277] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.357320] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357342] kasan_report+0x141/0x180 [ 12.357363] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357390] kasan_check_range+0x10c/0x1c0 [ 12.357413] __asan_memset+0x27/0x50 [ 12.357431] kmalloc_oob_memset_4+0x166/0x330 [ 12.357453] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.357476] ? __schedule+0x10cc/0x2b60 [ 12.357498] ? __pfx_read_tsc+0x10/0x10 [ 12.357519] ? ktime_get_ts64+0x86/0x230 [ 12.357545] kunit_try_run_case+0x1a5/0x480 [ 12.357570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.357659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.357686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.357709] ? __kthread_parkme+0x82/0x180 [ 12.357729] ? preempt_count_sub+0x50/0x80 [ 12.357754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.357777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.357800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.357824] kthread+0x337/0x6f0 [ 12.357998] ? trace_preempt_on+0x20/0xc0 [ 12.358024] ? __pfx_kthread+0x10/0x10 [ 12.358044] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.358081] ? calculate_sigpending+0x7b/0xa0 [ 12.358106] ? __pfx_kthread+0x10/0x10 [ 12.358127] ret_from_fork+0x116/0x1d0 [ 12.358145] ? __pfx_kthread+0x10/0x10 [ 12.358165] ret_from_fork_asm+0x1a/0x30 [ 12.358197] </TASK> [ 12.358207] [ 12.372011] Allocated by task 191: [ 12.372372] kasan_save_stack+0x45/0x70 [ 12.372697] kasan_save_track+0x18/0x40 [ 12.372993] kasan_save_alloc_info+0x3b/0x50 [ 12.373182] __kasan_kmalloc+0xb7/0xc0 [ 12.373378] __kmalloc_cache_noprof+0x189/0x420 [ 12.373606] kmalloc_oob_memset_4+0xac/0x330 [ 12.374034] kunit_try_run_case+0x1a5/0x480 [ 12.374251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.374494] kthread+0x337/0x6f0 [ 12.374660] ret_from_fork+0x116/0x1d0 [ 12.374927] ret_from_fork_asm+0x1a/0x30 [ 12.375101] [ 12.375202] The buggy address belongs to the object at ffff888102f42000 [ 12.375202] which belongs to the cache kmalloc-128 of size 128 [ 12.375658] The buggy address is located 117 bytes inside of [ 12.375658] allocated 120-byte region [ffff888102f42000, ffff888102f42078) [ 12.376252] [ 12.376358] The buggy address belongs to the physical page: [ 12.376569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 12.377120] flags: 0x200000000000000(node=0|zone=2) [ 12.377365] page_type: f5(slab) [ 12.377535] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.377971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.378235] page dumped because: kasan: bad access detected [ 12.378490] [ 12.378592] Memory state around the buggy address: [ 12.378802] ffff888102f41f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.379089] ffff888102f41f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.379384] >ffff888102f42000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.379731] ^ [ 12.380089] ffff888102f42080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.380406] ffff888102f42100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.380720] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.307899] ================================================================== [ 12.309218] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.309483] Write of size 128 at addr ffff8881026a6900 by task kunit_try_catch/187 [ 12.309724] [ 12.309817] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.309862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.309873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.309896] Call Trace: [ 12.309908] <TASK> [ 12.309926] dump_stack_lvl+0x73/0xb0 [ 12.309955] print_report+0xd1/0x610 [ 12.309976] ? __virt_addr_valid+0x1db/0x2d0 [ 12.309999] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.310021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.310044] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.310075] kasan_report+0x141/0x180 [ 12.310097] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.310124] kasan_check_range+0x10c/0x1c0 [ 12.310147] __asan_memset+0x27/0x50 [ 12.310165] kmalloc_oob_in_memset+0x15f/0x320 [ 12.310187] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.310209] ? __schedule+0x10cc/0x2b60 [ 12.310238] ? __pfx_read_tsc+0x10/0x10 [ 12.310258] ? ktime_get_ts64+0x86/0x230 [ 12.310282] kunit_try_run_case+0x1a5/0x480 [ 12.310307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.310328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.310352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.310374] ? __kthread_parkme+0x82/0x180 [ 12.310394] ? preempt_count_sub+0x50/0x80 [ 12.310418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.310441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.310464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.310487] kthread+0x337/0x6f0 [ 12.310505] ? trace_preempt_on+0x20/0xc0 [ 12.310528] ? __pfx_kthread+0x10/0x10 [ 12.310547] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.310567] ? calculate_sigpending+0x7b/0xa0 [ 12.310591] ? __pfx_kthread+0x10/0x10 [ 12.310611] ret_from_fork+0x116/0x1d0 [ 12.310629] ? __pfx_kthread+0x10/0x10 [ 12.310648] ret_from_fork_asm+0x1a/0x30 [ 12.310727] </TASK> [ 12.310737] [ 12.323470] Allocated by task 187: [ 12.323907] kasan_save_stack+0x45/0x70 [ 12.324384] kasan_save_track+0x18/0x40 [ 12.324789] kasan_save_alloc_info+0x3b/0x50 [ 12.325424] __kasan_kmalloc+0xb7/0xc0 [ 12.325845] __kmalloc_cache_noprof+0x189/0x420 [ 12.326361] kmalloc_oob_in_memset+0xac/0x320 [ 12.326844] kunit_try_run_case+0x1a5/0x480 [ 12.327199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.327381] kthread+0x337/0x6f0 [ 12.327499] ret_from_fork+0x116/0x1d0 [ 12.327791] ret_from_fork_asm+0x1a/0x30 [ 12.328254] [ 12.328454] The buggy address belongs to the object at ffff8881026a6900 [ 12.328454] which belongs to the cache kmalloc-128 of size 128 [ 12.329843] The buggy address is located 0 bytes inside of [ 12.329843] allocated 120-byte region [ffff8881026a6900, ffff8881026a6978) [ 12.330576] [ 12.330654] The buggy address belongs to the physical page: [ 12.330839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.331808] flags: 0x200000000000000(node=0|zone=2) [ 12.332449] page_type: f5(slab) [ 12.332799] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.333446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.333693] page dumped because: kasan: bad access detected [ 12.333942] [ 12.334116] Memory state around the buggy address: [ 12.334551] ffff8881026a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.335254] ffff8881026a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.335786] >ffff8881026a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.336601] ^ [ 12.336878] ffff8881026a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.337494] ffff8881026a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.338263] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.273303] ================================================================== [ 12.274087] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.274724] Read of size 16 at addr ffff8881025ee320 by task kunit_try_catch/185 [ 12.275376] [ 12.275541] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.275631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.275642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.275675] Call Trace: [ 12.275687] <TASK> [ 12.275706] dump_stack_lvl+0x73/0xb0 [ 12.275735] print_report+0xd1/0x610 [ 12.275757] ? __virt_addr_valid+0x1db/0x2d0 [ 12.275780] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.275799] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.275883] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.275904] kasan_report+0x141/0x180 [ 12.275927] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.275952] __asan_report_load16_noabort+0x18/0x20 [ 12.275976] kmalloc_uaf_16+0x47b/0x4c0 [ 12.275996] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.276017] ? __schedule+0x10cc/0x2b60 [ 12.276041] ? __pfx_read_tsc+0x10/0x10 [ 12.276072] ? ktime_get_ts64+0x86/0x230 [ 12.276097] kunit_try_run_case+0x1a5/0x480 [ 12.276122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.276143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.276167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.276189] ? __kthread_parkme+0x82/0x180 [ 12.276209] ? preempt_count_sub+0x50/0x80 [ 12.276233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.276256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.276279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.276302] kthread+0x337/0x6f0 [ 12.276320] ? trace_preempt_on+0x20/0xc0 [ 12.276343] ? __pfx_kthread+0x10/0x10 [ 12.276363] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.276383] ? calculate_sigpending+0x7b/0xa0 [ 12.276407] ? __pfx_kthread+0x10/0x10 [ 12.276427] ret_from_fork+0x116/0x1d0 [ 12.276444] ? __pfx_kthread+0x10/0x10 [ 12.276464] ret_from_fork_asm+0x1a/0x30 [ 12.276496] </TASK> [ 12.276507] [ 12.289682] Allocated by task 185: [ 12.289857] kasan_save_stack+0x45/0x70 [ 12.290316] kasan_save_track+0x18/0x40 [ 12.290733] kasan_save_alloc_info+0x3b/0x50 [ 12.291116] __kasan_kmalloc+0xb7/0xc0 [ 12.291252] __kmalloc_cache_noprof+0x189/0x420 [ 12.291404] kmalloc_uaf_16+0x15b/0x4c0 [ 12.291535] kunit_try_run_case+0x1a5/0x480 [ 12.291715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291969] kthread+0x337/0x6f0 [ 12.292282] ret_from_fork+0x116/0x1d0 [ 12.292668] ret_from_fork_asm+0x1a/0x30 [ 12.293336] [ 12.293448] Freed by task 185: [ 12.293558] kasan_save_stack+0x45/0x70 [ 12.293910] kasan_save_track+0x18/0x40 [ 12.294307] kasan_save_free_info+0x3f/0x60 [ 12.294741] __kasan_slab_free+0x56/0x70 [ 12.295168] kfree+0x222/0x3f0 [ 12.295388] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.295529] kunit_try_run_case+0x1a5/0x480 [ 12.295786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.296369] kthread+0x337/0x6f0 [ 12.296708] ret_from_fork+0x116/0x1d0 [ 12.297105] ret_from_fork_asm+0x1a/0x30 [ 12.297476] [ 12.297626] The buggy address belongs to the object at ffff8881025ee320 [ 12.297626] which belongs to the cache kmalloc-16 of size 16 [ 12.298424] The buggy address is located 0 bytes inside of [ 12.298424] freed 16-byte region [ffff8881025ee320, ffff8881025ee330) [ 12.299294] [ 12.299545] The buggy address belongs to the physical page: [ 12.300157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 12.300917] flags: 0x200000000000000(node=0|zone=2) [ 12.301104] page_type: f5(slab) [ 12.301230] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.301463] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.301705] page dumped because: kasan: bad access detected [ 12.301994] [ 12.302102] Memory state around the buggy address: [ 12.302333] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.302593] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.303109] >ffff8881025ee300: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.303420] ^ [ 12.303620] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.304035] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.304334] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.241585] ================================================================== [ 12.242616] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.243079] Write of size 16 at addr ffff8881022efc60 by task kunit_try_catch/183 [ 12.243314] [ 12.243423] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.243473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.243484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.243507] Call Trace: [ 12.243520] <TASK> [ 12.243540] dump_stack_lvl+0x73/0xb0 [ 12.243572] print_report+0xd1/0x610 [ 12.243596] ? __virt_addr_valid+0x1db/0x2d0 [ 12.243620] ? kmalloc_oob_16+0x452/0x4a0 [ 12.243640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.243662] ? kmalloc_oob_16+0x452/0x4a0 [ 12.243682] kasan_report+0x141/0x180 [ 12.243703] ? kmalloc_oob_16+0x452/0x4a0 [ 12.243729] __asan_report_store16_noabort+0x1b/0x30 [ 12.243753] kmalloc_oob_16+0x452/0x4a0 [ 12.243773] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.243795] ? __schedule+0x10cc/0x2b60 [ 12.243817] ? __pfx_read_tsc+0x10/0x10 [ 12.243838] ? ktime_get_ts64+0x86/0x230 [ 12.243864] kunit_try_run_case+0x1a5/0x480 [ 12.243889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.243911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.243935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.243958] ? __kthread_parkme+0x82/0x180 [ 12.243978] ? preempt_count_sub+0x50/0x80 [ 12.244004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.244027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.244060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.244083] kthread+0x337/0x6f0 [ 12.244102] ? trace_preempt_on+0x20/0xc0 [ 12.244125] ? __pfx_kthread+0x10/0x10 [ 12.244145] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.244165] ? calculate_sigpending+0x7b/0xa0 [ 12.244189] ? __pfx_kthread+0x10/0x10 [ 12.244210] ret_from_fork+0x116/0x1d0 [ 12.244228] ? __pfx_kthread+0x10/0x10 [ 12.244247] ret_from_fork_asm+0x1a/0x30 [ 12.244309] </TASK> [ 12.244321] [ 12.257440] Allocated by task 183: [ 12.257856] kasan_save_stack+0x45/0x70 [ 12.258020] kasan_save_track+0x18/0x40 [ 12.258434] kasan_save_alloc_info+0x3b/0x50 [ 12.258857] __kasan_kmalloc+0xb7/0xc0 [ 12.259101] __kmalloc_cache_noprof+0x189/0x420 [ 12.259263] kmalloc_oob_16+0xa8/0x4a0 [ 12.259399] kunit_try_run_case+0x1a5/0x480 [ 12.259545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.259785] kthread+0x337/0x6f0 [ 12.260039] ret_from_fork+0x116/0x1d0 [ 12.260427] ret_from_fork_asm+0x1a/0x30 [ 12.260637] [ 12.260710] The buggy address belongs to the object at ffff8881022efc60 [ 12.260710] which belongs to the cache kmalloc-16 of size 16 [ 12.261716] The buggy address is located 0 bytes inside of [ 12.261716] allocated 13-byte region [ffff8881022efc60, ffff8881022efc6d) [ 12.262410] [ 12.262490] The buggy address belongs to the physical page: [ 12.262705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ef [ 12.263553] flags: 0x200000000000000(node=0|zone=2) [ 12.264153] page_type: f5(slab) [ 12.264484] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.265311] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.266091] page dumped because: kasan: bad access detected [ 12.266346] [ 12.266417] Memory state around the buggy address: [ 12.266569] ffff8881022efb00: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.267304] ffff8881022efb80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.268112] >ffff8881022efc00: 00 04 fc fc 00 04 fc fc 00 05 fc fc 00 05 fc fc [ 12.268897] ^ [ 12.269223] ffff8881022efc80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.269443] ffff8881022efd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.269698] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.180589] ================================================================== [ 12.181156] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.181475] Read of size 1 at addr ffff888100a22600 by task kunit_try_catch/181 [ 12.181852] [ 12.181951] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.181998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.182009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.182031] Call Trace: [ 12.182061] <TASK> [ 12.182079] dump_stack_lvl+0x73/0xb0 [ 12.182107] print_report+0xd1/0x610 [ 12.182142] ? __virt_addr_valid+0x1db/0x2d0 [ 12.182165] ? krealloc_uaf+0x1b8/0x5e0 [ 12.182185] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.182207] ? krealloc_uaf+0x1b8/0x5e0 [ 12.182232] kasan_report+0x141/0x180 [ 12.182254] ? krealloc_uaf+0x1b8/0x5e0 [ 12.182277] ? krealloc_uaf+0x1b8/0x5e0 [ 12.182298] __kasan_check_byte+0x3d/0x50 [ 12.182319] krealloc_noprof+0x3f/0x340 [ 12.182342] krealloc_uaf+0x1b8/0x5e0 [ 12.182363] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.182383] ? finish_task_switch.isra.0+0x153/0x700 [ 12.182405] ? __switch_to+0x47/0xf50 [ 12.182441] ? __schedule+0x10cc/0x2b60 [ 12.182464] ? __pfx_read_tsc+0x10/0x10 [ 12.182484] ? ktime_get_ts64+0x86/0x230 [ 12.182527] kunit_try_run_case+0x1a5/0x480 [ 12.182552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.182573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.182619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.182641] ? __kthread_parkme+0x82/0x180 [ 12.182661] ? preempt_count_sub+0x50/0x80 [ 12.182684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.182707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.182730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.182753] kthread+0x337/0x6f0 [ 12.182771] ? trace_preempt_on+0x20/0xc0 [ 12.182794] ? __pfx_kthread+0x10/0x10 [ 12.182813] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.182834] ? calculate_sigpending+0x7b/0xa0 [ 12.182858] ? __pfx_kthread+0x10/0x10 [ 12.182878] ret_from_fork+0x116/0x1d0 [ 12.182896] ? __pfx_kthread+0x10/0x10 [ 12.182915] ret_from_fork_asm+0x1a/0x30 [ 12.182948] </TASK> [ 12.182958] [ 12.190680] Allocated by task 181: [ 12.190881] kasan_save_stack+0x45/0x70 [ 12.191069] kasan_save_track+0x18/0x40 [ 12.191263] kasan_save_alloc_info+0x3b/0x50 [ 12.191473] __kasan_kmalloc+0xb7/0xc0 [ 12.191672] __kmalloc_cache_noprof+0x189/0x420 [ 12.191885] krealloc_uaf+0xbb/0x5e0 [ 12.192069] kunit_try_run_case+0x1a5/0x480 [ 12.192273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.192502] kthread+0x337/0x6f0 [ 12.192714] ret_from_fork+0x116/0x1d0 [ 12.192890] ret_from_fork_asm+0x1a/0x30 [ 12.193089] [ 12.193183] Freed by task 181: [ 12.193358] kasan_save_stack+0x45/0x70 [ 12.193530] kasan_save_track+0x18/0x40 [ 12.193873] kasan_save_free_info+0x3f/0x60 [ 12.194075] __kasan_slab_free+0x56/0x70 [ 12.194276] kfree+0x222/0x3f0 [ 12.194453] krealloc_uaf+0x13d/0x5e0 [ 12.194659] kunit_try_run_case+0x1a5/0x480 [ 12.194844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.195088] kthread+0x337/0x6f0 [ 12.195209] ret_from_fork+0x116/0x1d0 [ 12.195342] ret_from_fork_asm+0x1a/0x30 [ 12.195495] [ 12.195570] The buggy address belongs to the object at ffff888100a22600 [ 12.195570] which belongs to the cache kmalloc-256 of size 256 [ 12.196083] The buggy address is located 0 bytes inside of [ 12.196083] freed 256-byte region [ffff888100a22600, ffff888100a22700) [ 12.196616] [ 12.196712] The buggy address belongs to the physical page: [ 12.196919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 12.197434] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.197755] flags: 0x200000000000040(head|node=0|zone=2) [ 12.197936] page_type: f5(slab) [ 12.198067] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.198397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.198989] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.199382] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.199795] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 12.200032] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.200407] page dumped because: kasan: bad access detected [ 12.200669] [ 12.200812] Memory state around the buggy address: [ 12.200969] ffff888100a22500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.201193] ffff888100a22580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.201511] >ffff888100a22600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.202123] ^ [ 12.202289] ffff888100a22680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.202599] ffff888100a22700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.202881] ================================================================== [ 12.204128] ================================================================== [ 12.204699] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.205006] Read of size 1 at addr ffff888100a22600 by task kunit_try_catch/181 [ 12.205306] [ 12.205393] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.205435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.205445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.205466] Call Trace: [ 12.205482] <TASK> [ 12.205498] dump_stack_lvl+0x73/0xb0 [ 12.205525] print_report+0xd1/0x610 [ 12.205546] ? __virt_addr_valid+0x1db/0x2d0 [ 12.205568] ? krealloc_uaf+0x53c/0x5e0 [ 12.205588] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.205609] ? krealloc_uaf+0x53c/0x5e0 [ 12.205642] kasan_report+0x141/0x180 [ 12.205675] ? krealloc_uaf+0x53c/0x5e0 [ 12.205702] __asan_report_load1_noabort+0x18/0x20 [ 12.205738] krealloc_uaf+0x53c/0x5e0 [ 12.205759] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.205779] ? finish_task_switch.isra.0+0x153/0x700 [ 12.205802] ? __switch_to+0x47/0xf50 [ 12.205828] ? __schedule+0x10cc/0x2b60 [ 12.205851] ? __pfx_read_tsc+0x10/0x10 [ 12.205870] ? ktime_get_ts64+0x86/0x230 [ 12.205894] kunit_try_run_case+0x1a5/0x480 [ 12.205917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.205939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.205962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.205985] ? __kthread_parkme+0x82/0x180 [ 12.206005] ? preempt_count_sub+0x50/0x80 [ 12.206027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.206060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.206084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.206107] kthread+0x337/0x6f0 [ 12.206125] ? trace_preempt_on+0x20/0xc0 [ 12.206149] ? __pfx_kthread+0x10/0x10 [ 12.206168] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.206198] ? calculate_sigpending+0x7b/0xa0 [ 12.206227] ? __pfx_kthread+0x10/0x10 [ 12.206247] ret_from_fork+0x116/0x1d0 [ 12.206284] ? __pfx_kthread+0x10/0x10 [ 12.206303] ret_from_fork_asm+0x1a/0x30 [ 12.206336] </TASK> [ 12.206356] [ 12.217997] Allocated by task 181: [ 12.218293] kasan_save_stack+0x45/0x70 [ 12.218500] kasan_save_track+0x18/0x40 [ 12.219002] kasan_save_alloc_info+0x3b/0x50 [ 12.219284] __kasan_kmalloc+0xb7/0xc0 [ 12.219664] __kmalloc_cache_noprof+0x189/0x420 [ 12.220011] krealloc_uaf+0xbb/0x5e0 [ 12.220356] kunit_try_run_case+0x1a5/0x480 [ 12.220549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.221006] kthread+0x337/0x6f0 [ 12.221410] ret_from_fork+0x116/0x1d0 [ 12.221888] ret_from_fork_asm+0x1a/0x30 [ 12.222165] [ 12.222392] Freed by task 181: [ 12.222569] kasan_save_stack+0x45/0x70 [ 12.222910] kasan_save_track+0x18/0x40 [ 12.223102] kasan_save_free_info+0x3f/0x60 [ 12.223296] __kasan_slab_free+0x56/0x70 [ 12.223476] kfree+0x222/0x3f0 [ 12.223927] krealloc_uaf+0x13d/0x5e0 [ 12.224206] kunit_try_run_case+0x1a5/0x480 [ 12.224543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.224930] kthread+0x337/0x6f0 [ 12.225098] ret_from_fork+0x116/0x1d0 [ 12.225270] ret_from_fork_asm+0x1a/0x30 [ 12.225451] [ 12.225538] The buggy address belongs to the object at ffff888100a22600 [ 12.225538] which belongs to the cache kmalloc-256 of size 256 [ 12.226797] The buggy address is located 0 bytes inside of [ 12.226797] freed 256-byte region [ffff888100a22600, ffff888100a22700) [ 12.227563] [ 12.227814] The buggy address belongs to the physical page: [ 12.228261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a22 [ 12.228934] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.229348] flags: 0x200000000000040(head|node=0|zone=2) [ 12.229777] page_type: f5(slab) [ 12.230021] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.230505] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.231287] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.232003] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.232662] head: 0200000000000001 ffffea0004028881 00000000ffffffff 00000000ffffffff [ 12.233018] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.233337] page dumped because: kasan: bad access detected [ 12.233567] [ 12.233880] Memory state around the buggy address: [ 12.234311] ffff888100a22500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.235211] ffff888100a22580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.235754] >ffff888100a22600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.236080] ^ [ 12.236233] ffff888100a22680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.236518] ffff888100a22700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.237302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.893932] ================================================================== [ 11.894405] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.894788] Write of size 1 at addr ffff8881003520c9 by task kunit_try_catch/175 [ 11.895231] [ 11.895355] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.895404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.895415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.895437] Call Trace: [ 11.895448] <TASK> [ 11.895466] dump_stack_lvl+0x73/0xb0 [ 11.895496] print_report+0xd1/0x610 [ 11.895518] ? __virt_addr_valid+0x1db/0x2d0 [ 11.895542] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.895565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.895587] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.895610] kasan_report+0x141/0x180 [ 11.895632] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.895661] __asan_report_store1_noabort+0x1b/0x30 [ 11.895685] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.895710] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.895734] ? finish_task_switch.isra.0+0x153/0x700 [ 11.895756] ? __switch_to+0x47/0xf50 [ 11.895782] ? __schedule+0x10cc/0x2b60 [ 11.895805] ? __pfx_read_tsc+0x10/0x10 [ 11.895829] krealloc_less_oob+0x1c/0x30 [ 11.895850] kunit_try_run_case+0x1a5/0x480 [ 11.895875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.895896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.895920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.895943] ? __kthread_parkme+0x82/0x180 [ 11.895964] ? preempt_count_sub+0x50/0x80 [ 11.895987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.896010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.896033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.896067] kthread+0x337/0x6f0 [ 11.896100] ? trace_preempt_on+0x20/0xc0 [ 11.896123] ? __pfx_kthread+0x10/0x10 [ 11.896143] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.896164] ? calculate_sigpending+0x7b/0xa0 [ 11.896189] ? __pfx_kthread+0x10/0x10 [ 11.896212] ret_from_fork+0x116/0x1d0 [ 11.896230] ? __pfx_kthread+0x10/0x10 [ 11.896250] ret_from_fork_asm+0x1a/0x30 [ 11.896282] </TASK> [ 11.896293] [ 11.906535] Allocated by task 175: [ 11.907116] kasan_save_stack+0x45/0x70 [ 11.907345] kasan_save_track+0x18/0x40 [ 11.907529] kasan_save_alloc_info+0x3b/0x50 [ 11.907935] __kasan_krealloc+0x190/0x1f0 [ 11.908386] krealloc_noprof+0xf3/0x340 [ 11.908719] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.909228] krealloc_less_oob+0x1c/0x30 [ 11.909531] kunit_try_run_case+0x1a5/0x480 [ 11.909885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.910257] kthread+0x337/0x6f0 [ 11.910424] ret_from_fork+0x116/0x1d0 [ 11.910786] ret_from_fork_asm+0x1a/0x30 [ 11.911250] [ 11.911364] The buggy address belongs to the object at ffff888100352000 [ 11.911364] which belongs to the cache kmalloc-256 of size 256 [ 11.912317] The buggy address is located 0 bytes to the right of [ 11.912317] allocated 201-byte region [ffff888100352000, ffff8881003520c9) [ 11.913355] [ 11.913450] The buggy address belongs to the physical page: [ 11.914092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 11.914551] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.915262] flags: 0x200000000000040(head|node=0|zone=2) [ 11.915584] page_type: f5(slab) [ 11.915904] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.916170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.916473] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.917320] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.917985] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 11.918472] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.919152] page dumped because: kasan: bad access detected [ 11.919629] [ 11.919744] Memory state around the buggy address: [ 11.920260] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.920883] ffff888100352000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.921218] >ffff888100352080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.921505] ^ [ 11.922182] ffff888100352100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.922656] ffff888100352180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.923350] ================================================================== [ 11.945687] ================================================================== [ 11.945935] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.946334] Write of size 1 at addr ffff8881003520da by task kunit_try_catch/175 [ 11.946853] [ 11.947059] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.947102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.947113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.947134] Call Trace: [ 11.947151] <TASK> [ 11.947168] dump_stack_lvl+0x73/0xb0 [ 11.947196] print_report+0xd1/0x610 [ 11.947218] ? __virt_addr_valid+0x1db/0x2d0 [ 11.947240] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.947263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.947284] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.947308] kasan_report+0x141/0x180 [ 11.947329] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.947358] __asan_report_store1_noabort+0x1b/0x30 [ 11.947382] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.947407] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.947430] ? finish_task_switch.isra.0+0x153/0x700 [ 11.947452] ? __switch_to+0x47/0xf50 [ 11.947479] ? __schedule+0x10cc/0x2b60 [ 11.947502] ? __pfx_read_tsc+0x10/0x10 [ 11.947526] krealloc_less_oob+0x1c/0x30 [ 11.947547] kunit_try_run_case+0x1a5/0x480 [ 11.947571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.947621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.947644] ? __kthread_parkme+0x82/0x180 [ 11.947664] ? preempt_count_sub+0x50/0x80 [ 11.947687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.947732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.947755] kthread+0x337/0x6f0 [ 11.947773] ? trace_preempt_on+0x20/0xc0 [ 11.947796] ? __pfx_kthread+0x10/0x10 [ 11.947815] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.947835] ? calculate_sigpending+0x7b/0xa0 [ 11.947859] ? __pfx_kthread+0x10/0x10 [ 11.947879] ret_from_fork+0x116/0x1d0 [ 11.947896] ? __pfx_kthread+0x10/0x10 [ 11.947916] ret_from_fork_asm+0x1a/0x30 [ 11.947948] </TASK> [ 11.947957] [ 11.955803] Allocated by task 175: [ 11.956164] kasan_save_stack+0x45/0x70 [ 11.956368] kasan_save_track+0x18/0x40 [ 11.956547] kasan_save_alloc_info+0x3b/0x50 [ 11.956700] __kasan_krealloc+0x190/0x1f0 [ 11.956835] krealloc_noprof+0xf3/0x340 [ 11.956965] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.957133] krealloc_less_oob+0x1c/0x30 [ 11.957267] kunit_try_run_case+0x1a5/0x480 [ 11.957408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.957576] kthread+0x337/0x6f0 [ 11.957691] ret_from_fork+0x116/0x1d0 [ 11.957996] ret_from_fork_asm+0x1a/0x30 [ 11.958294] [ 11.958385] The buggy address belongs to the object at ffff888100352000 [ 11.958385] which belongs to the cache kmalloc-256 of size 256 [ 11.959187] The buggy address is located 17 bytes to the right of [ 11.959187] allocated 201-byte region [ffff888100352000, ffff8881003520c9) [ 11.959556] [ 11.959631] The buggy address belongs to the physical page: [ 11.959802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 11.960036] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.960265] flags: 0x200000000000040(head|node=0|zone=2) [ 11.960606] page_type: f5(slab) [ 11.960871] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.961240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.961626] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.962067] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.962623] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 11.963132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.963432] page dumped because: kasan: bad access detected [ 11.963625] [ 11.963694] Memory state around the buggy address: [ 11.963876] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.964225] ffff888100352000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.964496] >ffff888100352080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.964956] ^ [ 11.965252] ffff888100352100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965460] ffff888100352180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965665] ================================================================== [ 12.098448] ================================================================== [ 12.100014] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.101082] Write of size 1 at addr ffff888102b320d0 by task kunit_try_catch/179 [ 12.101406] [ 12.101518] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.101562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.101572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.101593] Call Trace: [ 12.101611] <TASK> [ 12.101627] dump_stack_lvl+0x73/0xb0 [ 12.101656] print_report+0xd1/0x610 [ 12.101678] ? __virt_addr_valid+0x1db/0x2d0 [ 12.101701] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.101724] ? kasan_addr_to_slab+0x11/0xa0 [ 12.101744] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.101767] kasan_report+0x141/0x180 [ 12.101788] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.101817] __asan_report_store1_noabort+0x1b/0x30 [ 12.101841] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.101867] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.101890] ? finish_task_switch.isra.0+0x153/0x700 [ 12.101912] ? __switch_to+0x47/0xf50 [ 12.101939] ? __schedule+0x10cc/0x2b60 [ 12.101963] ? __pfx_read_tsc+0x10/0x10 [ 12.101986] krealloc_large_less_oob+0x1c/0x30 [ 12.102008] kunit_try_run_case+0x1a5/0x480 [ 12.102032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.102064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.102088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.102110] ? __kthread_parkme+0x82/0x180 [ 12.102130] ? preempt_count_sub+0x50/0x80 [ 12.102153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.102176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.102200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.102226] kthread+0x337/0x6f0 [ 12.102244] ? trace_preempt_on+0x20/0xc0 [ 12.102268] ? __pfx_kthread+0x10/0x10 [ 12.102288] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.102309] ? calculate_sigpending+0x7b/0xa0 [ 12.102332] ? __pfx_kthread+0x10/0x10 [ 12.102352] ret_from_fork+0x116/0x1d0 [ 12.102370] ? __pfx_kthread+0x10/0x10 [ 12.102389] ret_from_fork_asm+0x1a/0x30 [ 12.102421] </TASK> [ 12.102431] [ 12.117130] The buggy address belongs to the physical page: [ 12.117448] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.117841] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.118186] flags: 0x200000000000040(head|node=0|zone=2) [ 12.118475] page_type: f8(unknown) [ 12.118624] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.118986] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.119326] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.119705] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.119991] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.120319] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.120683] page dumped because: kasan: bad access detected [ 12.120934] [ 12.121017] Memory state around the buggy address: [ 12.121277] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.121515] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.121851] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.122116] ^ [ 12.122389] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.122672] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.123022] ================================================================== [ 11.985935] ================================================================== [ 11.986521] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.986875] Write of size 1 at addr ffff8881003520eb by task kunit_try_catch/175 [ 11.988167] [ 11.988328] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.988376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.988387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.988409] Call Trace: [ 11.988428] <TASK> [ 11.988448] dump_stack_lvl+0x73/0xb0 [ 11.988479] print_report+0xd1/0x610 [ 11.988501] ? __virt_addr_valid+0x1db/0x2d0 [ 11.988523] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.988547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.988569] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.988593] kasan_report+0x141/0x180 [ 11.988614] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.988643] __asan_report_store1_noabort+0x1b/0x30 [ 11.988667] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.988693] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.988717] ? finish_task_switch.isra.0+0x153/0x700 [ 11.988740] ? __switch_to+0x47/0xf50 [ 11.988766] ? __schedule+0x10cc/0x2b60 [ 11.988789] ? __pfx_read_tsc+0x10/0x10 [ 11.988813] krealloc_less_oob+0x1c/0x30 [ 11.988835] kunit_try_run_case+0x1a5/0x480 [ 11.988860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.988883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.988907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.988929] ? __kthread_parkme+0x82/0x180 [ 11.988949] ? preempt_count_sub+0x50/0x80 [ 11.988973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.988996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.989019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.989042] kthread+0x337/0x6f0 [ 11.989072] ? trace_preempt_on+0x20/0xc0 [ 11.989095] ? __pfx_kthread+0x10/0x10 [ 11.989115] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.989136] ? calculate_sigpending+0x7b/0xa0 [ 11.989160] ? __pfx_kthread+0x10/0x10 [ 11.989185] ret_from_fork+0x116/0x1d0 [ 11.989207] ? __pfx_kthread+0x10/0x10 [ 11.989230] ret_from_fork_asm+0x1a/0x30 [ 11.989284] </TASK> [ 11.989294] [ 11.997605] Allocated by task 175: [ 11.997737] kasan_save_stack+0x45/0x70 [ 11.997906] kasan_save_track+0x18/0x40 [ 11.998476] kasan_save_alloc_info+0x3b/0x50 [ 11.999101] __kasan_krealloc+0x190/0x1f0 [ 11.999316] krealloc_noprof+0xf3/0x340 [ 11.999512] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.000073] krealloc_less_oob+0x1c/0x30 [ 12.000460] kunit_try_run_case+0x1a5/0x480 [ 12.000697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.001236] kthread+0x337/0x6f0 [ 12.001411] ret_from_fork+0x116/0x1d0 [ 12.001655] ret_from_fork_asm+0x1a/0x30 [ 12.001975] [ 12.002089] The buggy address belongs to the object at ffff888100352000 [ 12.002089] which belongs to the cache kmalloc-256 of size 256 [ 12.002529] The buggy address is located 34 bytes to the right of [ 12.002529] allocated 201-byte region [ffff888100352000, ffff8881003520c9) [ 12.004146] [ 12.004320] The buggy address belongs to the physical page: [ 12.004697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 12.005152] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.005547] flags: 0x200000000000040(head|node=0|zone=2) [ 12.005901] page_type: f5(slab) [ 12.006088] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.006371] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.006712] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.007044] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.007393] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 12.008024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.008426] page dumped because: kasan: bad access detected [ 12.008616] [ 12.008724] Memory state around the buggy address: [ 12.009024] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.009315] ffff888100352000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.009611] >ffff888100352080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.009937] ^ [ 12.010221] ffff888100352100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.010665] ffff888100352180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.010940] ================================================================== [ 11.924593] ================================================================== [ 11.924899] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.925245] Write of size 1 at addr ffff8881003520d0 by task kunit_try_catch/175 [ 11.925600] [ 11.925692] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.925738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.925749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.925771] Call Trace: [ 11.925784] <TASK> [ 11.925802] dump_stack_lvl+0x73/0xb0 [ 11.925830] print_report+0xd1/0x610 [ 11.925851] ? __virt_addr_valid+0x1db/0x2d0 [ 11.925874] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.925897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.925920] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.925944] kasan_report+0x141/0x180 [ 11.925966] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.925995] __asan_report_store1_noabort+0x1b/0x30 [ 11.926020] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.926045] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.926079] ? finish_task_switch.isra.0+0x153/0x700 [ 11.926102] ? __switch_to+0x47/0xf50 [ 11.926128] ? __schedule+0x10cc/0x2b60 [ 11.926150] ? __pfx_read_tsc+0x10/0x10 [ 11.926174] krealloc_less_oob+0x1c/0x30 [ 11.926194] kunit_try_run_case+0x1a5/0x480 [ 11.926222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.926243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.926280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.926309] ? __kthread_parkme+0x82/0x180 [ 11.926329] ? preempt_count_sub+0x50/0x80 [ 11.926352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.926375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.926398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.926421] kthread+0x337/0x6f0 [ 11.926439] ? trace_preempt_on+0x20/0xc0 [ 11.926462] ? __pfx_kthread+0x10/0x10 [ 11.926482] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.926502] ? calculate_sigpending+0x7b/0xa0 [ 11.926526] ? __pfx_kthread+0x10/0x10 [ 11.926546] ret_from_fork+0x116/0x1d0 [ 11.926563] ? __pfx_kthread+0x10/0x10 [ 11.926583] ret_from_fork_asm+0x1a/0x30 [ 11.926626] </TASK> [ 11.926635] [ 11.934726] Allocated by task 175: [ 11.934857] kasan_save_stack+0x45/0x70 [ 11.935001] kasan_save_track+0x18/0x40 [ 11.935196] kasan_save_alloc_info+0x3b/0x50 [ 11.935567] __kasan_krealloc+0x190/0x1f0 [ 11.935768] krealloc_noprof+0xf3/0x340 [ 11.935959] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.936319] krealloc_less_oob+0x1c/0x30 [ 11.936503] kunit_try_run_case+0x1a5/0x480 [ 11.936735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.937147] kthread+0x337/0x6f0 [ 11.937307] ret_from_fork+0x116/0x1d0 [ 11.937490] ret_from_fork_asm+0x1a/0x30 [ 11.937677] [ 11.937747] The buggy address belongs to the object at ffff888100352000 [ 11.937747] which belongs to the cache kmalloc-256 of size 256 [ 11.938115] The buggy address is located 7 bytes to the right of [ 11.938115] allocated 201-byte region [ffff888100352000, ffff8881003520c9) [ 11.938646] [ 11.938717] The buggy address belongs to the physical page: [ 11.938892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 11.939314] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.939902] flags: 0x200000000000040(head|node=0|zone=2) [ 11.940195] page_type: f5(slab) [ 11.940484] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.940786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.941189] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.941462] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.941694] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 11.941925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.942402] page dumped because: kasan: bad access detected [ 11.942823] [ 11.942918] Memory state around the buggy address: [ 11.943149] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.943469] ffff888100352000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.943872] >ffff888100352080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.944184] ^ [ 11.944433] ffff888100352100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.944752] ffff888100352180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.945152] ================================================================== [ 12.075644] ================================================================== [ 12.076744] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.077007] Write of size 1 at addr ffff888102b320c9 by task kunit_try_catch/179 [ 12.077243] [ 12.077337] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.077383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.077394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.077416] Call Trace: [ 12.077429] <TASK> [ 12.077447] dump_stack_lvl+0x73/0xb0 [ 12.077476] print_report+0xd1/0x610 [ 12.077499] ? __virt_addr_valid+0x1db/0x2d0 [ 12.077522] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.077545] ? kasan_addr_to_slab+0x11/0xa0 [ 12.077565] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.077588] kasan_report+0x141/0x180 [ 12.077610] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.077639] __asan_report_store1_noabort+0x1b/0x30 [ 12.077663] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.077689] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.077712] ? finish_task_switch.isra.0+0x153/0x700 [ 12.077735] ? __switch_to+0x47/0xf50 [ 12.077761] ? __schedule+0x10cc/0x2b60 [ 12.077784] ? __pfx_read_tsc+0x10/0x10 [ 12.077808] krealloc_large_less_oob+0x1c/0x30 [ 12.077830] kunit_try_run_case+0x1a5/0x480 [ 12.077855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.077877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.077901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.077924] ? __kthread_parkme+0x82/0x180 [ 12.077944] ? preempt_count_sub+0x50/0x80 [ 12.077967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.077989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.078012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.078035] kthread+0x337/0x6f0 [ 12.078064] ? trace_preempt_on+0x20/0xc0 [ 12.078088] ? __pfx_kthread+0x10/0x10 [ 12.078107] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.078128] ? calculate_sigpending+0x7b/0xa0 [ 12.078152] ? __pfx_kthread+0x10/0x10 [ 12.078172] ret_from_fork+0x116/0x1d0 [ 12.078190] ? __pfx_kthread+0x10/0x10 [ 12.078209] ret_from_fork_asm+0x1a/0x30 [ 12.078247] </TASK> [ 12.078256] [ 12.088357] The buggy address belongs to the physical page: [ 12.088868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.089346] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.089780] flags: 0x200000000000040(head|node=0|zone=2) [ 12.090204] page_type: f8(unknown) [ 12.090503] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.090969] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.091300] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.091841] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.092300] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.092815] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.093353] page dumped because: kasan: bad access detected [ 12.093878] [ 12.093976] Memory state around the buggy address: [ 12.094204] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.094506] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.095487] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.096224] ^ [ 12.097085] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.097557] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.097853] ================================================================== [ 12.124008] ================================================================== [ 12.124526] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.125193] Write of size 1 at addr ffff888102b320da by task kunit_try_catch/179 [ 12.125520] [ 12.125644] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.125687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.125698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.125729] Call Trace: [ 12.125741] <TASK> [ 12.125758] dump_stack_lvl+0x73/0xb0 [ 12.125800] print_report+0xd1/0x610 [ 12.125822] ? __virt_addr_valid+0x1db/0x2d0 [ 12.125845] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.125868] ? kasan_addr_to_slab+0x11/0xa0 [ 12.125888] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.125920] kasan_report+0x141/0x180 [ 12.125941] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.125980] __asan_report_store1_noabort+0x1b/0x30 [ 12.126004] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.126030] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.126063] ? finish_task_switch.isra.0+0x153/0x700 [ 12.126086] ? __switch_to+0x47/0xf50 [ 12.126112] ? __schedule+0x10cc/0x2b60 [ 12.126135] ? __pfx_read_tsc+0x10/0x10 [ 12.126159] krealloc_large_less_oob+0x1c/0x30 [ 12.126181] kunit_try_run_case+0x1a5/0x480 [ 12.126206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126241] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.126265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.126288] ? __kthread_parkme+0x82/0x180 [ 12.126318] ? preempt_count_sub+0x50/0x80 [ 12.126341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.126387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.126410] kthread+0x337/0x6f0 [ 12.126428] ? trace_preempt_on+0x20/0xc0 [ 12.126451] ? __pfx_kthread+0x10/0x10 [ 12.126470] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.126493] ? calculate_sigpending+0x7b/0xa0 [ 12.126516] ? __pfx_kthread+0x10/0x10 [ 12.126537] ret_from_fork+0x116/0x1d0 [ 12.126554] ? __pfx_kthread+0x10/0x10 [ 12.126573] ret_from_fork_asm+0x1a/0x30 [ 12.126619] </TASK> [ 12.126629] [ 12.134444] The buggy address belongs to the physical page: [ 12.134637] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.134945] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.135446] flags: 0x200000000000040(head|node=0|zone=2) [ 12.135680] page_type: f8(unknown) [ 12.135841] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.136081] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.136423] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.137026] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.137348] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.137705] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.138025] page dumped because: kasan: bad access detected [ 12.138271] [ 12.138375] Memory state around the buggy address: [ 12.138595] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.138897] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.139209] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.139463] ^ [ 12.139650] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.139887] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.140230] ================================================================== [ 12.157623] ================================================================== [ 12.158268] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.159110] Write of size 1 at addr ffff888102b320eb by task kunit_try_catch/179 [ 12.159417] [ 12.159562] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.159606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.159617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.159638] Call Trace: [ 12.159656] <TASK> [ 12.159674] dump_stack_lvl+0x73/0xb0 [ 12.159705] print_report+0xd1/0x610 [ 12.159729] ? __virt_addr_valid+0x1db/0x2d0 [ 12.159762] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.159785] ? kasan_addr_to_slab+0x11/0xa0 [ 12.159805] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.159839] kasan_report+0x141/0x180 [ 12.159860] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.159889] __asan_report_store1_noabort+0x1b/0x30 [ 12.159922] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.159948] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.159982] ? finish_task_switch.isra.0+0x153/0x700 [ 12.160005] ? __switch_to+0x47/0xf50 [ 12.160031] ? __schedule+0x10cc/0x2b60 [ 12.160064] ? __pfx_read_tsc+0x10/0x10 [ 12.160087] krealloc_large_less_oob+0x1c/0x30 [ 12.160118] kunit_try_run_case+0x1a5/0x480 [ 12.160143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.160178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.160203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.160226] ? __kthread_parkme+0x82/0x180 [ 12.160245] ? preempt_count_sub+0x50/0x80 [ 12.160278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.160301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.160324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.160359] kthread+0x337/0x6f0 [ 12.160377] ? trace_preempt_on+0x20/0xc0 [ 12.160400] ? __pfx_kthread+0x10/0x10 [ 12.160419] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.160440] ? calculate_sigpending+0x7b/0xa0 [ 12.160463] ? __pfx_kthread+0x10/0x10 [ 12.160484] ret_from_fork+0x116/0x1d0 [ 12.160501] ? __pfx_kthread+0x10/0x10 [ 12.160520] ret_from_fork_asm+0x1a/0x30 [ 12.160553] </TASK> [ 12.160563] [ 12.168255] The buggy address belongs to the physical page: [ 12.168504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.168837] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.169076] flags: 0x200000000000040(head|node=0|zone=2) [ 12.169323] page_type: f8(unknown) [ 12.169524] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.169862] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.170194] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.170429] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.171133] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.171468] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.171734] page dumped because: kasan: bad access detected [ 12.171906] [ 12.171975] Memory state around the buggy address: [ 12.172254] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.172567] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.173042] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.173388] ^ [ 12.173599] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.173919] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.174277] ================================================================== [ 12.140735] ================================================================== [ 12.141352] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.141859] Write of size 1 at addr ffff888102b320ea by task kunit_try_catch/179 [ 12.142097] [ 12.142184] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.142227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.142238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.142258] Call Trace: [ 12.142273] <TASK> [ 12.142289] dump_stack_lvl+0x73/0xb0 [ 12.142317] print_report+0xd1/0x610 [ 12.142338] ? __virt_addr_valid+0x1db/0x2d0 [ 12.142360] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.142383] ? kasan_addr_to_slab+0x11/0xa0 [ 12.142403] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.142426] kasan_report+0x141/0x180 [ 12.142459] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.142487] __asan_report_store1_noabort+0x1b/0x30 [ 12.142523] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.142548] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.142572] ? finish_task_switch.isra.0+0x153/0x700 [ 12.142604] ? __switch_to+0x47/0xf50 [ 12.142631] ? __schedule+0x10cc/0x2b60 [ 12.142653] ? __pfx_read_tsc+0x10/0x10 [ 12.142677] krealloc_large_less_oob+0x1c/0x30 [ 12.142699] kunit_try_run_case+0x1a5/0x480 [ 12.142723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.142754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.142778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.142800] ? __kthread_parkme+0x82/0x180 [ 12.142829] ? preempt_count_sub+0x50/0x80 [ 12.142852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.142875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.142898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.142921] kthread+0x337/0x6f0 [ 12.142948] ? trace_preempt_on+0x20/0xc0 [ 12.142970] ? __pfx_kthread+0x10/0x10 [ 12.142990] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.143022] ? calculate_sigpending+0x7b/0xa0 [ 12.143045] ? __pfx_kthread+0x10/0x10 [ 12.143076] ret_from_fork+0x116/0x1d0 [ 12.143093] ? __pfx_kthread+0x10/0x10 [ 12.143121] ret_from_fork_asm+0x1a/0x30 [ 12.143153] </TASK> [ 12.143162] [ 12.150862] The buggy address belongs to the physical page: [ 12.151142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.151423] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.151835] flags: 0x200000000000040(head|node=0|zone=2) [ 12.152104] page_type: f8(unknown) [ 12.152315] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.152639] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.152959] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.153273] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.153621] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.153958] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.154293] page dumped because: kasan: bad access detected [ 12.154530] [ 12.154654] Memory state around the buggy address: [ 12.154873] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.155183] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.155400] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.155614] ^ [ 12.155870] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.156215] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.156533] ================================================================== [ 11.966350] ================================================================== [ 11.966823] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.967188] Write of size 1 at addr ffff8881003520ea by task kunit_try_catch/175 [ 11.967515] [ 11.967619] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.967660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.967670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.967692] Call Trace: [ 11.967708] <TASK> [ 11.967726] dump_stack_lvl+0x73/0xb0 [ 11.967755] print_report+0xd1/0x610 [ 11.967777] ? __virt_addr_valid+0x1db/0x2d0 [ 11.967799] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.967841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.967863] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.967887] kasan_report+0x141/0x180 [ 11.967908] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.967937] __asan_report_store1_noabort+0x1b/0x30 [ 11.967961] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.967986] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.968010] ? finish_task_switch.isra.0+0x153/0x700 [ 11.968033] ? __switch_to+0x47/0xf50 [ 11.968069] ? __schedule+0x10cc/0x2b60 [ 11.968091] ? __pfx_read_tsc+0x10/0x10 [ 11.968115] krealloc_less_oob+0x1c/0x30 [ 11.968136] kunit_try_run_case+0x1a5/0x480 [ 11.968159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.968180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.968204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.968226] ? __kthread_parkme+0x82/0x180 [ 11.968246] ? preempt_count_sub+0x50/0x80 [ 11.968268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.968291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.968314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.968337] kthread+0x337/0x6f0 [ 11.968355] ? trace_preempt_on+0x20/0xc0 [ 11.968378] ? __pfx_kthread+0x10/0x10 [ 11.968397] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.968418] ? calculate_sigpending+0x7b/0xa0 [ 11.968442] ? __pfx_kthread+0x10/0x10 [ 11.968462] ret_from_fork+0x116/0x1d0 [ 11.968480] ? __pfx_kthread+0x10/0x10 [ 11.968499] ret_from_fork_asm+0x1a/0x30 [ 11.968532] </TASK> [ 11.968541] [ 11.975726] Allocated by task 175: [ 11.975856] kasan_save_stack+0x45/0x70 [ 11.976209] kasan_save_track+0x18/0x40 [ 11.976562] kasan_save_alloc_info+0x3b/0x50 [ 11.976774] __kasan_krealloc+0x190/0x1f0 [ 11.976968] krealloc_noprof+0xf3/0x340 [ 11.977141] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.977301] krealloc_less_oob+0x1c/0x30 [ 11.977438] kunit_try_run_case+0x1a5/0x480 [ 11.977764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.978033] kthread+0x337/0x6f0 [ 11.978210] ret_from_fork+0x116/0x1d0 [ 11.978377] ret_from_fork_asm+0x1a/0x30 [ 11.978516] [ 11.978627] The buggy address belongs to the object at ffff888100352000 [ 11.978627] which belongs to the cache kmalloc-256 of size 256 [ 11.979304] The buggy address is located 33 bytes to the right of [ 11.979304] allocated 201-byte region [ffff888100352000, ffff8881003520c9) [ 11.979808] [ 11.979902] The buggy address belongs to the physical page: [ 11.980172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 11.980578] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.980936] flags: 0x200000000000040(head|node=0|zone=2) [ 11.981225] page_type: f5(slab) [ 11.981349] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.981579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.981921] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.982381] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.982610] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 11.982840] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.983389] page dumped because: kasan: bad access detected [ 11.983882] [ 11.984008] Memory state around the buggy address: [ 11.984227] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.984444] ffff888100352000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.984659] >ffff888100352080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.984870] ^ [ 11.985080] ffff888100352100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.985293] ffff888100352180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.985506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.865622] ================================================================== [ 11.865962] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.866280] Write of size 1 at addr ffff888100351ef0 by task kunit_try_catch/173 [ 11.866585] [ 11.866702] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.866745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.866756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.866778] Call Trace: [ 11.866797] <TASK> [ 11.866815] dump_stack_lvl+0x73/0xb0 [ 11.866864] print_report+0xd1/0x610 [ 11.866887] ? __virt_addr_valid+0x1db/0x2d0 [ 11.866910] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.866933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.866955] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.866979] kasan_report+0x141/0x180 [ 11.867000] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.867028] __asan_report_store1_noabort+0x1b/0x30 [ 11.867061] krealloc_more_oob_helper+0x7eb/0x930 [ 11.867083] ? __schedule+0x10cc/0x2b60 [ 11.867105] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.867129] ? finish_task_switch.isra.0+0x153/0x700 [ 11.867151] ? __switch_to+0x47/0xf50 [ 11.867178] ? __schedule+0x10cc/0x2b60 [ 11.867200] ? __pfx_read_tsc+0x10/0x10 [ 11.867225] krealloc_more_oob+0x1c/0x30 [ 11.867245] kunit_try_run_case+0x1a5/0x480 [ 11.867270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.867315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.867338] ? __kthread_parkme+0x82/0x180 [ 11.867358] ? preempt_count_sub+0x50/0x80 [ 11.867380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.867404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.867427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.867450] kthread+0x337/0x6f0 [ 11.867469] ? trace_preempt_on+0x20/0xc0 [ 11.867492] ? __pfx_kthread+0x10/0x10 [ 11.867511] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.867532] ? calculate_sigpending+0x7b/0xa0 [ 11.867555] ? __pfx_kthread+0x10/0x10 [ 11.867593] ret_from_fork+0x116/0x1d0 [ 11.867611] ? __pfx_kthread+0x10/0x10 [ 11.867630] ret_from_fork_asm+0x1a/0x30 [ 11.867662] </TASK> [ 11.867672] [ 11.879150] Allocated by task 173: [ 11.879314] kasan_save_stack+0x45/0x70 [ 11.879540] kasan_save_track+0x18/0x40 [ 11.879781] kasan_save_alloc_info+0x3b/0x50 [ 11.879938] __kasan_krealloc+0x190/0x1f0 [ 11.880152] krealloc_noprof+0xf3/0x340 [ 11.880453] krealloc_more_oob_helper+0x1a9/0x930 [ 11.880844] krealloc_more_oob+0x1c/0x30 [ 11.881021] kunit_try_run_case+0x1a5/0x480 [ 11.881223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.881441] kthread+0x337/0x6f0 [ 11.881610] ret_from_fork+0x116/0x1d0 [ 11.881810] ret_from_fork_asm+0x1a/0x30 [ 11.881949] [ 11.882151] The buggy address belongs to the object at ffff888100351e00 [ 11.882151] which belongs to the cache kmalloc-256 of size 256 [ 11.882568] The buggy address is located 5 bytes to the right of [ 11.882568] allocated 235-byte region [ffff888100351e00, ffff888100351eeb) [ 11.883272] [ 11.883349] The buggy address belongs to the physical page: [ 11.883586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.884159] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.884503] flags: 0x200000000000040(head|node=0|zone=2) [ 11.884758] page_type: f5(slab) [ 11.884954] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.885271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.885580] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.885948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.886359] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.886685] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.886919] page dumped because: kasan: bad access detected [ 11.887301] [ 11.887403] Memory state around the buggy address: [ 11.887613] ffff888100351d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.888150] ffff888100351e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.888441] >ffff888100351e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.888723] ^ [ 11.889080] ffff888100351f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.889374] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.889679] ================================================================== [ 12.042040] ================================================================== [ 12.042936] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.044357] Write of size 1 at addr ffff888102b320f0 by task kunit_try_catch/177 [ 12.045042] [ 12.045339] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.045386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.045397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.045418] Call Trace: [ 12.045431] <TASK> [ 12.045448] dump_stack_lvl+0x73/0xb0 [ 12.045478] print_report+0xd1/0x610 [ 12.045500] ? __virt_addr_valid+0x1db/0x2d0 [ 12.045523] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.045545] ? kasan_addr_to_slab+0x11/0xa0 [ 12.045565] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.045589] kasan_report+0x141/0x180 [ 12.045610] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.045638] __asan_report_store1_noabort+0x1b/0x30 [ 12.045663] krealloc_more_oob_helper+0x7eb/0x930 [ 12.045684] ? __schedule+0x10cc/0x2b60 [ 12.045707] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.045731] ? finish_task_switch.isra.0+0x153/0x700 [ 12.045753] ? __switch_to+0x47/0xf50 [ 12.045779] ? __schedule+0x10cc/0x2b60 [ 12.045800] ? __pfx_read_tsc+0x10/0x10 [ 12.045825] krealloc_large_more_oob+0x1c/0x30 [ 12.045855] kunit_try_run_case+0x1a5/0x480 [ 12.045880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.045901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.045924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.045947] ? __kthread_parkme+0x82/0x180 [ 12.045967] ? preempt_count_sub+0x50/0x80 [ 12.045990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.046013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.046035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.046070] kthread+0x337/0x6f0 [ 12.046088] ? trace_preempt_on+0x20/0xc0 [ 12.046112] ? __pfx_kthread+0x10/0x10 [ 12.046131] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.046152] ? calculate_sigpending+0x7b/0xa0 [ 12.046175] ? __pfx_kthread+0x10/0x10 [ 12.046196] ret_from_fork+0x116/0x1d0 [ 12.046218] ? __pfx_kthread+0x10/0x10 [ 12.046238] ret_from_fork_asm+0x1a/0x30 [ 12.046270] </TASK> [ 12.046279] [ 12.060755] The buggy address belongs to the physical page: [ 12.061477] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.062190] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.062431] flags: 0x200000000000040(head|node=0|zone=2) [ 12.062715] page_type: f8(unknown) [ 12.063112] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.063838] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.064498] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.065335] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.065781] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.066485] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.067099] page dumped because: kasan: bad access detected [ 12.067273] [ 12.067342] Memory state around the buggy address: [ 12.067497] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.068004] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.068709] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.069402] ^ [ 12.070095] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.070944] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.071538] ================================================================== [ 11.834575] ================================================================== [ 11.835369] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.836087] Write of size 1 at addr ffff888100351eeb by task kunit_try_catch/173 [ 11.836403] [ 11.836613] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.836660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.836671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.836693] Call Trace: [ 11.836705] <TASK> [ 11.836723] dump_stack_lvl+0x73/0xb0 [ 11.836756] print_report+0xd1/0x610 [ 11.836779] ? __virt_addr_valid+0x1db/0x2d0 [ 11.836804] ? krealloc_more_oob_helper+0x821/0x930 [ 11.836840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.836862] ? krealloc_more_oob_helper+0x821/0x930 [ 11.836886] kasan_report+0x141/0x180 [ 11.836907] ? krealloc_more_oob_helper+0x821/0x930 [ 11.836946] __asan_report_store1_noabort+0x1b/0x30 [ 11.836970] krealloc_more_oob_helper+0x821/0x930 [ 11.836991] ? __schedule+0x10cc/0x2b60 [ 11.837026] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.837059] ? finish_task_switch.isra.0+0x153/0x700 [ 11.837083] ? __switch_to+0x47/0xf50 [ 11.837110] ? __schedule+0x10cc/0x2b60 [ 11.837131] ? __pfx_read_tsc+0x10/0x10 [ 11.837156] krealloc_more_oob+0x1c/0x30 [ 11.837177] kunit_try_run_case+0x1a5/0x480 [ 11.837203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.837224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.837249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.837272] ? __kthread_parkme+0x82/0x180 [ 11.837293] ? preempt_count_sub+0x50/0x80 [ 11.837315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.837338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.837361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.837384] kthread+0x337/0x6f0 [ 11.837402] ? trace_preempt_on+0x20/0xc0 [ 11.837426] ? __pfx_kthread+0x10/0x10 [ 11.837446] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.837466] ? calculate_sigpending+0x7b/0xa0 [ 11.837491] ? __pfx_kthread+0x10/0x10 [ 11.837511] ret_from_fork+0x116/0x1d0 [ 11.837529] ? __pfx_kthread+0x10/0x10 [ 11.837548] ret_from_fork_asm+0x1a/0x30 [ 11.837581] </TASK> [ 11.837592] [ 11.851116] Allocated by task 173: [ 11.852010] kasan_save_stack+0x45/0x70 [ 11.852763] kasan_save_track+0x18/0x40 [ 11.853905] kasan_save_alloc_info+0x3b/0x50 [ 11.854238] __kasan_krealloc+0x190/0x1f0 [ 11.854406] krealloc_noprof+0xf3/0x340 [ 11.854789] krealloc_more_oob_helper+0x1a9/0x930 [ 11.855150] krealloc_more_oob+0x1c/0x30 [ 11.855353] kunit_try_run_case+0x1a5/0x480 [ 11.855562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.855948] kthread+0x337/0x6f0 [ 11.856102] ret_from_fork+0x116/0x1d0 [ 11.856328] ret_from_fork_asm+0x1a/0x30 [ 11.856552] [ 11.856697] The buggy address belongs to the object at ffff888100351e00 [ 11.856697] which belongs to the cache kmalloc-256 of size 256 [ 11.857360] The buggy address is located 0 bytes to the right of [ 11.857360] allocated 235-byte region [ffff888100351e00, ffff888100351eeb) [ 11.858166] [ 11.858280] The buggy address belongs to the physical page: [ 11.858536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.858925] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.859318] flags: 0x200000000000040(head|node=0|zone=2) [ 11.859558] page_type: f5(slab) [ 11.859769] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.860169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.860508] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.860936] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.861292] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.861620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.862034] page dumped because: kasan: bad access detected [ 11.862299] [ 11.862374] Memory state around the buggy address: [ 11.862640] ffff888100351d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863228] ffff888100351e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.863555] >ffff888100351e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.863951] ^ [ 11.864286] ffff888100351f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.864603] ffff888100351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.864983] ================================================================== [ 12.014461] ================================================================== [ 12.015555] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.015883] Write of size 1 at addr ffff888102b320eb by task kunit_try_catch/177 [ 12.016640] [ 12.016953] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.017003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.017015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.017037] Call Trace: [ 12.017062] <TASK> [ 12.017080] dump_stack_lvl+0x73/0xb0 [ 12.017112] print_report+0xd1/0x610 [ 12.017134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.017156] ? krealloc_more_oob_helper+0x821/0x930 [ 12.017179] ? kasan_addr_to_slab+0x11/0xa0 [ 12.017198] ? krealloc_more_oob_helper+0x821/0x930 [ 12.017221] kasan_report+0x141/0x180 [ 12.017243] ? krealloc_more_oob_helper+0x821/0x930 [ 12.017271] __asan_report_store1_noabort+0x1b/0x30 [ 12.017295] krealloc_more_oob_helper+0x821/0x930 [ 12.017318] ? __schedule+0x10cc/0x2b60 [ 12.017340] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.017364] ? finish_task_switch.isra.0+0x153/0x700 [ 12.017386] ? __switch_to+0x47/0xf50 [ 12.017412] ? __schedule+0x10cc/0x2b60 [ 12.017433] ? __pfx_read_tsc+0x10/0x10 [ 12.017457] krealloc_large_more_oob+0x1c/0x30 [ 12.017479] kunit_try_run_case+0x1a5/0x480 [ 12.017505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.017526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.017550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.017573] ? __kthread_parkme+0x82/0x180 [ 12.017594] ? preempt_count_sub+0x50/0x80 [ 12.017617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.017652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.017675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.017699] kthread+0x337/0x6f0 [ 12.017728] ? trace_preempt_on+0x20/0xc0 [ 12.017751] ? __pfx_kthread+0x10/0x10 [ 12.017771] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.017791] ? calculate_sigpending+0x7b/0xa0 [ 12.017832] ? __pfx_kthread+0x10/0x10 [ 12.017852] ret_from_fork+0x116/0x1d0 [ 12.017870] ? __pfx_kthread+0x10/0x10 [ 12.017889] ret_from_fork_asm+0x1a/0x30 [ 12.017922] </TASK> [ 12.017933] [ 12.031513] The buggy address belongs to the physical page: [ 12.031956] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 12.032832] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.033540] flags: 0x200000000000040(head|node=0|zone=2) [ 12.034125] page_type: f8(unknown) [ 12.034451] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.034900] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.035151] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.035387] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.035641] head: 0200000000000002 ffffea00040acc01 00000000ffffffff 00000000ffffffff [ 12.036121] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.036851] page dumped because: kasan: bad access detected [ 12.037338] [ 12.037493] Memory state around the buggy address: [ 12.037975] ffff888102b31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.038729] ffff888102b32000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.039398] >ffff888102b32080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.040048] ^ [ 12.040759] ffff888102b32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.041329] ffff888102b32180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.041549] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.811154] ================================================================== [ 11.811909] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.812581] Read of size 1 at addr ffff888103a40000 by task kunit_try_catch/171 [ 11.813220] [ 11.813371] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.813529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.813541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.813563] Call Trace: [ 11.813576] <TASK> [ 11.813594] dump_stack_lvl+0x73/0xb0 [ 11.813626] print_report+0xd1/0x610 [ 11.813649] ? __virt_addr_valid+0x1db/0x2d0 [ 11.813672] ? page_alloc_uaf+0x356/0x3d0 [ 11.813693] ? kasan_addr_to_slab+0x11/0xa0 [ 11.813713] ? page_alloc_uaf+0x356/0x3d0 [ 11.813735] kasan_report+0x141/0x180 [ 11.813756] ? page_alloc_uaf+0x356/0x3d0 [ 11.813782] __asan_report_load1_noabort+0x18/0x20 [ 11.813806] page_alloc_uaf+0x356/0x3d0 [ 11.813826] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.813848] ? __schedule+0x10cc/0x2b60 [ 11.813870] ? __pfx_read_tsc+0x10/0x10 [ 11.813890] ? ktime_get_ts64+0x86/0x230 [ 11.813915] kunit_try_run_case+0x1a5/0x480 [ 11.813939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.814099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.814126] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.814149] ? __kthread_parkme+0x82/0x180 [ 11.814169] ? preempt_count_sub+0x50/0x80 [ 11.814193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.814222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.814246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.814269] kthread+0x337/0x6f0 [ 11.814287] ? trace_preempt_on+0x20/0xc0 [ 11.814310] ? __pfx_kthread+0x10/0x10 [ 11.814329] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.814349] ? calculate_sigpending+0x7b/0xa0 [ 11.814373] ? __pfx_kthread+0x10/0x10 [ 11.814394] ret_from_fork+0x116/0x1d0 [ 11.814412] ? __pfx_kthread+0x10/0x10 [ 11.814431] ret_from_fork_asm+0x1a/0x30 [ 11.814463] </TASK> [ 11.814474] [ 11.825119] The buggy address belongs to the physical page: [ 11.825521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 11.826090] flags: 0x200000000000000(node=0|zone=2) [ 11.826288] page_type: f0(buddy) [ 11.826651] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 11.827163] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 11.827591] page dumped because: kasan: bad access detected [ 11.828068] [ 11.828161] Memory state around the buggy address: [ 11.828466] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.828924] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.829416] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.829765] ^ [ 11.830099] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.830618] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.831292] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.775629] ================================================================== [ 11.776654] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.777215] Free of addr ffff88810294c001 by task kunit_try_catch/167 [ 11.777769] [ 11.778024] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.778088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.778099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.778121] Call Trace: [ 11.778132] <TASK> [ 11.778150] dump_stack_lvl+0x73/0xb0 [ 11.778181] print_report+0xd1/0x610 [ 11.778204] ? __virt_addr_valid+0x1db/0x2d0 [ 11.778234] ? kasan_addr_to_slab+0x11/0xa0 [ 11.778254] ? kfree+0x274/0x3f0 [ 11.778275] kasan_report_invalid_free+0x10a/0x130 [ 11.778299] ? kfree+0x274/0x3f0 [ 11.778322] ? kfree+0x274/0x3f0 [ 11.778341] __kasan_kfree_large+0x86/0xd0 [ 11.778362] free_large_kmalloc+0x4b/0x110 [ 11.778385] kfree+0x274/0x3f0 [ 11.778410] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.778433] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.778456] ? __schedule+0x10cc/0x2b60 [ 11.778479] ? __pfx_read_tsc+0x10/0x10 [ 11.778500] ? ktime_get_ts64+0x86/0x230 [ 11.778524] kunit_try_run_case+0x1a5/0x480 [ 11.778550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.778572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.778606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.778629] ? __kthread_parkme+0x82/0x180 [ 11.778649] ? preempt_count_sub+0x50/0x80 [ 11.778674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.778697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.778720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.778743] kthread+0x337/0x6f0 [ 11.778762] ? trace_preempt_on+0x20/0xc0 [ 11.778785] ? __pfx_kthread+0x10/0x10 [ 11.778805] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.778844] ? calculate_sigpending+0x7b/0xa0 [ 11.778869] ? __pfx_kthread+0x10/0x10 [ 11.778890] ret_from_fork+0x116/0x1d0 [ 11.778908] ? __pfx_kthread+0x10/0x10 [ 11.778927] ret_from_fork_asm+0x1a/0x30 [ 11.778960] </TASK> [ 11.778970] [ 11.792541] The buggy address belongs to the physical page: [ 11.793117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 11.793377] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.793643] flags: 0x200000000000040(head|node=0|zone=2) [ 11.794175] page_type: f8(unknown) [ 11.794501] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.795240] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.796370] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.797193] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.797437] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 11.797877] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.798580] page dumped because: kasan: bad access detected [ 11.799080] [ 11.799294] Memory state around the buggy address: [ 11.799779] ffff88810294bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.800254] ffff88810294bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.800478] >ffff88810294c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.800864] ^ [ 11.801466] ffff88810294c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.802199] ffff88810294c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.802903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.751957] ================================================================== [ 11.752512] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.752896] Read of size 1 at addr ffff888102b2c000 by task kunit_try_catch/165 [ 11.753465] [ 11.753635] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.753683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.753749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.753771] Call Trace: [ 11.753784] <TASK> [ 11.753800] dump_stack_lvl+0x73/0xb0 [ 11.753888] print_report+0xd1/0x610 [ 11.753913] ? __virt_addr_valid+0x1db/0x2d0 [ 11.753949] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.753969] ? kasan_addr_to_slab+0x11/0xa0 [ 11.753988] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.754009] kasan_report+0x141/0x180 [ 11.754030] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.754069] __asan_report_load1_noabort+0x18/0x20 [ 11.754093] kmalloc_large_uaf+0x2f1/0x340 [ 11.754113] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.754134] ? __schedule+0x10cc/0x2b60 [ 11.754157] ? __pfx_read_tsc+0x10/0x10 [ 11.754177] ? ktime_get_ts64+0x86/0x230 [ 11.754201] kunit_try_run_case+0x1a5/0x480 [ 11.754230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.754252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.754275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.754299] ? __kthread_parkme+0x82/0x180 [ 11.754319] ? preempt_count_sub+0x50/0x80 [ 11.754343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.754366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.754388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.754411] kthread+0x337/0x6f0 [ 11.754429] ? trace_preempt_on+0x20/0xc0 [ 11.754452] ? __pfx_kthread+0x10/0x10 [ 11.754472] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.754492] ? calculate_sigpending+0x7b/0xa0 [ 11.754515] ? __pfx_kthread+0x10/0x10 [ 11.754536] ret_from_fork+0x116/0x1d0 [ 11.754553] ? __pfx_kthread+0x10/0x10 [ 11.754573] ret_from_fork_asm+0x1a/0x30 [ 11.754672] </TASK> [ 11.754681] [ 11.765161] The buggy address belongs to the physical page: [ 11.765418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 11.766186] flags: 0x200000000000000(node=0|zone=2) [ 11.766381] raw: 0200000000000000 ffffea00040acc08 ffff88815b139f80 0000000000000000 [ 11.766641] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.767339] page dumped because: kasan: bad access detected [ 11.768069] [ 11.768388] Memory state around the buggy address: [ 11.768853] ffff888102b2bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.769494] ffff888102b2bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.770098] >ffff888102b2c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.770573] ^ [ 11.770690] ffff888102b2c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.771263] ffff888102b2c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.772139] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.160403] ================================================================== [ 23.160928] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.160928] [ 23.161573] Invalid read at 0x(____ptrval____): [ 23.161806] test_invalid_access+0xf0/0x210 [ 23.162005] kunit_try_run_case+0x1a5/0x480 [ 23.162229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.162475] kthread+0x337/0x6f0 [ 23.163294] ret_from_fork+0x116/0x1d0 [ 23.163507] ret_from_fork_asm+0x1a/0x30 [ 23.163840] [ 23.164006] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.164558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.164826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.165701] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.419844] ================================================================== [ 48.420276] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.420276] [ 48.420647] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 48.420927] test_krealloc+0x6fc/0xbe0 [ 48.421136] kunit_try_run_case+0x1a5/0x480 [ 48.421364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.421568] kthread+0x337/0x6f0 [ 48.421735] ret_from_fork+0x116/0x1d0 [ 48.422020] ret_from_fork_asm+0x1a/0x30 [ 48.422206] [ 48.422309] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.422309] [ 48.422703] allocated by task 354 on cpu 1 at 48.419152s (0.003549s ago): [ 48.422970] test_alloc+0x364/0x10f0 [ 48.423148] test_krealloc+0xad/0xbe0 [ 48.423334] kunit_try_run_case+0x1a5/0x480 [ 48.423484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.423769] kthread+0x337/0x6f0 [ 48.424065] ret_from_fork+0x116/0x1d0 [ 48.424205] ret_from_fork_asm+0x1a/0x30 [ 48.424390] [ 48.424488] freed by task 354 on cpu 1 at 48.419439s (0.005045s ago): [ 48.425025] krealloc_noprof+0x108/0x340 [ 48.425219] test_krealloc+0x226/0xbe0 [ 48.425357] kunit_try_run_case+0x1a5/0x480 [ 48.425562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.426358] kthread+0x337/0x6f0 [ 48.426556] ret_from_fork+0x116/0x1d0 [ 48.426906] ret_from_fork_asm+0x1a/0x30 [ 48.427122] [ 48.427256] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 48.428036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.428317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.428711] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.336565] ================================================================== [ 48.337128] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.337128] [ 48.337553] Use-after-free read at 0x(____ptrval____) (in kfence-#130): [ 48.337868] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.338083] kunit_try_run_case+0x1a5/0x480 [ 48.338280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.338530] kthread+0x337/0x6f0 [ 48.338665] ret_from_fork+0x116/0x1d0 [ 48.338802] ret_from_fork_asm+0x1a/0x30 [ 48.339168] [ 48.339365] kfence-#130: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.339365] [ 48.339734] allocated by task 352 on cpu 0 at 48.316794s (0.022938s ago): [ 48.340098] test_alloc+0x2a6/0x10f0 [ 48.340232] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.340456] kunit_try_run_case+0x1a5/0x480 [ 48.340664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.341249] kthread+0x337/0x6f0 [ 48.341445] ret_from_fork+0x116/0x1d0 [ 48.341587] ret_from_fork_asm+0x1a/0x30 [ 48.342187] [ 48.342312] freed by task 352 on cpu 0 at 48.316976s (0.025332s ago): [ 48.342639] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.343067] kunit_try_run_case+0x1a5/0x480 [ 48.343270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.343503] kthread+0x337/0x6f0 [ 48.343863] ret_from_fork+0x116/0x1d0 [ 48.344157] ret_from_fork_asm+0x1a/0x30 [ 48.344361] [ 48.344486] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 48.344924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.345154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.345512] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.939337] ================================================================== [ 22.939779] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.939779] [ 22.940224] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#125): [ 22.940940] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.941182] kunit_try_run_case+0x1a5/0x480 [ 22.941426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.941681] kthread+0x337/0x6f0 [ 22.941821] ret_from_fork+0x116/0x1d0 [ 22.942072] ret_from_fork_asm+0x1a/0x30 [ 22.942247] [ 22.942373] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.942373] [ 22.942775] allocated by task 342 on cpu 1 at 22.939096s (0.003677s ago): [ 22.943084] test_alloc+0x364/0x10f0 [ 22.943297] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.943523] kunit_try_run_case+0x1a5/0x480 [ 22.943739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.944005] kthread+0x337/0x6f0 [ 22.944178] ret_from_fork+0x116/0x1d0 [ 22.944399] ret_from_fork_asm+0x1a/0x30 [ 22.944609] [ 22.944694] freed by task 342 on cpu 1 at 22.939218s (0.005473s ago): [ 22.944934] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.945192] kunit_try_run_case+0x1a5/0x480 [ 22.945401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.945642] kthread+0x337/0x6f0 [ 22.945834] ret_from_fork+0x116/0x1d0 [ 22.946075] ret_from_fork_asm+0x1a/0x30 [ 22.946287] [ 22.946408] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.946880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.947127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.947390] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.627368] ================================================================== [ 22.627812] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.627812] [ 22.628245] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#122): [ 22.629035] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.629368] kunit_try_run_case+0x1a5/0x480 [ 22.629826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.630113] kthread+0x337/0x6f0 [ 22.630459] ret_from_fork+0x116/0x1d0 [ 22.630663] ret_from_fork_asm+0x1a/0x30 [ 22.630877] [ 22.631208] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.631208] [ 22.631613] allocated by task 340 on cpu 1 at 22.627145s (0.004466s ago): [ 22.632166] test_alloc+0x364/0x10f0 [ 22.632450] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.632832] kunit_try_run_case+0x1a5/0x480 [ 22.633028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.633420] kthread+0x337/0x6f0 [ 22.633686] ret_from_fork+0x116/0x1d0 [ 22.633888] ret_from_fork_asm+0x1a/0x30 [ 22.634228] [ 22.634453] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.635000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.635306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.635806] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.779266] ================================================================== [ 18.779687] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.779687] [ 18.780023] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#85): [ 18.780643] test_corruption+0x131/0x3e0 [ 18.780825] kunit_try_run_case+0x1a5/0x480 [ 18.780979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.781247] kthread+0x337/0x6f0 [ 18.781423] ret_from_fork+0x116/0x1d0 [ 18.781626] ret_from_fork_asm+0x1a/0x30 [ 18.781788] [ 18.781867] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.781867] [ 18.782298] allocated by task 330 on cpu 0 at 18.779143s (0.003152s ago): [ 18.782597] test_alloc+0x2a6/0x10f0 [ 18.782771] test_corruption+0xe6/0x3e0 [ 18.782950] kunit_try_run_case+0x1a5/0x480 [ 18.783149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.783371] kthread+0x337/0x6f0 [ 18.783535] ret_from_fork+0x116/0x1d0 [ 18.783758] ret_from_fork_asm+0x1a/0x30 [ 18.783931] [ 18.784021] freed by task 330 on cpu 0 at 18.779199s (0.004819s ago): [ 18.784331] test_corruption+0x131/0x3e0 [ 18.784535] kunit_try_run_case+0x1a5/0x480 [ 18.784736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.784961] kthread+0x337/0x6f0 [ 18.785138] ret_from_fork+0x116/0x1d0 [ 18.785277] ret_from_fork_asm+0x1a/0x30 [ 18.785422] [ 18.785519] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.786005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.786224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.786520] ================================================================== [ 18.675425] ================================================================== [ 18.675843] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.675843] [ 18.676161] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 18.676554] test_corruption+0x2df/0x3e0 [ 18.676772] kunit_try_run_case+0x1a5/0x480 [ 18.677013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.677201] kthread+0x337/0x6f0 [ 18.677460] ret_from_fork+0x116/0x1d0 [ 18.677806] ret_from_fork_asm+0x1a/0x30 [ 18.678041] [ 18.678131] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.678131] [ 18.678439] allocated by task 328 on cpu 1 at 18.675163s (0.003274s ago): [ 18.678755] test_alloc+0x364/0x10f0 [ 18.678986] test_corruption+0x1cb/0x3e0 [ 18.679138] kunit_try_run_case+0x1a5/0x480 [ 18.679293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.679553] kthread+0x337/0x6f0 [ 18.679792] ret_from_fork+0x116/0x1d0 [ 18.679999] ret_from_fork_asm+0x1a/0x30 [ 18.680210] [ 18.680309] freed by task 328 on cpu 1 at 18.675269s (0.005037s ago): [ 18.680572] test_corruption+0x2df/0x3e0 [ 18.680776] kunit_try_run_case+0x1a5/0x480 [ 18.680938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.681126] kthread+0x337/0x6f0 [ 18.681250] ret_from_fork+0x116/0x1d0 [ 18.681439] ret_from_fork_asm+0x1a/0x30 [ 18.681635] [ 18.681763] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.682314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.682455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.682950] ================================================================== [ 18.571260] ================================================================== [ 18.571634] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.571634] [ 18.572002] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 18.572599] test_corruption+0x2d2/0x3e0 [ 18.573156] kunit_try_run_case+0x1a5/0x480 [ 18.573404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.573779] kthread+0x337/0x6f0 [ 18.573938] ret_from_fork+0x116/0x1d0 [ 18.574136] ret_from_fork_asm+0x1a/0x30 [ 18.574345] [ 18.574422] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.574422] [ 18.574874] allocated by task 328 on cpu 1 at 18.571110s (0.003761s ago): [ 18.575129] test_alloc+0x364/0x10f0 [ 18.575307] test_corruption+0xe6/0x3e0 [ 18.575511] kunit_try_run_case+0x1a5/0x480 [ 18.575823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.576118] kthread+0x337/0x6f0 [ 18.576249] ret_from_fork+0x116/0x1d0 [ 18.576436] ret_from_fork_asm+0x1a/0x30 [ 18.576612] [ 18.576687] freed by task 328 on cpu 1 at 18.571189s (0.005495s ago): [ 18.577018] test_corruption+0x2d2/0x3e0 [ 18.577214] kunit_try_run_case+0x1a5/0x480 [ 18.577386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.577603] kthread+0x337/0x6f0 [ 18.577798] ret_from_fork+0x116/0x1d0 [ 18.578003] ret_from_fork_asm+0x1a/0x30 [ 18.578194] [ 18.578311] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.578809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.579017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.579327] ================================================================== [ 18.987248] ================================================================== [ 18.987658] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.987658] [ 18.987959] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#87): [ 18.988348] test_corruption+0x216/0x3e0 [ 18.988556] kunit_try_run_case+0x1a5/0x480 [ 18.988729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.988951] kthread+0x337/0x6f0 [ 18.989148] ret_from_fork+0x116/0x1d0 [ 18.989352] ret_from_fork_asm+0x1a/0x30 [ 18.989525] [ 18.989644] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.989644] [ 18.989943] allocated by task 330 on cpu 0 at 18.987119s (0.002822s ago): [ 18.990291] test_alloc+0x2a6/0x10f0 [ 18.990467] test_corruption+0x1cb/0x3e0 [ 18.990691] kunit_try_run_case+0x1a5/0x480 [ 18.990841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.991033] kthread+0x337/0x6f0 [ 18.991214] ret_from_fork+0x116/0x1d0 [ 18.991405] ret_from_fork_asm+0x1a/0x30 [ 18.991601] [ 18.991685] freed by task 330 on cpu 0 at 18.987175s (0.004507s ago): [ 18.991897] test_corruption+0x216/0x3e0 [ 18.992079] kunit_try_run_case+0x1a5/0x480 [ 18.992290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.992554] kthread+0x337/0x6f0 [ 18.992724] ret_from_fork+0x116/0x1d0 [ 18.992941] ret_from_fork_asm+0x1a/0x30 [ 18.993128] [ 18.993225] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.993618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.993816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.994218] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.363324] ================================================================== [ 18.363779] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.363779] [ 18.364645] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 18.365079] test_invalid_addr_free+0x1e1/0x260 [ 18.365316] kunit_try_run_case+0x1a5/0x480 [ 18.365478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.365680] kthread+0x337/0x6f0 [ 18.365855] ret_from_fork+0x116/0x1d0 [ 18.366003] ret_from_fork_asm+0x1a/0x30 [ 18.366220] [ 18.366323] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.366323] [ 18.367016] allocated by task 324 on cpu 0 at 18.363195s (0.003819s ago): [ 18.367317] test_alloc+0x364/0x10f0 [ 18.367507] test_invalid_addr_free+0xdb/0x260 [ 18.367728] kunit_try_run_case+0x1a5/0x480 [ 18.368140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.368372] kthread+0x337/0x6f0 [ 18.368523] ret_from_fork+0x116/0x1d0 [ 18.368717] ret_from_fork_asm+0x1a/0x30 [ 18.368899] [ 18.369022] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.369467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.370018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.370379] ================================================================== [ 18.467286] ================================================================== [ 18.467642] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.467642] [ 18.468035] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 18.468639] test_invalid_addr_free+0xfb/0x260 [ 18.469172] kunit_try_run_case+0x1a5/0x480 [ 18.469536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.469808] kthread+0x337/0x6f0 [ 18.470139] ret_from_fork+0x116/0x1d0 [ 18.470513] ret_from_fork_asm+0x1a/0x30 [ 18.470696] [ 18.470857] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.470857] [ 18.471364] allocated by task 326 on cpu 1 at 18.467174s (0.004188s ago): [ 18.471582] test_alloc+0x2a6/0x10f0 [ 18.471965] test_invalid_addr_free+0xdb/0x260 [ 18.472384] kunit_try_run_case+0x1a5/0x480 [ 18.472813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.473099] kthread+0x337/0x6f0 [ 18.473221] ret_from_fork+0x116/0x1d0 [ 18.473355] ret_from_fork_asm+0x1a/0x30 [ 18.473493] [ 18.473588] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.473950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.474168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.474543] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.155415] ================================================================== [ 18.155874] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.155874] [ 18.156221] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 18.156537] test_double_free+0x1d3/0x260 [ 18.156705] kunit_try_run_case+0x1a5/0x480 [ 18.156862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.157210] kthread+0x337/0x6f0 [ 18.157392] ret_from_fork+0x116/0x1d0 [ 18.157661] ret_from_fork_asm+0x1a/0x30 [ 18.157810] [ 18.157910] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.157910] [ 18.158304] allocated by task 320 on cpu 0 at 18.155162s (0.003140s ago): [ 18.158526] test_alloc+0x364/0x10f0 [ 18.158868] test_double_free+0xdb/0x260 [ 18.159082] kunit_try_run_case+0x1a5/0x480 [ 18.159297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.159554] kthread+0x337/0x6f0 [ 18.159691] ret_from_fork+0x116/0x1d0 [ 18.159827] ret_from_fork_asm+0x1a/0x30 [ 18.160004] [ 18.160110] freed by task 320 on cpu 0 at 18.155234s (0.004873s ago): [ 18.160417] test_double_free+0x1e0/0x260 [ 18.160573] kunit_try_run_case+0x1a5/0x480 [ 18.160799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160980] kthread+0x337/0x6f0 [ 18.161163] ret_from_fork+0x116/0x1d0 [ 18.161360] ret_from_fork_asm+0x1a/0x30 [ 18.161566] [ 18.161705] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.162139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.162299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.162702] ================================================================== [ 18.259321] ================================================================== [ 18.259834] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.259834] [ 18.260175] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 18.260458] test_double_free+0x112/0x260 [ 18.260629] kunit_try_run_case+0x1a5/0x480 [ 18.260865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.261108] kthread+0x337/0x6f0 [ 18.261254] ret_from_fork+0x116/0x1d0 [ 18.261449] ret_from_fork_asm+0x1a/0x30 [ 18.261629] [ 18.261726] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.261726] [ 18.262007] allocated by task 322 on cpu 1 at 18.259163s (0.002842s ago): [ 18.262349] test_alloc+0x2a6/0x10f0 [ 18.262537] test_double_free+0xdb/0x260 [ 18.262744] kunit_try_run_case+0x1a5/0x480 [ 18.262954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.263157] kthread+0x337/0x6f0 [ 18.263316] ret_from_fork+0x116/0x1d0 [ 18.263512] ret_from_fork_asm+0x1a/0x30 [ 18.263701] [ 18.263774] freed by task 322 on cpu 1 at 18.259208s (0.004564s ago): [ 18.263988] test_double_free+0xfa/0x260 [ 18.264193] kunit_try_run_case+0x1a5/0x480 [ 18.264405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.264697] kthread+0x337/0x6f0 [ 18.264856] ret_from_fork+0x116/0x1d0 [ 18.264991] ret_from_fork_asm+0x1a/0x30 [ 18.265186] [ 18.265313] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.265771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.265957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.266371] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.739335] ================================================================== [ 17.739890] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.739890] [ 17.740323] Use-after-free read at 0x(____ptrval____) (in kfence-#75): [ 17.740682] test_use_after_free_read+0x129/0x270 [ 17.740905] kunit_try_run_case+0x1a5/0x480 [ 17.741098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.741273] kthread+0x337/0x6f0 [ 17.741415] ret_from_fork+0x116/0x1d0 [ 17.741659] ret_from_fork_asm+0x1a/0x30 [ 17.741884] [ 17.742215] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.742215] [ 17.743031] allocated by task 312 on cpu 0 at 17.739112s (0.003917s ago): [ 17.743377] test_alloc+0x364/0x10f0 [ 17.743546] test_use_after_free_read+0xdc/0x270 [ 17.743797] kunit_try_run_case+0x1a5/0x480 [ 17.743954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.744139] kthread+0x337/0x6f0 [ 17.744338] ret_from_fork+0x116/0x1d0 [ 17.744532] ret_from_fork_asm+0x1a/0x30 [ 17.744759] [ 17.745043] freed by task 312 on cpu 0 at 17.739178s (0.005862s ago): [ 17.745356] test_use_after_free_read+0x1e7/0x270 [ 17.746000] kunit_try_run_case+0x1a5/0x480 [ 17.746219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.746566] kthread+0x337/0x6f0 [ 17.746852] ret_from_fork+0x116/0x1d0 [ 17.747020] ret_from_fork_asm+0x1a/0x30 [ 17.747244] [ 17.747554] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.748062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.748417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.748955] ================================================================== [ 17.843403] ================================================================== [ 17.843993] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.843993] [ 17.844408] Use-after-free read at 0x(____ptrval____) (in kfence-#76): [ 17.844737] test_use_after_free_read+0x129/0x270 [ 17.844949] kunit_try_run_case+0x1a5/0x480 [ 17.845140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.845400] kthread+0x337/0x6f0 [ 17.845578] ret_from_fork+0x116/0x1d0 [ 17.845746] ret_from_fork_asm+0x1a/0x30 [ 17.845942] [ 17.846034] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.846034] [ 17.846419] allocated by task 314 on cpu 1 at 17.843219s (0.003198s ago): [ 17.846697] test_alloc+0x2a6/0x10f0 [ 17.846908] test_use_after_free_read+0xdc/0x270 [ 17.847099] kunit_try_run_case+0x1a5/0x480 [ 17.847248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.847476] kthread+0x337/0x6f0 [ 17.847647] ret_from_fork+0x116/0x1d0 [ 17.847812] ret_from_fork_asm+0x1a/0x30 [ 17.848022] [ 17.848107] freed by task 314 on cpu 1 at 17.843267s (0.004837s ago): [ 17.848334] test_use_after_free_read+0xfb/0x270 [ 17.848559] kunit_try_run_case+0x1a5/0x480 [ 17.848780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.849037] kthread+0x337/0x6f0 [ 17.849219] ret_from_fork+0x116/0x1d0 [ 17.849411] ret_from_fork_asm+0x1a/0x30 [ 17.849596] [ 17.849709] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.850142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.850289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.850680] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.635223] ================================================================== [ 17.635629] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.635629] [ 17.636086] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#74): [ 17.636429] test_out_of_bounds_write+0x10d/0x260 [ 17.636728] kunit_try_run_case+0x1a5/0x480 [ 17.636888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.637076] kthread+0x337/0x6f0 [ 17.637254] ret_from_fork+0x116/0x1d0 [ 17.637473] ret_from_fork_asm+0x1a/0x30 [ 17.637660] [ 17.637843] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.637843] [ 17.638258] allocated by task 310 on cpu 0 at 17.635162s (0.003094s ago): [ 17.638564] test_alloc+0x2a6/0x10f0 [ 17.638750] test_out_of_bounds_write+0xd4/0x260 [ 17.639059] kunit_try_run_case+0x1a5/0x480 [ 17.639225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.639398] kthread+0x337/0x6f0 [ 17.639541] ret_from_fork+0x116/0x1d0 [ 17.639750] ret_from_fork_asm+0x1a/0x30 [ 17.640086] [ 17.640215] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.640795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.640938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.641376] ================================================================== [ 17.323332] ================================================================== [ 17.323734] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.323734] [ 17.324191] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 17.324534] test_out_of_bounds_write+0x10d/0x260 [ 17.324788] kunit_try_run_case+0x1a5/0x480 [ 17.324993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.325313] kthread+0x337/0x6f0 [ 17.325466] ret_from_fork+0x116/0x1d0 [ 17.325628] ret_from_fork_asm+0x1a/0x30 [ 17.325870] [ 17.325948] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.325948] [ 17.326255] allocated by task 308 on cpu 1 at 17.323188s (0.003065s ago): [ 17.326597] test_alloc+0x364/0x10f0 [ 17.326788] test_out_of_bounds_write+0xd4/0x260 [ 17.326981] kunit_try_run_case+0x1a5/0x480 [ 17.327188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.327448] kthread+0x337/0x6f0 [ 17.327626] ret_from_fork+0x116/0x1d0 [ 17.327787] ret_from_fork_asm+0x1a/0x30 [ 17.327936] [ 17.328067] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.328566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.329069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.329429] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.804764] ================================================================== [ 16.805181] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.805181] [ 16.805640] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 16.805980] test_out_of_bounds_read+0x216/0x4e0 [ 16.806221] kunit_try_run_case+0x1a5/0x480 [ 16.806571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.806861] kthread+0x337/0x6f0 [ 16.806990] ret_from_fork+0x116/0x1d0 [ 16.807200] ret_from_fork_asm+0x1a/0x30 [ 16.807428] [ 16.807525] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.807525] [ 16.808279] allocated by task 304 on cpu 0 at 16.804456s (0.003821s ago): [ 16.808553] test_alloc+0x364/0x10f0 [ 16.808757] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.808969] kunit_try_run_case+0x1a5/0x480 [ 16.809205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.809408] kthread+0x337/0x6f0 [ 16.809591] ret_from_fork+0x116/0x1d0 [ 16.809730] ret_from_fork_asm+0x1a/0x30 [ 16.809930] [ 16.810075] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.810558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.810839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.811360] ================================================================== [ 17.115189] ================================================================== [ 17.115590] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.115590] [ 17.116132] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#69): [ 17.116488] test_out_of_bounds_read+0x126/0x4e0 [ 17.116683] kunit_try_run_case+0x1a5/0x480 [ 17.116836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.117122] kthread+0x337/0x6f0 [ 17.117330] ret_from_fork+0x116/0x1d0 [ 17.117566] ret_from_fork_asm+0x1a/0x30 [ 17.117729] [ 17.117818] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.117818] [ 17.118239] allocated by task 306 on cpu 0 at 17.115134s (0.003103s ago): [ 17.118551] test_alloc+0x2a6/0x10f0 [ 17.118791] test_out_of_bounds_read+0xed/0x4e0 [ 17.119058] kunit_try_run_case+0x1a5/0x480 [ 17.119266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.119546] kthread+0x337/0x6f0 [ 17.119720] ret_from_fork+0x116/0x1d0 [ 17.119915] ret_from_fork_asm+0x1a/0x30 [ 17.120072] [ 17.120169] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.120721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.120945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.121386] ================================================================== [ 16.700142] ================================================================== [ 16.700675] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.700675] [ 16.701243] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 16.701511] test_out_of_bounds_read+0x126/0x4e0 [ 16.701744] kunit_try_run_case+0x1a5/0x480 [ 16.702110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702391] kthread+0x337/0x6f0 [ 16.702547] ret_from_fork+0x116/0x1d0 [ 16.702681] ret_from_fork_asm+0x1a/0x30 [ 16.702894] [ 16.703013] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.703013] [ 16.703466] allocated by task 304 on cpu 0 at 16.699184s (0.004280s ago): [ 16.703741] test_alloc+0x364/0x10f0 [ 16.703986] test_out_of_bounds_read+0xed/0x4e0 [ 16.704243] kunit_try_run_case+0x1a5/0x480 [ 16.704482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.704756] kthread+0x337/0x6f0 [ 16.704934] ret_from_fork+0x116/0x1d0 [ 16.705133] ret_from_fork_asm+0x1a/0x30 [ 16.705346] [ 16.705474] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.705872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.706010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.706451] ================================================================== [ 17.219215] ================================================================== [ 17.219615] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.219615] [ 17.220138] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#70): [ 17.220466] test_out_of_bounds_read+0x216/0x4e0 [ 17.220762] kunit_try_run_case+0x1a5/0x480 [ 17.221003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.221265] kthread+0x337/0x6f0 [ 17.221464] ret_from_fork+0x116/0x1d0 [ 17.221654] ret_from_fork_asm+0x1a/0x30 [ 17.221890] [ 17.221995] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.221995] [ 17.222435] allocated by task 306 on cpu 0 at 17.219161s (0.003272s ago): [ 17.222717] test_alloc+0x2a6/0x10f0 [ 17.222918] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.223235] kunit_try_run_case+0x1a5/0x480 [ 17.223424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.223644] kthread+0x337/0x6f0 [ 17.223838] ret_from_fork+0x116/0x1d0 [ 17.224063] ret_from_fork_asm+0x1a/0x30 [ 17.224289] [ 17.224386] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.224983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.225231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.225598] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_2
[ 12.343016] ================================================================== [ 12.343970] BUG: KFENCE: memory corruption in kmalloc_oob_memset_2+0x187/0x330 [ 12.343970] [ 12.344509] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#40): [ 12.345220] kmalloc_oob_memset_2+0x187/0x330 [ 12.345433] kunit_try_run_case+0x1a5/0x480 [ 12.345733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345927] kthread+0x337/0x6f0 [ 12.346109] ret_from_fork+0x116/0x1d0 [ 12.346350] ret_from_fork_asm+0x1a/0x30 [ 12.346523] [ 12.346808] kfence-#40: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.346808] [ 12.347374] allocated by task 189 on cpu 0 at 12.341227s (0.006083s ago): [ 12.347799] kmalloc_oob_memset_2+0xac/0x330 [ 12.348222] kunit_try_run_case+0x1a5/0x480 [ 12.348390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.348644] kthread+0x337/0x6f0 [ 12.348819] ret_from_fork+0x116/0x1d0 [ 12.348988] ret_from_fork_asm+0x1a/0x30 [ 12.349218] [ 12.349421] freed by task 189 on cpu 0 at 12.342563s (0.006780s ago): [ 12.349687] kmalloc_oob_memset_2+0x187/0x330 [ 12.349910] kunit_try_run_case+0x1a5/0x480 [ 12.350193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.350392] kthread+0x337/0x6f0 [ 12.350562] ret_from_fork+0x116/0x1d0 [ 12.350752] ret_from_fork_asm+0x1a/0x30 [ 12.351027] [ 12.351195] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.351569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.351794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.352399] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.442698] ================================================================== [ 16.443023] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.443366] Write of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.443713] [ 16.443833] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.443879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.443891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.443915] Call Trace: [ 16.443936] <TASK> [ 16.443956] dump_stack_lvl+0x73/0xb0 [ 16.443986] print_report+0xd1/0x610 [ 16.444010] ? __virt_addr_valid+0x1db/0x2d0 [ 16.444035] ? strncpy_from_user+0x2e/0x1d0 [ 16.444071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.444095] ? strncpy_from_user+0x2e/0x1d0 [ 16.444118] kasan_report+0x141/0x180 [ 16.444141] ? strncpy_from_user+0x2e/0x1d0 [ 16.444171] kasan_check_range+0x10c/0x1c0 [ 16.444195] __kasan_check_write+0x18/0x20 [ 16.444215] strncpy_from_user+0x2e/0x1d0 [ 16.444238] ? __kasan_check_read+0x15/0x20 [ 16.444260] copy_user_test_oob+0x760/0x10f0 [ 16.444287] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.444310] ? finish_task_switch.isra.0+0x153/0x700 [ 16.444334] ? __switch_to+0x47/0xf50 [ 16.444362] ? __schedule+0x10cc/0x2b60 [ 16.444386] ? __pfx_read_tsc+0x10/0x10 [ 16.444408] ? ktime_get_ts64+0x86/0x230 [ 16.444433] kunit_try_run_case+0x1a5/0x480 [ 16.444459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.444482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.444508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.444532] ? __kthread_parkme+0x82/0x180 [ 16.444554] ? preempt_count_sub+0x50/0x80 [ 16.444578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.444614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.444639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.444664] kthread+0x337/0x6f0 [ 16.444684] ? trace_preempt_on+0x20/0xc0 [ 16.444709] ? __pfx_kthread+0x10/0x10 [ 16.444730] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.444752] ? calculate_sigpending+0x7b/0xa0 [ 16.444777] ? __pfx_kthread+0x10/0x10 [ 16.444799] ret_from_fork+0x116/0x1d0 [ 16.444818] ? __pfx_kthread+0x10/0x10 [ 16.444838] ret_from_fork_asm+0x1a/0x30 [ 16.444871] </TASK> [ 16.444882] [ 16.451979] Allocated by task 302: [ 16.452118] kasan_save_stack+0x45/0x70 [ 16.452276] kasan_save_track+0x18/0x40 [ 16.452472] kasan_save_alloc_info+0x3b/0x50 [ 16.452686] __kasan_kmalloc+0xb7/0xc0 [ 16.452877] __kmalloc_noprof+0x1c9/0x500 [ 16.453090] kunit_kmalloc_array+0x25/0x60 [ 16.453295] copy_user_test_oob+0xab/0x10f0 [ 16.453506] kunit_try_run_case+0x1a5/0x480 [ 16.453714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.453976] kthread+0x337/0x6f0 [ 16.454172] ret_from_fork+0x116/0x1d0 [ 16.454372] ret_from_fork_asm+0x1a/0x30 [ 16.454573] [ 16.454670] The buggy address belongs to the object at ffff888102f5e000 [ 16.454670] which belongs to the cache kmalloc-128 of size 128 [ 16.455164] The buggy address is located 0 bytes inside of [ 16.455164] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.455528] [ 16.455713] The buggy address belongs to the physical page: [ 16.455973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.456353] flags: 0x200000000000000(node=0|zone=2) [ 16.456604] page_type: f5(slab) [ 16.456778] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.457114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.457405] page dumped because: kasan: bad access detected [ 16.457644] [ 16.457728] Memory state around the buggy address: [ 16.457887] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458117] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458340] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.458555] ^ [ 16.458876] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459207] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459589] ================================================================== [ 16.460250] ================================================================== [ 16.460604] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.460963] Write of size 1 at addr ffff888102f5e078 by task kunit_try_catch/302 [ 16.461280] [ 16.461380] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.461426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.461439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.461462] Call Trace: [ 16.461482] <TASK> [ 16.461503] dump_stack_lvl+0x73/0xb0 [ 16.461533] print_report+0xd1/0x610 [ 16.461556] ? __virt_addr_valid+0x1db/0x2d0 [ 16.461580] ? strncpy_from_user+0x1a5/0x1d0 [ 16.461612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.461636] ? strncpy_from_user+0x1a5/0x1d0 [ 16.461662] kasan_report+0x141/0x180 [ 16.461684] ? strncpy_from_user+0x1a5/0x1d0 [ 16.461713] __asan_report_store1_noabort+0x1b/0x30 [ 16.461739] strncpy_from_user+0x1a5/0x1d0 [ 16.461765] copy_user_test_oob+0x760/0x10f0 [ 16.461793] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.461816] ? finish_task_switch.isra.0+0x153/0x700 [ 16.461840] ? __switch_to+0x47/0xf50 [ 16.461867] ? __schedule+0x10cc/0x2b60 [ 16.461892] ? __pfx_read_tsc+0x10/0x10 [ 16.461913] ? ktime_get_ts64+0x86/0x230 [ 16.461939] kunit_try_run_case+0x1a5/0x480 [ 16.461966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.461989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.462014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.462039] ? __kthread_parkme+0x82/0x180 [ 16.462075] ? preempt_count_sub+0x50/0x80 [ 16.462100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.462125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.462149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.462175] kthread+0x337/0x6f0 [ 16.462195] ? trace_preempt_on+0x20/0xc0 [ 16.462225] ? __pfx_kthread+0x10/0x10 [ 16.462247] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.462268] ? calculate_sigpending+0x7b/0xa0 [ 16.462293] ? __pfx_kthread+0x10/0x10 [ 16.462316] ret_from_fork+0x116/0x1d0 [ 16.462334] ? __pfx_kthread+0x10/0x10 [ 16.462354] ret_from_fork_asm+0x1a/0x30 [ 16.462389] </TASK> [ 16.462399] [ 16.469683] Allocated by task 302: [ 16.469813] kasan_save_stack+0x45/0x70 [ 16.469957] kasan_save_track+0x18/0x40 [ 16.470122] kasan_save_alloc_info+0x3b/0x50 [ 16.470339] __kasan_kmalloc+0xb7/0xc0 [ 16.470528] __kmalloc_noprof+0x1c9/0x500 [ 16.470776] kunit_kmalloc_array+0x25/0x60 [ 16.470934] copy_user_test_oob+0xab/0x10f0 [ 16.471131] kunit_try_run_case+0x1a5/0x480 [ 16.471339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.471521] kthread+0x337/0x6f0 [ 16.471783] ret_from_fork+0x116/0x1d0 [ 16.471972] ret_from_fork_asm+0x1a/0x30 [ 16.472133] [ 16.472205] The buggy address belongs to the object at ffff888102f5e000 [ 16.472205] which belongs to the cache kmalloc-128 of size 128 [ 16.472566] The buggy address is located 0 bytes to the right of [ 16.472566] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.473133] [ 16.473258] The buggy address belongs to the physical page: [ 16.473518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.473875] flags: 0x200000000000000(node=0|zone=2) [ 16.474041] page_type: f5(slab) [ 16.474175] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.474410] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.474748] page dumped because: kasan: bad access detected [ 16.475000] [ 16.475158] Memory state around the buggy address: [ 16.475381] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475849] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.476089] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.476305] ^ [ 16.476521] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.476874] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.477204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.406607] ================================================================== [ 16.406854] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.407228] Write of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.407541] [ 16.407665] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.407708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.407720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.407742] Call Trace: [ 16.407759] <TASK> [ 16.407776] dump_stack_lvl+0x73/0xb0 [ 16.407805] print_report+0xd1/0x610 [ 16.407828] ? __virt_addr_valid+0x1db/0x2d0 [ 16.407851] ? copy_user_test_oob+0x557/0x10f0 [ 16.407875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.407899] ? copy_user_test_oob+0x557/0x10f0 [ 16.407923] kasan_report+0x141/0x180 [ 16.407946] ? copy_user_test_oob+0x557/0x10f0 [ 16.407975] kasan_check_range+0x10c/0x1c0 [ 16.408000] __kasan_check_write+0x18/0x20 [ 16.408020] copy_user_test_oob+0x557/0x10f0 [ 16.408046] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.408081] ? finish_task_switch.isra.0+0x153/0x700 [ 16.408105] ? __switch_to+0x47/0xf50 [ 16.408133] ? __schedule+0x10cc/0x2b60 [ 16.408156] ? __pfx_read_tsc+0x10/0x10 [ 16.408178] ? ktime_get_ts64+0x86/0x230 [ 16.408202] kunit_try_run_case+0x1a5/0x480 [ 16.408228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.408252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.408277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.408302] ? __kthread_parkme+0x82/0x180 [ 16.408324] ? preempt_count_sub+0x50/0x80 [ 16.408348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.408373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.408397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.408422] kthread+0x337/0x6f0 [ 16.408442] ? trace_preempt_on+0x20/0xc0 [ 16.408467] ? __pfx_kthread+0x10/0x10 [ 16.408488] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.408510] ? calculate_sigpending+0x7b/0xa0 [ 16.408535] ? __pfx_kthread+0x10/0x10 [ 16.408557] ret_from_fork+0x116/0x1d0 [ 16.408576] ? __pfx_kthread+0x10/0x10 [ 16.408606] ret_from_fork_asm+0x1a/0x30 [ 16.408639] </TASK> [ 16.408649] [ 16.415994] Allocated by task 302: [ 16.416185] kasan_save_stack+0x45/0x70 [ 16.416390] kasan_save_track+0x18/0x40 [ 16.416538] kasan_save_alloc_info+0x3b/0x50 [ 16.416772] __kasan_kmalloc+0xb7/0xc0 [ 16.416907] __kmalloc_noprof+0x1c9/0x500 [ 16.417047] kunit_kmalloc_array+0x25/0x60 [ 16.417200] copy_user_test_oob+0xab/0x10f0 [ 16.417616] kunit_try_run_case+0x1a5/0x480 [ 16.417810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.418025] kthread+0x337/0x6f0 [ 16.418167] ret_from_fork+0x116/0x1d0 [ 16.418308] ret_from_fork_asm+0x1a/0x30 [ 16.418449] [ 16.418522] The buggy address belongs to the object at ffff888102f5e000 [ 16.418522] which belongs to the cache kmalloc-128 of size 128 [ 16.419260] The buggy address is located 0 bytes inside of [ 16.419260] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.419863] [ 16.419936] The buggy address belongs to the physical page: [ 16.420121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.420483] flags: 0x200000000000000(node=0|zone=2) [ 16.420913] page_type: f5(slab) [ 16.421089] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.421428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.421730] page dumped because: kasan: bad access detected [ 16.421940] [ 16.422011] Memory state around the buggy address: [ 16.422255] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422569] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422844] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.423162] ^ [ 16.423417] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.423742] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.424043] ================================================================== [ 16.424609] ================================================================== [ 16.424974] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.425291] Read of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.425666] [ 16.425787] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.425833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.425846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.425869] Call Trace: [ 16.425887] <TASK> [ 16.425906] dump_stack_lvl+0x73/0xb0 [ 16.425935] print_report+0xd1/0x610 [ 16.425958] ? __virt_addr_valid+0x1db/0x2d0 [ 16.425983] ? copy_user_test_oob+0x604/0x10f0 [ 16.426007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.426031] ? copy_user_test_oob+0x604/0x10f0 [ 16.426069] kasan_report+0x141/0x180 [ 16.426094] ? copy_user_test_oob+0x604/0x10f0 [ 16.426126] kasan_check_range+0x10c/0x1c0 [ 16.426152] __kasan_check_read+0x15/0x20 [ 16.426172] copy_user_test_oob+0x604/0x10f0 [ 16.426203] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.426226] ? finish_task_switch.isra.0+0x153/0x700 [ 16.426251] ? __switch_to+0x47/0xf50 [ 16.426280] ? __schedule+0x10cc/0x2b60 [ 16.426304] ? __pfx_read_tsc+0x10/0x10 [ 16.426326] ? ktime_get_ts64+0x86/0x230 [ 16.426352] kunit_try_run_case+0x1a5/0x480 [ 16.426378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.426427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.426452] ? __kthread_parkme+0x82/0x180 [ 16.426474] ? preempt_count_sub+0x50/0x80 [ 16.426498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.426548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.426574] kthread+0x337/0x6f0 [ 16.426606] ? trace_preempt_on+0x20/0xc0 [ 16.426632] ? __pfx_kthread+0x10/0x10 [ 16.426653] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.426676] ? calculate_sigpending+0x7b/0xa0 [ 16.426702] ? __pfx_kthread+0x10/0x10 [ 16.426724] ret_from_fork+0x116/0x1d0 [ 16.426744] ? __pfx_kthread+0x10/0x10 [ 16.426764] ret_from_fork_asm+0x1a/0x30 [ 16.426798] </TASK> [ 16.426809] [ 16.434132] Allocated by task 302: [ 16.434325] kasan_save_stack+0x45/0x70 [ 16.434542] kasan_save_track+0x18/0x40 [ 16.434735] kasan_save_alloc_info+0x3b/0x50 [ 16.434902] __kasan_kmalloc+0xb7/0xc0 [ 16.435098] __kmalloc_noprof+0x1c9/0x500 [ 16.435312] kunit_kmalloc_array+0x25/0x60 [ 16.435512] copy_user_test_oob+0xab/0x10f0 [ 16.435741] kunit_try_run_case+0x1a5/0x480 [ 16.435942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.436203] kthread+0x337/0x6f0 [ 16.436330] ret_from_fork+0x116/0x1d0 [ 16.436465] ret_from_fork_asm+0x1a/0x30 [ 16.436608] [ 16.436681] The buggy address belongs to the object at ffff888102f5e000 [ 16.436681] which belongs to the cache kmalloc-128 of size 128 [ 16.437046] The buggy address is located 0 bytes inside of [ 16.437046] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.437562] [ 16.437672] The buggy address belongs to the physical page: [ 16.437928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.438300] flags: 0x200000000000000(node=0|zone=2) [ 16.438545] page_type: f5(slab) [ 16.438855] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.439125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.439354] page dumped because: kasan: bad access detected [ 16.439528] [ 16.439619] Memory state around the buggy address: [ 16.439849] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440186] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440512] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.441103] ^ [ 16.441389] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.441679] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.441986] ================================================================== [ 16.366234] ================================================================== [ 16.366571] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.366960] Write of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.367277] [ 16.367399] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.367445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.367458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.367481] Call Trace: [ 16.367495] <TASK> [ 16.367513] dump_stack_lvl+0x73/0xb0 [ 16.367542] print_report+0xd1/0x610 [ 16.367565] ? __virt_addr_valid+0x1db/0x2d0 [ 16.367589] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.367626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.367650] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.367674] kasan_report+0x141/0x180 [ 16.367697] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.367727] kasan_check_range+0x10c/0x1c0 [ 16.367751] __kasan_check_write+0x18/0x20 [ 16.367771] copy_user_test_oob+0x3fd/0x10f0 [ 16.367798] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.367821] ? finish_task_switch.isra.0+0x153/0x700 [ 16.367845] ? __switch_to+0x47/0xf50 [ 16.367872] ? __schedule+0x10cc/0x2b60 [ 16.367896] ? __pfx_read_tsc+0x10/0x10 [ 16.367916] ? ktime_get_ts64+0x86/0x230 [ 16.367942] kunit_try_run_case+0x1a5/0x480 [ 16.367967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.367990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.368016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.368040] ? __kthread_parkme+0x82/0x180 [ 16.368073] ? preempt_count_sub+0x50/0x80 [ 16.368098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.368123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.368148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.368173] kthread+0x337/0x6f0 [ 16.368193] ? trace_preempt_on+0x20/0xc0 [ 16.368217] ? __pfx_kthread+0x10/0x10 [ 16.368239] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.368261] ? calculate_sigpending+0x7b/0xa0 [ 16.368286] ? __pfx_kthread+0x10/0x10 [ 16.368309] ret_from_fork+0x116/0x1d0 [ 16.368328] ? __pfx_kthread+0x10/0x10 [ 16.368349] ret_from_fork_asm+0x1a/0x30 [ 16.368382] </TASK> [ 16.368392] [ 16.375674] Allocated by task 302: [ 16.375859] kasan_save_stack+0x45/0x70 [ 16.376072] kasan_save_track+0x18/0x40 [ 16.376238] kasan_save_alloc_info+0x3b/0x50 [ 16.376388] __kasan_kmalloc+0xb7/0xc0 [ 16.376522] __kmalloc_noprof+0x1c9/0x500 [ 16.376867] kunit_kmalloc_array+0x25/0x60 [ 16.377086] copy_user_test_oob+0xab/0x10f0 [ 16.377295] kunit_try_run_case+0x1a5/0x480 [ 16.377504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.377770] kthread+0x337/0x6f0 [ 16.377910] ret_from_fork+0x116/0x1d0 [ 16.378100] ret_from_fork_asm+0x1a/0x30 [ 16.378292] [ 16.378377] The buggy address belongs to the object at ffff888102f5e000 [ 16.378377] which belongs to the cache kmalloc-128 of size 128 [ 16.378863] The buggy address is located 0 bytes inside of [ 16.378863] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.379351] [ 16.379426] The buggy address belongs to the physical page: [ 16.379612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.379964] flags: 0x200000000000000(node=0|zone=2) [ 16.380322] page_type: f5(slab) [ 16.380448] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.380705] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.381086] page dumped because: kasan: bad access detected [ 16.381463] [ 16.381558] Memory state around the buggy address: [ 16.381795] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382041] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382365] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.382687] ^ [ 16.382903] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.383158] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.383473] ================================================================== [ 16.384306] ================================================================== [ 16.384768] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.385095] Read of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.385390] [ 16.385480] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.385526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.385538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.385561] Call Trace: [ 16.385578] <TASK> [ 16.385597] dump_stack_lvl+0x73/0xb0 [ 16.385625] print_report+0xd1/0x610 [ 16.385649] ? __virt_addr_valid+0x1db/0x2d0 [ 16.385672] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.385697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.385720] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.385745] kasan_report+0x141/0x180 [ 16.385768] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.385798] kasan_check_range+0x10c/0x1c0 [ 16.385823] __kasan_check_read+0x15/0x20 [ 16.385842] copy_user_test_oob+0x4aa/0x10f0 [ 16.385868] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.385891] ? finish_task_switch.isra.0+0x153/0x700 [ 16.385915] ? __switch_to+0x47/0xf50 [ 16.385942] ? __schedule+0x10cc/0x2b60 [ 16.385980] ? __pfx_read_tsc+0x10/0x10 [ 16.386002] ? ktime_get_ts64+0x86/0x230 [ 16.386027] kunit_try_run_case+0x1a5/0x480 [ 16.386065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.386114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.386139] ? __kthread_parkme+0x82/0x180 [ 16.386160] ? preempt_count_sub+0x50/0x80 [ 16.386185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.386238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.386263] kthread+0x337/0x6f0 [ 16.386282] ? trace_preempt_on+0x20/0xc0 [ 16.386307] ? __pfx_kthread+0x10/0x10 [ 16.386328] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.386350] ? calculate_sigpending+0x7b/0xa0 [ 16.386376] ? __pfx_kthread+0x10/0x10 [ 16.386398] ret_from_fork+0x116/0x1d0 [ 16.386417] ? __pfx_kthread+0x10/0x10 [ 16.386438] ret_from_fork_asm+0x1a/0x30 [ 16.386471] </TASK> [ 16.386481] [ 16.394215] Allocated by task 302: [ 16.394375] kasan_save_stack+0x45/0x70 [ 16.394544] kasan_save_track+0x18/0x40 [ 16.394778] kasan_save_alloc_info+0x3b/0x50 [ 16.394960] __kasan_kmalloc+0xb7/0xc0 [ 16.395154] __kmalloc_noprof+0x1c9/0x500 [ 16.395307] kunit_kmalloc_array+0x25/0x60 [ 16.395482] copy_user_test_oob+0xab/0x10f0 [ 16.395693] kunit_try_run_case+0x1a5/0x480 [ 16.395901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.396128] kthread+0x337/0x6f0 [ 16.396288] ret_from_fork+0x116/0x1d0 [ 16.396467] ret_from_fork_asm+0x1a/0x30 [ 16.398251] [ 16.398383] The buggy address belongs to the object at ffff888102f5e000 [ 16.398383] which belongs to the cache kmalloc-128 of size 128 [ 16.398802] The buggy address is located 0 bytes inside of [ 16.398802] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.399177] [ 16.399253] The buggy address belongs to the physical page: [ 16.399429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.400440] flags: 0x200000000000000(node=0|zone=2) [ 16.401163] page_type: f5(slab) [ 16.401405] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.402124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.402467] page dumped because: kasan: bad access detected [ 16.402869] [ 16.403116] Memory state around the buggy address: [ 16.403453] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403929] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404372] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.404810] ^ [ 16.405314] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405781] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.406091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.344935] ================================================================== [ 16.345287] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.345546] Read of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.345856] [ 16.345992] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.346039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.346063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.346086] Call Trace: [ 16.346105] <TASK> [ 16.346122] dump_stack_lvl+0x73/0xb0 [ 16.346152] print_report+0xd1/0x610 [ 16.346177] ? __virt_addr_valid+0x1db/0x2d0 [ 16.346205] ? _copy_to_user+0x3c/0x70 [ 16.346225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.346249] ? _copy_to_user+0x3c/0x70 [ 16.346269] kasan_report+0x141/0x180 [ 16.346292] ? _copy_to_user+0x3c/0x70 [ 16.346317] kasan_check_range+0x10c/0x1c0 [ 16.346342] __kasan_check_read+0x15/0x20 [ 16.346361] _copy_to_user+0x3c/0x70 [ 16.346382] copy_user_test_oob+0x364/0x10f0 [ 16.346410] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.346434] ? finish_task_switch.isra.0+0x153/0x700 [ 16.346458] ? __switch_to+0x47/0xf50 [ 16.346485] ? __schedule+0x10cc/0x2b60 [ 16.346509] ? __pfx_read_tsc+0x10/0x10 [ 16.346530] ? ktime_get_ts64+0x86/0x230 [ 16.346556] kunit_try_run_case+0x1a5/0x480 [ 16.346580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.346603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.346628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.346653] ? __kthread_parkme+0x82/0x180 [ 16.346675] ? preempt_count_sub+0x50/0x80 [ 16.346700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.346725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.346752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.346779] kthread+0x337/0x6f0 [ 16.346799] ? trace_preempt_on+0x20/0xc0 [ 16.346824] ? __pfx_kthread+0x10/0x10 [ 16.346845] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.346869] ? calculate_sigpending+0x7b/0xa0 [ 16.346894] ? __pfx_kthread+0x10/0x10 [ 16.346916] ret_from_fork+0x116/0x1d0 [ 16.346935] ? __pfx_kthread+0x10/0x10 [ 16.346956] ret_from_fork_asm+0x1a/0x30 [ 16.346990] </TASK> [ 16.347000] [ 16.354299] Allocated by task 302: [ 16.354491] kasan_save_stack+0x45/0x70 [ 16.354699] kasan_save_track+0x18/0x40 [ 16.354905] kasan_save_alloc_info+0x3b/0x50 [ 16.355134] __kasan_kmalloc+0xb7/0xc0 [ 16.355330] __kmalloc_noprof+0x1c9/0x500 [ 16.355479] kunit_kmalloc_array+0x25/0x60 [ 16.355723] copy_user_test_oob+0xab/0x10f0 [ 16.355973] kunit_try_run_case+0x1a5/0x480 [ 16.356142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.356321] kthread+0x337/0x6f0 [ 16.356445] ret_from_fork+0x116/0x1d0 [ 16.356580] ret_from_fork_asm+0x1a/0x30 [ 16.356791] [ 16.356887] The buggy address belongs to the object at ffff888102f5e000 [ 16.356887] which belongs to the cache kmalloc-128 of size 128 [ 16.357446] The buggy address is located 0 bytes inside of [ 16.357446] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.358073] [ 16.358147] The buggy address belongs to the physical page: [ 16.358330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.358739] flags: 0x200000000000000(node=0|zone=2) [ 16.358980] page_type: f5(slab) [ 16.359164] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.359504] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.359818] page dumped because: kasan: bad access detected [ 16.360064] [ 16.360140] Memory state around the buggy address: [ 16.360348] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360652] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360927] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.361211] ^ [ 16.361472] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361849] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.362119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.314011] ================================================================== [ 16.315389] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.315733] Write of size 121 at addr ffff888102f5e000 by task kunit_try_catch/302 [ 16.316441] [ 16.316843] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.317006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.317027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.317067] Call Trace: [ 16.317082] <TASK> [ 16.317106] dump_stack_lvl+0x73/0xb0 [ 16.317146] print_report+0xd1/0x610 [ 16.317219] ? __virt_addr_valid+0x1db/0x2d0 [ 16.317245] ? _copy_from_user+0x32/0x90 [ 16.317266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.317292] ? _copy_from_user+0x32/0x90 [ 16.317312] kasan_report+0x141/0x180 [ 16.317336] ? _copy_from_user+0x32/0x90 [ 16.317362] kasan_check_range+0x10c/0x1c0 [ 16.317386] __kasan_check_write+0x18/0x20 [ 16.317406] _copy_from_user+0x32/0x90 [ 16.317427] copy_user_test_oob+0x2be/0x10f0 [ 16.317455] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.317479] ? finish_task_switch.isra.0+0x153/0x700 [ 16.317505] ? __switch_to+0x47/0xf50 [ 16.317533] ? __schedule+0x10cc/0x2b60 [ 16.317558] ? __pfx_read_tsc+0x10/0x10 [ 16.317580] ? ktime_get_ts64+0x86/0x230 [ 16.317609] kunit_try_run_case+0x1a5/0x480 [ 16.317634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.317683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.317707] ? __kthread_parkme+0x82/0x180 [ 16.317731] ? preempt_count_sub+0x50/0x80 [ 16.317755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.317805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.317830] kthread+0x337/0x6f0 [ 16.317849] ? trace_preempt_on+0x20/0xc0 [ 16.317875] ? __pfx_kthread+0x10/0x10 [ 16.317898] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.317920] ? calculate_sigpending+0x7b/0xa0 [ 16.317947] ? __pfx_kthread+0x10/0x10 [ 16.317969] ret_from_fork+0x116/0x1d0 [ 16.317988] ? __pfx_kthread+0x10/0x10 [ 16.318009] ret_from_fork_asm+0x1a/0x30 [ 16.318045] </TASK> [ 16.318069] [ 16.329324] Allocated by task 302: [ 16.329645] kasan_save_stack+0x45/0x70 [ 16.330019] kasan_save_track+0x18/0x40 [ 16.330334] kasan_save_alloc_info+0x3b/0x50 [ 16.330544] __kasan_kmalloc+0xb7/0xc0 [ 16.330904] __kmalloc_noprof+0x1c9/0x500 [ 16.331297] kunit_kmalloc_array+0x25/0x60 [ 16.331508] copy_user_test_oob+0xab/0x10f0 [ 16.331877] kunit_try_run_case+0x1a5/0x480 [ 16.332284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.332530] kthread+0x337/0x6f0 [ 16.332869] ret_from_fork+0x116/0x1d0 [ 16.333183] ret_from_fork_asm+0x1a/0x30 [ 16.333379] [ 16.333473] The buggy address belongs to the object at ffff888102f5e000 [ 16.333473] which belongs to the cache kmalloc-128 of size 128 [ 16.334301] The buggy address is located 0 bytes inside of [ 16.334301] allocated 120-byte region [ffff888102f5e000, ffff888102f5e078) [ 16.334953] [ 16.335070] The buggy address belongs to the physical page: [ 16.335316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f5e [ 16.335717] flags: 0x200000000000000(node=0|zone=2) [ 16.335938] page_type: f5(slab) [ 16.336114] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.336431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.337147] page dumped because: kasan: bad access detected [ 16.337616] [ 16.337847] Memory state around the buggy address: [ 16.338265] ffff888102f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.338799] ffff888102f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.339315] >ffff888102f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.339957] ^ [ 16.340460] ffff888102f5e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341136] ffff888102f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.265234] ================================================================== [ 16.266084] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.266343] Write of size 8 at addr ffff888102f42f78 by task kunit_try_catch/298 [ 16.266587] [ 16.266686] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.266735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.266749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.266773] Call Trace: [ 16.266786] <TASK> [ 16.266806] dump_stack_lvl+0x73/0xb0 [ 16.266837] print_report+0xd1/0x610 [ 16.266861] ? __virt_addr_valid+0x1db/0x2d0 [ 16.266885] ? copy_to_kernel_nofault+0x99/0x260 [ 16.266909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.266934] ? copy_to_kernel_nofault+0x99/0x260 [ 16.266959] kasan_report+0x141/0x180 [ 16.266982] ? copy_to_kernel_nofault+0x99/0x260 [ 16.267012] kasan_check_range+0x10c/0x1c0 [ 16.267036] __kasan_check_write+0x18/0x20 [ 16.267066] copy_to_kernel_nofault+0x99/0x260 [ 16.267093] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.267119] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.267143] ? finish_task_switch.isra.0+0x153/0x700 [ 16.267168] ? __schedule+0x10cc/0x2b60 [ 16.267191] ? trace_hardirqs_on+0x37/0xe0 [ 16.267225] ? __pfx_read_tsc+0x10/0x10 [ 16.267247] ? ktime_get_ts64+0x86/0x230 [ 16.267272] kunit_try_run_case+0x1a5/0x480 [ 16.267298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.267322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.267347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.267641] ? __kthread_parkme+0x82/0x180 [ 16.267686] ? preempt_count_sub+0x50/0x80 [ 16.267726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.267752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.267779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.267804] kthread+0x337/0x6f0 [ 16.267956] ? trace_preempt_on+0x20/0xc0 [ 16.267985] ? __pfx_kthread+0x10/0x10 [ 16.268008] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.268032] ? calculate_sigpending+0x7b/0xa0 [ 16.268067] ? __pfx_kthread+0x10/0x10 [ 16.268089] ret_from_fork+0x116/0x1d0 [ 16.268109] ? __pfx_kthread+0x10/0x10 [ 16.268130] ret_from_fork_asm+0x1a/0x30 [ 16.268165] </TASK> [ 16.268177] [ 16.283771] Allocated by task 298: [ 16.284448] kasan_save_stack+0x45/0x70 [ 16.284639] kasan_save_track+0x18/0x40 [ 16.284789] kasan_save_alloc_info+0x3b/0x50 [ 16.284942] __kasan_kmalloc+0xb7/0xc0 [ 16.285092] __kmalloc_cache_noprof+0x189/0x420 [ 16.285253] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.285420] kunit_try_run_case+0x1a5/0x480 [ 16.285569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.285748] kthread+0x337/0x6f0 [ 16.285874] ret_from_fork+0x116/0x1d0 [ 16.286011] ret_from_fork_asm+0x1a/0x30 [ 16.287218] [ 16.287682] The buggy address belongs to the object at ffff888102f42f00 [ 16.287682] which belongs to the cache kmalloc-128 of size 128 [ 16.289627] The buggy address is located 0 bytes to the right of [ 16.289627] allocated 120-byte region [ffff888102f42f00, ffff888102f42f78) [ 16.291611] [ 16.291791] The buggy address belongs to the physical page: [ 16.292384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 16.293188] flags: 0x200000000000000(node=0|zone=2) [ 16.293685] page_type: f5(slab) [ 16.294076] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.294836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.295742] page dumped because: kasan: bad access detected [ 16.295923] [ 16.295995] Memory state around the buggy address: [ 16.296182] ffff888102f42e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.296420] ffff888102f42e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.297142] >ffff888102f42f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.297873] ^ [ 16.298621] ffff888102f42f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299095] ffff888102f43000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.299722] ================================================================== [ 16.226240] ================================================================== [ 16.227586] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.227959] Read of size 8 at addr ffff888102f42f78 by task kunit_try_catch/298 [ 16.228920] [ 16.229230] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.229287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.229301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.229326] Call Trace: [ 16.229364] <TASK> [ 16.229386] dump_stack_lvl+0x73/0xb0 [ 16.229422] print_report+0xd1/0x610 [ 16.229449] ? __virt_addr_valid+0x1db/0x2d0 [ 16.229475] ? copy_to_kernel_nofault+0x225/0x260 [ 16.229502] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.229528] ? copy_to_kernel_nofault+0x225/0x260 [ 16.229553] kasan_report+0x141/0x180 [ 16.229657] ? copy_to_kernel_nofault+0x225/0x260 [ 16.229690] __asan_report_load8_noabort+0x18/0x20 [ 16.229716] copy_to_kernel_nofault+0x225/0x260 [ 16.229743] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.229770] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.229795] ? finish_task_switch.isra.0+0x153/0x700 [ 16.229837] ? __schedule+0x10cc/0x2b60 [ 16.229861] ? trace_hardirqs_on+0x37/0xe0 [ 16.229898] ? __pfx_read_tsc+0x10/0x10 [ 16.229922] ? ktime_get_ts64+0x86/0x230 [ 16.229949] kunit_try_run_case+0x1a5/0x480 [ 16.229979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.230029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.230067] ? __kthread_parkme+0x82/0x180 [ 16.230091] ? preempt_count_sub+0x50/0x80 [ 16.230116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.230168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.230193] kthread+0x337/0x6f0 [ 16.230220] ? trace_preempt_on+0x20/0xc0 [ 16.230245] ? __pfx_kthread+0x10/0x10 [ 16.230267] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.230290] ? calculate_sigpending+0x7b/0xa0 [ 16.230316] ? __pfx_kthread+0x10/0x10 [ 16.230339] ret_from_fork+0x116/0x1d0 [ 16.230360] ? __pfx_kthread+0x10/0x10 [ 16.230382] ret_from_fork_asm+0x1a/0x30 [ 16.230417] </TASK> [ 16.230430] [ 16.248474] Allocated by task 298: [ 16.248876] kasan_save_stack+0x45/0x70 [ 16.249375] kasan_save_track+0x18/0x40 [ 16.249560] kasan_save_alloc_info+0x3b/0x50 [ 16.250194] __kasan_kmalloc+0xb7/0xc0 [ 16.250690] __kmalloc_cache_noprof+0x189/0x420 [ 16.250896] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.251246] kunit_try_run_case+0x1a5/0x480 [ 16.251662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.252330] kthread+0x337/0x6f0 [ 16.252561] ret_from_fork+0x116/0x1d0 [ 16.253086] ret_from_fork_asm+0x1a/0x30 [ 16.253303] [ 16.253402] The buggy address belongs to the object at ffff888102f42f00 [ 16.253402] which belongs to the cache kmalloc-128 of size 128 [ 16.254642] The buggy address is located 0 bytes to the right of [ 16.254642] allocated 120-byte region [ffff888102f42f00, ffff888102f42f78) [ 16.255791] [ 16.256125] The buggy address belongs to the physical page: [ 16.256386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 16.257077] flags: 0x200000000000000(node=0|zone=2) [ 16.257380] page_type: f5(slab) [ 16.258031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.258405] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.259117] page dumped because: kasan: bad access detected [ 16.259438] [ 16.259658] Memory state around the buggy address: [ 16.260195] ffff888102f42e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.260977] ffff888102f42e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.261288] >ffff888102f42f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.261583] ^ [ 16.262121] ffff888102f42f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.262682] ffff888102f43000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.263034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.987564] ================================================================== [ 14.987979] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.988336] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.988626] [ 14.988776] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.988872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.988885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.988920] Call Trace: [ 14.988940] <TASK> [ 14.988961] dump_stack_lvl+0x73/0xb0 [ 14.988992] print_report+0xd1/0x610 [ 14.989016] ? __virt_addr_valid+0x1db/0x2d0 [ 14.989041] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.989074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.989098] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.989121] kasan_report+0x141/0x180 [ 14.989173] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.989201] kasan_check_range+0x10c/0x1c0 [ 14.989255] __kasan_check_write+0x18/0x20 [ 14.989275] kasan_atomics_helper+0x7c7/0x5450 [ 14.989299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.989322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.989349] ? kasan_atomics+0x152/0x310 [ 14.989378] kasan_atomics+0x1dc/0x310 [ 14.989401] ? __pfx_kasan_atomics+0x10/0x10 [ 14.989426] ? __pfx_read_tsc+0x10/0x10 [ 14.989448] ? ktime_get_ts64+0x86/0x230 [ 14.989502] kunit_try_run_case+0x1a5/0x480 [ 14.989545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.989622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.989647] ? __kthread_parkme+0x82/0x180 [ 14.989668] ? preempt_count_sub+0x50/0x80 [ 14.989695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.989744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.989816] kthread+0x337/0x6f0 [ 14.989862] ? trace_preempt_on+0x20/0xc0 [ 14.989888] ? __pfx_kthread+0x10/0x10 [ 14.989910] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.989944] ? calculate_sigpending+0x7b/0xa0 [ 14.989969] ? __pfx_kthread+0x10/0x10 [ 14.989991] ret_from_fork+0x116/0x1d0 [ 14.990010] ? __pfx_kthread+0x10/0x10 [ 14.990031] ret_from_fork_asm+0x1a/0x30 [ 14.990073] </TASK> [ 14.990084] [ 15.002328] Allocated by task 282: [ 15.002670] kasan_save_stack+0x45/0x70 [ 15.003122] kasan_save_track+0x18/0x40 [ 15.003618] kasan_save_alloc_info+0x3b/0x50 [ 15.003892] __kasan_kmalloc+0xb7/0xc0 [ 15.004195] __kmalloc_cache_noprof+0x189/0x420 [ 15.004384] kasan_atomics+0x95/0x310 [ 15.004698] kunit_try_run_case+0x1a5/0x480 [ 15.005086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.005424] kthread+0x337/0x6f0 [ 15.005768] ret_from_fork+0x116/0x1d0 [ 15.006038] ret_from_fork_asm+0x1a/0x30 [ 15.006243] [ 15.006370] The buggy address belongs to the object at ffff8881026ce080 [ 15.006370] which belongs to the cache kmalloc-64 of size 64 [ 15.007278] The buggy address is located 0 bytes to the right of [ 15.007278] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.008134] [ 15.008242] The buggy address belongs to the physical page: [ 15.008478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.009127] flags: 0x200000000000000(node=0|zone=2) [ 15.009434] page_type: f5(slab) [ 15.009581] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.010228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.010567] page dumped because: kasan: bad access detected [ 15.010956] [ 15.011086] Memory state around the buggy address: [ 15.011363] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.011937] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.012255] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.012790] ^ [ 15.013098] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013513] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.014008] ================================================================== [ 15.529235] ================================================================== [ 15.529560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.529914] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.530463] [ 15.530586] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.530632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.530646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.530671] Call Trace: [ 15.530689] <TASK> [ 15.530706] dump_stack_lvl+0x73/0xb0 [ 15.530736] print_report+0xd1/0x610 [ 15.530759] ? __virt_addr_valid+0x1db/0x2d0 [ 15.530782] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.530805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.530829] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.530852] kasan_report+0x141/0x180 [ 15.530875] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.530927] kasan_check_range+0x10c/0x1c0 [ 15.530953] __kasan_check_write+0x18/0x20 [ 15.530972] kasan_atomics_helper+0x12e6/0x5450 [ 15.530997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.531019] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.531046] ? kasan_atomics+0x152/0x310 [ 15.531087] kasan_atomics+0x1dc/0x310 [ 15.531110] ? __pfx_kasan_atomics+0x10/0x10 [ 15.531135] ? __pfx_read_tsc+0x10/0x10 [ 15.531156] ? ktime_get_ts64+0x86/0x230 [ 15.531181] kunit_try_run_case+0x1a5/0x480 [ 15.531206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.531230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.531256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.531280] ? __kthread_parkme+0x82/0x180 [ 15.531301] ? preempt_count_sub+0x50/0x80 [ 15.531326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.531351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.531375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.531420] kthread+0x337/0x6f0 [ 15.531440] ? trace_preempt_on+0x20/0xc0 [ 15.531464] ? __pfx_kthread+0x10/0x10 [ 15.531485] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.531508] ? calculate_sigpending+0x7b/0xa0 [ 15.531533] ? __pfx_kthread+0x10/0x10 [ 15.531556] ret_from_fork+0x116/0x1d0 [ 15.531575] ? __pfx_kthread+0x10/0x10 [ 15.531596] ret_from_fork_asm+0x1a/0x30 [ 15.531630] </TASK> [ 15.531641] [ 15.542637] Allocated by task 282: [ 15.543220] kasan_save_stack+0x45/0x70 [ 15.543518] kasan_save_track+0x18/0x40 [ 15.543814] kasan_save_alloc_info+0x3b/0x50 [ 15.544223] __kasan_kmalloc+0xb7/0xc0 [ 15.544495] __kmalloc_cache_noprof+0x189/0x420 [ 15.544834] kasan_atomics+0x95/0x310 [ 15.545162] kunit_try_run_case+0x1a5/0x480 [ 15.545369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.545604] kthread+0x337/0x6f0 [ 15.546214] ret_from_fork+0x116/0x1d0 [ 15.546383] ret_from_fork_asm+0x1a/0x30 [ 15.546959] [ 15.547230] The buggy address belongs to the object at ffff8881026ce080 [ 15.547230] which belongs to the cache kmalloc-64 of size 64 [ 15.547922] The buggy address is located 0 bytes to the right of [ 15.547922] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.548617] [ 15.548711] The buggy address belongs to the physical page: [ 15.549232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.549617] flags: 0x200000000000000(node=0|zone=2) [ 15.549846] page_type: f5(slab) [ 15.550119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.550423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.551028] page dumped because: kasan: bad access detected [ 15.551331] [ 15.551419] Memory state around the buggy address: [ 15.551719] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552242] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.552671] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.553118] ^ [ 15.553390] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553934] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.554269] ================================================================== [ 14.783599] ================================================================== [ 14.784265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.784627] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.784979] [ 14.785092] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.785135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.785146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.785167] Call Trace: [ 14.785182] <TASK> [ 14.785198] dump_stack_lvl+0x73/0xb0 [ 14.785337] print_report+0xd1/0x610 [ 14.785360] ? __virt_addr_valid+0x1db/0x2d0 [ 14.785402] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.785424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.785446] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.785469] kasan_report+0x141/0x180 [ 14.785492] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.785519] __asan_report_store4_noabort+0x1b/0x30 [ 14.785545] kasan_atomics_helper+0x4b6e/0x5450 [ 14.785569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.785609] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.785635] ? kasan_atomics+0x152/0x310 [ 14.785663] kasan_atomics+0x1dc/0x310 [ 14.785687] ? __pfx_kasan_atomics+0x10/0x10 [ 14.785712] ? __pfx_read_tsc+0x10/0x10 [ 14.785733] ? ktime_get_ts64+0x86/0x230 [ 14.785761] kunit_try_run_case+0x1a5/0x480 [ 14.785787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.785810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.785836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.785861] ? __kthread_parkme+0x82/0x180 [ 14.785882] ? preempt_count_sub+0x50/0x80 [ 14.785907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.785932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.785983] kthread+0x337/0x6f0 [ 14.786002] ? trace_preempt_on+0x20/0xc0 [ 14.786026] ? __pfx_kthread+0x10/0x10 [ 14.786047] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.786081] ? calculate_sigpending+0x7b/0xa0 [ 14.786106] ? __pfx_kthread+0x10/0x10 [ 14.786128] ret_from_fork+0x116/0x1d0 [ 14.786148] ? __pfx_kthread+0x10/0x10 [ 14.786169] ret_from_fork_asm+0x1a/0x30 [ 14.786206] </TASK> [ 14.786217] [ 14.799506] Allocated by task 282: [ 14.799713] kasan_save_stack+0x45/0x70 [ 14.800200] kasan_save_track+0x18/0x40 [ 14.800399] kasan_save_alloc_info+0x3b/0x50 [ 14.800788] __kasan_kmalloc+0xb7/0xc0 [ 14.801343] __kmalloc_cache_noprof+0x189/0x420 [ 14.801656] kasan_atomics+0x95/0x310 [ 14.802095] kunit_try_run_case+0x1a5/0x480 [ 14.802322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.802556] kthread+0x337/0x6f0 [ 14.803106] ret_from_fork+0x116/0x1d0 [ 14.803512] ret_from_fork_asm+0x1a/0x30 [ 14.804084] [ 14.804192] The buggy address belongs to the object at ffff8881026ce080 [ 14.804192] which belongs to the cache kmalloc-64 of size 64 [ 14.804987] The buggy address is located 0 bytes to the right of [ 14.804987] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.805937] [ 14.806179] The buggy address belongs to the physical page: [ 14.806434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.807285] flags: 0x200000000000000(node=0|zone=2) [ 14.807604] page_type: f5(slab) [ 14.807776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.808457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.809350] page dumped because: kasan: bad access detected [ 14.809780] [ 14.810089] Memory state around the buggy address: [ 14.810444] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811169] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.811614] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.812106] ^ [ 14.812488] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.813088] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.813544] ================================================================== [ 15.390003] ================================================================== [ 15.390352] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.391100] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.391382] [ 15.391495] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.391540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.391552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.391576] Call Trace: [ 15.391594] <TASK> [ 15.391612] dump_stack_lvl+0x73/0xb0 [ 15.391641] print_report+0xd1/0x610 [ 15.391664] ? __virt_addr_valid+0x1db/0x2d0 [ 15.391687] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.391710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.391732] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.391756] kasan_report+0x141/0x180 [ 15.391778] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.391806] __asan_report_load4_noabort+0x18/0x20 [ 15.391883] kasan_atomics_helper+0x4a1c/0x5450 [ 15.391908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.391943] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.391969] ? kasan_atomics+0x152/0x310 [ 15.391998] kasan_atomics+0x1dc/0x310 [ 15.392094] ? __pfx_kasan_atomics+0x10/0x10 [ 15.392183] ? __pfx_read_tsc+0x10/0x10 [ 15.392206] ? ktime_get_ts64+0x86/0x230 [ 15.392304] kunit_try_run_case+0x1a5/0x480 [ 15.392343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.392392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.392417] ? __kthread_parkme+0x82/0x180 [ 15.392438] ? preempt_count_sub+0x50/0x80 [ 15.392464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.392538] kthread+0x337/0x6f0 [ 15.392558] ? trace_preempt_on+0x20/0xc0 [ 15.392582] ? __pfx_kthread+0x10/0x10 [ 15.392612] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.392635] ? calculate_sigpending+0x7b/0xa0 [ 15.392660] ? __pfx_kthread+0x10/0x10 [ 15.392681] ret_from_fork+0x116/0x1d0 [ 15.392701] ? __pfx_kthread+0x10/0x10 [ 15.392722] ret_from_fork_asm+0x1a/0x30 [ 15.392755] </TASK> [ 15.392765] [ 15.401089] Allocated by task 282: [ 15.401223] kasan_save_stack+0x45/0x70 [ 15.401361] kasan_save_track+0x18/0x40 [ 15.401738] kasan_save_alloc_info+0x3b/0x50 [ 15.402013] __kasan_kmalloc+0xb7/0xc0 [ 15.402258] __kmalloc_cache_noprof+0x189/0x420 [ 15.402483] kasan_atomics+0x95/0x310 [ 15.402695] kunit_try_run_case+0x1a5/0x480 [ 15.402934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.403209] kthread+0x337/0x6f0 [ 15.403333] ret_from_fork+0x116/0x1d0 [ 15.403463] ret_from_fork_asm+0x1a/0x30 [ 15.403600] [ 15.403670] The buggy address belongs to the object at ffff8881026ce080 [ 15.403670] which belongs to the cache kmalloc-64 of size 64 [ 15.404059] The buggy address is located 0 bytes to the right of [ 15.404059] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.404662] [ 15.404763] The buggy address belongs to the physical page: [ 15.405022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.405518] flags: 0x200000000000000(node=0|zone=2) [ 15.405784] page_type: f5(slab) [ 15.405936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.406438] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.406893] page dumped because: kasan: bad access detected [ 15.407133] [ 15.407285] Memory state around the buggy address: [ 15.407510] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407855] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.408285] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.408551] ^ [ 15.408706] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408922] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409270] ================================================================== [ 14.834977] ================================================================== [ 14.835539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.836007] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.836293] [ 14.836386] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.836430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.836442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.836466] Call Trace: [ 14.836484] <TASK> [ 14.836503] dump_stack_lvl+0x73/0xb0 [ 14.836533] print_report+0xd1/0x610 [ 14.836557] ? __virt_addr_valid+0x1db/0x2d0 [ 14.836580] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.836603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.836627] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.836649] kasan_report+0x141/0x180 [ 14.836671] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.836699] __asan_report_load4_noabort+0x18/0x20 [ 14.836724] kasan_atomics_helper+0x4b54/0x5450 [ 14.836747] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.836770] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.836796] ? kasan_atomics+0x152/0x310 [ 14.836882] kasan_atomics+0x1dc/0x310 [ 14.836905] ? __pfx_kasan_atomics+0x10/0x10 [ 14.836930] ? __pfx_read_tsc+0x10/0x10 [ 14.836952] ? ktime_get_ts64+0x86/0x230 [ 14.836978] kunit_try_run_case+0x1a5/0x480 [ 14.837004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.837027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.837066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.837091] ? __kthread_parkme+0x82/0x180 [ 14.837112] ? preempt_count_sub+0x50/0x80 [ 14.837138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.837162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.837187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.837211] kthread+0x337/0x6f0 [ 14.837231] ? trace_preempt_on+0x20/0xc0 [ 14.837256] ? __pfx_kthread+0x10/0x10 [ 14.837277] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.837299] ? calculate_sigpending+0x7b/0xa0 [ 14.837325] ? __pfx_kthread+0x10/0x10 [ 14.837347] ret_from_fork+0x116/0x1d0 [ 14.837366] ? __pfx_kthread+0x10/0x10 [ 14.837387] ret_from_fork_asm+0x1a/0x30 [ 14.837421] </TASK> [ 14.837432] [ 14.846011] Allocated by task 282: [ 14.846236] kasan_save_stack+0x45/0x70 [ 14.846451] kasan_save_track+0x18/0x40 [ 14.846799] kasan_save_alloc_info+0x3b/0x50 [ 14.847023] __kasan_kmalloc+0xb7/0xc0 [ 14.847173] __kmalloc_cache_noprof+0x189/0x420 [ 14.847335] kasan_atomics+0x95/0x310 [ 14.847523] kunit_try_run_case+0x1a5/0x480 [ 14.848073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.848353] kthread+0x337/0x6f0 [ 14.848532] ret_from_fork+0x116/0x1d0 [ 14.848910] ret_from_fork_asm+0x1a/0x30 [ 14.849121] [ 14.849221] The buggy address belongs to the object at ffff8881026ce080 [ 14.849221] which belongs to the cache kmalloc-64 of size 64 [ 14.849733] The buggy address is located 0 bytes to the right of [ 14.849733] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.850348] [ 14.850456] The buggy address belongs to the physical page: [ 14.850736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.851097] flags: 0x200000000000000(node=0|zone=2) [ 14.851348] page_type: f5(slab) [ 14.851476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.851714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.852003] page dumped because: kasan: bad access detected [ 14.852264] [ 14.852360] Memory state around the buggy address: [ 14.852586] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.853248] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.853550] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.854015] ^ [ 14.854210] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.854433] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.854866] ================================================================== [ 14.878143] ================================================================== [ 14.878456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.878778] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.879149] [ 14.879247] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.879296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.879309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.879333] Call Trace: [ 14.879435] <TASK> [ 14.879458] dump_stack_lvl+0x73/0xb0 [ 14.879491] print_report+0xd1/0x610 [ 14.879516] ? __virt_addr_valid+0x1db/0x2d0 [ 14.879541] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.879564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.879588] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.879611] kasan_report+0x141/0x180 [ 14.879636] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.879664] __asan_report_store4_noabort+0x1b/0x30 [ 14.879690] kasan_atomics_helper+0x4b3a/0x5450 [ 14.879713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.879735] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.879762] ? kasan_atomics+0x152/0x310 [ 14.879790] kasan_atomics+0x1dc/0x310 [ 14.879825] ? __pfx_kasan_atomics+0x10/0x10 [ 14.879851] ? __pfx_read_tsc+0x10/0x10 [ 14.879872] ? ktime_get_ts64+0x86/0x230 [ 14.879899] kunit_try_run_case+0x1a5/0x480 [ 14.879925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.879948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.879974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.879998] ? __kthread_parkme+0x82/0x180 [ 14.880020] ? preempt_count_sub+0x50/0x80 [ 14.880046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.880083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.880107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.880132] kthread+0x337/0x6f0 [ 14.880152] ? trace_preempt_on+0x20/0xc0 [ 14.880176] ? __pfx_kthread+0x10/0x10 [ 14.880197] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.880219] ? calculate_sigpending+0x7b/0xa0 [ 14.880245] ? __pfx_kthread+0x10/0x10 [ 14.880267] ret_from_fork+0x116/0x1d0 [ 14.880287] ? __pfx_kthread+0x10/0x10 [ 14.880307] ret_from_fork_asm+0x1a/0x30 [ 14.880342] </TASK> [ 14.880352] [ 14.888460] Allocated by task 282: [ 14.888675] kasan_save_stack+0x45/0x70 [ 14.889011] kasan_save_track+0x18/0x40 [ 14.889214] kasan_save_alloc_info+0x3b/0x50 [ 14.889371] __kasan_kmalloc+0xb7/0xc0 [ 14.889507] __kmalloc_cache_noprof+0x189/0x420 [ 14.889971] kasan_atomics+0x95/0x310 [ 14.890184] kunit_try_run_case+0x1a5/0x480 [ 14.890400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.890616] kthread+0x337/0x6f0 [ 14.890740] ret_from_fork+0x116/0x1d0 [ 14.890877] ret_from_fork_asm+0x1a/0x30 [ 14.891334] [ 14.891439] The buggy address belongs to the object at ffff8881026ce080 [ 14.891439] which belongs to the cache kmalloc-64 of size 64 [ 14.892120] The buggy address is located 0 bytes to the right of [ 14.892120] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.892635] [ 14.892737] The buggy address belongs to the physical page: [ 14.893209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.893526] flags: 0x200000000000000(node=0|zone=2) [ 14.893747] page_type: f5(slab) [ 14.893872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.894143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.894490] page dumped because: kasan: bad access detected [ 14.894978] [ 14.895093] Memory state around the buggy address: [ 14.895297] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.895568] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.895796] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.896136] ^ [ 14.896370] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.896694] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.897194] ================================================================== [ 14.937494] ================================================================== [ 14.938217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.938567] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.938926] [ 14.939098] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.939171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.939196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.939234] Call Trace: [ 14.939253] <TASK> [ 14.939286] dump_stack_lvl+0x73/0xb0 [ 14.939317] print_report+0xd1/0x610 [ 14.939341] ? __virt_addr_valid+0x1db/0x2d0 [ 14.939364] ? kasan_atomics_helper+0x697/0x5450 [ 14.939405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.939430] ? kasan_atomics_helper+0x697/0x5450 [ 14.939452] kasan_report+0x141/0x180 [ 14.939475] ? kasan_atomics_helper+0x697/0x5450 [ 14.939503] kasan_check_range+0x10c/0x1c0 [ 14.939528] __kasan_check_write+0x18/0x20 [ 14.939548] kasan_atomics_helper+0x697/0x5450 [ 14.939572] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.939649] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.939677] ? kasan_atomics+0x152/0x310 [ 14.939706] kasan_atomics+0x1dc/0x310 [ 14.939730] ? __pfx_kasan_atomics+0x10/0x10 [ 14.939756] ? __pfx_read_tsc+0x10/0x10 [ 14.939777] ? ktime_get_ts64+0x86/0x230 [ 14.939973] kunit_try_run_case+0x1a5/0x480 [ 14.940003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.940066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.940091] ? __kthread_parkme+0x82/0x180 [ 14.940112] ? preempt_count_sub+0x50/0x80 [ 14.940138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.940188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.940212] kthread+0x337/0x6f0 [ 14.940232] ? trace_preempt_on+0x20/0xc0 [ 14.940256] ? __pfx_kthread+0x10/0x10 [ 14.940277] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.940299] ? calculate_sigpending+0x7b/0xa0 [ 14.940325] ? __pfx_kthread+0x10/0x10 [ 14.940348] ret_from_fork+0x116/0x1d0 [ 14.940367] ? __pfx_kthread+0x10/0x10 [ 14.940387] ret_from_fork_asm+0x1a/0x30 [ 14.940421] </TASK> [ 14.940431] [ 14.949832] Allocated by task 282: [ 14.950100] kasan_save_stack+0x45/0x70 [ 14.950331] kasan_save_track+0x18/0x40 [ 14.950506] kasan_save_alloc_info+0x3b/0x50 [ 14.950657] __kasan_kmalloc+0xb7/0xc0 [ 14.950918] __kmalloc_cache_noprof+0x189/0x420 [ 14.951180] kasan_atomics+0x95/0x310 [ 14.951489] kunit_try_run_case+0x1a5/0x480 [ 14.951714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952327] kthread+0x337/0x6f0 [ 14.952776] ret_from_fork+0x116/0x1d0 [ 14.953152] ret_from_fork_asm+0x1a/0x30 [ 14.953389] [ 14.953474] The buggy address belongs to the object at ffff8881026ce080 [ 14.953474] which belongs to the cache kmalloc-64 of size 64 [ 14.953953] The buggy address is located 0 bytes to the right of [ 14.953953] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.954701] [ 14.954802] The buggy address belongs to the physical page: [ 14.955350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.955800] flags: 0x200000000000000(node=0|zone=2) [ 14.956585] page_type: f5(slab) [ 14.956797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.957346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.958016] page dumped because: kasan: bad access detected [ 14.958264] [ 14.958352] Memory state around the buggy address: [ 14.958787] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959188] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.959678] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.960318] ^ [ 14.960664] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961065] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961638] ================================================================== [ 15.500160] ================================================================== [ 15.500813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.501512] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.502367] [ 15.502469] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.502514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.502526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.502551] Call Trace: [ 15.502569] <TASK> [ 15.502588] dump_stack_lvl+0x73/0xb0 [ 15.502618] print_report+0xd1/0x610 [ 15.502642] ? __virt_addr_valid+0x1db/0x2d0 [ 15.502665] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.502687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.502710] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.502733] kasan_report+0x141/0x180 [ 15.502756] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.502799] __asan_report_load4_noabort+0x18/0x20 [ 15.502825] kasan_atomics_helper+0x49e8/0x5450 [ 15.502848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.502871] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.502897] ? kasan_atomics+0x152/0x310 [ 15.502924] kasan_atomics+0x1dc/0x310 [ 15.502948] ? __pfx_kasan_atomics+0x10/0x10 [ 15.502972] ? __pfx_read_tsc+0x10/0x10 [ 15.502993] ? ktime_get_ts64+0x86/0x230 [ 15.503020] kunit_try_run_case+0x1a5/0x480 [ 15.503048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503081] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.503106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.503131] ? __kthread_parkme+0x82/0x180 [ 15.503153] ? preempt_count_sub+0x50/0x80 [ 15.503178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.503227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.503336] kthread+0x337/0x6f0 [ 15.503360] ? trace_preempt_on+0x20/0xc0 [ 15.503385] ? __pfx_kthread+0x10/0x10 [ 15.503406] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.503429] ? calculate_sigpending+0x7b/0xa0 [ 15.503454] ? __pfx_kthread+0x10/0x10 [ 15.503476] ret_from_fork+0x116/0x1d0 [ 15.503495] ? __pfx_kthread+0x10/0x10 [ 15.503515] ret_from_fork_asm+0x1a/0x30 [ 15.503550] </TASK> [ 15.503561] [ 15.516587] Allocated by task 282: [ 15.516738] kasan_save_stack+0x45/0x70 [ 15.517133] kasan_save_track+0x18/0x40 [ 15.517844] kasan_save_alloc_info+0x3b/0x50 [ 15.518444] __kasan_kmalloc+0xb7/0xc0 [ 15.518866] __kmalloc_cache_noprof+0x189/0x420 [ 15.519309] kasan_atomics+0x95/0x310 [ 15.519674] kunit_try_run_case+0x1a5/0x480 [ 15.520150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520387] kthread+0x337/0x6f0 [ 15.520512] ret_from_fork+0x116/0x1d0 [ 15.520648] ret_from_fork_asm+0x1a/0x30 [ 15.520937] [ 15.521161] The buggy address belongs to the object at ffff8881026ce080 [ 15.521161] which belongs to the cache kmalloc-64 of size 64 [ 15.522468] The buggy address is located 0 bytes to the right of [ 15.522468] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.523625] [ 15.523705] The buggy address belongs to the physical page: [ 15.524102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.524879] flags: 0x200000000000000(node=0|zone=2) [ 15.525149] page_type: f5(slab) [ 15.525277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.525511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.525761] page dumped because: kasan: bad access detected [ 15.526349] [ 15.526452] Memory state around the buggy address: [ 15.526625] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527005] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.527283] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.527580] ^ [ 15.527851] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528270] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528602] ================================================================== [ 15.555020] ================================================================== [ 15.555406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.556267] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.556534] [ 15.556662] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.556708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.556720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.556744] Call Trace: [ 15.556756] <TASK> [ 15.556773] dump_stack_lvl+0x73/0xb0 [ 15.557028] print_report+0xd1/0x610 [ 15.557092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.557116] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.557139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.557163] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.557185] kasan_report+0x141/0x180 [ 15.557209] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.557237] __asan_report_load4_noabort+0x18/0x20 [ 15.557262] kasan_atomics_helper+0x49ce/0x5450 [ 15.557286] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.557309] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.557335] ? kasan_atomics+0x152/0x310 [ 15.557364] kasan_atomics+0x1dc/0x310 [ 15.557388] ? __pfx_kasan_atomics+0x10/0x10 [ 15.557412] ? __pfx_read_tsc+0x10/0x10 [ 15.557434] ? ktime_get_ts64+0x86/0x230 [ 15.557460] kunit_try_run_case+0x1a5/0x480 [ 15.557485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.557508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.557535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.557559] ? __kthread_parkme+0x82/0x180 [ 15.557580] ? preempt_count_sub+0x50/0x80 [ 15.557707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.557732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.557757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.557782] kthread+0x337/0x6f0 [ 15.557802] ? trace_preempt_on+0x20/0xc0 [ 15.557827] ? __pfx_kthread+0x10/0x10 [ 15.557848] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.557871] ? calculate_sigpending+0x7b/0xa0 [ 15.557896] ? __pfx_kthread+0x10/0x10 [ 15.557918] ret_from_fork+0x116/0x1d0 [ 15.557937] ? __pfx_kthread+0x10/0x10 [ 15.557958] ret_from_fork_asm+0x1a/0x30 [ 15.557992] </TASK> [ 15.558003] [ 15.568075] Allocated by task 282: [ 15.568264] kasan_save_stack+0x45/0x70 [ 15.568455] kasan_save_track+0x18/0x40 [ 15.568913] kasan_save_alloc_info+0x3b/0x50 [ 15.569101] __kasan_kmalloc+0xb7/0xc0 [ 15.569429] __kmalloc_cache_noprof+0x189/0x420 [ 15.569672] kasan_atomics+0x95/0x310 [ 15.569965] kunit_try_run_case+0x1a5/0x480 [ 15.570264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.570623] kthread+0x337/0x6f0 [ 15.570883] ret_from_fork+0x116/0x1d0 [ 15.571034] ret_from_fork_asm+0x1a/0x30 [ 15.571383] [ 15.571565] The buggy address belongs to the object at ffff8881026ce080 [ 15.571565] which belongs to the cache kmalloc-64 of size 64 [ 15.572087] The buggy address is located 0 bytes to the right of [ 15.572087] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.572868] [ 15.572969] The buggy address belongs to the physical page: [ 15.573182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.573695] flags: 0x200000000000000(node=0|zone=2) [ 15.574008] page_type: f5(slab) [ 15.574201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.574703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.575136] page dumped because: kasan: bad access detected [ 15.575460] [ 15.575563] Memory state around the buggy address: [ 15.575878] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.576185] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.576501] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.577018] ^ [ 15.577204] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577674] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.578066] ================================================================== [ 15.578938] ================================================================== [ 15.579231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.580011] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.580278] [ 15.580398] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.580443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.580456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.580478] Call Trace: [ 15.580496] <TASK> [ 15.580514] dump_stack_lvl+0x73/0xb0 [ 15.580544] print_report+0xd1/0x610 [ 15.580567] ? __virt_addr_valid+0x1db/0x2d0 [ 15.580605] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.580626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.580650] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.580673] kasan_report+0x141/0x180 [ 15.580695] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.580723] kasan_check_range+0x10c/0x1c0 [ 15.580747] __kasan_check_read+0x15/0x20 [ 15.580767] kasan_atomics_helper+0x13b5/0x5450 [ 15.580790] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.580813] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.580839] ? kasan_atomics+0x152/0x310 [ 15.580867] kasan_atomics+0x1dc/0x310 [ 15.580891] ? __pfx_kasan_atomics+0x10/0x10 [ 15.580916] ? __pfx_read_tsc+0x10/0x10 [ 15.580937] ? ktime_get_ts64+0x86/0x230 [ 15.580963] kunit_try_run_case+0x1a5/0x480 [ 15.580988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.581036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.581072] ? __kthread_parkme+0x82/0x180 [ 15.581093] ? preempt_count_sub+0x50/0x80 [ 15.581118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.581167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.581192] kthread+0x337/0x6f0 [ 15.581212] ? trace_preempt_on+0x20/0xc0 [ 15.581236] ? __pfx_kthread+0x10/0x10 [ 15.581256] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.581279] ? calculate_sigpending+0x7b/0xa0 [ 15.581304] ? __pfx_kthread+0x10/0x10 [ 15.581326] ret_from_fork+0x116/0x1d0 [ 15.581345] ? __pfx_kthread+0x10/0x10 [ 15.581365] ret_from_fork_asm+0x1a/0x30 [ 15.581400] </TASK> [ 15.581411] [ 15.589153] Allocated by task 282: [ 15.589300] kasan_save_stack+0x45/0x70 [ 15.589505] kasan_save_track+0x18/0x40 [ 15.589812] kasan_save_alloc_info+0x3b/0x50 [ 15.589967] __kasan_kmalloc+0xb7/0xc0 [ 15.590112] __kmalloc_cache_noprof+0x189/0x420 [ 15.590322] kasan_atomics+0x95/0x310 [ 15.590510] kunit_try_run_case+0x1a5/0x480 [ 15.590739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.591168] kthread+0x337/0x6f0 [ 15.591292] ret_from_fork+0x116/0x1d0 [ 15.591425] ret_from_fork_asm+0x1a/0x30 [ 15.591565] [ 15.591637] The buggy address belongs to the object at ffff8881026ce080 [ 15.591637] which belongs to the cache kmalloc-64 of size 64 [ 15.592527] The buggy address is located 0 bytes to the right of [ 15.592527] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.593169] [ 15.593242] The buggy address belongs to the physical page: [ 15.593414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.593957] flags: 0x200000000000000(node=0|zone=2) [ 15.594144] page_type: f5(slab) [ 15.594276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.594513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.595228] page dumped because: kasan: bad access detected [ 15.595492] [ 15.595620] Memory state around the buggy address: [ 15.595849] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.596163] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.596473] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.596844] ^ [ 15.597085] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.597362] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598316] ================================================================== [ 15.739232] ================================================================== [ 15.739633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.739970] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.740334] [ 15.740461] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.740508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.740520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.740545] Call Trace: [ 15.740565] <TASK> [ 15.740585] dump_stack_lvl+0x73/0xb0 [ 15.740617] print_report+0xd1/0x610 [ 15.740641] ? __virt_addr_valid+0x1db/0x2d0 [ 15.740665] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.740687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.740710] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.740733] kasan_report+0x141/0x180 [ 15.740756] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.740784] kasan_check_range+0x10c/0x1c0 [ 15.740808] __kasan_check_write+0x18/0x20 [ 15.740828] kasan_atomics_helper+0x16e7/0x5450 [ 15.740852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.740874] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.740901] ? kasan_atomics+0x152/0x310 [ 15.740929] kasan_atomics+0x1dc/0x310 [ 15.740953] ? __pfx_kasan_atomics+0x10/0x10 [ 15.740978] ? __pfx_read_tsc+0x10/0x10 [ 15.741000] ? ktime_get_ts64+0x86/0x230 [ 15.741026] kunit_try_run_case+0x1a5/0x480 [ 15.741065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.741089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.741117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.741142] ? __kthread_parkme+0x82/0x180 [ 15.741165] ? preempt_count_sub+0x50/0x80 [ 15.741191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.741216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.741252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.741277] kthread+0x337/0x6f0 [ 15.741303] ? trace_preempt_on+0x20/0xc0 [ 15.741329] ? __pfx_kthread+0x10/0x10 [ 15.741350] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.741372] ? calculate_sigpending+0x7b/0xa0 [ 15.741398] ? __pfx_kthread+0x10/0x10 [ 15.741420] ret_from_fork+0x116/0x1d0 [ 15.741439] ? __pfx_kthread+0x10/0x10 [ 15.741461] ret_from_fork_asm+0x1a/0x30 [ 15.741495] </TASK> [ 15.741507] [ 15.750847] Allocated by task 282: [ 15.751429] kasan_save_stack+0x45/0x70 [ 15.752350] kasan_save_track+0x18/0x40 [ 15.752543] kasan_save_alloc_info+0x3b/0x50 [ 15.752906] __kasan_kmalloc+0xb7/0xc0 [ 15.753108] __kmalloc_cache_noprof+0x189/0x420 [ 15.753330] kasan_atomics+0x95/0x310 [ 15.753469] kunit_try_run_case+0x1a5/0x480 [ 15.753618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.753796] kthread+0x337/0x6f0 [ 15.753921] ret_from_fork+0x116/0x1d0 [ 15.754329] ret_from_fork_asm+0x1a/0x30 [ 15.754535] [ 15.756127] The buggy address belongs to the object at ffff8881026ce080 [ 15.756127] which belongs to the cache kmalloc-64 of size 64 [ 15.756904] The buggy address is located 0 bytes to the right of [ 15.756904] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.757387] [ 15.757468] The buggy address belongs to the physical page: [ 15.757659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.758033] flags: 0x200000000000000(node=0|zone=2) [ 15.758264] page_type: f5(slab) [ 15.758388] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.758647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.758996] page dumped because: kasan: bad access detected [ 15.759311] [ 15.759385] Memory state around the buggy address: [ 15.759540] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.759952] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.761190] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.761533] ^ [ 15.761743] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762139] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762368] ================================================================== [ 15.254469] ================================================================== [ 15.255329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.255661] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.256136] [ 15.256485] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.256634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.256649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.256674] Call Trace: [ 15.256694] <TASK> [ 15.256716] dump_stack_lvl+0x73/0xb0 [ 15.256757] print_report+0xd1/0x610 [ 15.256783] ? __virt_addr_valid+0x1db/0x2d0 [ 15.256807] ? kasan_atomics_helper+0xde0/0x5450 [ 15.256864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.256889] ? kasan_atomics_helper+0xde0/0x5450 [ 15.256912] kasan_report+0x141/0x180 [ 15.256935] ? kasan_atomics_helper+0xde0/0x5450 [ 15.256963] kasan_check_range+0x10c/0x1c0 [ 15.256988] __kasan_check_write+0x18/0x20 [ 15.257007] kasan_atomics_helper+0xde0/0x5450 [ 15.257031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.257064] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.257090] ? kasan_atomics+0x152/0x310 [ 15.257119] kasan_atomics+0x1dc/0x310 [ 15.257143] ? __pfx_kasan_atomics+0x10/0x10 [ 15.257169] ? __pfx_read_tsc+0x10/0x10 [ 15.257191] ? ktime_get_ts64+0x86/0x230 [ 15.257217] kunit_try_run_case+0x1a5/0x480 [ 15.257245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.257295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.257320] ? __kthread_parkme+0x82/0x180 [ 15.257342] ? preempt_count_sub+0x50/0x80 [ 15.257368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.257443] kthread+0x337/0x6f0 [ 15.257463] ? trace_preempt_on+0x20/0xc0 [ 15.257487] ? __pfx_kthread+0x10/0x10 [ 15.257508] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.257532] ? calculate_sigpending+0x7b/0xa0 [ 15.257558] ? __pfx_kthread+0x10/0x10 [ 15.257580] ret_from_fork+0x116/0x1d0 [ 15.257599] ? __pfx_kthread+0x10/0x10 [ 15.257620] ret_from_fork_asm+0x1a/0x30 [ 15.257654] </TASK> [ 15.257666] [ 15.266140] Allocated by task 282: [ 15.266296] kasan_save_stack+0x45/0x70 [ 15.266447] kasan_save_track+0x18/0x40 [ 15.266586] kasan_save_alloc_info+0x3b/0x50 [ 15.266801] __kasan_kmalloc+0xb7/0xc0 [ 15.266995] __kmalloc_cache_noprof+0x189/0x420 [ 15.267231] kasan_atomics+0x95/0x310 [ 15.267437] kunit_try_run_case+0x1a5/0x480 [ 15.267720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.268029] kthread+0x337/0x6f0 [ 15.268165] ret_from_fork+0x116/0x1d0 [ 15.268303] ret_from_fork_asm+0x1a/0x30 [ 15.268528] [ 15.268663] The buggy address belongs to the object at ffff8881026ce080 [ 15.268663] which belongs to the cache kmalloc-64 of size 64 [ 15.269145] The buggy address is located 0 bytes to the right of [ 15.269145] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.269703] [ 15.269822] The buggy address belongs to the physical page: [ 15.270012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.270272] flags: 0x200000000000000(node=0|zone=2) [ 15.270441] page_type: f5(slab) [ 15.270564] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.270866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.271220] page dumped because: kasan: bad access detected [ 15.271472] [ 15.271565] Memory state around the buggy address: [ 15.271939] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.272262] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.272576] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.272797] ^ [ 15.273004] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273334] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273648] ================================================================== [ 15.959728] ================================================================== [ 15.960142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.960477] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.960823] [ 15.960948] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.961005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.961018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.961041] Call Trace: [ 15.961065] <TASK> [ 15.961082] dump_stack_lvl+0x73/0xb0 [ 15.961112] print_report+0xd1/0x610 [ 15.961145] ? __virt_addr_valid+0x1db/0x2d0 [ 15.961169] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.961202] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.961226] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.961249] kasan_report+0x141/0x180 [ 15.961272] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.961301] kasan_check_range+0x10c/0x1c0 [ 15.961326] __kasan_check_write+0x18/0x20 [ 15.961346] kasan_atomics_helper+0x1d7a/0x5450 [ 15.961379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.961402] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.961438] ? kasan_atomics+0x152/0x310 [ 15.961466] kasan_atomics+0x1dc/0x310 [ 15.961490] ? __pfx_kasan_atomics+0x10/0x10 [ 15.961515] ? __pfx_read_tsc+0x10/0x10 [ 15.961536] ? ktime_get_ts64+0x86/0x230 [ 15.961561] kunit_try_run_case+0x1a5/0x480 [ 15.961597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.961622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.961647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.961681] ? __kthread_parkme+0x82/0x180 [ 15.961701] ? preempt_count_sub+0x50/0x80 [ 15.961726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.961761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.961786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.961811] kthread+0x337/0x6f0 [ 15.961831] ? trace_preempt_on+0x20/0xc0 [ 15.961863] ? __pfx_kthread+0x10/0x10 [ 15.961884] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.961906] ? calculate_sigpending+0x7b/0xa0 [ 15.961941] ? __pfx_kthread+0x10/0x10 [ 15.961963] ret_from_fork+0x116/0x1d0 [ 15.961982] ? __pfx_kthread+0x10/0x10 [ 15.962003] ret_from_fork_asm+0x1a/0x30 [ 15.962037] </TASK> [ 15.962047] [ 15.969886] Allocated by task 282: [ 15.970091] kasan_save_stack+0x45/0x70 [ 15.970306] kasan_save_track+0x18/0x40 [ 15.970488] kasan_save_alloc_info+0x3b/0x50 [ 15.970711] __kasan_kmalloc+0xb7/0xc0 [ 15.970887] __kmalloc_cache_noprof+0x189/0x420 [ 15.971105] kasan_atomics+0x95/0x310 [ 15.971295] kunit_try_run_case+0x1a5/0x480 [ 15.971471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.971715] kthread+0x337/0x6f0 [ 15.971890] ret_from_fork+0x116/0x1d0 [ 15.972030] ret_from_fork_asm+0x1a/0x30 [ 15.972234] [ 15.972328] The buggy address belongs to the object at ffff8881026ce080 [ 15.972328] which belongs to the cache kmalloc-64 of size 64 [ 15.972871] The buggy address is located 0 bytes to the right of [ 15.972871] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.973536] [ 15.973658] The buggy address belongs to the physical page: [ 15.973928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.974301] flags: 0x200000000000000(node=0|zone=2) [ 15.974542] page_type: f5(slab) [ 15.974766] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.975163] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.975503] page dumped because: kasan: bad access detected [ 15.975752] [ 15.975858] Memory state around the buggy address: [ 15.976087] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.976311] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.976533] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.976752] ^ [ 15.976959] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.977348] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.977677] ================================================================== [ 16.042066] ================================================================== [ 16.042315] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.042548] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.042770] [ 16.042876] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.042919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.042930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.043432] Call Trace: [ 16.043450] <TASK> [ 16.043467] dump_stack_lvl+0x73/0xb0 [ 16.043498] print_report+0xd1/0x610 [ 16.043522] ? __virt_addr_valid+0x1db/0x2d0 [ 16.043546] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.043593] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043617] kasan_report+0x141/0x180 [ 16.043640] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043669] __asan_report_load8_noabort+0x18/0x20 [ 16.043694] kasan_atomics_helper+0x4f71/0x5450 [ 16.043718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.043742] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.043769] ? kasan_atomics+0x152/0x310 [ 16.043797] kasan_atomics+0x1dc/0x310 [ 16.043821] ? __pfx_kasan_atomics+0x10/0x10 [ 16.043845] ? __pfx_read_tsc+0x10/0x10 [ 16.043867] ? ktime_get_ts64+0x86/0x230 [ 16.043892] kunit_try_run_case+0x1a5/0x480 [ 16.043917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.043941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.043966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.043990] ? __kthread_parkme+0x82/0x180 [ 16.044011] ? preempt_count_sub+0x50/0x80 [ 16.044037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.044076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.044151] kthread+0x337/0x6f0 [ 16.044171] ? trace_preempt_on+0x20/0xc0 [ 16.044213] ? __pfx_kthread+0x10/0x10 [ 16.044234] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.044268] ? calculate_sigpending+0x7b/0xa0 [ 16.044293] ? __pfx_kthread+0x10/0x10 [ 16.044315] ret_from_fork+0x116/0x1d0 [ 16.044335] ? __pfx_kthread+0x10/0x10 [ 16.044356] ret_from_fork_asm+0x1a/0x30 [ 16.044389] </TASK> [ 16.044401] [ 16.051969] Allocated by task 282: [ 16.052109] kasan_save_stack+0x45/0x70 [ 16.052254] kasan_save_track+0x18/0x40 [ 16.052439] kasan_save_alloc_info+0x3b/0x50 [ 16.052739] __kasan_kmalloc+0xb7/0xc0 [ 16.052929] __kmalloc_cache_noprof+0x189/0x420 [ 16.053194] kasan_atomics+0x95/0x310 [ 16.053355] kunit_try_run_case+0x1a5/0x480 [ 16.053547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.053802] kthread+0x337/0x6f0 [ 16.053967] ret_from_fork+0x116/0x1d0 [ 16.054113] ret_from_fork_asm+0x1a/0x30 [ 16.054304] [ 16.054405] The buggy address belongs to the object at ffff8881026ce080 [ 16.054405] which belongs to the cache kmalloc-64 of size 64 [ 16.054918] The buggy address is located 0 bytes to the right of [ 16.054918] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.055538] [ 16.055652] The buggy address belongs to the physical page: [ 16.055930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.056261] flags: 0x200000000000000(node=0|zone=2) [ 16.056428] page_type: f5(slab) [ 16.056553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.056915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.057310] page dumped because: kasan: bad access detected [ 16.057535] [ 16.057654] Memory state around the buggy address: [ 16.057885] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058162] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.058489] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.058799] ^ [ 16.059012] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059242] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059460] ================================================================== [ 16.189365] ================================================================== [ 16.189717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.190037] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.190284] [ 16.190374] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.190416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.190428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.190451] Call Trace: [ 16.190470] <TASK> [ 16.190487] dump_stack_lvl+0x73/0xb0 [ 16.190516] print_report+0xd1/0x610 [ 16.190538] ? __virt_addr_valid+0x1db/0x2d0 [ 16.190562] ? kasan_atomics_helper+0x5115/0x5450 [ 16.190606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.190630] ? kasan_atomics_helper+0x5115/0x5450 [ 16.190653] kasan_report+0x141/0x180 [ 16.190676] ? kasan_atomics_helper+0x5115/0x5450 [ 16.190705] __asan_report_load8_noabort+0x18/0x20 [ 16.190731] kasan_atomics_helper+0x5115/0x5450 [ 16.190755] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.190779] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.190805] ? kasan_atomics+0x152/0x310 [ 16.190834] kasan_atomics+0x1dc/0x310 [ 16.190858] ? __pfx_kasan_atomics+0x10/0x10 [ 16.190883] ? __pfx_read_tsc+0x10/0x10 [ 16.190904] ? ktime_get_ts64+0x86/0x230 [ 16.190930] kunit_try_run_case+0x1a5/0x480 [ 16.190956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.190980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.191007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.191033] ? __kthread_parkme+0x82/0x180 [ 16.191062] ? preempt_count_sub+0x50/0x80 [ 16.191088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.191114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.191139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.191165] kthread+0x337/0x6f0 [ 16.191185] ? trace_preempt_on+0x20/0xc0 [ 16.191210] ? __pfx_kthread+0x10/0x10 [ 16.191231] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.191254] ? calculate_sigpending+0x7b/0xa0 [ 16.191279] ? __pfx_kthread+0x10/0x10 [ 16.191301] ret_from_fork+0x116/0x1d0 [ 16.191321] ? __pfx_kthread+0x10/0x10 [ 16.191342] ret_from_fork_asm+0x1a/0x30 [ 16.191375] </TASK> [ 16.191386] [ 16.198552] Allocated by task 282: [ 16.198701] kasan_save_stack+0x45/0x70 [ 16.198847] kasan_save_track+0x18/0x40 [ 16.199029] kasan_save_alloc_info+0x3b/0x50 [ 16.199251] __kasan_kmalloc+0xb7/0xc0 [ 16.199438] __kmalloc_cache_noprof+0x189/0x420 [ 16.199690] kasan_atomics+0x95/0x310 [ 16.199886] kunit_try_run_case+0x1a5/0x480 [ 16.200080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.200317] kthread+0x337/0x6f0 [ 16.200479] ret_from_fork+0x116/0x1d0 [ 16.200684] ret_from_fork_asm+0x1a/0x30 [ 16.200873] [ 16.200962] The buggy address belongs to the object at ffff8881026ce080 [ 16.200962] which belongs to the cache kmalloc-64 of size 64 [ 16.201458] The buggy address is located 0 bytes to the right of [ 16.201458] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.201907] [ 16.201983] The buggy address belongs to the physical page: [ 16.202224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.202598] flags: 0x200000000000000(node=0|zone=2) [ 16.202843] page_type: f5(slab) [ 16.202989] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.203253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.203496] page dumped because: kasan: bad access detected [ 16.203778] [ 16.203876] Memory state around the buggy address: [ 16.204113] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204445] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.204790] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.205018] ^ [ 16.205255] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205536] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205776] ================================================================== [ 14.962151] ================================================================== [ 14.962480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.963009] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.963739] [ 14.963841] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.964775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.964820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.964847] Call Trace: [ 14.964870] <TASK> [ 14.964892] dump_stack_lvl+0x73/0xb0 [ 14.964927] print_report+0xd1/0x610 [ 14.964952] ? __virt_addr_valid+0x1db/0x2d0 [ 14.964978] ? kasan_atomics_helper+0x72f/0x5450 [ 14.965000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.965024] ? kasan_atomics_helper+0x72f/0x5450 [ 14.965048] kasan_report+0x141/0x180 [ 14.965180] ? kasan_atomics_helper+0x72f/0x5450 [ 14.965209] kasan_check_range+0x10c/0x1c0 [ 14.965234] __kasan_check_write+0x18/0x20 [ 14.965253] kasan_atomics_helper+0x72f/0x5450 [ 14.965277] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.965300] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.965326] ? kasan_atomics+0x152/0x310 [ 14.965355] kasan_atomics+0x1dc/0x310 [ 14.965378] ? __pfx_kasan_atomics+0x10/0x10 [ 14.965404] ? __pfx_read_tsc+0x10/0x10 [ 14.965425] ? ktime_get_ts64+0x86/0x230 [ 14.965450] kunit_try_run_case+0x1a5/0x480 [ 14.965476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.965499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.965524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.965549] ? __kthread_parkme+0x82/0x180 [ 14.965594] ? preempt_count_sub+0x50/0x80 [ 14.965620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.965645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.965670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.965694] kthread+0x337/0x6f0 [ 14.965714] ? trace_preempt_on+0x20/0xc0 [ 14.965739] ? __pfx_kthread+0x10/0x10 [ 14.965760] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.965782] ? calculate_sigpending+0x7b/0xa0 [ 14.965864] ? __pfx_kthread+0x10/0x10 [ 14.965886] ret_from_fork+0x116/0x1d0 [ 14.965906] ? __pfx_kthread+0x10/0x10 [ 14.965927] ret_from_fork_asm+0x1a/0x30 [ 14.965960] </TASK> [ 14.965972] [ 14.977222] Allocated by task 282: [ 14.977376] kasan_save_stack+0x45/0x70 [ 14.977718] kasan_save_track+0x18/0x40 [ 14.977929] kasan_save_alloc_info+0x3b/0x50 [ 14.978345] __kasan_kmalloc+0xb7/0xc0 [ 14.978638] __kmalloc_cache_noprof+0x189/0x420 [ 14.978952] kasan_atomics+0x95/0x310 [ 14.979167] kunit_try_run_case+0x1a5/0x480 [ 14.979438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.979940] kthread+0x337/0x6f0 [ 14.980155] ret_from_fork+0x116/0x1d0 [ 14.980347] ret_from_fork_asm+0x1a/0x30 [ 14.980545] [ 14.980672] The buggy address belongs to the object at ffff8881026ce080 [ 14.980672] which belongs to the cache kmalloc-64 of size 64 [ 14.981476] The buggy address is located 0 bytes to the right of [ 14.981476] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.982115] [ 14.982226] The buggy address belongs to the physical page: [ 14.982477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.982824] flags: 0x200000000000000(node=0|zone=2) [ 14.983148] page_type: f5(slab) [ 14.983471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.984127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.984621] page dumped because: kasan: bad access detected [ 14.984868] [ 14.984963] Memory state around the buggy address: [ 14.985196] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.985495] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.985818] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.986221] ^ [ 14.986378] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.986720] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987019] ================================================================== [ 15.410682] ================================================================== [ 15.411180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.411750] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.412612] [ 15.412704] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.413103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.413117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.413140] Call Trace: [ 15.413157] <TASK> [ 15.413174] dump_stack_lvl+0x73/0xb0 [ 15.413204] print_report+0xd1/0x610 [ 15.413226] ? __virt_addr_valid+0x1db/0x2d0 [ 15.413251] ? kasan_atomics_helper+0x1148/0x5450 [ 15.413274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.413298] ? kasan_atomics_helper+0x1148/0x5450 [ 15.413320] kasan_report+0x141/0x180 [ 15.413344] ? kasan_atomics_helper+0x1148/0x5450 [ 15.413372] kasan_check_range+0x10c/0x1c0 [ 15.413395] __kasan_check_write+0x18/0x20 [ 15.413416] kasan_atomics_helper+0x1148/0x5450 [ 15.413439] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.413462] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.413488] ? kasan_atomics+0x152/0x310 [ 15.413517] kasan_atomics+0x1dc/0x310 [ 15.413539] ? __pfx_kasan_atomics+0x10/0x10 [ 15.413565] ? __pfx_read_tsc+0x10/0x10 [ 15.413600] ? ktime_get_ts64+0x86/0x230 [ 15.413626] kunit_try_run_case+0x1a5/0x480 [ 15.413651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.413674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.413700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.413724] ? __kthread_parkme+0x82/0x180 [ 15.413745] ? preempt_count_sub+0x50/0x80 [ 15.413770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.413795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.413821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.413845] kthread+0x337/0x6f0 [ 15.413865] ? trace_preempt_on+0x20/0xc0 [ 15.413889] ? __pfx_kthread+0x10/0x10 [ 15.413909] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.413933] ? calculate_sigpending+0x7b/0xa0 [ 15.413957] ? __pfx_kthread+0x10/0x10 [ 15.413979] ret_from_fork+0x116/0x1d0 [ 15.413998] ? __pfx_kthread+0x10/0x10 [ 15.414019] ret_from_fork_asm+0x1a/0x30 [ 15.414062] </TASK> [ 15.414072] [ 15.425923] Allocated by task 282: [ 15.426370] kasan_save_stack+0x45/0x70 [ 15.426581] kasan_save_track+0x18/0x40 [ 15.426765] kasan_save_alloc_info+0x3b/0x50 [ 15.427093] __kasan_kmalloc+0xb7/0xc0 [ 15.427641] __kmalloc_cache_noprof+0x189/0x420 [ 15.428121] kasan_atomics+0x95/0x310 [ 15.428299] kunit_try_run_case+0x1a5/0x480 [ 15.428867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.429317] kthread+0x337/0x6f0 [ 15.429524] ret_from_fork+0x116/0x1d0 [ 15.429980] ret_from_fork_asm+0x1a/0x30 [ 15.430208] [ 15.430313] The buggy address belongs to the object at ffff8881026ce080 [ 15.430313] which belongs to the cache kmalloc-64 of size 64 [ 15.431213] The buggy address is located 0 bytes to the right of [ 15.431213] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.432220] [ 15.432305] The buggy address belongs to the physical page: [ 15.432769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.433160] flags: 0x200000000000000(node=0|zone=2) [ 15.433545] page_type: f5(slab) [ 15.433767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.434491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.434928] page dumped because: kasan: bad access detected [ 15.435216] [ 15.435305] Memory state around the buggy address: [ 15.435519] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436444] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.437004] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.437441] ^ [ 15.437846] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438371] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438873] ================================================================== [ 15.221087] ================================================================== [ 15.221743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.222454] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.222722] [ 15.222822] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.222870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.222884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.222910] Call Trace: [ 15.222931] <TASK> [ 15.222952] dump_stack_lvl+0x73/0xb0 [ 15.223680] print_report+0xd1/0x610 [ 15.223708] ? __virt_addr_valid+0x1db/0x2d0 [ 15.223735] ? kasan_atomics_helper+0xd47/0x5450 [ 15.223758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.223783] ? kasan_atomics_helper+0xd47/0x5450 [ 15.223806] kasan_report+0x141/0x180 [ 15.223829] ? kasan_atomics_helper+0xd47/0x5450 [ 15.223861] kasan_check_range+0x10c/0x1c0 [ 15.223888] __kasan_check_write+0x18/0x20 [ 15.223908] kasan_atomics_helper+0xd47/0x5450 [ 15.223932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.223956] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.223982] ? kasan_atomics+0x152/0x310 [ 15.224012] kasan_atomics+0x1dc/0x310 [ 15.224035] ? __pfx_kasan_atomics+0x10/0x10 [ 15.224180] ? __pfx_read_tsc+0x10/0x10 [ 15.224206] ? ktime_get_ts64+0x86/0x230 [ 15.224232] kunit_try_run_case+0x1a5/0x480 [ 15.224261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224284] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.224311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.224336] ? __kthread_parkme+0x82/0x180 [ 15.224359] ? preempt_count_sub+0x50/0x80 [ 15.224385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.224459] kthread+0x337/0x6f0 [ 15.224479] ? trace_preempt_on+0x20/0xc0 [ 15.224505] ? __pfx_kthread+0x10/0x10 [ 15.224525] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.224547] ? calculate_sigpending+0x7b/0xa0 [ 15.224596] ? __pfx_kthread+0x10/0x10 [ 15.224619] ret_from_fork+0x116/0x1d0 [ 15.224637] ? __pfx_kthread+0x10/0x10 [ 15.224659] ret_from_fork_asm+0x1a/0x30 [ 15.224693] </TASK> [ 15.224705] [ 15.240042] Allocated by task 282: [ 15.240505] kasan_save_stack+0x45/0x70 [ 15.240980] kasan_save_track+0x18/0x40 [ 15.241186] kasan_save_alloc_info+0x3b/0x50 [ 15.241392] __kasan_kmalloc+0xb7/0xc0 [ 15.241569] __kmalloc_cache_noprof+0x189/0x420 [ 15.241777] kasan_atomics+0x95/0x310 [ 15.242213] kunit_try_run_case+0x1a5/0x480 [ 15.242642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243133] kthread+0x337/0x6f0 [ 15.243502] ret_from_fork+0x116/0x1d0 [ 15.243840] ret_from_fork_asm+0x1a/0x30 [ 15.244201] [ 15.244300] The buggy address belongs to the object at ffff8881026ce080 [ 15.244300] which belongs to the cache kmalloc-64 of size 64 [ 15.245376] The buggy address is located 0 bytes to the right of [ 15.245376] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.246152] [ 15.246262] The buggy address belongs to the physical page: [ 15.246505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.247564] flags: 0x200000000000000(node=0|zone=2) [ 15.248025] page_type: f5(slab) [ 15.248455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.249139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.249678] page dumped because: kasan: bad access detected [ 15.250103] [ 15.250205] Memory state around the buggy address: [ 15.250418] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.251110] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.251653] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.252176] ^ [ 15.252395] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.252944] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253461] ================================================================== [ 15.470457] ================================================================== [ 15.470714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.471260] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.472328] [ 15.472475] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.472523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.472535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.472558] Call Trace: [ 15.472574] <TASK> [ 15.472591] dump_stack_lvl+0x73/0xb0 [ 15.472622] print_report+0xd1/0x610 [ 15.472744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.472801] ? kasan_atomics_helper+0x1217/0x5450 [ 15.472836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.472975] ? kasan_atomics_helper+0x1217/0x5450 [ 15.472998] kasan_report+0x141/0x180 [ 15.473021] ? kasan_atomics_helper+0x1217/0x5450 [ 15.473061] kasan_check_range+0x10c/0x1c0 [ 15.473085] __kasan_check_write+0x18/0x20 [ 15.473106] kasan_atomics_helper+0x1217/0x5450 [ 15.473130] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.473153] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.473180] ? kasan_atomics+0x152/0x310 [ 15.473208] kasan_atomics+0x1dc/0x310 [ 15.473232] ? __pfx_kasan_atomics+0x10/0x10 [ 15.473256] ? __pfx_read_tsc+0x10/0x10 [ 15.473278] ? ktime_get_ts64+0x86/0x230 [ 15.473303] kunit_try_run_case+0x1a5/0x480 [ 15.473329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.473378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.473402] ? __kthread_parkme+0x82/0x180 [ 15.473423] ? preempt_count_sub+0x50/0x80 [ 15.473448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.473497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.473522] kthread+0x337/0x6f0 [ 15.473542] ? trace_preempt_on+0x20/0xc0 [ 15.473566] ? __pfx_kthread+0x10/0x10 [ 15.473588] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.473609] ? calculate_sigpending+0x7b/0xa0 [ 15.473634] ? __pfx_kthread+0x10/0x10 [ 15.473657] ret_from_fork+0x116/0x1d0 [ 15.473675] ? __pfx_kthread+0x10/0x10 [ 15.473696] ret_from_fork_asm+0x1a/0x30 [ 15.473729] </TASK> [ 15.473739] [ 15.486036] Allocated by task 282: [ 15.486193] kasan_save_stack+0x45/0x70 [ 15.486355] kasan_save_track+0x18/0x40 [ 15.487007] kasan_save_alloc_info+0x3b/0x50 [ 15.487209] __kasan_kmalloc+0xb7/0xc0 [ 15.487352] __kmalloc_cache_noprof+0x189/0x420 [ 15.487513] kasan_atomics+0x95/0x310 [ 15.487651] kunit_try_run_case+0x1a5/0x480 [ 15.487800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.487979] kthread+0x337/0x6f0 [ 15.488114] ret_from_fork+0x116/0x1d0 [ 15.488251] ret_from_fork_asm+0x1a/0x30 [ 15.488472] [ 15.488570] The buggy address belongs to the object at ffff8881026ce080 [ 15.488570] which belongs to the cache kmalloc-64 of size 64 [ 15.490506] The buggy address is located 0 bytes to the right of [ 15.490506] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.490895] [ 15.490972] The buggy address belongs to the physical page: [ 15.491519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.492329] flags: 0x200000000000000(node=0|zone=2) [ 15.492518] page_type: f5(slab) [ 15.492647] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.492877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.494314] page dumped because: kasan: bad access detected [ 15.495361] [ 15.495446] Memory state around the buggy address: [ 15.495619] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.495839] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496612] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.497304] ^ [ 15.497778] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.498620] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499300] ================================================================== [ 15.094987] ================================================================== [ 15.095384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.095739] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.096058] [ 15.096158] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.096232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.096247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.096271] Call Trace: [ 15.096292] <TASK> [ 15.096314] dump_stack_lvl+0x73/0xb0 [ 15.096364] print_report+0xd1/0x610 [ 15.096388] ? __virt_addr_valid+0x1db/0x2d0 [ 15.096412] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.096456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.096480] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.096503] kasan_report+0x141/0x180 [ 15.096545] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.096606] kasan_check_range+0x10c/0x1c0 [ 15.096632] __kasan_check_write+0x18/0x20 [ 15.096651] kasan_atomics_helper+0xa2b/0x5450 [ 15.096675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.096699] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.096724] ? kasan_atomics+0x152/0x310 [ 15.096754] kasan_atomics+0x1dc/0x310 [ 15.096777] ? __pfx_kasan_atomics+0x10/0x10 [ 15.096820] ? __pfx_read_tsc+0x10/0x10 [ 15.096844] ? ktime_get_ts64+0x86/0x230 [ 15.096870] kunit_try_run_case+0x1a5/0x480 [ 15.096897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.096921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.096948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.096973] ? __kthread_parkme+0x82/0x180 [ 15.096995] ? preempt_count_sub+0x50/0x80 [ 15.097022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.097106] kthread+0x337/0x6f0 [ 15.097126] ? trace_preempt_on+0x20/0xc0 [ 15.097150] ? __pfx_kthread+0x10/0x10 [ 15.097172] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.097195] ? calculate_sigpending+0x7b/0xa0 [ 15.097221] ? __pfx_kthread+0x10/0x10 [ 15.097283] ret_from_fork+0x116/0x1d0 [ 15.097304] ? __pfx_kthread+0x10/0x10 [ 15.097325] ret_from_fork_asm+0x1a/0x30 [ 15.097360] </TASK> [ 15.097370] [ 15.110249] Allocated by task 282: [ 15.110439] kasan_save_stack+0x45/0x70 [ 15.111078] kasan_save_track+0x18/0x40 [ 15.111451] kasan_save_alloc_info+0x3b/0x50 [ 15.111697] __kasan_kmalloc+0xb7/0xc0 [ 15.112031] __kmalloc_cache_noprof+0x189/0x420 [ 15.112435] kasan_atomics+0x95/0x310 [ 15.112783] kunit_try_run_case+0x1a5/0x480 [ 15.113215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.113665] kthread+0x337/0x6f0 [ 15.114102] ret_from_fork+0x116/0x1d0 [ 15.114299] ret_from_fork_asm+0x1a/0x30 [ 15.114489] [ 15.114883] The buggy address belongs to the object at ffff8881026ce080 [ 15.114883] which belongs to the cache kmalloc-64 of size 64 [ 15.116156] The buggy address is located 0 bytes to the right of [ 15.116156] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.116544] [ 15.116963] The buggy address belongs to the physical page: [ 15.117738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.118629] flags: 0x200000000000000(node=0|zone=2) [ 15.119299] page_type: f5(slab) [ 15.119614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.120037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.120284] page dumped because: kasan: bad access detected [ 15.120457] [ 15.120528] Memory state around the buggy address: [ 15.120767] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121335] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.121830] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.122464] ^ [ 15.122697] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123628] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.124151] ================================================================== [ 15.996967] ================================================================== [ 15.997560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.997974] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.998230] [ 15.998323] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.998366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.998379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.998403] Call Trace: [ 15.998420] <TASK> [ 15.998437] dump_stack_lvl+0x73/0xb0 [ 15.998468] print_report+0xd1/0x610 [ 15.998491] ? __virt_addr_valid+0x1db/0x2d0 [ 15.998515] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.998537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.998561] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.998584] kasan_report+0x141/0x180 [ 15.998618] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.998647] kasan_check_range+0x10c/0x1c0 [ 15.998672] __kasan_check_write+0x18/0x20 [ 15.998692] kasan_atomics_helper+0x1eaa/0x5450 [ 15.998717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.998740] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.998767] ? kasan_atomics+0x152/0x310 [ 15.998796] kasan_atomics+0x1dc/0x310 [ 15.998820] ? __pfx_kasan_atomics+0x10/0x10 [ 15.998846] ? __pfx_read_tsc+0x10/0x10 [ 15.998868] ? ktime_get_ts64+0x86/0x230 [ 15.998906] kunit_try_run_case+0x1a5/0x480 [ 15.998932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.998976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.999003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.999028] ? __kthread_parkme+0x82/0x180 [ 15.999079] ? preempt_count_sub+0x50/0x80 [ 15.999105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.999130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.999155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.999181] kthread+0x337/0x6f0 [ 15.999200] ? trace_preempt_on+0x20/0xc0 [ 15.999225] ? __pfx_kthread+0x10/0x10 [ 15.999246] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.999268] ? calculate_sigpending+0x7b/0xa0 [ 15.999294] ? __pfx_kthread+0x10/0x10 [ 15.999316] ret_from_fork+0x116/0x1d0 [ 15.999335] ? __pfx_kthread+0x10/0x10 [ 15.999356] ret_from_fork_asm+0x1a/0x30 [ 15.999389] </TASK> [ 15.999399] [ 16.010449] Allocated by task 282: [ 16.011030] kasan_save_stack+0x45/0x70 [ 16.011242] kasan_save_track+0x18/0x40 [ 16.011808] kasan_save_alloc_info+0x3b/0x50 [ 16.012009] __kasan_kmalloc+0xb7/0xc0 [ 16.012157] __kmalloc_cache_noprof+0x189/0x420 [ 16.012689] kasan_atomics+0x95/0x310 [ 16.012831] kunit_try_run_case+0x1a5/0x480 [ 16.012976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.013267] kthread+0x337/0x6f0 [ 16.013395] ret_from_fork+0x116/0x1d0 [ 16.013531] ret_from_fork_asm+0x1a/0x30 [ 16.013674] [ 16.013747] The buggy address belongs to the object at ffff8881026ce080 [ 16.013747] which belongs to the cache kmalloc-64 of size 64 [ 16.014115] The buggy address is located 0 bytes to the right of [ 16.014115] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.014498] [ 16.014598] The buggy address belongs to the physical page: [ 16.014858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.015233] flags: 0x200000000000000(node=0|zone=2) [ 16.015474] page_type: f5(slab) [ 16.015596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.015831] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.017092] page dumped because: kasan: bad access detected [ 16.017364] [ 16.017461] Memory state around the buggy address: [ 16.017724] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.017992] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.018263] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.018975] ^ [ 16.019238] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019568] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019880] ================================================================== [ 16.117138] ================================================================== [ 16.117643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.117993] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.118333] [ 16.118443] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.118485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.118496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.118518] Call Trace: [ 16.118532] <TASK> [ 16.118546] dump_stack_lvl+0x73/0xb0 [ 16.118573] print_report+0xd1/0x610 [ 16.118595] ? __virt_addr_valid+0x1db/0x2d0 [ 16.118648] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.118671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.118695] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.118717] kasan_report+0x141/0x180 [ 16.118740] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.118768] __asan_report_load8_noabort+0x18/0x20 [ 16.118793] kasan_atomics_helper+0x4fb2/0x5450 [ 16.118817] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.118840] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.118865] ? kasan_atomics+0x152/0x310 [ 16.118894] kasan_atomics+0x1dc/0x310 [ 16.118918] ? __pfx_kasan_atomics+0x10/0x10 [ 16.118943] ? __pfx_read_tsc+0x10/0x10 [ 16.118964] ? ktime_get_ts64+0x86/0x230 [ 16.118988] kunit_try_run_case+0x1a5/0x480 [ 16.119013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.119036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.119073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.119098] ? __kthread_parkme+0x82/0x180 [ 16.119118] ? preempt_count_sub+0x50/0x80 [ 16.119143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.119168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.119208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.119233] kthread+0x337/0x6f0 [ 16.119253] ? trace_preempt_on+0x20/0xc0 [ 16.119277] ? __pfx_kthread+0x10/0x10 [ 16.119299] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.119322] ? calculate_sigpending+0x7b/0xa0 [ 16.119346] ? __pfx_kthread+0x10/0x10 [ 16.119368] ret_from_fork+0x116/0x1d0 [ 16.119387] ? __pfx_kthread+0x10/0x10 [ 16.119409] ret_from_fork_asm+0x1a/0x30 [ 16.119442] </TASK> [ 16.119452] [ 16.126876] Allocated by task 282: [ 16.127022] kasan_save_stack+0x45/0x70 [ 16.127184] kasan_save_track+0x18/0x40 [ 16.127396] kasan_save_alloc_info+0x3b/0x50 [ 16.127605] __kasan_kmalloc+0xb7/0xc0 [ 16.127815] __kmalloc_cache_noprof+0x189/0x420 [ 16.128077] kasan_atomics+0x95/0x310 [ 16.128235] kunit_try_run_case+0x1a5/0x480 [ 16.128445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.128742] kthread+0x337/0x6f0 [ 16.128873] ret_from_fork+0x116/0x1d0 [ 16.129011] ret_from_fork_asm+0x1a/0x30 [ 16.129165] [ 16.129278] The buggy address belongs to the object at ffff8881026ce080 [ 16.129278] which belongs to the cache kmalloc-64 of size 64 [ 16.129809] The buggy address is located 0 bytes to the right of [ 16.129809] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.130341] [ 16.130416] The buggy address belongs to the physical page: [ 16.130593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.130962] flags: 0x200000000000000(node=0|zone=2) [ 16.131241] page_type: f5(slab) [ 16.131440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.131927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.132253] page dumped because: kasan: bad access detected [ 16.132476] [ 16.132549] Memory state around the buggy address: [ 16.132706] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.133027] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.133347] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.133573] ^ [ 16.133819] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.134103] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.134354] ================================================================== [ 14.764507] ================================================================== [ 14.764910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.765352] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.765659] [ 14.765781] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.765868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.765880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.765903] Call Trace: [ 14.765920] <TASK> [ 14.765939] dump_stack_lvl+0x73/0xb0 [ 14.765970] print_report+0xd1/0x610 [ 14.765992] ? __virt_addr_valid+0x1db/0x2d0 [ 14.766015] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.766035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.766070] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.766092] kasan_report+0x141/0x180 [ 14.766113] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.766140] __asan_report_load4_noabort+0x18/0x20 [ 14.766164] kasan_atomics_helper+0x4b88/0x5450 [ 14.766186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.766212] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.766237] ? kasan_atomics+0x152/0x310 [ 14.766263] kasan_atomics+0x1dc/0x310 [ 14.766286] ? __pfx_kasan_atomics+0x10/0x10 [ 14.766310] ? __pfx_read_tsc+0x10/0x10 [ 14.766330] ? ktime_get_ts64+0x86/0x230 [ 14.766355] kunit_try_run_case+0x1a5/0x480 [ 14.766380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.766402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.766427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.766450] ? __kthread_parkme+0x82/0x180 [ 14.766470] ? preempt_count_sub+0x50/0x80 [ 14.766495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.766518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.766542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.766566] kthread+0x337/0x6f0 [ 14.766584] ? trace_preempt_on+0x20/0xc0 [ 14.766607] ? __pfx_kthread+0x10/0x10 [ 14.766627] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.766648] ? calculate_sigpending+0x7b/0xa0 [ 14.766672] ? __pfx_kthread+0x10/0x10 [ 14.766693] ret_from_fork+0x116/0x1d0 [ 14.766711] ? __pfx_kthread+0x10/0x10 [ 14.766731] ret_from_fork_asm+0x1a/0x30 [ 14.766764] </TASK> [ 14.766774] [ 14.775194] Allocated by task 282: [ 14.775383] kasan_save_stack+0x45/0x70 [ 14.775586] kasan_save_track+0x18/0x40 [ 14.775763] kasan_save_alloc_info+0x3b/0x50 [ 14.776013] __kasan_kmalloc+0xb7/0xc0 [ 14.776197] __kmalloc_cache_noprof+0x189/0x420 [ 14.776414] kasan_atomics+0x95/0x310 [ 14.776606] kunit_try_run_case+0x1a5/0x480 [ 14.776792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777016] kthread+0x337/0x6f0 [ 14.777281] ret_from_fork+0x116/0x1d0 [ 14.777465] ret_from_fork_asm+0x1a/0x30 [ 14.777745] [ 14.777907] The buggy address belongs to the object at ffff8881026ce080 [ 14.777907] which belongs to the cache kmalloc-64 of size 64 [ 14.778295] The buggy address is located 0 bytes to the right of [ 14.778295] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.778830] [ 14.778927] The buggy address belongs to the physical page: [ 14.779187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.779511] flags: 0x200000000000000(node=0|zone=2) [ 14.779678] page_type: f5(slab) [ 14.779800] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.780035] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.780579] page dumped because: kasan: bad access detected [ 14.780912] [ 14.781010] Memory state around the buggy address: [ 14.781250] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.781468] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.782086] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.782355] ^ [ 14.782577] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.782943] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.783217] ================================================================== [ 16.079232] ================================================================== [ 16.079571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.079909] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.080249] [ 16.080350] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.080390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.080402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.080423] Call Trace: [ 16.080439] <TASK> [ 16.080454] dump_stack_lvl+0x73/0xb0 [ 16.080482] print_report+0xd1/0x610 [ 16.080504] ? __virt_addr_valid+0x1db/0x2d0 [ 16.080528] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.080549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.080573] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.080621] kasan_report+0x141/0x180 [ 16.080644] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.080673] __asan_report_load8_noabort+0x18/0x20 [ 16.080698] kasan_atomics_helper+0x4f98/0x5450 [ 16.080722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.080745] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.080770] ? kasan_atomics+0x152/0x310 [ 16.080798] kasan_atomics+0x1dc/0x310 [ 16.080821] ? __pfx_kasan_atomics+0x10/0x10 [ 16.080846] ? __pfx_read_tsc+0x10/0x10 [ 16.080888] ? ktime_get_ts64+0x86/0x230 [ 16.080914] kunit_try_run_case+0x1a5/0x480 [ 16.080938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.080961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.080987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.081011] ? __kthread_parkme+0x82/0x180 [ 16.081047] ? preempt_count_sub+0x50/0x80 [ 16.081081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.081130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.081156] kthread+0x337/0x6f0 [ 16.081175] ? trace_preempt_on+0x20/0xc0 [ 16.081199] ? __pfx_kthread+0x10/0x10 [ 16.081238] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.081261] ? calculate_sigpending+0x7b/0xa0 [ 16.081286] ? __pfx_kthread+0x10/0x10 [ 16.081309] ret_from_fork+0x116/0x1d0 [ 16.081328] ? __pfx_kthread+0x10/0x10 [ 16.081349] ret_from_fork_asm+0x1a/0x30 [ 16.081382] </TASK> [ 16.081392] [ 16.088908] Allocated by task 282: [ 16.089036] kasan_save_stack+0x45/0x70 [ 16.089192] kasan_save_track+0x18/0x40 [ 16.089375] kasan_save_alloc_info+0x3b/0x50 [ 16.089587] __kasan_kmalloc+0xb7/0xc0 [ 16.089801] __kmalloc_cache_noprof+0x189/0x420 [ 16.090024] kasan_atomics+0x95/0x310 [ 16.090249] kunit_try_run_case+0x1a5/0x480 [ 16.090464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.090735] kthread+0x337/0x6f0 [ 16.090878] ret_from_fork+0x116/0x1d0 [ 16.091014] ret_from_fork_asm+0x1a/0x30 [ 16.091165] [ 16.091237] The buggy address belongs to the object at ffff8881026ce080 [ 16.091237] which belongs to the cache kmalloc-64 of size 64 [ 16.091722] The buggy address is located 0 bytes to the right of [ 16.091722] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.092771] [ 16.092873] The buggy address belongs to the physical page: [ 16.093148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.093491] flags: 0x200000000000000(node=0|zone=2) [ 16.093714] page_type: f5(slab) [ 16.093836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.094109] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.094473] page dumped because: kasan: bad access detected [ 16.094800] [ 16.094871] Memory state around the buggy address: [ 16.095083] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.095424] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.095686] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.096149] ^ [ 16.096316] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.096536] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.097206] ================================================================== [ 15.190998] ================================================================== [ 15.191695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.193498] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.195137] [ 15.195268] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.195317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.195330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.195355] Call Trace: [ 15.195375] <TASK> [ 15.195394] dump_stack_lvl+0x73/0xb0 [ 15.195427] print_report+0xd1/0x610 [ 15.195450] ? __virt_addr_valid+0x1db/0x2d0 [ 15.195475] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.195498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.195521] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.195544] kasan_report+0x141/0x180 [ 15.195568] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.196042] __asan_report_load4_noabort+0x18/0x20 [ 15.196090] kasan_atomics_helper+0x4a84/0x5450 [ 15.196115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.196139] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.196165] ? kasan_atomics+0x152/0x310 [ 15.196195] kasan_atomics+0x1dc/0x310 [ 15.196217] ? __pfx_kasan_atomics+0x10/0x10 [ 15.196243] ? __pfx_read_tsc+0x10/0x10 [ 15.196265] ? ktime_get_ts64+0x86/0x230 [ 15.196292] kunit_try_run_case+0x1a5/0x480 [ 15.196318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.196368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.196392] ? __kthread_parkme+0x82/0x180 [ 15.196414] ? preempt_count_sub+0x50/0x80 [ 15.196439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.196515] kthread+0x337/0x6f0 [ 15.196535] ? trace_preempt_on+0x20/0xc0 [ 15.196559] ? __pfx_kthread+0x10/0x10 [ 15.196580] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.196602] ? calculate_sigpending+0x7b/0xa0 [ 15.196628] ? __pfx_kthread+0x10/0x10 [ 15.196651] ret_from_fork+0x116/0x1d0 [ 15.196669] ? __pfx_kthread+0x10/0x10 [ 15.196691] ret_from_fork_asm+0x1a/0x30 [ 15.196724] </TASK> [ 15.196736] [ 15.210547] Allocated by task 282: [ 15.210902] kasan_save_stack+0x45/0x70 [ 15.211405] kasan_save_track+0x18/0x40 [ 15.211576] kasan_save_alloc_info+0x3b/0x50 [ 15.211998] __kasan_kmalloc+0xb7/0xc0 [ 15.212374] __kmalloc_cache_noprof+0x189/0x420 [ 15.212877] kasan_atomics+0x95/0x310 [ 15.213016] kunit_try_run_case+0x1a5/0x480 [ 15.213175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213353] kthread+0x337/0x6f0 [ 15.213475] ret_from_fork+0x116/0x1d0 [ 15.213633] ret_from_fork_asm+0x1a/0x30 [ 15.213776] [ 15.213854] The buggy address belongs to the object at ffff8881026ce080 [ 15.213854] which belongs to the cache kmalloc-64 of size 64 [ 15.214273] The buggy address is located 0 bytes to the right of [ 15.214273] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.214885] [ 15.214985] The buggy address belongs to the physical page: [ 15.215256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.215570] flags: 0x200000000000000(node=0|zone=2) [ 15.215840] page_type: f5(slab) [ 15.215966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.216975] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.217284] page dumped because: kasan: bad access detected [ 15.217530] [ 15.217604] Memory state around the buggy address: [ 15.217982] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.218282] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.218743] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.219335] ^ [ 15.219548] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220039] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220374] ================================================================== [ 16.021753] ================================================================== [ 16.022839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.023144] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.023423] [ 16.023524] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.023570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.023583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.023606] Call Trace: [ 16.023625] <TASK> [ 16.023646] dump_stack_lvl+0x73/0xb0 [ 16.023677] print_report+0xd1/0x610 [ 16.023700] ? __virt_addr_valid+0x1db/0x2d0 [ 16.023723] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.023745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.023769] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.023792] kasan_report+0x141/0x180 [ 16.023816] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.023862] kasan_check_range+0x10c/0x1c0 [ 16.023887] __kasan_check_write+0x18/0x20 [ 16.023907] kasan_atomics_helper+0x1f43/0x5450 [ 16.023931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.023954] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.023981] ? kasan_atomics+0x152/0x310 [ 16.024009] kasan_atomics+0x1dc/0x310 [ 16.024032] ? __pfx_kasan_atomics+0x10/0x10 [ 16.024828] ? __pfx_read_tsc+0x10/0x10 [ 16.024860] ? ktime_get_ts64+0x86/0x230 [ 16.024887] kunit_try_run_case+0x1a5/0x480 [ 16.024915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.024938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.024965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.024989] ? __kthread_parkme+0x82/0x180 [ 16.025011] ? preempt_count_sub+0x50/0x80 [ 16.025037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.025229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.025258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.025283] kthread+0x337/0x6f0 [ 16.025306] ? trace_preempt_on+0x20/0xc0 [ 16.025330] ? __pfx_kthread+0x10/0x10 [ 16.025351] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.025374] ? calculate_sigpending+0x7b/0xa0 [ 16.025398] ? __pfx_kthread+0x10/0x10 [ 16.025420] ret_from_fork+0x116/0x1d0 [ 16.025439] ? __pfx_kthread+0x10/0x10 [ 16.025460] ret_from_fork_asm+0x1a/0x30 [ 16.025493] </TASK> [ 16.025505] [ 16.033872] Allocated by task 282: [ 16.034067] kasan_save_stack+0x45/0x70 [ 16.034279] kasan_save_track+0x18/0x40 [ 16.034419] kasan_save_alloc_info+0x3b/0x50 [ 16.034622] __kasan_kmalloc+0xb7/0xc0 [ 16.034909] __kmalloc_cache_noprof+0x189/0x420 [ 16.035090] kasan_atomics+0x95/0x310 [ 16.035227] kunit_try_run_case+0x1a5/0x480 [ 16.035440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.035894] kthread+0x337/0x6f0 [ 16.036081] ret_from_fork+0x116/0x1d0 [ 16.036289] ret_from_fork_asm+0x1a/0x30 [ 16.036451] [ 16.036550] The buggy address belongs to the object at ffff8881026ce080 [ 16.036550] which belongs to the cache kmalloc-64 of size 64 [ 16.037081] The buggy address is located 0 bytes to the right of [ 16.037081] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.037515] [ 16.037609] The buggy address belongs to the physical page: [ 16.037907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.038213] flags: 0x200000000000000(node=0|zone=2) [ 16.038652] page_type: f5(slab) [ 16.038825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.039168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.039459] page dumped because: kasan: bad access detected [ 16.039717] [ 16.039900] Memory state around the buggy address: [ 16.040068] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.040349] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.040763] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.040991] ^ [ 16.041157] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041376] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041589] ================================================================== [ 14.917383] ================================================================== [ 14.917745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.918178] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.918615] [ 14.918734] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.918780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.918791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.918816] Call Trace: [ 14.918835] <TASK> [ 14.918852] dump_stack_lvl+0x73/0xb0 [ 14.918883] print_report+0xd1/0x610 [ 14.918906] ? __virt_addr_valid+0x1db/0x2d0 [ 14.918930] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.918952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.918976] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.918999] kasan_report+0x141/0x180 [ 14.919021] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.919111] kasan_check_range+0x10c/0x1c0 [ 14.919139] __kasan_check_write+0x18/0x20 [ 14.919159] kasan_atomics_helper+0x5fe/0x5450 [ 14.919182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.919206] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.919232] ? kasan_atomics+0x152/0x310 [ 14.919261] kasan_atomics+0x1dc/0x310 [ 14.919284] ? __pfx_kasan_atomics+0x10/0x10 [ 14.919310] ? __pfx_read_tsc+0x10/0x10 [ 14.919331] ? ktime_get_ts64+0x86/0x230 [ 14.919357] kunit_try_run_case+0x1a5/0x480 [ 14.919383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.919406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.919431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.919456] ? __kthread_parkme+0x82/0x180 [ 14.919478] ? preempt_count_sub+0x50/0x80 [ 14.919504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.919528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.919553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.919578] kthread+0x337/0x6f0 [ 14.919597] ? trace_preempt_on+0x20/0xc0 [ 14.919622] ? __pfx_kthread+0x10/0x10 [ 14.919642] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.919665] ? calculate_sigpending+0x7b/0xa0 [ 14.919690] ? __pfx_kthread+0x10/0x10 [ 14.919712] ret_from_fork+0x116/0x1d0 [ 14.919731] ? __pfx_kthread+0x10/0x10 [ 14.919752] ret_from_fork_asm+0x1a/0x30 [ 14.919786] </TASK> [ 14.919796] [ 14.928216] Allocated by task 282: [ 14.928422] kasan_save_stack+0x45/0x70 [ 14.928647] kasan_save_track+0x18/0x40 [ 14.928788] kasan_save_alloc_info+0x3b/0x50 [ 14.929001] __kasan_kmalloc+0xb7/0xc0 [ 14.929199] __kmalloc_cache_noprof+0x189/0x420 [ 14.929413] kasan_atomics+0x95/0x310 [ 14.929574] kunit_try_run_case+0x1a5/0x480 [ 14.929958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.930204] kthread+0x337/0x6f0 [ 14.930332] ret_from_fork+0x116/0x1d0 [ 14.930482] ret_from_fork_asm+0x1a/0x30 [ 14.930790] [ 14.930904] The buggy address belongs to the object at ffff8881026ce080 [ 14.930904] which belongs to the cache kmalloc-64 of size 64 [ 14.931418] The buggy address is located 0 bytes to the right of [ 14.931418] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.932303] [ 14.932403] The buggy address belongs to the physical page: [ 14.932671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.933078] flags: 0x200000000000000(node=0|zone=2) [ 14.933291] page_type: f5(slab) [ 14.933443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.933680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.933910] page dumped because: kasan: bad access detected [ 14.934136] [ 14.934335] Memory state around the buggy address: [ 14.934564] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934882] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.935497] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.936024] ^ [ 14.936330] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.936716] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937130] ================================================================== [ 15.292574] ================================================================== [ 15.293099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.293397] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.293768] [ 15.293980] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.294026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.294039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.294075] Call Trace: [ 15.294091] <TASK> [ 15.294108] dump_stack_lvl+0x73/0xb0 [ 15.294138] print_report+0xd1/0x610 [ 15.294160] ? __virt_addr_valid+0x1db/0x2d0 [ 15.294184] ? kasan_atomics_helper+0xf10/0x5450 [ 15.294209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.294232] ? kasan_atomics_helper+0xf10/0x5450 [ 15.294255] kasan_report+0x141/0x180 [ 15.294277] ? kasan_atomics_helper+0xf10/0x5450 [ 15.294305] kasan_check_range+0x10c/0x1c0 [ 15.294330] __kasan_check_write+0x18/0x20 [ 15.294350] kasan_atomics_helper+0xf10/0x5450 [ 15.294373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.294396] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.294422] ? kasan_atomics+0x152/0x310 [ 15.294451] kasan_atomics+0x1dc/0x310 [ 15.294474] ? __pfx_kasan_atomics+0x10/0x10 [ 15.294499] ? __pfx_read_tsc+0x10/0x10 [ 15.294520] ? ktime_get_ts64+0x86/0x230 [ 15.294546] kunit_try_run_case+0x1a5/0x480 [ 15.294572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.294595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.294620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.294645] ? __kthread_parkme+0x82/0x180 [ 15.294666] ? preempt_count_sub+0x50/0x80 [ 15.294691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.294716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.294740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.294765] kthread+0x337/0x6f0 [ 15.294785] ? trace_preempt_on+0x20/0xc0 [ 15.294809] ? __pfx_kthread+0x10/0x10 [ 15.294830] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.294853] ? calculate_sigpending+0x7b/0xa0 [ 15.294877] ? __pfx_kthread+0x10/0x10 [ 15.294900] ret_from_fork+0x116/0x1d0 [ 15.294919] ? __pfx_kthread+0x10/0x10 [ 15.294939] ret_from_fork_asm+0x1a/0x30 [ 15.294973] </TASK> [ 15.294984] [ 15.303466] Allocated by task 282: [ 15.303632] kasan_save_stack+0x45/0x70 [ 15.303918] kasan_save_track+0x18/0x40 [ 15.304144] kasan_save_alloc_info+0x3b/0x50 [ 15.304364] __kasan_kmalloc+0xb7/0xc0 [ 15.304556] __kmalloc_cache_noprof+0x189/0x420 [ 15.304765] kasan_atomics+0x95/0x310 [ 15.305145] kunit_try_run_case+0x1a5/0x480 [ 15.305342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.305575] kthread+0x337/0x6f0 [ 15.305730] ret_from_fork+0x116/0x1d0 [ 15.306082] ret_from_fork_asm+0x1a/0x30 [ 15.306268] [ 15.306366] The buggy address belongs to the object at ffff8881026ce080 [ 15.306366] which belongs to the cache kmalloc-64 of size 64 [ 15.307019] The buggy address is located 0 bytes to the right of [ 15.307019] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.307396] [ 15.307469] The buggy address belongs to the physical page: [ 15.307644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.308395] flags: 0x200000000000000(node=0|zone=2) [ 15.308643] page_type: f5(slab) [ 15.308814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.309215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.309911] page dumped because: kasan: bad access detected [ 15.310113] [ 15.310186] Memory state around the buggy address: [ 15.310352] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310674] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.311257] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.311582] ^ [ 15.311792] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312072] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312288] ================================================================== [ 14.814542] ================================================================== [ 14.815292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.815772] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.816358] [ 14.816479] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.816529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.816541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.816564] Call Trace: [ 14.816584] <TASK> [ 14.816604] dump_stack_lvl+0x73/0xb0 [ 14.816634] print_report+0xd1/0x610 [ 14.816658] ? __virt_addr_valid+0x1db/0x2d0 [ 14.816683] ? kasan_atomics_helper+0x3df/0x5450 [ 14.816705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.816729] ? kasan_atomics_helper+0x3df/0x5450 [ 14.816751] kasan_report+0x141/0x180 [ 14.816774] ? kasan_atomics_helper+0x3df/0x5450 [ 14.816802] kasan_check_range+0x10c/0x1c0 [ 14.816826] __kasan_check_read+0x15/0x20 [ 14.816845] kasan_atomics_helper+0x3df/0x5450 [ 14.816869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.816892] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.816917] ? kasan_atomics+0x152/0x310 [ 14.816945] kasan_atomics+0x1dc/0x310 [ 14.816968] ? __pfx_kasan_atomics+0x10/0x10 [ 14.816993] ? __pfx_read_tsc+0x10/0x10 [ 14.817014] ? ktime_get_ts64+0x86/0x230 [ 14.817040] kunit_try_run_case+0x1a5/0x480 [ 14.817269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.817294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.817321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.817346] ? __kthread_parkme+0x82/0x180 [ 14.817367] ? preempt_count_sub+0x50/0x80 [ 14.817393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.817418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.817442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.817467] kthread+0x337/0x6f0 [ 14.817487] ? trace_preempt_on+0x20/0xc0 [ 14.817511] ? __pfx_kthread+0x10/0x10 [ 14.817532] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.817554] ? calculate_sigpending+0x7b/0xa0 [ 14.817579] ? __pfx_kthread+0x10/0x10 [ 14.817616] ret_from_fork+0x116/0x1d0 [ 14.817636] ? __pfx_kthread+0x10/0x10 [ 14.817657] ret_from_fork_asm+0x1a/0x30 [ 14.817691] </TASK> [ 14.817701] [ 14.826436] Allocated by task 282: [ 14.826631] kasan_save_stack+0x45/0x70 [ 14.826894] kasan_save_track+0x18/0x40 [ 14.827100] kasan_save_alloc_info+0x3b/0x50 [ 14.827315] __kasan_kmalloc+0xb7/0xc0 [ 14.827485] __kmalloc_cache_noprof+0x189/0x420 [ 14.827741] kasan_atomics+0x95/0x310 [ 14.827880] kunit_try_run_case+0x1a5/0x480 [ 14.828101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.828362] kthread+0x337/0x6f0 [ 14.828527] ret_from_fork+0x116/0x1d0 [ 14.828724] ret_from_fork_asm+0x1a/0x30 [ 14.828902] [ 14.828978] The buggy address belongs to the object at ffff8881026ce080 [ 14.828978] which belongs to the cache kmalloc-64 of size 64 [ 14.829499] The buggy address is located 0 bytes to the right of [ 14.829499] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.830009] [ 14.830124] The buggy address belongs to the physical page: [ 14.830350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.830598] flags: 0x200000000000000(node=0|zone=2) [ 14.830767] page_type: f5(slab) [ 14.830898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.831253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.831587] page dumped because: kasan: bad access detected [ 14.831780] [ 14.831850] Memory state around the buggy address: [ 14.832008] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.832623] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.833233] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.833507] ^ [ 14.833740] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.834077] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.834298] ================================================================== [ 15.312649] ================================================================== [ 15.312880] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.313323] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.313771] [ 15.313963] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.314006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.314018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.314041] Call Trace: [ 15.314070] <TASK> [ 15.314086] dump_stack_lvl+0x73/0xb0 [ 15.314116] print_report+0xd1/0x610 [ 15.314138] ? __virt_addr_valid+0x1db/0x2d0 [ 15.314161] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.314182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.314208] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.314231] kasan_report+0x141/0x180 [ 15.314253] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.314279] kasan_check_range+0x10c/0x1c0 [ 15.314303] __kasan_check_write+0x18/0x20 [ 15.314322] kasan_atomics_helper+0xfa9/0x5450 [ 15.314345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.314367] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.314392] ? kasan_atomics+0x152/0x310 [ 15.314419] kasan_atomics+0x1dc/0x310 [ 15.314442] ? __pfx_kasan_atomics+0x10/0x10 [ 15.314466] ? __pfx_read_tsc+0x10/0x10 [ 15.314487] ? ktime_get_ts64+0x86/0x230 [ 15.314513] kunit_try_run_case+0x1a5/0x480 [ 15.314540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.314590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.314614] ? __kthread_parkme+0x82/0x180 [ 15.314704] ? preempt_count_sub+0x50/0x80 [ 15.314732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.314786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.314851] kthread+0x337/0x6f0 [ 15.314873] ? trace_preempt_on+0x20/0xc0 [ 15.314897] ? __pfx_kthread+0x10/0x10 [ 15.314918] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.314942] ? calculate_sigpending+0x7b/0xa0 [ 15.314968] ? __pfx_kthread+0x10/0x10 [ 15.314991] ret_from_fork+0x116/0x1d0 [ 15.315010] ? __pfx_kthread+0x10/0x10 [ 15.315032] ret_from_fork_asm+0x1a/0x30 [ 15.315077] </TASK> [ 15.315089] [ 15.325528] Allocated by task 282: [ 15.325676] kasan_save_stack+0x45/0x70 [ 15.325828] kasan_save_track+0x18/0x40 [ 15.325962] kasan_save_alloc_info+0x3b/0x50 [ 15.326144] __kasan_kmalloc+0xb7/0xc0 [ 15.326339] __kmalloc_cache_noprof+0x189/0x420 [ 15.327091] kasan_atomics+0x95/0x310 [ 15.327498] kunit_try_run_case+0x1a5/0x480 [ 15.328009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328535] kthread+0x337/0x6f0 [ 15.328960] ret_from_fork+0x116/0x1d0 [ 15.329323] ret_from_fork_asm+0x1a/0x30 [ 15.329748] [ 15.329833] The buggy address belongs to the object at ffff8881026ce080 [ 15.329833] which belongs to the cache kmalloc-64 of size 64 [ 15.330192] The buggy address is located 0 bytes to the right of [ 15.330192] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.330555] [ 15.330628] The buggy address belongs to the physical page: [ 15.330800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.331036] flags: 0x200000000000000(node=0|zone=2) [ 15.331775] page_type: f5(slab) [ 15.332190] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.332981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.333802] page dumped because: kasan: bad access detected [ 15.334377] [ 15.334613] Memory state around the buggy address: [ 15.335153] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335850] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.336516] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.337266] ^ [ 15.337757] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.338479] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339248] ================================================================== [ 15.822172] ================================================================== [ 15.822499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.822918] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.823247] [ 15.823368] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.823414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.823427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.823450] Call Trace: [ 15.823471] <TASK> [ 15.823491] dump_stack_lvl+0x73/0xb0 [ 15.823520] print_report+0xd1/0x610 [ 15.823544] ? __virt_addr_valid+0x1db/0x2d0 [ 15.823576] ? kasan_atomics_helper+0x194a/0x5450 [ 15.823598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.823622] ? kasan_atomics_helper+0x194a/0x5450 [ 15.823645] kasan_report+0x141/0x180 [ 15.823668] ? kasan_atomics_helper+0x194a/0x5450 [ 15.823719] kasan_check_range+0x10c/0x1c0 [ 15.823745] __kasan_check_write+0x18/0x20 [ 15.823764] kasan_atomics_helper+0x194a/0x5450 [ 15.823800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.823824] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.823850] ? kasan_atomics+0x152/0x310 [ 15.823878] kasan_atomics+0x1dc/0x310 [ 15.823902] ? __pfx_kasan_atomics+0x10/0x10 [ 15.823927] ? __pfx_read_tsc+0x10/0x10 [ 15.823948] ? ktime_get_ts64+0x86/0x230 [ 15.823975] kunit_try_run_case+0x1a5/0x480 [ 15.824001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.824058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.824082] ? __kthread_parkme+0x82/0x180 [ 15.824106] ? preempt_count_sub+0x50/0x80 [ 15.824131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.824156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.824190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.824215] kthread+0x337/0x6f0 [ 15.824235] ? trace_preempt_on+0x20/0xc0 [ 15.824271] ? __pfx_kthread+0x10/0x10 [ 15.824293] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.824315] ? calculate_sigpending+0x7b/0xa0 [ 15.824351] ? __pfx_kthread+0x10/0x10 [ 15.824375] ret_from_fork+0x116/0x1d0 [ 15.824394] ? __pfx_kthread+0x10/0x10 [ 15.824414] ret_from_fork_asm+0x1a/0x30 [ 15.824448] </TASK> [ 15.824460] [ 15.832003] Allocated by task 282: [ 15.832146] kasan_save_stack+0x45/0x70 [ 15.832356] kasan_save_track+0x18/0x40 [ 15.832549] kasan_save_alloc_info+0x3b/0x50 [ 15.832832] __kasan_kmalloc+0xb7/0xc0 [ 15.833024] __kmalloc_cache_noprof+0x189/0x420 [ 15.833257] kasan_atomics+0x95/0x310 [ 15.833440] kunit_try_run_case+0x1a5/0x480 [ 15.833675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833929] kthread+0x337/0x6f0 [ 15.834118] ret_from_fork+0x116/0x1d0 [ 15.834307] ret_from_fork_asm+0x1a/0x30 [ 15.834506] [ 15.834630] The buggy address belongs to the object at ffff8881026ce080 [ 15.834630] which belongs to the cache kmalloc-64 of size 64 [ 15.835099] The buggy address is located 0 bytes to the right of [ 15.835099] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.835480] [ 15.835594] The buggy address belongs to the physical page: [ 15.835869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.836238] flags: 0x200000000000000(node=0|zone=2) [ 15.836483] page_type: f5(slab) [ 15.836702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.837068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.837305] page dumped because: kasan: bad access detected [ 15.837483] [ 15.837555] Memory state around the buggy address: [ 15.837804] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838165] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.838514] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.838878] ^ [ 15.839077] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.839430] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.839765] ================================================================== [ 15.339969] ================================================================== [ 15.340760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.341294] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.341525] [ 15.341719] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.341815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.341828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.341851] Call Trace: [ 15.341892] <TASK> [ 15.341911] dump_stack_lvl+0x73/0xb0 [ 15.341943] print_report+0xd1/0x610 [ 15.341966] ? __virt_addr_valid+0x1db/0x2d0 [ 15.341990] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.342012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.342036] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.342069] kasan_report+0x141/0x180 [ 15.342091] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.342120] __asan_report_load4_noabort+0x18/0x20 [ 15.342144] kasan_atomics_helper+0x4a36/0x5450 [ 15.342213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.342238] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.342313] ? kasan_atomics+0x152/0x310 [ 15.342345] kasan_atomics+0x1dc/0x310 [ 15.342383] ? __pfx_kasan_atomics+0x10/0x10 [ 15.342410] ? __pfx_read_tsc+0x10/0x10 [ 15.342432] ? ktime_get_ts64+0x86/0x230 [ 15.342458] kunit_try_run_case+0x1a5/0x480 [ 15.342485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.342534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.342559] ? __kthread_parkme+0x82/0x180 [ 15.342598] ? preempt_count_sub+0x50/0x80 [ 15.342626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.342701] kthread+0x337/0x6f0 [ 15.342721] ? trace_preempt_on+0x20/0xc0 [ 15.342745] ? __pfx_kthread+0x10/0x10 [ 15.342767] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.342804] ? calculate_sigpending+0x7b/0xa0 [ 15.342831] ? __pfx_kthread+0x10/0x10 [ 15.342853] ret_from_fork+0x116/0x1d0 [ 15.342873] ? __pfx_kthread+0x10/0x10 [ 15.342893] ret_from_fork_asm+0x1a/0x30 [ 15.342927] </TASK> [ 15.342940] [ 15.357822] Allocated by task 282: [ 15.358295] kasan_save_stack+0x45/0x70 [ 15.358785] kasan_save_track+0x18/0x40 [ 15.359149] kasan_save_alloc_info+0x3b/0x50 [ 15.359310] __kasan_kmalloc+0xb7/0xc0 [ 15.359443] __kmalloc_cache_noprof+0x189/0x420 [ 15.359595] kasan_atomics+0x95/0x310 [ 15.359728] kunit_try_run_case+0x1a5/0x480 [ 15.359873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.360046] kthread+0x337/0x6f0 [ 15.360175] ret_from_fork+0x116/0x1d0 [ 15.360307] ret_from_fork_asm+0x1a/0x30 [ 15.360494] [ 15.360593] The buggy address belongs to the object at ffff8881026ce080 [ 15.360593] which belongs to the cache kmalloc-64 of size 64 [ 15.361317] The buggy address is located 0 bytes to the right of [ 15.361317] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.361919] [ 15.362007] The buggy address belongs to the physical page: [ 15.362357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.362638] flags: 0x200000000000000(node=0|zone=2) [ 15.362829] page_type: f5(slab) [ 15.362969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.363416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.363899] page dumped because: kasan: bad access detected [ 15.364354] [ 15.364636] Memory state around the buggy address: [ 15.364868] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.365161] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.365454] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.365671] ^ [ 15.365835] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366160] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366486] ================================================================== [ 14.897617] ================================================================== [ 14.897964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.898655] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.899069] [ 14.899199] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.899248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.899261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.899284] Call Trace: [ 14.899302] <TASK> [ 14.899321] dump_stack_lvl+0x73/0xb0 [ 14.899352] print_report+0xd1/0x610 [ 14.899377] ? __virt_addr_valid+0x1db/0x2d0 [ 14.899403] ? kasan_atomics_helper+0x565/0x5450 [ 14.899425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.899449] ? kasan_atomics_helper+0x565/0x5450 [ 14.899473] kasan_report+0x141/0x180 [ 14.899497] ? kasan_atomics_helper+0x565/0x5450 [ 14.899526] kasan_check_range+0x10c/0x1c0 [ 14.899551] __kasan_check_write+0x18/0x20 [ 14.899571] kasan_atomics_helper+0x565/0x5450 [ 14.899596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.899619] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.899646] ? kasan_atomics+0x152/0x310 [ 14.899675] kasan_atomics+0x1dc/0x310 [ 14.899699] ? __pfx_kasan_atomics+0x10/0x10 [ 14.899725] ? __pfx_read_tsc+0x10/0x10 [ 14.899746] ? ktime_get_ts64+0x86/0x230 [ 14.899773] kunit_try_run_case+0x1a5/0x480 [ 14.899799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.899822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.899852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.899877] ? __kthread_parkme+0x82/0x180 [ 14.899900] ? preempt_count_sub+0x50/0x80 [ 14.899925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.899950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.899976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.900080] kthread+0x337/0x6f0 [ 14.900104] ? trace_preempt_on+0x20/0xc0 [ 14.900129] ? __pfx_kthread+0x10/0x10 [ 14.900150] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.900173] ? calculate_sigpending+0x7b/0xa0 [ 14.900198] ? __pfx_kthread+0x10/0x10 [ 14.900221] ret_from_fork+0x116/0x1d0 [ 14.900240] ? __pfx_kthread+0x10/0x10 [ 14.900261] ret_from_fork_asm+0x1a/0x30 [ 14.900298] </TASK> [ 14.900310] [ 14.908498] Allocated by task 282: [ 14.908699] kasan_save_stack+0x45/0x70 [ 14.908853] kasan_save_track+0x18/0x40 [ 14.909161] kasan_save_alloc_info+0x3b/0x50 [ 14.909378] __kasan_kmalloc+0xb7/0xc0 [ 14.909543] __kmalloc_cache_noprof+0x189/0x420 [ 14.910019] kasan_atomics+0x95/0x310 [ 14.910250] kunit_try_run_case+0x1a5/0x480 [ 14.910451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.910706] kthread+0x337/0x6f0 [ 14.911006] ret_from_fork+0x116/0x1d0 [ 14.911163] ret_from_fork_asm+0x1a/0x30 [ 14.911307] [ 14.911381] The buggy address belongs to the object at ffff8881026ce080 [ 14.911381] which belongs to the cache kmalloc-64 of size 64 [ 14.911829] The buggy address is located 0 bytes to the right of [ 14.911829] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.912519] [ 14.912608] The buggy address belongs to the physical page: [ 14.912947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.913211] flags: 0x200000000000000(node=0|zone=2) [ 14.913398] page_type: f5(slab) [ 14.913571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.914079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.914427] page dumped because: kasan: bad access detected [ 14.914697] [ 14.914778] Memory state around the buggy address: [ 14.914983] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.915283] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.915577] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.915843] ^ [ 14.916062] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.916365] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.916934] ================================================================== [ 15.918162] ================================================================== [ 15.918552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.918958] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.919423] [ 15.919515] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.919560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.919572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.919595] Call Trace: [ 15.919613] <TASK> [ 15.919631] dump_stack_lvl+0x73/0xb0 [ 15.919660] print_report+0xd1/0x610 [ 15.919684] ? __virt_addr_valid+0x1db/0x2d0 [ 15.919708] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.919730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.919767] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.919790] kasan_report+0x141/0x180 [ 15.919821] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.919862] __asan_report_load8_noabort+0x18/0x20 [ 15.919888] kasan_atomics_helper+0x4f30/0x5450 [ 15.919914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.919937] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.919963] ? kasan_atomics+0x152/0x310 [ 15.919991] kasan_atomics+0x1dc/0x310 [ 15.920014] ? __pfx_kasan_atomics+0x10/0x10 [ 15.920039] ? __pfx_read_tsc+0x10/0x10 [ 15.920070] ? ktime_get_ts64+0x86/0x230 [ 15.920097] kunit_try_run_case+0x1a5/0x480 [ 15.920132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.920155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.920192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.920231] ? __kthread_parkme+0x82/0x180 [ 15.920252] ? preempt_count_sub+0x50/0x80 [ 15.920279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.920304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.920329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.920354] kthread+0x337/0x6f0 [ 15.920375] ? trace_preempt_on+0x20/0xc0 [ 15.920399] ? __pfx_kthread+0x10/0x10 [ 15.920421] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.920443] ? calculate_sigpending+0x7b/0xa0 [ 15.920468] ? __pfx_kthread+0x10/0x10 [ 15.920490] ret_from_fork+0x116/0x1d0 [ 15.920509] ? __pfx_kthread+0x10/0x10 [ 15.920531] ret_from_fork_asm+0x1a/0x30 [ 15.920564] </TASK> [ 15.920575] [ 15.928398] Allocated by task 282: [ 15.928576] kasan_save_stack+0x45/0x70 [ 15.928791] kasan_save_track+0x18/0x40 [ 15.928962] kasan_save_alloc_info+0x3b/0x50 [ 15.929170] __kasan_kmalloc+0xb7/0xc0 [ 15.929375] __kmalloc_cache_noprof+0x189/0x420 [ 15.929577] kasan_atomics+0x95/0x310 [ 15.929766] kunit_try_run_case+0x1a5/0x480 [ 15.929985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.930234] kthread+0x337/0x6f0 [ 15.930408] ret_from_fork+0x116/0x1d0 [ 15.930626] ret_from_fork_asm+0x1a/0x30 [ 15.930796] [ 15.930904] The buggy address belongs to the object at ffff8881026ce080 [ 15.930904] which belongs to the cache kmalloc-64 of size 64 [ 15.931407] The buggy address is located 0 bytes to the right of [ 15.931407] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.931970] [ 15.932079] The buggy address belongs to the physical page: [ 15.932285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.932588] flags: 0x200000000000000(node=0|zone=2) [ 15.932840] page_type: f5(slab) [ 15.933014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.933361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.933701] page dumped because: kasan: bad access detected [ 15.933952] [ 15.934023] Memory state around the buggy address: [ 15.934260] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.934538] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.934983] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.935324] ^ [ 15.935485] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936005] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936268] ================================================================== [ 15.899298] ================================================================== [ 15.899720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.900264] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.900534] [ 15.900698] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.900746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.900771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.900795] Call Trace: [ 15.900816] <TASK> [ 15.900846] dump_stack_lvl+0x73/0xb0 [ 15.900877] print_report+0xd1/0x610 [ 15.900900] ? __virt_addr_valid+0x1db/0x2d0 [ 15.900924] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.900946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.900970] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.900994] kasan_report+0x141/0x180 [ 15.901017] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.901045] kasan_check_range+0x10c/0x1c0 [ 15.901080] __kasan_check_write+0x18/0x20 [ 15.901099] kasan_atomics_helper+0x1c18/0x5450 [ 15.901124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.901147] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.901173] ? kasan_atomics+0x152/0x310 [ 15.901202] kasan_atomics+0x1dc/0x310 [ 15.901236] ? __pfx_kasan_atomics+0x10/0x10 [ 15.901261] ? __pfx_read_tsc+0x10/0x10 [ 15.901294] ? ktime_get_ts64+0x86/0x230 [ 15.901321] kunit_try_run_case+0x1a5/0x480 [ 15.901348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.901371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.901397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.901422] ? __kthread_parkme+0x82/0x180 [ 15.901443] ? preempt_count_sub+0x50/0x80 [ 15.901469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.901494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.901519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.901544] kthread+0x337/0x6f0 [ 15.901564] ? trace_preempt_on+0x20/0xc0 [ 15.901589] ? __pfx_kthread+0x10/0x10 [ 15.901610] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.901642] ? calculate_sigpending+0x7b/0xa0 [ 15.901667] ? __pfx_kthread+0x10/0x10 [ 15.901701] ret_from_fork+0x116/0x1d0 [ 15.901720] ? __pfx_kthread+0x10/0x10 [ 15.901744] ret_from_fork_asm+0x1a/0x30 [ 15.901781] </TASK> [ 15.901792] [ 15.909753] Allocated by task 282: [ 15.909931] kasan_save_stack+0x45/0x70 [ 15.910097] kasan_save_track+0x18/0x40 [ 15.910316] kasan_save_alloc_info+0x3b/0x50 [ 15.910531] __kasan_kmalloc+0xb7/0xc0 [ 15.910734] __kmalloc_cache_noprof+0x189/0x420 [ 15.910916] kasan_atomics+0x95/0x310 [ 15.911115] kunit_try_run_case+0x1a5/0x480 [ 15.911333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.911515] kthread+0x337/0x6f0 [ 15.911640] ret_from_fork+0x116/0x1d0 [ 15.911775] ret_from_fork_asm+0x1a/0x30 [ 15.911918] [ 15.911992] The buggy address belongs to the object at ffff8881026ce080 [ 15.911992] which belongs to the cache kmalloc-64 of size 64 [ 15.912364] The buggy address is located 0 bytes to the right of [ 15.912364] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.912987] [ 15.913110] The buggy address belongs to the physical page: [ 15.913367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.913909] flags: 0x200000000000000(node=0|zone=2) [ 15.914113] page_type: f5(slab) [ 15.914243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.914479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.915041] page dumped because: kasan: bad access detected [ 15.915309] [ 15.915405] Memory state around the buggy address: [ 15.915713] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.915977] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.916208] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.916427] ^ [ 15.916677] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.917025] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.917373] ================================================================== [ 15.170916] ================================================================== [ 15.171627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.172015] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.172254] [ 15.172344] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.172389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.172401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.172425] Call Trace: [ 15.172444] <TASK> [ 15.172463] dump_stack_lvl+0x73/0xb0 [ 15.172492] print_report+0xd1/0x610 [ 15.172515] ? __virt_addr_valid+0x1db/0x2d0 [ 15.172539] ? kasan_atomics_helper+0xc70/0x5450 [ 15.172560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.172585] ? kasan_atomics_helper+0xc70/0x5450 [ 15.172619] kasan_report+0x141/0x180 [ 15.172653] ? kasan_atomics_helper+0xc70/0x5450 [ 15.172682] kasan_check_range+0x10c/0x1c0 [ 15.172706] __kasan_check_write+0x18/0x20 [ 15.172725] kasan_atomics_helper+0xc70/0x5450 [ 15.172749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.172771] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.172798] ? kasan_atomics+0x152/0x310 [ 15.172827] kasan_atomics+0x1dc/0x310 [ 15.172862] ? __pfx_kasan_atomics+0x10/0x10 [ 15.172887] ? __pfx_read_tsc+0x10/0x10 [ 15.172908] ? ktime_get_ts64+0x86/0x230 [ 15.172934] kunit_try_run_case+0x1a5/0x480 [ 15.172962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.172985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.173010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.173035] ? __kthread_parkme+0x82/0x180 [ 15.173068] ? preempt_count_sub+0x50/0x80 [ 15.173094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.173119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.173144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.173169] kthread+0x337/0x6f0 [ 15.173188] ? trace_preempt_on+0x20/0xc0 [ 15.173213] ? __pfx_kthread+0x10/0x10 [ 15.173234] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.173256] ? calculate_sigpending+0x7b/0xa0 [ 15.173282] ? __pfx_kthread+0x10/0x10 [ 15.173304] ret_from_fork+0x116/0x1d0 [ 15.173322] ? __pfx_kthread+0x10/0x10 [ 15.173343] ret_from_fork_asm+0x1a/0x30 [ 15.173376] </TASK> [ 15.173388] [ 15.181874] Allocated by task 282: [ 15.182021] kasan_save_stack+0x45/0x70 [ 15.182240] kasan_save_track+0x18/0x40 [ 15.182435] kasan_save_alloc_info+0x3b/0x50 [ 15.182646] __kasan_kmalloc+0xb7/0xc0 [ 15.182799] __kmalloc_cache_noprof+0x189/0x420 [ 15.183071] kasan_atomics+0x95/0x310 [ 15.183209] kunit_try_run_case+0x1a5/0x480 [ 15.183358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183538] kthread+0x337/0x6f0 [ 15.183699] ret_from_fork+0x116/0x1d0 [ 15.183885] ret_from_fork_asm+0x1a/0x30 [ 15.184299] [ 15.184415] The buggy address belongs to the object at ffff8881026ce080 [ 15.184415] which belongs to the cache kmalloc-64 of size 64 [ 15.185101] The buggy address is located 0 bytes to the right of [ 15.185101] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.185477] [ 15.185628] The buggy address belongs to the physical page: [ 15.186193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.186477] flags: 0x200000000000000(node=0|zone=2) [ 15.186888] page_type: f5(slab) [ 15.187092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.187389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.187710] page dumped because: kasan: bad access detected [ 15.188064] [ 15.188160] Memory state around the buggy address: [ 15.188357] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188678] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.188899] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.189555] ^ [ 15.190032] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.190379] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.190601] ================================================================== [ 15.367017] ================================================================== [ 15.367379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.367718] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.368216] [ 15.368334] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.368383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.368395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.368419] Call Trace: [ 15.368439] <TASK> [ 15.368458] dump_stack_lvl+0x73/0xb0 [ 15.368488] print_report+0xd1/0x610 [ 15.368510] ? __virt_addr_valid+0x1db/0x2d0 [ 15.368534] ? kasan_atomics_helper+0x1079/0x5450 [ 15.368555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.368579] ? kasan_atomics_helper+0x1079/0x5450 [ 15.368602] kasan_report+0x141/0x180 [ 15.368625] ? kasan_atomics_helper+0x1079/0x5450 [ 15.368652] kasan_check_range+0x10c/0x1c0 [ 15.368676] __kasan_check_write+0x18/0x20 [ 15.368738] kasan_atomics_helper+0x1079/0x5450 [ 15.368765] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.368851] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.368878] ? kasan_atomics+0x152/0x310 [ 15.368907] kasan_atomics+0x1dc/0x310 [ 15.369015] ? __pfx_kasan_atomics+0x10/0x10 [ 15.369090] ? __pfx_read_tsc+0x10/0x10 [ 15.369113] ? ktime_get_ts64+0x86/0x230 [ 15.369151] kunit_try_run_case+0x1a5/0x480 [ 15.369178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.369202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.369227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.369253] ? __kthread_parkme+0x82/0x180 [ 15.369274] ? preempt_count_sub+0x50/0x80 [ 15.369299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.369324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.369348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.369373] kthread+0x337/0x6f0 [ 15.369393] ? trace_preempt_on+0x20/0xc0 [ 15.369418] ? __pfx_kthread+0x10/0x10 [ 15.369439] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.369461] ? calculate_sigpending+0x7b/0xa0 [ 15.369487] ? __pfx_kthread+0x10/0x10 [ 15.369509] ret_from_fork+0x116/0x1d0 [ 15.369528] ? __pfx_kthread+0x10/0x10 [ 15.369549] ret_from_fork_asm+0x1a/0x30 [ 15.369628] </TASK> [ 15.369639] [ 15.379560] Allocated by task 282: [ 15.379862] kasan_save_stack+0x45/0x70 [ 15.380165] kasan_save_track+0x18/0x40 [ 15.380458] kasan_save_alloc_info+0x3b/0x50 [ 15.380705] __kasan_kmalloc+0xb7/0xc0 [ 15.380836] __kmalloc_cache_noprof+0x189/0x420 [ 15.381108] kasan_atomics+0x95/0x310 [ 15.381348] kunit_try_run_case+0x1a5/0x480 [ 15.381559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.381905] kthread+0x337/0x6f0 [ 15.382173] ret_from_fork+0x116/0x1d0 [ 15.382368] ret_from_fork_asm+0x1a/0x30 [ 15.382726] [ 15.382820] The buggy address belongs to the object at ffff8881026ce080 [ 15.382820] which belongs to the cache kmalloc-64 of size 64 [ 15.383324] The buggy address is located 0 bytes to the right of [ 15.383324] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.383952] [ 15.384105] The buggy address belongs to the physical page: [ 15.384365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.384989] flags: 0x200000000000000(node=0|zone=2) [ 15.385461] page_type: f5(slab) [ 15.385637] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.385956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.386532] page dumped because: kasan: bad access detected [ 15.386801] [ 15.386919] Memory state around the buggy address: [ 15.387185] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.387399] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.387669] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.388236] ^ [ 15.388771] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389247] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389660] ================================================================== [ 15.680214] ================================================================== [ 15.680537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.680857] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.681183] [ 15.681310] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.681366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.681378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.681402] Call Trace: [ 15.681419] <TASK> [ 15.681436] dump_stack_lvl+0x73/0xb0 [ 15.681465] print_report+0xd1/0x610 [ 15.681487] ? __virt_addr_valid+0x1db/0x2d0 [ 15.681520] ? kasan_atomics_helper+0x151d/0x5450 [ 15.681542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.681567] ? kasan_atomics_helper+0x151d/0x5450 [ 15.681609] kasan_report+0x141/0x180 [ 15.681632] ? kasan_atomics_helper+0x151d/0x5450 [ 15.681660] kasan_check_range+0x10c/0x1c0 [ 15.681684] __kasan_check_write+0x18/0x20 [ 15.681713] kasan_atomics_helper+0x151d/0x5450 [ 15.681737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.681760] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.681797] ? kasan_atomics+0x152/0x310 [ 15.681825] kasan_atomics+0x1dc/0x310 [ 15.681848] ? __pfx_kasan_atomics+0x10/0x10 [ 15.681873] ? __pfx_read_tsc+0x10/0x10 [ 15.681894] ? ktime_get_ts64+0x86/0x230 [ 15.681920] kunit_try_run_case+0x1a5/0x480 [ 15.681946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.681969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.681996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.682021] ? __kthread_parkme+0x82/0x180 [ 15.682058] ? preempt_count_sub+0x50/0x80 [ 15.682085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.682120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.682145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.682171] kthread+0x337/0x6f0 [ 15.682191] ? trace_preempt_on+0x20/0xc0 [ 15.682220] ? __pfx_kthread+0x10/0x10 [ 15.682241] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.682272] ? calculate_sigpending+0x7b/0xa0 [ 15.682297] ? __pfx_kthread+0x10/0x10 [ 15.682319] ret_from_fork+0x116/0x1d0 [ 15.682348] ? __pfx_kthread+0x10/0x10 [ 15.682369] ret_from_fork_asm+0x1a/0x30 [ 15.682402] </TASK> [ 15.682412] [ 15.690135] Allocated by task 282: [ 15.690312] kasan_save_stack+0x45/0x70 [ 15.690488] kasan_save_track+0x18/0x40 [ 15.690853] kasan_save_alloc_info+0x3b/0x50 [ 15.691025] __kasan_kmalloc+0xb7/0xc0 [ 15.691182] __kmalloc_cache_noprof+0x189/0x420 [ 15.691406] kasan_atomics+0x95/0x310 [ 15.691647] kunit_try_run_case+0x1a5/0x480 [ 15.691826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.692104] kthread+0x337/0x6f0 [ 15.692277] ret_from_fork+0x116/0x1d0 [ 15.692466] ret_from_fork_asm+0x1a/0x30 [ 15.692702] [ 15.692793] The buggy address belongs to the object at ffff8881026ce080 [ 15.692793] which belongs to the cache kmalloc-64 of size 64 [ 15.693303] The buggy address is located 0 bytes to the right of [ 15.693303] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.693846] [ 15.693922] The buggy address belongs to the physical page: [ 15.694110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.694358] flags: 0x200000000000000(node=0|zone=2) [ 15.694610] page_type: f5(slab) [ 15.694829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.695494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.695860] page dumped because: kasan: bad access detected [ 15.696114] [ 15.696187] Memory state around the buggy address: [ 15.696344] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.696562] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.696861] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.697208] ^ [ 15.697449] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.697834] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698222] ================================================================== [ 15.064072] ================================================================== [ 15.064796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.065590] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.066495] [ 15.066738] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.066787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.066800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.066824] Call Trace: [ 15.066845] <TASK> [ 15.066865] dump_stack_lvl+0x73/0xb0 [ 15.066896] print_report+0xd1/0x610 [ 15.066930] ? __virt_addr_valid+0x1db/0x2d0 [ 15.066956] ? kasan_atomics_helper+0x992/0x5450 [ 15.066979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.067006] ? kasan_atomics_helper+0x992/0x5450 [ 15.067032] kasan_report+0x141/0x180 [ 15.067067] ? kasan_atomics_helper+0x992/0x5450 [ 15.067095] kasan_check_range+0x10c/0x1c0 [ 15.067120] __kasan_check_write+0x18/0x20 [ 15.067140] kasan_atomics_helper+0x992/0x5450 [ 15.067163] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.067185] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.067212] ? kasan_atomics+0x152/0x310 [ 15.067241] kasan_atomics+0x1dc/0x310 [ 15.067265] ? __pfx_kasan_atomics+0x10/0x10 [ 15.067290] ? __pfx_read_tsc+0x10/0x10 [ 15.067312] ? ktime_get_ts64+0x86/0x230 [ 15.067339] kunit_try_run_case+0x1a5/0x480 [ 15.067364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.067415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.067440] ? __kthread_parkme+0x82/0x180 [ 15.067462] ? preempt_count_sub+0x50/0x80 [ 15.067488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.067539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.067564] kthread+0x337/0x6f0 [ 15.067585] ? trace_preempt_on+0x20/0xc0 [ 15.067622] ? __pfx_kthread+0x10/0x10 [ 15.067645] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.067668] ? calculate_sigpending+0x7b/0xa0 [ 15.067705] ? __pfx_kthread+0x10/0x10 [ 15.067727] ret_from_fork+0x116/0x1d0 [ 15.067747] ? __pfx_kthread+0x10/0x10 [ 15.067768] ret_from_fork_asm+0x1a/0x30 [ 15.067803] </TASK> [ 15.067813] [ 15.081522] Allocated by task 282: [ 15.082030] kasan_save_stack+0x45/0x70 [ 15.082373] kasan_save_track+0x18/0x40 [ 15.082596] kasan_save_alloc_info+0x3b/0x50 [ 15.082813] __kasan_kmalloc+0xb7/0xc0 [ 15.083004] __kmalloc_cache_noprof+0x189/0x420 [ 15.084227] kasan_atomics+0x95/0x310 [ 15.085070] kunit_try_run_case+0x1a5/0x480 [ 15.085691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.086010] kthread+0x337/0x6f0 [ 15.086406] ret_from_fork+0x116/0x1d0 [ 15.086782] ret_from_fork_asm+0x1a/0x30 [ 15.087283] [ 15.087364] The buggy address belongs to the object at ffff8881026ce080 [ 15.087364] which belongs to the cache kmalloc-64 of size 64 [ 15.087731] The buggy address is located 0 bytes to the right of [ 15.087731] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.089081] [ 15.089292] The buggy address belongs to the physical page: [ 15.089930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.090675] flags: 0x200000000000000(node=0|zone=2) [ 15.091200] page_type: f5(slab) [ 15.091375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.091620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.091851] page dumped because: kasan: bad access detected [ 15.092026] [ 15.092122] Memory state around the buggy address: [ 15.092361] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092699] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.093042] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.093436] ^ [ 15.093686] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093913] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.094273] ================================================================== [ 15.880629] ================================================================== [ 15.881151] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.881507] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.881943] [ 15.882088] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.882134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.882147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.882171] Call Trace: [ 15.882192] <TASK> [ 15.882216] dump_stack_lvl+0x73/0xb0 [ 15.882246] print_report+0xd1/0x610 [ 15.882269] ? __virt_addr_valid+0x1db/0x2d0 [ 15.882293] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.882316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.882340] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.882362] kasan_report+0x141/0x180 [ 15.882385] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.882414] kasan_check_range+0x10c/0x1c0 [ 15.882438] __kasan_check_write+0x18/0x20 [ 15.882457] kasan_atomics_helper+0x1b22/0x5450 [ 15.882481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.882504] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.882531] ? kasan_atomics+0x152/0x310 [ 15.882559] kasan_atomics+0x1dc/0x310 [ 15.882582] ? __pfx_kasan_atomics+0x10/0x10 [ 15.882618] ? __pfx_read_tsc+0x10/0x10 [ 15.882639] ? ktime_get_ts64+0x86/0x230 [ 15.882677] kunit_try_run_case+0x1a5/0x480 [ 15.882703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.882727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.882754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.882779] ? __kthread_parkme+0x82/0x180 [ 15.882800] ? preempt_count_sub+0x50/0x80 [ 15.882826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.882851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.882875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.882900] kthread+0x337/0x6f0 [ 15.882921] ? trace_preempt_on+0x20/0xc0 [ 15.882945] ? __pfx_kthread+0x10/0x10 [ 15.882967] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.882990] ? calculate_sigpending+0x7b/0xa0 [ 15.883015] ? __pfx_kthread+0x10/0x10 [ 15.883040] ret_from_fork+0x116/0x1d0 [ 15.883070] ? __pfx_kthread+0x10/0x10 [ 15.883091] ret_from_fork_asm+0x1a/0x30 [ 15.883126] </TASK> [ 15.883137] [ 15.890836] Allocated by task 282: [ 15.890988] kasan_save_stack+0x45/0x70 [ 15.891157] kasan_save_track+0x18/0x40 [ 15.891301] kasan_save_alloc_info+0x3b/0x50 [ 15.891453] __kasan_kmalloc+0xb7/0xc0 [ 15.891657] __kmalloc_cache_noprof+0x189/0x420 [ 15.891885] kasan_atomics+0x95/0x310 [ 15.892112] kunit_try_run_case+0x1a5/0x480 [ 15.892329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.892587] kthread+0x337/0x6f0 [ 15.892829] ret_from_fork+0x116/0x1d0 [ 15.893048] ret_from_fork_asm+0x1a/0x30 [ 15.893283] [ 15.893383] The buggy address belongs to the object at ffff8881026ce080 [ 15.893383] which belongs to the cache kmalloc-64 of size 64 [ 15.893945] The buggy address is located 0 bytes to the right of [ 15.893945] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.894413] [ 15.894492] The buggy address belongs to the physical page: [ 15.894715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.895113] flags: 0x200000000000000(node=0|zone=2) [ 15.895378] page_type: f5(slab) [ 15.895554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.895950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.896301] page dumped because: kasan: bad access detected [ 15.896554] [ 15.896655] Memory state around the buggy address: [ 15.896908] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.897229] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.897546] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.897880] ^ [ 15.898120] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.898435] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.898687] ================================================================== [ 14.731085] ================================================================== [ 14.732485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.733230] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.733938] [ 14.734047] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.734108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.734120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.734143] Call Trace: [ 14.734156] <TASK> [ 14.734174] dump_stack_lvl+0x73/0xb0 [ 14.734208] print_report+0xd1/0x610 [ 14.734230] ? __virt_addr_valid+0x1db/0x2d0 [ 14.734253] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.734274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.734296] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.734317] kasan_report+0x141/0x180 [ 14.734338] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.734365] __asan_report_store4_noabort+0x1b/0x30 [ 14.734389] kasan_atomics_helper+0x4ba2/0x5450 [ 14.734411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.734433] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.734458] ? kasan_atomics+0x152/0x310 [ 14.734485] kasan_atomics+0x1dc/0x310 [ 14.734507] ? __pfx_kasan_atomics+0x10/0x10 [ 14.734531] ? __pfx_read_tsc+0x10/0x10 [ 14.734552] ? ktime_get_ts64+0x86/0x230 [ 14.734576] kunit_try_run_case+0x1a5/0x480 [ 14.734612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.734634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.734658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.734682] ? __kthread_parkme+0x82/0x180 [ 14.734702] ? preempt_count_sub+0x50/0x80 [ 14.734727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.734750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.734774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.734797] kthread+0x337/0x6f0 [ 14.735014] ? trace_preempt_on+0x20/0xc0 [ 14.735040] ? __pfx_kthread+0x10/0x10 [ 14.735076] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.735098] ? calculate_sigpending+0x7b/0xa0 [ 14.735122] ? __pfx_kthread+0x10/0x10 [ 14.735143] ret_from_fork+0x116/0x1d0 [ 14.735161] ? __pfx_kthread+0x10/0x10 [ 14.735181] ret_from_fork_asm+0x1a/0x30 [ 14.735213] </TASK> [ 14.735224] [ 14.749685] Allocated by task 282: [ 14.750116] kasan_save_stack+0x45/0x70 [ 14.750504] kasan_save_track+0x18/0x40 [ 14.750902] kasan_save_alloc_info+0x3b/0x50 [ 14.751459] __kasan_kmalloc+0xb7/0xc0 [ 14.751927] __kmalloc_cache_noprof+0x189/0x420 [ 14.752224] kasan_atomics+0x95/0x310 [ 14.752364] kunit_try_run_case+0x1a5/0x480 [ 14.752513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752897] kthread+0x337/0x6f0 [ 14.753264] ret_from_fork+0x116/0x1d0 [ 14.753621] ret_from_fork_asm+0x1a/0x30 [ 14.754031] [ 14.754235] The buggy address belongs to the object at ffff8881026ce080 [ 14.754235] which belongs to the cache kmalloc-64 of size 64 [ 14.755649] The buggy address is located 0 bytes to the right of [ 14.755649] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.756588] [ 14.756760] The buggy address belongs to the physical page: [ 14.757276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.757539] flags: 0x200000000000000(node=0|zone=2) [ 14.758117] page_type: f5(slab) [ 14.758423] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.759329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.760116] page dumped because: kasan: bad access detected [ 14.760450] [ 14.760522] Memory state around the buggy address: [ 14.760774] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.761509] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.762365] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.763100] ^ [ 14.763267] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.763488] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.763729] ================================================================== [ 14.696675] ================================================================== [ 14.698441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.699547] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.700224] [ 14.700331] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.700383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.700394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.700418] Call Trace: [ 14.700431] <TASK> [ 14.700450] dump_stack_lvl+0x73/0xb0 [ 14.700486] print_report+0xd1/0x610 [ 14.700510] ? __virt_addr_valid+0x1db/0x2d0 [ 14.700536] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.700557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.700580] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.700601] kasan_report+0x141/0x180 [ 14.700622] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.700649] __asan_report_load4_noabort+0x18/0x20 [ 14.700673] kasan_atomics_helper+0x4bbc/0x5450 [ 14.700695] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.700717] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.700744] ? kasan_atomics+0x152/0x310 [ 14.700771] kasan_atomics+0x1dc/0x310 [ 14.700793] ? __pfx_kasan_atomics+0x10/0x10 [ 14.700873] ? __pfx_read_tsc+0x10/0x10 [ 14.700896] ? ktime_get_ts64+0x86/0x230 [ 14.700923] kunit_try_run_case+0x1a5/0x480 [ 14.700950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.700991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701040] ? __kthread_parkme+0x82/0x180 [ 14.701073] ? preempt_count_sub+0x50/0x80 [ 14.701099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.701170] kthread+0x337/0x6f0 [ 14.701189] ? trace_preempt_on+0x20/0xc0 [ 14.701213] ? __pfx_kthread+0x10/0x10 [ 14.701234] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.701255] ? calculate_sigpending+0x7b/0xa0 [ 14.701280] ? __pfx_kthread+0x10/0x10 [ 14.701301] ret_from_fork+0x116/0x1d0 [ 14.701319] ? __pfx_kthread+0x10/0x10 [ 14.701339] ret_from_fork_asm+0x1a/0x30 [ 14.701374] </TASK> [ 14.701385] [ 14.716582] Allocated by task 282: [ 14.716975] kasan_save_stack+0x45/0x70 [ 14.717249] kasan_save_track+0x18/0x40 [ 14.717398] kasan_save_alloc_info+0x3b/0x50 [ 14.717548] __kasan_kmalloc+0xb7/0xc0 [ 14.717851] __kmalloc_cache_noprof+0x189/0x420 [ 14.718321] kasan_atomics+0x95/0x310 [ 14.718678] kunit_try_run_case+0x1a5/0x480 [ 14.719168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.719652] kthread+0x337/0x6f0 [ 14.719952] ret_from_fork+0x116/0x1d0 [ 14.720385] ret_from_fork_asm+0x1a/0x30 [ 14.720765] [ 14.720937] The buggy address belongs to the object at ffff8881026ce080 [ 14.720937] which belongs to the cache kmalloc-64 of size 64 [ 14.721727] The buggy address is located 0 bytes to the right of [ 14.721727] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.722991] [ 14.723180] The buggy address belongs to the physical page: [ 14.723362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.723628] flags: 0x200000000000000(node=0|zone=2) [ 14.724161] page_type: f5(slab) [ 14.724458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.725320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.726113] page dumped because: kasan: bad access detected [ 14.726581] [ 14.726769] Memory state around the buggy address: [ 14.727280] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.727665] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.728464] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.728968] ^ [ 14.729303] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729524] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.730031] ================================================================== [ 15.598814] ================================================================== [ 15.599204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.599713] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.599986] [ 15.600111] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.600155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.600167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.600189] Call Trace: [ 15.600206] <TASK> [ 15.600224] dump_stack_lvl+0x73/0xb0 [ 15.600251] print_report+0xd1/0x610 [ 15.600275] ? __virt_addr_valid+0x1db/0x2d0 [ 15.600297] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.600320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.600343] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.600366] kasan_report+0x141/0x180 [ 15.600389] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.600417] __asan_report_load8_noabort+0x18/0x20 [ 15.600442] kasan_atomics_helper+0x4eae/0x5450 [ 15.600466] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.600489] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.600515] ? kasan_atomics+0x152/0x310 [ 15.600543] kasan_atomics+0x1dc/0x310 [ 15.600566] ? __pfx_kasan_atomics+0x10/0x10 [ 15.600591] ? __pfx_read_tsc+0x10/0x10 [ 15.600611] ? ktime_get_ts64+0x86/0x230 [ 15.600637] kunit_try_run_case+0x1a5/0x480 [ 15.600662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.600685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.600710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.600734] ? __kthread_parkme+0x82/0x180 [ 15.600755] ? preempt_count_sub+0x50/0x80 [ 15.600782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.600806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.600831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.600856] kthread+0x337/0x6f0 [ 15.600876] ? trace_preempt_on+0x20/0xc0 [ 15.600901] ? __pfx_kthread+0x10/0x10 [ 15.600922] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.600945] ? calculate_sigpending+0x7b/0xa0 [ 15.600969] ? __pfx_kthread+0x10/0x10 [ 15.600992] ret_from_fork+0x116/0x1d0 [ 15.601024] ? __pfx_kthread+0x10/0x10 [ 15.601045] ret_from_fork_asm+0x1a/0x30 [ 15.601089] </TASK> [ 15.601099] [ 15.610936] Allocated by task 282: [ 15.611120] kasan_save_stack+0x45/0x70 [ 15.611309] kasan_save_track+0x18/0x40 [ 15.611486] kasan_save_alloc_info+0x3b/0x50 [ 15.612014] __kasan_kmalloc+0xb7/0xc0 [ 15.612349] __kmalloc_cache_noprof+0x189/0x420 [ 15.612779] kasan_atomics+0x95/0x310 [ 15.613107] kunit_try_run_case+0x1a5/0x480 [ 15.613319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613561] kthread+0x337/0x6f0 [ 15.613721] ret_from_fork+0x116/0x1d0 [ 15.613895] ret_from_fork_asm+0x1a/0x30 [ 15.614086] [ 15.614178] The buggy address belongs to the object at ffff8881026ce080 [ 15.614178] which belongs to the cache kmalloc-64 of size 64 [ 15.615042] The buggy address is located 0 bytes to the right of [ 15.615042] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.615953] [ 15.616222] The buggy address belongs to the physical page: [ 15.616539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.617020] flags: 0x200000000000000(node=0|zone=2) [ 15.617263] page_type: f5(slab) [ 15.617425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.618139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.618589] page dumped because: kasan: bad access detected [ 15.618973] [ 15.619079] Memory state around the buggy address: [ 15.619287] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619852] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.620353] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.620859] ^ [ 15.621217] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.621519] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622293] ================================================================== [ 15.782571] ================================================================== [ 15.782975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.783488] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.784004] [ 15.784204] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.784278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.784318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.784342] Call Trace: [ 15.784362] <TASK> [ 15.784394] dump_stack_lvl+0x73/0xb0 [ 15.784427] print_report+0xd1/0x610 [ 15.784450] ? __virt_addr_valid+0x1db/0x2d0 [ 15.784475] ? kasan_atomics_helper+0x1818/0x5450 [ 15.784497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.784522] ? kasan_atomics_helper+0x1818/0x5450 [ 15.784545] kasan_report+0x141/0x180 [ 15.784569] ? kasan_atomics_helper+0x1818/0x5450 [ 15.784596] kasan_check_range+0x10c/0x1c0 [ 15.784621] __kasan_check_write+0x18/0x20 [ 15.784641] kasan_atomics_helper+0x1818/0x5450 [ 15.784664] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.784687] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.784714] ? kasan_atomics+0x152/0x310 [ 15.784744] kasan_atomics+0x1dc/0x310 [ 15.784767] ? __pfx_kasan_atomics+0x10/0x10 [ 15.784792] ? __pfx_read_tsc+0x10/0x10 [ 15.784823] ? ktime_get_ts64+0x86/0x230 [ 15.784849] kunit_try_run_case+0x1a5/0x480 [ 15.784876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.784899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.784925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.784949] ? __kthread_parkme+0x82/0x180 [ 15.784970] ? preempt_count_sub+0x50/0x80 [ 15.784996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.785082] kthread+0x337/0x6f0 [ 15.785102] ? trace_preempt_on+0x20/0xc0 [ 15.785127] ? __pfx_kthread+0x10/0x10 [ 15.785181] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.785203] ? calculate_sigpending+0x7b/0xa0 [ 15.785240] ? __pfx_kthread+0x10/0x10 [ 15.785263] ret_from_fork+0x116/0x1d0 [ 15.785281] ? __pfx_kthread+0x10/0x10 [ 15.785302] ret_from_fork_asm+0x1a/0x30 [ 15.785337] </TASK> [ 15.785348] [ 15.793324] Allocated by task 282: [ 15.793490] kasan_save_stack+0x45/0x70 [ 15.793717] kasan_save_track+0x18/0x40 [ 15.793920] kasan_save_alloc_info+0x3b/0x50 [ 15.794212] __kasan_kmalloc+0xb7/0xc0 [ 15.794439] __kmalloc_cache_noprof+0x189/0x420 [ 15.794798] kasan_atomics+0x95/0x310 [ 15.795086] kunit_try_run_case+0x1a5/0x480 [ 15.795239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.795417] kthread+0x337/0x6f0 [ 15.795540] ret_from_fork+0x116/0x1d0 [ 15.795708] ret_from_fork_asm+0x1a/0x30 [ 15.795912] [ 15.796012] The buggy address belongs to the object at ffff8881026ce080 [ 15.796012] which belongs to the cache kmalloc-64 of size 64 [ 15.796638] The buggy address is located 0 bytes to the right of [ 15.796638] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.797362] [ 15.797451] The buggy address belongs to the physical page: [ 15.797723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.798140] flags: 0x200000000000000(node=0|zone=2) [ 15.798320] page_type: f5(slab) [ 15.798447] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.798808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.799209] page dumped because: kasan: bad access detected [ 15.799520] [ 15.799667] Memory state around the buggy address: [ 15.799876] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800178] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.800419] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.800821] ^ [ 15.801036] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801292] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801684] ================================================================== [ 16.154105] ================================================================== [ 16.154937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.155313] Read of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.155669] [ 16.155788] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.155833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.155846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.155870] Call Trace: [ 16.155890] <TASK> [ 16.155909] dump_stack_lvl+0x73/0xb0 [ 16.155938] print_report+0xd1/0x610 [ 16.155962] ? __virt_addr_valid+0x1db/0x2d0 [ 16.155987] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.156008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.156033] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.156065] kasan_report+0x141/0x180 [ 16.156088] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.156118] __asan_report_load8_noabort+0x18/0x20 [ 16.156144] kasan_atomics_helper+0x4fa5/0x5450 [ 16.156168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.156192] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.156218] ? kasan_atomics+0x152/0x310 [ 16.156247] kasan_atomics+0x1dc/0x310 [ 16.156271] ? __pfx_kasan_atomics+0x10/0x10 [ 16.156297] ? __pfx_read_tsc+0x10/0x10 [ 16.156318] ? ktime_get_ts64+0x86/0x230 [ 16.156345] kunit_try_run_case+0x1a5/0x480 [ 16.156372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.156395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.156422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.156447] ? __kthread_parkme+0x82/0x180 [ 16.156469] ? preempt_count_sub+0x50/0x80 [ 16.156496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.156521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.156547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.156573] kthread+0x337/0x6f0 [ 16.156593] ? trace_preempt_on+0x20/0xc0 [ 16.156618] ? __pfx_kthread+0x10/0x10 [ 16.156640] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.156663] ? calculate_sigpending+0x7b/0xa0 [ 16.156688] ? __pfx_kthread+0x10/0x10 [ 16.156711] ret_from_fork+0x116/0x1d0 [ 16.156730] ? __pfx_kthread+0x10/0x10 [ 16.156752] ret_from_fork_asm+0x1a/0x30 [ 16.156786] </TASK> [ 16.156797] [ 16.164156] Allocated by task 282: [ 16.164297] kasan_save_stack+0x45/0x70 [ 16.164448] kasan_save_track+0x18/0x40 [ 16.164678] kasan_save_alloc_info+0x3b/0x50 [ 16.164893] __kasan_kmalloc+0xb7/0xc0 [ 16.165091] __kmalloc_cache_noprof+0x189/0x420 [ 16.165319] kasan_atomics+0x95/0x310 [ 16.165509] kunit_try_run_case+0x1a5/0x480 [ 16.165730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.165913] kthread+0x337/0x6f0 [ 16.166038] ret_from_fork+0x116/0x1d0 [ 16.166184] ret_from_fork_asm+0x1a/0x30 [ 16.166389] [ 16.166486] The buggy address belongs to the object at ffff8881026ce080 [ 16.166486] which belongs to the cache kmalloc-64 of size 64 [ 16.167041] The buggy address is located 0 bytes to the right of [ 16.167041] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.167520] [ 16.167617] The buggy address belongs to the physical page: [ 16.167797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.168057] flags: 0x200000000000000(node=0|zone=2) [ 16.168300] page_type: f5(slab) [ 16.168474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.168847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.169212] page dumped because: kasan: bad access detected [ 16.169473] [ 16.169587] Memory state around the buggy address: [ 16.169816] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.170079] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.170358] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.170710] ^ [ 16.170922] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.171201] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.171440] ================================================================== [ 14.855379] ================================================================== [ 14.855883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.856223] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 14.856515] [ 14.856801] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.856900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.856912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.856935] Call Trace: [ 14.856955] <TASK> [ 14.856974] dump_stack_lvl+0x73/0xb0 [ 14.857006] print_report+0xd1/0x610 [ 14.857029] ? __virt_addr_valid+0x1db/0x2d0 [ 14.857065] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.857087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.857111] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.857133] kasan_report+0x141/0x180 [ 14.857157] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.857185] kasan_check_range+0x10c/0x1c0 [ 14.857209] __kasan_check_write+0x18/0x20 [ 14.857229] kasan_atomics_helper+0x4a0/0x5450 [ 14.857253] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.857276] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.857302] ? kasan_atomics+0x152/0x310 [ 14.857331] kasan_atomics+0x1dc/0x310 [ 14.857354] ? __pfx_kasan_atomics+0x10/0x10 [ 14.857379] ? __pfx_read_tsc+0x10/0x10 [ 14.857400] ? ktime_get_ts64+0x86/0x230 [ 14.857426] kunit_try_run_case+0x1a5/0x480 [ 14.857453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.857502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.857526] ? __kthread_parkme+0x82/0x180 [ 14.857547] ? preempt_count_sub+0x50/0x80 [ 14.857573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.857635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.857660] kthread+0x337/0x6f0 [ 14.857679] ? trace_preempt_on+0x20/0xc0 [ 14.857704] ? __pfx_kthread+0x10/0x10 [ 14.857725] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.857747] ? calculate_sigpending+0x7b/0xa0 [ 14.857773] ? __pfx_kthread+0x10/0x10 [ 14.857794] ret_from_fork+0x116/0x1d0 [ 14.857814] ? __pfx_kthread+0x10/0x10 [ 14.857900] ret_from_fork_asm+0x1a/0x30 [ 14.857935] </TASK> [ 14.857946] [ 14.866940] Allocated by task 282: [ 14.867141] kasan_save_stack+0x45/0x70 [ 14.867292] kasan_save_track+0x18/0x40 [ 14.867430] kasan_save_alloc_info+0x3b/0x50 [ 14.867582] __kasan_kmalloc+0xb7/0xc0 [ 14.867865] __kmalloc_cache_noprof+0x189/0x420 [ 14.868114] kasan_atomics+0x95/0x310 [ 14.868308] kunit_try_run_case+0x1a5/0x480 [ 14.868526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869043] kthread+0x337/0x6f0 [ 14.869253] ret_from_fork+0x116/0x1d0 [ 14.869424] ret_from_fork_asm+0x1a/0x30 [ 14.869569] [ 14.869643] The buggy address belongs to the object at ffff8881026ce080 [ 14.869643] which belongs to the cache kmalloc-64 of size 64 [ 14.870133] The buggy address is located 0 bytes to the right of [ 14.870133] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 14.870745] [ 14.870826] The buggy address belongs to the physical page: [ 14.871006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.871574] flags: 0x200000000000000(node=0|zone=2) [ 14.871820] page_type: f5(slab) [ 14.871951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.872201] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.872703] page dumped because: kasan: bad access detected [ 14.873095] [ 14.873515] Memory state around the buggy address: [ 14.874623] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.875170] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.875498] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.876093] ^ [ 14.876279] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877043] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877389] ================================================================== [ 15.152219] ================================================================== [ 15.152487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.152795] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.153164] [ 15.153331] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.153377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.153391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.153415] Call Trace: [ 15.153434] <TASK> [ 15.153452] dump_stack_lvl+0x73/0xb0 [ 15.153482] print_report+0xd1/0x610 [ 15.153505] ? __virt_addr_valid+0x1db/0x2d0 [ 15.153531] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.153553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.153576] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.153611] kasan_report+0x141/0x180 [ 15.153633] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.153661] kasan_check_range+0x10c/0x1c0 [ 15.153685] __kasan_check_write+0x18/0x20 [ 15.153705] kasan_atomics_helper+0xb6a/0x5450 [ 15.153729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.153753] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.153779] ? kasan_atomics+0x152/0x310 [ 15.153807] kasan_atomics+0x1dc/0x310 [ 15.153841] ? __pfx_kasan_atomics+0x10/0x10 [ 15.153866] ? __pfx_read_tsc+0x10/0x10 [ 15.153888] ? ktime_get_ts64+0x86/0x230 [ 15.153914] kunit_try_run_case+0x1a5/0x480 [ 15.153941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.153963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.153989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.154014] ? __kthread_parkme+0x82/0x180 [ 15.154036] ? preempt_count_sub+0x50/0x80 [ 15.154071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.154146] kthread+0x337/0x6f0 [ 15.154165] ? trace_preempt_on+0x20/0xc0 [ 15.154190] ? __pfx_kthread+0x10/0x10 [ 15.154215] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.154238] ? calculate_sigpending+0x7b/0xa0 [ 15.154262] ? __pfx_kthread+0x10/0x10 [ 15.154284] ret_from_fork+0x116/0x1d0 [ 15.154304] ? __pfx_kthread+0x10/0x10 [ 15.154325] ret_from_fork_asm+0x1a/0x30 [ 15.154359] </TASK> [ 15.154370] [ 15.161995] Allocated by task 282: [ 15.162296] kasan_save_stack+0x45/0x70 [ 15.162503] kasan_save_track+0x18/0x40 [ 15.162841] kasan_save_alloc_info+0x3b/0x50 [ 15.163062] __kasan_kmalloc+0xb7/0xc0 [ 15.163250] __kmalloc_cache_noprof+0x189/0x420 [ 15.163504] kasan_atomics+0x95/0x310 [ 15.163772] kunit_try_run_case+0x1a5/0x480 [ 15.163922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164418] kthread+0x337/0x6f0 [ 15.164648] ret_from_fork+0x116/0x1d0 [ 15.164803] ret_from_fork_asm+0x1a/0x30 [ 15.165088] [ 15.165173] The buggy address belongs to the object at ffff8881026ce080 [ 15.165173] which belongs to the cache kmalloc-64 of size 64 [ 15.165676] The buggy address is located 0 bytes to the right of [ 15.165676] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.166047] [ 15.166134] The buggy address belongs to the physical page: [ 15.166480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.167061] flags: 0x200000000000000(node=0|zone=2) [ 15.167377] page_type: f5(slab) [ 15.167549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.167935] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.168224] page dumped because: kasan: bad access detected [ 15.168517] [ 15.168588] Memory state around the buggy address: [ 15.168809] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.169120] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.169339] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.169557] ^ [ 15.169715] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.169935] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.170252] ================================================================== [ 16.097798] ================================================================== [ 16.098203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.098582] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.099128] [ 16.099250] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.099293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.099305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.099329] Call Trace: [ 16.099343] <TASK> [ 16.099359] dump_stack_lvl+0x73/0xb0 [ 16.099388] print_report+0xd1/0x610 [ 16.099411] ? __virt_addr_valid+0x1db/0x2d0 [ 16.099434] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.099456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.099479] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.099502] kasan_report+0x141/0x180 [ 16.099524] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.099553] kasan_check_range+0x10c/0x1c0 [ 16.099577] __kasan_check_write+0x18/0x20 [ 16.099598] kasan_atomics_helper+0x20c8/0x5450 [ 16.099649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.099676] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.099717] ? kasan_atomics+0x152/0x310 [ 16.099746] kasan_atomics+0x1dc/0x310 [ 16.099787] ? __pfx_kasan_atomics+0x10/0x10 [ 16.099812] ? __pfx_read_tsc+0x10/0x10 [ 16.099834] ? ktime_get_ts64+0x86/0x230 [ 16.099860] kunit_try_run_case+0x1a5/0x480 [ 16.099887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.099910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.099950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.099975] ? __kthread_parkme+0x82/0x180 [ 16.099995] ? preempt_count_sub+0x50/0x80 [ 16.100021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.100045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.100080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.100105] kthread+0x337/0x6f0 [ 16.100126] ? trace_preempt_on+0x20/0xc0 [ 16.100150] ? __pfx_kthread+0x10/0x10 [ 16.100172] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.100197] ? calculate_sigpending+0x7b/0xa0 [ 16.100239] ? __pfx_kthread+0x10/0x10 [ 16.100262] ret_from_fork+0x116/0x1d0 [ 16.100282] ? __pfx_kthread+0x10/0x10 [ 16.100303] ret_from_fork_asm+0x1a/0x30 [ 16.100337] </TASK> [ 16.100347] [ 16.107863] Allocated by task 282: [ 16.107991] kasan_save_stack+0x45/0x70 [ 16.108149] kasan_save_track+0x18/0x40 [ 16.108530] kasan_save_alloc_info+0x3b/0x50 [ 16.108774] __kasan_kmalloc+0xb7/0xc0 [ 16.108962] __kmalloc_cache_noprof+0x189/0x420 [ 16.109157] kasan_atomics+0x95/0x310 [ 16.109292] kunit_try_run_case+0x1a5/0x480 [ 16.109439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.109616] kthread+0x337/0x6f0 [ 16.109823] ret_from_fork+0x116/0x1d0 [ 16.110138] ret_from_fork_asm+0x1a/0x30 [ 16.110360] [ 16.110459] The buggy address belongs to the object at ffff8881026ce080 [ 16.110459] which belongs to the cache kmalloc-64 of size 64 [ 16.111296] The buggy address is located 0 bytes to the right of [ 16.111296] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.111898] [ 16.111975] The buggy address belongs to the physical page: [ 16.112163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.112524] flags: 0x200000000000000(node=0|zone=2) [ 16.112868] page_type: f5(slab) [ 16.113061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.113348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.113710] page dumped because: kasan: bad access detected [ 16.113952] [ 16.114047] Memory state around the buggy address: [ 16.114265] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.114539] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.114760] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.115714] ^ [ 16.115960] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116308] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116581] ================================================================== [ 15.802378] ================================================================== [ 15.802761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.803123] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.803519] [ 15.803696] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.803767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.803778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.803803] Call Trace: [ 15.803823] <TASK> [ 15.803846] dump_stack_lvl+0x73/0xb0 [ 15.803878] print_report+0xd1/0x610 [ 15.803903] ? __virt_addr_valid+0x1db/0x2d0 [ 15.803927] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.803950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.803972] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.803995] kasan_report+0x141/0x180 [ 15.804018] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.804045] kasan_check_range+0x10c/0x1c0 [ 15.804108] __kasan_check_write+0x18/0x20 [ 15.804128] kasan_atomics_helper+0x18b1/0x5450 [ 15.804151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.804175] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.804201] ? kasan_atomics+0x152/0x310 [ 15.804229] kasan_atomics+0x1dc/0x310 [ 15.804252] ? __pfx_kasan_atomics+0x10/0x10 [ 15.804276] ? __pfx_read_tsc+0x10/0x10 [ 15.804298] ? ktime_get_ts64+0x86/0x230 [ 15.804324] kunit_try_run_case+0x1a5/0x480 [ 15.804352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.804375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.804401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.804425] ? __kthread_parkme+0x82/0x180 [ 15.804447] ? preempt_count_sub+0x50/0x80 [ 15.804472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.804497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.804522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.804547] kthread+0x337/0x6f0 [ 15.804566] ? trace_preempt_on+0x20/0xc0 [ 15.804640] ? __pfx_kthread+0x10/0x10 [ 15.804661] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.804706] ? calculate_sigpending+0x7b/0xa0 [ 15.804732] ? __pfx_kthread+0x10/0x10 [ 15.804754] ret_from_fork+0x116/0x1d0 [ 15.804774] ? __pfx_kthread+0x10/0x10 [ 15.804808] ret_from_fork_asm+0x1a/0x30 [ 15.804845] </TASK> [ 15.804857] [ 15.813168] Allocated by task 282: [ 15.813404] kasan_save_stack+0x45/0x70 [ 15.813677] kasan_save_track+0x18/0x40 [ 15.813861] kasan_save_alloc_info+0x3b/0x50 [ 15.814068] __kasan_kmalloc+0xb7/0xc0 [ 15.814272] __kmalloc_cache_noprof+0x189/0x420 [ 15.814492] kasan_atomics+0x95/0x310 [ 15.814723] kunit_try_run_case+0x1a5/0x480 [ 15.814877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.815182] kthread+0x337/0x6f0 [ 15.815357] ret_from_fork+0x116/0x1d0 [ 15.815546] ret_from_fork_asm+0x1a/0x30 [ 15.815821] [ 15.815929] The buggy address belongs to the object at ffff8881026ce080 [ 15.815929] which belongs to the cache kmalloc-64 of size 64 [ 15.816367] The buggy address is located 0 bytes to the right of [ 15.816367] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.816867] [ 15.817015] The buggy address belongs to the physical page: [ 15.817284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.817642] flags: 0x200000000000000(node=0|zone=2) [ 15.817979] page_type: f5(slab) [ 15.818153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818789] page dumped because: kasan: bad access detected [ 15.818983] [ 15.819087] Memory state around the buggy address: [ 15.819361] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819712] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.820136] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820487] ^ [ 15.820707] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820929] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.821302] ================================================================== [ 15.439645] ================================================================== [ 15.440399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.440762] Read of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.441579] [ 15.441776] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.441836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.441930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.441956] Call Trace: [ 15.441973] <TASK> [ 15.441992] dump_stack_lvl+0x73/0xb0 [ 15.442023] print_report+0xd1/0x610 [ 15.442047] ? __virt_addr_valid+0x1db/0x2d0 [ 15.442082] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.442105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.442128] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.442151] kasan_report+0x141/0x180 [ 15.442174] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.442207] __asan_report_load4_noabort+0x18/0x20 [ 15.442232] kasan_atomics_helper+0x4a02/0x5450 [ 15.442256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.442279] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.442305] ? kasan_atomics+0x152/0x310 [ 15.442333] kasan_atomics+0x1dc/0x310 [ 15.442356] ? __pfx_kasan_atomics+0x10/0x10 [ 15.442381] ? __pfx_read_tsc+0x10/0x10 [ 15.442402] ? ktime_get_ts64+0x86/0x230 [ 15.442428] kunit_try_run_case+0x1a5/0x480 [ 15.442452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.442500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.442525] ? __kthread_parkme+0x82/0x180 [ 15.442545] ? preempt_count_sub+0x50/0x80 [ 15.442571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.442630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.442655] kthread+0x337/0x6f0 [ 15.442674] ? trace_preempt_on+0x20/0xc0 [ 15.442699] ? __pfx_kthread+0x10/0x10 [ 15.442720] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.442742] ? calculate_sigpending+0x7b/0xa0 [ 15.442767] ? __pfx_kthread+0x10/0x10 [ 15.442789] ret_from_fork+0x116/0x1d0 [ 15.442808] ? __pfx_kthread+0x10/0x10 [ 15.442828] ret_from_fork_asm+0x1a/0x30 [ 15.442863] </TASK> [ 15.442873] [ 15.456378] Allocated by task 282: [ 15.456588] kasan_save_stack+0x45/0x70 [ 15.456731] kasan_save_track+0x18/0x40 [ 15.457180] kasan_save_alloc_info+0x3b/0x50 [ 15.457595] __kasan_kmalloc+0xb7/0xc0 [ 15.458117] __kmalloc_cache_noprof+0x189/0x420 [ 15.458596] kasan_atomics+0x95/0x310 [ 15.458959] kunit_try_run_case+0x1a5/0x480 [ 15.459144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.459659] kthread+0x337/0x6f0 [ 15.460062] ret_from_fork+0x116/0x1d0 [ 15.460231] ret_from_fork_asm+0x1a/0x30 [ 15.460600] [ 15.460835] The buggy address belongs to the object at ffff8881026ce080 [ 15.460835] which belongs to the cache kmalloc-64 of size 64 [ 15.461817] The buggy address is located 0 bytes to the right of [ 15.461817] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.462352] [ 15.462428] The buggy address belongs to the physical page: [ 15.462613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.463456] flags: 0x200000000000000(node=0|zone=2) [ 15.463964] page_type: f5(slab) [ 15.464338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.465126] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.465794] page dumped because: kasan: bad access detected [ 15.466372] [ 15.466550] Memory state around the buggy address: [ 15.466951] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467327] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.467878] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.468114] ^ [ 15.468643] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469062] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469803] ================================================================== [ 16.060103] ================================================================== [ 16.060811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.061200] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.061505] [ 16.061594] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.061636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.061648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.061670] Call Trace: [ 16.061685] <TASK> [ 16.061700] dump_stack_lvl+0x73/0xb0 [ 16.061728] print_report+0xd1/0x610 [ 16.061750] ? __virt_addr_valid+0x1db/0x2d0 [ 16.061773] ? kasan_atomics_helper+0x2006/0x5450 [ 16.061795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.061833] ? kasan_atomics_helper+0x2006/0x5450 [ 16.061856] kasan_report+0x141/0x180 [ 16.061905] ? kasan_atomics_helper+0x2006/0x5450 [ 16.061934] kasan_check_range+0x10c/0x1c0 [ 16.061970] __kasan_check_write+0x18/0x20 [ 16.061990] kasan_atomics_helper+0x2006/0x5450 [ 16.062014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.062037] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.062075] ? kasan_atomics+0x152/0x310 [ 16.062102] kasan_atomics+0x1dc/0x310 [ 16.062126] ? __pfx_kasan_atomics+0x10/0x10 [ 16.062150] ? __pfx_read_tsc+0x10/0x10 [ 16.062172] ? ktime_get_ts64+0x86/0x230 [ 16.062202] kunit_try_run_case+0x1a5/0x480 [ 16.062228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.062296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.062320] ? __kthread_parkme+0x82/0x180 [ 16.062341] ? preempt_count_sub+0x50/0x80 [ 16.062366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.062440] kthread+0x337/0x6f0 [ 16.062460] ? trace_preempt_on+0x20/0xc0 [ 16.062484] ? __pfx_kthread+0x10/0x10 [ 16.062505] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.062527] ? calculate_sigpending+0x7b/0xa0 [ 16.062552] ? __pfx_kthread+0x10/0x10 [ 16.062574] ret_from_fork+0x116/0x1d0 [ 16.062593] ? __pfx_kthread+0x10/0x10 [ 16.062614] ret_from_fork_asm+0x1a/0x30 [ 16.062646] </TASK> [ 16.062656] [ 16.070635] Allocated by task 282: [ 16.070821] kasan_save_stack+0x45/0x70 [ 16.071041] kasan_save_track+0x18/0x40 [ 16.071239] kasan_save_alloc_info+0x3b/0x50 [ 16.071423] __kasan_kmalloc+0xb7/0xc0 [ 16.071557] __kmalloc_cache_noprof+0x189/0x420 [ 16.071733] kasan_atomics+0x95/0x310 [ 16.071921] kunit_try_run_case+0x1a5/0x480 [ 16.072192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.072389] kthread+0x337/0x6f0 [ 16.072514] ret_from_fork+0x116/0x1d0 [ 16.072649] ret_from_fork_asm+0x1a/0x30 [ 16.072848] [ 16.072947] The buggy address belongs to the object at ffff8881026ce080 [ 16.072947] which belongs to the cache kmalloc-64 of size 64 [ 16.073497] The buggy address is located 0 bytes to the right of [ 16.073497] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.074040] [ 16.074126] The buggy address belongs to the physical page: [ 16.074381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.074987] flags: 0x200000000000000(node=0|zone=2) [ 16.075225] page_type: f5(slab) [ 16.075373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.075748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.076013] page dumped because: kasan: bad access detected [ 16.076198] [ 16.076268] Memory state around the buggy address: [ 16.076490] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.077094] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077390] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.077641] ^ [ 16.077864] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078188] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078425] ================================================================== [ 16.135404] ================================================================== [ 16.136206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.136780] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.137120] [ 16.137261] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.137309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.137320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.137362] Call Trace: [ 16.137382] <TASK> [ 16.137401] dump_stack_lvl+0x73/0xb0 [ 16.137431] print_report+0xd1/0x610 [ 16.137454] ? __virt_addr_valid+0x1db/0x2d0 [ 16.137478] ? kasan_atomics_helper+0x218a/0x5450 [ 16.137500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.137524] ? kasan_atomics_helper+0x218a/0x5450 [ 16.137546] kasan_report+0x141/0x180 [ 16.137569] ? kasan_atomics_helper+0x218a/0x5450 [ 16.137597] kasan_check_range+0x10c/0x1c0 [ 16.137622] __kasan_check_write+0x18/0x20 [ 16.137642] kasan_atomics_helper+0x218a/0x5450 [ 16.137666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.137689] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.137715] ? kasan_atomics+0x152/0x310 [ 16.137743] kasan_atomics+0x1dc/0x310 [ 16.137766] ? __pfx_kasan_atomics+0x10/0x10 [ 16.137791] ? __pfx_read_tsc+0x10/0x10 [ 16.137812] ? ktime_get_ts64+0x86/0x230 [ 16.137838] kunit_try_run_case+0x1a5/0x480 [ 16.137864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.137887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.137914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.137938] ? __kthread_parkme+0x82/0x180 [ 16.137959] ? preempt_count_sub+0x50/0x80 [ 16.137986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.138032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.138066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.138091] kthread+0x337/0x6f0 [ 16.138111] ? trace_preempt_on+0x20/0xc0 [ 16.138135] ? __pfx_kthread+0x10/0x10 [ 16.138157] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.138179] ? calculate_sigpending+0x7b/0xa0 [ 16.138209] ? __pfx_kthread+0x10/0x10 [ 16.138232] ret_from_fork+0x116/0x1d0 [ 16.138251] ? __pfx_kthread+0x10/0x10 [ 16.138272] ret_from_fork_asm+0x1a/0x30 [ 16.138304] </TASK> [ 16.138315] [ 16.145917] Allocated by task 282: [ 16.146128] kasan_save_stack+0x45/0x70 [ 16.146313] kasan_save_track+0x18/0x40 [ 16.146453] kasan_save_alloc_info+0x3b/0x50 [ 16.146637] __kasan_kmalloc+0xb7/0xc0 [ 16.146815] __kmalloc_cache_noprof+0x189/0x420 [ 16.147025] kasan_atomics+0x95/0x310 [ 16.147233] kunit_try_run_case+0x1a5/0x480 [ 16.147435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.147704] kthread+0x337/0x6f0 [ 16.147867] ret_from_fork+0x116/0x1d0 [ 16.148067] ret_from_fork_asm+0x1a/0x30 [ 16.148265] [ 16.148339] The buggy address belongs to the object at ffff8881026ce080 [ 16.148339] which belongs to the cache kmalloc-64 of size 64 [ 16.148822] The buggy address is located 0 bytes to the right of [ 16.148822] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.149252] [ 16.149358] The buggy address belongs to the physical page: [ 16.149663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.150057] flags: 0x200000000000000(node=0|zone=2) [ 16.150305] page_type: f5(slab) [ 16.150480] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.150774] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.151010] page dumped because: kasan: bad access detected [ 16.151198] [ 16.151269] Memory state around the buggy address: [ 16.151528] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.151889] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.152234] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.152615] ^ [ 16.152876] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.153209] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.153512] ================================================================== [ 15.652730] ================================================================== [ 15.653155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.653471] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.654193] [ 15.654558] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.654610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.654634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.654658] Call Trace: [ 15.654675] <TASK> [ 15.654723] dump_stack_lvl+0x73/0xb0 [ 15.654757] print_report+0xd1/0x610 [ 15.654780] ? __virt_addr_valid+0x1db/0x2d0 [ 15.654805] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.654831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.654858] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.654882] kasan_report+0x141/0x180 [ 15.654905] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.654933] __asan_report_store8_noabort+0x1b/0x30 [ 15.654959] kasan_atomics_helper+0x50d4/0x5450 [ 15.654982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.655005] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.655031] ? kasan_atomics+0x152/0x310 [ 15.655069] kasan_atomics+0x1dc/0x310 [ 15.655093] ? __pfx_kasan_atomics+0x10/0x10 [ 15.655118] ? __pfx_read_tsc+0x10/0x10 [ 15.655139] ? ktime_get_ts64+0x86/0x230 [ 15.655165] kunit_try_run_case+0x1a5/0x480 [ 15.655190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.655213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.655239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.655264] ? __kthread_parkme+0x82/0x180 [ 15.655286] ? preempt_count_sub+0x50/0x80 [ 15.655311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.655336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.655360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.655386] kthread+0x337/0x6f0 [ 15.655407] ? trace_preempt_on+0x20/0xc0 [ 15.655431] ? __pfx_kthread+0x10/0x10 [ 15.655452] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.655475] ? calculate_sigpending+0x7b/0xa0 [ 15.655500] ? __pfx_kthread+0x10/0x10 [ 15.655522] ret_from_fork+0x116/0x1d0 [ 15.655541] ? __pfx_kthread+0x10/0x10 [ 15.655563] ret_from_fork_asm+0x1a/0x30 [ 15.655609] </TASK> [ 15.655619] [ 15.667239] Allocated by task 282: [ 15.667413] kasan_save_stack+0x45/0x70 [ 15.667816] kasan_save_track+0x18/0x40 [ 15.668083] kasan_save_alloc_info+0x3b/0x50 [ 15.668429] __kasan_kmalloc+0xb7/0xc0 [ 15.668746] __kmalloc_cache_noprof+0x189/0x420 [ 15.669113] kasan_atomics+0x95/0x310 [ 15.669303] kunit_try_run_case+0x1a5/0x480 [ 15.669498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.670209] kthread+0x337/0x6f0 [ 15.670486] ret_from_fork+0x116/0x1d0 [ 15.670925] ret_from_fork_asm+0x1a/0x30 [ 15.671157] [ 15.671254] The buggy address belongs to the object at ffff8881026ce080 [ 15.671254] which belongs to the cache kmalloc-64 of size 64 [ 15.672075] The buggy address is located 0 bytes to the right of [ 15.672075] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.673026] [ 15.673142] The buggy address belongs to the physical page: [ 15.673607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.674174] flags: 0x200000000000000(node=0|zone=2) [ 15.674609] page_type: f5(slab) [ 15.674864] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.675343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.675907] page dumped because: kasan: bad access detected [ 15.676245] [ 15.676488] Memory state around the buggy address: [ 15.676865] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.677178] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.677473] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.678221] ^ [ 15.678512] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679177] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.679647] ================================================================== [ 15.936949] ================================================================== [ 15.937291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.937529] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.938217] [ 15.938317] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.938374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.938387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.938410] Call Trace: [ 15.938440] <TASK> [ 15.938458] dump_stack_lvl+0x73/0xb0 [ 15.938490] print_report+0xd1/0x610 [ 15.938512] ? __virt_addr_valid+0x1db/0x2d0 [ 15.938535] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.938558] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.938581] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.938616] kasan_report+0x141/0x180 [ 15.938639] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.938667] kasan_check_range+0x10c/0x1c0 [ 15.938691] __kasan_check_write+0x18/0x20 [ 15.938711] kasan_atomics_helper+0x1ce1/0x5450 [ 15.938735] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.938758] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.938784] ? kasan_atomics+0x152/0x310 [ 15.938813] kasan_atomics+0x1dc/0x310 [ 15.938837] ? __pfx_kasan_atomics+0x10/0x10 [ 15.938861] ? __pfx_read_tsc+0x10/0x10 [ 15.938882] ? ktime_get_ts64+0x86/0x230 [ 15.938908] kunit_try_run_case+0x1a5/0x480 [ 15.938933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.938956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.938982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.939007] ? __kthread_parkme+0x82/0x180 [ 15.939028] ? preempt_count_sub+0x50/0x80 [ 15.939064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.939090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.939139] kthread+0x337/0x6f0 [ 15.939159] ? trace_preempt_on+0x20/0xc0 [ 15.939182] ? __pfx_kthread+0x10/0x10 [ 15.939204] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.939226] ? calculate_sigpending+0x7b/0xa0 [ 15.939251] ? __pfx_kthread+0x10/0x10 [ 15.939273] ret_from_fork+0x116/0x1d0 [ 15.939292] ? __pfx_kthread+0x10/0x10 [ 15.939314] ret_from_fork_asm+0x1a/0x30 [ 15.939347] </TASK> [ 15.939358] [ 15.950165] Allocated by task 282: [ 15.950543] kasan_save_stack+0x45/0x70 [ 15.950773] kasan_save_track+0x18/0x40 [ 15.951075] kasan_save_alloc_info+0x3b/0x50 [ 15.951244] __kasan_kmalloc+0xb7/0xc0 [ 15.951554] __kmalloc_cache_noprof+0x189/0x420 [ 15.951934] kasan_atomics+0x95/0x310 [ 15.952215] kunit_try_run_case+0x1a5/0x480 [ 15.952505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952876] kthread+0x337/0x6f0 [ 15.953114] ret_from_fork+0x116/0x1d0 [ 15.953392] ret_from_fork_asm+0x1a/0x30 [ 15.953552] [ 15.953664] The buggy address belongs to the object at ffff8881026ce080 [ 15.953664] which belongs to the cache kmalloc-64 of size 64 [ 15.954448] The buggy address is located 0 bytes to the right of [ 15.954448] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.955064] [ 15.955140] The buggy address belongs to the physical page: [ 15.955420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.955846] flags: 0x200000000000000(node=0|zone=2) [ 15.956025] page_type: f5(slab) [ 15.956205] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.956507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.956897] page dumped because: kasan: bad access detected [ 15.957152] [ 15.957249] Memory state around the buggy address: [ 15.957466] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.957773] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.958068] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.958382] ^ [ 15.958650] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.958888] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.959209] ================================================================== [ 15.717763] ================================================================== [ 15.718261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.718606] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.718862] [ 15.718955] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.719001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.719036] Call Trace: [ 15.719066] <TASK> [ 15.719085] dump_stack_lvl+0x73/0xb0 [ 15.719126] print_report+0xd1/0x610 [ 15.719149] ? __virt_addr_valid+0x1db/0x2d0 [ 15.719184] ? kasan_atomics_helper+0x164f/0x5450 [ 15.719206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.719229] ? kasan_atomics_helper+0x164f/0x5450 [ 15.719253] kasan_report+0x141/0x180 [ 15.719275] ? kasan_atomics_helper+0x164f/0x5450 [ 15.719304] kasan_check_range+0x10c/0x1c0 [ 15.719329] __kasan_check_write+0x18/0x20 [ 15.719349] kasan_atomics_helper+0x164f/0x5450 [ 15.719373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.719396] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.719422] ? kasan_atomics+0x152/0x310 [ 15.719451] kasan_atomics+0x1dc/0x310 [ 15.719474] ? __pfx_kasan_atomics+0x10/0x10 [ 15.719499] ? __pfx_read_tsc+0x10/0x10 [ 15.719521] ? ktime_get_ts64+0x86/0x230 [ 15.719547] kunit_try_run_case+0x1a5/0x480 [ 15.719573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.719596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.719623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.719657] ? __kthread_parkme+0x82/0x180 [ 15.719679] ? preempt_count_sub+0x50/0x80 [ 15.719715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.719749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.719801] kthread+0x337/0x6f0 [ 15.719831] ? trace_preempt_on+0x20/0xc0 [ 15.719856] ? __pfx_kthread+0x10/0x10 [ 15.719888] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.719920] ? calculate_sigpending+0x7b/0xa0 [ 15.719945] ? __pfx_kthread+0x10/0x10 [ 15.719978] ret_from_fork+0x116/0x1d0 [ 15.719998] ? __pfx_kthread+0x10/0x10 [ 15.720019] ret_from_fork_asm+0x1a/0x30 [ 15.720062] </TASK> [ 15.720073] [ 15.730493] Allocated by task 282: [ 15.730673] kasan_save_stack+0x45/0x70 [ 15.730837] kasan_save_track+0x18/0x40 [ 15.731132] kasan_save_alloc_info+0x3b/0x50 [ 15.731348] __kasan_kmalloc+0xb7/0xc0 [ 15.731484] __kmalloc_cache_noprof+0x189/0x420 [ 15.731869] kasan_atomics+0x95/0x310 [ 15.732069] kunit_try_run_case+0x1a5/0x480 [ 15.732220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.732471] kthread+0x337/0x6f0 [ 15.732722] ret_from_fork+0x116/0x1d0 [ 15.732886] ret_from_fork_asm+0x1a/0x30 [ 15.733033] [ 15.733141] The buggy address belongs to the object at ffff8881026ce080 [ 15.733141] which belongs to the cache kmalloc-64 of size 64 [ 15.733733] The buggy address is located 0 bytes to the right of [ 15.733733] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.734276] [ 15.734390] The buggy address belongs to the physical page: [ 15.734672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.735026] flags: 0x200000000000000(node=0|zone=2) [ 15.735270] page_type: f5(slab) [ 15.735438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.735783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.736110] page dumped because: kasan: bad access detected [ 15.736334] [ 15.736405] Memory state around the buggy address: [ 15.736561] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736878] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.737227] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.737472] ^ [ 15.737680] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738079] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738436] ================================================================== [ 15.623004] ================================================================== [ 15.623344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.623736] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.624585] [ 15.625244] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.625311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.625325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.625349] Call Trace: [ 15.625363] <TASK> [ 15.625413] dump_stack_lvl+0x73/0xb0 [ 15.625446] print_report+0xd1/0x610 [ 15.625468] ? __virt_addr_valid+0x1db/0x2d0 [ 15.625490] ? kasan_atomics_helper+0x1467/0x5450 [ 15.625514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.625540] ? kasan_atomics_helper+0x1467/0x5450 [ 15.625565] kasan_report+0x141/0x180 [ 15.625588] ? kasan_atomics_helper+0x1467/0x5450 [ 15.625616] kasan_check_range+0x10c/0x1c0 [ 15.625641] __kasan_check_write+0x18/0x20 [ 15.625661] kasan_atomics_helper+0x1467/0x5450 [ 15.625684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.625708] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.625734] ? kasan_atomics+0x152/0x310 [ 15.625762] kasan_atomics+0x1dc/0x310 [ 15.625784] ? __pfx_kasan_atomics+0x10/0x10 [ 15.625810] ? __pfx_read_tsc+0x10/0x10 [ 15.625830] ? ktime_get_ts64+0x86/0x230 [ 15.625856] kunit_try_run_case+0x1a5/0x480 [ 15.625881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.625904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.625929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.625954] ? __kthread_parkme+0x82/0x180 [ 15.625974] ? preempt_count_sub+0x50/0x80 [ 15.625999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.626024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.626059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.626085] kthread+0x337/0x6f0 [ 15.626105] ? trace_preempt_on+0x20/0xc0 [ 15.626129] ? __pfx_kthread+0x10/0x10 [ 15.626151] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.626173] ? calculate_sigpending+0x7b/0xa0 [ 15.626201] ? __pfx_kthread+0x10/0x10 [ 15.626224] ret_from_fork+0x116/0x1d0 [ 15.626243] ? __pfx_kthread+0x10/0x10 [ 15.626264] ret_from_fork_asm+0x1a/0x30 [ 15.626296] </TASK> [ 15.626308] [ 15.638962] Allocated by task 282: [ 15.639151] kasan_save_stack+0x45/0x70 [ 15.639343] kasan_save_track+0x18/0x40 [ 15.639526] kasan_save_alloc_info+0x3b/0x50 [ 15.640235] __kasan_kmalloc+0xb7/0xc0 [ 15.640506] __kmalloc_cache_noprof+0x189/0x420 [ 15.640919] kasan_atomics+0x95/0x310 [ 15.641252] kunit_try_run_case+0x1a5/0x480 [ 15.641716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.642133] kthread+0x337/0x6f0 [ 15.642300] ret_from_fork+0x116/0x1d0 [ 15.642480] ret_from_fork_asm+0x1a/0x30 [ 15.642876] [ 15.643125] The buggy address belongs to the object at ffff8881026ce080 [ 15.643125] which belongs to the cache kmalloc-64 of size 64 [ 15.643842] The buggy address is located 0 bytes to the right of [ 15.643842] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.644388] [ 15.644482] The buggy address belongs to the physical page: [ 15.645162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.645827] flags: 0x200000000000000(node=0|zone=2) [ 15.646149] page_type: f5(slab) [ 15.646471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.647183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.647705] page dumped because: kasan: bad access detected [ 15.648167] [ 15.648401] Memory state around the buggy address: [ 15.648784] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.649187] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.649484] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.650285] ^ [ 15.650604] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.651151] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.651447] ================================================================== [ 15.978320] ================================================================== [ 15.978769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.979093] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.979447] [ 15.979545] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.979592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.979604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.979629] Call Trace: [ 15.979649] <TASK> [ 15.979671] dump_stack_lvl+0x73/0xb0 [ 15.979715] print_report+0xd1/0x610 [ 15.979739] ? __virt_addr_valid+0x1db/0x2d0 [ 15.979764] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.979798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.979822] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.979845] kasan_report+0x141/0x180 [ 15.979869] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.979898] kasan_check_range+0x10c/0x1c0 [ 15.979923] __kasan_check_write+0x18/0x20 [ 15.979943] kasan_atomics_helper+0x1e12/0x5450 [ 15.979968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.979992] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.980019] ? kasan_atomics+0x152/0x310 [ 15.980048] kasan_atomics+0x1dc/0x310 [ 15.980079] ? __pfx_kasan_atomics+0x10/0x10 [ 15.980105] ? __pfx_read_tsc+0x10/0x10 [ 15.980127] ? ktime_get_ts64+0x86/0x230 [ 15.980154] kunit_try_run_case+0x1a5/0x480 [ 15.980180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.980204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.980232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.980256] ? __kthread_parkme+0x82/0x180 [ 15.980279] ? preempt_count_sub+0x50/0x80 [ 15.980305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.980339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.980365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.980390] kthread+0x337/0x6f0 [ 15.980421] ? trace_preempt_on+0x20/0xc0 [ 15.980447] ? __pfx_kthread+0x10/0x10 [ 15.980468] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.980490] ? calculate_sigpending+0x7b/0xa0 [ 15.980526] ? __pfx_kthread+0x10/0x10 [ 15.980549] ret_from_fork+0x116/0x1d0 [ 15.980568] ? __pfx_kthread+0x10/0x10 [ 15.980599] ret_from_fork_asm+0x1a/0x30 [ 15.980634] </TASK> [ 15.980644] [ 15.988678] Allocated by task 282: [ 15.988865] kasan_save_stack+0x45/0x70 [ 15.989075] kasan_save_track+0x18/0x40 [ 15.989274] kasan_save_alloc_info+0x3b/0x50 [ 15.989466] __kasan_kmalloc+0xb7/0xc0 [ 15.989625] __kmalloc_cache_noprof+0x189/0x420 [ 15.989882] kasan_atomics+0x95/0x310 [ 15.990065] kunit_try_run_case+0x1a5/0x480 [ 15.990279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.990563] kthread+0x337/0x6f0 [ 15.990731] ret_from_fork+0x116/0x1d0 [ 15.990871] ret_from_fork_asm+0x1a/0x30 [ 15.991015] [ 15.991098] The buggy address belongs to the object at ffff8881026ce080 [ 15.991098] which belongs to the cache kmalloc-64 of size 64 [ 15.991462] The buggy address is located 0 bytes to the right of [ 15.991462] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.992192] [ 15.992421] The buggy address belongs to the physical page: [ 15.992771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.993215] flags: 0x200000000000000(node=0|zone=2) [ 15.993495] page_type: f5(slab) [ 15.993649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.993936] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.994225] page dumped because: kasan: bad access detected [ 15.994429] [ 15.994513] Memory state around the buggy address: [ 15.994708] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994967] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.995240] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.995764] ^ [ 15.995981] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.996215] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.996436] ================================================================== [ 15.014684] ================================================================== [ 15.015259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.015762] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.016192] [ 15.016493] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.016541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.016574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.016599] Call Trace: [ 15.016619] <TASK> [ 15.016639] dump_stack_lvl+0x73/0xb0 [ 15.016671] print_report+0xd1/0x610 [ 15.016693] ? __virt_addr_valid+0x1db/0x2d0 [ 15.016718] ? kasan_atomics_helper+0x860/0x5450 [ 15.016740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.016764] ? kasan_atomics_helper+0x860/0x5450 [ 15.016786] kasan_report+0x141/0x180 [ 15.016810] ? kasan_atomics_helper+0x860/0x5450 [ 15.016838] kasan_check_range+0x10c/0x1c0 [ 15.016862] __kasan_check_write+0x18/0x20 [ 15.016882] kasan_atomics_helper+0x860/0x5450 [ 15.016906] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.016929] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.016956] ? kasan_atomics+0x152/0x310 [ 15.016984] kasan_atomics+0x1dc/0x310 [ 15.017007] ? __pfx_kasan_atomics+0x10/0x10 [ 15.017032] ? __pfx_read_tsc+0x10/0x10 [ 15.017066] ? ktime_get_ts64+0x86/0x230 [ 15.017092] kunit_try_run_case+0x1a5/0x480 [ 15.017119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.017142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.017168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.017192] ? __kthread_parkme+0x82/0x180 [ 15.017214] ? preempt_count_sub+0x50/0x80 [ 15.017240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.017266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.017292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.017317] kthread+0x337/0x6f0 [ 15.017337] ? trace_preempt_on+0x20/0xc0 [ 15.017361] ? __pfx_kthread+0x10/0x10 [ 15.017382] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.017404] ? calculate_sigpending+0x7b/0xa0 [ 15.017429] ? __pfx_kthread+0x10/0x10 [ 15.017451] ret_from_fork+0x116/0x1d0 [ 15.017471] ? __pfx_kthread+0x10/0x10 [ 15.017492] ret_from_fork_asm+0x1a/0x30 [ 15.017525] </TASK> [ 15.017536] [ 15.025933] Allocated by task 282: [ 15.026169] kasan_save_stack+0x45/0x70 [ 15.026369] kasan_save_track+0x18/0x40 [ 15.026521] kasan_save_alloc_info+0x3b/0x50 [ 15.026897] __kasan_kmalloc+0xb7/0xc0 [ 15.027077] __kmalloc_cache_noprof+0x189/0x420 [ 15.027236] kasan_atomics+0x95/0x310 [ 15.027371] kunit_try_run_case+0x1a5/0x480 [ 15.027553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.027784] kthread+0x337/0x6f0 [ 15.027972] ret_from_fork+0x116/0x1d0 [ 15.028207] ret_from_fork_asm+0x1a/0x30 [ 15.028368] [ 15.028461] The buggy address belongs to the object at ffff8881026ce080 [ 15.028461] which belongs to the cache kmalloc-64 of size 64 [ 15.029014] The buggy address is located 0 bytes to the right of [ 15.029014] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.029622] [ 15.029721] The buggy address belongs to the physical page: [ 15.029975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.030412] flags: 0x200000000000000(node=0|zone=2) [ 15.030764] page_type: f5(slab) [ 15.030888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.031132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.031363] page dumped because: kasan: bad access detected [ 15.031537] [ 15.031607] Memory state around the buggy address: [ 15.031821] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032492] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.033120] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.033471] ^ [ 15.033876] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034225] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034521] ================================================================== [ 15.698908] ================================================================== [ 15.699465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.699883] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.700224] [ 15.700321] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.700369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.700381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.700405] Call Trace: [ 15.700425] <TASK> [ 15.700443] dump_stack_lvl+0x73/0xb0 [ 15.700474] print_report+0xd1/0x610 [ 15.700497] ? __virt_addr_valid+0x1db/0x2d0 [ 15.700521] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.700544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.700578] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.700601] kasan_report+0x141/0x180 [ 15.700624] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.700654] kasan_check_range+0x10c/0x1c0 [ 15.700679] __kasan_check_write+0x18/0x20 [ 15.700699] kasan_atomics_helper+0x15b6/0x5450 [ 15.700723] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.700747] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.700773] ? kasan_atomics+0x152/0x310 [ 15.700802] kasan_atomics+0x1dc/0x310 [ 15.700826] ? __pfx_kasan_atomics+0x10/0x10 [ 15.700852] ? __pfx_read_tsc+0x10/0x10 [ 15.700874] ? ktime_get_ts64+0x86/0x230 [ 15.700900] kunit_try_run_case+0x1a5/0x480 [ 15.700926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.700949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.700976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.701000] ? __kthread_parkme+0x82/0x180 [ 15.701021] ? preempt_count_sub+0x50/0x80 [ 15.701046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.701108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.701132] kthread+0x337/0x6f0 [ 15.701156] ? trace_preempt_on+0x20/0xc0 [ 15.701181] ? __pfx_kthread+0x10/0x10 [ 15.701220] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.701252] ? calculate_sigpending+0x7b/0xa0 [ 15.701278] ? __pfx_kthread+0x10/0x10 [ 15.701301] ret_from_fork+0x116/0x1d0 [ 15.701331] ? __pfx_kthread+0x10/0x10 [ 15.701354] ret_from_fork_asm+0x1a/0x30 [ 15.701387] </TASK> [ 15.701397] [ 15.709229] Allocated by task 282: [ 15.709416] kasan_save_stack+0x45/0x70 [ 15.709615] kasan_save_track+0x18/0x40 [ 15.709861] kasan_save_alloc_info+0x3b/0x50 [ 15.710048] __kasan_kmalloc+0xb7/0xc0 [ 15.710193] __kmalloc_cache_noprof+0x189/0x420 [ 15.710355] kasan_atomics+0x95/0x310 [ 15.710489] kunit_try_run_case+0x1a5/0x480 [ 15.710765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.711029] kthread+0x337/0x6f0 [ 15.711222] ret_from_fork+0x116/0x1d0 [ 15.711451] ret_from_fork_asm+0x1a/0x30 [ 15.711742] [ 15.711841] The buggy address belongs to the object at ffff8881026ce080 [ 15.711841] which belongs to the cache kmalloc-64 of size 64 [ 15.712471] The buggy address is located 0 bytes to the right of [ 15.712471] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.713022] [ 15.713107] The buggy address belongs to the physical page: [ 15.713287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.713570] flags: 0x200000000000000(node=0|zone=2) [ 15.713823] page_type: f5(slab) [ 15.714021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.714403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.714748] page dumped because: kasan: bad access detected [ 15.714960] [ 15.715078] Memory state around the buggy address: [ 15.715315] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.715622] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.715927] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.716246] ^ [ 15.716447] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.716823] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.717114] ================================================================== [ 15.274213] ================================================================== [ 15.274510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.274899] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.275143] [ 15.275233] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.275278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.275289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.275313] Call Trace: [ 15.275332] <TASK> [ 15.275349] dump_stack_lvl+0x73/0xb0 [ 15.275379] print_report+0xd1/0x610 [ 15.275402] ? __virt_addr_valid+0x1db/0x2d0 [ 15.275426] ? kasan_atomics_helper+0xe78/0x5450 [ 15.275448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.275472] ? kasan_atomics_helper+0xe78/0x5450 [ 15.275495] kasan_report+0x141/0x180 [ 15.275518] ? kasan_atomics_helper+0xe78/0x5450 [ 15.275545] kasan_check_range+0x10c/0x1c0 [ 15.275570] __kasan_check_write+0x18/0x20 [ 15.275590] kasan_atomics_helper+0xe78/0x5450 [ 15.275614] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.275637] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.275663] ? kasan_atomics+0x152/0x310 [ 15.275691] kasan_atomics+0x1dc/0x310 [ 15.275714] ? __pfx_kasan_atomics+0x10/0x10 [ 15.275739] ? __pfx_read_tsc+0x10/0x10 [ 15.275761] ? ktime_get_ts64+0x86/0x230 [ 15.275787] kunit_try_run_case+0x1a5/0x480 [ 15.275833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.275857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.275883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.275907] ? __kthread_parkme+0x82/0x180 [ 15.275929] ? preempt_count_sub+0x50/0x80 [ 15.275954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.275979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.276004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.276029] kthread+0x337/0x6f0 [ 15.276060] ? trace_preempt_on+0x20/0xc0 [ 15.276085] ? __pfx_kthread+0x10/0x10 [ 15.276106] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.276129] ? calculate_sigpending+0x7b/0xa0 [ 15.276154] ? __pfx_kthread+0x10/0x10 [ 15.276177] ret_from_fork+0x116/0x1d0 [ 15.276196] ? __pfx_kthread+0x10/0x10 [ 15.276217] ret_from_fork_asm+0x1a/0x30 [ 15.276251] </TASK> [ 15.276262] [ 15.283786] Allocated by task 282: [ 15.283920] kasan_save_stack+0x45/0x70 [ 15.284103] kasan_save_track+0x18/0x40 [ 15.284396] kasan_save_alloc_info+0x3b/0x50 [ 15.284615] __kasan_kmalloc+0xb7/0xc0 [ 15.284806] __kmalloc_cache_noprof+0x189/0x420 [ 15.285031] kasan_atomics+0x95/0x310 [ 15.285306] kunit_try_run_case+0x1a5/0x480 [ 15.285738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.286003] kthread+0x337/0x6f0 [ 15.286262] ret_from_fork+0x116/0x1d0 [ 15.286456] ret_from_fork_asm+0x1a/0x30 [ 15.286748] [ 15.286824] The buggy address belongs to the object at ffff8881026ce080 [ 15.286824] which belongs to the cache kmalloc-64 of size 64 [ 15.287266] The buggy address is located 0 bytes to the right of [ 15.287266] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.287914] [ 15.288010] The buggy address belongs to the physical page: [ 15.288274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.288616] flags: 0x200000000000000(node=0|zone=2) [ 15.288861] page_type: f5(slab) [ 15.289079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.289400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.289724] page dumped because: kasan: bad access detected [ 15.289898] [ 15.290008] Memory state around the buggy address: [ 15.290255] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290498] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.291010] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.291329] ^ [ 15.291555] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.291849] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.292120] ================================================================== [ 16.172166] ================================================================== [ 16.172482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.172852] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 16.173157] [ 16.173271] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.173315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.173328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.173351] Call Trace: [ 16.173369] <TASK> [ 16.173387] dump_stack_lvl+0x73/0xb0 [ 16.173417] print_report+0xd1/0x610 [ 16.173441] ? __virt_addr_valid+0x1db/0x2d0 [ 16.173464] ? kasan_atomics_helper+0x224c/0x5450 [ 16.173486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.173511] ? kasan_atomics_helper+0x224c/0x5450 [ 16.173533] kasan_report+0x141/0x180 [ 16.173556] ? kasan_atomics_helper+0x224c/0x5450 [ 16.173607] kasan_check_range+0x10c/0x1c0 [ 16.173632] __kasan_check_write+0x18/0x20 [ 16.173653] kasan_atomics_helper+0x224c/0x5450 [ 16.173677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.173701] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.173727] ? kasan_atomics+0x152/0x310 [ 16.173755] kasan_atomics+0x1dc/0x310 [ 16.173779] ? __pfx_kasan_atomics+0x10/0x10 [ 16.173804] ? __pfx_read_tsc+0x10/0x10 [ 16.173826] ? ktime_get_ts64+0x86/0x230 [ 16.173852] kunit_try_run_case+0x1a5/0x480 [ 16.173878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.173902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.173928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.173954] ? __kthread_parkme+0x82/0x180 [ 16.173975] ? preempt_count_sub+0x50/0x80 [ 16.174001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.174027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.174061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.174086] kthread+0x337/0x6f0 [ 16.174107] ? trace_preempt_on+0x20/0xc0 [ 16.174133] ? __pfx_kthread+0x10/0x10 [ 16.174154] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.174177] ? calculate_sigpending+0x7b/0xa0 [ 16.174208] ? __pfx_kthread+0x10/0x10 [ 16.174230] ret_from_fork+0x116/0x1d0 [ 16.174249] ? __pfx_kthread+0x10/0x10 [ 16.174270] ret_from_fork_asm+0x1a/0x30 [ 16.174305] </TASK> [ 16.174317] [ 16.181522] Allocated by task 282: [ 16.181685] kasan_save_stack+0x45/0x70 [ 16.181836] kasan_save_track+0x18/0x40 [ 16.182029] kasan_save_alloc_info+0x3b/0x50 [ 16.182257] __kasan_kmalloc+0xb7/0xc0 [ 16.182446] __kmalloc_cache_noprof+0x189/0x420 [ 16.182704] kasan_atomics+0x95/0x310 [ 16.182899] kunit_try_run_case+0x1a5/0x480 [ 16.183117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.183373] kthread+0x337/0x6f0 [ 16.183549] ret_from_fork+0x116/0x1d0 [ 16.183753] ret_from_fork_asm+0x1a/0x30 [ 16.183898] [ 16.183975] The buggy address belongs to the object at ffff8881026ce080 [ 16.183975] which belongs to the cache kmalloc-64 of size 64 [ 16.184540] The buggy address is located 0 bytes to the right of [ 16.184540] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 16.185068] [ 16.185160] The buggy address belongs to the physical page: [ 16.185357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.185630] flags: 0x200000000000000(node=0|zone=2) [ 16.185801] page_type: f5(slab) [ 16.185947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.186306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.186670] page dumped because: kasan: bad access detected [ 16.186928] [ 16.187009] Memory state around the buggy address: [ 16.187177] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.187399] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.187666] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.187920] ^ [ 16.188122] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.188422] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.188687] ================================================================== [ 15.763078] ================================================================== [ 15.763398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.763792] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.764084] [ 15.764236] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.764287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.764300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.764325] Call Trace: [ 15.764346] <TASK> [ 15.764369] dump_stack_lvl+0x73/0xb0 [ 15.764400] print_report+0xd1/0x610 [ 15.764424] ? __virt_addr_valid+0x1db/0x2d0 [ 15.764449] ? kasan_atomics_helper+0x177f/0x5450 [ 15.764470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.764494] ? kasan_atomics_helper+0x177f/0x5450 [ 15.764517] kasan_report+0x141/0x180 [ 15.764556] ? kasan_atomics_helper+0x177f/0x5450 [ 15.764585] kasan_check_range+0x10c/0x1c0 [ 15.764620] __kasan_check_write+0x18/0x20 [ 15.764644] kasan_atomics_helper+0x177f/0x5450 [ 15.764670] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.764694] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.764732] ? kasan_atomics+0x152/0x310 [ 15.764760] kasan_atomics+0x1dc/0x310 [ 15.764797] ? __pfx_kasan_atomics+0x10/0x10 [ 15.764822] ? __pfx_read_tsc+0x10/0x10 [ 15.764843] ? ktime_get_ts64+0x86/0x230 [ 15.764871] kunit_try_run_case+0x1a5/0x480 [ 15.764898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.764931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.764959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.764984] ? __kthread_parkme+0x82/0x180 [ 15.765006] ? preempt_count_sub+0x50/0x80 [ 15.765033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.765072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.765107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.765133] kthread+0x337/0x6f0 [ 15.765164] ? trace_preempt_on+0x20/0xc0 [ 15.765190] ? __pfx_kthread+0x10/0x10 [ 15.765212] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.765236] ? calculate_sigpending+0x7b/0xa0 [ 15.765262] ? __pfx_kthread+0x10/0x10 [ 15.765284] ret_from_fork+0x116/0x1d0 [ 15.765304] ? __pfx_kthread+0x10/0x10 [ 15.765326] ret_from_fork_asm+0x1a/0x30 [ 15.765360] </TASK> [ 15.765372] [ 15.773424] Allocated by task 282: [ 15.773684] kasan_save_stack+0x45/0x70 [ 15.773856] kasan_save_track+0x18/0x40 [ 15.774046] kasan_save_alloc_info+0x3b/0x50 [ 15.774211] __kasan_kmalloc+0xb7/0xc0 [ 15.774348] __kmalloc_cache_noprof+0x189/0x420 [ 15.774585] kasan_atomics+0x95/0x310 [ 15.774820] kunit_try_run_case+0x1a5/0x480 [ 15.775104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.775363] kthread+0x337/0x6f0 [ 15.775509] ret_from_fork+0x116/0x1d0 [ 15.775783] ret_from_fork_asm+0x1a/0x30 [ 15.776073] [ 15.776151] The buggy address belongs to the object at ffff8881026ce080 [ 15.776151] which belongs to the cache kmalloc-64 of size 64 [ 15.776705] The buggy address is located 0 bytes to the right of [ 15.776705] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.777082] [ 15.777158] The buggy address belongs to the physical page: [ 15.777727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.778080] flags: 0x200000000000000(node=0|zone=2) [ 15.778257] page_type: f5(slab) [ 15.778383] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.778674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.779066] page dumped because: kasan: bad access detected [ 15.779399] [ 15.779523] Memory state around the buggy address: [ 15.779967] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.780313] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.780577] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.780958] ^ [ 15.781209] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781471] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781867] ================================================================== [ 15.124993] ================================================================== [ 15.125524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.125953] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.126585] [ 15.126769] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.126995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.127011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.127036] Call Trace: [ 15.127069] <TASK> [ 15.127090] dump_stack_lvl+0x73/0xb0 [ 15.127124] print_report+0xd1/0x610 [ 15.127148] ? __virt_addr_valid+0x1db/0x2d0 [ 15.127173] ? kasan_atomics_helper+0xac7/0x5450 [ 15.127194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.127218] ? kasan_atomics_helper+0xac7/0x5450 [ 15.127241] kasan_report+0x141/0x180 [ 15.127264] ? kasan_atomics_helper+0xac7/0x5450 [ 15.127291] kasan_check_range+0x10c/0x1c0 [ 15.127316] __kasan_check_write+0x18/0x20 [ 15.127336] kasan_atomics_helper+0xac7/0x5450 [ 15.127359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.127383] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.127409] ? kasan_atomics+0x152/0x310 [ 15.127437] kasan_atomics+0x1dc/0x310 [ 15.127461] ? __pfx_kasan_atomics+0x10/0x10 [ 15.127486] ? __pfx_read_tsc+0x10/0x10 [ 15.127508] ? ktime_get_ts64+0x86/0x230 [ 15.127534] kunit_try_run_case+0x1a5/0x480 [ 15.127561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127584] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.127610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.127634] ? __kthread_parkme+0x82/0x180 [ 15.127656] ? preempt_count_sub+0x50/0x80 [ 15.127682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.127732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.127756] kthread+0x337/0x6f0 [ 15.127776] ? trace_preempt_on+0x20/0xc0 [ 15.127800] ? __pfx_kthread+0x10/0x10 [ 15.127837] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.127859] ? calculate_sigpending+0x7b/0xa0 [ 15.127884] ? __pfx_kthread+0x10/0x10 [ 15.127906] ret_from_fork+0x116/0x1d0 [ 15.127925] ? __pfx_kthread+0x10/0x10 [ 15.127946] ret_from_fork_asm+0x1a/0x30 [ 15.127980] </TASK> [ 15.127991] [ 15.140254] Allocated by task 282: [ 15.140619] kasan_save_stack+0x45/0x70 [ 15.140835] kasan_save_track+0x18/0x40 [ 15.140988] kasan_save_alloc_info+0x3b/0x50 [ 15.141150] __kasan_kmalloc+0xb7/0xc0 [ 15.141286] __kmalloc_cache_noprof+0x189/0x420 [ 15.141445] kasan_atomics+0x95/0x310 [ 15.141581] kunit_try_run_case+0x1a5/0x480 [ 15.141963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.142519] kthread+0x337/0x6f0 [ 15.142893] ret_from_fork+0x116/0x1d0 [ 15.143347] ret_from_fork_asm+0x1a/0x30 [ 15.143757] [ 15.143916] The buggy address belongs to the object at ffff8881026ce080 [ 15.143916] which belongs to the cache kmalloc-64 of size 64 [ 15.145093] The buggy address is located 0 bytes to the right of [ 15.145093] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.146481] [ 15.146650] The buggy address belongs to the physical page: [ 15.147285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.147922] flags: 0x200000000000000(node=0|zone=2) [ 15.148103] page_type: f5(slab) [ 15.148230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.148465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.148992] page dumped because: kasan: bad access detected [ 15.149292] [ 15.149379] Memory state around the buggy address: [ 15.149538] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.150009] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.150477] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.150792] ^ [ 15.151106] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151446] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151681] ================================================================== [ 15.862136] ================================================================== [ 15.862469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.862828] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.863282] [ 15.863405] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.863463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.863476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.863512] Call Trace: [ 15.863532] <TASK> [ 15.863554] dump_stack_lvl+0x73/0xb0 [ 15.863585] print_report+0xd1/0x610 [ 15.863622] ? __virt_addr_valid+0x1db/0x2d0 [ 15.863655] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.863677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.863701] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.863743] kasan_report+0x141/0x180 [ 15.863766] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.863795] kasan_check_range+0x10c/0x1c0 [ 15.863830] __kasan_check_write+0x18/0x20 [ 15.863850] kasan_atomics_helper+0x1a7f/0x5450 [ 15.863874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.863897] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.863924] ? kasan_atomics+0x152/0x310 [ 15.863952] kasan_atomics+0x1dc/0x310 [ 15.863976] ? __pfx_kasan_atomics+0x10/0x10 [ 15.864002] ? __pfx_read_tsc+0x10/0x10 [ 15.864025] ? ktime_get_ts64+0x86/0x230 [ 15.864070] kunit_try_run_case+0x1a5/0x480 [ 15.864097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.864120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.864158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.864182] ? __kthread_parkme+0x82/0x180 [ 15.864204] ? preempt_count_sub+0x50/0x80 [ 15.864230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.864255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.864279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.864304] kthread+0x337/0x6f0 [ 15.864324] ? trace_preempt_on+0x20/0xc0 [ 15.864348] ? __pfx_kthread+0x10/0x10 [ 15.864369] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.864391] ? calculate_sigpending+0x7b/0xa0 [ 15.864417] ? __pfx_kthread+0x10/0x10 [ 15.864439] ret_from_fork+0x116/0x1d0 [ 15.864459] ? __pfx_kthread+0x10/0x10 [ 15.864479] ret_from_fork_asm+0x1a/0x30 [ 15.864524] </TASK> [ 15.864534] [ 15.872417] Allocated by task 282: [ 15.872608] kasan_save_stack+0x45/0x70 [ 15.872819] kasan_save_track+0x18/0x40 [ 15.873016] kasan_save_alloc_info+0x3b/0x50 [ 15.873234] __kasan_kmalloc+0xb7/0xc0 [ 15.873426] __kmalloc_cache_noprof+0x189/0x420 [ 15.873655] kasan_atomics+0x95/0x310 [ 15.873841] kunit_try_run_case+0x1a5/0x480 [ 15.874061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.874314] kthread+0x337/0x6f0 [ 15.874493] ret_from_fork+0x116/0x1d0 [ 15.874741] ret_from_fork_asm+0x1a/0x30 [ 15.874932] [ 15.875032] The buggy address belongs to the object at ffff8881026ce080 [ 15.875032] which belongs to the cache kmalloc-64 of size 64 [ 15.875547] The buggy address is located 0 bytes to the right of [ 15.875547] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.876079] [ 15.876183] The buggy address belongs to the physical page: [ 15.876434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.876808] flags: 0x200000000000000(node=0|zone=2) [ 15.877068] page_type: f5(slab) [ 15.877204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.877445] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.877678] page dumped because: kasan: bad access detected [ 15.877919] [ 15.878014] Memory state around the buggy address: [ 15.878275] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878601] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.878828] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.879046] ^ [ 15.879296] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.879647] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.879994] ================================================================== [ 15.840395] ================================================================== [ 15.840764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.841109] Write of size 8 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.841454] [ 15.841610] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.841656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.841681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.841706] Call Trace: [ 15.841724] <TASK> [ 15.841753] dump_stack_lvl+0x73/0xb0 [ 15.841783] print_report+0xd1/0x610 [ 15.841806] ? __virt_addr_valid+0x1db/0x2d0 [ 15.841830] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.841851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.841885] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.841909] kasan_report+0x141/0x180 [ 15.841931] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.841971] kasan_check_range+0x10c/0x1c0 [ 15.841996] __kasan_check_write+0x18/0x20 [ 15.842016] kasan_atomics_helper+0x19e3/0x5450 [ 15.842040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.842071] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.842107] ? kasan_atomics+0x152/0x310 [ 15.842136] kasan_atomics+0x1dc/0x310 [ 15.842170] ? __pfx_kasan_atomics+0x10/0x10 [ 15.842196] ? __pfx_read_tsc+0x10/0x10 [ 15.842222] ? ktime_get_ts64+0x86/0x230 [ 15.842248] kunit_try_run_case+0x1a5/0x480 [ 15.842283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.842335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.842370] ? __kthread_parkme+0x82/0x180 [ 15.842392] ? preempt_count_sub+0x50/0x80 [ 15.842419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.842477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.842512] kthread+0x337/0x6f0 [ 15.842532] ? trace_preempt_on+0x20/0xc0 [ 15.842558] ? __pfx_kthread+0x10/0x10 [ 15.842598] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.842621] ? calculate_sigpending+0x7b/0xa0 [ 15.842647] ? __pfx_kthread+0x10/0x10 [ 15.842670] ret_from_fork+0x116/0x1d0 [ 15.842689] ? __pfx_kthread+0x10/0x10 [ 15.842709] ret_from_fork_asm+0x1a/0x30 [ 15.842744] </TASK> [ 15.842764] [ 15.851798] Allocated by task 282: [ 15.852031] kasan_save_stack+0x45/0x70 [ 15.852242] kasan_save_track+0x18/0x40 [ 15.852431] kasan_save_alloc_info+0x3b/0x50 [ 15.852870] __kasan_kmalloc+0xb7/0xc0 [ 15.853294] __kmalloc_cache_noprof+0x189/0x420 [ 15.853707] kasan_atomics+0x95/0x310 [ 15.853896] kunit_try_run_case+0x1a5/0x480 [ 15.854110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.854354] kthread+0x337/0x6f0 [ 15.854513] ret_from_fork+0x116/0x1d0 [ 15.855103] ret_from_fork_asm+0x1a/0x30 [ 15.855360] [ 15.855597] The buggy address belongs to the object at ffff8881026ce080 [ 15.855597] which belongs to the cache kmalloc-64 of size 64 [ 15.856533] The buggy address is located 0 bytes to the right of [ 15.856533] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.857094] [ 15.857176] The buggy address belongs to the physical page: [ 15.857460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.857822] flags: 0x200000000000000(node=0|zone=2) [ 15.858130] page_type: f5(slab) [ 15.858302] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.858641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.858927] page dumped because: kasan: bad access detected [ 15.859212] [ 15.859312] Memory state around the buggy address: [ 15.859481] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.859874] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.860212] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.860467] ^ [ 15.860727] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861042] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861369] ================================================================== [ 15.035145] ================================================================== [ 15.035499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.035895] Write of size 4 at addr ffff8881026ce0b0 by task kunit_try_catch/282 [ 15.036306] [ 15.036449] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.036494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.036507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.036532] Call Trace: [ 15.036549] <TASK> [ 15.036567] dump_stack_lvl+0x73/0xb0 [ 15.036598] print_report+0xd1/0x610 [ 15.036622] ? __virt_addr_valid+0x1db/0x2d0 [ 15.036645] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.036667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.036691] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.036713] kasan_report+0x141/0x180 [ 15.036736] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.036764] kasan_check_range+0x10c/0x1c0 [ 15.036789] __kasan_check_write+0x18/0x20 [ 15.036810] kasan_atomics_helper+0x8f9/0x5450 [ 15.036833] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.036857] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.036884] ? kasan_atomics+0x152/0x310 [ 15.036912] kasan_atomics+0x1dc/0x310 [ 15.036935] ? __pfx_kasan_atomics+0x10/0x10 [ 15.036961] ? __pfx_read_tsc+0x10/0x10 [ 15.036982] ? ktime_get_ts64+0x86/0x230 [ 15.037009] kunit_try_run_case+0x1a5/0x480 [ 15.037034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.037095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.037120] ? __kthread_parkme+0x82/0x180 [ 15.037142] ? preempt_count_sub+0x50/0x80 [ 15.037168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.037244] kthread+0x337/0x6f0 [ 15.037264] ? trace_preempt_on+0x20/0xc0 [ 15.037288] ? __pfx_kthread+0x10/0x10 [ 15.037310] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.037332] ? calculate_sigpending+0x7b/0xa0 [ 15.037358] ? __pfx_kthread+0x10/0x10 [ 15.037380] ret_from_fork+0x116/0x1d0 [ 15.037399] ? __pfx_kthread+0x10/0x10 [ 15.037422] ret_from_fork_asm+0x1a/0x30 [ 15.037457] </TASK> [ 15.037468] [ 15.046794] Allocated by task 282: [ 15.046935] kasan_save_stack+0x45/0x70 [ 15.047102] kasan_save_track+0x18/0x40 [ 15.047619] kasan_save_alloc_info+0x3b/0x50 [ 15.048856] __kasan_kmalloc+0xb7/0xc0 [ 15.049356] __kmalloc_cache_noprof+0x189/0x420 [ 15.050074] kasan_atomics+0x95/0x310 [ 15.050238] kunit_try_run_case+0x1a5/0x480 [ 15.050385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.050557] kthread+0x337/0x6f0 [ 15.051614] ret_from_fork+0x116/0x1d0 [ 15.052479] ret_from_fork_asm+0x1a/0x30 [ 15.053065] [ 15.053400] The buggy address belongs to the object at ffff8881026ce080 [ 15.053400] which belongs to the cache kmalloc-64 of size 64 [ 15.054439] The buggy address is located 0 bytes to the right of [ 15.054439] allocated 48-byte region [ffff8881026ce080, ffff8881026ce0b0) [ 15.055882] [ 15.056077] The buggy address belongs to the physical page: [ 15.056827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 15.057145] flags: 0x200000000000000(node=0|zone=2) [ 15.057319] page_type: f5(slab) [ 15.057447] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.057841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.058648] page dumped because: kasan: bad access detected [ 15.059300] [ 15.059498] Memory state around the buggy address: [ 15.059994] ffff8881026cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060801] ffff8881026ce000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.061630] >ffff8881026ce080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.062064] ^ [ 15.062258] ffff8881026ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062479] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.063000] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.635924] ================================================================== [ 14.636290] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.636674] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.636920] [ 14.637005] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.637047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.637068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.637089] Call Trace: [ 14.637106] <TASK> [ 14.637121] dump_stack_lvl+0x73/0xb0 [ 14.637148] print_report+0xd1/0x610 [ 14.637170] ? __virt_addr_valid+0x1db/0x2d0 [ 14.637192] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.637219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.637242] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.637271] kasan_report+0x141/0x180 [ 14.637292] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.637326] kasan_check_range+0x10c/0x1c0 [ 14.637349] __kasan_check_write+0x18/0x20 [ 14.637368] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.637396] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.637425] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.637448] ? trace_hardirqs_on+0x37/0xe0 [ 14.637470] ? kasan_bitops_generic+0x92/0x1c0 [ 14.637498] kasan_bitops_generic+0x121/0x1c0 [ 14.637521] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.637545] ? __pfx_read_tsc+0x10/0x10 [ 14.637566] ? ktime_get_ts64+0x86/0x230 [ 14.637610] kunit_try_run_case+0x1a5/0x480 [ 14.637635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.637680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.637703] ? __kthread_parkme+0x82/0x180 [ 14.637723] ? preempt_count_sub+0x50/0x80 [ 14.637749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.637820] kthread+0x337/0x6f0 [ 14.637839] ? trace_preempt_on+0x20/0xc0 [ 14.637861] ? __pfx_kthread+0x10/0x10 [ 14.637881] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.637902] ? calculate_sigpending+0x7b/0xa0 [ 14.637926] ? __pfx_kthread+0x10/0x10 [ 14.637948] ret_from_fork+0x116/0x1d0 [ 14.637966] ? __pfx_kthread+0x10/0x10 [ 14.637986] ret_from_fork_asm+0x1a/0x30 [ 14.638019] </TASK> [ 14.638029] [ 14.646136] Allocated by task 278: [ 14.646286] kasan_save_stack+0x45/0x70 [ 14.646469] kasan_save_track+0x18/0x40 [ 14.646631] kasan_save_alloc_info+0x3b/0x50 [ 14.646782] __kasan_kmalloc+0xb7/0xc0 [ 14.646912] __kmalloc_cache_noprof+0x189/0x420 [ 14.647145] kasan_bitops_generic+0x92/0x1c0 [ 14.647362] kunit_try_run_case+0x1a5/0x480 [ 14.647595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647866] kthread+0x337/0x6f0 [ 14.648043] ret_from_fork+0x116/0x1d0 [ 14.648192] ret_from_fork_asm+0x1a/0x30 [ 14.648393] [ 14.648481] The buggy address belongs to the object at ffff8881025ee360 [ 14.648481] which belongs to the cache kmalloc-16 of size 16 [ 14.648982] The buggy address is located 8 bytes inside of [ 14.648982] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.649459] [ 14.649556] The buggy address belongs to the physical page: [ 14.649799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.650134] flags: 0x200000000000000(node=0|zone=2) [ 14.650357] page_type: f5(slab) [ 14.650511] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.650838] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.651136] page dumped because: kasan: bad access detected [ 14.651309] [ 14.651377] Memory state around the buggy address: [ 14.651534] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.651774] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.652035] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.652352] ^ [ 14.652665] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652983] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653307] ================================================================== [ 14.580241] ================================================================== [ 14.580602] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.581136] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.581424] [ 14.581508] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.581551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.581562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.581583] Call Trace: [ 14.581598] <TASK> [ 14.581613] dump_stack_lvl+0x73/0xb0 [ 14.581641] print_report+0xd1/0x610 [ 14.581663] ? __virt_addr_valid+0x1db/0x2d0 [ 14.581685] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.581714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.581737] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.581765] kasan_report+0x141/0x180 [ 14.581788] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.581821] kasan_check_range+0x10c/0x1c0 [ 14.581845] __kasan_check_write+0x18/0x20 [ 14.581863] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.581891] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.581922] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.581945] ? trace_hardirqs_on+0x37/0xe0 [ 14.581967] ? kasan_bitops_generic+0x92/0x1c0 [ 14.581995] kasan_bitops_generic+0x121/0x1c0 [ 14.582019] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.582068] ? __pfx_read_tsc+0x10/0x10 [ 14.582088] ? ktime_get_ts64+0x86/0x230 [ 14.582113] kunit_try_run_case+0x1a5/0x480 [ 14.582138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.582160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.582184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.582213] ? __kthread_parkme+0x82/0x180 [ 14.582232] ? preempt_count_sub+0x50/0x80 [ 14.582256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.582280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.582303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.582328] kthread+0x337/0x6f0 [ 14.582347] ? trace_preempt_on+0x20/0xc0 [ 14.582369] ? __pfx_kthread+0x10/0x10 [ 14.582389] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.582410] ? calculate_sigpending+0x7b/0xa0 [ 14.582434] ? __pfx_kthread+0x10/0x10 [ 14.582455] ret_from_fork+0x116/0x1d0 [ 14.582473] ? __pfx_kthread+0x10/0x10 [ 14.582493] ret_from_fork_asm+0x1a/0x30 [ 14.582526] </TASK> [ 14.582537] [ 14.591082] Allocated by task 278: [ 14.591225] kasan_save_stack+0x45/0x70 [ 14.591370] kasan_save_track+0x18/0x40 [ 14.591528] kasan_save_alloc_info+0x3b/0x50 [ 14.591936] __kasan_kmalloc+0xb7/0xc0 [ 14.592124] __kmalloc_cache_noprof+0x189/0x420 [ 14.592320] kasan_bitops_generic+0x92/0x1c0 [ 14.592471] kunit_try_run_case+0x1a5/0x480 [ 14.592646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592916] kthread+0x337/0x6f0 [ 14.593093] ret_from_fork+0x116/0x1d0 [ 14.593227] ret_from_fork_asm+0x1a/0x30 [ 14.593368] [ 14.593452] The buggy address belongs to the object at ffff8881025ee360 [ 14.593452] which belongs to the cache kmalloc-16 of size 16 [ 14.594253] The buggy address is located 8 bytes inside of [ 14.594253] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.594655] [ 14.594751] The buggy address belongs to the physical page: [ 14.595005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.595362] flags: 0x200000000000000(node=0|zone=2) [ 14.595578] page_type: f5(slab) [ 14.595751] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.596088] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.596377] page dumped because: kasan: bad access detected [ 14.596580] [ 14.596648] Memory state around the buggy address: [ 14.596804] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.597025] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.597347] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.597662] ^ [ 14.597958] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598270] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598486] ================================================================== [ 14.561443] ================================================================== [ 14.561843] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.562359] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.562785] [ 14.562902] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.563110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.563123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.563143] Call Trace: [ 14.563159] <TASK> [ 14.563175] dump_stack_lvl+0x73/0xb0 [ 14.563205] print_report+0xd1/0x610 [ 14.563228] ? __virt_addr_valid+0x1db/0x2d0 [ 14.563251] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.563279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.563301] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.563329] kasan_report+0x141/0x180 [ 14.563351] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.563384] kasan_check_range+0x10c/0x1c0 [ 14.563408] __kasan_check_write+0x18/0x20 [ 14.563427] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.563455] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.563484] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.563508] ? trace_hardirqs_on+0x37/0xe0 [ 14.563530] ? kasan_bitops_generic+0x92/0x1c0 [ 14.563558] kasan_bitops_generic+0x121/0x1c0 [ 14.563581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.563607] ? __pfx_read_tsc+0x10/0x10 [ 14.563627] ? ktime_get_ts64+0x86/0x230 [ 14.563654] kunit_try_run_case+0x1a5/0x480 [ 14.563682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563754] ? __kthread_parkme+0x82/0x180 [ 14.563774] ? preempt_count_sub+0x50/0x80 [ 14.563799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563871] kthread+0x337/0x6f0 [ 14.563890] ? trace_preempt_on+0x20/0xc0 [ 14.563911] ? __pfx_kthread+0x10/0x10 [ 14.563930] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563952] ? calculate_sigpending+0x7b/0xa0 [ 14.563976] ? __pfx_kthread+0x10/0x10 [ 14.563997] ret_from_fork+0x116/0x1d0 [ 14.564015] ? __pfx_kthread+0x10/0x10 [ 14.564035] ret_from_fork_asm+0x1a/0x30 [ 14.564078] </TASK> [ 14.564087] [ 14.572025] Allocated by task 278: [ 14.572219] kasan_save_stack+0x45/0x70 [ 14.572413] kasan_save_track+0x18/0x40 [ 14.572579] kasan_save_alloc_info+0x3b/0x50 [ 14.572729] __kasan_kmalloc+0xb7/0xc0 [ 14.572861] __kmalloc_cache_noprof+0x189/0x420 [ 14.573015] kasan_bitops_generic+0x92/0x1c0 [ 14.573253] kunit_try_run_case+0x1a5/0x480 [ 14.573461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.573997] kthread+0x337/0x6f0 [ 14.574171] ret_from_fork+0x116/0x1d0 [ 14.574361] ret_from_fork_asm+0x1a/0x30 [ 14.574530] [ 14.574623] The buggy address belongs to the object at ffff8881025ee360 [ 14.574623] which belongs to the cache kmalloc-16 of size 16 [ 14.575100] The buggy address is located 8 bytes inside of [ 14.575100] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.575453] [ 14.575525] The buggy address belongs to the physical page: [ 14.575780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.576141] flags: 0x200000000000000(node=0|zone=2) [ 14.576378] page_type: f5(slab) [ 14.576554] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.576910] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.577189] page dumped because: kasan: bad access detected [ 14.577362] [ 14.577430] Memory state around the buggy address: [ 14.577644] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.578000] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.578361] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.578722] ^ [ 14.578947] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.579172] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.579398] ================================================================== [ 14.519088] ================================================================== [ 14.519398] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.519853] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.520607] [ 14.520724] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.520769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.520780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.520802] Call Trace: [ 14.520820] <TASK> [ 14.520838] dump_stack_lvl+0x73/0xb0 [ 14.520867] print_report+0xd1/0x610 [ 14.520889] ? __virt_addr_valid+0x1db/0x2d0 [ 14.520912] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.520939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.520961] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.520990] kasan_report+0x141/0x180 [ 14.521011] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.521045] kasan_check_range+0x10c/0x1c0 [ 14.521081] __kasan_check_write+0x18/0x20 [ 14.521099] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.521127] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.521156] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521181] ? trace_hardirqs_on+0x37/0xe0 [ 14.521204] ? kasan_bitops_generic+0x92/0x1c0 [ 14.521231] kasan_bitops_generic+0x121/0x1c0 [ 14.521254] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.521278] ? __pfx_read_tsc+0x10/0x10 [ 14.521298] ? ktime_get_ts64+0x86/0x230 [ 14.521322] kunit_try_run_case+0x1a5/0x480 [ 14.521347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.521393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.521416] ? __kthread_parkme+0x82/0x180 [ 14.521436] ? preempt_count_sub+0x50/0x80 [ 14.521461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521531] kthread+0x337/0x6f0 [ 14.521549] ? trace_preempt_on+0x20/0xc0 [ 14.521580] ? __pfx_kthread+0x10/0x10 [ 14.521659] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.521681] ? calculate_sigpending+0x7b/0xa0 [ 14.521706] ? __pfx_kthread+0x10/0x10 [ 14.521727] ret_from_fork+0x116/0x1d0 [ 14.521745] ? __pfx_kthread+0x10/0x10 [ 14.521764] ret_from_fork_asm+0x1a/0x30 [ 14.521796] </TASK> [ 14.521805] [ 14.531419] Allocated by task 278: [ 14.531562] kasan_save_stack+0x45/0x70 [ 14.532001] kasan_save_track+0x18/0x40 [ 14.532274] kasan_save_alloc_info+0x3b/0x50 [ 14.532454] __kasan_kmalloc+0xb7/0xc0 [ 14.532771] __kmalloc_cache_noprof+0x189/0x420 [ 14.532977] kasan_bitops_generic+0x92/0x1c0 [ 14.533193] kunit_try_run_case+0x1a5/0x480 [ 14.533383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.533614] kthread+0x337/0x6f0 [ 14.534007] ret_from_fork+0x116/0x1d0 [ 14.534166] ret_from_fork_asm+0x1a/0x30 [ 14.534439] [ 14.534603] The buggy address belongs to the object at ffff8881025ee360 [ 14.534603] which belongs to the cache kmalloc-16 of size 16 [ 14.535223] The buggy address is located 8 bytes inside of [ 14.535223] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.535924] [ 14.536006] The buggy address belongs to the physical page: [ 14.536252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.536832] flags: 0x200000000000000(node=0|zone=2) [ 14.537064] page_type: f5(slab) [ 14.537201] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.537587] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.537951] page dumped because: kasan: bad access detected [ 14.538189] [ 14.538277] Memory state around the buggy address: [ 14.538465] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.538780] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.539099] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.539478] ^ [ 14.539705] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539993] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.540259] ================================================================== [ 14.671656] ================================================================== [ 14.672044] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.672460] Read of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.672826] [ 14.672940] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.672981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.672993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.673014] Call Trace: [ 14.673028] <TASK> [ 14.673043] dump_stack_lvl+0x73/0xb0 [ 14.673080] print_report+0xd1/0x610 [ 14.673103] ? __virt_addr_valid+0x1db/0x2d0 [ 14.673125] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.673152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.673175] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.673206] kasan_report+0x141/0x180 [ 14.673228] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.673263] __asan_report_load8_noabort+0x18/0x20 [ 14.673287] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.673316] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.673344] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.673368] ? trace_hardirqs_on+0x37/0xe0 [ 14.673390] ? kasan_bitops_generic+0x92/0x1c0 [ 14.673418] kasan_bitops_generic+0x121/0x1c0 [ 14.673441] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.673466] ? __pfx_read_tsc+0x10/0x10 [ 14.673486] ? ktime_get_ts64+0x86/0x230 [ 14.673510] kunit_try_run_case+0x1a5/0x480 [ 14.673535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673559] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.673610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.673634] ? __kthread_parkme+0x82/0x180 [ 14.673653] ? preempt_count_sub+0x50/0x80 [ 14.673678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.673725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.673749] kthread+0x337/0x6f0 [ 14.673767] ? trace_preempt_on+0x20/0xc0 [ 14.673789] ? __pfx_kthread+0x10/0x10 [ 14.673809] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.673830] ? calculate_sigpending+0x7b/0xa0 [ 14.673854] ? __pfx_kthread+0x10/0x10 [ 14.673875] ret_from_fork+0x116/0x1d0 [ 14.673893] ? __pfx_kthread+0x10/0x10 [ 14.673912] ret_from_fork_asm+0x1a/0x30 [ 14.673945] </TASK> [ 14.673955] [ 14.681516] Allocated by task 278: [ 14.681666] kasan_save_stack+0x45/0x70 [ 14.681812] kasan_save_track+0x18/0x40 [ 14.682007] kasan_save_alloc_info+0x3b/0x50 [ 14.682228] __kasan_kmalloc+0xb7/0xc0 [ 14.682413] __kmalloc_cache_noprof+0x189/0x420 [ 14.682659] kasan_bitops_generic+0x92/0x1c0 [ 14.682872] kunit_try_run_case+0x1a5/0x480 [ 14.683086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.683341] kthread+0x337/0x6f0 [ 14.683511] ret_from_fork+0x116/0x1d0 [ 14.683704] ret_from_fork_asm+0x1a/0x30 [ 14.683844] [ 14.683914] The buggy address belongs to the object at ffff8881025ee360 [ 14.683914] which belongs to the cache kmalloc-16 of size 16 [ 14.684279] The buggy address is located 8 bytes inside of [ 14.684279] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.684824] [ 14.684922] The buggy address belongs to the physical page: [ 14.685180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.685440] flags: 0x200000000000000(node=0|zone=2) [ 14.685629] page_type: f5(slab) [ 14.685750] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.686067] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.686413] page dumped because: kasan: bad access detected [ 14.686695] [ 14.686789] Memory state around the buggy address: [ 14.687021] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.687354] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.687670] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.687958] ^ [ 14.688226] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.688462] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.688700] ================================================================== [ 14.653943] ================================================================== [ 14.654207] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.654592] Read of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.654949] [ 14.655066] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.655107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.655119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.655140] Call Trace: [ 14.655156] <TASK> [ 14.655172] dump_stack_lvl+0x73/0xb0 [ 14.655200] print_report+0xd1/0x610 [ 14.655221] ? __virt_addr_valid+0x1db/0x2d0 [ 14.655244] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.655271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.655293] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.655322] kasan_report+0x141/0x180 [ 14.655343] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.655377] kasan_check_range+0x10c/0x1c0 [ 14.655400] __kasan_check_read+0x15/0x20 [ 14.655418] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.655446] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.655475] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.655499] ? trace_hardirqs_on+0x37/0xe0 [ 14.655521] ? kasan_bitops_generic+0x92/0x1c0 [ 14.655548] kasan_bitops_generic+0x121/0x1c0 [ 14.655591] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.655616] ? __pfx_read_tsc+0x10/0x10 [ 14.655636] ? ktime_get_ts64+0x86/0x230 [ 14.655659] kunit_try_run_case+0x1a5/0x480 [ 14.655684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.655729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.655753] ? __kthread_parkme+0x82/0x180 [ 14.655772] ? preempt_count_sub+0x50/0x80 [ 14.655795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.655844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.655868] kthread+0x337/0x6f0 [ 14.655886] ? trace_preempt_on+0x20/0xc0 [ 14.655908] ? __pfx_kthread+0x10/0x10 [ 14.655928] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.655949] ? calculate_sigpending+0x7b/0xa0 [ 14.655972] ? __pfx_kthread+0x10/0x10 [ 14.655993] ret_from_fork+0x116/0x1d0 [ 14.656011] ? __pfx_kthread+0x10/0x10 [ 14.656031] ret_from_fork_asm+0x1a/0x30 [ 14.656071] </TASK> [ 14.656080] [ 14.664067] Allocated by task 278: [ 14.664221] kasan_save_stack+0x45/0x70 [ 14.664426] kasan_save_track+0x18/0x40 [ 14.664613] kasan_save_alloc_info+0x3b/0x50 [ 14.664796] __kasan_kmalloc+0xb7/0xc0 [ 14.664976] __kmalloc_cache_noprof+0x189/0x420 [ 14.665176] kasan_bitops_generic+0x92/0x1c0 [ 14.665375] kunit_try_run_case+0x1a5/0x480 [ 14.665551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.665746] kthread+0x337/0x6f0 [ 14.665867] ret_from_fork+0x116/0x1d0 [ 14.665999] ret_from_fork_asm+0x1a/0x30 [ 14.666149] [ 14.666225] The buggy address belongs to the object at ffff8881025ee360 [ 14.666225] which belongs to the cache kmalloc-16 of size 16 [ 14.666602] The buggy address is located 8 bytes inside of [ 14.666602] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.667111] [ 14.667207] The buggy address belongs to the physical page: [ 14.667456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.667832] flags: 0x200000000000000(node=0|zone=2) [ 14.668073] page_type: f5(slab) [ 14.668241] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.668498] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.668750] page dumped because: kasan: bad access detected [ 14.668922] [ 14.668990] Memory state around the buggy address: [ 14.669154] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.669372] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.669699] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.670024] ^ [ 14.670329] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.670677] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.670994] ================================================================== [ 14.599188] ================================================================== [ 14.599553] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.600106] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.600436] [ 14.600545] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.600587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.600598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.600618] Call Trace: [ 14.600637] <TASK> [ 14.600654] dump_stack_lvl+0x73/0xb0 [ 14.600682] print_report+0xd1/0x610 [ 14.600703] ? __virt_addr_valid+0x1db/0x2d0 [ 14.600725] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.600753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.600776] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.600806] kasan_report+0x141/0x180 [ 14.600828] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.600861] kasan_check_range+0x10c/0x1c0 [ 14.600885] __kasan_check_write+0x18/0x20 [ 14.600904] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.600933] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.600962] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.600985] ? trace_hardirqs_on+0x37/0xe0 [ 14.601007] ? kasan_bitops_generic+0x92/0x1c0 [ 14.601035] kasan_bitops_generic+0x121/0x1c0 [ 14.601071] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.601096] ? __pfx_read_tsc+0x10/0x10 [ 14.601117] ? ktime_get_ts64+0x86/0x230 [ 14.601141] kunit_try_run_case+0x1a5/0x480 [ 14.601165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601234] ? __kthread_parkme+0x82/0x180 [ 14.601255] ? preempt_count_sub+0x50/0x80 [ 14.601279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601351] kthread+0x337/0x6f0 [ 14.601370] ? trace_preempt_on+0x20/0xc0 [ 14.601392] ? __pfx_kthread+0x10/0x10 [ 14.601412] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.601433] ? calculate_sigpending+0x7b/0xa0 [ 14.601457] ? __pfx_kthread+0x10/0x10 [ 14.601478] ret_from_fork+0x116/0x1d0 [ 14.601496] ? __pfx_kthread+0x10/0x10 [ 14.601516] ret_from_fork_asm+0x1a/0x30 [ 14.601548] </TASK> [ 14.601558] [ 14.609583] Allocated by task 278: [ 14.609774] kasan_save_stack+0x45/0x70 [ 14.609983] kasan_save_track+0x18/0x40 [ 14.610141] kasan_save_alloc_info+0x3b/0x50 [ 14.610360] __kasan_kmalloc+0xb7/0xc0 [ 14.610521] __kmalloc_cache_noprof+0x189/0x420 [ 14.610756] kasan_bitops_generic+0x92/0x1c0 [ 14.610919] kunit_try_run_case+0x1a5/0x480 [ 14.611140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.611349] kthread+0x337/0x6f0 [ 14.611516] ret_from_fork+0x116/0x1d0 [ 14.611706] ret_from_fork_asm+0x1a/0x30 [ 14.611899] [ 14.611988] The buggy address belongs to the object at ffff8881025ee360 [ 14.611988] which belongs to the cache kmalloc-16 of size 16 [ 14.612417] The buggy address is located 8 bytes inside of [ 14.612417] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.612865] [ 14.612963] The buggy address belongs to the physical page: [ 14.613225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.613552] flags: 0x200000000000000(node=0|zone=2) [ 14.613750] page_type: f5(slab) [ 14.613919] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.614217] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.614550] page dumped because: kasan: bad access detected [ 14.614814] [ 14.614894] Memory state around the buggy address: [ 14.615076] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.615292] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.615507] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.615796] ^ [ 14.616095] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.616480] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.616914] ================================================================== [ 14.617368] ================================================================== [ 14.617605] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.617999] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.618359] [ 14.618469] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.618511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.618522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.618544] Call Trace: [ 14.618559] <TASK> [ 14.618573] dump_stack_lvl+0x73/0xb0 [ 14.618600] print_report+0xd1/0x610 [ 14.618620] ? __virt_addr_valid+0x1db/0x2d0 [ 14.618641] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.618667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.618689] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.618715] kasan_report+0x141/0x180 [ 14.618736] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.618769] kasan_check_range+0x10c/0x1c0 [ 14.618790] __kasan_check_write+0x18/0x20 [ 14.618808] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.618835] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.618863] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.618889] ? trace_hardirqs_on+0x37/0xe0 [ 14.618910] ? kasan_bitops_generic+0x92/0x1c0 [ 14.618937] kasan_bitops_generic+0x121/0x1c0 [ 14.618959] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.618983] ? __pfx_read_tsc+0x10/0x10 [ 14.619003] ? ktime_get_ts64+0x86/0x230 [ 14.619026] kunit_try_run_case+0x1a5/0x480 [ 14.619206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.619237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.619263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.619286] ? __kthread_parkme+0x82/0x180 [ 14.619306] ? preempt_count_sub+0x50/0x80 [ 14.619331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.619355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.619378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.619402] kthread+0x337/0x6f0 [ 14.619421] ? trace_preempt_on+0x20/0xc0 [ 14.619443] ? __pfx_kthread+0x10/0x10 [ 14.619463] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.619485] ? calculate_sigpending+0x7b/0xa0 [ 14.619509] ? __pfx_kthread+0x10/0x10 [ 14.619530] ret_from_fork+0x116/0x1d0 [ 14.619548] ? __pfx_kthread+0x10/0x10 [ 14.619589] ret_from_fork_asm+0x1a/0x30 [ 14.619623] </TASK> [ 14.619632] [ 14.627466] Allocated by task 278: [ 14.627657] kasan_save_stack+0x45/0x70 [ 14.627801] kasan_save_track+0x18/0x40 [ 14.627937] kasan_save_alloc_info+0x3b/0x50 [ 14.628096] __kasan_kmalloc+0xb7/0xc0 [ 14.628230] __kmalloc_cache_noprof+0x189/0x420 [ 14.628386] kasan_bitops_generic+0x92/0x1c0 [ 14.628535] kunit_try_run_case+0x1a5/0x480 [ 14.628697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.628949] kthread+0x337/0x6f0 [ 14.629126] ret_from_fork+0x116/0x1d0 [ 14.629311] ret_from_fork_asm+0x1a/0x30 [ 14.629504] [ 14.629622] The buggy address belongs to the object at ffff8881025ee360 [ 14.629622] which belongs to the cache kmalloc-16 of size 16 [ 14.630156] The buggy address is located 8 bytes inside of [ 14.630156] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.630711] [ 14.630805] The buggy address belongs to the physical page: [ 14.631061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.631344] flags: 0x200000000000000(node=0|zone=2) [ 14.631508] page_type: f5(slab) [ 14.631652] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.631888] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.632241] page dumped because: kasan: bad access detected [ 14.632497] [ 14.632618] Memory state around the buggy address: [ 14.632846] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.633180] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.633498] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.633834] ^ [ 14.634101] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634382] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634712] ================================================================== [ 14.541004] ================================================================== [ 14.541371] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.541752] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.542134] [ 14.542254] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.542297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.542308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.542330] Call Trace: [ 14.542341] <TASK> [ 14.542357] dump_stack_lvl+0x73/0xb0 [ 14.542385] print_report+0xd1/0x610 [ 14.542407] ? __virt_addr_valid+0x1db/0x2d0 [ 14.542429] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.542457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.542480] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.542508] kasan_report+0x141/0x180 [ 14.542529] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.542563] kasan_check_range+0x10c/0x1c0 [ 14.542586] __kasan_check_write+0x18/0x20 [ 14.542605] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.542633] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.542662] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.542686] ? trace_hardirqs_on+0x37/0xe0 [ 14.542709] ? kasan_bitops_generic+0x92/0x1c0 [ 14.542736] kasan_bitops_generic+0x121/0x1c0 [ 14.542759] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.542784] ? __pfx_read_tsc+0x10/0x10 [ 14.542804] ? ktime_get_ts64+0x86/0x230 [ 14.542828] kunit_try_run_case+0x1a5/0x480 [ 14.542853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.542898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.542922] ? __kthread_parkme+0x82/0x180 [ 14.542941] ? preempt_count_sub+0x50/0x80 [ 14.542965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.543013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.543037] kthread+0x337/0x6f0 [ 14.543066] ? trace_preempt_on+0x20/0xc0 [ 14.543088] ? __pfx_kthread+0x10/0x10 [ 14.543107] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.543128] ? calculate_sigpending+0x7b/0xa0 [ 14.543151] ? __pfx_kthread+0x10/0x10 [ 14.543172] ret_from_fork+0x116/0x1d0 [ 14.543190] ? __pfx_kthread+0x10/0x10 [ 14.543210] ret_from_fork_asm+0x1a/0x30 [ 14.543242] </TASK> [ 14.543251] [ 14.551384] Allocated by task 278: [ 14.551569] kasan_save_stack+0x45/0x70 [ 14.551866] kasan_save_track+0x18/0x40 [ 14.552015] kasan_save_alloc_info+0x3b/0x50 [ 14.552234] __kasan_kmalloc+0xb7/0xc0 [ 14.552409] __kmalloc_cache_noprof+0x189/0x420 [ 14.552593] kasan_bitops_generic+0x92/0x1c0 [ 14.552741] kunit_try_run_case+0x1a5/0x480 [ 14.552887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.553133] kthread+0x337/0x6f0 [ 14.553299] ret_from_fork+0x116/0x1d0 [ 14.553497] ret_from_fork_asm+0x1a/0x30 [ 14.553839] [ 14.553928] The buggy address belongs to the object at ffff8881025ee360 [ 14.553928] which belongs to the cache kmalloc-16 of size 16 [ 14.554396] The buggy address is located 8 bytes inside of [ 14.554396] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.554900] [ 14.554995] The buggy address belongs to the physical page: [ 14.555202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.555444] flags: 0x200000000000000(node=0|zone=2) [ 14.555677] page_type: f5(slab) [ 14.555847] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.556209] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.556552] page dumped because: kasan: bad access detected [ 14.557335] [ 14.557604] Memory state around the buggy address: [ 14.557779] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.557999] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.558852] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.559170] ^ [ 14.559448] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.559999] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.466840] ================================================================== [ 14.467252] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.468083] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.468478] [ 14.468787] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.468835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.468915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.468940] Call Trace: [ 14.468958] <TASK> [ 14.468976] dump_stack_lvl+0x73/0xb0 [ 14.469007] print_report+0xd1/0x610 [ 14.469029] ? __virt_addr_valid+0x1db/0x2d0 [ 14.469115] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.469142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.469165] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.469191] kasan_report+0x141/0x180 [ 14.469212] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.469243] kasan_check_range+0x10c/0x1c0 [ 14.469267] __kasan_check_write+0x18/0x20 [ 14.469285] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.469310] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.469337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.469360] ? trace_hardirqs_on+0x37/0xe0 [ 14.469383] ? kasan_bitops_generic+0x92/0x1c0 [ 14.469410] kasan_bitops_generic+0x116/0x1c0 [ 14.469434] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.469458] ? __pfx_read_tsc+0x10/0x10 [ 14.469478] ? ktime_get_ts64+0x86/0x230 [ 14.469502] kunit_try_run_case+0x1a5/0x480 [ 14.469526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.469547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.469572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.469606] ? __kthread_parkme+0x82/0x180 [ 14.469627] ? preempt_count_sub+0x50/0x80 [ 14.469652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.469675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.469699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.469722] kthread+0x337/0x6f0 [ 14.469740] ? trace_preempt_on+0x20/0xc0 [ 14.469761] ? __pfx_kthread+0x10/0x10 [ 14.469781] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.469802] ? calculate_sigpending+0x7b/0xa0 [ 14.469827] ? __pfx_kthread+0x10/0x10 [ 14.469847] ret_from_fork+0x116/0x1d0 [ 14.469865] ? __pfx_kthread+0x10/0x10 [ 14.469884] ret_from_fork_asm+0x1a/0x30 [ 14.469931] </TASK> [ 14.469941] [ 14.481654] Allocated by task 278: [ 14.481846] kasan_save_stack+0x45/0x70 [ 14.482128] kasan_save_track+0x18/0x40 [ 14.482431] kasan_save_alloc_info+0x3b/0x50 [ 14.482829] __kasan_kmalloc+0xb7/0xc0 [ 14.483009] __kmalloc_cache_noprof+0x189/0x420 [ 14.483216] kasan_bitops_generic+0x92/0x1c0 [ 14.483435] kunit_try_run_case+0x1a5/0x480 [ 14.483879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.484115] kthread+0x337/0x6f0 [ 14.484472] ret_from_fork+0x116/0x1d0 [ 14.484817] ret_from_fork_asm+0x1a/0x30 [ 14.485154] [ 14.485401] The buggy address belongs to the object at ffff8881025ee360 [ 14.485401] which belongs to the cache kmalloc-16 of size 16 [ 14.486031] The buggy address is located 8 bytes inside of [ 14.486031] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.486834] [ 14.486952] The buggy address belongs to the physical page: [ 14.487400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.487865] flags: 0x200000000000000(node=0|zone=2) [ 14.488200] page_type: f5(slab) [ 14.488469] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.489079] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.489510] page dumped because: kasan: bad access detected [ 14.489850] [ 14.489949] Memory state around the buggy address: [ 14.490282] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.490554] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.491138] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.491535] ^ [ 14.492062] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492467] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492852] ================================================================== [ 14.334693] ================================================================== [ 14.335197] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.335542] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.335881] [ 14.336000] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.336048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.336069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.336093] Call Trace: [ 14.336105] <TASK> [ 14.336124] dump_stack_lvl+0x73/0xb0 [ 14.336155] print_report+0xd1/0x610 [ 14.336179] ? __virt_addr_valid+0x1db/0x2d0 [ 14.336202] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.336228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.336250] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.336276] kasan_report+0x141/0x180 [ 14.336299] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.336331] kasan_check_range+0x10c/0x1c0 [ 14.336355] __kasan_check_write+0x18/0x20 [ 14.336374] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.336399] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.336426] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.336451] ? trace_hardirqs_on+0x37/0xe0 [ 14.336473] ? kasan_bitops_generic+0x92/0x1c0 [ 14.336500] kasan_bitops_generic+0x116/0x1c0 [ 14.336523] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.336548] ? __pfx_read_tsc+0x10/0x10 [ 14.336590] ? ktime_get_ts64+0x86/0x230 [ 14.336616] kunit_try_run_case+0x1a5/0x480 [ 14.336641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.336663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.336687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.336710] ? __kthread_parkme+0x82/0x180 [ 14.336731] ? preempt_count_sub+0x50/0x80 [ 14.336756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.336779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.336803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.336827] kthread+0x337/0x6f0 [ 14.336845] ? trace_preempt_on+0x20/0xc0 [ 14.336866] ? __pfx_kthread+0x10/0x10 [ 14.336886] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.336907] ? calculate_sigpending+0x7b/0xa0 [ 14.336931] ? __pfx_kthread+0x10/0x10 [ 14.336952] ret_from_fork+0x116/0x1d0 [ 14.336971] ? __pfx_kthread+0x10/0x10 [ 14.336990] ret_from_fork_asm+0x1a/0x30 [ 14.337023] </TASK> [ 14.337034] [ 14.344645] Allocated by task 278: [ 14.344841] kasan_save_stack+0x45/0x70 [ 14.345042] kasan_save_track+0x18/0x40 [ 14.345204] kasan_save_alloc_info+0x3b/0x50 [ 14.345410] __kasan_kmalloc+0xb7/0xc0 [ 14.345565] __kmalloc_cache_noprof+0x189/0x420 [ 14.345745] kasan_bitops_generic+0x92/0x1c0 [ 14.345895] kunit_try_run_case+0x1a5/0x480 [ 14.346118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.346374] kthread+0x337/0x6f0 [ 14.346545] ret_from_fork+0x116/0x1d0 [ 14.346755] ret_from_fork_asm+0x1a/0x30 [ 14.346952] [ 14.347045] The buggy address belongs to the object at ffff8881025ee360 [ 14.347045] which belongs to the cache kmalloc-16 of size 16 [ 14.347486] The buggy address is located 8 bytes inside of [ 14.347486] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.347864] [ 14.347940] The buggy address belongs to the physical page: [ 14.348139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.348493] flags: 0x200000000000000(node=0|zone=2) [ 14.348759] page_type: f5(slab) [ 14.348932] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.349292] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.349624] page dumped because: kasan: bad access detected [ 14.349851] [ 14.349933] Memory state around the buggy address: [ 14.350146] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.350369] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.350656] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.350970] ^ [ 14.351274] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.351551] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.351785] ================================================================== [ 14.370933] ================================================================== [ 14.371332] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.372145] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.372402] [ 14.372514] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.372557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.372589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.372613] Call Trace: [ 14.372624] <TASK> [ 14.372713] dump_stack_lvl+0x73/0xb0 [ 14.372744] print_report+0xd1/0x610 [ 14.372767] ? __virt_addr_valid+0x1db/0x2d0 [ 14.372789] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.372814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.372837] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.372863] kasan_report+0x141/0x180 [ 14.372884] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.372915] kasan_check_range+0x10c/0x1c0 [ 14.372938] __kasan_check_write+0x18/0x20 [ 14.372956] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.373011] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.373037] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.373123] ? trace_hardirqs_on+0x37/0xe0 [ 14.373147] ? kasan_bitops_generic+0x92/0x1c0 [ 14.373264] kasan_bitops_generic+0x116/0x1c0 [ 14.373291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.373316] ? __pfx_read_tsc+0x10/0x10 [ 14.373336] ? ktime_get_ts64+0x86/0x230 [ 14.373360] kunit_try_run_case+0x1a5/0x480 [ 14.373385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.373406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.373431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.373454] ? __kthread_parkme+0x82/0x180 [ 14.373475] ? preempt_count_sub+0x50/0x80 [ 14.373893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.373920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.373945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.373969] kthread+0x337/0x6f0 [ 14.373988] ? trace_preempt_on+0x20/0xc0 [ 14.374010] ? __pfx_kthread+0x10/0x10 [ 14.374029] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.374062] ? calculate_sigpending+0x7b/0xa0 [ 14.374086] ? __pfx_kthread+0x10/0x10 [ 14.374107] ret_from_fork+0x116/0x1d0 [ 14.374125] ? __pfx_kthread+0x10/0x10 [ 14.374145] ret_from_fork_asm+0x1a/0x30 [ 14.374176] </TASK> [ 14.374186] [ 14.385252] Allocated by task 278: [ 14.385420] kasan_save_stack+0x45/0x70 [ 14.385845] kasan_save_track+0x18/0x40 [ 14.386123] kasan_save_alloc_info+0x3b/0x50 [ 14.386434] __kasan_kmalloc+0xb7/0xc0 [ 14.386738] __kmalloc_cache_noprof+0x189/0x420 [ 14.387040] kasan_bitops_generic+0x92/0x1c0 [ 14.387326] kunit_try_run_case+0x1a5/0x480 [ 14.387493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387837] kthread+0x337/0x6f0 [ 14.388002] ret_from_fork+0x116/0x1d0 [ 14.388197] ret_from_fork_asm+0x1a/0x30 [ 14.388386] [ 14.388467] The buggy address belongs to the object at ffff8881025ee360 [ 14.388467] which belongs to the cache kmalloc-16 of size 16 [ 14.389385] The buggy address is located 8 bytes inside of [ 14.389385] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.390121] [ 14.390249] The buggy address belongs to the physical page: [ 14.390672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.391107] flags: 0x200000000000000(node=0|zone=2) [ 14.391335] page_type: f5(slab) [ 14.391496] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.392024] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.392455] page dumped because: kasan: bad access detected [ 14.392831] [ 14.392930] Memory state around the buggy address: [ 14.393293] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.393725] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.394133] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.394415] ^ [ 14.394849] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.395215] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.395614] ================================================================== [ 14.440794] ================================================================== [ 14.441147] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.441466] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.441788] [ 14.441894] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.441951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.441963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.441984] Call Trace: [ 14.441995] <TASK> [ 14.442013] dump_stack_lvl+0x73/0xb0 [ 14.442044] print_report+0xd1/0x610 [ 14.442077] ? __virt_addr_valid+0x1db/0x2d0 [ 14.442101] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.442126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.442148] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.442174] kasan_report+0x141/0x180 [ 14.442195] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.442231] kasan_check_range+0x10c/0x1c0 [ 14.442254] __kasan_check_write+0x18/0x20 [ 14.442273] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.442298] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.442325] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.442351] ? trace_hardirqs_on+0x37/0xe0 [ 14.442374] ? kasan_bitops_generic+0x92/0x1c0 [ 14.442402] kasan_bitops_generic+0x116/0x1c0 [ 14.442426] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.442449] ? __pfx_read_tsc+0x10/0x10 [ 14.442470] ? ktime_get_ts64+0x86/0x230 [ 14.442494] kunit_try_run_case+0x1a5/0x480 [ 14.442519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.442567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.442994] ? __kthread_parkme+0x82/0x180 [ 14.443023] ? preempt_count_sub+0x50/0x80 [ 14.443048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.443087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.443111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.443235] kthread+0x337/0x6f0 [ 14.443259] ? trace_preempt_on+0x20/0xc0 [ 14.443281] ? __pfx_kthread+0x10/0x10 [ 14.443301] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.443323] ? calculate_sigpending+0x7b/0xa0 [ 14.443348] ? __pfx_kthread+0x10/0x10 [ 14.443369] ret_from_fork+0x116/0x1d0 [ 14.443388] ? __pfx_kthread+0x10/0x10 [ 14.443408] ret_from_fork_asm+0x1a/0x30 [ 14.443442] </TASK> [ 14.443452] [ 14.456269] Allocated by task 278: [ 14.456527] kasan_save_stack+0x45/0x70 [ 14.456778] kasan_save_track+0x18/0x40 [ 14.456977] kasan_save_alloc_info+0x3b/0x50 [ 14.457171] __kasan_kmalloc+0xb7/0xc0 [ 14.457363] __kmalloc_cache_noprof+0x189/0x420 [ 14.457538] kasan_bitops_generic+0x92/0x1c0 [ 14.457860] kunit_try_run_case+0x1a5/0x480 [ 14.458138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.458402] kthread+0x337/0x6f0 [ 14.458570] ret_from_fork+0x116/0x1d0 [ 14.458826] ret_from_fork_asm+0x1a/0x30 [ 14.459028] [ 14.459133] The buggy address belongs to the object at ffff8881025ee360 [ 14.459133] which belongs to the cache kmalloc-16 of size 16 [ 14.459557] The buggy address is located 8 bytes inside of [ 14.459557] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.460108] [ 14.460239] The buggy address belongs to the physical page: [ 14.460572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.460966] flags: 0x200000000000000(node=0|zone=2) [ 14.461234] page_type: f5(slab) [ 14.461411] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.461780] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.462065] page dumped because: kasan: bad access detected [ 14.462264] [ 14.462357] Memory state around the buggy address: [ 14.462642] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.463194] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.463568] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.463845] ^ [ 14.464482] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.465132] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.465398] ================================================================== [ 14.495104] ================================================================== [ 14.495544] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.495825] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.496334] [ 14.496460] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.496507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.496518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.496540] Call Trace: [ 14.496558] <TASK> [ 14.496578] dump_stack_lvl+0x73/0xb0 [ 14.496607] print_report+0xd1/0x610 [ 14.496630] ? __virt_addr_valid+0x1db/0x2d0 [ 14.496653] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.496678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.496702] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.496729] kasan_report+0x141/0x180 [ 14.496750] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.496782] kasan_check_range+0x10c/0x1c0 [ 14.496805] __kasan_check_write+0x18/0x20 [ 14.496823] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.496849] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.496876] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.496900] ? trace_hardirqs_on+0x37/0xe0 [ 14.496922] ? kasan_bitops_generic+0x92/0x1c0 [ 14.496950] kasan_bitops_generic+0x116/0x1c0 [ 14.496974] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.496999] ? __pfx_read_tsc+0x10/0x10 [ 14.497019] ? ktime_get_ts64+0x86/0x230 [ 14.497043] kunit_try_run_case+0x1a5/0x480 [ 14.497080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.497126] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.497150] ? __kthread_parkme+0x82/0x180 [ 14.497170] ? preempt_count_sub+0x50/0x80 [ 14.497195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.497243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.497267] kthread+0x337/0x6f0 [ 14.497286] ? trace_preempt_on+0x20/0xc0 [ 14.497308] ? __pfx_kthread+0x10/0x10 [ 14.497327] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.497349] ? calculate_sigpending+0x7b/0xa0 [ 14.497373] ? __pfx_kthread+0x10/0x10 [ 14.497394] ret_from_fork+0x116/0x1d0 [ 14.497413] ? __pfx_kthread+0x10/0x10 [ 14.497433] ret_from_fork_asm+0x1a/0x30 [ 14.497467] </TASK> [ 14.497478] [ 14.508651] Allocated by task 278: [ 14.508890] kasan_save_stack+0x45/0x70 [ 14.509118] kasan_save_track+0x18/0x40 [ 14.509322] kasan_save_alloc_info+0x3b/0x50 [ 14.509533] __kasan_kmalloc+0xb7/0xc0 [ 14.509755] __kmalloc_cache_noprof+0x189/0x420 [ 14.509916] kasan_bitops_generic+0x92/0x1c0 [ 14.510074] kunit_try_run_case+0x1a5/0x480 [ 14.510268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.510524] kthread+0x337/0x6f0 [ 14.511093] ret_from_fork+0x116/0x1d0 [ 14.511239] ret_from_fork_asm+0x1a/0x30 [ 14.511606] [ 14.511875] The buggy address belongs to the object at ffff8881025ee360 [ 14.511875] which belongs to the cache kmalloc-16 of size 16 [ 14.512411] The buggy address is located 8 bytes inside of [ 14.512411] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.512924] [ 14.513037] The buggy address belongs to the physical page: [ 14.513254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.513913] flags: 0x200000000000000(node=0|zone=2) [ 14.514222] page_type: f5(slab) [ 14.514533] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.514889] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.515205] page dumped because: kasan: bad access detected [ 14.515431] [ 14.515505] Memory state around the buggy address: [ 14.515902] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.516290] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.516540] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.517014] ^ [ 14.517392] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517697] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518085] ================================================================== [ 14.352466] ================================================================== [ 14.353247] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.353661] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.354001] [ 14.354128] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.354172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.354183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.354205] Call Trace: [ 14.354227] <TASK> [ 14.354245] dump_stack_lvl+0x73/0xb0 [ 14.354273] print_report+0xd1/0x610 [ 14.354294] ? __virt_addr_valid+0x1db/0x2d0 [ 14.354317] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.354342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.354365] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.354391] kasan_report+0x141/0x180 [ 14.354412] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.354443] kasan_check_range+0x10c/0x1c0 [ 14.354466] __kasan_check_write+0x18/0x20 [ 14.354484] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.354510] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.354537] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.354560] ? trace_hardirqs_on+0x37/0xe0 [ 14.354611] ? kasan_bitops_generic+0x92/0x1c0 [ 14.354638] kasan_bitops_generic+0x116/0x1c0 [ 14.354661] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.354686] ? __pfx_read_tsc+0x10/0x10 [ 14.354707] ? ktime_get_ts64+0x86/0x230 [ 14.354731] kunit_try_run_case+0x1a5/0x480 [ 14.354755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.354777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.354801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.354824] ? __kthread_parkme+0x82/0x180 [ 14.354844] ? preempt_count_sub+0x50/0x80 [ 14.354869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.354892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.354915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.354939] kthread+0x337/0x6f0 [ 14.354958] ? trace_preempt_on+0x20/0xc0 [ 14.354978] ? __pfx_kthread+0x10/0x10 [ 14.354998] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.355018] ? calculate_sigpending+0x7b/0xa0 [ 14.355042] ? __pfx_kthread+0x10/0x10 [ 14.355072] ret_from_fork+0x116/0x1d0 [ 14.355090] ? __pfx_kthread+0x10/0x10 [ 14.355110] ret_from_fork_asm+0x1a/0x30 [ 14.355142] </TASK> [ 14.355153] [ 14.362691] Allocated by task 278: [ 14.362871] kasan_save_stack+0x45/0x70 [ 14.363080] kasan_save_track+0x18/0x40 [ 14.363266] kasan_save_alloc_info+0x3b/0x50 [ 14.363478] __kasan_kmalloc+0xb7/0xc0 [ 14.363693] __kmalloc_cache_noprof+0x189/0x420 [ 14.363914] kasan_bitops_generic+0x92/0x1c0 [ 14.364135] kunit_try_run_case+0x1a5/0x480 [ 14.364330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.364546] kthread+0x337/0x6f0 [ 14.364731] ret_from_fork+0x116/0x1d0 [ 14.364874] ret_from_fork_asm+0x1a/0x30 [ 14.365088] [ 14.365182] The buggy address belongs to the object at ffff8881025ee360 [ 14.365182] which belongs to the cache kmalloc-16 of size 16 [ 14.365565] The buggy address is located 8 bytes inside of [ 14.365565] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.365938] [ 14.366028] The buggy address belongs to the physical page: [ 14.366290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.366669] flags: 0x200000000000000(node=0|zone=2) [ 14.366906] page_type: f5(slab) [ 14.367082] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.367422] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.367742] page dumped because: kasan: bad access detected [ 14.367919] [ 14.367988] Memory state around the buggy address: [ 14.368177] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.368495] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.368841] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.369173] ^ [ 14.369481] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.369832] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.370142] ================================================================== [ 14.396921] ================================================================== [ 14.397270] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.397621] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.397953] [ 14.398073] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.398119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.398131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.398153] Call Trace: [ 14.398172] <TASK> [ 14.398191] dump_stack_lvl+0x73/0xb0 [ 14.398225] print_report+0xd1/0x610 [ 14.398248] ? __virt_addr_valid+0x1db/0x2d0 [ 14.398271] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.398296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.398319] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.398345] kasan_report+0x141/0x180 [ 14.398366] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.398398] kasan_check_range+0x10c/0x1c0 [ 14.398421] __kasan_check_write+0x18/0x20 [ 14.398440] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.398465] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.398491] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.398515] ? trace_hardirqs_on+0x37/0xe0 [ 14.398537] ? kasan_bitops_generic+0x92/0x1c0 [ 14.398565] kasan_bitops_generic+0x116/0x1c0 [ 14.398600] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.398625] ? __pfx_read_tsc+0x10/0x10 [ 14.398648] ? ktime_get_ts64+0x86/0x230 [ 14.398672] kunit_try_run_case+0x1a5/0x480 [ 14.398695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.398741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.398763] ? __kthread_parkme+0x82/0x180 [ 14.398783] ? preempt_count_sub+0x50/0x80 [ 14.398807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398878] kthread+0x337/0x6f0 [ 14.398896] ? trace_preempt_on+0x20/0xc0 [ 14.398917] ? __pfx_kthread+0x10/0x10 [ 14.398937] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398958] ? calculate_sigpending+0x7b/0xa0 [ 14.398982] ? __pfx_kthread+0x10/0x10 [ 14.399002] ret_from_fork+0x116/0x1d0 [ 14.399020] ? __pfx_kthread+0x10/0x10 [ 14.399039] ret_from_fork_asm+0x1a/0x30 [ 14.399082] </TASK> [ 14.399091] [ 14.406810] Allocated by task 278: [ 14.406937] kasan_save_stack+0x45/0x70 [ 14.407222] kasan_save_track+0x18/0x40 [ 14.407416] kasan_save_alloc_info+0x3b/0x50 [ 14.407631] __kasan_kmalloc+0xb7/0xc0 [ 14.407823] __kmalloc_cache_noprof+0x189/0x420 [ 14.408086] kasan_bitops_generic+0x92/0x1c0 [ 14.408256] kunit_try_run_case+0x1a5/0x480 [ 14.408453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.408753] kthread+0x337/0x6f0 [ 14.408919] ret_from_fork+0x116/0x1d0 [ 14.409092] ret_from_fork_asm+0x1a/0x30 [ 14.409265] [ 14.409338] The buggy address belongs to the object at ffff8881025ee360 [ 14.409338] which belongs to the cache kmalloc-16 of size 16 [ 14.409865] The buggy address is located 8 bytes inside of [ 14.409865] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.410354] [ 14.410453] The buggy address belongs to the physical page: [ 14.410660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.411047] flags: 0x200000000000000(node=0|zone=2) [ 14.411283] page_type: f5(slab) [ 14.411426] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.411694] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.412857] page dumped because: kasan: bad access detected [ 14.413091] [ 14.413163] Memory state around the buggy address: [ 14.413321] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.413625] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.413918] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.414139] ^ [ 14.414345] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.415136] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.415480] ================================================================== [ 14.417881] ================================================================== [ 14.418234] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.418576] Write of size 8 at addr ffff8881025ee368 by task kunit_try_catch/278 [ 14.418939] [ 14.419033] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.419089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.419100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.419122] Call Trace: [ 14.419139] <TASK> [ 14.419157] dump_stack_lvl+0x73/0xb0 [ 14.419186] print_report+0xd1/0x610 [ 14.419208] ? __virt_addr_valid+0x1db/0x2d0 [ 14.419231] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.419256] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.419278] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.419304] kasan_report+0x141/0x180 [ 14.419325] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.419356] kasan_check_range+0x10c/0x1c0 [ 14.419379] __kasan_check_write+0x18/0x20 [ 14.419397] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.419424] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.419451] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.419475] ? trace_hardirqs_on+0x37/0xe0 [ 14.419497] ? kasan_bitops_generic+0x92/0x1c0 [ 14.419525] kasan_bitops_generic+0x116/0x1c0 [ 14.419550] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.419575] ? __pfx_read_tsc+0x10/0x10 [ 14.419611] ? ktime_get_ts64+0x86/0x230 [ 14.419637] kunit_try_run_case+0x1a5/0x480 [ 14.419662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.419708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.419731] ? __kthread_parkme+0x82/0x180 [ 14.419751] ? preempt_count_sub+0x50/0x80 [ 14.419776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.419798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.419822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.419847] kthread+0x337/0x6f0 [ 14.419865] ? trace_preempt_on+0x20/0xc0 [ 14.419886] ? __pfx_kthread+0x10/0x10 [ 14.419906] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.419926] ? calculate_sigpending+0x7b/0xa0 [ 14.419950] ? __pfx_kthread+0x10/0x10 [ 14.419971] ret_from_fork+0x116/0x1d0 [ 14.419989] ? __pfx_kthread+0x10/0x10 [ 14.420008] ret_from_fork_asm+0x1a/0x30 [ 14.420041] </TASK> [ 14.420061] [ 14.429902] Allocated by task 278: [ 14.430088] kasan_save_stack+0x45/0x70 [ 14.430295] kasan_save_track+0x18/0x40 [ 14.430485] kasan_save_alloc_info+0x3b/0x50 [ 14.430971] __kasan_kmalloc+0xb7/0xc0 [ 14.431159] __kmalloc_cache_noprof+0x189/0x420 [ 14.431477] kasan_bitops_generic+0x92/0x1c0 [ 14.431790] kunit_try_run_case+0x1a5/0x480 [ 14.432041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.432357] kthread+0x337/0x6f0 [ 14.432490] ret_from_fork+0x116/0x1d0 [ 14.432777] ret_from_fork_asm+0x1a/0x30 [ 14.433012] [ 14.433122] The buggy address belongs to the object at ffff8881025ee360 [ 14.433122] which belongs to the cache kmalloc-16 of size 16 [ 14.433756] The buggy address is located 8 bytes inside of [ 14.433756] allocated 9-byte region [ffff8881025ee360, ffff8881025ee369) [ 14.434267] [ 14.434349] The buggy address belongs to the physical page: [ 14.434582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 14.434914] flags: 0x200000000000000(node=0|zone=2) [ 14.435142] page_type: f5(slab) [ 14.435296] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.435594] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.436409] page dumped because: kasan: bad access detected [ 14.436678] [ 14.436906] Memory state around the buggy address: [ 14.437110] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.437514] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.437898] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.438294] ^ [ 14.438530] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439099] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439466] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.308038] ================================================================== [ 14.308548] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.309009] Read of size 1 at addr ffff8881026c3d90 by task kunit_try_catch/276 [ 14.309319] [ 14.309405] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.309447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.309458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.309479] Call Trace: [ 14.309495] <TASK> [ 14.309512] dump_stack_lvl+0x73/0xb0 [ 14.309539] print_report+0xd1/0x610 [ 14.309560] ? __virt_addr_valid+0x1db/0x2d0 [ 14.309583] ? strnlen+0x73/0x80 [ 14.309599] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.309622] ? strnlen+0x73/0x80 [ 14.309639] kasan_report+0x141/0x180 [ 14.309660] ? strnlen+0x73/0x80 [ 14.309682] __asan_report_load1_noabort+0x18/0x20 [ 14.309707] strnlen+0x73/0x80 [ 14.309725] kasan_strings+0x615/0xe80 [ 14.309743] ? trace_hardirqs_on+0x37/0xe0 [ 14.309768] ? __pfx_kasan_strings+0x10/0x10 [ 14.309787] ? finish_task_switch.isra.0+0x153/0x700 [ 14.309810] ? __switch_to+0x47/0xf50 [ 14.309836] ? __schedule+0x10cc/0x2b60 [ 14.309859] ? __pfx_read_tsc+0x10/0x10 [ 14.309878] ? ktime_get_ts64+0x86/0x230 [ 14.309902] kunit_try_run_case+0x1a5/0x480 [ 14.309925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.309947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.309970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.309993] ? __kthread_parkme+0x82/0x180 [ 14.310013] ? preempt_count_sub+0x50/0x80 [ 14.310036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.310069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.310117] kthread+0x337/0x6f0 [ 14.310135] ? trace_preempt_on+0x20/0xc0 [ 14.310156] ? __pfx_kthread+0x10/0x10 [ 14.310175] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.310196] ? calculate_sigpending+0x7b/0xa0 [ 14.310224] ? __pfx_kthread+0x10/0x10 [ 14.310245] ret_from_fork+0x116/0x1d0 [ 14.310263] ? __pfx_kthread+0x10/0x10 [ 14.310282] ret_from_fork_asm+0x1a/0x30 [ 14.310315] </TASK> [ 14.310325] [ 14.318964] Allocated by task 276: [ 14.319170] kasan_save_stack+0x45/0x70 [ 14.319345] kasan_save_track+0x18/0x40 [ 14.319482] kasan_save_alloc_info+0x3b/0x50 [ 14.319657] __kasan_kmalloc+0xb7/0xc0 [ 14.319849] __kmalloc_cache_noprof+0x189/0x420 [ 14.320242] kasan_strings+0xc0/0xe80 [ 14.320418] kunit_try_run_case+0x1a5/0x480 [ 14.320606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.320963] kthread+0x337/0x6f0 [ 14.321108] ret_from_fork+0x116/0x1d0 [ 14.321245] ret_from_fork_asm+0x1a/0x30 [ 14.321386] [ 14.321456] Freed by task 276: [ 14.321567] kasan_save_stack+0x45/0x70 [ 14.321721] kasan_save_track+0x18/0x40 [ 14.321915] kasan_save_free_info+0x3f/0x60 [ 14.322147] __kasan_slab_free+0x56/0x70 [ 14.322345] kfree+0x222/0x3f0 [ 14.322511] kasan_strings+0x2aa/0xe80 [ 14.322701] kunit_try_run_case+0x1a5/0x480 [ 14.322918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323289] kthread+0x337/0x6f0 [ 14.323446] ret_from_fork+0x116/0x1d0 [ 14.323652] ret_from_fork_asm+0x1a/0x30 [ 14.323997] [ 14.324086] The buggy address belongs to the object at ffff8881026c3d80 [ 14.324086] which belongs to the cache kmalloc-32 of size 32 [ 14.324510] The buggy address is located 16 bytes inside of [ 14.324510] freed 32-byte region [ffff8881026c3d80, ffff8881026c3da0) [ 14.325157] [ 14.325257] The buggy address belongs to the physical page: [ 14.325516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c3 [ 14.325952] flags: 0x200000000000000(node=0|zone=2) [ 14.326176] page_type: f5(slab) [ 14.326316] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.326690] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.327108] page dumped because: kasan: bad access detected [ 14.327338] [ 14.327433] Memory state around the buggy address: [ 14.327658] ffff8881026c3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.327940] ffff8881026c3d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.328247] >ffff8881026c3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.328530] ^ [ 14.328696] ffff8881026c3e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.328953] ffff8881026c3e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.329406] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.286690] ================================================================== [ 14.287203] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.287469] Read of size 1 at addr ffff8881026c3d90 by task kunit_try_catch/276 [ 14.287872] [ 14.287973] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.288017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.288028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.288062] Call Trace: [ 14.288077] <TASK> [ 14.288092] dump_stack_lvl+0x73/0xb0 [ 14.288118] print_report+0xd1/0x610 [ 14.288139] ? __virt_addr_valid+0x1db/0x2d0 [ 14.288161] ? strlen+0x8f/0xb0 [ 14.288177] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.288200] ? strlen+0x8f/0xb0 [ 14.288216] kasan_report+0x141/0x180 [ 14.288238] ? strlen+0x8f/0xb0 [ 14.288260] __asan_report_load1_noabort+0x18/0x20 [ 14.288284] strlen+0x8f/0xb0 [ 14.288301] kasan_strings+0x57b/0xe80 [ 14.288320] ? trace_hardirqs_on+0x37/0xe0 [ 14.288344] ? __pfx_kasan_strings+0x10/0x10 [ 14.288363] ? finish_task_switch.isra.0+0x153/0x700 [ 14.288385] ? __switch_to+0x47/0xf50 [ 14.288411] ? __schedule+0x10cc/0x2b60 [ 14.288433] ? __pfx_read_tsc+0x10/0x10 [ 14.288452] ? ktime_get_ts64+0x86/0x230 [ 14.288476] kunit_try_run_case+0x1a5/0x480 [ 14.288500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.288545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.288568] ? __kthread_parkme+0x82/0x180 [ 14.288588] ? preempt_count_sub+0x50/0x80 [ 14.288625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.288696] kthread+0x337/0x6f0 [ 14.288713] ? trace_preempt_on+0x20/0xc0 [ 14.288735] ? __pfx_kthread+0x10/0x10 [ 14.288754] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.288775] ? calculate_sigpending+0x7b/0xa0 [ 14.288800] ? __pfx_kthread+0x10/0x10 [ 14.288820] ret_from_fork+0x116/0x1d0 [ 14.288838] ? __pfx_kthread+0x10/0x10 [ 14.288857] ret_from_fork_asm+0x1a/0x30 [ 14.288889] </TASK> [ 14.288899] [ 14.297369] Allocated by task 276: [ 14.297509] kasan_save_stack+0x45/0x70 [ 14.297696] kasan_save_track+0x18/0x40 [ 14.297892] kasan_save_alloc_info+0x3b/0x50 [ 14.298120] __kasan_kmalloc+0xb7/0xc0 [ 14.298312] __kmalloc_cache_noprof+0x189/0x420 [ 14.298531] kasan_strings+0xc0/0xe80 [ 14.298893] kunit_try_run_case+0x1a5/0x480 [ 14.299117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.299328] kthread+0x337/0x6f0 [ 14.299450] ret_from_fork+0x116/0x1d0 [ 14.299688] ret_from_fork_asm+0x1a/0x30 [ 14.300070] [ 14.300177] Freed by task 276: [ 14.300310] kasan_save_stack+0x45/0x70 [ 14.300500] kasan_save_track+0x18/0x40 [ 14.300704] kasan_save_free_info+0x3f/0x60 [ 14.300981] __kasan_slab_free+0x56/0x70 [ 14.301168] kfree+0x222/0x3f0 [ 14.301336] kasan_strings+0x2aa/0xe80 [ 14.301511] kunit_try_run_case+0x1a5/0x480 [ 14.301706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.301982] kthread+0x337/0x6f0 [ 14.302154] ret_from_fork+0x116/0x1d0 [ 14.302321] ret_from_fork_asm+0x1a/0x30 [ 14.302519] [ 14.302593] The buggy address belongs to the object at ffff8881026c3d80 [ 14.302593] which belongs to the cache kmalloc-32 of size 32 [ 14.303225] The buggy address is located 16 bytes inside of [ 14.303225] freed 32-byte region [ffff8881026c3d80, ffff8881026c3da0) [ 14.303698] [ 14.303791] The buggy address belongs to the physical page: [ 14.304031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c3 [ 14.304342] flags: 0x200000000000000(node=0|zone=2) [ 14.304580] page_type: f5(slab) [ 14.304957] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.305294] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.305574] page dumped because: kasan: bad access detected [ 14.305809] [ 14.305911] Memory state around the buggy address: [ 14.306077] ffff8881026c3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.306393] ffff8881026c3d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.306612] >ffff8881026c3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.306870] ^ [ 14.307062] ffff8881026c3e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.307376] ffff8881026c3e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.307648] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.265597] ================================================================== [ 14.265968] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.266264] Read of size 1 at addr ffff8881026c3d90 by task kunit_try_catch/276 [ 14.266568] [ 14.266728] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.266771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.266782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.266804] Call Trace: [ 14.266821] <TASK> [ 14.266839] dump_stack_lvl+0x73/0xb0 [ 14.266867] print_report+0xd1/0x610 [ 14.266888] ? __virt_addr_valid+0x1db/0x2d0 [ 14.266910] ? kasan_strings+0xcbc/0xe80 [ 14.266931] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.266953] ? kasan_strings+0xcbc/0xe80 [ 14.267189] kasan_report+0x141/0x180 [ 14.267213] ? kasan_strings+0xcbc/0xe80 [ 14.267239] __asan_report_load1_noabort+0x18/0x20 [ 14.267264] kasan_strings+0xcbc/0xe80 [ 14.267283] ? trace_hardirqs_on+0x37/0xe0 [ 14.267307] ? __pfx_kasan_strings+0x10/0x10 [ 14.267326] ? finish_task_switch.isra.0+0x153/0x700 [ 14.267349] ? __switch_to+0x47/0xf50 [ 14.267375] ? __schedule+0x10cc/0x2b60 [ 14.267397] ? __pfx_read_tsc+0x10/0x10 [ 14.267417] ? ktime_get_ts64+0x86/0x230 [ 14.267441] kunit_try_run_case+0x1a5/0x480 [ 14.267465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.267510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.267534] ? __kthread_parkme+0x82/0x180 [ 14.267553] ? preempt_count_sub+0x50/0x80 [ 14.267576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.267646] kthread+0x337/0x6f0 [ 14.267665] ? trace_preempt_on+0x20/0xc0 [ 14.267685] ? __pfx_kthread+0x10/0x10 [ 14.267705] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.267727] ? calculate_sigpending+0x7b/0xa0 [ 14.267751] ? __pfx_kthread+0x10/0x10 [ 14.267772] ret_from_fork+0x116/0x1d0 [ 14.267789] ? __pfx_kthread+0x10/0x10 [ 14.267950] ret_from_fork_asm+0x1a/0x30 [ 14.267987] </TASK> [ 14.267997] [ 14.275340] Allocated by task 276: [ 14.275524] kasan_save_stack+0x45/0x70 [ 14.275957] kasan_save_track+0x18/0x40 [ 14.276128] kasan_save_alloc_info+0x3b/0x50 [ 14.276325] __kasan_kmalloc+0xb7/0xc0 [ 14.276518] __kmalloc_cache_noprof+0x189/0x420 [ 14.276737] kasan_strings+0xc0/0xe80 [ 14.276869] kunit_try_run_case+0x1a5/0x480 [ 14.277016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.277201] kthread+0x337/0x6f0 [ 14.277435] ret_from_fork+0x116/0x1d0 [ 14.277625] ret_from_fork_asm+0x1a/0x30 [ 14.277862] [ 14.277962] Freed by task 276: [ 14.278136] kasan_save_stack+0x45/0x70 [ 14.278338] kasan_save_track+0x18/0x40 [ 14.278529] kasan_save_free_info+0x3f/0x60 [ 14.278725] __kasan_slab_free+0x56/0x70 [ 14.278906] kfree+0x222/0x3f0 [ 14.279062] kasan_strings+0x2aa/0xe80 [ 14.279229] kunit_try_run_case+0x1a5/0x480 [ 14.279376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.279553] kthread+0x337/0x6f0 [ 14.279802] ret_from_fork+0x116/0x1d0 [ 14.279985] ret_from_fork_asm+0x1a/0x30 [ 14.280453] [ 14.280558] The buggy address belongs to the object at ffff8881026c3d80 [ 14.280558] which belongs to the cache kmalloc-32 of size 32 [ 14.281210] The buggy address is located 16 bytes inside of [ 14.281210] freed 32-byte region [ffff8881026c3d80, ffff8881026c3da0) [ 14.281712] [ 14.281788] The buggy address belongs to the physical page: [ 14.282101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c3 [ 14.282419] flags: 0x200000000000000(node=0|zone=2) [ 14.282680] page_type: f5(slab) [ 14.282863] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.283142] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.283378] page dumped because: kasan: bad access detected [ 14.283557] [ 14.283701] Memory state around the buggy address: [ 14.283923] ffff8881026c3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.284425] ffff8881026c3d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.284984] >ffff8881026c3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.285258] ^ [ 14.285443] ffff8881026c3e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.285743] ffff8881026c3e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.286175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.242624] ================================================================== [ 14.243603] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.243896] Read of size 1 at addr ffff8881026c3d90 by task kunit_try_catch/276 [ 14.244345] [ 14.244467] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.244515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.244528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.244549] Call Trace: [ 14.244561] <TASK> [ 14.244580] dump_stack_lvl+0x73/0xb0 [ 14.244609] print_report+0xd1/0x610 [ 14.244632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.244654] ? strcmp+0xb0/0xc0 [ 14.244671] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.244692] ? strcmp+0xb0/0xc0 [ 14.244710] kasan_report+0x141/0x180 [ 14.244731] ? strcmp+0xb0/0xc0 [ 14.244754] __asan_report_load1_noabort+0x18/0x20 [ 14.244779] strcmp+0xb0/0xc0 [ 14.244797] kasan_strings+0x431/0xe80 [ 14.244815] ? trace_hardirqs_on+0x37/0xe0 [ 14.244839] ? __pfx_kasan_strings+0x10/0x10 [ 14.244908] ? finish_task_switch.isra.0+0x153/0x700 [ 14.244931] ? __switch_to+0x47/0xf50 [ 14.244959] ? __schedule+0x10cc/0x2b60 [ 14.244983] ? __pfx_read_tsc+0x10/0x10 [ 14.245003] ? ktime_get_ts64+0x86/0x230 [ 14.245028] kunit_try_run_case+0x1a5/0x480 [ 14.245067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.245088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.245112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.245135] ? __kthread_parkme+0x82/0x180 [ 14.245156] ? preempt_count_sub+0x50/0x80 [ 14.245178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.245202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.245225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.245249] kthread+0x337/0x6f0 [ 14.245267] ? trace_preempt_on+0x20/0xc0 [ 14.245290] ? __pfx_kthread+0x10/0x10 [ 14.245310] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.245331] ? calculate_sigpending+0x7b/0xa0 [ 14.245355] ? __pfx_kthread+0x10/0x10 [ 14.245377] ret_from_fork+0x116/0x1d0 [ 14.245395] ? __pfx_kthread+0x10/0x10 [ 14.245415] ret_from_fork_asm+0x1a/0x30 [ 14.245447] </TASK> [ 14.245458] [ 14.253515] Allocated by task 276: [ 14.253663] kasan_save_stack+0x45/0x70 [ 14.253873] kasan_save_track+0x18/0x40 [ 14.254081] kasan_save_alloc_info+0x3b/0x50 [ 14.254347] __kasan_kmalloc+0xb7/0xc0 [ 14.254589] __kmalloc_cache_noprof+0x189/0x420 [ 14.254862] kasan_strings+0xc0/0xe80 [ 14.255028] kunit_try_run_case+0x1a5/0x480 [ 14.255217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.255440] kthread+0x337/0x6f0 [ 14.255622] ret_from_fork+0x116/0x1d0 [ 14.255812] ret_from_fork_asm+0x1a/0x30 [ 14.255982] [ 14.256076] Freed by task 276: [ 14.256229] kasan_save_stack+0x45/0x70 [ 14.256427] kasan_save_track+0x18/0x40 [ 14.256569] kasan_save_free_info+0x3f/0x60 [ 14.257022] __kasan_slab_free+0x56/0x70 [ 14.257218] kfree+0x222/0x3f0 [ 14.257343] kasan_strings+0x2aa/0xe80 [ 14.257507] kunit_try_run_case+0x1a5/0x480 [ 14.257710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.258036] kthread+0x337/0x6f0 [ 14.258187] ret_from_fork+0x116/0x1d0 [ 14.258324] ret_from_fork_asm+0x1a/0x30 [ 14.258463] [ 14.258535] The buggy address belongs to the object at ffff8881026c3d80 [ 14.258535] which belongs to the cache kmalloc-32 of size 32 [ 14.258996] The buggy address is located 16 bytes inside of [ 14.258996] freed 32-byte region [ffff8881026c3d80, ffff8881026c3da0) [ 14.259763] [ 14.259861] The buggy address belongs to the physical page: [ 14.260414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c3 [ 14.260667] flags: 0x200000000000000(node=0|zone=2) [ 14.260838] page_type: f5(slab) [ 14.261709] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.262169] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.262508] page dumped because: kasan: bad access detected [ 14.262732] [ 14.262833] Memory state around the buggy address: [ 14.263121] ffff8881026c3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.263404] ffff8881026c3d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.263734] >ffff8881026c3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.264294] ^ [ 14.264489] ffff8881026c3e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.264773] ffff8881026c3e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.265119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.214461] ================================================================== [ 14.215212] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.215515] Read of size 1 at addr ffff8881026c3cd8 by task kunit_try_catch/274 [ 14.215866] [ 14.215999] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.216059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.216071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.216094] Call Trace: [ 14.216107] <TASK> [ 14.216126] dump_stack_lvl+0x73/0xb0 [ 14.216153] print_report+0xd1/0x610 [ 14.216180] ? __virt_addr_valid+0x1db/0x2d0 [ 14.216205] ? memcmp+0x1b4/0x1d0 [ 14.216222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.216245] ? memcmp+0x1b4/0x1d0 [ 14.216262] kasan_report+0x141/0x180 [ 14.216284] ? memcmp+0x1b4/0x1d0 [ 14.216307] __asan_report_load1_noabort+0x18/0x20 [ 14.216331] memcmp+0x1b4/0x1d0 [ 14.216351] kasan_memcmp+0x18f/0x390 [ 14.216370] ? trace_hardirqs_on+0x37/0xe0 [ 14.216395] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.216414] ? finish_task_switch.isra.0+0x153/0x700 [ 14.216439] ? __switch_to+0x47/0xf50 [ 14.216469] ? __pfx_read_tsc+0x10/0x10 [ 14.216493] ? ktime_get_ts64+0x86/0x230 [ 14.216519] kunit_try_run_case+0x1a5/0x480 [ 14.216546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.216593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.216617] ? __kthread_parkme+0x82/0x180 [ 14.216637] ? preempt_count_sub+0x50/0x80 [ 14.216661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.216685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.216732] kthread+0x337/0x6f0 [ 14.216750] ? trace_preempt_on+0x20/0xc0 [ 14.216771] ? __pfx_kthread+0x10/0x10 [ 14.216790] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.216811] ? calculate_sigpending+0x7b/0xa0 [ 14.216836] ? __pfx_kthread+0x10/0x10 [ 14.216857] ret_from_fork+0x116/0x1d0 [ 14.216875] ? __pfx_kthread+0x10/0x10 [ 14.216894] ret_from_fork_asm+0x1a/0x30 [ 14.216928] </TASK> [ 14.216937] [ 14.224795] Allocated by task 274: [ 14.224986] kasan_save_stack+0x45/0x70 [ 14.225389] kasan_save_track+0x18/0x40 [ 14.225601] kasan_save_alloc_info+0x3b/0x50 [ 14.225751] __kasan_kmalloc+0xb7/0xc0 [ 14.225883] __kmalloc_cache_noprof+0x189/0x420 [ 14.226188] kasan_memcmp+0xb7/0x390 [ 14.226375] kunit_try_run_case+0x1a5/0x480 [ 14.226582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.227007] kthread+0x337/0x6f0 [ 14.227180] ret_from_fork+0x116/0x1d0 [ 14.227316] ret_from_fork_asm+0x1a/0x30 [ 14.227457] [ 14.227548] The buggy address belongs to the object at ffff8881026c3cc0 [ 14.227548] which belongs to the cache kmalloc-32 of size 32 [ 14.228198] The buggy address is located 0 bytes to the right of [ 14.228198] allocated 24-byte region [ffff8881026c3cc0, ffff8881026c3cd8) [ 14.228842] [ 14.228922] The buggy address belongs to the physical page: [ 14.229249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c3 [ 14.229627] flags: 0x200000000000000(node=0|zone=2) [ 14.229873] page_type: f5(slab) [ 14.230132] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.230457] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.232022] page dumped because: kasan: bad access detected [ 14.232280] [ 14.232361] Memory state around the buggy address: [ 14.232572] ffff8881026c3b80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.233120] ffff8881026c3c00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.233414] >ffff8881026c3c80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.233902] ^ [ 14.234272] ffff8881026c3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.234580] ffff8881026c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.797873] ================================================================== [ 12.798160] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.798612] Read of size 1 at addr ffff8881026a6c00 by task kunit_try_catch/213 [ 12.798999] [ 12.799114] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.799156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.799167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.799187] Call Trace: [ 12.799199] <TASK> [ 12.799215] dump_stack_lvl+0x73/0xb0 [ 12.799243] print_report+0xd1/0x610 [ 12.799264] ? __virt_addr_valid+0x1db/0x2d0 [ 12.799298] ? ksize_uaf+0x5fe/0x6c0 [ 12.799318] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.799340] ? ksize_uaf+0x5fe/0x6c0 [ 12.799360] kasan_report+0x141/0x180 [ 12.799392] ? ksize_uaf+0x5fe/0x6c0 [ 12.799417] __asan_report_load1_noabort+0x18/0x20 [ 12.799441] ksize_uaf+0x5fe/0x6c0 [ 12.799460] ? __pfx_ksize_uaf+0x10/0x10 [ 12.799481] ? __schedule+0x10cc/0x2b60 [ 12.799513] ? __pfx_read_tsc+0x10/0x10 [ 12.799533] ? ktime_get_ts64+0x86/0x230 [ 12.799557] kunit_try_run_case+0x1a5/0x480 [ 12.799590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.799613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.799636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.799659] ? __kthread_parkme+0x82/0x180 [ 12.799678] ? preempt_count_sub+0x50/0x80 [ 12.799702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.799725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.799748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.799780] kthread+0x337/0x6f0 [ 12.799798] ? trace_preempt_on+0x20/0xc0 [ 12.799859] ? __pfx_kthread+0x10/0x10 [ 12.799879] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.799899] ? calculate_sigpending+0x7b/0xa0 [ 12.799923] ? __pfx_kthread+0x10/0x10 [ 12.799943] ret_from_fork+0x116/0x1d0 [ 12.799961] ? __pfx_kthread+0x10/0x10 [ 12.799981] ret_from_fork_asm+0x1a/0x30 [ 12.800012] </TASK> [ 12.800021] [ 12.807623] Allocated by task 213: [ 12.807757] kasan_save_stack+0x45/0x70 [ 12.808067] kasan_save_track+0x18/0x40 [ 12.808287] kasan_save_alloc_info+0x3b/0x50 [ 12.808522] __kasan_kmalloc+0xb7/0xc0 [ 12.808884] __kmalloc_cache_noprof+0x189/0x420 [ 12.809088] ksize_uaf+0xaa/0x6c0 [ 12.809212] kunit_try_run_case+0x1a5/0x480 [ 12.809396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.809715] kthread+0x337/0x6f0 [ 12.809934] ret_from_fork+0x116/0x1d0 [ 12.810365] ret_from_fork_asm+0x1a/0x30 [ 12.810609] [ 12.810697] Freed by task 213: [ 12.810920] kasan_save_stack+0x45/0x70 [ 12.811122] kasan_save_track+0x18/0x40 [ 12.811308] kasan_save_free_info+0x3f/0x60 [ 12.811528] __kasan_slab_free+0x56/0x70 [ 12.811754] kfree+0x222/0x3f0 [ 12.812036] ksize_uaf+0x12c/0x6c0 [ 12.812176] kunit_try_run_case+0x1a5/0x480 [ 12.812324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.812499] kthread+0x337/0x6f0 [ 12.812655] ret_from_fork+0x116/0x1d0 [ 12.812864] ret_from_fork_asm+0x1a/0x30 [ 12.813077] [ 12.813171] The buggy address belongs to the object at ffff8881026a6c00 [ 12.813171] which belongs to the cache kmalloc-128 of size 128 [ 12.813788] The buggy address is located 0 bytes inside of [ 12.813788] freed 128-byte region [ffff8881026a6c00, ffff8881026a6c80) [ 12.814143] [ 12.814294] The buggy address belongs to the physical page: [ 12.814584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.815086] flags: 0x200000000000000(node=0|zone=2) [ 12.815396] page_type: f5(slab) [ 12.815518] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.815824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.816386] page dumped because: kasan: bad access detected [ 12.816717] [ 12.816860] Memory state around the buggy address: [ 12.817100] ffff8881026a6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.817384] ffff8881026a6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.817629] >ffff8881026a6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.818036] ^ [ 12.818223] ffff8881026a6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.818510] ffff8881026a6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.818988] ================================================================== [ 12.769491] ================================================================== [ 12.770010] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.770367] Read of size 1 at addr ffff8881026a6c00 by task kunit_try_catch/213 [ 12.771268] [ 12.771375] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.771422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.771433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.771456] Call Trace: [ 12.771468] <TASK> [ 12.771487] dump_stack_lvl+0x73/0xb0 [ 12.771520] print_report+0xd1/0x610 [ 12.771542] ? __virt_addr_valid+0x1db/0x2d0 [ 12.771566] ? ksize_uaf+0x19d/0x6c0 [ 12.771585] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.771732] ? ksize_uaf+0x19d/0x6c0 [ 12.771766] kasan_report+0x141/0x180 [ 12.771788] ? ksize_uaf+0x19d/0x6c0 [ 12.771845] ? ksize_uaf+0x19d/0x6c0 [ 12.771868] __kasan_check_byte+0x3d/0x50 [ 12.771889] ksize+0x20/0x60 [ 12.771910] ksize_uaf+0x19d/0x6c0 [ 12.771930] ? __pfx_ksize_uaf+0x10/0x10 [ 12.771951] ? __schedule+0x10cc/0x2b60 [ 12.771974] ? __pfx_read_tsc+0x10/0x10 [ 12.771995] ? ktime_get_ts64+0x86/0x230 [ 12.772020] kunit_try_run_case+0x1a5/0x480 [ 12.772046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.772078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.772102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.772125] ? __kthread_parkme+0x82/0x180 [ 12.772146] ? preempt_count_sub+0x50/0x80 [ 12.772171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.772194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.772217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.772240] kthread+0x337/0x6f0 [ 12.772258] ? trace_preempt_on+0x20/0xc0 [ 12.772281] ? __pfx_kthread+0x10/0x10 [ 12.772301] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.772321] ? calculate_sigpending+0x7b/0xa0 [ 12.772346] ? __pfx_kthread+0x10/0x10 [ 12.772366] ret_from_fork+0x116/0x1d0 [ 12.772384] ? __pfx_kthread+0x10/0x10 [ 12.772404] ret_from_fork_asm+0x1a/0x30 [ 12.772437] </TASK> [ 12.772447] [ 12.785250] Allocated by task 213: [ 12.785388] kasan_save_stack+0x45/0x70 [ 12.785536] kasan_save_track+0x18/0x40 [ 12.785705] kasan_save_alloc_info+0x3b/0x50 [ 12.785854] __kasan_kmalloc+0xb7/0xc0 [ 12.786156] __kmalloc_cache_noprof+0x189/0x420 [ 12.786397] ksize_uaf+0xaa/0x6c0 [ 12.786575] kunit_try_run_case+0x1a5/0x480 [ 12.786744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.786971] kthread+0x337/0x6f0 [ 12.787242] ret_from_fork+0x116/0x1d0 [ 12.787383] ret_from_fork_asm+0x1a/0x30 [ 12.787563] [ 12.787761] Freed by task 213: [ 12.788132] kasan_save_stack+0x45/0x70 [ 12.788379] kasan_save_track+0x18/0x40 [ 12.788560] kasan_save_free_info+0x3f/0x60 [ 12.788717] __kasan_slab_free+0x56/0x70 [ 12.789014] kfree+0x222/0x3f0 [ 12.789310] ksize_uaf+0x12c/0x6c0 [ 12.789639] kunit_try_run_case+0x1a5/0x480 [ 12.789936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.790232] kthread+0x337/0x6f0 [ 12.790374] ret_from_fork+0x116/0x1d0 [ 12.790562] ret_from_fork_asm+0x1a/0x30 [ 12.790920] [ 12.791089] The buggy address belongs to the object at ffff8881026a6c00 [ 12.791089] which belongs to the cache kmalloc-128 of size 128 [ 12.791629] The buggy address is located 0 bytes inside of [ 12.791629] freed 128-byte region [ffff8881026a6c00, ffff8881026a6c80) [ 12.792147] [ 12.792248] The buggy address belongs to the physical page: [ 12.792585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.793045] flags: 0x200000000000000(node=0|zone=2) [ 12.793304] page_type: f5(slab) [ 12.793444] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.793892] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.794262] page dumped because: kasan: bad access detected [ 12.794947] [ 12.795070] Memory state around the buggy address: [ 12.795278] ffff8881026a6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.795617] ffff8881026a6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.796037] >ffff8881026a6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.796387] ^ [ 12.796574] ffff8881026a6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.796919] ffff8881026a6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.797246] ================================================================== [ 12.819454] ================================================================== [ 12.820110] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.820423] Read of size 1 at addr ffff8881026a6c78 by task kunit_try_catch/213 [ 12.820773] [ 12.820986] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.821041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.821070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.821091] Call Trace: [ 12.821109] <TASK> [ 12.821127] dump_stack_lvl+0x73/0xb0 [ 12.821155] print_report+0xd1/0x610 [ 12.821177] ? __virt_addr_valid+0x1db/0x2d0 [ 12.821199] ? ksize_uaf+0x5e4/0x6c0 [ 12.821228] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.821250] ? ksize_uaf+0x5e4/0x6c0 [ 12.821272] kasan_report+0x141/0x180 [ 12.821304] ? ksize_uaf+0x5e4/0x6c0 [ 12.821330] __asan_report_load1_noabort+0x18/0x20 [ 12.821353] ksize_uaf+0x5e4/0x6c0 [ 12.821373] ? __pfx_ksize_uaf+0x10/0x10 [ 12.821394] ? __schedule+0x10cc/0x2b60 [ 12.821426] ? __pfx_read_tsc+0x10/0x10 [ 12.821446] ? ktime_get_ts64+0x86/0x230 [ 12.821470] kunit_try_run_case+0x1a5/0x480 [ 12.821504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.821526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.821549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.821580] ? __kthread_parkme+0x82/0x180 [ 12.821610] ? preempt_count_sub+0x50/0x80 [ 12.821634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.821669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.821693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.821716] kthread+0x337/0x6f0 [ 12.821734] ? trace_preempt_on+0x20/0xc0 [ 12.821757] ? __pfx_kthread+0x10/0x10 [ 12.821785] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.821806] ? calculate_sigpending+0x7b/0xa0 [ 12.821830] ? __pfx_kthread+0x10/0x10 [ 12.821908] ret_from_fork+0x116/0x1d0 [ 12.821928] ? __pfx_kthread+0x10/0x10 [ 12.821947] ret_from_fork_asm+0x1a/0x30 [ 12.821980] </TASK> [ 12.821990] [ 12.829476] Allocated by task 213: [ 12.829759] kasan_save_stack+0x45/0x70 [ 12.830014] kasan_save_track+0x18/0x40 [ 12.830223] kasan_save_alloc_info+0x3b/0x50 [ 12.830440] __kasan_kmalloc+0xb7/0xc0 [ 12.830715] __kmalloc_cache_noprof+0x189/0x420 [ 12.831155] ksize_uaf+0xaa/0x6c0 [ 12.831292] kunit_try_run_case+0x1a5/0x480 [ 12.831441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.831754] kthread+0x337/0x6f0 [ 12.832065] ret_from_fork+0x116/0x1d0 [ 12.832514] ret_from_fork_asm+0x1a/0x30 [ 12.832934] [ 12.833011] Freed by task 213: [ 12.833135] kasan_save_stack+0x45/0x70 [ 12.833274] kasan_save_track+0x18/0x40 [ 12.833409] kasan_save_free_info+0x3f/0x60 [ 12.833555] __kasan_slab_free+0x56/0x70 [ 12.833699] kfree+0x222/0x3f0 [ 12.833861] ksize_uaf+0x12c/0x6c0 [ 12.834039] kunit_try_run_case+0x1a5/0x480 [ 12.834295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.834580] kthread+0x337/0x6f0 [ 12.834772] ret_from_fork+0x116/0x1d0 [ 12.835195] ret_from_fork_asm+0x1a/0x30 [ 12.835427] [ 12.835548] The buggy address belongs to the object at ffff8881026a6c00 [ 12.835548] which belongs to the cache kmalloc-128 of size 128 [ 12.836197] The buggy address is located 120 bytes inside of [ 12.836197] freed 128-byte region [ffff8881026a6c00, ffff8881026a6c80) [ 12.836555] [ 12.836628] The buggy address belongs to the physical page: [ 12.836902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.837291] flags: 0x200000000000000(node=0|zone=2) [ 12.837784] page_type: f5(slab) [ 12.838267] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.838617] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.839062] page dumped because: kasan: bad access detected [ 12.839292] [ 12.839479] Memory state around the buggy address: [ 12.839700] ffff8881026a6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.840089] ffff8881026a6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.840418] >ffff8881026a6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.840777] ^ [ 12.841202] ffff8881026a6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.841513] ffff8881026a6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.842074] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.740548] ================================================================== [ 12.740805] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.741544] Read of size 1 at addr ffff888102f4217f by task kunit_try_catch/211 [ 12.742025] [ 12.742137] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.742295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.742307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.742330] Call Trace: [ 12.742347] <TASK> [ 12.742366] dump_stack_lvl+0x73/0xb0 [ 12.742396] print_report+0xd1/0x610 [ 12.742418] ? __virt_addr_valid+0x1db/0x2d0 [ 12.742508] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.742532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.742554] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.742577] kasan_report+0x141/0x180 [ 12.742654] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.742684] __asan_report_load1_noabort+0x18/0x20 [ 12.742707] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.742731] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.742752] ? finish_task_switch.isra.0+0x153/0x700 [ 12.742776] ? __switch_to+0x47/0xf50 [ 12.742802] ? __schedule+0x10cc/0x2b60 [ 12.742825] ? __pfx_read_tsc+0x10/0x10 [ 12.742845] ? ktime_get_ts64+0x86/0x230 [ 12.742869] kunit_try_run_case+0x1a5/0x480 [ 12.742893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.742915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.742938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.742961] ? __kthread_parkme+0x82/0x180 [ 12.742981] ? preempt_count_sub+0x50/0x80 [ 12.743004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.743027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.743061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.743084] kthread+0x337/0x6f0 [ 12.743103] ? trace_preempt_on+0x20/0xc0 [ 12.743126] ? __pfx_kthread+0x10/0x10 [ 12.743145] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.743167] ? calculate_sigpending+0x7b/0xa0 [ 12.743190] ? __pfx_kthread+0x10/0x10 [ 12.743213] ret_from_fork+0x116/0x1d0 [ 12.743230] ? __pfx_kthread+0x10/0x10 [ 12.743250] ret_from_fork_asm+0x1a/0x30 [ 12.743286] </TASK> [ 12.743298] [ 12.754608] Allocated by task 211: [ 12.754787] kasan_save_stack+0x45/0x70 [ 12.755233] kasan_save_track+0x18/0x40 [ 12.755436] kasan_save_alloc_info+0x3b/0x50 [ 12.755794] __kasan_kmalloc+0xb7/0xc0 [ 12.756276] __kmalloc_cache_noprof+0x189/0x420 [ 12.756497] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.756878] kunit_try_run_case+0x1a5/0x480 [ 12.757217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757526] kthread+0x337/0x6f0 [ 12.757700] ret_from_fork+0x116/0x1d0 [ 12.757884] ret_from_fork_asm+0x1a/0x30 [ 12.758339] [ 12.758417] The buggy address belongs to the object at ffff888102f42100 [ 12.758417] which belongs to the cache kmalloc-128 of size 128 [ 12.759190] The buggy address is located 12 bytes to the right of [ 12.759190] allocated 115-byte region [ffff888102f42100, ffff888102f42173) [ 12.760195] [ 12.760299] The buggy address belongs to the physical page: [ 12.760512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 12.761143] flags: 0x200000000000000(node=0|zone=2) [ 12.761456] page_type: f5(slab) [ 12.761593] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.762174] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.762472] page dumped because: kasan: bad access detected [ 12.763040] [ 12.763150] Memory state around the buggy address: [ 12.763351] ffff888102f42000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.763648] ffff888102f42080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.764330] >ffff888102f42100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.764793] ^ [ 12.765180] ffff888102f42180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.765558] ffff888102f42200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.765867] ================================================================== [ 12.682744] ================================================================== [ 12.683763] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.684133] Read of size 1 at addr ffff888102f42173 by task kunit_try_catch/211 [ 12.684649] [ 12.684779] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.684830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.684841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.684864] Call Trace: [ 12.684876] <TASK> [ 12.684894] dump_stack_lvl+0x73/0xb0 [ 12.684927] print_report+0xd1/0x610 [ 12.684950] ? __virt_addr_valid+0x1db/0x2d0 [ 12.684973] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.684996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.685018] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.685041] kasan_report+0x141/0x180 [ 12.685076] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.685351] __asan_report_load1_noabort+0x18/0x20 [ 12.685381] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.685406] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.685428] ? finish_task_switch.isra.0+0x153/0x700 [ 12.685451] ? __switch_to+0x47/0xf50 [ 12.685478] ? __schedule+0x10cc/0x2b60 [ 12.685501] ? __pfx_read_tsc+0x10/0x10 [ 12.685522] ? ktime_get_ts64+0x86/0x230 [ 12.685547] kunit_try_run_case+0x1a5/0x480 [ 12.685572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685659] ? __kthread_parkme+0x82/0x180 [ 12.685680] ? preempt_count_sub+0x50/0x80 [ 12.685703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.685772] kthread+0x337/0x6f0 [ 12.685790] ? trace_preempt_on+0x20/0xc0 [ 12.685822] ? __pfx_kthread+0x10/0x10 [ 12.685841] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.685862] ? calculate_sigpending+0x7b/0xa0 [ 12.685887] ? __pfx_kthread+0x10/0x10 [ 12.685907] ret_from_fork+0x116/0x1d0 [ 12.685925] ? __pfx_kthread+0x10/0x10 [ 12.685945] ret_from_fork_asm+0x1a/0x30 [ 12.685977] </TASK> [ 12.685987] [ 12.696422] Allocated by task 211: [ 12.696814] kasan_save_stack+0x45/0x70 [ 12.697095] kasan_save_track+0x18/0x40 [ 12.697300] kasan_save_alloc_info+0x3b/0x50 [ 12.697492] __kasan_kmalloc+0xb7/0xc0 [ 12.697683] __kmalloc_cache_noprof+0x189/0x420 [ 12.698227] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.698408] kunit_try_run_case+0x1a5/0x480 [ 12.698774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.699268] kthread+0x337/0x6f0 [ 12.699449] ret_from_fork+0x116/0x1d0 [ 12.699817] ret_from_fork_asm+0x1a/0x30 [ 12.700200] [ 12.700296] The buggy address belongs to the object at ffff888102f42100 [ 12.700296] which belongs to the cache kmalloc-128 of size 128 [ 12.701016] The buggy address is located 0 bytes to the right of [ 12.701016] allocated 115-byte region [ffff888102f42100, ffff888102f42173) [ 12.701565] [ 12.701880] The buggy address belongs to the physical page: [ 12.702226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 12.702616] flags: 0x200000000000000(node=0|zone=2) [ 12.702979] page_type: f5(slab) [ 12.703165] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.703497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.704710] page dumped because: kasan: bad access detected [ 12.704908] [ 12.704983] Memory state around the buggy address: [ 12.705155] ffff888102f42000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.705375] ffff888102f42080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.705594] >ffff888102f42100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.705808] ^ [ 12.706015] ffff888102f42180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707252] ffff888102f42200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707487] ================================================================== [ 12.709222] ================================================================== [ 12.710139] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.711171] Read of size 1 at addr ffff888102f42178 by task kunit_try_catch/211 [ 12.712135] [ 12.712244] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.712290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.712301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.712323] Call Trace: [ 12.712341] <TASK> [ 12.712358] dump_stack_lvl+0x73/0xb0 [ 12.712391] print_report+0xd1/0x610 [ 12.712413] ? __virt_addr_valid+0x1db/0x2d0 [ 12.712436] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.712458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.712480] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.712503] kasan_report+0x141/0x180 [ 12.712525] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.712553] __asan_report_load1_noabort+0x18/0x20 [ 12.712840] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.712884] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.712908] ? finish_task_switch.isra.0+0x153/0x700 [ 12.712978] ? __switch_to+0x47/0xf50 [ 12.713005] ? __schedule+0x10cc/0x2b60 [ 12.713028] ? __pfx_read_tsc+0x10/0x10 [ 12.713048] ? ktime_get_ts64+0x86/0x230 [ 12.713084] kunit_try_run_case+0x1a5/0x480 [ 12.713108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.713130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.713153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.713176] ? __kthread_parkme+0x82/0x180 [ 12.713196] ? preempt_count_sub+0x50/0x80 [ 12.713218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.713241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.713264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.713287] kthread+0x337/0x6f0 [ 12.713306] ? trace_preempt_on+0x20/0xc0 [ 12.713329] ? __pfx_kthread+0x10/0x10 [ 12.713349] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.713370] ? calculate_sigpending+0x7b/0xa0 [ 12.713393] ? __pfx_kthread+0x10/0x10 [ 12.713414] ret_from_fork+0x116/0x1d0 [ 12.713431] ? __pfx_kthread+0x10/0x10 [ 12.713451] ret_from_fork_asm+0x1a/0x30 [ 12.713482] </TASK> [ 12.713491] [ 12.728498] Allocated by task 211: [ 12.728698] kasan_save_stack+0x45/0x70 [ 12.729327] kasan_save_track+0x18/0x40 [ 12.729482] kasan_save_alloc_info+0x3b/0x50 [ 12.729821] __kasan_kmalloc+0xb7/0xc0 [ 12.730204] __kmalloc_cache_noprof+0x189/0x420 [ 12.730411] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.730626] kunit_try_run_case+0x1a5/0x480 [ 12.731276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.731502] kthread+0x337/0x6f0 [ 12.731835] ret_from_fork+0x116/0x1d0 [ 12.732177] ret_from_fork_asm+0x1a/0x30 [ 12.732374] [ 12.732449] The buggy address belongs to the object at ffff888102f42100 [ 12.732449] which belongs to the cache kmalloc-128 of size 128 [ 12.733240] The buggy address is located 5 bytes to the right of [ 12.733240] allocated 115-byte region [ffff888102f42100, ffff888102f42173) [ 12.733916] [ 12.734237] The buggy address belongs to the physical page: [ 12.734492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 12.735039] flags: 0x200000000000000(node=0|zone=2) [ 12.735392] page_type: f5(slab) [ 12.735631] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.736233] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.736644] page dumped because: kasan: bad access detected [ 12.737048] [ 12.737147] Memory state around the buggy address: [ 12.737357] ffff888102f42000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.737665] ffff888102f42080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.738289] >ffff888102f42100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.738605] ^ [ 12.739123] ffff888102f42180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.739485] ffff888102f42200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.739963] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.643308] ================================================================== [ 12.644024] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.644259] Free of addr ffff8881025ee340 by task kunit_try_catch/209 [ 12.644462] [ 12.644551] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.644594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.644605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.644626] Call Trace: [ 12.644644] <TASK> [ 12.644662] dump_stack_lvl+0x73/0xb0 [ 12.645255] print_report+0xd1/0x610 [ 12.645286] ? __virt_addr_valid+0x1db/0x2d0 [ 12.645310] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.645332] ? kfree_sensitive+0x2e/0x90 [ 12.645352] kasan_report_invalid_free+0x10a/0x130 [ 12.645377] ? kfree_sensitive+0x2e/0x90 [ 12.645399] ? kfree_sensitive+0x2e/0x90 [ 12.645418] check_slab_allocation+0x101/0x130 [ 12.645439] __kasan_slab_pre_free+0x28/0x40 [ 12.645459] kfree+0xf0/0x3f0 [ 12.645479] ? kfree_sensitive+0x2e/0x90 [ 12.645501] kfree_sensitive+0x2e/0x90 [ 12.645520] kmalloc_double_kzfree+0x19c/0x350 [ 12.645542] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.645566] ? __schedule+0x10cc/0x2b60 [ 12.645605] ? __pfx_read_tsc+0x10/0x10 [ 12.645624] ? ktime_get_ts64+0x86/0x230 [ 12.645649] kunit_try_run_case+0x1a5/0x480 [ 12.645673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.645694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.645717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.645740] ? __kthread_parkme+0x82/0x180 [ 12.645759] ? preempt_count_sub+0x50/0x80 [ 12.645783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.645806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.645840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.645863] kthread+0x337/0x6f0 [ 12.645881] ? trace_preempt_on+0x20/0xc0 [ 12.645904] ? __pfx_kthread+0x10/0x10 [ 12.645923] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.645944] ? calculate_sigpending+0x7b/0xa0 [ 12.645967] ? __pfx_kthread+0x10/0x10 [ 12.645988] ret_from_fork+0x116/0x1d0 [ 12.646005] ? __pfx_kthread+0x10/0x10 [ 12.646024] ret_from_fork_asm+0x1a/0x30 [ 12.646067] </TASK> [ 12.646078] [ 12.662593] Allocated by task 209: [ 12.662757] kasan_save_stack+0x45/0x70 [ 12.663506] kasan_save_track+0x18/0x40 [ 12.663965] kasan_save_alloc_info+0x3b/0x50 [ 12.664317] __kasan_kmalloc+0xb7/0xc0 [ 12.664774] __kmalloc_cache_noprof+0x189/0x420 [ 12.665117] kmalloc_double_kzfree+0xa9/0x350 [ 12.665428] kunit_try_run_case+0x1a5/0x480 [ 12.665762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.666124] kthread+0x337/0x6f0 [ 12.666304] ret_from_fork+0x116/0x1d0 [ 12.666486] ret_from_fork_asm+0x1a/0x30 [ 12.667009] [ 12.667115] Freed by task 209: [ 12.667444] kasan_save_stack+0x45/0x70 [ 12.667671] kasan_save_track+0x18/0x40 [ 12.668297] kasan_save_free_info+0x3f/0x60 [ 12.668502] __kasan_slab_free+0x56/0x70 [ 12.669150] kfree+0x222/0x3f0 [ 12.669322] kfree_sensitive+0x67/0x90 [ 12.669659] kmalloc_double_kzfree+0x12b/0x350 [ 12.669915] kunit_try_run_case+0x1a5/0x480 [ 12.670139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.670392] kthread+0x337/0x6f0 [ 12.670552] ret_from_fork+0x116/0x1d0 [ 12.671076] ret_from_fork_asm+0x1a/0x30 [ 12.671246] [ 12.671520] The buggy address belongs to the object at ffff8881025ee340 [ 12.671520] which belongs to the cache kmalloc-16 of size 16 [ 12.672278] The buggy address is located 0 bytes inside of [ 12.672278] 16-byte region [ffff8881025ee340, ffff8881025ee350) [ 12.673243] [ 12.673348] The buggy address belongs to the physical page: [ 12.673560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 12.674178] flags: 0x200000000000000(node=0|zone=2) [ 12.674548] page_type: f5(slab) [ 12.674890] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.675238] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.675568] page dumped because: kasan: bad access detected [ 12.675804] [ 12.676253] Memory state around the buggy address: [ 12.676447] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.676970] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.677452] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.677844] ^ [ 12.678512] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.679048] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.679485] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.614179] ================================================================== [ 12.615162] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.615695] Read of size 1 at addr ffff8881025ee340 by task kunit_try_catch/209 [ 12.616180] [ 12.616299] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.616347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.616358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.616379] Call Trace: [ 12.616391] <TASK> [ 12.616407] dump_stack_lvl+0x73/0xb0 [ 12.616436] print_report+0xd1/0x610 [ 12.616457] ? __virt_addr_valid+0x1db/0x2d0 [ 12.616480] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.616502] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.616524] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.616547] kasan_report+0x141/0x180 [ 12.616568] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.616742] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.616769] __kasan_check_byte+0x3d/0x50 [ 12.616791] kfree_sensitive+0x22/0x90 [ 12.616837] kmalloc_double_kzfree+0x19c/0x350 [ 12.616859] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.616920] ? __schedule+0x10cc/0x2b60 [ 12.616944] ? __pfx_read_tsc+0x10/0x10 [ 12.616964] ? ktime_get_ts64+0x86/0x230 [ 12.616988] kunit_try_run_case+0x1a5/0x480 [ 12.617012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.617034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.617067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.617090] ? __kthread_parkme+0x82/0x180 [ 12.617109] ? preempt_count_sub+0x50/0x80 [ 12.617133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.617155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.617178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.617201] kthread+0x337/0x6f0 [ 12.617219] ? trace_preempt_on+0x20/0xc0 [ 12.617241] ? __pfx_kthread+0x10/0x10 [ 12.617261] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.617282] ? calculate_sigpending+0x7b/0xa0 [ 12.617305] ? __pfx_kthread+0x10/0x10 [ 12.617325] ret_from_fork+0x116/0x1d0 [ 12.617343] ? __pfx_kthread+0x10/0x10 [ 12.617362] ret_from_fork_asm+0x1a/0x30 [ 12.617394] </TASK> [ 12.617404] [ 12.627454] Allocated by task 209: [ 12.627918] kasan_save_stack+0x45/0x70 [ 12.628387] kasan_save_track+0x18/0x40 [ 12.628671] kasan_save_alloc_info+0x3b/0x50 [ 12.628953] __kasan_kmalloc+0xb7/0xc0 [ 12.629160] __kmalloc_cache_noprof+0x189/0x420 [ 12.629321] kmalloc_double_kzfree+0xa9/0x350 [ 12.629472] kunit_try_run_case+0x1a5/0x480 [ 12.630737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.631298] kthread+0x337/0x6f0 [ 12.632223] ret_from_fork+0x116/0x1d0 [ 12.632427] ret_from_fork_asm+0x1a/0x30 [ 12.632634] [ 12.632732] Freed by task 209: [ 12.632892] kasan_save_stack+0x45/0x70 [ 12.633030] kasan_save_track+0x18/0x40 [ 12.633207] kasan_save_free_info+0x3f/0x60 [ 12.633599] __kasan_slab_free+0x56/0x70 [ 12.633750] kfree+0x222/0x3f0 [ 12.633936] kfree_sensitive+0x67/0x90 [ 12.634094] kmalloc_double_kzfree+0x12b/0x350 [ 12.634308] kunit_try_run_case+0x1a5/0x480 [ 12.634523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.634884] kthread+0x337/0x6f0 [ 12.635042] ret_from_fork+0x116/0x1d0 [ 12.635222] ret_from_fork_asm+0x1a/0x30 [ 12.635373] [ 12.635471] The buggy address belongs to the object at ffff8881025ee340 [ 12.635471] which belongs to the cache kmalloc-16 of size 16 [ 12.636171] The buggy address is located 0 bytes inside of [ 12.636171] freed 16-byte region [ffff8881025ee340, ffff8881025ee350) [ 12.636733] [ 12.636881] The buggy address belongs to the physical page: [ 12.637129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 12.637424] flags: 0x200000000000000(node=0|zone=2) [ 12.637711] page_type: f5(slab) [ 12.638141] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.638493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.638926] page dumped because: kasan: bad access detected [ 12.639205] [ 12.639281] Memory state around the buggy address: [ 12.639516] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.639887] ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.640199] >ffff8881025ee300: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.640516] ^ [ 12.640702] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.640909] ffff8881025ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.641289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.578307] ================================================================== [ 12.578811] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.579192] Read of size 1 at addr ffff888102f441a8 by task kunit_try_catch/205 [ 12.579587] [ 12.579710] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.579757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.579769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.579790] Call Trace: [ 12.579802] <TASK> [ 12.579821] dump_stack_lvl+0x73/0xb0 [ 12.579852] print_report+0xd1/0x610 [ 12.579874] ? __virt_addr_valid+0x1db/0x2d0 [ 12.579898] ? kmalloc_uaf2+0x4a8/0x520 [ 12.579917] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.579939] ? kmalloc_uaf2+0x4a8/0x520 [ 12.579959] kasan_report+0x141/0x180 [ 12.579980] ? kmalloc_uaf2+0x4a8/0x520 [ 12.580005] __asan_report_load1_noabort+0x18/0x20 [ 12.580065] kmalloc_uaf2+0x4a8/0x520 [ 12.580085] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.580104] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.580136] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.580162] kunit_try_run_case+0x1a5/0x480 [ 12.580188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.580210] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.580235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.580276] ? __kthread_parkme+0x82/0x180 [ 12.580297] ? preempt_count_sub+0x50/0x80 [ 12.580337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.580360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.580383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.580406] kthread+0x337/0x6f0 [ 12.580424] ? trace_preempt_on+0x20/0xc0 [ 12.580448] ? __pfx_kthread+0x10/0x10 [ 12.580467] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.580488] ? calculate_sigpending+0x7b/0xa0 [ 12.580513] ? __pfx_kthread+0x10/0x10 [ 12.580533] ret_from_fork+0x116/0x1d0 [ 12.580552] ? __pfx_kthread+0x10/0x10 [ 12.580572] ret_from_fork_asm+0x1a/0x30 [ 12.580616] </TASK> [ 12.580626] [ 12.592224] Allocated by task 205: [ 12.592408] kasan_save_stack+0x45/0x70 [ 12.592793] kasan_save_track+0x18/0x40 [ 12.593163] kasan_save_alloc_info+0x3b/0x50 [ 12.593373] __kasan_kmalloc+0xb7/0xc0 [ 12.593550] __kmalloc_cache_noprof+0x189/0x420 [ 12.594261] kmalloc_uaf2+0xc6/0x520 [ 12.594503] kunit_try_run_case+0x1a5/0x480 [ 12.594976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595248] kthread+0x337/0x6f0 [ 12.595404] ret_from_fork+0x116/0x1d0 [ 12.595580] ret_from_fork_asm+0x1a/0x30 [ 12.595765] [ 12.596159] Freed by task 205: [ 12.596439] kasan_save_stack+0x45/0x70 [ 12.597113] kasan_save_track+0x18/0x40 [ 12.597368] kasan_save_free_info+0x3f/0x60 [ 12.597699] __kasan_slab_free+0x56/0x70 [ 12.598045] kfree+0x222/0x3f0 [ 12.598221] kmalloc_uaf2+0x14c/0x520 [ 12.598397] kunit_try_run_case+0x1a5/0x480 [ 12.598588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.599163] kthread+0x337/0x6f0 [ 12.599459] ret_from_fork+0x116/0x1d0 [ 12.599781] ret_from_fork_asm+0x1a/0x30 [ 12.600222] [ 12.600442] The buggy address belongs to the object at ffff888102f44180 [ 12.600442] which belongs to the cache kmalloc-64 of size 64 [ 12.601534] The buggy address is located 40 bytes inside of [ 12.601534] freed 64-byte region [ffff888102f44180, ffff888102f441c0) [ 12.602565] [ 12.602674] The buggy address belongs to the physical page: [ 12.603306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f44 [ 12.604094] flags: 0x200000000000000(node=0|zone=2) [ 12.604335] page_type: f5(slab) [ 12.604494] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.605164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.605622] page dumped because: kasan: bad access detected [ 12.605991] [ 12.606230] Memory state around the buggy address: [ 12.606457] ffff888102f44080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.607072] ffff888102f44100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.607542] >ffff888102f44180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.608161] ^ [ 12.608368] ffff888102f44200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.609180] ffff888102f44280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.609583] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.189445] ================================================================== [ 14.190256] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.190521] Read of size 1 at addr ffff888103a67c4a by task kunit_try_catch/270 [ 14.190745] [ 14.190837] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.190888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.190899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.190923] Call Trace: [ 14.190936] <TASK> [ 14.190954] dump_stack_lvl+0x73/0xb0 [ 14.190982] print_report+0xd1/0x610 [ 14.191004] ? __virt_addr_valid+0x1db/0x2d0 [ 14.191027] ? kasan_alloca_oob_right+0x329/0x390 [ 14.191675] ? kasan_addr_to_slab+0x11/0xa0 [ 14.191723] ? kasan_alloca_oob_right+0x329/0x390 [ 14.191750] kasan_report+0x141/0x180 [ 14.191776] ? kasan_alloca_oob_right+0x329/0x390 [ 14.191806] __asan_report_load1_noabort+0x18/0x20 [ 14.191883] kasan_alloca_oob_right+0x329/0x390 [ 14.191907] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.191931] ? finish_task_switch.isra.0+0x153/0x700 [ 14.191954] ? __schedule+0x100e/0x2b60 [ 14.191978] ? trace_hardirqs_on+0x37/0xe0 [ 14.192005] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.192031] ? __schedule+0x10cc/0x2b60 [ 14.192117] ? __pfx_read_tsc+0x10/0x10 [ 14.192139] ? ktime_get_ts64+0x86/0x230 [ 14.192164] kunit_try_run_case+0x1a5/0x480 [ 14.192191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.192237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.192260] ? __kthread_parkme+0x82/0x180 [ 14.192282] ? preempt_count_sub+0x50/0x80 [ 14.192305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.192377] kthread+0x337/0x6f0 [ 14.192396] ? trace_preempt_on+0x20/0xc0 [ 14.192417] ? __pfx_kthread+0x10/0x10 [ 14.192437] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.192457] ? calculate_sigpending+0x7b/0xa0 [ 14.192482] ? __pfx_kthread+0x10/0x10 [ 14.192502] ret_from_fork+0x116/0x1d0 [ 14.192520] ? __pfx_kthread+0x10/0x10 [ 14.192539] ret_from_fork_asm+0x1a/0x30 [ 14.192572] </TASK> [ 14.192583] [ 14.201231] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.201568] [ 14.201685] The buggy address belongs to the physical page: [ 14.202013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 14.202279] flags: 0x200000000000000(node=0|zone=2) [ 14.202536] raw: 0200000000000000 ffffea00040e99c8 ffffea00040e99c8 0000000000000000 [ 14.202875] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.203171] page dumped because: kasan: bad access detected [ 14.203344] [ 14.203411] Memory state around the buggy address: [ 14.203719] ffff888103a67b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.204327] ffff888103a67b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.204607] >ffff888103a67c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.204930] ^ [ 14.205279] ffff888103a67c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.205531] ffff888103a67d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.205966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.161401] ================================================================== [ 14.161948] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.162218] Read of size 1 at addr ffff888103a87c3f by task kunit_try_catch/268 [ 14.162444] [ 14.162534] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.162579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.162591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.162614] Call Trace: [ 14.162626] <TASK> [ 14.162643] dump_stack_lvl+0x73/0xb0 [ 14.162672] print_report+0xd1/0x610 [ 14.162694] ? __virt_addr_valid+0x1db/0x2d0 [ 14.162717] ? kasan_alloca_oob_left+0x320/0x380 [ 14.162738] ? kasan_addr_to_slab+0x11/0xa0 [ 14.162758] ? kasan_alloca_oob_left+0x320/0x380 [ 14.162780] kasan_report+0x141/0x180 [ 14.162800] ? kasan_alloca_oob_left+0x320/0x380 [ 14.162828] __asan_report_load1_noabort+0x18/0x20 [ 14.162852] kasan_alloca_oob_left+0x320/0x380 [ 14.162874] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.162897] ? finish_task_switch.isra.0+0x153/0x700 [ 14.162919] ? __schedule+0x100e/0x2b60 [ 14.162940] ? trace_hardirqs_on+0x37/0xe0 [ 14.162965] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.162990] ? __schedule+0x10cc/0x2b60 [ 14.163011] ? __pfx_read_tsc+0x10/0x10 [ 14.163031] ? ktime_get_ts64+0x86/0x230 [ 14.163665] kunit_try_run_case+0x1a5/0x480 [ 14.163707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.163730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.163769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.163793] ? __kthread_parkme+0x82/0x180 [ 14.163857] ? preempt_count_sub+0x50/0x80 [ 14.163979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.164006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.164031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.164064] kthread+0x337/0x6f0 [ 14.164084] ? trace_preempt_on+0x20/0xc0 [ 14.164106] ? __pfx_kthread+0x10/0x10 [ 14.164127] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.164149] ? calculate_sigpending+0x7b/0xa0 [ 14.164174] ? __pfx_kthread+0x10/0x10 [ 14.164194] ret_from_fork+0x116/0x1d0 [ 14.164213] ? __pfx_kthread+0x10/0x10 [ 14.164233] ret_from_fork_asm+0x1a/0x30 [ 14.164266] </TASK> [ 14.164276] [ 14.176589] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.176834] [ 14.176985] The buggy address belongs to the physical page: [ 14.177228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a87 [ 14.177573] flags: 0x200000000000000(node=0|zone=2) [ 14.177753] raw: 0200000000000000 ffffea00040ea1c8 ffffea00040ea1c8 0000000000000000 [ 14.178230] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.178582] page dumped because: kasan: bad access detected [ 14.179302] [ 14.179414] Memory state around the buggy address: [ 14.179579] ffff888103a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.179946] ffff888103a87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.180244] >ffff888103a87c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.180520] ^ [ 14.180734] ffff888103a87c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.181059] ffff888103a87d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.181357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.131900] ================================================================== [ 14.133641] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.134433] Read of size 1 at addr ffff888103affd02 by task kunit_try_catch/266 [ 14.134935] [ 14.135098] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.135159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.135171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.135205] Call Trace: [ 14.135217] <TASK> [ 14.135234] dump_stack_lvl+0x73/0xb0 [ 14.135267] print_report+0xd1/0x610 [ 14.135289] ? __virt_addr_valid+0x1db/0x2d0 [ 14.135323] ? kasan_stack_oob+0x2b5/0x300 [ 14.135343] ? kasan_addr_to_slab+0x11/0xa0 [ 14.135363] ? kasan_stack_oob+0x2b5/0x300 [ 14.135393] kasan_report+0x141/0x180 [ 14.135416] ? kasan_stack_oob+0x2b5/0x300 [ 14.135441] __asan_report_load1_noabort+0x18/0x20 [ 14.135466] kasan_stack_oob+0x2b5/0x300 [ 14.135485] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.135504] ? finish_task_switch.isra.0+0x153/0x700 [ 14.135528] ? __switch_to+0x47/0xf50 [ 14.135555] ? __schedule+0x10cc/0x2b60 [ 14.135579] ? __pfx_read_tsc+0x10/0x10 [ 14.135610] ? ktime_get_ts64+0x86/0x230 [ 14.135634] kunit_try_run_case+0x1a5/0x480 [ 14.135661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.135683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.135717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.135740] ? __kthread_parkme+0x82/0x180 [ 14.135760] ? preempt_count_sub+0x50/0x80 [ 14.135794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.135817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.135841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.135864] kthread+0x337/0x6f0 [ 14.135883] ? trace_preempt_on+0x20/0xc0 [ 14.135915] ? __pfx_kthread+0x10/0x10 [ 14.135936] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.135957] ? calculate_sigpending+0x7b/0xa0 [ 14.135991] ? __pfx_kthread+0x10/0x10 [ 14.136013] ret_from_fork+0x116/0x1d0 [ 14.136031] ? __pfx_kthread+0x10/0x10 [ 14.136059] ret_from_fork_asm+0x1a/0x30 [ 14.136092] </TASK> [ 14.136102] [ 14.148879] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.149341] and is located at offset 138 in frame: [ 14.149509] kasan_stack_oob+0x0/0x300 [ 14.149936] [ 14.150200] This frame has 4 objects: [ 14.150637] [48, 49) '__assertion' [ 14.150671] [64, 72) 'array' [ 14.151075] [96, 112) '__assertion' [ 14.151522] [128, 138) 'stack_array' [ 14.151987] [ 14.152508] The buggy address belongs to the physical page: [ 14.152949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aff [ 14.153210] flags: 0x200000000000000(node=0|zone=2) [ 14.153387] raw: 0200000000000000 ffffea00040ebfc8 ffffea00040ebfc8 0000000000000000 [ 14.153652] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.153953] page dumped because: kasan: bad access detected [ 14.154194] [ 14.154288] Memory state around the buggy address: [ 14.154562] ffff888103affc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.154976] ffff888103affc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.155310] >ffff888103affd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.155574] ^ [ 14.155788] ffff888103affd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.156238] ffff888103affe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.156538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.109363] ================================================================== [ 14.109939] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.110451] Read of size 1 at addr ffffffff9e463e8d by task kunit_try_catch/262 [ 14.110877] [ 14.111222] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.111274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.111299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.111322] Call Trace: [ 14.111334] <TASK> [ 14.111351] dump_stack_lvl+0x73/0xb0 [ 14.111382] print_report+0xd1/0x610 [ 14.111405] ? __virt_addr_valid+0x1db/0x2d0 [ 14.111428] ? kasan_global_oob_right+0x286/0x2d0 [ 14.111460] ? kasan_addr_to_slab+0x11/0xa0 [ 14.111480] ? kasan_global_oob_right+0x286/0x2d0 [ 14.111502] kasan_report+0x141/0x180 [ 14.111534] ? kasan_global_oob_right+0x286/0x2d0 [ 14.111561] __asan_report_load1_noabort+0x18/0x20 [ 14.111585] kasan_global_oob_right+0x286/0x2d0 [ 14.111617] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.111642] ? __schedule+0x10cc/0x2b60 [ 14.111665] ? __pfx_read_tsc+0x10/0x10 [ 14.111685] ? ktime_get_ts64+0x86/0x230 [ 14.111709] kunit_try_run_case+0x1a5/0x480 [ 14.111735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.111780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.111803] ? __kthread_parkme+0x82/0x180 [ 14.111840] ? preempt_count_sub+0x50/0x80 [ 14.111864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.111934] kthread+0x337/0x6f0 [ 14.111953] ? trace_preempt_on+0x20/0xc0 [ 14.111976] ? __pfx_kthread+0x10/0x10 [ 14.111996] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.112016] ? calculate_sigpending+0x7b/0xa0 [ 14.112041] ? __pfx_kthread+0x10/0x10 [ 14.112072] ret_from_fork+0x116/0x1d0 [ 14.112090] ? __pfx_kthread+0x10/0x10 [ 14.112110] ret_from_fork_asm+0x1a/0x30 [ 14.112142] </TASK> [ 14.112152] [ 14.120348] The buggy address belongs to the variable: [ 14.120600] global_array+0xd/0x40 [ 14.120784] [ 14.120874] The buggy address belongs to the physical page: [ 14.121160] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14b863 [ 14.121804] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.122103] raw: 0200000000002000 ffffea00052e18c8 ffffea00052e18c8 0000000000000000 [ 14.122431] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.122961] page dumped because: kasan: bad access detected [ 14.123163] [ 14.123234] Memory state around the buggy address: [ 14.123429] ffffffff9e463d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.123774] ffffffff9e463e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.124000] >ffffffff9e463e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.124333] ^ [ 14.124535] ffffffff9e463f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.124906] ffffffff9e463f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.125231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.084880] ================================================================== [ 14.085441] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.085795] Free of addr ffff888103abc001 by task kunit_try_catch/260 [ 14.086173] [ 14.086305] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.086366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.086382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.086406] Call Trace: [ 14.086430] <TASK> [ 14.086448] dump_stack_lvl+0x73/0xb0 [ 14.086480] print_report+0xd1/0x610 [ 14.086503] ? __virt_addr_valid+0x1db/0x2d0 [ 14.086536] ? kasan_addr_to_slab+0x11/0xa0 [ 14.086555] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.086582] kasan_report_invalid_free+0x10a/0x130 [ 14.086629] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.086657] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.086682] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.086707] mempool_free+0x2ec/0x380 [ 14.086743] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.086770] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.086803] ? finish_task_switch.isra.0+0x153/0x700 [ 14.086850] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.086877] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.086920] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.086944] ? __pfx_mempool_kfree+0x10/0x10 [ 14.086971] ? __pfx_read_tsc+0x10/0x10 [ 14.086991] ? ktime_get_ts64+0x86/0x230 [ 14.087016] kunit_try_run_case+0x1a5/0x480 [ 14.087042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.087073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.087098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.087122] ? __kthread_parkme+0x82/0x180 [ 14.087144] ? preempt_count_sub+0x50/0x80 [ 14.087166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.087190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.087214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.087238] kthread+0x337/0x6f0 [ 14.087257] ? trace_preempt_on+0x20/0xc0 [ 14.087281] ? __pfx_kthread+0x10/0x10 [ 14.087301] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.087322] ? calculate_sigpending+0x7b/0xa0 [ 14.087346] ? __pfx_kthread+0x10/0x10 [ 14.087369] ret_from_fork+0x116/0x1d0 [ 14.087387] ? __pfx_kthread+0x10/0x10 [ 14.087407] ret_from_fork_asm+0x1a/0x30 [ 14.087440] </TASK> [ 14.087452] [ 14.096771] The buggy address belongs to the physical page: [ 14.097277] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abc [ 14.097720] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.098135] flags: 0x200000000000040(head|node=0|zone=2) [ 14.098425] page_type: f8(unknown) [ 14.098598] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.099027] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.099367] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.099699] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.100126] head: 0200000000000002 ffffea00040eaf01 00000000ffffffff 00000000ffffffff [ 14.100464] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.100875] page dumped because: kasan: bad access detected [ 14.101249] [ 14.101327] Memory state around the buggy address: [ 14.101541] ffff888103abbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.101856] ffff888103abbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.102190] >ffff888103abc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.102427] ^ [ 14.102594] ffff888103abc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.103103] ffff888103abc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.103424] ================================================================== [ 14.051487] ================================================================== [ 14.051913] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.052453] Free of addr ffff888102f42c01 by task kunit_try_catch/258 [ 14.052875] [ 14.053306] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.053356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.053369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.053391] Call Trace: [ 14.053402] <TASK> [ 14.053419] dump_stack_lvl+0x73/0xb0 [ 14.053453] print_report+0xd1/0x610 [ 14.053475] ? __virt_addr_valid+0x1db/0x2d0 [ 14.053501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.053523] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.053550] kasan_report_invalid_free+0x10a/0x130 [ 14.053575] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.053720] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.053746] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.053770] check_slab_allocation+0x11f/0x130 [ 14.053792] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.053817] mempool_free+0x2ec/0x380 [ 14.053892] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.053920] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.053947] ? __kasan_check_write+0x18/0x20 [ 14.053966] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.053989] ? finish_task_switch.isra.0+0x153/0x700 [ 14.054016] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.054040] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.054131] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.054153] ? __pfx_mempool_kfree+0x10/0x10 [ 14.054177] ? __pfx_read_tsc+0x10/0x10 [ 14.054199] ? ktime_get_ts64+0x86/0x230 [ 14.054228] kunit_try_run_case+0x1a5/0x480 [ 14.054254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.054301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.054324] ? __kthread_parkme+0x82/0x180 [ 14.054346] ? preempt_count_sub+0x50/0x80 [ 14.054368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.054392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.054416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.054439] kthread+0x337/0x6f0 [ 14.054457] ? trace_preempt_on+0x20/0xc0 [ 14.054481] ? __pfx_kthread+0x10/0x10 [ 14.054501] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.054522] ? calculate_sigpending+0x7b/0xa0 [ 14.054547] ? __pfx_kthread+0x10/0x10 [ 14.054568] ret_from_fork+0x116/0x1d0 [ 14.054587] ? __pfx_kthread+0x10/0x10 [ 14.054607] ret_from_fork_asm+0x1a/0x30 [ 14.054640] </TASK> [ 14.054650] [ 14.070618] Allocated by task 258: [ 14.070813] kasan_save_stack+0x45/0x70 [ 14.070983] kasan_save_track+0x18/0x40 [ 14.071273] kasan_save_alloc_info+0x3b/0x50 [ 14.071488] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.071835] remove_element+0x11e/0x190 [ 14.072077] mempool_alloc_preallocated+0x4d/0x90 [ 14.072430] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.072686] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.072937] kunit_try_run_case+0x1a5/0x480 [ 14.073204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.073491] kthread+0x337/0x6f0 [ 14.073725] ret_from_fork+0x116/0x1d0 [ 14.073989] ret_from_fork_asm+0x1a/0x30 [ 14.074168] [ 14.074248] The buggy address belongs to the object at ffff888102f42c00 [ 14.074248] which belongs to the cache kmalloc-128 of size 128 [ 14.074850] The buggy address is located 1 bytes inside of [ 14.074850] 128-byte region [ffff888102f42c00, ffff888102f42c80) [ 14.075373] [ 14.075448] The buggy address belongs to the physical page: [ 14.075690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 14.076132] flags: 0x200000000000000(node=0|zone=2) [ 14.076301] page_type: f5(slab) [ 14.077010] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.077558] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.078011] page dumped because: kasan: bad access detected [ 14.078271] [ 14.078384] Memory state around the buggy address: [ 14.078564] ffff888102f42b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.078983] ffff888102f42b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.079299] >ffff888102f42c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.079624] ^ [ 14.079781] ffff888102f42c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.080309] ffff888102f42d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.080626] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.028686] ================================================================== [ 14.029289] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.029590] Free of addr ffff888102b48000 by task kunit_try_catch/256 [ 14.029890] [ 14.030117] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.030167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.030178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.030201] Call Trace: [ 14.030217] <TASK> [ 14.030234] dump_stack_lvl+0x73/0xb0 [ 14.030265] print_report+0xd1/0x610 [ 14.030288] ? __virt_addr_valid+0x1db/0x2d0 [ 14.030313] ? kasan_addr_to_slab+0x11/0xa0 [ 14.030333] ? mempool_double_free_helper+0x184/0x370 [ 14.030358] kasan_report_invalid_free+0x10a/0x130 [ 14.030382] ? mempool_double_free_helper+0x184/0x370 [ 14.030409] ? mempool_double_free_helper+0x184/0x370 [ 14.030432] __kasan_mempool_poison_pages+0x115/0x130 [ 14.030456] mempool_free+0x290/0x380 [ 14.030484] mempool_double_free_helper+0x184/0x370 [ 14.030507] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.030532] ? __kasan_check_write+0x18/0x20 [ 14.030552] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.030573] ? finish_task_switch.isra.0+0x153/0x700 [ 14.030611] mempool_page_alloc_double_free+0xe8/0x140 [ 14.030637] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.030666] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.030690] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.030715] ? __pfx_read_tsc+0x10/0x10 [ 14.030736] ? ktime_get_ts64+0x86/0x230 [ 14.030761] kunit_try_run_case+0x1a5/0x480 [ 14.030789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.030811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.030836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.030859] ? __kthread_parkme+0x82/0x180 [ 14.030879] ? preempt_count_sub+0x50/0x80 [ 14.030953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.030980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.031005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.031029] kthread+0x337/0x6f0 [ 14.031048] ? trace_preempt_on+0x20/0xc0 [ 14.031084] ? __pfx_kthread+0x10/0x10 [ 14.031104] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.031126] ? calculate_sigpending+0x7b/0xa0 [ 14.031151] ? __pfx_kthread+0x10/0x10 [ 14.031172] ret_from_fork+0x116/0x1d0 [ 14.031191] ? __pfx_kthread+0x10/0x10 [ 14.031210] ret_from_fork_asm+0x1a/0x30 [ 14.031244] </TASK> [ 14.031255] [ 14.043215] The buggy address belongs to the physical page: [ 14.043667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b48 [ 14.044135] flags: 0x200000000000000(node=0|zone=2) [ 14.044376] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.045040] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.045388] page dumped because: kasan: bad access detected [ 14.045726] [ 14.045931] Memory state around the buggy address: [ 14.046245] ffff888102b47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.046536] ffff888102b47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.047107] >ffff888102b48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.047494] ^ [ 14.047662] ffff888102b48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.048175] ffff888102b48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.048482] ================================================================== [ 14.002617] ================================================================== [ 14.003417] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.003751] Free of addr ffff888103ab8000 by task kunit_try_catch/254 [ 14.004009] [ 14.004127] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.004174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.004186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.004209] Call Trace: [ 14.004224] <TASK> [ 14.004242] dump_stack_lvl+0x73/0xb0 [ 14.004270] print_report+0xd1/0x610 [ 14.004292] ? __virt_addr_valid+0x1db/0x2d0 [ 14.004316] ? kasan_addr_to_slab+0x11/0xa0 [ 14.004336] ? mempool_double_free_helper+0x184/0x370 [ 14.004361] kasan_report_invalid_free+0x10a/0x130 [ 14.004386] ? mempool_double_free_helper+0x184/0x370 [ 14.004413] ? mempool_double_free_helper+0x184/0x370 [ 14.004435] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.004460] mempool_free+0x2ec/0x380 [ 14.004486] mempool_double_free_helper+0x184/0x370 [ 14.004510] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.004535] ? __kasan_check_write+0x18/0x20 [ 14.004554] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.004576] ? finish_task_switch.isra.0+0x153/0x700 [ 14.004602] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.004627] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.004655] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.004678] ? __pfx_mempool_kfree+0x10/0x10 [ 14.004703] ? __pfx_read_tsc+0x10/0x10 [ 14.004724] ? ktime_get_ts64+0x86/0x230 [ 14.004749] kunit_try_run_case+0x1a5/0x480 [ 14.004776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.004798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.004822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.004846] ? __kthread_parkme+0x82/0x180 [ 14.004866] ? preempt_count_sub+0x50/0x80 [ 14.004890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.004914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.004937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.004961] kthread+0x337/0x6f0 [ 14.005080] ? trace_preempt_on+0x20/0xc0 [ 14.005108] ? __pfx_kthread+0x10/0x10 [ 14.005129] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.005151] ? calculate_sigpending+0x7b/0xa0 [ 14.005175] ? __pfx_kthread+0x10/0x10 [ 14.005195] ret_from_fork+0x116/0x1d0 [ 14.005213] ? __pfx_kthread+0x10/0x10 [ 14.005234] ret_from_fork_asm+0x1a/0x30 [ 14.005266] </TASK> [ 14.005276] [ 14.017466] The buggy address belongs to the physical page: [ 14.018019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8 [ 14.018460] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.019122] flags: 0x200000000000040(head|node=0|zone=2) [ 14.019447] page_type: f8(unknown) [ 14.019619] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.020177] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.020515] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.021033] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.021449] head: 0200000000000002 ffffea00040eae01 00000000ffffffff 00000000ffffffff [ 14.021939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.022384] page dumped because: kasan: bad access detected [ 14.022587] [ 14.022697] Memory state around the buggy address: [ 14.022920] ffff888103ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.023790] ffff888103ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.024305] >ffff888103ab8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.024586] ^ [ 14.024739] ffff888103ab8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.025284] ffff888103ab8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.025702] ================================================================== [ 13.971985] ================================================================== [ 13.972429] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.973139] Free of addr ffff888102f42800 by task kunit_try_catch/252 [ 13.974019] [ 13.974245] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.974295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.974307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.974330] Call Trace: [ 13.974343] <TASK> [ 13.974360] dump_stack_lvl+0x73/0xb0 [ 13.974392] print_report+0xd1/0x610 [ 13.974416] ? __virt_addr_valid+0x1db/0x2d0 [ 13.974441] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.974464] ? mempool_double_free_helper+0x184/0x370 [ 13.974491] kasan_report_invalid_free+0x10a/0x130 [ 13.974516] ? mempool_double_free_helper+0x184/0x370 [ 13.974543] ? mempool_double_free_helper+0x184/0x370 [ 13.974566] ? mempool_double_free_helper+0x184/0x370 [ 13.974597] check_slab_allocation+0x101/0x130 [ 13.974618] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.974644] mempool_free+0x2ec/0x380 [ 13.974672] mempool_double_free_helper+0x184/0x370 [ 13.974695] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.974721] ? ret_from_fork+0x116/0x1d0 [ 13.974740] ? kthread+0x337/0x6f0 [ 13.974761] ? ret_from_fork_asm+0x1a/0x30 [ 13.974788] mempool_kmalloc_double_free+0xed/0x140 [ 13.974813] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.974840] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.974862] ? __pfx_mempool_kfree+0x10/0x10 [ 13.974886] ? __pfx_read_tsc+0x10/0x10 [ 13.974906] ? ktime_get_ts64+0x86/0x230 [ 13.974930] kunit_try_run_case+0x1a5/0x480 [ 13.974956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.975002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.975026] ? __kthread_parkme+0x82/0x180 [ 13.975045] ? preempt_count_sub+0x50/0x80 [ 13.975079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.975103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.975127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.975150] kthread+0x337/0x6f0 [ 13.975168] ? trace_preempt_on+0x20/0xc0 [ 13.975191] ? __pfx_kthread+0x10/0x10 [ 13.975211] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.975232] ? calculate_sigpending+0x7b/0xa0 [ 13.975256] ? __pfx_kthread+0x10/0x10 [ 13.975277] ret_from_fork+0x116/0x1d0 [ 13.975295] ? __pfx_kthread+0x10/0x10 [ 13.975314] ret_from_fork_asm+0x1a/0x30 [ 13.975346] </TASK> [ 13.975357] [ 13.986706] Allocated by task 252: [ 13.986959] kasan_save_stack+0x45/0x70 [ 13.987167] kasan_save_track+0x18/0x40 [ 13.987346] kasan_save_alloc_info+0x3b/0x50 [ 13.987499] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.987702] remove_element+0x11e/0x190 [ 13.988035] mempool_alloc_preallocated+0x4d/0x90 [ 13.988293] mempool_double_free_helper+0x8a/0x370 [ 13.988533] mempool_kmalloc_double_free+0xed/0x140 [ 13.988859] kunit_try_run_case+0x1a5/0x480 [ 13.989094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.989355] kthread+0x337/0x6f0 [ 13.989524] ret_from_fork+0x116/0x1d0 [ 13.989741] ret_from_fork_asm+0x1a/0x30 [ 13.990001] [ 13.990093] Freed by task 252: [ 13.990207] kasan_save_stack+0x45/0x70 [ 13.990413] kasan_save_track+0x18/0x40 [ 13.990604] kasan_save_free_info+0x3f/0x60 [ 13.990910] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.991172] mempool_free+0x2ec/0x380 [ 13.991319] mempool_double_free_helper+0x109/0x370 [ 13.991482] mempool_kmalloc_double_free+0xed/0x140 [ 13.991746] kunit_try_run_case+0x1a5/0x480 [ 13.992126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.992395] kthread+0x337/0x6f0 [ 13.992566] ret_from_fork+0x116/0x1d0 [ 13.992754] ret_from_fork_asm+0x1a/0x30 [ 13.993019] [ 13.993135] The buggy address belongs to the object at ffff888102f42800 [ 13.993135] which belongs to the cache kmalloc-128 of size 128 [ 13.993698] The buggy address is located 0 bytes inside of [ 13.993698] 128-byte region [ffff888102f42800, ffff888102f42880) [ 13.994259] [ 13.994361] The buggy address belongs to the physical page: [ 13.994587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 13.994976] flags: 0x200000000000000(node=0|zone=2) [ 13.995163] page_type: f5(slab) [ 13.995288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.995661] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.996188] page dumped because: kasan: bad access detected [ 13.996394] [ 13.996491] Memory state around the buggy address: [ 13.996734] ffff888102f42700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.997106] ffff888102f42780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.997373] >ffff888102f42800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.997654] ^ [ 13.997907] ffff888102f42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.998249] ffff888102f42900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.998543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.942602] ================================================================== [ 13.944132] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.944385] Read of size 1 at addr ffff888103ab8000 by task kunit_try_catch/250 [ 13.944637] [ 13.944991] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.945042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.945064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.945087] Call Trace: [ 13.945101] <TASK> [ 13.945120] dump_stack_lvl+0x73/0xb0 [ 13.945154] print_report+0xd1/0x610 [ 13.945176] ? __virt_addr_valid+0x1db/0x2d0 [ 13.945202] ? mempool_uaf_helper+0x392/0x400 [ 13.945223] ? kasan_addr_to_slab+0x11/0xa0 [ 13.945244] ? mempool_uaf_helper+0x392/0x400 [ 13.945266] kasan_report+0x141/0x180 [ 13.945288] ? mempool_uaf_helper+0x392/0x400 [ 13.945316] __asan_report_load1_noabort+0x18/0x20 [ 13.945340] mempool_uaf_helper+0x392/0x400 [ 13.945363] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.945386] ? __kasan_check_write+0x18/0x20 [ 13.945406] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.945429] ? finish_task_switch.isra.0+0x153/0x700 [ 13.945456] mempool_page_alloc_uaf+0xed/0x140 [ 13.945480] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.945506] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.945531] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.945557] ? __pfx_read_tsc+0x10/0x10 [ 13.945579] ? ktime_get_ts64+0x86/0x230 [ 13.945640] kunit_try_run_case+0x1a5/0x480 [ 13.945669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.945690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.945728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.945751] ? __kthread_parkme+0x82/0x180 [ 13.945773] ? preempt_count_sub+0x50/0x80 [ 13.945795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.945819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.945844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.945868] kthread+0x337/0x6f0 [ 13.945886] ? trace_preempt_on+0x20/0xc0 [ 13.945912] ? __pfx_kthread+0x10/0x10 [ 13.945932] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.945953] ? calculate_sigpending+0x7b/0xa0 [ 13.945978] ? __pfx_kthread+0x10/0x10 [ 13.946000] ret_from_fork+0x116/0x1d0 [ 13.946018] ? __pfx_kthread+0x10/0x10 [ 13.946038] ret_from_fork_asm+0x1a/0x30 [ 13.946080] </TASK> [ 13.946092] [ 13.963367] The buggy address belongs to the physical page: [ 13.963565] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8 [ 13.964518] flags: 0x200000000000000(node=0|zone=2) [ 13.964878] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.965142] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.965372] page dumped because: kasan: bad access detected [ 13.965547] [ 13.965654] Memory state around the buggy address: [ 13.966198] ffff888103ab7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.966726] ffff888103ab7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.967539] >ffff888103ab8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.968065] ^ [ 13.968192] ffff888103ab8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.968411] ffff888103ab8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.968644] ================================================================== [ 13.859127] ================================================================== [ 13.860209] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.860722] Read of size 1 at addr ffff888102b44000 by task kunit_try_catch/246 [ 13.861002] [ 13.861149] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.861199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.861210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.861234] Call Trace: [ 13.861246] <TASK> [ 13.861264] dump_stack_lvl+0x73/0xb0 [ 13.861295] print_report+0xd1/0x610 [ 13.861317] ? __virt_addr_valid+0x1db/0x2d0 [ 13.861340] ? mempool_uaf_helper+0x392/0x400 [ 13.861363] ? kasan_addr_to_slab+0x11/0xa0 [ 13.861383] ? mempool_uaf_helper+0x392/0x400 [ 13.861405] kasan_report+0x141/0x180 [ 13.861427] ? mempool_uaf_helper+0x392/0x400 [ 13.861454] __asan_report_load1_noabort+0x18/0x20 [ 13.861479] mempool_uaf_helper+0x392/0x400 [ 13.861501] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.861528] ? finish_task_switch.isra.0+0x153/0x700 [ 13.861555] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.861579] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.861694] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.861720] ? __pfx_mempool_kfree+0x10/0x10 [ 13.861757] ? __pfx_read_tsc+0x10/0x10 [ 13.861777] ? ktime_get_ts64+0x86/0x230 [ 13.861803] kunit_try_run_case+0x1a5/0x480 [ 13.861929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.861952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.862088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.862118] ? __kthread_parkme+0x82/0x180 [ 13.862138] ? preempt_count_sub+0x50/0x80 [ 13.862162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.862186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.862211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.862240] kthread+0x337/0x6f0 [ 13.862259] ? trace_preempt_on+0x20/0xc0 [ 13.862282] ? __pfx_kthread+0x10/0x10 [ 13.862302] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.862324] ? calculate_sigpending+0x7b/0xa0 [ 13.862348] ? __pfx_kthread+0x10/0x10 [ 13.862369] ret_from_fork+0x116/0x1d0 [ 13.862387] ? __pfx_kthread+0x10/0x10 [ 13.862407] ret_from_fork_asm+0x1a/0x30 [ 13.862440] </TASK> [ 13.862451] [ 13.876724] The buggy address belongs to the physical page: [ 13.877124] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b44 [ 13.877373] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.877652] flags: 0x200000000000040(head|node=0|zone=2) [ 13.878451] page_type: f8(unknown) [ 13.878853] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.879844] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.880639] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.881037] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.881287] head: 0200000000000002 ffffea00040ad101 00000000ffffffff 00000000ffffffff [ 13.881514] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.882296] page dumped because: kasan: bad access detected [ 13.883302] [ 13.883479] Memory state around the buggy address: [ 13.884072] ffff888102b43f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.884704] ffff888102b43f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.885508] >ffff888102b44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.886165] ^ [ 13.886300] ffff888102b44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.886520] ffff888102b44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.886754] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.892657] ================================================================== [ 13.893823] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.894148] Read of size 1 at addr ffff888102f56240 by task kunit_try_catch/248 [ 13.894375] [ 13.894472] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.894520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.894532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.894555] Call Trace: [ 13.894600] <TASK> [ 13.894619] dump_stack_lvl+0x73/0xb0 [ 13.894652] print_report+0xd1/0x610 [ 13.894675] ? __virt_addr_valid+0x1db/0x2d0 [ 13.894701] ? mempool_uaf_helper+0x392/0x400 [ 13.894723] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.894746] ? mempool_uaf_helper+0x392/0x400 [ 13.894768] kasan_report+0x141/0x180 [ 13.894809] ? mempool_uaf_helper+0x392/0x400 [ 13.894837] __asan_report_load1_noabort+0x18/0x20 [ 13.894862] mempool_uaf_helper+0x392/0x400 [ 13.894884] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.894910] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.894933] ? finish_task_switch.isra.0+0x153/0x700 [ 13.894961] mempool_slab_uaf+0xea/0x140 [ 13.894984] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.895010] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.895035] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.895070] ? __pfx_read_tsc+0x10/0x10 [ 13.895092] ? ktime_get_ts64+0x86/0x230 [ 13.895118] kunit_try_run_case+0x1a5/0x480 [ 13.895145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.895166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.895192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.895215] ? __kthread_parkme+0x82/0x180 [ 13.895237] ? preempt_count_sub+0x50/0x80 [ 13.895260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.895283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.895307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.895331] kthread+0x337/0x6f0 [ 13.895349] ? trace_preempt_on+0x20/0xc0 [ 13.895373] ? __pfx_kthread+0x10/0x10 [ 13.895393] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.895414] ? calculate_sigpending+0x7b/0xa0 [ 13.895439] ? __pfx_kthread+0x10/0x10 [ 13.895459] ret_from_fork+0x116/0x1d0 [ 13.895479] ? __pfx_kthread+0x10/0x10 [ 13.895498] ret_from_fork_asm+0x1a/0x30 [ 13.895532] </TASK> [ 13.895542] [ 13.909210] Allocated by task 248: [ 13.909344] kasan_save_stack+0x45/0x70 [ 13.909500] kasan_save_track+0x18/0x40 [ 13.909751] kasan_save_alloc_info+0x3b/0x50 [ 13.910241] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.910753] remove_element+0x11e/0x190 [ 13.911200] mempool_alloc_preallocated+0x4d/0x90 [ 13.911651] mempool_uaf_helper+0x96/0x400 [ 13.912085] mempool_slab_uaf+0xea/0x140 [ 13.912252] kunit_try_run_case+0x1a5/0x480 [ 13.912401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.912579] kthread+0x337/0x6f0 [ 13.912961] ret_from_fork+0x116/0x1d0 [ 13.913314] ret_from_fork_asm+0x1a/0x30 [ 13.913737] [ 13.913964] Freed by task 248: [ 13.914277] kasan_save_stack+0x45/0x70 [ 13.914636] kasan_save_track+0x18/0x40 [ 13.914824] kasan_save_free_info+0x3f/0x60 [ 13.914974] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.915156] mempool_free+0x2ec/0x380 [ 13.915291] mempool_uaf_helper+0x11a/0x400 [ 13.915461] mempool_slab_uaf+0xea/0x140 [ 13.915672] kunit_try_run_case+0x1a5/0x480 [ 13.916167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.916381] kthread+0x337/0x6f0 [ 13.916557] ret_from_fork+0x116/0x1d0 [ 13.916792] ret_from_fork_asm+0x1a/0x30 [ 13.917024] [ 13.917136] The buggy address belongs to the object at ffff888102f56240 [ 13.917136] which belongs to the cache test_cache of size 123 [ 13.917677] The buggy address is located 0 bytes inside of [ 13.917677] freed 123-byte region [ffff888102f56240, ffff888102f562bb) [ 13.918069] [ 13.918186] The buggy address belongs to the physical page: [ 13.918445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f56 [ 13.919011] flags: 0x200000000000000(node=0|zone=2) [ 13.919276] page_type: f5(slab) [ 13.919404] raw: 0200000000000000 ffff888101a30a00 dead000000000122 0000000000000000 [ 13.919922] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.920229] page dumped because: kasan: bad access detected [ 13.920431] [ 13.920524] Memory state around the buggy address: [ 13.920753] ffff888102f56100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.921101] ffff888102f56180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.921434] >ffff888102f56200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.921714] ^ [ 13.921884] ffff888102f56280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.922382] ffff888102f56300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.922632] ================================================================== [ 13.807104] ================================================================== [ 13.808864] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.809922] Read of size 1 at addr ffff8881026a6f00 by task kunit_try_catch/244 [ 13.810205] [ 13.810312] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.810362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.810374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.810399] Call Trace: [ 13.810415] <TASK> [ 13.810437] dump_stack_lvl+0x73/0xb0 [ 13.810473] print_report+0xd1/0x610 [ 13.810498] ? __virt_addr_valid+0x1db/0x2d0 [ 13.810523] ? mempool_uaf_helper+0x392/0x400 [ 13.810544] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.810567] ? mempool_uaf_helper+0x392/0x400 [ 13.810600] kasan_report+0x141/0x180 [ 13.810621] ? mempool_uaf_helper+0x392/0x400 [ 13.810649] __asan_report_load1_noabort+0x18/0x20 [ 13.810673] mempool_uaf_helper+0x392/0x400 [ 13.810695] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.810718] ? kasan_save_track+0x18/0x40 [ 13.810737] ? kasan_save_alloc_info+0x3b/0x50 [ 13.810759] ? kasan_save_stack+0x45/0x70 [ 13.810783] mempool_kmalloc_uaf+0xef/0x140 [ 13.810805] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.810830] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.810855] ? __pfx_mempool_kfree+0x10/0x10 [ 13.810879] ? __pfx_read_tsc+0x10/0x10 [ 13.810901] ? ktime_get_ts64+0x86/0x230 [ 13.810926] kunit_try_run_case+0x1a5/0x480 [ 13.810952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.810974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.811000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.811023] ? __kthread_parkme+0x82/0x180 [ 13.811044] ? preempt_count_sub+0x50/0x80 [ 13.811300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.811327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.811351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.811374] kthread+0x337/0x6f0 [ 13.811394] ? trace_preempt_on+0x20/0xc0 [ 13.811704] ? __pfx_kthread+0x10/0x10 [ 13.811730] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.811769] ? calculate_sigpending+0x7b/0xa0 [ 13.811795] ? __pfx_kthread+0x10/0x10 [ 13.811818] ret_from_fork+0x116/0x1d0 [ 13.811839] ? __pfx_kthread+0x10/0x10 [ 13.811859] ret_from_fork_asm+0x1a/0x30 [ 13.811892] </TASK> [ 13.811903] [ 13.834234] Allocated by task 244: [ 13.834928] kasan_save_stack+0x45/0x70 [ 13.835479] kasan_save_track+0x18/0x40 [ 13.835997] kasan_save_alloc_info+0x3b/0x50 [ 13.836584] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.836993] remove_element+0x11e/0x190 [ 13.837526] mempool_alloc_preallocated+0x4d/0x90 [ 13.838149] mempool_uaf_helper+0x96/0x400 [ 13.838557] mempool_kmalloc_uaf+0xef/0x140 [ 13.839189] kunit_try_run_case+0x1a5/0x480 [ 13.839376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.839557] kthread+0x337/0x6f0 [ 13.840314] ret_from_fork+0x116/0x1d0 [ 13.840936] ret_from_fork_asm+0x1a/0x30 [ 13.841525] [ 13.841897] Freed by task 244: [ 13.842264] kasan_save_stack+0x45/0x70 [ 13.842445] kasan_save_track+0x18/0x40 [ 13.842584] kasan_save_free_info+0x3f/0x60 [ 13.842732] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.843196] mempool_free+0x2ec/0x380 [ 13.843627] mempool_uaf_helper+0x11a/0x400 [ 13.844015] mempool_kmalloc_uaf+0xef/0x140 [ 13.844438] kunit_try_run_case+0x1a5/0x480 [ 13.844894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.845431] kthread+0x337/0x6f0 [ 13.845565] ret_from_fork+0x116/0x1d0 [ 13.845709] ret_from_fork_asm+0x1a/0x30 [ 13.846153] [ 13.846318] The buggy address belongs to the object at ffff8881026a6f00 [ 13.846318] which belongs to the cache kmalloc-128 of size 128 [ 13.847280] The buggy address is located 0 bytes inside of [ 13.847280] freed 128-byte region [ffff8881026a6f00, ffff8881026a6f80) [ 13.848256] [ 13.848342] The buggy address belongs to the physical page: [ 13.848564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 13.849350] flags: 0x200000000000000(node=0|zone=2) [ 13.849907] page_type: f5(slab) [ 13.850242] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.850862] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 13.851575] page dumped because: kasan: bad access detected [ 13.852138] [ 13.852286] Memory state around the buggy address: [ 13.852577] ffff8881026a6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.852851] ffff8881026a6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.853445] >ffff8881026a6f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.853890] ^ [ 13.854263] ffff8881026a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.854728] ffff8881026a7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.854946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.779103] ================================================================== [ 13.779629] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.779993] Read of size 1 at addr ffff888102f532bb by task kunit_try_catch/242 [ 13.780373] [ 13.780499] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.780572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.780584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.780607] Call Trace: [ 13.780619] <TASK> [ 13.780636] dump_stack_lvl+0x73/0xb0 [ 13.780687] print_report+0xd1/0x610 [ 13.780710] ? __virt_addr_valid+0x1db/0x2d0 [ 13.780734] ? mempool_oob_right_helper+0x318/0x380 [ 13.780758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.780781] ? mempool_oob_right_helper+0x318/0x380 [ 13.780806] kasan_report+0x141/0x180 [ 13.780829] ? mempool_oob_right_helper+0x318/0x380 [ 13.780858] __asan_report_load1_noabort+0x18/0x20 [ 13.780899] mempool_oob_right_helper+0x318/0x380 [ 13.780925] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.780949] ? update_load_avg+0x1be/0x21b0 [ 13.780977] ? finish_task_switch.isra.0+0x153/0x700 [ 13.781004] mempool_slab_oob_right+0xed/0x140 [ 13.781028] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.781065] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.781090] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.781116] ? __pfx_read_tsc+0x10/0x10 [ 13.781138] ? ktime_get_ts64+0x86/0x230 [ 13.781163] kunit_try_run_case+0x1a5/0x480 [ 13.781189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.781211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.781256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.781281] ? __kthread_parkme+0x82/0x180 [ 13.781301] ? preempt_count_sub+0x50/0x80 [ 13.781325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.781349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.781373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.781397] kthread+0x337/0x6f0 [ 13.781416] ? trace_preempt_on+0x20/0xc0 [ 13.781440] ? __pfx_kthread+0x10/0x10 [ 13.781460] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.781482] ? calculate_sigpending+0x7b/0xa0 [ 13.781506] ? __pfx_kthread+0x10/0x10 [ 13.781527] ret_from_fork+0x116/0x1d0 [ 13.781546] ? __pfx_kthread+0x10/0x10 [ 13.781567] ret_from_fork_asm+0x1a/0x30 [ 13.781600] </TASK> [ 13.781611] [ 13.789731] Allocated by task 242: [ 13.789924] kasan_save_stack+0x45/0x70 [ 13.790152] kasan_save_track+0x18/0x40 [ 13.790375] kasan_save_alloc_info+0x3b/0x50 [ 13.790599] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.790830] remove_element+0x11e/0x190 [ 13.791021] mempool_alloc_preallocated+0x4d/0x90 [ 13.791299] mempool_oob_right_helper+0x8a/0x380 [ 13.791561] mempool_slab_oob_right+0xed/0x140 [ 13.791780] kunit_try_run_case+0x1a5/0x480 [ 13.792015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.792277] kthread+0x337/0x6f0 [ 13.792446] ret_from_fork+0x116/0x1d0 [ 13.792631] ret_from_fork_asm+0x1a/0x30 [ 13.792827] [ 13.792897] The buggy address belongs to the object at ffff888102f53240 [ 13.792897] which belongs to the cache test_cache of size 123 [ 13.793697] The buggy address is located 0 bytes to the right of [ 13.793697] allocated 123-byte region [ffff888102f53240, ffff888102f532bb) [ 13.794217] [ 13.794294] The buggy address belongs to the physical page: [ 13.794480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f53 [ 13.794836] flags: 0x200000000000000(node=0|zone=2) [ 13.795217] page_type: f5(slab) [ 13.795345] raw: 0200000000000000 ffff888101a308c0 dead000000000122 0000000000000000 [ 13.795578] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.795917] page dumped because: kasan: bad access detected [ 13.796220] [ 13.796317] Memory state around the buggy address: [ 13.796523] ffff888102f53180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.796834] ffff888102f53200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.797091] >ffff888102f53280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.797434] ^ [ 13.797760] ffff888102f53300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.798097] ffff888102f53380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.798359] ================================================================== [ 13.722633] ================================================================== [ 13.723191] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.723523] Read of size 1 at addr ffff888102f42473 by task kunit_try_catch/238 [ 13.723906] [ 13.724020] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.724082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.724095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.724119] Call Trace: [ 13.724132] <TASK> [ 13.724152] dump_stack_lvl+0x73/0xb0 [ 13.724186] print_report+0xd1/0x610 [ 13.724209] ? __virt_addr_valid+0x1db/0x2d0 [ 13.724235] ? mempool_oob_right_helper+0x318/0x380 [ 13.724259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.724283] ? mempool_oob_right_helper+0x318/0x380 [ 13.724306] kasan_report+0x141/0x180 [ 13.724329] ? mempool_oob_right_helper+0x318/0x380 [ 13.724358] __asan_report_load1_noabort+0x18/0x20 [ 13.724383] mempool_oob_right_helper+0x318/0x380 [ 13.724408] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.724434] ? __kasan_check_write+0x18/0x20 [ 13.724453] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.724477] ? finish_task_switch.isra.0+0x153/0x700 [ 13.724504] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.724528] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.724555] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.724580] ? __pfx_mempool_kfree+0x10/0x10 [ 13.724604] ? __pfx_read_tsc+0x10/0x10 [ 13.724626] ? ktime_get_ts64+0x86/0x230 [ 13.724652] kunit_try_run_case+0x1a5/0x480 [ 13.724680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.724728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.724770] ? __kthread_parkme+0x82/0x180 [ 13.724794] ? preempt_count_sub+0x50/0x80 [ 13.724872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.724924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.724948] kthread+0x337/0x6f0 [ 13.724968] ? trace_preempt_on+0x20/0xc0 [ 13.724993] ? __pfx_kthread+0x10/0x10 [ 13.725013] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.725035] ? calculate_sigpending+0x7b/0xa0 [ 13.725073] ? __pfx_kthread+0x10/0x10 [ 13.725095] ret_from_fork+0x116/0x1d0 [ 13.725115] ? __pfx_kthread+0x10/0x10 [ 13.725136] ret_from_fork_asm+0x1a/0x30 [ 13.725170] </TASK> [ 13.725182] [ 13.734683] Allocated by task 238: [ 13.734879] kasan_save_stack+0x45/0x70 [ 13.735287] kasan_save_track+0x18/0x40 [ 13.735707] kasan_save_alloc_info+0x3b/0x50 [ 13.735959] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.736404] remove_element+0x11e/0x190 [ 13.736812] mempool_alloc_preallocated+0x4d/0x90 [ 13.737178] mempool_oob_right_helper+0x8a/0x380 [ 13.737393] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.737634] kunit_try_run_case+0x1a5/0x480 [ 13.737839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738303] kthread+0x337/0x6f0 [ 13.738453] ret_from_fork+0x116/0x1d0 [ 13.738736] ret_from_fork_asm+0x1a/0x30 [ 13.738907] [ 13.739030] The buggy address belongs to the object at ffff888102f42400 [ 13.739030] which belongs to the cache kmalloc-128 of size 128 [ 13.739547] The buggy address is located 0 bytes to the right of [ 13.739547] allocated 115-byte region [ffff888102f42400, ffff888102f42473) [ 13.740396] [ 13.740480] The buggy address belongs to the physical page: [ 13.740813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f42 [ 13.741313] flags: 0x200000000000000(node=0|zone=2) [ 13.741561] page_type: f5(slab) [ 13.741866] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.742261] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.742594] page dumped because: kasan: bad access detected [ 13.742868] [ 13.742985] Memory state around the buggy address: [ 13.743221] ffff888102f42300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.743682] ffff888102f42380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.744250] >ffff888102f42400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.744538] ^ [ 13.745001] ffff888102f42480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.745337] ffff888102f42500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.745678] ================================================================== [ 13.749179] ================================================================== [ 13.749673] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.750445] Read of size 1 at addr ffff888103aba001 by task kunit_try_catch/240 [ 13.751048] [ 13.751305] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.751359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.751465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.751491] Call Trace: [ 13.751507] <TASK> [ 13.751527] dump_stack_lvl+0x73/0xb0 [ 13.751563] print_report+0xd1/0x610 [ 13.751587] ? __virt_addr_valid+0x1db/0x2d0 [ 13.751610] ? mempool_oob_right_helper+0x318/0x380 [ 13.751635] ? kasan_addr_to_slab+0x11/0xa0 [ 13.751656] ? mempool_oob_right_helper+0x318/0x380 [ 13.751681] kasan_report+0x141/0x180 [ 13.751703] ? mempool_oob_right_helper+0x318/0x380 [ 13.751732] __asan_report_load1_noabort+0x18/0x20 [ 13.751757] mempool_oob_right_helper+0x318/0x380 [ 13.751782] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.751808] ? __kasan_check_write+0x18/0x20 [ 13.751841] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.751864] ? finish_task_switch.isra.0+0x153/0x700 [ 13.751891] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.751918] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.751946] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.751971] ? __pfx_mempool_kfree+0x10/0x10 [ 13.751997] ? __pfx_read_tsc+0x10/0x10 [ 13.752018] ? ktime_get_ts64+0x86/0x230 [ 13.752044] kunit_try_run_case+0x1a5/0x480 [ 13.752085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.752106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.752132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.752156] ? __kthread_parkme+0x82/0x180 [ 13.752177] ? preempt_count_sub+0x50/0x80 [ 13.752200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.752224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.752248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.752272] kthread+0x337/0x6f0 [ 13.752290] ? trace_preempt_on+0x20/0xc0 [ 13.752314] ? __pfx_kthread+0x10/0x10 [ 13.752335] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.752355] ? calculate_sigpending+0x7b/0xa0 [ 13.752380] ? __pfx_kthread+0x10/0x10 [ 13.752401] ret_from_fork+0x116/0x1d0 [ 13.752420] ? __pfx_kthread+0x10/0x10 [ 13.752441] ret_from_fork_asm+0x1a/0x30 [ 13.752474] </TASK> [ 13.752484] [ 13.765428] The buggy address belongs to the physical page: [ 13.765808] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab8 [ 13.766173] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.766496] flags: 0x200000000000040(head|node=0|zone=2) [ 13.767125] page_type: f8(unknown) [ 13.767380] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.767918] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.768363] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.768911] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.769258] head: 0200000000000002 ffffea00040eae01 00000000ffffffff 00000000ffffffff [ 13.770000] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.770363] page dumped because: kasan: bad access detected [ 13.770731] [ 13.770992] Memory state around the buggy address: [ 13.771236] ffff888103ab9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.771635] ffff888103ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.772117] >ffff888103aba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.772452] ^ [ 13.772822] ffff888103aba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.773303] ffff888103aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.773744] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.140184] ================================================================== [ 13.140676] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.141377] Read of size 1 at addr ffff888101a30640 by task kunit_try_catch/232 [ 13.142123] [ 13.142253] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.142304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.142316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.142339] Call Trace: [ 13.142354] <TASK> [ 13.142374] dump_stack_lvl+0x73/0xb0 [ 13.142408] print_report+0xd1/0x610 [ 13.142589] ? __virt_addr_valid+0x1db/0x2d0 [ 13.142617] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.142642] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.142665] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.142691] kasan_report+0x141/0x180 [ 13.142712] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.142740] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.142766] __kasan_check_byte+0x3d/0x50 [ 13.142788] kmem_cache_destroy+0x25/0x1d0 [ 13.142826] kmem_cache_double_destroy+0x1bf/0x380 [ 13.142850] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.142874] ? finish_task_switch.isra.0+0x153/0x700 [ 13.142898] ? __switch_to+0x47/0xf50 [ 13.142929] ? __pfx_read_tsc+0x10/0x10 [ 13.142950] ? ktime_get_ts64+0x86/0x230 [ 13.142975] kunit_try_run_case+0x1a5/0x480 [ 13.143002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.143064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.143087] ? __kthread_parkme+0x82/0x180 [ 13.143109] ? preempt_count_sub+0x50/0x80 [ 13.143132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.143179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.143203] kthread+0x337/0x6f0 [ 13.143221] ? trace_preempt_on+0x20/0xc0 [ 13.143245] ? __pfx_kthread+0x10/0x10 [ 13.143265] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.143285] ? calculate_sigpending+0x7b/0xa0 [ 13.143311] ? __pfx_kthread+0x10/0x10 [ 13.143332] ret_from_fork+0x116/0x1d0 [ 13.143351] ? __pfx_kthread+0x10/0x10 [ 13.143370] ret_from_fork_asm+0x1a/0x30 [ 13.143404] </TASK> [ 13.143414] [ 13.159029] Allocated by task 232: [ 13.159677] kasan_save_stack+0x45/0x70 [ 13.160295] kasan_save_track+0x18/0x40 [ 13.160447] kasan_save_alloc_info+0x3b/0x50 [ 13.160606] __kasan_slab_alloc+0x91/0xa0 [ 13.160955] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.161461] __kmem_cache_create_args+0x169/0x240 [ 13.162084] kmem_cache_double_destroy+0xd5/0x380 [ 13.162511] kunit_try_run_case+0x1a5/0x480 [ 13.162951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.163253] kthread+0x337/0x6f0 [ 13.163382] ret_from_fork+0x116/0x1d0 [ 13.163518] ret_from_fork_asm+0x1a/0x30 [ 13.163761] [ 13.163925] Freed by task 232: [ 13.164427] kasan_save_stack+0x45/0x70 [ 13.164905] kasan_save_track+0x18/0x40 [ 13.165273] kasan_save_free_info+0x3f/0x60 [ 13.165644] __kasan_slab_free+0x56/0x70 [ 13.166099] kmem_cache_free+0x249/0x420 [ 13.166477] slab_kmem_cache_release+0x2e/0x40 [ 13.166969] kmem_cache_release+0x16/0x20 [ 13.167238] kobject_put+0x181/0x450 [ 13.167373] sysfs_slab_release+0x16/0x20 [ 13.167514] kmem_cache_destroy+0xf0/0x1d0 [ 13.167693] kmem_cache_double_destroy+0x14e/0x380 [ 13.168352] kunit_try_run_case+0x1a5/0x480 [ 13.168774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.169328] kthread+0x337/0x6f0 [ 13.169656] ret_from_fork+0x116/0x1d0 [ 13.170151] ret_from_fork_asm+0x1a/0x30 [ 13.170524] [ 13.170684] The buggy address belongs to the object at ffff888101a30640 [ 13.170684] which belongs to the cache kmem_cache of size 208 [ 13.171215] The buggy address is located 0 bytes inside of [ 13.171215] freed 208-byte region [ffff888101a30640, ffff888101a30710) [ 13.171567] [ 13.171734] The buggy address belongs to the physical page: [ 13.172219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a30 [ 13.173304] flags: 0x200000000000000(node=0|zone=2) [ 13.173773] page_type: f5(slab) [ 13.174148] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.174872] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.175528] page dumped because: kasan: bad access detected [ 13.176180] [ 13.176355] Memory state around the buggy address: [ 13.176605] ffff888101a30500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.177206] ffff888101a30580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.177431] >ffff888101a30600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.177762] ^ [ 13.178328] ffff888101a30680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.179030] ffff888101a30700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.179679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.088015] ================================================================== [ 13.088595] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.088962] Read of size 1 at addr ffff8881026c1000 by task kunit_try_catch/230 [ 13.089428] [ 13.089551] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.089599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.089611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.089633] Call Trace: [ 13.089646] <TASK> [ 13.089665] dump_stack_lvl+0x73/0xb0 [ 13.089697] print_report+0xd1/0x610 [ 13.089720] ? __virt_addr_valid+0x1db/0x2d0 [ 13.089744] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.089766] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.089789] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.089812] kasan_report+0x141/0x180 [ 13.089833] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.089898] __asan_report_load1_noabort+0x18/0x20 [ 13.089922] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.089957] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.089979] ? finish_task_switch.isra.0+0x153/0x700 [ 13.090003] ? __switch_to+0x47/0xf50 [ 13.090034] ? __pfx_read_tsc+0x10/0x10 [ 13.090062] ? ktime_get_ts64+0x86/0x230 [ 13.090087] kunit_try_run_case+0x1a5/0x480 [ 13.090114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.090135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.090160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.090182] ? __kthread_parkme+0x82/0x180 [ 13.090203] ? preempt_count_sub+0x50/0x80 [ 13.090230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.090254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.090277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.090300] kthread+0x337/0x6f0 [ 13.090319] ? trace_preempt_on+0x20/0xc0 [ 13.090342] ? __pfx_kthread+0x10/0x10 [ 13.090361] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.090405] ? calculate_sigpending+0x7b/0xa0 [ 13.090430] ? __pfx_kthread+0x10/0x10 [ 13.090450] ret_from_fork+0x116/0x1d0 [ 13.090480] ? __pfx_kthread+0x10/0x10 [ 13.090499] ret_from_fork_asm+0x1a/0x30 [ 13.090552] </TASK> [ 13.090562] [ 13.099114] Allocated by task 230: [ 13.099255] kasan_save_stack+0x45/0x70 [ 13.099403] kasan_save_track+0x18/0x40 [ 13.099539] kasan_save_alloc_info+0x3b/0x50 [ 13.099749] __kasan_slab_alloc+0x91/0xa0 [ 13.099952] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.100305] kmem_cache_rcu_uaf+0x155/0x510 [ 13.100544] kunit_try_run_case+0x1a5/0x480 [ 13.100756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.101180] kthread+0x337/0x6f0 [ 13.101345] ret_from_fork+0x116/0x1d0 [ 13.101524] ret_from_fork_asm+0x1a/0x30 [ 13.101958] [ 13.102067] Freed by task 0: [ 13.102187] kasan_save_stack+0x45/0x70 [ 13.102395] kasan_save_track+0x18/0x40 [ 13.102566] kasan_save_free_info+0x3f/0x60 [ 13.103695] __kasan_slab_free+0x56/0x70 [ 13.103869] slab_free_after_rcu_debug+0xe4/0x310 [ 13.104033] rcu_core+0x66f/0x1c40 [ 13.104173] rcu_core_si+0x12/0x20 [ 13.104297] handle_softirqs+0x209/0x730 [ 13.104437] __irq_exit_rcu+0xc9/0x110 [ 13.104569] irq_exit_rcu+0x12/0x20 [ 13.104695] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.104858] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.105028] [ 13.105111] Last potentially related work creation: [ 13.105267] kasan_save_stack+0x45/0x70 [ 13.105698] kasan_record_aux_stack+0xb2/0xc0 [ 13.105852] kmem_cache_free+0x131/0x420 [ 13.105989] kmem_cache_rcu_uaf+0x194/0x510 [ 13.106371] kunit_try_run_case+0x1a5/0x480 [ 13.106906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.107372] kthread+0x337/0x6f0 [ 13.107680] ret_from_fork+0x116/0x1d0 [ 13.108191] ret_from_fork_asm+0x1a/0x30 [ 13.108610] [ 13.108869] The buggy address belongs to the object at ffff8881026c1000 [ 13.108869] which belongs to the cache test_cache of size 200 [ 13.110172] The buggy address is located 0 bytes inside of [ 13.110172] freed 200-byte region [ffff8881026c1000, ffff8881026c10c8) [ 13.111364] [ 13.111529] The buggy address belongs to the physical page: [ 13.112106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c1 [ 13.113090] flags: 0x200000000000000(node=0|zone=2) [ 13.113618] page_type: f5(slab) [ 13.113934] raw: 0200000000000000 ffff8881010b4780 dead000000000122 0000000000000000 [ 13.114831] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.115690] page dumped because: kasan: bad access detected [ 13.116379] [ 13.116569] Memory state around the buggy address: [ 13.117162] ffff8881026c0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.117858] ffff8881026c0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.118486] >ffff8881026c1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.119246] ^ [ 13.119494] ffff8881026c1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.119798] ffff8881026c1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.120567] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.023653] ================================================================== [ 13.024420] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.024991] Free of addr ffff888102f4c001 by task kunit_try_catch/228 [ 13.025254] [ 13.025378] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.025426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.025437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.025459] Call Trace: [ 13.025473] <TASK> [ 13.025492] dump_stack_lvl+0x73/0xb0 [ 13.025526] print_report+0xd1/0x610 [ 13.025549] ? __virt_addr_valid+0x1db/0x2d0 [ 13.025575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.025609] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.025647] kasan_report_invalid_free+0x10a/0x130 [ 13.025671] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.025710] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.025735] check_slab_allocation+0x11f/0x130 [ 13.025757] __kasan_slab_pre_free+0x28/0x40 [ 13.025788] kmem_cache_free+0xed/0x420 [ 13.025809] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.025830] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.025869] kmem_cache_invalid_free+0x1d8/0x460 [ 13.025893] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.025917] ? finish_task_switch.isra.0+0x153/0x700 [ 13.025963] ? __switch_to+0x47/0xf50 [ 13.025994] ? __pfx_read_tsc+0x10/0x10 [ 13.026015] ? ktime_get_ts64+0x86/0x230 [ 13.026040] kunit_try_run_case+0x1a5/0x480 [ 13.026074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.026121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.026144] ? __kthread_parkme+0x82/0x180 [ 13.026166] ? preempt_count_sub+0x50/0x80 [ 13.026188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.026240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.026263] kthread+0x337/0x6f0 [ 13.026281] ? trace_preempt_on+0x20/0xc0 [ 13.026305] ? __pfx_kthread+0x10/0x10 [ 13.026325] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.026346] ? calculate_sigpending+0x7b/0xa0 [ 13.026370] ? __pfx_kthread+0x10/0x10 [ 13.026391] ret_from_fork+0x116/0x1d0 [ 13.026410] ? __pfx_kthread+0x10/0x10 [ 13.026429] ret_from_fork_asm+0x1a/0x30 [ 13.026463] </TASK> [ 13.026473] [ 13.039183] Allocated by task 228: [ 13.039367] kasan_save_stack+0x45/0x70 [ 13.039650] kasan_save_track+0x18/0x40 [ 13.040237] kasan_save_alloc_info+0x3b/0x50 [ 13.040550] __kasan_slab_alloc+0x91/0xa0 [ 13.040918] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.041113] kmem_cache_invalid_free+0x157/0x460 [ 13.041539] kunit_try_run_case+0x1a5/0x480 [ 13.041813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042320] kthread+0x337/0x6f0 [ 13.042457] ret_from_fork+0x116/0x1d0 [ 13.042729] ret_from_fork_asm+0x1a/0x30 [ 13.043352] [ 13.043670] The buggy address belongs to the object at ffff888102f4c000 [ 13.043670] which belongs to the cache test_cache of size 200 [ 13.044415] The buggy address is located 1 bytes inside of [ 13.044415] 200-byte region [ffff888102f4c000, ffff888102f4c0c8) [ 13.045455] [ 13.045731] The buggy address belongs to the physical page: [ 13.046435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f4c [ 13.047258] flags: 0x200000000000000(node=0|zone=2) [ 13.047610] page_type: f5(slab) [ 13.048095] raw: 0200000000000000 ffff888101a30500 dead000000000122 0000000000000000 [ 13.048527] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.049391] page dumped because: kasan: bad access detected [ 13.049992] [ 13.050089] Memory state around the buggy address: [ 13.050248] ffff888102f4bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.050461] ffff888102f4bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.051191] >ffff888102f4c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.052046] ^ [ 13.052571] ffff888102f4c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.053387] ffff888102f4c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.054299] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.988691] ================================================================== [ 12.989441] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.990621] Free of addr ffff888102f4b000 by task kunit_try_catch/226 [ 12.991262] [ 12.991463] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.991513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.991524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.991547] Call Trace: [ 12.991560] <TASK> [ 12.991587] dump_stack_lvl+0x73/0xb0 [ 12.991622] print_report+0xd1/0x610 [ 12.991646] ? __virt_addr_valid+0x1db/0x2d0 [ 12.991672] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.991695] ? kmem_cache_double_free+0x1e5/0x480 [ 12.991721] kasan_report_invalid_free+0x10a/0x130 [ 12.991746] ? kmem_cache_double_free+0x1e5/0x480 [ 12.991772] ? kmem_cache_double_free+0x1e5/0x480 [ 12.991796] check_slab_allocation+0x101/0x130 [ 12.992032] __kasan_slab_pre_free+0x28/0x40 [ 12.992069] kmem_cache_free+0xed/0x420 [ 12.992090] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.992110] ? kmem_cache_double_free+0x1e5/0x480 [ 12.992138] kmem_cache_double_free+0x1e5/0x480 [ 12.992162] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.992185] ? finish_task_switch.isra.0+0x153/0x700 [ 12.992209] ? __switch_to+0x47/0xf50 [ 12.992239] ? __pfx_read_tsc+0x10/0x10 [ 12.992260] ? ktime_get_ts64+0x86/0x230 [ 12.992285] kunit_try_run_case+0x1a5/0x480 [ 12.992312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.992358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.992381] ? __kthread_parkme+0x82/0x180 [ 12.992402] ? preempt_count_sub+0x50/0x80 [ 12.992425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.992494] kthread+0x337/0x6f0 [ 12.992513] ? trace_preempt_on+0x20/0xc0 [ 12.992537] ? __pfx_kthread+0x10/0x10 [ 12.992556] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992576] ? calculate_sigpending+0x7b/0xa0 [ 12.992601] ? __pfx_kthread+0x10/0x10 [ 12.992622] ret_from_fork+0x116/0x1d0 [ 12.992640] ? __pfx_kthread+0x10/0x10 [ 12.992659] ret_from_fork_asm+0x1a/0x30 [ 12.992692] </TASK> [ 12.992702] [ 13.002884] Allocated by task 226: [ 13.003164] kasan_save_stack+0x45/0x70 [ 13.003331] kasan_save_track+0x18/0x40 [ 13.003470] kasan_save_alloc_info+0x3b/0x50 [ 13.003717] __kasan_slab_alloc+0x91/0xa0 [ 13.004174] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.004409] kmem_cache_double_free+0x14f/0x480 [ 13.004698] kunit_try_run_case+0x1a5/0x480 [ 13.005039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.005228] kthread+0x337/0x6f0 [ 13.005346] ret_from_fork+0x116/0x1d0 [ 13.005537] ret_from_fork_asm+0x1a/0x30 [ 13.005960] [ 13.006112] Freed by task 226: [ 13.006317] kasan_save_stack+0x45/0x70 [ 13.006465] kasan_save_track+0x18/0x40 [ 13.006666] kasan_save_free_info+0x3f/0x60 [ 13.006848] __kasan_slab_free+0x56/0x70 [ 13.007186] kmem_cache_free+0x249/0x420 [ 13.007396] kmem_cache_double_free+0x16a/0x480 [ 13.007584] kunit_try_run_case+0x1a5/0x480 [ 13.007810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.008047] kthread+0x337/0x6f0 [ 13.008174] ret_from_fork+0x116/0x1d0 [ 13.008353] ret_from_fork_asm+0x1a/0x30 [ 13.008552] [ 13.008952] The buggy address belongs to the object at ffff888102f4b000 [ 13.008952] which belongs to the cache test_cache of size 200 [ 13.009567] The buggy address is located 0 bytes inside of [ 13.009567] 200-byte region [ffff888102f4b000, ffff888102f4b0c8) [ 13.009936] [ 13.010012] The buggy address belongs to the physical page: [ 13.010326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f4b [ 13.010804] flags: 0x200000000000000(node=0|zone=2) [ 13.011203] page_type: f5(slab) [ 13.011470] raw: 0200000000000000 ffff888101a303c0 dead000000000122 0000000000000000 [ 13.011777] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.012330] page dumped because: kasan: bad access detected [ 13.012552] [ 13.012656] Memory state around the buggy address: [ 13.012956] ffff888102f4af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.013363] ffff888102f4af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.013721] >ffff888102f4b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.014186] ^ [ 13.014360] ffff888102f4b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.014690] ffff888102f4b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.015158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.940728] ================================================================== [ 12.941891] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.943042] Read of size 1 at addr ffff8881026be0c8 by task kunit_try_catch/224 [ 12.944028] [ 12.944419] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.944639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.944654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.944717] Call Trace: [ 12.944731] <TASK> [ 12.944750] dump_stack_lvl+0x73/0xb0 [ 12.944784] print_report+0xd1/0x610 [ 12.944827] ? __virt_addr_valid+0x1db/0x2d0 [ 12.944852] ? kmem_cache_oob+0x402/0x530 [ 12.944874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.944896] ? kmem_cache_oob+0x402/0x530 [ 12.944918] kasan_report+0x141/0x180 [ 12.944939] ? kmem_cache_oob+0x402/0x530 [ 12.944966] __asan_report_load1_noabort+0x18/0x20 [ 12.944989] kmem_cache_oob+0x402/0x530 [ 12.945012] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.945033] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.945073] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.945100] kunit_try_run_case+0x1a5/0x480 [ 12.945125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.945146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.945170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.945192] ? __kthread_parkme+0x82/0x180 [ 12.945212] ? preempt_count_sub+0x50/0x80 [ 12.945235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.945258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.945281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.945304] kthread+0x337/0x6f0 [ 12.945321] ? trace_preempt_on+0x20/0xc0 [ 12.945344] ? __pfx_kthread+0x10/0x10 [ 12.945364] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.945384] ? calculate_sigpending+0x7b/0xa0 [ 12.945407] ? __pfx_kthread+0x10/0x10 [ 12.945427] ret_from_fork+0x116/0x1d0 [ 12.945446] ? __pfx_kthread+0x10/0x10 [ 12.945465] ret_from_fork_asm+0x1a/0x30 [ 12.945497] </TASK> [ 12.945507] [ 12.959208] Allocated by task 224: [ 12.959346] kasan_save_stack+0x45/0x70 [ 12.959497] kasan_save_track+0x18/0x40 [ 12.959633] kasan_save_alloc_info+0x3b/0x50 [ 12.959782] __kasan_slab_alloc+0x91/0xa0 [ 12.959921] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.960136] kmem_cache_oob+0x157/0x530 [ 12.960885] kunit_try_run_case+0x1a5/0x480 [ 12.961261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.961710] kthread+0x337/0x6f0 [ 12.962223] ret_from_fork+0x116/0x1d0 [ 12.962807] ret_from_fork_asm+0x1a/0x30 [ 12.963376] [ 12.963539] The buggy address belongs to the object at ffff8881026be000 [ 12.963539] which belongs to the cache test_cache of size 200 [ 12.964944] The buggy address is located 0 bytes to the right of [ 12.964944] allocated 200-byte region [ffff8881026be000, ffff8881026be0c8) [ 12.966445] [ 12.966663] The buggy address belongs to the physical page: [ 12.967307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026be [ 12.968114] flags: 0x200000000000000(node=0|zone=2) [ 12.968641] page_type: f5(slab) [ 12.969071] raw: 0200000000000000 ffff8881010b4640 dead000000000122 0000000000000000 [ 12.969770] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.970369] page dumped because: kasan: bad access detected [ 12.970774] [ 12.970962] Memory state around the buggy address: [ 12.971317] ffff8881026bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.971625] ffff8881026be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.972403] >ffff8881026be080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.972676] ^ [ 12.973295] ffff8881026be100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.974098] ffff8881026be180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.974378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.896648] ================================================================== [ 12.897242] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.897565] Read of size 8 at addr ffff8881026b6840 by task kunit_try_catch/217 [ 12.898311] [ 12.898513] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.898630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.898646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.898668] Call Trace: [ 12.898682] <TASK> [ 12.898758] dump_stack_lvl+0x73/0xb0 [ 12.898795] print_report+0xd1/0x610 [ 12.898872] ? __virt_addr_valid+0x1db/0x2d0 [ 12.898897] ? workqueue_uaf+0x4d6/0x560 [ 12.898917] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.898939] ? workqueue_uaf+0x4d6/0x560 [ 12.898960] kasan_report+0x141/0x180 [ 12.898981] ? workqueue_uaf+0x4d6/0x560 [ 12.899007] __asan_report_load8_noabort+0x18/0x20 [ 12.899031] workqueue_uaf+0x4d6/0x560 [ 12.899067] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.899088] ? __schedule+0x10cc/0x2b60 [ 12.899111] ? __pfx_read_tsc+0x10/0x10 [ 12.899132] ? ktime_get_ts64+0x86/0x230 [ 12.899158] kunit_try_run_case+0x1a5/0x480 [ 12.899184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.899229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.899252] ? __kthread_parkme+0x82/0x180 [ 12.899272] ? preempt_count_sub+0x50/0x80 [ 12.899297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.899343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.899365] kthread+0x337/0x6f0 [ 12.899384] ? trace_preempt_on+0x20/0xc0 [ 12.899407] ? __pfx_kthread+0x10/0x10 [ 12.899426] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.899447] ? calculate_sigpending+0x7b/0xa0 [ 12.899471] ? __pfx_kthread+0x10/0x10 [ 12.899491] ret_from_fork+0x116/0x1d0 [ 12.899510] ? __pfx_kthread+0x10/0x10 [ 12.899529] ret_from_fork_asm+0x1a/0x30 [ 12.899563] </TASK> [ 12.899573] [ 12.909613] Allocated by task 217: [ 12.909982] kasan_save_stack+0x45/0x70 [ 12.910219] kasan_save_track+0x18/0x40 [ 12.910400] kasan_save_alloc_info+0x3b/0x50 [ 12.910600] __kasan_kmalloc+0xb7/0xc0 [ 12.911006] __kmalloc_cache_noprof+0x189/0x420 [ 12.911315] workqueue_uaf+0x152/0x560 [ 12.911559] kunit_try_run_case+0x1a5/0x480 [ 12.911777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912211] kthread+0x337/0x6f0 [ 12.912388] ret_from_fork+0x116/0x1d0 [ 12.912545] ret_from_fork_asm+0x1a/0x30 [ 12.912755] [ 12.912853] Freed by task 72: [ 12.913000] kasan_save_stack+0x45/0x70 [ 12.913183] kasan_save_track+0x18/0x40 [ 12.913377] kasan_save_free_info+0x3f/0x60 [ 12.913574] __kasan_slab_free+0x56/0x70 [ 12.914423] kfree+0x222/0x3f0 [ 12.914552] workqueue_uaf_work+0x12/0x20 [ 12.915002] process_one_work+0x5ee/0xf60 [ 12.915291] worker_thread+0x758/0x1220 [ 12.915544] kthread+0x337/0x6f0 [ 12.915752] ret_from_fork+0x116/0x1d0 [ 12.916001] ret_from_fork_asm+0x1a/0x30 [ 12.916378] [ 12.916457] Last potentially related work creation: [ 12.916681] kasan_save_stack+0x45/0x70 [ 12.917018] kasan_record_aux_stack+0xb2/0xc0 [ 12.917250] __queue_work+0x626/0xeb0 [ 12.917420] queue_work_on+0xb6/0xc0 [ 12.917589] workqueue_uaf+0x26d/0x560 [ 12.918071] kunit_try_run_case+0x1a5/0x480 [ 12.918261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.918686] kthread+0x337/0x6f0 [ 12.918920] ret_from_fork+0x116/0x1d0 [ 12.919088] ret_from_fork_asm+0x1a/0x30 [ 12.919291] [ 12.919510] The buggy address belongs to the object at ffff8881026b6840 [ 12.919510] which belongs to the cache kmalloc-32 of size 32 [ 12.920284] The buggy address is located 0 bytes inside of [ 12.920284] freed 32-byte region [ffff8881026b6840, ffff8881026b6860) [ 12.921122] [ 12.921224] The buggy address belongs to the physical page: [ 12.921441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b6 [ 12.922091] flags: 0x200000000000000(node=0|zone=2) [ 12.922339] page_type: f5(slab) [ 12.922496] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.923076] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.923465] page dumped because: kasan: bad access detected [ 12.923760] [ 12.923981] Memory state around the buggy address: [ 12.924307] ffff8881026b6700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.924696] ffff8881026b6780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.925407] >ffff8881026b6800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.925735] ^ [ 12.926127] ffff8881026b6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.926463] ffff8881026b6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.926988] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.854028] ================================================================== [ 12.854494] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.854845] Read of size 4 at addr ffff888102f45600 by task swapper/0/0 [ 12.855124] [ 12.855242] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.855297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.855308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.855330] Call Trace: [ 12.855359] <IRQ> [ 12.855389] dump_stack_lvl+0x73/0xb0 [ 12.855420] print_report+0xd1/0x610 [ 12.855442] ? __virt_addr_valid+0x1db/0x2d0 [ 12.855465] ? rcu_uaf_reclaim+0x50/0x60 [ 12.855484] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.855507] ? rcu_uaf_reclaim+0x50/0x60 [ 12.855527] kasan_report+0x141/0x180 [ 12.855548] ? rcu_uaf_reclaim+0x50/0x60 [ 12.855583] __asan_report_load4_noabort+0x18/0x20 [ 12.855618] rcu_uaf_reclaim+0x50/0x60 [ 12.855639] rcu_core+0x66f/0x1c40 [ 12.855679] ? __pfx_rcu_core+0x10/0x10 [ 12.855700] ? ktime_get+0x6b/0x150 [ 12.855721] ? handle_softirqs+0x18e/0x730 [ 12.855746] rcu_core_si+0x12/0x20 [ 12.855765] handle_softirqs+0x209/0x730 [ 12.855784] ? hrtimer_interrupt+0x2fe/0x780 [ 12.855807] ? __pfx_handle_softirqs+0x10/0x10 [ 12.855832] __irq_exit_rcu+0xc9/0x110 [ 12.855861] irq_exit_rcu+0x12/0x20 [ 12.855880] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.855905] </IRQ> [ 12.855947] <TASK> [ 12.855958] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.856065] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.856285] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.856366] RSP: 0000:ffffffff9d007dd8 EFLAGS: 00010206 [ 12.856450] RAX: ffff8881bcc72000 RBX: ffffffff9d01cac0 RCX: ffffffff9be76125 [ 12.856495] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000012bc4 [ 12.856537] RBP: ffffffff9d007de0 R08: 0000000000000001 R09: ffffed102b60618a [ 12.856578] R10: ffff88815b030c53 R11: ffffffff9e3c36c0 R12: 0000000000000000 [ 12.856634] R13: fffffbfff3a03958 R14: ffffffff9dbb1490 R15: 0000000000000000 [ 12.856692] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.856747] ? default_idle+0xd/0x20 [ 12.856769] arch_cpu_idle+0xd/0x20 [ 12.856790] default_idle_call+0x48/0x80 [ 12.856808] do_idle+0x379/0x4f0 [ 12.856834] ? __pfx_do_idle+0x10/0x10 [ 12.856862] cpu_startup_entry+0x5c/0x70 [ 12.856882] rest_init+0x11a/0x140 [ 12.856899] ? acpi_subsystem_init+0x5d/0x150 [ 12.856924] start_kernel+0x330/0x410 [ 12.856949] x86_64_start_reservations+0x1c/0x30 [ 12.856974] x86_64_start_kernel+0x10d/0x120 [ 12.856997] common_startup_64+0x13e/0x148 [ 12.857031] </TASK> [ 12.857041] [ 12.870654] Allocated by task 215: [ 12.870805] kasan_save_stack+0x45/0x70 [ 12.871164] kasan_save_track+0x18/0x40 [ 12.871425] kasan_save_alloc_info+0x3b/0x50 [ 12.871587] __kasan_kmalloc+0xb7/0xc0 [ 12.871909] __kmalloc_cache_noprof+0x189/0x420 [ 12.872140] rcu_uaf+0xb0/0x330 [ 12.872289] kunit_try_run_case+0x1a5/0x480 [ 12.872482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.872914] kthread+0x337/0x6f0 [ 12.873090] ret_from_fork+0x116/0x1d0 [ 12.873342] ret_from_fork_asm+0x1a/0x30 [ 12.873626] [ 12.873738] Freed by task 0: [ 12.873868] kasan_save_stack+0x45/0x70 [ 12.874204] kasan_save_track+0x18/0x40 [ 12.874395] kasan_save_free_info+0x3f/0x60 [ 12.874581] __kasan_slab_free+0x56/0x70 [ 12.874859] kfree+0x222/0x3f0 [ 12.875015] rcu_uaf_reclaim+0x1f/0x60 [ 12.875199] rcu_core+0x66f/0x1c40 [ 12.875363] rcu_core_si+0x12/0x20 [ 12.875517] handle_softirqs+0x209/0x730 [ 12.876026] __irq_exit_rcu+0xc9/0x110 [ 12.876221] irq_exit_rcu+0x12/0x20 [ 12.876351] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.876695] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.877032] [ 12.877168] Last potentially related work creation: [ 12.877508] kasan_save_stack+0x45/0x70 [ 12.877759] kasan_record_aux_stack+0xb2/0xc0 [ 12.878083] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.878332] call_rcu+0x12/0x20 [ 12.878595] rcu_uaf+0x168/0x330 [ 12.878836] kunit_try_run_case+0x1a5/0x480 [ 12.879176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.879493] kthread+0x337/0x6f0 [ 12.879686] ret_from_fork+0x116/0x1d0 [ 12.879846] ret_from_fork_asm+0x1a/0x30 [ 12.880033] [ 12.880155] The buggy address belongs to the object at ffff888102f45600 [ 12.880155] which belongs to the cache kmalloc-32 of size 32 [ 12.880966] The buggy address is located 0 bytes inside of [ 12.880966] freed 32-byte region [ffff888102f45600, ffff888102f45620) [ 12.881439] [ 12.881666] The buggy address belongs to the physical page: [ 12.881872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f45 [ 12.882369] flags: 0x200000000000000(node=0|zone=2) [ 12.882719] page_type: f5(slab) [ 12.882869] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.883353] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.883687] page dumped because: kasan: bad access detected [ 12.883983] [ 12.884097] Memory state around the buggy address: [ 12.884295] ffff888102f45500: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.884597] ffff888102f45580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.885140] >ffff888102f45600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.885485] ^ [ 12.885674] ffff888102f45680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.886227] ffff888102f45700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.886662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.731338] ================================================================== [ 11.731997] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.732470] Write of size 1 at addr ffff888102b2e00a by task kunit_try_catch/163 [ 11.732729] [ 11.732871] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.732918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.732928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.732950] Call Trace: [ 11.732962] <TASK> [ 11.732979] dump_stack_lvl+0x73/0xb0 [ 11.733008] print_report+0xd1/0x610 [ 11.733030] ? __virt_addr_valid+0x1db/0x2d0 [ 11.733066] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.733088] ? kasan_addr_to_slab+0x11/0xa0 [ 11.733108] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.733130] kasan_report+0x141/0x180 [ 11.733151] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.733179] __asan_report_store1_noabort+0x1b/0x30 [ 11.733203] kmalloc_large_oob_right+0x2e9/0x330 [ 11.733225] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.733247] ? __schedule+0x10cc/0x2b60 [ 11.733270] ? __pfx_read_tsc+0x10/0x10 [ 11.733290] ? ktime_get_ts64+0x86/0x230 [ 11.733315] kunit_try_run_case+0x1a5/0x480 [ 11.733339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.733360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.733384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.733406] ? __kthread_parkme+0x82/0x180 [ 11.733427] ? preempt_count_sub+0x50/0x80 [ 11.733451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.733474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.733497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.733520] kthread+0x337/0x6f0 [ 11.733538] ? trace_preempt_on+0x20/0xc0 [ 11.733561] ? __pfx_kthread+0x10/0x10 [ 11.733580] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.733601] ? calculate_sigpending+0x7b/0xa0 [ 11.733624] ? __pfx_kthread+0x10/0x10 [ 11.733645] ret_from_fork+0x116/0x1d0 [ 11.733673] ? __pfx_kthread+0x10/0x10 [ 11.733693] ret_from_fork_asm+0x1a/0x30 [ 11.733726] </TASK> [ 11.733736] [ 11.741273] The buggy address belongs to the physical page: [ 11.741520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2c [ 11.741969] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.742338] flags: 0x200000000000040(head|node=0|zone=2) [ 11.742595] page_type: f8(unknown) [ 11.742762] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.743316] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.743666] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.743902] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.744891] head: 0200000000000002 ffffea00040acb01 00000000ffffffff 00000000ffffffff [ 11.745313] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.745921] page dumped because: kasan: bad access detected [ 11.746325] [ 11.746403] Memory state around the buggy address: [ 11.746565] ffff888102b2df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.747316] ffff888102b2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.747640] >ffff888102b2e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.747867] ^ [ 11.748083] ffff888102b2e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.748361] ffff888102b2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.748643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.697349] ================================================================== [ 11.697786] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.698036] Write of size 1 at addr ffff8881039f9f00 by task kunit_try_catch/161 [ 11.698766] [ 11.698875] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.699230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.699244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.699267] Call Trace: [ 11.699281] <TASK> [ 11.699299] dump_stack_lvl+0x73/0xb0 [ 11.699342] print_report+0xd1/0x610 [ 11.699364] ? __virt_addr_valid+0x1db/0x2d0 [ 11.699388] ? kmalloc_big_oob_right+0x316/0x370 [ 11.699409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.699431] ? kmalloc_big_oob_right+0x316/0x370 [ 11.699453] kasan_report+0x141/0x180 [ 11.699474] ? kmalloc_big_oob_right+0x316/0x370 [ 11.699502] __asan_report_store1_noabort+0x1b/0x30 [ 11.699525] kmalloc_big_oob_right+0x316/0x370 [ 11.699547] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.699570] ? __schedule+0x10cc/0x2b60 [ 11.699626] ? __pfx_read_tsc+0x10/0x10 [ 11.699648] ? ktime_get_ts64+0x86/0x230 [ 11.699674] kunit_try_run_case+0x1a5/0x480 [ 11.699700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.699721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.699746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.699768] ? __kthread_parkme+0x82/0x180 [ 11.699789] ? preempt_count_sub+0x50/0x80 [ 11.699836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.699859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.699882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.699905] kthread+0x337/0x6f0 [ 11.699923] ? trace_preempt_on+0x20/0xc0 [ 11.699947] ? __pfx_kthread+0x10/0x10 [ 11.699967] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.699988] ? calculate_sigpending+0x7b/0xa0 [ 11.700012] ? __pfx_kthread+0x10/0x10 [ 11.700033] ret_from_fork+0x116/0x1d0 [ 11.700061] ? __pfx_kthread+0x10/0x10 [ 11.700081] ret_from_fork_asm+0x1a/0x30 [ 11.700114] </TASK> [ 11.700124] [ 11.712580] Allocated by task 161: [ 11.713018] kasan_save_stack+0x45/0x70 [ 11.713406] kasan_save_track+0x18/0x40 [ 11.713781] kasan_save_alloc_info+0x3b/0x50 [ 11.714228] __kasan_kmalloc+0xb7/0xc0 [ 11.714656] __kmalloc_cache_noprof+0x189/0x420 [ 11.715148] kmalloc_big_oob_right+0xa9/0x370 [ 11.715542] kunit_try_run_case+0x1a5/0x480 [ 11.716155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.716653] kthread+0x337/0x6f0 [ 11.716934] ret_from_fork+0x116/0x1d0 [ 11.717291] ret_from_fork_asm+0x1a/0x30 [ 11.717612] [ 11.717769] The buggy address belongs to the object at ffff8881039f8000 [ 11.717769] which belongs to the cache kmalloc-8k of size 8192 [ 11.718490] The buggy address is located 0 bytes to the right of [ 11.718490] allocated 7936-byte region [ffff8881039f8000, ffff8881039f9f00) [ 11.719372] [ 11.719533] The buggy address belongs to the physical page: [ 11.720243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 11.721035] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.721287] flags: 0x200000000000040(head|node=0|zone=2) [ 11.721469] page_type: f5(slab) [ 11.721591] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.721875] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.722274] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.722603] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.722913] head: 0200000000000003 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 11.723303] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.723600] page dumped because: kasan: bad access detected [ 11.723795] [ 11.723899] Memory state around the buggy address: [ 11.724139] ffff8881039f9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.724411] ffff8881039f9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.724896] >ffff8881039f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.725334] ^ [ 11.725477] ffff8881039f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.725755] ffff8881039fa000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.726144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.643468] ================================================================== [ 11.644440] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.645032] Write of size 1 at addr ffff888102f33e78 by task kunit_try_catch/159 [ 11.645676] [ 11.645899] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.645947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.645958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.645980] Call Trace: [ 11.645993] <TASK> [ 11.646010] dump_stack_lvl+0x73/0xb0 [ 11.646041] print_report+0xd1/0x610 [ 11.646073] ? __virt_addr_valid+0x1db/0x2d0 [ 11.646097] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.646121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.646143] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.646168] kasan_report+0x141/0x180 [ 11.646189] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.646224] __asan_report_store1_noabort+0x1b/0x30 [ 11.646248] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.646274] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.646301] ? __schedule+0x10cc/0x2b60 [ 11.646325] ? __pfx_read_tsc+0x10/0x10 [ 11.646345] ? ktime_get_ts64+0x86/0x230 [ 11.646371] kunit_try_run_case+0x1a5/0x480 [ 11.646396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.646417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.646441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.646464] ? __kthread_parkme+0x82/0x180 [ 11.646485] ? preempt_count_sub+0x50/0x80 [ 11.646509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.646532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.646555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.646578] kthread+0x337/0x6f0 [ 11.646603] ? trace_preempt_on+0x20/0xc0 [ 11.646627] ? __pfx_kthread+0x10/0x10 [ 11.646647] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.646667] ? calculate_sigpending+0x7b/0xa0 [ 11.646691] ? __pfx_kthread+0x10/0x10 [ 11.646711] ret_from_fork+0x116/0x1d0 [ 11.646729] ? __pfx_kthread+0x10/0x10 [ 11.646748] ret_from_fork_asm+0x1a/0x30 [ 11.646780] </TASK> [ 11.646790] [ 11.656764] Allocated by task 159: [ 11.656934] kasan_save_stack+0x45/0x70 [ 11.657167] kasan_save_track+0x18/0x40 [ 11.657351] kasan_save_alloc_info+0x3b/0x50 [ 11.657574] __kasan_kmalloc+0xb7/0xc0 [ 11.658448] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.658802] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.659552] kunit_try_run_case+0x1a5/0x480 [ 11.659739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.660040] kthread+0x337/0x6f0 [ 11.660304] ret_from_fork+0x116/0x1d0 [ 11.660440] ret_from_fork_asm+0x1a/0x30 [ 11.660638] [ 11.661164] The buggy address belongs to the object at ffff888102f33e00 [ 11.661164] which belongs to the cache kmalloc-128 of size 128 [ 11.661755] The buggy address is located 0 bytes to the right of [ 11.661755] allocated 120-byte region [ffff888102f33e00, ffff888102f33e78) [ 11.662347] [ 11.662874] The buggy address belongs to the physical page: [ 11.663164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f33 [ 11.663577] flags: 0x200000000000000(node=0|zone=2) [ 11.664010] page_type: f5(slab) [ 11.664351] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.664688] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.665252] page dumped because: kasan: bad access detected [ 11.665784] [ 11.665887] Memory state around the buggy address: [ 11.666388] ffff888102f33d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.667164] ffff888102f33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.667380] >ffff888102f33e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.667586] ^ [ 11.668118] ffff888102f33e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.668490] ffff888102f33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.669029] ================================================================== [ 11.669990] ================================================================== [ 11.670449] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.670931] Write of size 1 at addr ffff888102f33f78 by task kunit_try_catch/159 [ 11.671340] [ 11.671651] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.671795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.671809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.671831] Call Trace: [ 11.671842] <TASK> [ 11.671859] dump_stack_lvl+0x73/0xb0 [ 11.671888] print_report+0xd1/0x610 [ 11.671911] ? __virt_addr_valid+0x1db/0x2d0 [ 11.671933] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.671957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.671979] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.672004] kasan_report+0x141/0x180 [ 11.672025] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.672065] __asan_report_store1_noabort+0x1b/0x30 [ 11.672090] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.672114] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.672140] ? __schedule+0x10cc/0x2b60 [ 11.672162] ? __pfx_read_tsc+0x10/0x10 [ 11.672182] ? ktime_get_ts64+0x86/0x230 [ 11.672206] kunit_try_run_case+0x1a5/0x480 [ 11.672230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672252] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.672275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.672298] ? __kthread_parkme+0x82/0x180 [ 11.672318] ? preempt_count_sub+0x50/0x80 [ 11.672342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.672388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.672410] kthread+0x337/0x6f0 [ 11.672429] ? trace_preempt_on+0x20/0xc0 [ 11.672452] ? __pfx_kthread+0x10/0x10 [ 11.672471] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.672491] ? calculate_sigpending+0x7b/0xa0 [ 11.672515] ? __pfx_kthread+0x10/0x10 [ 11.672535] ret_from_fork+0x116/0x1d0 [ 11.672552] ? __pfx_kthread+0x10/0x10 [ 11.672571] ret_from_fork_asm+0x1a/0x30 [ 11.672603] </TASK> [ 11.672612] [ 11.682871] Allocated by task 159: [ 11.683249] kasan_save_stack+0x45/0x70 [ 11.683430] kasan_save_track+0x18/0x40 [ 11.683871] kasan_save_alloc_info+0x3b/0x50 [ 11.684083] __kasan_kmalloc+0xb7/0xc0 [ 11.684327] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.684673] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.685067] kunit_try_run_case+0x1a5/0x480 [ 11.685249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.685473] kthread+0x337/0x6f0 [ 11.685754] ret_from_fork+0x116/0x1d0 [ 11.686156] ret_from_fork_asm+0x1a/0x30 [ 11.686337] [ 11.686529] The buggy address belongs to the object at ffff888102f33f00 [ 11.686529] which belongs to the cache kmalloc-128 of size 128 [ 11.687316] The buggy address is located 0 bytes to the right of [ 11.687316] allocated 120-byte region [ffff888102f33f00, ffff888102f33f78) [ 11.687905] [ 11.688025] The buggy address belongs to the physical page: [ 11.688489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f33 [ 11.689066] flags: 0x200000000000000(node=0|zone=2) [ 11.689279] page_type: f5(slab) [ 11.689526] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.690063] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.690466] page dumped because: kasan: bad access detected [ 11.690705] [ 11.690966] Memory state around the buggy address: [ 11.691401] ffff888102f33e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.691701] ffff888102f33e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.692318] >ffff888102f33f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.692697] ^ [ 11.692996] ffff888102f33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.693477] ffff888102f34000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.693756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.607296] ================================================================== [ 11.608188] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.608926] Read of size 1 at addr ffff888102af7000 by task kunit_try_catch/157 [ 11.609349] [ 11.609455] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.609503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.609515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.609537] Call Trace: [ 11.609550] <TASK> [ 11.609568] dump_stack_lvl+0x73/0xb0 [ 11.609599] print_report+0xd1/0x610 [ 11.609621] ? __virt_addr_valid+0x1db/0x2d0 [ 11.609645] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.609668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.609690] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.609713] kasan_report+0x141/0x180 [ 11.609735] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.609763] __asan_report_load1_noabort+0x18/0x20 [ 11.609786] kmalloc_node_oob_right+0x369/0x3c0 [ 11.609821] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.609845] ? __schedule+0x10cc/0x2b60 [ 11.609867] ? __pfx_read_tsc+0x10/0x10 [ 11.609888] ? ktime_get_ts64+0x86/0x230 [ 11.609914] kunit_try_run_case+0x1a5/0x480 [ 11.609940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.609961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.609985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.610008] ? __kthread_parkme+0x82/0x180 [ 11.610028] ? preempt_count_sub+0x50/0x80 [ 11.610065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.610088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.610111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.610134] kthread+0x337/0x6f0 [ 11.610152] ? trace_preempt_on+0x20/0xc0 [ 11.610176] ? __pfx_kthread+0x10/0x10 [ 11.610195] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.610221] ? calculate_sigpending+0x7b/0xa0 [ 11.610246] ? __pfx_kthread+0x10/0x10 [ 11.610266] ret_from_fork+0x116/0x1d0 [ 11.610284] ? __pfx_kthread+0x10/0x10 [ 11.610304] ret_from_fork_asm+0x1a/0x30 [ 11.610337] </TASK> [ 11.610347] [ 11.623617] Allocated by task 157: [ 11.623756] kasan_save_stack+0x45/0x70 [ 11.623907] kasan_save_track+0x18/0x40 [ 11.624074] kasan_save_alloc_info+0x3b/0x50 [ 11.624229] __kasan_kmalloc+0xb7/0xc0 [ 11.624363] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.624540] kmalloc_node_oob_right+0xab/0x3c0 [ 11.625005] kunit_try_run_case+0x1a5/0x480 [ 11.625378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.625895] kthread+0x337/0x6f0 [ 11.626258] ret_from_fork+0x116/0x1d0 [ 11.626588] ret_from_fork_asm+0x1a/0x30 [ 11.626970] [ 11.627275] The buggy address belongs to the object at ffff888102af6000 [ 11.627275] which belongs to the cache kmalloc-4k of size 4096 [ 11.628578] The buggy address is located 0 bytes to the right of [ 11.628578] allocated 4096-byte region [ffff888102af6000, ffff888102af7000) [ 11.629621] [ 11.629836] The buggy address belongs to the physical page: [ 11.630444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af0 [ 11.630937] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.631663] flags: 0x200000000000040(head|node=0|zone=2) [ 11.632346] page_type: f5(slab) [ 11.632687] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.633173] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.633444] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.633718] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.633981] head: 0200000000000003 ffffea00040abc01 00000000ffffffff 00000000ffffffff [ 11.634520] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.635316] page dumped because: kasan: bad access detected [ 11.635947] [ 11.636151] Memory state around the buggy address: [ 11.636714] ffff888102af6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.636989] ffff888102af6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.637433] >ffff888102af7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.638109] ^ [ 11.638236] ffff888102af7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.638750] ffff888102af7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.639543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.564366] ================================================================== [ 11.565304] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.566019] Read of size 1 at addr ffff8881025ee2df by task kunit_try_catch/155 [ 11.566693] [ 11.566869] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.566934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.566945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.566969] Call Trace: [ 11.566982] <TASK> [ 11.567003] dump_stack_lvl+0x73/0xb0 [ 11.567037] print_report+0xd1/0x610 [ 11.567070] ? __virt_addr_valid+0x1db/0x2d0 [ 11.567094] ? kmalloc_oob_left+0x361/0x3c0 [ 11.567114] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.567167] ? kmalloc_oob_left+0x361/0x3c0 [ 11.567189] kasan_report+0x141/0x180 [ 11.567210] ? kmalloc_oob_left+0x361/0x3c0 [ 11.567246] __asan_report_load1_noabort+0x18/0x20 [ 11.567270] kmalloc_oob_left+0x361/0x3c0 [ 11.567291] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.567313] ? __schedule+0x10cc/0x2b60 [ 11.567336] ? __pfx_read_tsc+0x10/0x10 [ 11.567357] ? ktime_get_ts64+0x86/0x230 [ 11.567383] kunit_try_run_case+0x1a5/0x480 [ 11.567410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.567432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.567460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.567483] ? __kthread_parkme+0x82/0x180 [ 11.567504] ? preempt_count_sub+0x50/0x80 [ 11.567529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.567552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.567574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.567608] kthread+0x337/0x6f0 [ 11.567626] ? trace_preempt_on+0x20/0xc0 [ 11.567650] ? __pfx_kthread+0x10/0x10 [ 11.567669] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.567690] ? calculate_sigpending+0x7b/0xa0 [ 11.567715] ? __pfx_kthread+0x10/0x10 [ 11.567736] ret_from_fork+0x116/0x1d0 [ 11.567754] ? __pfx_kthread+0x10/0x10 [ 11.567773] ret_from_fork_asm+0x1a/0x30 [ 11.567805] </TASK> [ 11.567816] [ 11.581338] Allocated by task 1: [ 11.581483] kasan_save_stack+0x45/0x70 [ 11.581721] kasan_save_track+0x18/0x40 [ 11.582164] kasan_save_alloc_info+0x3b/0x50 [ 11.582566] __kasan_kmalloc+0xb7/0xc0 [ 11.582965] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.583563] kvasprintf+0xc5/0x150 [ 11.583963] __kthread_create_on_node+0x18b/0x3a0 [ 11.584344] kthread_create_on_node+0xab/0xe0 [ 11.584765] cryptomgr_notify+0x704/0x9f0 [ 11.585135] notifier_call_chain+0xcb/0x250 [ 11.585355] blocking_notifier_call_chain+0x64/0x90 [ 11.585517] crypto_alg_mod_lookup+0x21f/0x440 [ 11.585667] crypto_alloc_tfm_node+0xc5/0x1f0 [ 11.585812] crypto_alloc_sig+0x23/0x30 [ 11.585948] public_key_verify_signature+0x208/0x9f0 [ 11.586241] x509_check_for_self_signed+0x2cb/0x480 [ 11.586806] x509_cert_parse+0x59c/0x830 [ 11.587174] x509_key_preparse+0x68/0x8a0 [ 11.587522] asymmetric_key_preparse+0xb1/0x160 [ 11.587906] __key_create_or_update+0x43d/0xcc0 [ 11.588326] key_create_or_update+0x17/0x20 [ 11.588750] x509_load_certificate_list+0x174/0x200 [ 11.589522] regulatory_init_db+0xee/0x3a0 [ 11.589951] do_one_initcall+0xd8/0x370 [ 11.590346] kernel_init_freeable+0x420/0x6f0 [ 11.592428] kernel_init+0x23/0x1e0 [ 11.592777] ret_from_fork+0x116/0x1d0 [ 11.593087] ret_from_fork_asm+0x1a/0x30 [ 11.593259] [ 11.593354] The buggy address belongs to the object at ffff8881025ee2c0 [ 11.593354] which belongs to the cache kmalloc-16 of size 16 [ 11.595172] The buggy address is located 15 bytes to the right of [ 11.595172] allocated 16-byte region [ffff8881025ee2c0, ffff8881025ee2d0) [ 11.596463] [ 11.596631] The buggy address belongs to the physical page: [ 11.597225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ee [ 11.597729] flags: 0x200000000000000(node=0|zone=2) [ 11.598150] page_type: f5(slab) [ 11.598456] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.598791] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.599450] page dumped because: kasan: bad access detected [ 11.600087] [ 11.600250] Memory state around the buggy address: [ 11.600409] ffff8881025ee180: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 11.600693] ffff8881025ee200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.601386] >ffff8881025ee280: fa fb fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 11.602072] ^ [ 11.602586] ffff8881025ee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602855] ffff8881025ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603496] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.484976] ================================================================== [ 11.485712] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.486433] Write of size 1 at addr ffff888102f33d73 by task kunit_try_catch/153 [ 11.486986] [ 11.488280] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.488653] Tainted: [N]=TEST [ 11.488685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.488897] Call Trace: [ 11.488965] <TASK> [ 11.489125] dump_stack_lvl+0x73/0xb0 [ 11.489213] print_report+0xd1/0x610 [ 11.489242] ? __virt_addr_valid+0x1db/0x2d0 [ 11.489267] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.489288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.489310] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.489332] kasan_report+0x141/0x180 [ 11.489353] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.489380] __asan_report_store1_noabort+0x1b/0x30 [ 11.489404] kmalloc_oob_right+0x6f0/0x7f0 [ 11.489425] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.489447] ? __schedule+0x10cc/0x2b60 [ 11.489469] ? __pfx_read_tsc+0x10/0x10 [ 11.489491] ? ktime_get_ts64+0x86/0x230 [ 11.489517] kunit_try_run_case+0x1a5/0x480 [ 11.489543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.489607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.489631] ? __kthread_parkme+0x82/0x180 [ 11.489653] ? preempt_count_sub+0x50/0x80 [ 11.489677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.489723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.489746] kthread+0x337/0x6f0 [ 11.489765] ? trace_preempt_on+0x20/0xc0 [ 11.489788] ? __pfx_kthread+0x10/0x10 [ 11.489808] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.489828] ? calculate_sigpending+0x7b/0xa0 [ 11.489853] ? __pfx_kthread+0x10/0x10 [ 11.489874] ret_from_fork+0x116/0x1d0 [ 11.489892] ? __pfx_kthread+0x10/0x10 [ 11.489911] ret_from_fork_asm+0x1a/0x30 [ 11.489968] </TASK> [ 11.490032] [ 11.499304] Allocated by task 153: [ 11.499972] kasan_save_stack+0x45/0x70 [ 11.500388] kasan_save_track+0x18/0x40 [ 11.500892] kasan_save_alloc_info+0x3b/0x50 [ 11.501385] __kasan_kmalloc+0xb7/0xc0 [ 11.501861] __kmalloc_cache_noprof+0x189/0x420 [ 11.502176] kmalloc_oob_right+0xa9/0x7f0 [ 11.502328] kunit_try_run_case+0x1a5/0x480 [ 11.502475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.502664] kthread+0x337/0x6f0 [ 11.503099] ret_from_fork+0x116/0x1d0 [ 11.503297] ret_from_fork_asm+0x1a/0x30 [ 11.503536] [ 11.503703] The buggy address belongs to the object at ffff888102f33d00 [ 11.503703] which belongs to the cache kmalloc-128 of size 128 [ 11.504424] The buggy address is located 0 bytes to the right of [ 11.504424] allocated 115-byte region [ffff888102f33d00, ffff888102f33d73) [ 11.505310] [ 11.505629] The buggy address belongs to the physical page: [ 11.506260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f33 [ 11.507016] flags: 0x200000000000000(node=0|zone=2) [ 11.507642] page_type: f5(slab) [ 11.508366] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.508743] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.509157] page dumped because: kasan: bad access detected [ 11.509388] [ 11.509495] Memory state around the buggy address: [ 11.510353] ffff888102f33c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.510699] ffff888102f33c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.511171] >ffff888102f33d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.511638] ^ [ 11.512076] ffff888102f33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.512489] ffff888102f33e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.512950] ================================================================== [ 11.514814] ================================================================== [ 11.515241] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.515657] Write of size 1 at addr ffff888102f33d78 by task kunit_try_catch/153 [ 11.516152] [ 11.516412] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.516460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.516473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.516494] Call Trace: [ 11.516507] <TASK> [ 11.516615] dump_stack_lvl+0x73/0xb0 [ 11.516651] print_report+0xd1/0x610 [ 11.516672] ? __virt_addr_valid+0x1db/0x2d0 [ 11.516694] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.516716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.516738] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.516759] kasan_report+0x141/0x180 [ 11.516780] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.516807] __asan_report_store1_noabort+0x1b/0x30 [ 11.516831] kmalloc_oob_right+0x6bd/0x7f0 [ 11.516852] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.516874] ? __schedule+0x10cc/0x2b60 [ 11.516896] ? __pfx_read_tsc+0x10/0x10 [ 11.516916] ? ktime_get_ts64+0x86/0x230 [ 11.516940] kunit_try_run_case+0x1a5/0x480 [ 11.516964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.516985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.517009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.517032] ? __kthread_parkme+0x82/0x180 [ 11.517067] ? preempt_count_sub+0x50/0x80 [ 11.517091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.517114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.517137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.517160] kthread+0x337/0x6f0 [ 11.517178] ? trace_preempt_on+0x20/0xc0 [ 11.517201] ? __pfx_kthread+0x10/0x10 [ 11.517220] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.517241] ? calculate_sigpending+0x7b/0xa0 [ 11.517265] ? __pfx_kthread+0x10/0x10 [ 11.517285] ret_from_fork+0x116/0x1d0 [ 11.517303] ? __pfx_kthread+0x10/0x10 [ 11.517322] ret_from_fork_asm+0x1a/0x30 [ 11.517354] </TASK> [ 11.517364] [ 11.526480] Allocated by task 153: [ 11.526635] kasan_save_stack+0x45/0x70 [ 11.527251] kasan_save_track+0x18/0x40 [ 11.527407] kasan_save_alloc_info+0x3b/0x50 [ 11.527765] __kasan_kmalloc+0xb7/0xc0 [ 11.528037] __kmalloc_cache_noprof+0x189/0x420 [ 11.528369] kmalloc_oob_right+0xa9/0x7f0 [ 11.528711] kunit_try_run_case+0x1a5/0x480 [ 11.528938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.529282] kthread+0x337/0x6f0 [ 11.529554] ret_from_fork+0x116/0x1d0 [ 11.529716] ret_from_fork_asm+0x1a/0x30 [ 11.530064] [ 11.530262] The buggy address belongs to the object at ffff888102f33d00 [ 11.530262] which belongs to the cache kmalloc-128 of size 128 [ 11.531032] The buggy address is located 5 bytes to the right of [ 11.531032] allocated 115-byte region [ffff888102f33d00, ffff888102f33d73) [ 11.531566] [ 11.531827] The buggy address belongs to the physical page: [ 11.532165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f33 [ 11.532508] flags: 0x200000000000000(node=0|zone=2) [ 11.533033] page_type: f5(slab) [ 11.533226] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.533634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.534075] page dumped because: kasan: bad access detected [ 11.534403] [ 11.534504] Memory state around the buggy address: [ 11.534966] ffff888102f33c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.535290] ffff888102f33c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.535779] >ffff888102f33d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.536098] ^ [ 11.536466] ffff888102f33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.536957] ffff888102f33e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.537347] ================================================================== [ 11.538504] ================================================================== [ 11.538959] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.539276] Read of size 1 at addr ffff888102f33d80 by task kunit_try_catch/153 [ 11.539588] [ 11.539925] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.539974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.539985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.540008] Call Trace: [ 11.540222] <TASK> [ 11.540245] dump_stack_lvl+0x73/0xb0 [ 11.540276] print_report+0xd1/0x610 [ 11.540298] ? __virt_addr_valid+0x1db/0x2d0 [ 11.540321] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.540342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.540364] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.540385] kasan_report+0x141/0x180 [ 11.540407] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.540433] __asan_report_load1_noabort+0x18/0x20 [ 11.540457] kmalloc_oob_right+0x68a/0x7f0 [ 11.540481] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.540503] ? __schedule+0x10cc/0x2b60 [ 11.540525] ? __pfx_read_tsc+0x10/0x10 [ 11.540544] ? ktime_get_ts64+0x86/0x230 [ 11.540569] kunit_try_run_case+0x1a5/0x480 [ 11.540593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.540614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.540637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.540660] ? __kthread_parkme+0x82/0x180 [ 11.540680] ? preempt_count_sub+0x50/0x80 [ 11.540704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.540727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.540750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.540773] kthread+0x337/0x6f0 [ 11.540791] ? trace_preempt_on+0x20/0xc0 [ 11.540814] ? __pfx_kthread+0x10/0x10 [ 11.540833] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.540853] ? calculate_sigpending+0x7b/0xa0 [ 11.540877] ? __pfx_kthread+0x10/0x10 [ 11.540897] ret_from_fork+0x116/0x1d0 [ 11.540914] ? __pfx_kthread+0x10/0x10 [ 11.540934] ret_from_fork_asm+0x1a/0x30 [ 11.540965] </TASK> [ 11.540975] [ 11.550571] Allocated by task 153: [ 11.550746] kasan_save_stack+0x45/0x70 [ 11.550948] kasan_save_track+0x18/0x40 [ 11.551156] kasan_save_alloc_info+0x3b/0x50 [ 11.551357] __kasan_kmalloc+0xb7/0xc0 [ 11.551541] __kmalloc_cache_noprof+0x189/0x420 [ 11.552205] kmalloc_oob_right+0xa9/0x7f0 [ 11.552509] kunit_try_run_case+0x1a5/0x480 [ 11.552765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.553086] kthread+0x337/0x6f0 [ 11.553347] ret_from_fork+0x116/0x1d0 [ 11.553588] ret_from_fork_asm+0x1a/0x30 [ 11.553855] [ 11.554085] The buggy address belongs to the object at ffff888102f33d00 [ 11.554085] which belongs to the cache kmalloc-128 of size 128 [ 11.554742] The buggy address is located 13 bytes to the right of [ 11.554742] allocated 115-byte region [ffff888102f33d00, ffff888102f33d73) [ 11.555501] [ 11.555628] The buggy address belongs to the physical page: [ 11.555931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f33 [ 11.556347] flags: 0x200000000000000(node=0|zone=2) [ 11.556774] page_type: f5(slab) [ 11.556921] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.557281] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.557867] page dumped because: kasan: bad access detected [ 11.558119] [ 11.558220] Memory state around the buggy address: [ 11.558562] ffff888102f33c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.558966] ffff888102f33d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.559339] >ffff888102f33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.559773] ^ [ 11.559941] ffff888102f33e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.560253] ffff888102f33e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.560559] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 148.113533] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.114473] Modules linked in: [ 148.115207] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 148.116489] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.117042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.117333] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.117604] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.120518] RSP: 0000:ffff88810b8cfc78 EFLAGS: 00010286 [ 148.121222] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.121482] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9c433bfc [ 148.121712] RBP: ffff88810b8cfca0 R08: 0000000000000000 R09: ffffed1020680960 [ 148.122428] R10: ffff888103404b07 R11: 0000000000000000 R12: ffffffff9c433be8 [ 148.123257] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b8cfd38 [ 148.124247] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 148.124877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.125295] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 148.125603] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 148.126487] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.127181] Call Trace: [ 148.127301] <TASK> [ 148.127414] drm_test_rect_calc_vscale+0x108/0x270 [ 148.127853] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.128508] ? __schedule+0x10cc/0x2b60 [ 148.128944] ? __pfx_read_tsc+0x10/0x10 [ 148.129579] ? ktime_get_ts64+0x86/0x230 [ 148.130327] kunit_try_run_case+0x1a5/0x480 [ 148.130548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.130728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.131199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.131732] ? __kthread_parkme+0x82/0x180 [ 148.132226] ? preempt_count_sub+0x50/0x80 [ 148.132802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.133316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.133798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.134583] kthread+0x337/0x6f0 [ 148.134739] ? trace_preempt_on+0x20/0xc0 [ 148.135204] ? __pfx_kthread+0x10/0x10 [ 148.135585] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.136135] ? calculate_sigpending+0x7b/0xa0 [ 148.136432] ? __pfx_kthread+0x10/0x10 [ 148.136776] ret_from_fork+0x116/0x1d0 [ 148.137246] ? __pfx_kthread+0x10/0x10 [ 148.137692] ret_from_fork_asm+0x1a/0x30 [ 148.137965] </TASK> [ 148.138273] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.143741] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.144537] Modules linked in: [ 148.144716] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 148.145727] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.146389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.147415] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.148278] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.149837] RSP: 0000:ffff888103d77c78 EFLAGS: 00010286 [ 148.150247] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.150483] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9c433c34 [ 148.150710] RBP: ffff888103d77ca0 R08: 0000000000000000 R09: ffffed1021b6ed20 [ 148.150968] R10: ffff88810db76907 R11: 0000000000000000 R12: ffffffff9c433c20 [ 148.151619] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103d77d38 [ 148.151929] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 148.152418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.152811] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 148.153309] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 148.153832] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.154317] Call Trace: [ 148.154506] <TASK> [ 148.154657] drm_test_rect_calc_vscale+0x108/0x270 [ 148.154851] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.155370] ? __schedule+0x10cc/0x2b60 [ 148.155771] ? __pfx_read_tsc+0x10/0x10 [ 148.156189] ? ktime_get_ts64+0x86/0x230 [ 148.156426] kunit_try_run_case+0x1a5/0x480 [ 148.156712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.157052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.157489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.157870] ? __kthread_parkme+0x82/0x180 [ 148.158208] ? preempt_count_sub+0x50/0x80 [ 148.158400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.158679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.158922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.159372] kthread+0x337/0x6f0 [ 148.159686] ? trace_preempt_on+0x20/0xc0 [ 148.159940] ? __pfx_kthread+0x10/0x10 [ 148.160260] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.160454] ? calculate_sigpending+0x7b/0xa0 [ 148.160617] ? __pfx_kthread+0x10/0x10 [ 148.160778] ret_from_fork+0x116/0x1d0 [ 148.160922] ? __pfx_kthread+0x10/0x10 [ 148.161079] ret_from_fork_asm+0x1a/0x30 [ 148.161241] </TASK> [ 148.161338] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 148.084067] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.084500] Modules linked in: [ 148.084738] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 148.085441] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.085788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.086286] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.086512] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.087422] RSP: 0000:ffff88810b8cfc78 EFLAGS: 00010286 [ 148.087774] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.088248] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9c433c38 [ 148.088569] RBP: ffff88810b8cfca0 R08: 0000000000000000 R09: ffffed10206808a0 [ 148.089057] R10: ffff888103404507 R11: 0000000000000000 R12: ffffffff9c433c20 [ 148.089354] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b8cfd38 [ 148.089664] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 148.090132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.090410] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 148.090732] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 148.091029] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.091406] Call Trace: [ 148.091574] <TASK> [ 148.091686] drm_test_rect_calc_hscale+0x108/0x270 [ 148.092223] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.092516] ? __schedule+0x10cc/0x2b60 [ 148.092670] ? __pfx_read_tsc+0x10/0x10 [ 148.092889] ? ktime_get_ts64+0x86/0x230 [ 148.093181] kunit_try_run_case+0x1a5/0x480 [ 148.093418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.093779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.094103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.094382] ? __kthread_parkme+0x82/0x180 [ 148.094619] ? preempt_count_sub+0x50/0x80 [ 148.094782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.095178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.095474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.095708] kthread+0x337/0x6f0 [ 148.096182] ? trace_preempt_on+0x20/0xc0 [ 148.096415] ? __pfx_kthread+0x10/0x10 [ 148.096674] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.096946] ? calculate_sigpending+0x7b/0xa0 [ 148.097272] ? __pfx_kthread+0x10/0x10 [ 148.097480] ret_from_fork+0x116/0x1d0 [ 148.097648] ? __pfx_kthread+0x10/0x10 [ 148.097841] ret_from_fork_asm+0x1a/0x30 [ 148.098195] </TASK> [ 148.098339] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.060732] WARNING: CPU: 0 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.063032] Modules linked in: [ 148.063257] CPU: 0 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 148.063651] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.063907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.064266] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.065078] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.066061] RSP: 0000:ffff888107c97c78 EFLAGS: 00010286 [ 148.066326] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.066618] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9c433c00 [ 148.067068] RBP: ffff888107c97ca0 R08: 0000000000000000 R09: ffffed1020680860 [ 148.067388] R10: ffff888103404307 R11: 0000000000000000 R12: ffffffff9c433be8 [ 148.067721] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107c97d38 [ 148.068376] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 148.068717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.069024] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 148.069376] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 148.069947] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.070565] Call Trace: [ 148.070756] <TASK> [ 148.070999] drm_test_rect_calc_hscale+0x108/0x270 [ 148.071408] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.072040] ? __schedule+0x10cc/0x2b60 [ 148.072255] ? __pfx_read_tsc+0x10/0x10 [ 148.072447] ? ktime_get_ts64+0x86/0x230 [ 148.073048] kunit_try_run_case+0x1a5/0x480 [ 148.073260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.073710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.074217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.074595] ? __kthread_parkme+0x82/0x180 [ 148.075083] ? preempt_count_sub+0x50/0x80 [ 148.075369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.075786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.076275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.076731] kthread+0x337/0x6f0 [ 148.077154] ? trace_preempt_on+0x20/0xc0 [ 148.077513] ? __pfx_kthread+0x10/0x10 [ 148.078311] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.078604] ? calculate_sigpending+0x7b/0xa0 [ 148.078905] ? __pfx_kthread+0x10/0x10 [ 148.079109] ret_from_fork+0x116/0x1d0 [ 148.079322] ? __pfx_kthread+0x10/0x10 [ 148.079500] ret_from_fork_asm+0x1a/0x30 [ 148.079898] </TASK> [ 148.080050] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 147.306697] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 147.307223] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 147.309673] Modules linked in: [ 147.310375] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 147.311209] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.311412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.312629] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 147.313340] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 3e 9c 4c 89 f2 48 c7 c7 a0 87 3e 9c 48 89 c6 e8 74 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 147.314976] RSP: 0000:ffff88810274fd18 EFLAGS: 00010286 [ 147.315190] RAX: 0000000000000000 RBX: ffff888109d22c00 RCX: 1ffffffff3a24cf0 [ 147.315425] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 147.316535] RBP: ffff88810274fd48 R08: 0000000000000000 R09: fffffbfff3a24cf0 [ 147.317481] R10: 0000000000000003 R11: 0000000000038bf8 R12: ffff88810ecc7000 [ 147.318726] R13: ffff888109d22cf8 R14: ffff888103282b80 R15: ffff88810039fb40 [ 147.319668] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 147.320349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.321125] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 147.322092] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 147.323263] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.323767] Call Trace: [ 147.324237] <TASK> [ 147.324777] ? trace_preempt_on+0x20/0xc0 [ 147.325321] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 147.325552] drm_gem_shmem_free_wrapper+0x12/0x20 [ 147.325738] __kunit_action_free+0x57/0x70 [ 147.326540] kunit_remove_resource+0x133/0x200 [ 147.327287] ? preempt_count_sub+0x50/0x80 [ 147.328041] kunit_cleanup+0x7a/0x120 [ 147.328663] kunit_try_run_case_cleanup+0xbd/0xf0 [ 147.329439] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 147.330228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.330705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.331340] kthread+0x337/0x6f0 [ 147.332044] ? trace_preempt_on+0x20/0xc0 [ 147.332701] ? __pfx_kthread+0x10/0x10 [ 147.333453] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.333859] ? calculate_sigpending+0x7b/0xa0 [ 147.334552] ? __pfx_kthread+0x10/0x10 [ 147.335080] ret_from_fork+0x116/0x1d0 [ 147.335470] ? __pfx_kthread+0x10/0x10 [ 147.335633] ret_from_fork_asm+0x1a/0x30 [ 147.335855] </TASK> [ 147.336112] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 147.146841] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 147.147470] Modules linked in: [ 147.147761] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 147.148502] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.148779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.149474] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 147.149755] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 147.150648] RSP: 0000:ffff88810e97fb20 EFLAGS: 00010246 [ 147.151006] RAX: ffff88810e97fba8 RBX: ffff88810e97fc28 RCX: 1ffff11021d2ff8e [ 147.151350] RDX: dffffc0000000000 RSI: ffff888103e7a000 RDI: ffff888103e7a000 [ 147.151846] RBP: ffff88810e97fb70 R08: ffff888103e7a000 R09: ffffffff9c3d8e20 [ 147.152157] R10: 0000000000000003 R11: 00000000735e8b9b R12: 1ffff11021d2ff71 [ 147.152500] R13: ffff88810e97fc70 R14: ffff88810e97fdb8 R15: 0000000000000000 [ 147.153234] FS: 0000000000000000(0000) GS:ffff8881bcd72000(0000) knlGS:0000000000000000 [ 147.153663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.154060] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 147.154376] DR0: ffffffff9e452444 DR1: ffffffff9e452449 DR2: ffffffff9e45244a [ 147.154755] DR3: ffffffff9e45244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.155261] Call Trace: [ 147.155459] <TASK> [ 147.155609] ? trace_preempt_on+0x20/0xc0 [ 147.155840] ? add_dr+0xc1/0x1d0 [ 147.156137] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 147.156449] ? add_dr+0x148/0x1d0 [ 147.156704] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 147.157009] ? __drmm_add_action+0x1a4/0x280 [ 147.157413] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.158064] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.158445] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.158743] ? __schedule+0x10cc/0x2b60 [ 147.159127] ? __pfx_read_tsc+0x10/0x10 [ 147.159388] ? ktime_get_ts64+0x86/0x230 [ 147.159614] kunit_try_run_case+0x1a5/0x480 [ 147.159919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.160157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 147.160449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.160659] ? __kthread_parkme+0x82/0x180 [ 147.161137] ? preempt_count_sub+0x50/0x80 [ 147.161404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.161910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.162379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.162704] kthread+0x337/0x6f0 [ 147.162898] ? trace_preempt_on+0x20/0xc0 [ 147.163298] ? __pfx_kthread+0x10/0x10 [ 147.163539] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.163779] ? calculate_sigpending+0x7b/0xa0 [ 147.164047] ? __pfx_kthread+0x10/0x10 [ 147.164247] ret_from_fork+0x116/0x1d0 [ 147.164588] ? __pfx_kthread+0x10/0x10 [ 147.164902] ret_from_fork_asm+0x1a/0x30 [ 147.165378] </TASK> [ 147.165527] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 147.109788] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 147.110151] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 147.111405] Modules linked in: [ 147.111628] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 147.112394] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.112796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.113396] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 147.113704] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 3d 9c 4c 89 fa 48 c7 c7 20 39 3d 9c 48 89 c6 e8 f2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 147.114817] RSP: 0000:ffff888103e7fb68 EFLAGS: 00010282 [ 147.115286] RAX: 0000000000000000 RBX: ffff888103e7fc40 RCX: 1ffffffff3a24cf0 [ 147.115887] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 147.116350] RBP: ffff888103e7fb90 R08: 0000000000000000 R09: fffffbfff3a24cf0 [ 147.116858] R10: 0000000000000003 R11: 00000000000371e0 R12: ffff888103e7fc18 [ 147.117458] R13: ffff88810403f800 R14: ffff888103b76000 R15: ffff888103575080 [ 147.118006] FS: 0000000000000000(0000) GS:ffff8881bcd72000(0000) knlGS:0000000000000000 [ 147.118726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.119336] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 147.119823] DR0: ffffffff9e452444 DR1: ffffffff9e452449 DR2: ffffffff9e45244a [ 147.120226] DR3: ffffffff9e45244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.120568] Call Trace: [ 147.120702] <TASK> [ 147.121114] drm_test_framebuffer_free+0x1ab/0x610 [ 147.121478] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 147.121804] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.122287] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.122743] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.123253] ? __schedule+0x10cc/0x2b60 [ 147.123463] ? __pfx_read_tsc+0x10/0x10 [ 147.123767] ? ktime_get_ts64+0x86/0x230 [ 147.124144] kunit_try_run_case+0x1a5/0x480 [ 147.124364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.124594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 147.124808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.125374] ? __kthread_parkme+0x82/0x180 [ 147.125693] ? preempt_count_sub+0x50/0x80 [ 147.125967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.126315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.126781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.127140] kthread+0x337/0x6f0 [ 147.127509] ? trace_preempt_on+0x20/0xc0 [ 147.127729] ? __pfx_kthread+0x10/0x10 [ 147.128152] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.128382] ? calculate_sigpending+0x7b/0xa0 [ 147.128732] ? __pfx_kthread+0x10/0x10 [ 147.129011] ret_from_fork+0x116/0x1d0 [ 147.129392] ? __pfx_kthread+0x10/0x10 [ 147.129602] ret_from_fork_asm+0x1a/0x30 [ 147.130009] </TASK> [ 147.130166] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 145.702354] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 145.703351] Modules linked in: [ 145.703750] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.704823] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.705045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.705340] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 145.705563] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 145.706129] RSP: 0000:ffff888100a37c90 EFLAGS: 00010246 [ 145.706338] RAX: dffffc0000000000 RBX: ffff88810a18c000 RCX: 0000000000000000 [ 145.706573] RDX: 1ffff11021431832 RSI: ffffffff996067b8 RDI: ffff88810a18c190 [ 145.706804] RBP: ffff888100a37ca0 R08: 1ffff11020073f69 R09: ffffed1020146f65 [ 145.707181] R10: 0000000000000003 R11: ffffffff98b859b8 R12: 0000000000000000 [ 145.707818] R13: ffff888100a37d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 145.708514] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 145.709555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.710194] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 145.710968] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 145.711780] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.712665] Call Trace: [ 145.713033] <TASK> [ 145.713311] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 145.714302] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 145.715131] ? __schedule+0x10cc/0x2b60 [ 145.715584] ? __pfx_read_tsc+0x10/0x10 [ 145.716100] ? ktime_get_ts64+0x86/0x230 [ 145.716495] kunit_try_run_case+0x1a5/0x480 [ 145.717117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.717605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.717813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.718492] ? __kthread_parkme+0x82/0x180 [ 145.718711] ? preempt_count_sub+0x50/0x80 [ 145.719172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.719611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.719984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.720195] kthread+0x337/0x6f0 [ 145.720325] ? trace_preempt_on+0x20/0xc0 [ 145.720478] ? __pfx_kthread+0x10/0x10 [ 145.720639] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.721013] ? calculate_sigpending+0x7b/0xa0 [ 145.721555] ? __pfx_kthread+0x10/0x10 [ 145.721872] ret_from_fork+0x116/0x1d0 [ 145.722243] ? __pfx_kthread+0x10/0x10 [ 145.722690] ret_from_fork_asm+0x1a/0x30 [ 145.722855] </TASK> [ 145.722951] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 145.607467] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 145.608165] Modules linked in: [ 145.608511] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.609556] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.609754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.610622] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 145.611392] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 145.612733] RSP: 0000:ffff88810e56fc90 EFLAGS: 00010246 [ 145.613336] RAX: dffffc0000000000 RBX: ffff888105208000 RCX: 0000000000000000 [ 145.614008] RDX: 1ffff11020a41032 RSI: ffffffff996067b8 RDI: ffff888105208190 [ 145.614326] RBP: ffff88810e56fca0 R08: 1ffff11020073f69 R09: ffffed1021cadf65 [ 145.614584] R10: 0000000000000003 R11: ffffffff98b859b8 R12: 0000000000000000 [ 145.615361] R13: ffff88810e56fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 145.616144] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 145.616875] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.617153] CR2: 00007ffff7ffe000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 145.617379] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 145.617610] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.617855] Call Trace: [ 145.618130] <TASK> [ 145.618256] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 145.618695] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 145.619199] ? __schedule+0x10cc/0x2b60 [ 145.619453] ? __pfx_read_tsc+0x10/0x10 [ 145.619905] ? ktime_get_ts64+0x86/0x230 [ 145.620366] kunit_try_run_case+0x1a5/0x480 [ 145.620777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.621109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.621355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.621832] ? __kthread_parkme+0x82/0x180 [ 145.622420] ? preempt_count_sub+0x50/0x80 [ 145.622666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.623435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.623934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.624235] kthread+0x337/0x6f0 [ 145.624410] ? trace_preempt_on+0x20/0xc0 [ 145.624843] ? __pfx_kthread+0x10/0x10 [ 145.625281] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.625500] ? calculate_sigpending+0x7b/0xa0 [ 145.625714] ? __pfx_kthread+0x10/0x10 [ 145.626276] ret_from_fork+0x116/0x1d0 [ 145.626748] ? __pfx_kthread+0x10/0x10 [ 145.627338] ret_from_fork_asm+0x1a/0x30 [ 145.627824] </TASK> [ 145.628283] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 111.296060] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 111.296863] Modules linked in: [ 111.297330] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 111.298308] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 111.299020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.299807] RIP: 0010:intlog10+0x2a/0x40 [ 111.299999] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 ba 86 02 90 <0f> 0b 90 31 c0 e9 3c ba 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 111.301137] RSP: 0000:ffff88810ceb7cb0 EFLAGS: 00010246 [ 111.301363] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110219d6fb4 [ 111.301662] RDX: 1ffffffff3852dc4 RSI: 1ffff110219d6fb3 RDI: 0000000000000000 [ 111.302156] RBP: ffff88810ceb7d60 R08: 0000000000000000 R09: ffffed1020558100 [ 111.302499] R10: ffff888102ac0807 R11: 0000000000000000 R12: 1ffff110219d6f97 [ 111.303160] R13: ffffffff9c296e20 R14: 0000000000000000 R15: ffff88810ceb7d38 [ 111.303486] FS: 0000000000000000(0000) GS:ffff8881bcc72000(0000) knlGS:0000000000000000 [ 111.304017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.304267] CR2: dffffc0000000000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 111.304979] DR0: ffffffff9e452440 DR1: ffffffff9e452441 DR2: ffffffff9e452443 [ 111.305329] DR3: ffffffff9e452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.305644] Call Trace: [ 111.305808] <TASK> [ 111.305920] ? intlog10_test+0xf2/0x220 [ 111.306468] ? __pfx_intlog10_test+0x10/0x10 [ 111.306724] ? __pfx_intlog10_test+0x10/0x10 [ 111.306952] kunit_try_run_case+0x1a5/0x480 [ 111.307728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.308042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 111.308246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 111.308440] ? __kthread_parkme+0x82/0x180 [ 111.308653] ? preempt_count_sub+0x50/0x80 [ 111.309653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.310279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.310501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.311287] kthread+0x337/0x6f0 [ 111.311461] ? trace_preempt_on+0x20/0xc0 [ 111.311637] ? __pfx_kthread+0x10/0x10 [ 111.311953] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.312166] ? calculate_sigpending+0x7b/0xa0 [ 111.312409] ? __pfx_kthread+0x10/0x10 [ 111.312670] ret_from_fork+0x116/0x1d0 [ 111.313023] ? __pfx_kthread+0x10/0x10 [ 111.314522] ret_from_fork_asm+0x1a/0x30 [ 111.314860] </TASK> [ 111.315037] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 111.246573] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 111.247704] Modules linked in: [ 111.248293] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 111.249294] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 111.249932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.251053] RIP: 0010:intlog2+0xdf/0x110 [ 111.251246] Code: 29 9c c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 111.251814] RSP: 0000:ffff88810cef7cb0 EFLAGS: 00010246 [ 111.252041] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110219defb4 [ 111.252303] RDX: 1ffffffff3852e18 RSI: 1ffff110219defb3 RDI: 0000000000000000 [ 111.252659] RBP: ffff88810cef7d60 R08: 0000000000000000 R09: ffffed102039a880 [ 111.253096] R10: ffff888101cd4407 R11: 0000000000000000 R12: 1ffff110219def97 [ 111.253334] R13: ffffffff9c2970c0 R14: 0000000000000000 R15: ffff88810cef7d38 [ 111.253838] FS: 0000000000000000(0000) GS:ffff8881bcd72000(0000) knlGS:0000000000000000 [ 111.254320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.255032] CR2: ffff88815a908000 CR3: 000000014a4bc000 CR4: 00000000000006f0 [ 111.255431] DR0: ffffffff9e452444 DR1: ffffffff9e452449 DR2: ffffffff9e45244a [ 111.256285] DR3: ffffffff9e45244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.256788] Call Trace: [ 111.257228] <TASK> [ 111.257499] ? intlog2_test+0xf2/0x220 [ 111.257975] ? __pfx_intlog2_test+0x10/0x10 [ 111.258395] ? __schedule+0x10cc/0x2b60 [ 111.258786] ? __pfx_read_tsc+0x10/0x10 [ 111.259255] ? ktime_get_ts64+0x86/0x230 [ 111.259432] kunit_try_run_case+0x1a5/0x480 [ 111.259926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.260465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 111.261110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 111.261568] ? __kthread_parkme+0x82/0x180 [ 111.262062] ? preempt_count_sub+0x50/0x80 [ 111.262257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.262442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.263058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.263942] kthread+0x337/0x6f0 [ 111.264459] ? trace_preempt_on+0x20/0xc0 [ 111.265024] ? __pfx_kthread+0x10/0x10 [ 111.265457] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.266091] ? calculate_sigpending+0x7b/0xa0 [ 111.266474] ? __pfx_kthread+0x10/0x10 [ 111.266922] ret_from_fork+0x116/0x1d0 [ 111.267161] ? __pfx_kthread+0x10/0x10 [ 111.267629] ret_from_fork_asm+0x1a/0x30 [ 111.268050] </TASK> [ 111.268462] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 110.581513] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI