Date
July 15, 2025, 11:09 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.548470] ================================================================== [ 12.548897] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.549204] Write of size 128 at addr ffff888102afc100 by task kunit_try_catch/187 [ 12.549526] [ 12.549623] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.549809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.549823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.549843] Call Trace: [ 12.549854] <TASK> [ 12.549867] dump_stack_lvl+0x73/0xb0 [ 12.549898] print_report+0xd1/0x610 [ 12.549920] ? __virt_addr_valid+0x1db/0x2d0 [ 12.549942] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.549964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.549988] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.550010] kasan_report+0x141/0x180 [ 12.550032] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.550059] kasan_check_range+0x10c/0x1c0 [ 12.550082] __asan_memset+0x27/0x50 [ 12.550102] kmalloc_oob_in_memset+0x15f/0x320 [ 12.550125] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.550152] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.550180] kunit_try_run_case+0x1a5/0x480 [ 12.550204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.550227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.550250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.550274] ? __kthread_parkme+0x82/0x180 [ 12.550294] ? preempt_count_sub+0x50/0x80 [ 12.550319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.550343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.550367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.550399] kthread+0x337/0x6f0 [ 12.550961] ? trace_preempt_on+0x20/0xc0 [ 12.551000] ? __pfx_kthread+0x10/0x10 [ 12.551022] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.551045] ? calculate_sigpending+0x7b/0xa0 [ 12.551069] ? __pfx_kthread+0x10/0x10 [ 12.551177] ret_from_fork+0x116/0x1d0 [ 12.551198] ? __pfx_kthread+0x10/0x10 [ 12.551219] ret_from_fork_asm+0x1a/0x30 [ 12.551250] </TASK> [ 12.551260] [ 12.559544] Allocated by task 187: [ 12.559679] kasan_save_stack+0x45/0x70 [ 12.560513] kasan_save_track+0x18/0x40 [ 12.560674] kasan_save_alloc_info+0x3b/0x50 [ 12.561201] __kasan_kmalloc+0xb7/0xc0 [ 12.562632] __kmalloc_cache_noprof+0x189/0x420 [ 12.563120] kmalloc_oob_in_memset+0xac/0x320 [ 12.563815] kunit_try_run_case+0x1a5/0x480 [ 12.564262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.564817] kthread+0x337/0x6f0 [ 12.565280] ret_from_fork+0x116/0x1d0 [ 12.565829] ret_from_fork_asm+0x1a/0x30 [ 12.566209] [ 12.566286] The buggy address belongs to the object at ffff888102afc100 [ 12.566286] which belongs to the cache kmalloc-128 of size 128 [ 12.567695] The buggy address is located 0 bytes inside of [ 12.567695] allocated 120-byte region [ffff888102afc100, ffff888102afc178) [ 12.568877] [ 12.569178] The buggy address belongs to the physical page: [ 12.569895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 12.570146] flags: 0x200000000000000(node=0|zone=2) [ 12.570312] page_type: f5(slab) [ 12.571002] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.571866] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.572826] page dumped because: kasan: bad access detected [ 12.573259] [ 12.573372] Memory state around the buggy address: [ 12.573598] ffff888102afc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.573904] ffff888102afc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.574195] >ffff888102afc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.574487] ^ [ 12.575150] ffff888102afc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.575622] ffff888102afc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.575935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.521407] ================================================================== [ 12.522650] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.523537] Read of size 16 at addr ffff8881027816e0 by task kunit_try_catch/185 [ 12.523972] [ 12.524090] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.524135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.524147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.524167] Call Trace: [ 12.524178] <TASK> [ 12.524191] dump_stack_lvl+0x73/0xb0 [ 12.524221] print_report+0xd1/0x610 [ 12.524244] ? __virt_addr_valid+0x1db/0x2d0 [ 12.524267] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.524287] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.524311] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.524332] kasan_report+0x141/0x180 [ 12.524354] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.524379] __asan_report_load16_noabort+0x18/0x20 [ 12.524462] kmalloc_uaf_16+0x47b/0x4c0 [ 12.524484] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.524506] ? __schedule+0x10cc/0x2b60 [ 12.524529] ? __pfx_read_tsc+0x10/0x10 [ 12.524550] ? ktime_get_ts64+0x86/0x230 [ 12.524575] kunit_try_run_case+0x1a5/0x480 [ 12.524601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.524624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.524648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.524672] ? __kthread_parkme+0x82/0x180 [ 12.524693] ? preempt_count_sub+0x50/0x80 [ 12.524718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.524742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.524789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.524815] kthread+0x337/0x6f0 [ 12.524835] ? trace_preempt_on+0x20/0xc0 [ 12.524858] ? __pfx_kthread+0x10/0x10 [ 12.524879] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.524900] ? calculate_sigpending+0x7b/0xa0 [ 12.524925] ? __pfx_kthread+0x10/0x10 [ 12.524946] ret_from_fork+0x116/0x1d0 [ 12.524965] ? __pfx_kthread+0x10/0x10 [ 12.524991] ret_from_fork_asm+0x1a/0x30 [ 12.525022] </TASK> [ 12.525032] [ 12.532118] Allocated by task 185: [ 12.532305] kasan_save_stack+0x45/0x70 [ 12.532676] kasan_save_track+0x18/0x40 [ 12.532856] kasan_save_alloc_info+0x3b/0x50 [ 12.533009] __kasan_kmalloc+0xb7/0xc0 [ 12.533142] __kmalloc_cache_noprof+0x189/0x420 [ 12.533368] kmalloc_uaf_16+0x15b/0x4c0 [ 12.533558] kunit_try_run_case+0x1a5/0x480 [ 12.533813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.534041] kthread+0x337/0x6f0 [ 12.534162] ret_from_fork+0x116/0x1d0 [ 12.534294] ret_from_fork_asm+0x1a/0x30 [ 12.534438] [ 12.534605] Freed by task 185: [ 12.534780] kasan_save_stack+0x45/0x70 [ 12.534982] kasan_save_track+0x18/0x40 [ 12.535172] kasan_save_free_info+0x3f/0x60 [ 12.535533] __kasan_slab_free+0x56/0x70 [ 12.535749] kfree+0x222/0x3f0 [ 12.535928] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.536113] kunit_try_run_case+0x1a5/0x480 [ 12.536284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.536702] kthread+0x337/0x6f0 [ 12.536875] ret_from_fork+0x116/0x1d0 [ 12.537056] ret_from_fork_asm+0x1a/0x30 [ 12.537222] [ 12.537294] The buggy address belongs to the object at ffff8881027816e0 [ 12.537294] which belongs to the cache kmalloc-16 of size 16 [ 12.538065] The buggy address is located 0 bytes inside of [ 12.538065] freed 16-byte region [ffff8881027816e0, ffff8881027816f0) [ 12.538474] [ 12.538544] The buggy address belongs to the physical page: [ 12.538715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 12.538962] flags: 0x200000000000000(node=0|zone=2) [ 12.539504] page_type: f5(slab) [ 12.539677] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.539982] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.540211] page dumped because: kasan: bad access detected [ 12.540691] [ 12.540812] Memory state around the buggy address: [ 12.541038] ffff888102781580: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 12.541424] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.541731] >ffff888102781680: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.541996] ^ [ 12.542190] ffff888102781700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542460] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.498226] ================================================================== [ 12.498807] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.499120] Write of size 16 at addr ffff8881025148a0 by task kunit_try_catch/183 [ 12.499455] [ 12.499554] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.499598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.499609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.499629] Call Trace: [ 12.499641] <TASK> [ 12.499656] dump_stack_lvl+0x73/0xb0 [ 12.499687] print_report+0xd1/0x610 [ 12.499708] ? __virt_addr_valid+0x1db/0x2d0 [ 12.499734] ? kmalloc_oob_16+0x452/0x4a0 [ 12.499767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.499792] ? kmalloc_oob_16+0x452/0x4a0 [ 12.499813] kasan_report+0x141/0x180 [ 12.499835] ? kmalloc_oob_16+0x452/0x4a0 [ 12.499861] __asan_report_store16_noabort+0x1b/0x30 [ 12.499887] kmalloc_oob_16+0x452/0x4a0 [ 12.499908] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.499931] ? __schedule+0x10cc/0x2b60 [ 12.499953] ? __pfx_read_tsc+0x10/0x10 [ 12.499974] ? ktime_get_ts64+0x86/0x230 [ 12.499999] kunit_try_run_case+0x1a5/0x480 [ 12.500024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.500047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.500072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.500096] ? __kthread_parkme+0x82/0x180 [ 12.500117] ? preempt_count_sub+0x50/0x80 [ 12.500140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.500165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.500189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.500215] kthread+0x337/0x6f0 [ 12.500234] ? trace_preempt_on+0x20/0xc0 [ 12.500257] ? __pfx_kthread+0x10/0x10 [ 12.500278] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.500299] ? calculate_sigpending+0x7b/0xa0 [ 12.500324] ? __pfx_kthread+0x10/0x10 [ 12.500346] ret_from_fork+0x116/0x1d0 [ 12.500364] ? __pfx_kthread+0x10/0x10 [ 12.500386] ret_from_fork_asm+0x1a/0x30 [ 12.500417] </TASK> [ 12.500427] [ 12.508123] Allocated by task 183: [ 12.508262] kasan_save_stack+0x45/0x70 [ 12.508415] kasan_save_track+0x18/0x40 [ 12.508799] kasan_save_alloc_info+0x3b/0x50 [ 12.509023] __kasan_kmalloc+0xb7/0xc0 [ 12.509211] __kmalloc_cache_noprof+0x189/0x420 [ 12.509566] kmalloc_oob_16+0xa8/0x4a0 [ 12.509706] kunit_try_run_case+0x1a5/0x480 [ 12.509867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.510123] kthread+0x337/0x6f0 [ 12.510291] ret_from_fork+0x116/0x1d0 [ 12.510613] ret_from_fork_asm+0x1a/0x30 [ 12.510814] [ 12.510902] The buggy address belongs to the object at ffff8881025148a0 [ 12.510902] which belongs to the cache kmalloc-16 of size 16 [ 12.511279] The buggy address is located 0 bytes inside of [ 12.511279] allocated 13-byte region [ffff8881025148a0, ffff8881025148ad) [ 12.512274] [ 12.512547] The buggy address belongs to the physical page: [ 12.512773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 12.513065] flags: 0x200000000000000(node=0|zone=2) [ 12.513232] page_type: f5(slab) [ 12.513428] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.513802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.514136] page dumped because: kasan: bad access detected [ 12.514407] [ 12.514530] Memory state around the buggy address: [ 12.514689] ffff888102514780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.514985] ffff888102514800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 12.515308] >ffff888102514880: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 12.515802] ^ [ 12.515981] ffff888102514900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.516279] ffff888102514980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.516715] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.444425] ================================================================== [ 12.445167] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.445440] Read of size 1 at addr ffff888100350800 by task kunit_try_catch/181 [ 12.446006] [ 12.446120] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.446166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.446177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.446198] Call Trace: [ 12.446209] <TASK> [ 12.446223] dump_stack_lvl+0x73/0xb0 [ 12.446255] print_report+0xd1/0x610 [ 12.446278] ? __virt_addr_valid+0x1db/0x2d0 [ 12.446301] ? krealloc_uaf+0x1b8/0x5e0 [ 12.446323] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.446347] ? krealloc_uaf+0x1b8/0x5e0 [ 12.446369] kasan_report+0x141/0x180 [ 12.446397] ? krealloc_uaf+0x1b8/0x5e0 [ 12.446422] ? krealloc_uaf+0x1b8/0x5e0 [ 12.446516] __kasan_check_byte+0x3d/0x50 [ 12.446542] krealloc_noprof+0x3f/0x340 [ 12.446566] krealloc_uaf+0x1b8/0x5e0 [ 12.446589] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.446612] ? finish_task_switch.isra.0+0x153/0x700 [ 12.446639] ? __switch_to+0x47/0xf50 [ 12.446666] ? __schedule+0x10cc/0x2b60 [ 12.446689] ? __pfx_read_tsc+0x10/0x10 [ 12.446709] ? ktime_get_ts64+0x86/0x230 [ 12.446737] kunit_try_run_case+0x1a5/0x480 [ 12.446775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.446799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.446824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.446850] ? __kthread_parkme+0x82/0x180 [ 12.446872] ? preempt_count_sub+0x50/0x80 [ 12.446896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.446921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.446946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.446972] kthread+0x337/0x6f0 [ 12.446991] ? trace_preempt_on+0x20/0xc0 [ 12.447014] ? __pfx_kthread+0x10/0x10 [ 12.447035] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.447057] ? calculate_sigpending+0x7b/0xa0 [ 12.447081] ? __pfx_kthread+0x10/0x10 [ 12.447103] ret_from_fork+0x116/0x1d0 [ 12.447121] ? __pfx_kthread+0x10/0x10 [ 12.447142] ret_from_fork_asm+0x1a/0x30 [ 12.447173] </TASK> [ 12.447183] [ 12.455098] Allocated by task 181: [ 12.455234] kasan_save_stack+0x45/0x70 [ 12.455459] kasan_save_track+0x18/0x40 [ 12.455652] kasan_save_alloc_info+0x3b/0x50 [ 12.455975] __kasan_kmalloc+0xb7/0xc0 [ 12.456168] __kmalloc_cache_noprof+0x189/0x420 [ 12.456372] krealloc_uaf+0xbb/0x5e0 [ 12.456658] kunit_try_run_case+0x1a5/0x480 [ 12.456828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.457007] kthread+0x337/0x6f0 [ 12.457166] ret_from_fork+0x116/0x1d0 [ 12.457349] ret_from_fork_asm+0x1a/0x30 [ 12.457648] [ 12.457803] Freed by task 181: [ 12.457985] kasan_save_stack+0x45/0x70 [ 12.458171] kasan_save_track+0x18/0x40 [ 12.458307] kasan_save_free_info+0x3f/0x60 [ 12.458522] __kasan_slab_free+0x56/0x70 [ 12.458795] kfree+0x222/0x3f0 [ 12.458966] krealloc_uaf+0x13d/0x5e0 [ 12.459106] kunit_try_run_case+0x1a5/0x480 [ 12.459309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.459749] kthread+0x337/0x6f0 [ 12.459951] ret_from_fork+0x116/0x1d0 [ 12.460141] ret_from_fork_asm+0x1a/0x30 [ 12.460325] [ 12.460411] The buggy address belongs to the object at ffff888100350800 [ 12.460411] which belongs to the cache kmalloc-256 of size 256 [ 12.461012] The buggy address is located 0 bytes inside of [ 12.461012] freed 256-byte region [ffff888100350800, ffff888100350900) [ 12.461552] [ 12.461652] The buggy address belongs to the physical page: [ 12.461891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.462235] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.462590] flags: 0x200000000000040(head|node=0|zone=2) [ 12.462850] page_type: f5(slab) [ 12.463007] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.463325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.463675] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.464067] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.464404] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.464681] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.464921] page dumped because: kasan: bad access detected [ 12.465092] [ 12.465189] Memory state around the buggy address: [ 12.465604] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.465984] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.466545] >ffff888100350800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.466855] ^ [ 12.467010] ffff888100350880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.467287] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.467581] ================================================================== [ 12.471496] ================================================================== [ 12.471815] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.472124] Read of size 1 at addr ffff888100350800 by task kunit_try_catch/181 [ 12.472420] [ 12.472529] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.472571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.472582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.472602] Call Trace: [ 12.472613] <TASK> [ 12.472626] dump_stack_lvl+0x73/0xb0 [ 12.472654] print_report+0xd1/0x610 [ 12.472675] ? __virt_addr_valid+0x1db/0x2d0 [ 12.472696] ? krealloc_uaf+0x53c/0x5e0 [ 12.472716] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.472739] ? krealloc_uaf+0x53c/0x5e0 [ 12.472926] kasan_report+0x141/0x180 [ 12.472956] ? krealloc_uaf+0x53c/0x5e0 [ 12.472983] __asan_report_load1_noabort+0x18/0x20 [ 12.473009] krealloc_uaf+0x53c/0x5e0 [ 12.473030] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.473052] ? finish_task_switch.isra.0+0x153/0x700 [ 12.473075] ? __switch_to+0x47/0xf50 [ 12.473100] ? __schedule+0x10cc/0x2b60 [ 12.473122] ? __pfx_read_tsc+0x10/0x10 [ 12.473144] ? ktime_get_ts64+0x86/0x230 [ 12.473167] kunit_try_run_case+0x1a5/0x480 [ 12.473192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.473240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.473264] ? __kthread_parkme+0x82/0x180 [ 12.473284] ? preempt_count_sub+0x50/0x80 [ 12.473307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.473713] kthread+0x337/0x6f0 [ 12.473733] ? trace_preempt_on+0x20/0xc0 [ 12.473769] ? __pfx_kthread+0x10/0x10 [ 12.473790] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.473812] ? calculate_sigpending+0x7b/0xa0 [ 12.473837] ? __pfx_kthread+0x10/0x10 [ 12.473858] ret_from_fork+0x116/0x1d0 [ 12.473877] ? __pfx_kthread+0x10/0x10 [ 12.473898] ret_from_fork_asm+0x1a/0x30 [ 12.473928] </TASK> [ 12.473938] [ 12.481560] Allocated by task 181: [ 12.481722] kasan_save_stack+0x45/0x70 [ 12.481900] kasan_save_track+0x18/0x40 [ 12.482037] kasan_save_alloc_info+0x3b/0x50 [ 12.482186] __kasan_kmalloc+0xb7/0xc0 [ 12.482589] __kmalloc_cache_noprof+0x189/0x420 [ 12.482842] krealloc_uaf+0xbb/0x5e0 [ 12.483031] kunit_try_run_case+0x1a5/0x480 [ 12.483230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.483568] kthread+0x337/0x6f0 [ 12.483703] ret_from_fork+0x116/0x1d0 [ 12.483860] ret_from_fork_asm+0x1a/0x30 [ 12.484060] [ 12.484158] Freed by task 181: [ 12.484381] kasan_save_stack+0x45/0x70 [ 12.484599] kasan_save_track+0x18/0x40 [ 12.484782] kasan_save_free_info+0x3f/0x60 [ 12.484970] __kasan_slab_free+0x56/0x70 [ 12.485131] kfree+0x222/0x3f0 [ 12.485249] krealloc_uaf+0x13d/0x5e0 [ 12.485440] kunit_try_run_case+0x1a5/0x480 [ 12.485623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.485889] kthread+0x337/0x6f0 [ 12.486059] ret_from_fork+0x116/0x1d0 [ 12.486245] ret_from_fork_asm+0x1a/0x30 [ 12.486530] [ 12.486632] The buggy address belongs to the object at ffff888100350800 [ 12.486632] which belongs to the cache kmalloc-256 of size 256 [ 12.487176] The buggy address is located 0 bytes inside of [ 12.487176] freed 256-byte region [ffff888100350800, ffff888100350900) [ 12.487790] [ 12.487893] The buggy address belongs to the physical page: [ 12.488149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.488517] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.488849] flags: 0x200000000000040(head|node=0|zone=2) [ 12.489032] page_type: f5(slab) [ 12.489170] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.489519] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.489938] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.490270] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.490661] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.490994] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.491306] page dumped because: kasan: bad access detected [ 12.491590] [ 12.491686] Memory state around the buggy address: [ 12.491904] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492152] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492528] >ffff888100350800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.492860] ^ [ 12.492988] ffff888100350880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.493204] ffff888100350900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493746] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.254155] ================================================================== [ 12.254539] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.254877] Write of size 1 at addr ffff8881003506ea by task kunit_try_catch/175 [ 12.255154] [ 12.255260] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.255301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.255312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.255331] Call Trace: [ 12.255346] <TASK> [ 12.255363] dump_stack_lvl+0x73/0xb0 [ 12.255389] print_report+0xd1/0x610 [ 12.255411] ? __virt_addr_valid+0x1db/0x2d0 [ 12.255435] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.255460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.255483] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.255508] kasan_report+0x141/0x180 [ 12.255530] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.255559] __asan_report_store1_noabort+0x1b/0x30 [ 12.255586] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.255613] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.255639] ? finish_task_switch.isra.0+0x153/0x700 [ 12.255662] ? __switch_to+0x47/0xf50 [ 12.255687] ? __schedule+0x10cc/0x2b60 [ 12.255709] ? __pfx_read_tsc+0x10/0x10 [ 12.255732] krealloc_less_oob+0x1c/0x30 [ 12.255776] kunit_try_run_case+0x1a5/0x480 [ 12.255801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.255825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.255848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.255872] ? __kthread_parkme+0x82/0x180 [ 12.255893] ? preempt_count_sub+0x50/0x80 [ 12.255916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.255942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.255968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.255994] kthread+0x337/0x6f0 [ 12.256013] ? trace_preempt_on+0x20/0xc0 [ 12.256036] ? __pfx_kthread+0x10/0x10 [ 12.256056] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.256079] ? calculate_sigpending+0x7b/0xa0 [ 12.256102] ? __pfx_kthread+0x10/0x10 [ 12.256124] ret_from_fork+0x116/0x1d0 [ 12.256142] ? __pfx_kthread+0x10/0x10 [ 12.256163] ret_from_fork_asm+0x1a/0x30 [ 12.256194] </TASK> [ 12.256203] [ 12.263931] Allocated by task 175: [ 12.264139] kasan_save_stack+0x45/0x70 [ 12.264402] kasan_save_track+0x18/0x40 [ 12.264595] kasan_save_alloc_info+0x3b/0x50 [ 12.264816] __kasan_krealloc+0x190/0x1f0 [ 12.265002] krealloc_noprof+0xf3/0x340 [ 12.265138] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.265350] krealloc_less_oob+0x1c/0x30 [ 12.265728] kunit_try_run_case+0x1a5/0x480 [ 12.265957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.266208] kthread+0x337/0x6f0 [ 12.266330] ret_from_fork+0x116/0x1d0 [ 12.266687] ret_from_fork_asm+0x1a/0x30 [ 12.266936] [ 12.267035] The buggy address belongs to the object at ffff888100350600 [ 12.267035] which belongs to the cache kmalloc-256 of size 256 [ 12.267676] The buggy address is located 33 bytes to the right of [ 12.267676] allocated 201-byte region [ffff888100350600, ffff8881003506c9) [ 12.268073] [ 12.268144] The buggy address belongs to the physical page: [ 12.268463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.268825] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.269407] flags: 0x200000000000040(head|node=0|zone=2) [ 12.269629] page_type: f5(slab) [ 12.269749] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.270101] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.270601] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.270913] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.271148] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.271484] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.272004] page dumped because: kasan: bad access detected [ 12.272181] [ 12.272251] Memory state around the buggy address: [ 12.272542] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.272896] ffff888100350600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.273317] >ffff888100350680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.273552] ^ [ 12.273779] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.274181] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.274575] ================================================================== [ 12.407419] ================================================================== [ 12.407771] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.408087] Write of size 1 at addr ffff8881026ba0ea by task kunit_try_catch/179 [ 12.408639] [ 12.408743] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.408793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.408804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.408823] Call Trace: [ 12.408835] <TASK> [ 12.408849] dump_stack_lvl+0x73/0xb0 [ 12.408879] print_report+0xd1/0x610 [ 12.408901] ? __virt_addr_valid+0x1db/0x2d0 [ 12.408925] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.408950] ? kasan_addr_to_slab+0x11/0xa0 [ 12.408971] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.408996] kasan_report+0x141/0x180 [ 12.409019] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.409048] __asan_report_store1_noabort+0x1b/0x30 [ 12.409074] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.409101] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.409127] ? finish_task_switch.isra.0+0x153/0x700 [ 12.409149] ? __switch_to+0x47/0xf50 [ 12.409174] ? __schedule+0x10cc/0x2b60 [ 12.409195] ? __pfx_read_tsc+0x10/0x10 [ 12.409219] krealloc_large_less_oob+0x1c/0x30 [ 12.409242] kunit_try_run_case+0x1a5/0x480 [ 12.409267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.409290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.409392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.409421] ? __kthread_parkme+0x82/0x180 [ 12.409441] ? preempt_count_sub+0x50/0x80 [ 12.409464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.409503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.409528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.409554] kthread+0x337/0x6f0 [ 12.409574] ? trace_preempt_on+0x20/0xc0 [ 12.409596] ? __pfx_kthread+0x10/0x10 [ 12.409617] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.409639] ? calculate_sigpending+0x7b/0xa0 [ 12.409663] ? __pfx_kthread+0x10/0x10 [ 12.409684] ret_from_fork+0x116/0x1d0 [ 12.409703] ? __pfx_kthread+0x10/0x10 [ 12.409723] ret_from_fork_asm+0x1a/0x30 [ 12.409762] </TASK> [ 12.409772] [ 12.417587] The buggy address belongs to the physical page: [ 12.417811] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.418174] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.418562] flags: 0x200000000000040(head|node=0|zone=2) [ 12.418816] page_type: f8(unknown) [ 12.418996] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.419287] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.419567] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.419915] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.420144] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.420404] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.420788] page dumped because: kasan: bad access detected [ 12.421490] [ 12.421596] Memory state around the buggy address: [ 12.421831] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.422125] ffff8881026ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.422489] >ffff8881026ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.422790] ^ [ 12.422995] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423290] ffff8881026ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.423699] ================================================================== [ 12.424062] ================================================================== [ 12.424290] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.424871] Write of size 1 at addr ffff8881026ba0eb by task kunit_try_catch/179 [ 12.425205] [ 12.425302] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.425417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.425428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.425448] Call Trace: [ 12.425462] <TASK> [ 12.425495] dump_stack_lvl+0x73/0xb0 [ 12.425523] print_report+0xd1/0x610 [ 12.425545] ? __virt_addr_valid+0x1db/0x2d0 [ 12.425568] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.425593] ? kasan_addr_to_slab+0x11/0xa0 [ 12.425613] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.425638] kasan_report+0x141/0x180 [ 12.425660] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.425690] __asan_report_store1_noabort+0x1b/0x30 [ 12.425715] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.425742] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.425777] ? finish_task_switch.isra.0+0x153/0x700 [ 12.425800] ? __switch_to+0x47/0xf50 [ 12.425824] ? __schedule+0x10cc/0x2b60 [ 12.425846] ? __pfx_read_tsc+0x10/0x10 [ 12.425869] krealloc_large_less_oob+0x1c/0x30 [ 12.425894] kunit_try_run_case+0x1a5/0x480 [ 12.425919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.425942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.425965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.425989] ? __kthread_parkme+0x82/0x180 [ 12.426009] ? preempt_count_sub+0x50/0x80 [ 12.426032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.426057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.426081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.426106] kthread+0x337/0x6f0 [ 12.426125] ? trace_preempt_on+0x20/0xc0 [ 12.426148] ? __pfx_kthread+0x10/0x10 [ 12.426168] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.426190] ? calculate_sigpending+0x7b/0xa0 [ 12.426214] ? __pfx_kthread+0x10/0x10 [ 12.426235] ret_from_fork+0x116/0x1d0 [ 12.426254] ? __pfx_kthread+0x10/0x10 [ 12.426274] ret_from_fork_asm+0x1a/0x30 [ 12.426304] </TASK> [ 12.426376] [ 12.434054] The buggy address belongs to the physical page: [ 12.434238] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.434679] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.435030] flags: 0x200000000000040(head|node=0|zone=2) [ 12.435271] page_type: f8(unknown) [ 12.435538] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.435851] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.436135] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.436637] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.436966] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.437272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.437677] page dumped because: kasan: bad access detected [ 12.437887] [ 12.437958] Memory state around the buggy address: [ 12.438116] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.438432] ffff8881026ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.438779] >ffff8881026ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.439092] ^ [ 12.439446] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.439766] ffff8881026ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.439998] ================================================================== [ 12.209716] ================================================================== [ 12.210022] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.210301] Write of size 1 at addr ffff8881003506d0 by task kunit_try_catch/175 [ 12.210660] [ 12.210768] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.210811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.210821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210840] Call Trace: [ 12.210854] <TASK> [ 12.210866] dump_stack_lvl+0x73/0xb0 [ 12.210893] print_report+0xd1/0x610 [ 12.210913] ? __virt_addr_valid+0x1db/0x2d0 [ 12.210934] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.210957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.211206] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.211234] kasan_report+0x141/0x180 [ 12.211257] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.211287] __asan_report_store1_noabort+0x1b/0x30 [ 12.211312] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.211404] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.211432] ? finish_task_switch.isra.0+0x153/0x700 [ 12.211457] ? __switch_to+0x47/0xf50 [ 12.211481] ? __schedule+0x10cc/0x2b60 [ 12.211503] ? __pfx_read_tsc+0x10/0x10 [ 12.211527] krealloc_less_oob+0x1c/0x30 [ 12.211549] kunit_try_run_case+0x1a5/0x480 [ 12.211573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.211620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.211644] ? __kthread_parkme+0x82/0x180 [ 12.211664] ? preempt_count_sub+0x50/0x80 [ 12.211687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.211737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.211777] kthread+0x337/0x6f0 [ 12.211797] ? trace_preempt_on+0x20/0xc0 [ 12.211820] ? __pfx_kthread+0x10/0x10 [ 12.211840] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.211862] ? calculate_sigpending+0x7b/0xa0 [ 12.211886] ? __pfx_kthread+0x10/0x10 [ 12.211907] ret_from_fork+0x116/0x1d0 [ 12.211927] ? __pfx_kthread+0x10/0x10 [ 12.211948] ret_from_fork_asm+0x1a/0x30 [ 12.211978] </TASK> [ 12.211988] [ 12.219996] Allocated by task 175: [ 12.220143] kasan_save_stack+0x45/0x70 [ 12.220293] kasan_save_track+0x18/0x40 [ 12.220485] kasan_save_alloc_info+0x3b/0x50 [ 12.220865] __kasan_krealloc+0x190/0x1f0 [ 12.221042] krealloc_noprof+0xf3/0x340 [ 12.221224] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.221419] krealloc_less_oob+0x1c/0x30 [ 12.221902] kunit_try_run_case+0x1a5/0x480 [ 12.222115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.222293] kthread+0x337/0x6f0 [ 12.222419] ret_from_fork+0x116/0x1d0 [ 12.222565] ret_from_fork_asm+0x1a/0x30 [ 12.222778] [ 12.222874] The buggy address belongs to the object at ffff888100350600 [ 12.222874] which belongs to the cache kmalloc-256 of size 256 [ 12.223501] The buggy address is located 7 bytes to the right of [ 12.223501] allocated 201-byte region [ffff888100350600, ffff8881003506c9) [ 12.224351] [ 12.224489] The buggy address belongs to the physical page: [ 12.224764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.225104] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.225330] flags: 0x200000000000040(head|node=0|zone=2) [ 12.225840] page_type: f5(slab) [ 12.226183] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.226537] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.226837] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.227072] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.227452] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.227818] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.228162] page dumped because: kasan: bad access detected [ 12.228383] [ 12.228541] Memory state around the buggy address: [ 12.228766] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.229002] ffff888100350600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.229280] >ffff888100350680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.229617] ^ [ 12.231455] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231794] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.232071] ================================================================== [ 12.347972] ================================================================== [ 12.349308] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.350062] Write of size 1 at addr ffff8881026ba0c9 by task kunit_try_catch/179 [ 12.350791] [ 12.350984] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.351029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.351041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.351062] Call Trace: [ 12.351072] <TASK> [ 12.351087] dump_stack_lvl+0x73/0xb0 [ 12.351117] print_report+0xd1/0x610 [ 12.351139] ? __virt_addr_valid+0x1db/0x2d0 [ 12.351187] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.351212] ? kasan_addr_to_slab+0x11/0xa0 [ 12.351233] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.351257] kasan_report+0x141/0x180 [ 12.351279] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.351466] __asan_report_store1_noabort+0x1b/0x30 [ 12.351507] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.351535] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.351561] ? finish_task_switch.isra.0+0x153/0x700 [ 12.351585] ? __switch_to+0x47/0xf50 [ 12.351610] ? __schedule+0x10cc/0x2b60 [ 12.351632] ? __pfx_read_tsc+0x10/0x10 [ 12.351656] krealloc_large_less_oob+0x1c/0x30 [ 12.351680] kunit_try_run_case+0x1a5/0x480 [ 12.351705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.351729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.351765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.351790] ? __kthread_parkme+0x82/0x180 [ 12.351811] ? preempt_count_sub+0x50/0x80 [ 12.351834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.351858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.351883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.351908] kthread+0x337/0x6f0 [ 12.351927] ? trace_preempt_on+0x20/0xc0 [ 12.351951] ? __pfx_kthread+0x10/0x10 [ 12.351971] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.351993] ? calculate_sigpending+0x7b/0xa0 [ 12.352018] ? __pfx_kthread+0x10/0x10 [ 12.352039] ret_from_fork+0x116/0x1d0 [ 12.352057] ? __pfx_kthread+0x10/0x10 [ 12.352078] ret_from_fork_asm+0x1a/0x30 [ 12.352108] </TASK> [ 12.352118] [ 12.365457] The buggy address belongs to the physical page: [ 12.366074] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.366690] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.366934] flags: 0x200000000000040(head|node=0|zone=2) [ 12.367111] page_type: f8(unknown) [ 12.367237] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.368009] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.368798] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.369521] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.370244] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.371007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.371748] page dumped because: kasan: bad access detected [ 12.372068] [ 12.372141] Memory state around the buggy address: [ 12.372300] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.372525] ffff8881026ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.372742] >ffff8881026ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.373025] ^ [ 12.373241] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.373498] ffff8881026ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.373800] ================================================================== [ 12.185824] ================================================================== [ 12.186262] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.186773] Write of size 1 at addr ffff8881003506c9 by task kunit_try_catch/175 [ 12.187091] [ 12.187186] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.187231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.187242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.187262] Call Trace: [ 12.187274] <TASK> [ 12.187289] dump_stack_lvl+0x73/0xb0 [ 12.187319] print_report+0xd1/0x610 [ 12.187561] ? __virt_addr_valid+0x1db/0x2d0 [ 12.187586] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.187611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.187634] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.187659] kasan_report+0x141/0x180 [ 12.187681] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.187711] __asan_report_store1_noabort+0x1b/0x30 [ 12.187736] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.187778] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.187804] ? finish_task_switch.isra.0+0x153/0x700 [ 12.187827] ? __switch_to+0x47/0xf50 [ 12.187853] ? __schedule+0x10cc/0x2b60 [ 12.187875] ? __pfx_read_tsc+0x10/0x10 [ 12.187899] krealloc_less_oob+0x1c/0x30 [ 12.187920] kunit_try_run_case+0x1a5/0x480 [ 12.187946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.187969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.187993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.188017] ? __kthread_parkme+0x82/0x180 [ 12.188038] ? preempt_count_sub+0x50/0x80 [ 12.188061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.188086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.188111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.188136] kthread+0x337/0x6f0 [ 12.188157] ? trace_preempt_on+0x20/0xc0 [ 12.188181] ? __pfx_kthread+0x10/0x10 [ 12.188201] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.188223] ? calculate_sigpending+0x7b/0xa0 [ 12.188247] ? __pfx_kthread+0x10/0x10 [ 12.188268] ret_from_fork+0x116/0x1d0 [ 12.188286] ? __pfx_kthread+0x10/0x10 [ 12.188307] ret_from_fork_asm+0x1a/0x30 [ 12.188387] </TASK> [ 12.188398] [ 12.196366] Allocated by task 175: [ 12.196501] kasan_save_stack+0x45/0x70 [ 12.196645] kasan_save_track+0x18/0x40 [ 12.196846] kasan_save_alloc_info+0x3b/0x50 [ 12.197057] __kasan_krealloc+0x190/0x1f0 [ 12.197256] krealloc_noprof+0xf3/0x340 [ 12.197586] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.197775] krealloc_less_oob+0x1c/0x30 [ 12.197916] kunit_try_run_case+0x1a5/0x480 [ 12.198063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.198311] kthread+0x337/0x6f0 [ 12.198707] ret_from_fork+0x116/0x1d0 [ 12.198926] ret_from_fork_asm+0x1a/0x30 [ 12.199130] [ 12.199223] The buggy address belongs to the object at ffff888100350600 [ 12.199223] which belongs to the cache kmalloc-256 of size 256 [ 12.199932] The buggy address is located 0 bytes to the right of [ 12.199932] allocated 201-byte region [ffff888100350600, ffff8881003506c9) [ 12.200567] [ 12.200648] The buggy address belongs to the physical page: [ 12.200872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.201116] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.201351] flags: 0x200000000000040(head|node=0|zone=2) [ 12.201604] page_type: f5(slab) [ 12.201932] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.202330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.202867] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.203205] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.204250] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.204742] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.205003] page dumped because: kasan: bad access detected [ 12.205236] [ 12.205622] Memory state around the buggy address: [ 12.205959] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.206497] ffff888100350600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.207177] >ffff888100350680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.207707] ^ [ 12.207979] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208279] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208877] ================================================================== [ 12.374240] ================================================================== [ 12.374574] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.374899] Write of size 1 at addr ffff8881026ba0d0 by task kunit_try_catch/179 [ 12.375200] [ 12.375290] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.375329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.375340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.375361] Call Trace: [ 12.375374] <TASK> [ 12.375387] dump_stack_lvl+0x73/0xb0 [ 12.375416] print_report+0xd1/0x610 [ 12.375713] ? __virt_addr_valid+0x1db/0x2d0 [ 12.375737] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.375776] ? kasan_addr_to_slab+0x11/0xa0 [ 12.375798] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.375822] kasan_report+0x141/0x180 [ 12.375844] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.375874] __asan_report_store1_noabort+0x1b/0x30 [ 12.375899] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.375926] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.375951] ? finish_task_switch.isra.0+0x153/0x700 [ 12.375974] ? __switch_to+0x47/0xf50 [ 12.375999] ? __schedule+0x10cc/0x2b60 [ 12.376020] ? __pfx_read_tsc+0x10/0x10 [ 12.376044] krealloc_large_less_oob+0x1c/0x30 [ 12.376068] kunit_try_run_case+0x1a5/0x480 [ 12.376092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.376139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.376163] ? __kthread_parkme+0x82/0x180 [ 12.376183] ? preempt_count_sub+0x50/0x80 [ 12.376207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.376231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.376256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.376281] kthread+0x337/0x6f0 [ 12.376300] ? trace_preempt_on+0x20/0xc0 [ 12.376395] ? __pfx_kthread+0x10/0x10 [ 12.376417] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.376464] ? calculate_sigpending+0x7b/0xa0 [ 12.376488] ? __pfx_kthread+0x10/0x10 [ 12.376509] ret_from_fork+0x116/0x1d0 [ 12.376528] ? __pfx_kthread+0x10/0x10 [ 12.376549] ret_from_fork_asm+0x1a/0x30 [ 12.376579] </TASK> [ 12.376589] [ 12.384047] The buggy address belongs to the physical page: [ 12.384287] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.384641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.385147] flags: 0x200000000000040(head|node=0|zone=2) [ 12.385490] page_type: f8(unknown) [ 12.385676] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.385991] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.386296] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.386650] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.386951] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.387293] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.387719] page dumped because: kasan: bad access detected [ 12.387905] [ 12.388000] Memory state around the buggy address: [ 12.388228] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.388752] ffff8881026ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.389019] >ffff8881026ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.389306] ^ [ 12.389675] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.389989] ffff8881026ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.390281] ================================================================== [ 12.232564] ================================================================== [ 12.232896] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.233201] Write of size 1 at addr ffff8881003506da by task kunit_try_catch/175 [ 12.233656] [ 12.233769] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.233812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.233823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.233842] Call Trace: [ 12.233855] <TASK> [ 12.233868] dump_stack_lvl+0x73/0xb0 [ 12.233897] print_report+0xd1/0x610 [ 12.233919] ? __virt_addr_valid+0x1db/0x2d0 [ 12.233941] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.233966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.233990] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.234015] kasan_report+0x141/0x180 [ 12.234038] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.234133] __asan_report_store1_noabort+0x1b/0x30 [ 12.234161] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.234187] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.234213] ? finish_task_switch.isra.0+0x153/0x700 [ 12.234236] ? __switch_to+0x47/0xf50 [ 12.234261] ? __schedule+0x10cc/0x2b60 [ 12.234283] ? __pfx_read_tsc+0x10/0x10 [ 12.234308] krealloc_less_oob+0x1c/0x30 [ 12.234364] kunit_try_run_case+0x1a5/0x480 [ 12.234398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.234453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.234478] ? __kthread_parkme+0x82/0x180 [ 12.234499] ? preempt_count_sub+0x50/0x80 [ 12.234524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.234600] kthread+0x337/0x6f0 [ 12.234619] ? trace_preempt_on+0x20/0xc0 [ 12.234642] ? __pfx_kthread+0x10/0x10 [ 12.234663] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.234684] ? calculate_sigpending+0x7b/0xa0 [ 12.234709] ? __pfx_kthread+0x10/0x10 [ 12.234731] ret_from_fork+0x116/0x1d0 [ 12.234749] ? __pfx_kthread+0x10/0x10 [ 12.234780] ret_from_fork_asm+0x1a/0x30 [ 12.234811] </TASK> [ 12.234821] [ 12.242819] Allocated by task 175: [ 12.242970] kasan_save_stack+0x45/0x70 [ 12.243165] kasan_save_track+0x18/0x40 [ 12.243303] kasan_save_alloc_info+0x3b/0x50 [ 12.243452] __kasan_krealloc+0x190/0x1f0 [ 12.243652] krealloc_noprof+0xf3/0x340 [ 12.243858] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.244343] krealloc_less_oob+0x1c/0x30 [ 12.244496] kunit_try_run_case+0x1a5/0x480 [ 12.244783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.245050] kthread+0x337/0x6f0 [ 12.245222] ret_from_fork+0x116/0x1d0 [ 12.245467] ret_from_fork_asm+0x1a/0x30 [ 12.245639] [ 12.245713] The buggy address belongs to the object at ffff888100350600 [ 12.245713] which belongs to the cache kmalloc-256 of size 256 [ 12.246237] The buggy address is located 17 bytes to the right of [ 12.246237] allocated 201-byte region [ffff888100350600, ffff8881003506c9) [ 12.246621] [ 12.246692] The buggy address belongs to the physical page: [ 12.247064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.247706] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.247955] flags: 0x200000000000040(head|node=0|zone=2) [ 12.248132] page_type: f5(slab) [ 12.248254] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.248977] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.249373] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.249987] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.250336] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.250745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.251015] page dumped because: kasan: bad access detected [ 12.251273] [ 12.251568] Memory state around the buggy address: [ 12.251777] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.252062] ffff888100350600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.252312] >ffff888100350680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.252775] ^ [ 12.253042] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253380] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253690] ================================================================== [ 12.390779] ================================================================== [ 12.391116] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.391535] Write of size 1 at addr ffff8881026ba0da by task kunit_try_catch/179 [ 12.391845] [ 12.391948] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.391989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.392000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.392019] Call Trace: [ 12.392034] <TASK> [ 12.392048] dump_stack_lvl+0x73/0xb0 [ 12.392076] print_report+0xd1/0x610 [ 12.392098] ? __virt_addr_valid+0x1db/0x2d0 [ 12.392119] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.392144] ? kasan_addr_to_slab+0x11/0xa0 [ 12.392165] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.392190] kasan_report+0x141/0x180 [ 12.392212] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.392241] __asan_report_store1_noabort+0x1b/0x30 [ 12.392267] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.392293] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.392496] ? finish_task_switch.isra.0+0x153/0x700 [ 12.392525] ? __switch_to+0x47/0xf50 [ 12.392551] ? __schedule+0x10cc/0x2b60 [ 12.392595] ? __pfx_read_tsc+0x10/0x10 [ 12.392621] krealloc_large_less_oob+0x1c/0x30 [ 12.392645] kunit_try_run_case+0x1a5/0x480 [ 12.392670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.392693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.392717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.392741] ? __kthread_parkme+0x82/0x180 [ 12.392772] ? preempt_count_sub+0x50/0x80 [ 12.392796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.392820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.392845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.392870] kthread+0x337/0x6f0 [ 12.392890] ? trace_preempt_on+0x20/0xc0 [ 12.392913] ? __pfx_kthread+0x10/0x10 [ 12.392933] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.392955] ? calculate_sigpending+0x7b/0xa0 [ 12.392979] ? __pfx_kthread+0x10/0x10 [ 12.393000] ret_from_fork+0x116/0x1d0 [ 12.393018] ? __pfx_kthread+0x10/0x10 [ 12.393039] ret_from_fork_asm+0x1a/0x30 [ 12.393069] </TASK> [ 12.393079] [ 12.400954] The buggy address belongs to the physical page: [ 12.401165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.401538] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.401885] flags: 0x200000000000040(head|node=0|zone=2) [ 12.402134] page_type: f8(unknown) [ 12.402287] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.402646] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.403006] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.403424] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.403790] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.404022] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.404555] page dumped because: kasan: bad access detected [ 12.404815] [ 12.404915] Memory state around the buggy address: [ 12.405102] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.405400] ffff8881026ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.405768] >ffff8881026ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.406092] ^ [ 12.406446] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.406703] ffff8881026ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.406984] ================================================================== [ 12.275127] ================================================================== [ 12.275664] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.275989] Write of size 1 at addr ffff8881003506eb by task kunit_try_catch/175 [ 12.276296] [ 12.276522] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.276565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.276576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.276595] Call Trace: [ 12.276607] <TASK> [ 12.276620] dump_stack_lvl+0x73/0xb0 [ 12.276648] print_report+0xd1/0x610 [ 12.276670] ? __virt_addr_valid+0x1db/0x2d0 [ 12.276693] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.276717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.276741] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.276779] kasan_report+0x141/0x180 [ 12.276801] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.276830] __asan_report_store1_noabort+0x1b/0x30 [ 12.276856] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.276883] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.276908] ? finish_task_switch.isra.0+0x153/0x700 [ 12.276932] ? __switch_to+0x47/0xf50 [ 12.276956] ? __schedule+0x10cc/0x2b60 [ 12.276978] ? __pfx_read_tsc+0x10/0x10 [ 12.277001] krealloc_less_oob+0x1c/0x30 [ 12.277023] kunit_try_run_case+0x1a5/0x480 [ 12.277047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.277094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.277118] ? __kthread_parkme+0x82/0x180 [ 12.277139] ? preempt_count_sub+0x50/0x80 [ 12.277162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.277237] kthread+0x337/0x6f0 [ 12.277256] ? trace_preempt_on+0x20/0xc0 [ 12.277280] ? __pfx_kthread+0x10/0x10 [ 12.277300] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.277322] ? calculate_sigpending+0x7b/0xa0 [ 12.277346] ? __pfx_kthread+0x10/0x10 [ 12.277367] ret_from_fork+0x116/0x1d0 [ 12.277386] ? __pfx_kthread+0x10/0x10 [ 12.277406] ret_from_fork_asm+0x1a/0x30 [ 12.277437] </TASK> [ 12.277446] [ 12.285106] Allocated by task 175: [ 12.285241] kasan_save_stack+0x45/0x70 [ 12.285396] kasan_save_track+0x18/0x40 [ 12.285959] kasan_save_alloc_info+0x3b/0x50 [ 12.286189] __kasan_krealloc+0x190/0x1f0 [ 12.286496] krealloc_noprof+0xf3/0x340 [ 12.286682] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.286892] krealloc_less_oob+0x1c/0x30 [ 12.287090] kunit_try_run_case+0x1a5/0x480 [ 12.287273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.287560] kthread+0x337/0x6f0 [ 12.287684] ret_from_fork+0x116/0x1d0 [ 12.287828] ret_from_fork_asm+0x1a/0x30 [ 12.287967] [ 12.288039] The buggy address belongs to the object at ffff888100350600 [ 12.288039] which belongs to the cache kmalloc-256 of size 256 [ 12.288637] The buggy address is located 34 bytes to the right of [ 12.288637] allocated 201-byte region [ffff888100350600, ffff8881003506c9) [ 12.290960] [ 12.291169] The buggy address belongs to the physical page: [ 12.292028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 12.292305] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.292534] flags: 0x200000000000040(head|node=0|zone=2) [ 12.292709] page_type: f5(slab) [ 12.292966] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.293205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.293607] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.295272] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.296028] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.296273] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.296510] page dumped because: kasan: bad access detected [ 12.296683] [ 12.296765] Memory state around the buggy address: [ 12.296956] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.298348] ffff888100350600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.298783] >ffff888100350680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.298995] ^ [ 12.299188] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.299804] ffff888100350780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.300023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.305740] ================================================================== [ 12.306225] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.306576] Write of size 1 at addr ffff8881029be0eb by task kunit_try_catch/177 [ 12.306920] [ 12.307035] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.307080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.307091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.307111] Call Trace: [ 12.307125] <TASK> [ 12.307141] dump_stack_lvl+0x73/0xb0 [ 12.307172] print_report+0xd1/0x610 [ 12.307195] ? __virt_addr_valid+0x1db/0x2d0 [ 12.307219] ? krealloc_more_oob_helper+0x821/0x930 [ 12.307244] ? kasan_addr_to_slab+0x11/0xa0 [ 12.307265] ? krealloc_more_oob_helper+0x821/0x930 [ 12.307289] kasan_report+0x141/0x180 [ 12.307311] ? krealloc_more_oob_helper+0x821/0x930 [ 12.307341] __asan_report_store1_noabort+0x1b/0x30 [ 12.307366] krealloc_more_oob_helper+0x821/0x930 [ 12.307389] ? __schedule+0x10cc/0x2b60 [ 12.307412] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.307438] ? finish_task_switch.isra.0+0x153/0x700 [ 12.307482] ? __switch_to+0x47/0xf50 [ 12.307508] ? __schedule+0x10cc/0x2b60 [ 12.307529] ? __pfx_read_tsc+0x10/0x10 [ 12.307555] krealloc_large_more_oob+0x1c/0x30 [ 12.307578] kunit_try_run_case+0x1a5/0x480 [ 12.307604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.307627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.307652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.307678] ? __kthread_parkme+0x82/0x180 [ 12.307699] ? preempt_count_sub+0x50/0x80 [ 12.307722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.307747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.307962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.307989] kthread+0x337/0x6f0 [ 12.308009] ? trace_preempt_on+0x20/0xc0 [ 12.308034] ? __pfx_kthread+0x10/0x10 [ 12.308056] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.308078] ? calculate_sigpending+0x7b/0xa0 [ 12.308103] ? __pfx_kthread+0x10/0x10 [ 12.308125] ret_from_fork+0x116/0x1d0 [ 12.308145] ? __pfx_kthread+0x10/0x10 [ 12.308166] ret_from_fork_asm+0x1a/0x30 [ 12.308198] </TASK> [ 12.308209] [ 12.315666] The buggy address belongs to the physical page: [ 12.315877] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 12.316122] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.316441] flags: 0x200000000000040(head|node=0|zone=2) [ 12.316691] page_type: f8(unknown) [ 12.316879] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.317177] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.317407] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.318056] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.318372] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 12.318711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.319027] page dumped because: kasan: bad access detected [ 12.319217] [ 12.319312] Memory state around the buggy address: [ 12.319589] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.319872] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.320174] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.320478] ^ [ 12.320711] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.321019] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.321305] ================================================================== [ 12.140778] ================================================================== [ 12.141214] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.141661] Write of size 1 at addr ffff888100a25eeb by task kunit_try_catch/173 [ 12.141946] [ 12.142037] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.142080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.142091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.142111] Call Trace: [ 12.142122] <TASK> [ 12.142136] dump_stack_lvl+0x73/0xb0 [ 12.142167] print_report+0xd1/0x610 [ 12.142189] ? __virt_addr_valid+0x1db/0x2d0 [ 12.142213] ? krealloc_more_oob_helper+0x821/0x930 [ 12.142237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.142260] ? krealloc_more_oob_helper+0x821/0x930 [ 12.142285] kasan_report+0x141/0x180 [ 12.142307] ? krealloc_more_oob_helper+0x821/0x930 [ 12.142417] __asan_report_store1_noabort+0x1b/0x30 [ 12.142462] krealloc_more_oob_helper+0x821/0x930 [ 12.142485] ? __schedule+0x10cc/0x2b60 [ 12.142509] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.142534] ? finish_task_switch.isra.0+0x153/0x700 [ 12.142558] ? __switch_to+0x47/0xf50 [ 12.142585] ? __schedule+0x10cc/0x2b60 [ 12.142606] ? __pfx_read_tsc+0x10/0x10 [ 12.142631] krealloc_more_oob+0x1c/0x30 [ 12.142653] kunit_try_run_case+0x1a5/0x480 [ 12.142678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.142701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.142725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.142749] ? __kthread_parkme+0x82/0x180 [ 12.142779] ? preempt_count_sub+0x50/0x80 [ 12.142802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.142826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.142851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.142876] kthread+0x337/0x6f0 [ 12.142895] ? trace_preempt_on+0x20/0xc0 [ 12.142919] ? __pfx_kthread+0x10/0x10 [ 12.142939] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.142962] ? calculate_sigpending+0x7b/0xa0 [ 12.142988] ? __pfx_kthread+0x10/0x10 [ 12.143010] ret_from_fork+0x116/0x1d0 [ 12.143029] ? __pfx_kthread+0x10/0x10 [ 12.143049] ret_from_fork_asm+0x1a/0x30 [ 12.143081] </TASK> [ 12.143091] [ 12.150831] Allocated by task 173: [ 12.150963] kasan_save_stack+0x45/0x70 [ 12.151126] kasan_save_track+0x18/0x40 [ 12.151425] kasan_save_alloc_info+0x3b/0x50 [ 12.151666] __kasan_krealloc+0x190/0x1f0 [ 12.151875] krealloc_noprof+0xf3/0x340 [ 12.152069] krealloc_more_oob_helper+0x1a9/0x930 [ 12.152275] krealloc_more_oob+0x1c/0x30 [ 12.152416] kunit_try_run_case+0x1a5/0x480 [ 12.152624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.152883] kthread+0x337/0x6f0 [ 12.153019] ret_from_fork+0x116/0x1d0 [ 12.153208] ret_from_fork_asm+0x1a/0x30 [ 12.153370] [ 12.153471] The buggy address belongs to the object at ffff888100a25e00 [ 12.153471] which belongs to the cache kmalloc-256 of size 256 [ 12.153949] The buggy address is located 0 bytes to the right of [ 12.153949] allocated 235-byte region [ffff888100a25e00, ffff888100a25eeb) [ 12.154494] [ 12.154594] The buggy address belongs to the physical page: [ 12.154854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 12.155208] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.155549] flags: 0x200000000000040(head|node=0|zone=2) [ 12.155729] page_type: f5(slab) [ 12.155908] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.156253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.156694] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.157052] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.157508] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 12.157828] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.158135] page dumped because: kasan: bad access detected [ 12.158373] [ 12.158461] Memory state around the buggy address: [ 12.158666] ffff888100a25d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.158944] ffff888100a25e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.159179] >ffff888100a25e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.159492] ^ [ 12.159876] ffff888100a25f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.160131] ffff888100a25f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.160526] ================================================================== [ 12.161112] ================================================================== [ 12.161461] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.161858] Write of size 1 at addr ffff888100a25ef0 by task kunit_try_catch/173 [ 12.162187] [ 12.162293] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.162402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.162415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.162433] Call Trace: [ 12.162445] <TASK> [ 12.162475] dump_stack_lvl+0x73/0xb0 [ 12.162503] print_report+0xd1/0x610 [ 12.162525] ? __virt_addr_valid+0x1db/0x2d0 [ 12.162547] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.162571] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.162594] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.162619] kasan_report+0x141/0x180 [ 12.162641] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.162670] __asan_report_store1_noabort+0x1b/0x30 [ 12.162696] krealloc_more_oob_helper+0x7eb/0x930 [ 12.162719] ? __schedule+0x10cc/0x2b60 [ 12.162740] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.162775] ? finish_task_switch.isra.0+0x153/0x700 [ 12.162797] ? __switch_to+0x47/0xf50 [ 12.162821] ? __schedule+0x10cc/0x2b60 [ 12.162843] ? __pfx_read_tsc+0x10/0x10 [ 12.162866] krealloc_more_oob+0x1c/0x30 [ 12.162888] kunit_try_run_case+0x1a5/0x480 [ 12.162912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.162935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.162959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.162983] ? __kthread_parkme+0x82/0x180 [ 12.163003] ? preempt_count_sub+0x50/0x80 [ 12.163026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.163051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.163075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.163100] kthread+0x337/0x6f0 [ 12.163119] ? trace_preempt_on+0x20/0xc0 [ 12.163142] ? __pfx_kthread+0x10/0x10 [ 12.163163] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.163184] ? calculate_sigpending+0x7b/0xa0 [ 12.163208] ? __pfx_kthread+0x10/0x10 [ 12.163229] ret_from_fork+0x116/0x1d0 [ 12.163248] ? __pfx_kthread+0x10/0x10 [ 12.163268] ret_from_fork_asm+0x1a/0x30 [ 12.163298] </TASK> [ 12.163308] [ 12.171973] Allocated by task 173: [ 12.172113] kasan_save_stack+0x45/0x70 [ 12.172293] kasan_save_track+0x18/0x40 [ 12.172587] kasan_save_alloc_info+0x3b/0x50 [ 12.172816] __kasan_krealloc+0x190/0x1f0 [ 12.173017] krealloc_noprof+0xf3/0x340 [ 12.173161] krealloc_more_oob_helper+0x1a9/0x930 [ 12.173435] krealloc_more_oob+0x1c/0x30 [ 12.173646] kunit_try_run_case+0x1a5/0x480 [ 12.173914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.174230] kthread+0x337/0x6f0 [ 12.174582] ret_from_fork+0x116/0x1d0 [ 12.174766] ret_from_fork_asm+0x1a/0x30 [ 12.174959] [ 12.175043] The buggy address belongs to the object at ffff888100a25e00 [ 12.175043] which belongs to the cache kmalloc-256 of size 256 [ 12.175497] The buggy address is located 5 bytes to the right of [ 12.175497] allocated 235-byte region [ffff888100a25e00, ffff888100a25eeb) [ 12.176073] [ 12.176168] The buggy address belongs to the physical page: [ 12.176388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 12.176630] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.176925] flags: 0x200000000000040(head|node=0|zone=2) [ 12.177180] page_type: f5(slab) [ 12.177352] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.177702] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.178218] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.178598] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.178960] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 12.179304] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.179640] page dumped because: kasan: bad access detected [ 12.179853] [ 12.179948] Memory state around the buggy address: [ 12.180181] ffff888100a25d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.180590] ffff888100a25e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.180889] >ffff888100a25e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.181144] ^ [ 12.181484] ffff888100a25f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.181841] ffff888100a25f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.182101] ================================================================== [ 12.321767] ================================================================== [ 12.322085] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.322725] Write of size 1 at addr ffff8881029be0f0 by task kunit_try_catch/177 [ 12.323082] [ 12.323187] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.323227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.323238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.323257] Call Trace: [ 12.323268] <TASK> [ 12.323281] dump_stack_lvl+0x73/0xb0 [ 12.323309] print_report+0xd1/0x610 [ 12.323331] ? __virt_addr_valid+0x1db/0x2d0 [ 12.323354] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.323378] ? kasan_addr_to_slab+0x11/0xa0 [ 12.323399] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.323425] kasan_report+0x141/0x180 [ 12.323629] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.323664] __asan_report_store1_noabort+0x1b/0x30 [ 12.323691] krealloc_more_oob_helper+0x7eb/0x930 [ 12.323714] ? __schedule+0x10cc/0x2b60 [ 12.323737] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.323778] ? finish_task_switch.isra.0+0x153/0x700 [ 12.323801] ? __switch_to+0x47/0xf50 [ 12.323826] ? __schedule+0x10cc/0x2b60 [ 12.323849] ? __pfx_read_tsc+0x10/0x10 [ 12.323873] krealloc_large_more_oob+0x1c/0x30 [ 12.323897] kunit_try_run_case+0x1a5/0x480 [ 12.323922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.323970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.323994] ? __kthread_parkme+0x82/0x180 [ 12.324015] ? preempt_count_sub+0x50/0x80 [ 12.324038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.324089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.324115] kthread+0x337/0x6f0 [ 12.324135] ? trace_preempt_on+0x20/0xc0 [ 12.324160] ? __pfx_kthread+0x10/0x10 [ 12.324183] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.324206] ? calculate_sigpending+0x7b/0xa0 [ 12.324230] ? __pfx_kthread+0x10/0x10 [ 12.324252] ret_from_fork+0x116/0x1d0 [ 12.324271] ? __pfx_kthread+0x10/0x10 [ 12.324292] ret_from_fork_asm+0x1a/0x30 [ 12.324323] </TASK> [ 12.324333] [ 12.335835] The buggy address belongs to the physical page: [ 12.336082] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 12.336394] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.337052] flags: 0x200000000000040(head|node=0|zone=2) [ 12.337457] page_type: f8(unknown) [ 12.337767] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.338255] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.338862] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.339198] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.339676] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 12.340184] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.340672] page dumped because: kasan: bad access detected [ 12.340978] [ 12.341054] Memory state around the buggy address: [ 12.341226] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.341534] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.341847] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.342124] ^ [ 12.342385] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.342708] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.343328] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.572226] ================================================================== [ 50.572619] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 50.572619] [ 50.572983] Use-after-free read at 0x(____ptrval____) (in kfence-#144): [ 50.573254] test_krealloc+0x6fc/0xbe0 [ 50.573424] kunit_try_run_case+0x1a5/0x480 [ 50.573797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.573996] kthread+0x337/0x6f0 [ 50.574161] ret_from_fork+0x116/0x1d0 [ 50.574344] ret_from_fork_asm+0x1a/0x30 [ 50.574578] [ 50.574671] kfence-#144: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 50.574671] [ 50.574979] allocated by task 354 on cpu 0 at 50.571623s (0.003354s ago): [ 50.575309] test_alloc+0x364/0x10f0 [ 50.575488] test_krealloc+0xad/0xbe0 [ 50.575707] kunit_try_run_case+0x1a5/0x480 [ 50.575930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.576172] kthread+0x337/0x6f0 [ 50.576318] ret_from_fork+0x116/0x1d0 [ 50.576532] ret_from_fork_asm+0x1a/0x30 [ 50.576710] [ 50.576813] freed by task 354 on cpu 0 at 50.571854s (0.004957s ago): [ 50.577057] krealloc_noprof+0x108/0x340 [ 50.577258] test_krealloc+0x226/0xbe0 [ 50.577424] kunit_try_run_case+0x1a5/0x480 [ 50.577639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.578049] kthread+0x337/0x6f0 [ 50.578234] ret_from_fork+0x116/0x1d0 [ 50.578431] ret_from_fork_asm+0x1a/0x30 [ 50.579359] [ 50.579546] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.580061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.580327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.580709] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.487114] ================================================================== [ 50.487689] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.487689] [ 50.488132] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 50.488695] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.489123] kunit_try_run_case+0x1a5/0x480 [ 50.489284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.489503] kthread+0x337/0x6f0 [ 50.489816] ret_from_fork+0x116/0x1d0 [ 50.490173] ret_from_fork_asm+0x1a/0x30 [ 50.490591] [ 50.490734] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 50.490734] [ 50.491018] allocated by task 352 on cpu 0 at 50.467606s (0.023410s ago): [ 50.491249] test_alloc+0x2a6/0x10f0 [ 50.491381] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 50.492067] kunit_try_run_case+0x1a5/0x480 [ 50.492279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.492912] kthread+0x337/0x6f0 [ 50.493105] ret_from_fork+0x116/0x1d0 [ 50.493281] ret_from_fork_asm+0x1a/0x30 [ 50.493695] [ 50.493795] freed by task 352 on cpu 0 at 50.467693s (0.026099s ago): [ 50.494187] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 50.494438] kunit_try_run_case+0x1a5/0x480 [ 50.494646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.494894] kthread+0x337/0x6f0 [ 50.495070] ret_from_fork+0x116/0x1d0 [ 50.495227] ret_from_fork_asm+0x1a/0x30 [ 50.495421] [ 50.495553] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.495997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.496181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.496571] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.419539] ================================================================== [ 25.420004] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 25.420004] [ 25.420298] Invalid read at 0x(____ptrval____): [ 25.420905] test_invalid_access+0xf0/0x210 [ 25.421342] kunit_try_run_case+0x1a5/0x480 [ 25.422085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.422890] kthread+0x337/0x6f0 [ 25.423304] ret_from_fork+0x116/0x1d0 [ 25.423802] ret_from_fork_asm+0x1a/0x30 [ 25.424058] [ 25.424177] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 25.424548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.424767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.425132] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.195820] ================================================================== [ 25.196232] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.196232] [ 25.196654] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 25.197205] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.197469] kunit_try_run_case+0x1a5/0x480 [ 25.197686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.197892] kthread+0x337/0x6f0 [ 25.198056] ret_from_fork+0x116/0x1d0 [ 25.198252] ret_from_fork_asm+0x1a/0x30 [ 25.198459] [ 25.198561] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.198561] [ 25.198951] allocated by task 342 on cpu 1 at 25.195549s (0.003399s ago): [ 25.199237] test_alloc+0x364/0x10f0 [ 25.199370] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 25.199860] kunit_try_run_case+0x1a5/0x480 [ 25.200058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.200236] kthread+0x337/0x6f0 [ 25.200373] ret_from_fork+0x116/0x1d0 [ 25.200559] ret_from_fork_asm+0x1a/0x30 [ 25.200856] [ 25.200935] freed by task 342 on cpu 1 at 25.195687s (0.005246s ago): [ 25.201174] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 25.201426] kunit_try_run_case+0x1a5/0x480 [ 25.201644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.201833] kthread+0x337/0x6f0 [ 25.201954] ret_from_fork+0x116/0x1d0 [ 25.202146] ret_from_fork_asm+0x1a/0x30 [ 25.202350] [ 25.202480] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 25.202979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.203151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.203503] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.675820] ================================================================== [ 24.676344] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.676344] [ 24.677110] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#134): [ 24.677408] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.678157] kunit_try_run_case+0x1a5/0x480 [ 24.678378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.678656] kthread+0x337/0x6f0 [ 24.678873] ret_from_fork+0x116/0x1d0 [ 24.679025] ret_from_fork_asm+0x1a/0x30 [ 24.679233] [ 24.679339] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.679339] [ 24.679660] allocated by task 340 on cpu 0 at 24.675585s (0.004074s ago): [ 24.680012] test_alloc+0x364/0x10f0 [ 24.680179] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.680395] kunit_try_run_case+0x1a5/0x480 [ 24.680691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.680928] kthread+0x337/0x6f0 [ 24.681089] ret_from_fork+0x116/0x1d0 [ 24.681255] ret_from_fork_asm+0x1a/0x30 [ 24.681440] [ 24.681549] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.681918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.682108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.682513] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.267751] ================================================================== [ 19.268179] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.268179] [ 19.268624] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 19.269215] test_corruption+0x131/0x3e0 [ 19.269407] kunit_try_run_case+0x1a5/0x480 [ 19.269640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.269919] kthread+0x337/0x6f0 [ 19.270051] ret_from_fork+0x116/0x1d0 [ 19.270192] ret_from_fork_asm+0x1a/0x30 [ 19.270396] [ 19.270494] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.270494] [ 19.270907] allocated by task 330 on cpu 1 at 19.267630s (0.003275s ago): [ 19.271196] test_alloc+0x2a6/0x10f0 [ 19.271380] test_corruption+0xe6/0x3e0 [ 19.271631] kunit_try_run_case+0x1a5/0x480 [ 19.271851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.272088] kthread+0x337/0x6f0 [ 19.272264] ret_from_fork+0x116/0x1d0 [ 19.272418] ret_from_fork_asm+0x1a/0x30 [ 19.272561] [ 19.272637] freed by task 330 on cpu 1 at 19.267677s (0.004958s ago): [ 19.272935] test_corruption+0x131/0x3e0 [ 19.273201] kunit_try_run_case+0x1a5/0x480 [ 19.273403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.273636] kthread+0x337/0x6f0 [ 19.273770] ret_from_fork+0x116/0x1d0 [ 19.273936] ret_from_fork_asm+0x1a/0x30 [ 19.274145] [ 19.274268] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.274855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.275033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.275400] ================================================================== [ 18.851833] ================================================================== [ 18.852277] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.852277] [ 18.852645] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 18.853254] test_corruption+0x2d2/0x3e0 [ 18.853415] kunit_try_run_case+0x1a5/0x480 [ 18.853645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.853878] kthread+0x337/0x6f0 [ 18.854010] ret_from_fork+0x116/0x1d0 [ 18.854204] ret_from_fork_asm+0x1a/0x30 [ 18.854414] [ 18.854542] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.854542] [ 18.854898] allocated by task 328 on cpu 1 at 18.851645s (0.003251s ago): [ 18.855228] test_alloc+0x364/0x10f0 [ 18.855393] test_corruption+0xe6/0x3e0 [ 18.855603] kunit_try_run_case+0x1a5/0x480 [ 18.855827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.856056] kthread+0x337/0x6f0 [ 18.856199] ret_from_fork+0x116/0x1d0 [ 18.856368] ret_from_fork_asm+0x1a/0x30 [ 18.856510] [ 18.856611] freed by task 328 on cpu 1 at 18.851745s (0.004864s ago): [ 18.857067] test_corruption+0x2d2/0x3e0 [ 18.857286] kunit_try_run_case+0x1a5/0x480 [ 18.857436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.857613] kthread+0x337/0x6f0 [ 18.857924] ret_from_fork+0x116/0x1d0 [ 18.858121] ret_from_fork_asm+0x1a/0x30 [ 18.858309] [ 18.858411] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.858739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.858962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.859370] ================================================================== [ 18.955917] ================================================================== [ 18.956293] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.956293] [ 18.956804] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#79): [ 18.957191] test_corruption+0x2df/0x3e0 [ 18.957356] kunit_try_run_case+0x1a5/0x480 [ 18.957681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.957952] kthread+0x337/0x6f0 [ 18.958080] ret_from_fork+0x116/0x1d0 [ 18.958273] ret_from_fork_asm+0x1a/0x30 [ 18.958472] [ 18.958555] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.958555] [ 18.958905] allocated by task 328 on cpu 1 at 18.955661s (0.003242s ago): [ 18.959217] test_alloc+0x364/0x10f0 [ 18.959404] test_corruption+0x1cb/0x3e0 [ 18.959604] kunit_try_run_case+0x1a5/0x480 [ 18.959752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.960023] kthread+0x337/0x6f0 [ 18.960201] ret_from_fork+0x116/0x1d0 [ 18.960375] ret_from_fork_asm+0x1a/0x30 [ 18.960564] [ 18.960639] freed by task 328 on cpu 1 at 18.955766s (0.004871s ago): [ 18.960959] test_corruption+0x2df/0x3e0 [ 18.961104] kunit_try_run_case+0x1a5/0x480 [ 18.961259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.961449] kthread+0x337/0x6f0 [ 18.961678] ret_from_fork+0x116/0x1d0 [ 18.961874] ret_from_fork_asm+0x1a/0x30 [ 18.962134] [ 18.962225] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.962686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.962904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.963312] ================================================================== [ 19.579780] ================================================================== [ 19.580176] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.580176] [ 19.580636] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.580978] test_corruption+0x216/0x3e0 [ 19.581167] kunit_try_run_case+0x1a5/0x480 [ 19.581388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.581717] kthread+0x337/0x6f0 [ 19.581891] ret_from_fork+0x116/0x1d0 [ 19.582061] ret_from_fork_asm+0x1a/0x30 [ 19.582279] [ 19.582387] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.582387] [ 19.582771] allocated by task 330 on cpu 1 at 19.579655s (0.003114s ago): [ 19.583042] test_alloc+0x2a6/0x10f0 [ 19.583228] test_corruption+0x1cb/0x3e0 [ 19.583410] kunit_try_run_case+0x1a5/0x480 [ 19.583615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.583879] kthread+0x337/0x6f0 [ 19.584044] ret_from_fork+0x116/0x1d0 [ 19.584228] ret_from_fork_asm+0x1a/0x30 [ 19.584371] [ 19.584459] freed by task 330 on cpu 1 at 19.579696s (0.004761s ago): [ 19.584778] test_corruption+0x216/0x3e0 [ 19.584979] kunit_try_run_case+0x1a5/0x480 [ 19.585147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.585325] kthread+0x337/0x6f0 [ 19.585449] ret_from_fork+0x116/0x1d0 [ 19.585816] ret_from_fork_asm+0x1a/0x30 [ 19.586019] [ 19.586139] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.586692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.586868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.587232] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.435794] ================================================================== [ 18.436188] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.436188] [ 18.436622] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.436909] test_invalid_addr_free+0x1e1/0x260 [ 18.437076] kunit_try_run_case+0x1a5/0x480 [ 18.437294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.437552] kthread+0x337/0x6f0 [ 18.437736] ret_from_fork+0x116/0x1d0 [ 18.437932] ret_from_fork_asm+0x1a/0x30 [ 18.438108] [ 18.438206] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.438206] [ 18.438605] allocated by task 324 on cpu 1 at 18.435660s (0.002943s ago): [ 18.438909] test_alloc+0x364/0x10f0 [ 18.439088] test_invalid_addr_free+0xdb/0x260 [ 18.439277] kunit_try_run_case+0x1a5/0x480 [ 18.439479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.439703] kthread+0x337/0x6f0 [ 18.439881] ret_from_fork+0x116/0x1d0 [ 18.440052] ret_from_fork_asm+0x1a/0x30 [ 18.440238] [ 18.440339] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.440798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.440979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.441325] ================================================================== [ 18.539811] ================================================================== [ 18.540165] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.540165] [ 18.540731] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.541298] test_invalid_addr_free+0xfb/0x260 [ 18.541679] kunit_try_run_case+0x1a5/0x480 [ 18.541850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.542026] kthread+0x337/0x6f0 [ 18.542150] ret_from_fork+0x116/0x1d0 [ 18.542284] ret_from_fork_asm+0x1a/0x30 [ 18.542429] [ 18.542627] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.542627] [ 18.543475] allocated by task 326 on cpu 0 at 18.539694s (0.003779s ago): [ 18.544007] test_alloc+0x2a6/0x10f0 [ 18.544183] test_invalid_addr_free+0xdb/0x260 [ 18.544412] kunit_try_run_case+0x1a5/0x480 [ 18.544591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.544945] kthread+0x337/0x6f0 [ 18.545144] ret_from_fork+0x116/0x1d0 [ 18.545327] ret_from_fork_asm+0x1a/0x30 [ 18.545586] [ 18.545690] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.546149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.546350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.546753] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.331828] ================================================================== [ 18.332229] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.332229] [ 18.332599] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.333207] test_double_free+0x112/0x260 [ 18.333409] kunit_try_run_case+0x1a5/0x480 [ 18.333837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.334301] kthread+0x337/0x6f0 [ 18.334677] ret_from_fork+0x116/0x1d0 [ 18.334879] ret_from_fork_asm+0x1a/0x30 [ 18.335035] [ 18.335136] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.335136] [ 18.335794] allocated by task 322 on cpu 0 at 18.331656s (0.004135s ago): [ 18.336256] test_alloc+0x2a6/0x10f0 [ 18.336514] test_double_free+0xdb/0x260 [ 18.336811] kunit_try_run_case+0x1a5/0x480 [ 18.337032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.337410] kthread+0x337/0x6f0 [ 18.337640] ret_from_fork+0x116/0x1d0 [ 18.337989] ret_from_fork_asm+0x1a/0x30 [ 18.338199] [ 18.338463] freed by task 322 on cpu 0 at 18.331701s (0.006760s ago): [ 18.338908] test_double_free+0xfa/0x260 [ 18.339110] kunit_try_run_case+0x1a5/0x480 [ 18.339461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.339810] kthread+0x337/0x6f0 [ 18.339991] ret_from_fork+0x116/0x1d0 [ 18.340274] ret_from_fork_asm+0x1a/0x30 [ 18.340613] [ 18.340770] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.341365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.341677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.342044] ================================================================== [ 18.227811] ================================================================== [ 18.228232] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.228232] [ 18.228645] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.228965] test_double_free+0x1d3/0x260 [ 18.229169] kunit_try_run_case+0x1a5/0x480 [ 18.229325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.229848] kthread+0x337/0x6f0 [ 18.230001] ret_from_fork+0x116/0x1d0 [ 18.230208] ret_from_fork_asm+0x1a/0x30 [ 18.230385] [ 18.230489] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.230489] [ 18.230989] allocated by task 320 on cpu 0 at 18.227594s (0.003393s ago): [ 18.231294] test_alloc+0x364/0x10f0 [ 18.231426] test_double_free+0xdb/0x260 [ 18.231562] kunit_try_run_case+0x1a5/0x480 [ 18.231705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.232123] kthread+0x337/0x6f0 [ 18.232290] ret_from_fork+0x116/0x1d0 [ 18.232845] ret_from_fork_asm+0x1a/0x30 [ 18.233162] [ 18.233377] freed by task 320 on cpu 0 at 18.227646s (0.005729s ago): [ 18.233647] test_double_free+0x1e0/0x260 [ 18.233867] kunit_try_run_case+0x1a5/0x480 [ 18.234036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.234293] kthread+0x337/0x6f0 [ 18.234439] ret_from_fork+0x116/0x1d0 [ 18.234596] ret_from_fork_asm+0x1a/0x30 [ 18.234851] [ 18.234962] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.235367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.235597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.235939] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.915811] ================================================================== [ 17.916209] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.916209] [ 17.916681] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.916980] test_use_after_free_read+0x129/0x270 [ 17.917211] kunit_try_run_case+0x1a5/0x480 [ 17.917397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.917729] kthread+0x337/0x6f0 [ 17.917916] ret_from_fork+0x116/0x1d0 [ 17.918054] ret_from_fork_asm+0x1a/0x30 [ 17.918218] [ 17.918316] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.918316] [ 17.918799] allocated by task 314 on cpu 1 at 17.915664s (0.003133s ago): [ 17.919097] test_alloc+0x2a6/0x10f0 [ 17.919231] test_use_after_free_read+0xdc/0x270 [ 17.919459] kunit_try_run_case+0x1a5/0x480 [ 17.919744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.919974] kthread+0x337/0x6f0 [ 17.920150] ret_from_fork+0x116/0x1d0 [ 17.920309] ret_from_fork_asm+0x1a/0x30 [ 17.920526] [ 17.920620] freed by task 314 on cpu 1 at 17.915722s (0.004896s ago): [ 17.920876] test_use_after_free_read+0xfb/0x270 [ 17.921061] kunit_try_run_case+0x1a5/0x480 [ 17.921271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.921528] kthread+0x337/0x6f0 [ 17.921702] ret_from_fork+0x116/0x1d0 [ 17.921871] ret_from_fork_asm+0x1a/0x30 [ 17.922036] [ 17.922158] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.922597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.922736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.923124] ================================================================== [ 17.811836] ================================================================== [ 17.812355] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.812355] [ 17.812958] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 17.813222] test_use_after_free_read+0x129/0x270 [ 17.813482] kunit_try_run_case+0x1a5/0x480 [ 17.813779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.814028] kthread+0x337/0x6f0 [ 17.814155] ret_from_fork+0x116/0x1d0 [ 17.814352] ret_from_fork_asm+0x1a/0x30 [ 17.814648] [ 17.814768] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.814768] [ 17.815171] allocated by task 312 on cpu 1 at 17.811610s (0.003559s ago): [ 17.815524] test_alloc+0x364/0x10f0 [ 17.815906] test_use_after_free_read+0xdc/0x270 [ 17.816079] kunit_try_run_case+0x1a5/0x480 [ 17.816277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.816922] kthread+0x337/0x6f0 [ 17.817159] ret_from_fork+0x116/0x1d0 [ 17.817440] ret_from_fork_asm+0x1a/0x30 [ 17.817658] [ 17.817745] freed by task 312 on cpu 1 at 17.811666s (0.006077s ago): [ 17.818044] test_use_after_free_read+0x1e7/0x270 [ 17.818266] kunit_try_run_case+0x1a5/0x480 [ 17.818465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.818695] kthread+0x337/0x6f0 [ 17.818873] ret_from_fork+0x116/0x1d0 [ 17.819066] ret_from_fork_asm+0x1a/0x30 [ 17.819243] [ 17.819346] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.819774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.819961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.820345] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.603777] ================================================================== [ 17.604194] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.604194] [ 17.604645] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 17.604981] test_out_of_bounds_write+0x10d/0x260 [ 17.605212] kunit_try_run_case+0x1a5/0x480 [ 17.605367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.605712] kthread+0x337/0x6f0 [ 17.605868] ret_from_fork+0x116/0x1d0 [ 17.606110] ret_from_fork_asm+0x1a/0x30 [ 17.606320] [ 17.606431] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.606431] [ 17.606817] allocated by task 308 on cpu 1 at 17.603630s (0.003184s ago): [ 17.607118] test_alloc+0x364/0x10f0 [ 17.607264] test_out_of_bounds_write+0xd4/0x260 [ 17.607510] kunit_try_run_case+0x1a5/0x480 [ 17.607664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.607854] kthread+0x337/0x6f0 [ 17.608025] ret_from_fork+0x116/0x1d0 [ 17.608219] ret_from_fork_asm+0x1a/0x30 [ 17.608418] [ 17.608582] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.608927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.609139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.609648] ================================================================== [ 17.707769] ================================================================== [ 17.708157] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.708157] [ 17.708655] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.708935] test_out_of_bounds_write+0x10d/0x260 [ 17.709637] kunit_try_run_case+0x1a5/0x480 [ 17.709815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.710086] kthread+0x337/0x6f0 [ 17.710249] ret_from_fork+0x116/0x1d0 [ 17.710774] ret_from_fork_asm+0x1a/0x30 [ 17.710985] [ 17.711069] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.711069] [ 17.711580] allocated by task 310 on cpu 0 at 17.707697s (0.003880s ago): [ 17.712060] test_alloc+0x2a6/0x10f0 [ 17.712234] test_out_of_bounds_write+0xd4/0x260 [ 17.712599] kunit_try_run_case+0x1a5/0x480 [ 17.712818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.713052] kthread+0x337/0x6f0 [ 17.713213] ret_from_fork+0x116/0x1d0 [ 17.713383] ret_from_fork_asm+0x1a/0x30 [ 17.713795] [ 17.714080] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.714565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.714842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.715306] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.291650] ================================================================== [ 17.292051] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.292051] [ 17.292425] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.292852] test_out_of_bounds_read+0x216/0x4e0 [ 17.293020] kunit_try_run_case+0x1a5/0x480 [ 17.293234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.293493] kthread+0x337/0x6f0 [ 17.293682] ret_from_fork+0x116/0x1d0 [ 17.293904] ret_from_fork_asm+0x1a/0x30 [ 17.294085] [ 17.294178] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.294178] [ 17.294595] allocated by task 306 on cpu 1 at 17.291598s (0.002994s ago): [ 17.294861] test_alloc+0x2a6/0x10f0 [ 17.295051] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.295258] kunit_try_run_case+0x1a5/0x480 [ 17.295425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.295658] kthread+0x337/0x6f0 [ 17.295846] ret_from_fork+0x116/0x1d0 [ 17.296042] ret_from_fork_asm+0x1a/0x30 [ 17.296248] [ 17.296354] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.296724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.296952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.297338] ================================================================== [ 17.187748] ================================================================== [ 17.188162] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.188162] [ 17.188637] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 17.188987] test_out_of_bounds_read+0x126/0x4e0 [ 17.189186] kunit_try_run_case+0x1a5/0x480 [ 17.189371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.189746] kthread+0x337/0x6f0 [ 17.189890] ret_from_fork+0x116/0x1d0 [ 17.190095] ret_from_fork_asm+0x1a/0x30 [ 17.190300] [ 17.190406] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.190406] [ 17.190695] allocated by task 306 on cpu 1 at 17.187683s (0.003011s ago): [ 17.191094] test_alloc+0x2a6/0x10f0 [ 17.191279] test_out_of_bounds_read+0xed/0x4e0 [ 17.191512] kunit_try_run_case+0x1a5/0x480 [ 17.191684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.191947] kthread+0x337/0x6f0 [ 17.192106] ret_from_fork+0x116/0x1d0 [ 17.192284] ret_from_fork_asm+0x1a/0x30 [ 17.192467] [ 17.192594] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.193040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.193179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.193561] ================================================================== [ 16.980614] ================================================================== [ 16.981093] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.981093] [ 16.981596] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 16.981895] test_out_of_bounds_read+0x126/0x4e0 [ 16.982146] kunit_try_run_case+0x1a5/0x480 [ 16.982350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.982577] kthread+0x337/0x6f0 [ 16.982771] ret_from_fork+0x116/0x1d0 [ 16.982969] ret_from_fork_asm+0x1a/0x30 [ 16.983127] [ 16.983213] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.983213] [ 16.983625] allocated by task 304 on cpu 0 at 16.979688s (0.003935s ago): [ 16.983984] test_alloc+0x364/0x10f0 [ 16.984171] test_out_of_bounds_read+0xed/0x4e0 [ 16.984354] kunit_try_run_case+0x1a5/0x480 [ 16.984643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.984965] kthread+0x337/0x6f0 [ 16.985121] ret_from_fork+0x116/0x1d0 [ 16.985278] ret_from_fork_asm+0x1a/0x30 [ 16.985438] [ 16.985560] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.986049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.986190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.986762] ================================================================== [ 17.083832] ================================================================== [ 17.084225] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.084225] [ 17.084712] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 17.085028] test_out_of_bounds_read+0x216/0x4e0 [ 17.085226] kunit_try_run_case+0x1a5/0x480 [ 17.085457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.085723] kthread+0x337/0x6f0 [ 17.085883] ret_from_fork+0x116/0x1d0 [ 17.086034] ret_from_fork_asm+0x1a/0x30 [ 17.086235] [ 17.086332] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.086332] [ 17.086740] allocated by task 304 on cpu 0 at 17.083651s (0.003087s ago): [ 17.087087] test_alloc+0x364/0x10f0 [ 17.087243] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.087400] kunit_try_run_case+0x1a5/0x480 [ 17.087820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.088057] kthread+0x337/0x6f0 [ 17.088221] ret_from_fork+0x116/0x1d0 [ 17.088382] ret_from_fork_asm+0x1a/0x30 [ 17.088522] [ 17.088615] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.089101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.089315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.089684] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 12.018098] ================================================================== [ 12.019404] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 12.019404] [ 12.019919] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#30): [ 12.020817] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.021043] kunit_try_run_case+0x1a5/0x480 [ 12.021256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.021658] kthread+0x337/0x6f0 [ 12.021819] ret_from_fork+0x116/0x1d0 [ 12.021998] ret_from_fork_asm+0x1a/0x30 [ 12.022212] [ 12.022458] kfence-#30: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.022458] [ 12.022970] allocated by task 159 on cpu 0 at 12.016109s (0.006803s ago): [ 12.023321] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.023548] kunit_try_run_case+0x1a5/0x480 [ 12.023901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024135] kthread+0x337/0x6f0 [ 12.024268] ret_from_fork+0x116/0x1d0 [ 12.024413] ret_from_fork_asm+0x1a/0x30 [ 12.024673] [ 12.024875] freed by task 159 on cpu 0 at 12.017420s (0.007384s ago): [ 12.025164] kmalloc_track_caller_oob_right+0x288/0x520 [ 12.025392] kunit_try_run_case+0x1a5/0x480 [ 12.025630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.025830] kthread+0x337/0x6f0 [ 12.025973] ret_from_fork+0x116/0x1d0 [ 12.026158] ret_from_fork_asm+0x1a/0x30 [ 12.026379] [ 12.026544] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.026945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.027147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.027528] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.644081] ================================================================== [ 16.644503] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.644917] Write of size 1 at addr ffff8881038e2978 by task kunit_try_catch/302 [ 16.645227] [ 16.645419] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.645494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.645507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.645538] Call Trace: [ 16.645552] <TASK> [ 16.645566] dump_stack_lvl+0x73/0xb0 [ 16.645595] print_report+0xd1/0x610 [ 16.645618] ? __virt_addr_valid+0x1db/0x2d0 [ 16.645642] ? strncpy_from_user+0x1a5/0x1d0 [ 16.645667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.645775] ? strncpy_from_user+0x1a5/0x1d0 [ 16.645802] kasan_report+0x141/0x180 [ 16.645826] ? strncpy_from_user+0x1a5/0x1d0 [ 16.645856] __asan_report_store1_noabort+0x1b/0x30 [ 16.645882] strncpy_from_user+0x1a5/0x1d0 [ 16.645910] copy_user_test_oob+0x760/0x10f0 [ 16.645938] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.645964] ? finish_task_switch.isra.0+0x153/0x700 [ 16.645988] ? __switch_to+0x47/0xf50 [ 16.646014] ? __schedule+0x10cc/0x2b60 [ 16.646038] ? __pfx_read_tsc+0x10/0x10 [ 16.646060] ? ktime_get_ts64+0x86/0x230 [ 16.646085] kunit_try_run_case+0x1a5/0x480 [ 16.646112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.646137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.646162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.646188] ? __kthread_parkme+0x82/0x180 [ 16.646211] ? preempt_count_sub+0x50/0x80 [ 16.646236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.646263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.646291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.646319] kthread+0x337/0x6f0 [ 16.646340] ? trace_preempt_on+0x20/0xc0 [ 16.646365] ? __pfx_kthread+0x10/0x10 [ 16.646392] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.646415] ? calculate_sigpending+0x7b/0xa0 [ 16.646454] ? __pfx_kthread+0x10/0x10 [ 16.646478] ret_from_fork+0x116/0x1d0 [ 16.646497] ? __pfx_kthread+0x10/0x10 [ 16.646518] ret_from_fork_asm+0x1a/0x30 [ 16.646551] </TASK> [ 16.646561] [ 16.654983] Allocated by task 302: [ 16.655166] kasan_save_stack+0x45/0x70 [ 16.655370] kasan_save_track+0x18/0x40 [ 16.655694] kasan_save_alloc_info+0x3b/0x50 [ 16.656034] __kasan_kmalloc+0xb7/0xc0 [ 16.656217] __kmalloc_noprof+0x1c9/0x500 [ 16.656359] kunit_kmalloc_array+0x25/0x60 [ 16.656502] copy_user_test_oob+0xab/0x10f0 [ 16.656895] kunit_try_run_case+0x1a5/0x480 [ 16.657143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.657400] kthread+0x337/0x6f0 [ 16.657691] ret_from_fork+0x116/0x1d0 [ 16.657870] ret_from_fork_asm+0x1a/0x30 [ 16.658159] [ 16.658231] The buggy address belongs to the object at ffff8881038e2900 [ 16.658231] which belongs to the cache kmalloc-128 of size 128 [ 16.659079] The buggy address is located 0 bytes to the right of [ 16.659079] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.659707] [ 16.659910] The buggy address belongs to the physical page: [ 16.660170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.660610] flags: 0x200000000000000(node=0|zone=2) [ 16.660781] page_type: f5(slab) [ 16.660950] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.661446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.661893] page dumped because: kasan: bad access detected [ 16.662089] [ 16.662185] Memory state around the buggy address: [ 16.662523] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.662849] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.663172] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.663582] ^ [ 16.663883] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.664210] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.664594] ================================================================== [ 16.622819] ================================================================== [ 16.623205] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.623548] Write of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.624035] [ 16.624213] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.624261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.624274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.624297] Call Trace: [ 16.624313] <TASK> [ 16.624331] dump_stack_lvl+0x73/0xb0 [ 16.624360] print_report+0xd1/0x610 [ 16.624384] ? __virt_addr_valid+0x1db/0x2d0 [ 16.624408] ? strncpy_from_user+0x2e/0x1d0 [ 16.624433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.624517] ? strncpy_from_user+0x2e/0x1d0 [ 16.624545] kasan_report+0x141/0x180 [ 16.624568] ? strncpy_from_user+0x2e/0x1d0 [ 16.624610] kasan_check_range+0x10c/0x1c0 [ 16.624636] __kasan_check_write+0x18/0x20 [ 16.624657] strncpy_from_user+0x2e/0x1d0 [ 16.624681] ? __kasan_check_read+0x15/0x20 [ 16.624704] copy_user_test_oob+0x760/0x10f0 [ 16.624776] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.624837] ? finish_task_switch.isra.0+0x153/0x700 [ 16.624863] ? __switch_to+0x47/0xf50 [ 16.624890] ? __schedule+0x10cc/0x2b60 [ 16.624913] ? __pfx_read_tsc+0x10/0x10 [ 16.624935] ? ktime_get_ts64+0x86/0x230 [ 16.624960] kunit_try_run_case+0x1a5/0x480 [ 16.624988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.625013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.625039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.625065] ? __kthread_parkme+0x82/0x180 [ 16.625087] ? preempt_count_sub+0x50/0x80 [ 16.625112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.625138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.625165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.625193] kthread+0x337/0x6f0 [ 16.625214] ? trace_preempt_on+0x20/0xc0 [ 16.625239] ? __pfx_kthread+0x10/0x10 [ 16.625262] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.625284] ? calculate_sigpending+0x7b/0xa0 [ 16.625310] ? __pfx_kthread+0x10/0x10 [ 16.625333] ret_from_fork+0x116/0x1d0 [ 16.625352] ? __pfx_kthread+0x10/0x10 [ 16.625374] ret_from_fork_asm+0x1a/0x30 [ 16.625406] </TASK> [ 16.625418] [ 16.634270] Allocated by task 302: [ 16.634442] kasan_save_stack+0x45/0x70 [ 16.634857] kasan_save_track+0x18/0x40 [ 16.635215] kasan_save_alloc_info+0x3b/0x50 [ 16.635429] __kasan_kmalloc+0xb7/0xc0 [ 16.635687] __kmalloc_noprof+0x1c9/0x500 [ 16.635945] kunit_kmalloc_array+0x25/0x60 [ 16.636092] copy_user_test_oob+0xab/0x10f0 [ 16.636240] kunit_try_run_case+0x1a5/0x480 [ 16.636455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636913] kthread+0x337/0x6f0 [ 16.637089] ret_from_fork+0x116/0x1d0 [ 16.637316] ret_from_fork_asm+0x1a/0x30 [ 16.637499] [ 16.637597] The buggy address belongs to the object at ffff8881038e2900 [ 16.637597] which belongs to the cache kmalloc-128 of size 128 [ 16.638081] The buggy address is located 0 bytes inside of [ 16.638081] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.638799] [ 16.638899] The buggy address belongs to the physical page: [ 16.639199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.639525] flags: 0x200000000000000(node=0|zone=2) [ 16.639743] page_type: f5(slab) [ 16.639925] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.640391] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.640794] page dumped because: kasan: bad access detected [ 16.641018] [ 16.641152] Memory state around the buggy address: [ 16.641394] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.641681] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.642012] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.642293] ^ [ 16.642839] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643104] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643474] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.560649] ================================================================== [ 16.560915] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.561145] Read of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.561692] [ 16.561875] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.561944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.561958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.561978] Call Trace: [ 16.562009] <TASK> [ 16.562023] dump_stack_lvl+0x73/0xb0 [ 16.562068] print_report+0xd1/0x610 [ 16.562106] ? __virt_addr_valid+0x1db/0x2d0 [ 16.562144] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.562183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.562235] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.562261] kasan_report+0x141/0x180 [ 16.562298] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.562342] kasan_check_range+0x10c/0x1c0 [ 16.562368] __kasan_check_read+0x15/0x20 [ 16.562395] copy_user_test_oob+0x4aa/0x10f0 [ 16.562424] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.562450] ? finish_task_switch.isra.0+0x153/0x700 [ 16.562474] ? __switch_to+0x47/0xf50 [ 16.562501] ? __schedule+0x10cc/0x2b60 [ 16.562524] ? __pfx_read_tsc+0x10/0x10 [ 16.562546] ? ktime_get_ts64+0x86/0x230 [ 16.562578] kunit_try_run_case+0x1a5/0x480 [ 16.562604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.562630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.562655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.562681] ? __kthread_parkme+0x82/0x180 [ 16.562704] ? preempt_count_sub+0x50/0x80 [ 16.562729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.562766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.562794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.562821] kthread+0x337/0x6f0 [ 16.562842] ? trace_preempt_on+0x20/0xc0 [ 16.562866] ? __pfx_kthread+0x10/0x10 [ 16.562888] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.562912] ? calculate_sigpending+0x7b/0xa0 [ 16.562937] ? __pfx_kthread+0x10/0x10 [ 16.562960] ret_from_fork+0x116/0x1d0 [ 16.562980] ? __pfx_kthread+0x10/0x10 [ 16.563002] ret_from_fork_asm+0x1a/0x30 [ 16.563033] </TASK> [ 16.563043] [ 16.571002] Allocated by task 302: [ 16.571194] kasan_save_stack+0x45/0x70 [ 16.571417] kasan_save_track+0x18/0x40 [ 16.571609] kasan_save_alloc_info+0x3b/0x50 [ 16.571842] __kasan_kmalloc+0xb7/0xc0 [ 16.572001] __kmalloc_noprof+0x1c9/0x500 [ 16.572143] kunit_kmalloc_array+0x25/0x60 [ 16.572292] copy_user_test_oob+0xab/0x10f0 [ 16.572543] kunit_try_run_case+0x1a5/0x480 [ 16.572771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.573032] kthread+0x337/0x6f0 [ 16.573201] ret_from_fork+0x116/0x1d0 [ 16.573425] ret_from_fork_asm+0x1a/0x30 [ 16.573683] [ 16.573804] The buggy address belongs to the object at ffff8881038e2900 [ 16.573804] which belongs to the cache kmalloc-128 of size 128 [ 16.574172] The buggy address is located 0 bytes inside of [ 16.574172] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.574700] [ 16.574836] The buggy address belongs to the physical page: [ 16.575076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.575316] flags: 0x200000000000000(node=0|zone=2) [ 16.575479] page_type: f5(slab) [ 16.575601] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.575993] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.576337] page dumped because: kasan: bad access detected [ 16.576729] [ 16.576833] Memory state around the buggy address: [ 16.577021] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.577239] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577489] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.577855] ^ [ 16.578269] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.578942] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579284] ================================================================== [ 16.601671] ================================================================== [ 16.602000] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.602398] Read of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.602830] [ 16.602914] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.602955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.602968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.603039] Call Trace: [ 16.603055] <TASK> [ 16.603070] dump_stack_lvl+0x73/0xb0 [ 16.603159] print_report+0xd1/0x610 [ 16.603195] ? __virt_addr_valid+0x1db/0x2d0 [ 16.603218] ? copy_user_test_oob+0x604/0x10f0 [ 16.603246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.603272] ? copy_user_test_oob+0x604/0x10f0 [ 16.603297] kasan_report+0x141/0x180 [ 16.603320] ? copy_user_test_oob+0x604/0x10f0 [ 16.603351] kasan_check_range+0x10c/0x1c0 [ 16.603377] __kasan_check_read+0x15/0x20 [ 16.603398] copy_user_test_oob+0x604/0x10f0 [ 16.603465] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.603490] ? finish_task_switch.isra.0+0x153/0x700 [ 16.603531] ? __switch_to+0x47/0xf50 [ 16.603558] ? __schedule+0x10cc/0x2b60 [ 16.603624] ? __pfx_read_tsc+0x10/0x10 [ 16.603647] ? ktime_get_ts64+0x86/0x230 [ 16.603682] kunit_try_run_case+0x1a5/0x480 [ 16.603710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.603734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.603769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.603796] ? __kthread_parkme+0x82/0x180 [ 16.603818] ? preempt_count_sub+0x50/0x80 [ 16.603842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.603869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.603895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.603922] kthread+0x337/0x6f0 [ 16.603943] ? trace_preempt_on+0x20/0xc0 [ 16.603967] ? __pfx_kthread+0x10/0x10 [ 16.603989] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.604013] ? calculate_sigpending+0x7b/0xa0 [ 16.604039] ? __pfx_kthread+0x10/0x10 [ 16.604062] ret_from_fork+0x116/0x1d0 [ 16.604082] ? __pfx_kthread+0x10/0x10 [ 16.604103] ret_from_fork_asm+0x1a/0x30 [ 16.604135] </TASK> [ 16.604146] [ 16.612921] Allocated by task 302: [ 16.613144] kasan_save_stack+0x45/0x70 [ 16.613443] kasan_save_track+0x18/0x40 [ 16.613807] kasan_save_alloc_info+0x3b/0x50 [ 16.614078] __kasan_kmalloc+0xb7/0xc0 [ 16.614214] __kmalloc_noprof+0x1c9/0x500 [ 16.614351] kunit_kmalloc_array+0x25/0x60 [ 16.614669] copy_user_test_oob+0xab/0x10f0 [ 16.615084] kunit_try_run_case+0x1a5/0x480 [ 16.615291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.615555] kthread+0x337/0x6f0 [ 16.615809] ret_from_fork+0x116/0x1d0 [ 16.615989] ret_from_fork_asm+0x1a/0x30 [ 16.616256] [ 16.616353] The buggy address belongs to the object at ffff8881038e2900 [ 16.616353] which belongs to the cache kmalloc-128 of size 128 [ 16.616828] The buggy address is located 0 bytes inside of [ 16.616828] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.617294] [ 16.617394] The buggy address belongs to the physical page: [ 16.617692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.617936] flags: 0x200000000000000(node=0|zone=2) [ 16.618172] page_type: f5(slab) [ 16.618342] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.618875] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.619234] page dumped because: kasan: bad access detected [ 16.619555] [ 16.619643] Memory state around the buggy address: [ 16.619930] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.620208] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620640] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.620907] ^ [ 16.621357] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621717] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.622093] ================================================================== [ 16.579682] ================================================================== [ 16.580204] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.580739] Write of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.581133] [ 16.581346] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.581444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.581458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.581480] Call Trace: [ 16.581495] <TASK> [ 16.581510] dump_stack_lvl+0x73/0xb0 [ 16.581540] print_report+0xd1/0x610 [ 16.581563] ? __virt_addr_valid+0x1db/0x2d0 [ 16.581587] ? copy_user_test_oob+0x557/0x10f0 [ 16.581613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.581638] ? copy_user_test_oob+0x557/0x10f0 [ 16.581663] kasan_report+0x141/0x180 [ 16.581687] ? copy_user_test_oob+0x557/0x10f0 [ 16.581717] kasan_check_range+0x10c/0x1c0 [ 16.581742] __kasan_check_write+0x18/0x20 [ 16.581775] copy_user_test_oob+0x557/0x10f0 [ 16.581837] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.581862] ? finish_task_switch.isra.0+0x153/0x700 [ 16.581888] ? __switch_to+0x47/0xf50 [ 16.581914] ? __schedule+0x10cc/0x2b60 [ 16.581970] ? __pfx_read_tsc+0x10/0x10 [ 16.581993] ? ktime_get_ts64+0x86/0x230 [ 16.582018] kunit_try_run_case+0x1a5/0x480 [ 16.582045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.582070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.582127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.582154] ? __kthread_parkme+0x82/0x180 [ 16.582177] ? preempt_count_sub+0x50/0x80 [ 16.582202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.582259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.582314] kthread+0x337/0x6f0 [ 16.582335] ? trace_preempt_on+0x20/0xc0 [ 16.582360] ? __pfx_kthread+0x10/0x10 [ 16.582420] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.582445] ? calculate_sigpending+0x7b/0xa0 [ 16.582470] ? __pfx_kthread+0x10/0x10 [ 16.582504] ret_from_fork+0x116/0x1d0 [ 16.582526] ? __pfx_kthread+0x10/0x10 [ 16.582580] ret_from_fork_asm+0x1a/0x30 [ 16.582613] </TASK> [ 16.582625] [ 16.591876] Allocated by task 302: [ 16.592062] kasan_save_stack+0x45/0x70 [ 16.592359] kasan_save_track+0x18/0x40 [ 16.592589] kasan_save_alloc_info+0x3b/0x50 [ 16.592861] __kasan_kmalloc+0xb7/0xc0 [ 16.592996] __kmalloc_noprof+0x1c9/0x500 [ 16.593176] kunit_kmalloc_array+0x25/0x60 [ 16.593489] copy_user_test_oob+0xab/0x10f0 [ 16.593776] kunit_try_run_case+0x1a5/0x480 [ 16.593971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.594191] kthread+0x337/0x6f0 [ 16.594310] ret_from_fork+0x116/0x1d0 [ 16.594616] ret_from_fork_asm+0x1a/0x30 [ 16.594913] [ 16.594987] The buggy address belongs to the object at ffff8881038e2900 [ 16.594987] which belongs to the cache kmalloc-128 of size 128 [ 16.595489] The buggy address is located 0 bytes inside of [ 16.595489] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.596117] [ 16.596273] The buggy address belongs to the physical page: [ 16.596523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.596944] flags: 0x200000000000000(node=0|zone=2) [ 16.597142] page_type: f5(slab) [ 16.597351] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.597780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.598146] page dumped because: kasan: bad access detected [ 16.598359] [ 16.598495] Memory state around the buggy address: [ 16.598773] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.599115] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599398] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.599988] ^ [ 16.600271] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600708] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601007] ================================================================== [ 16.541997] ================================================================== [ 16.542334] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.542672] Write of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.542978] [ 16.543093] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.543139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.543152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.543174] Call Trace: [ 16.543186] <TASK> [ 16.543204] dump_stack_lvl+0x73/0xb0 [ 16.543234] print_report+0xd1/0x610 [ 16.543257] ? __virt_addr_valid+0x1db/0x2d0 [ 16.543282] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.543308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.543333] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.543359] kasan_report+0x141/0x180 [ 16.543382] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.543412] kasan_check_range+0x10c/0x1c0 [ 16.543448] __kasan_check_write+0x18/0x20 [ 16.543470] copy_user_test_oob+0x3fd/0x10f0 [ 16.543498] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.543522] ? finish_task_switch.isra.0+0x153/0x700 [ 16.543548] ? __switch_to+0x47/0xf50 [ 16.543574] ? __schedule+0x10cc/0x2b60 [ 16.543598] ? __pfx_read_tsc+0x10/0x10 [ 16.543620] ? ktime_get_ts64+0x86/0x230 [ 16.543646] kunit_try_run_case+0x1a5/0x480 [ 16.543672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.543697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.543723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.543749] ? __kthread_parkme+0x82/0x180 [ 16.543784] ? preempt_count_sub+0x50/0x80 [ 16.543809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.543836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.543862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.543890] kthread+0x337/0x6f0 [ 16.543911] ? trace_preempt_on+0x20/0xc0 [ 16.543936] ? __pfx_kthread+0x10/0x10 [ 16.543958] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.543982] ? calculate_sigpending+0x7b/0xa0 [ 16.544008] ? __pfx_kthread+0x10/0x10 [ 16.544031] ret_from_fork+0x116/0x1d0 [ 16.544051] ? __pfx_kthread+0x10/0x10 [ 16.544073] ret_from_fork_asm+0x1a/0x30 [ 16.544105] </TASK> [ 16.544116] [ 16.551457] Allocated by task 302: [ 16.551630] kasan_save_stack+0x45/0x70 [ 16.551825] kasan_save_track+0x18/0x40 [ 16.551996] kasan_save_alloc_info+0x3b/0x50 [ 16.552184] __kasan_kmalloc+0xb7/0xc0 [ 16.552339] __kmalloc_noprof+0x1c9/0x500 [ 16.552560] kunit_kmalloc_array+0x25/0x60 [ 16.552896] copy_user_test_oob+0xab/0x10f0 [ 16.553085] kunit_try_run_case+0x1a5/0x480 [ 16.553264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.553587] kthread+0x337/0x6f0 [ 16.553768] ret_from_fork+0x116/0x1d0 [ 16.553930] ret_from_fork_asm+0x1a/0x30 [ 16.554153] [ 16.554233] The buggy address belongs to the object at ffff8881038e2900 [ 16.554233] which belongs to the cache kmalloc-128 of size 128 [ 16.554827] The buggy address is located 0 bytes inside of [ 16.554827] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.555572] [ 16.555669] The buggy address belongs to the physical page: [ 16.555992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.556247] flags: 0x200000000000000(node=0|zone=2) [ 16.556411] page_type: f5(slab) [ 16.556763] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.557122] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.557396] page dumped because: kasan: bad access detected [ 16.557568] [ 16.557699] Memory state around the buggy address: [ 16.557957] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.558317] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.558849] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.559111] ^ [ 16.559326] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559584] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.520984] ================================================================== [ 16.521346] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.521643] Read of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.521949] [ 16.522042] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.522085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.522098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.522120] Call Trace: [ 16.522134] <TASK> [ 16.522151] dump_stack_lvl+0x73/0xb0 [ 16.522184] print_report+0xd1/0x610 [ 16.522209] ? __virt_addr_valid+0x1db/0x2d0 [ 16.522233] ? _copy_to_user+0x3c/0x70 [ 16.522254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.522279] ? _copy_to_user+0x3c/0x70 [ 16.522301] kasan_report+0x141/0x180 [ 16.522325] ? _copy_to_user+0x3c/0x70 [ 16.522351] kasan_check_range+0x10c/0x1c0 [ 16.522376] __kasan_check_read+0x15/0x20 [ 16.522402] _copy_to_user+0x3c/0x70 [ 16.522423] copy_user_test_oob+0x364/0x10f0 [ 16.522462] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.522488] ? finish_task_switch.isra.0+0x153/0x700 [ 16.522512] ? __switch_to+0x47/0xf50 [ 16.522538] ? __schedule+0x10cc/0x2b60 [ 16.522562] ? __pfx_read_tsc+0x10/0x10 [ 16.522584] ? ktime_get_ts64+0x86/0x230 [ 16.522610] kunit_try_run_case+0x1a5/0x480 [ 16.522635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.522661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.522687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.522713] ? __kthread_parkme+0x82/0x180 [ 16.522736] ? preempt_count_sub+0x50/0x80 [ 16.522773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.522800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.522826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.522854] kthread+0x337/0x6f0 [ 16.522875] ? trace_preempt_on+0x20/0xc0 [ 16.522899] ? __pfx_kthread+0x10/0x10 [ 16.522921] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.522945] ? calculate_sigpending+0x7b/0xa0 [ 16.522970] ? __pfx_kthread+0x10/0x10 [ 16.522994] ret_from_fork+0x116/0x1d0 [ 16.523014] ? __pfx_kthread+0x10/0x10 [ 16.523037] ret_from_fork_asm+0x1a/0x30 [ 16.523068] </TASK> [ 16.523080] [ 16.530538] Allocated by task 302: [ 16.530680] kasan_save_stack+0x45/0x70 [ 16.530850] kasan_save_track+0x18/0x40 [ 16.530999] kasan_save_alloc_info+0x3b/0x50 [ 16.531155] __kasan_kmalloc+0xb7/0xc0 [ 16.531327] __kmalloc_noprof+0x1c9/0x500 [ 16.531521] kunit_kmalloc_array+0x25/0x60 [ 16.531728] copy_user_test_oob+0xab/0x10f0 [ 16.531951] kunit_try_run_case+0x1a5/0x480 [ 16.532153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.532332] kthread+0x337/0x6f0 [ 16.532454] ret_from_fork+0x116/0x1d0 [ 16.532587] ret_from_fork_asm+0x1a/0x30 [ 16.532789] [ 16.532874] The buggy address belongs to the object at ffff8881038e2900 [ 16.532874] which belongs to the cache kmalloc-128 of size 128 [ 16.533377] The buggy address is located 0 bytes inside of [ 16.533377] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.533748] [ 16.533831] The buggy address belongs to the physical page: [ 16.534004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.534656] flags: 0x200000000000000(node=0|zone=2) [ 16.534904] page_type: f5(slab) [ 16.535072] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.535410] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.535697] page dumped because: kasan: bad access detected [ 16.535943] [ 16.536042] Memory state around the buggy address: [ 16.536278] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.536589] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.536817] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.537036] ^ [ 16.537331] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.537834] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.538076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.498944] ================================================================== [ 16.499569] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.500264] Write of size 121 at addr ffff8881038e2900 by task kunit_try_catch/302 [ 16.501151] [ 16.501365] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.501416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.501430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.501462] Call Trace: [ 16.501477] <TASK> [ 16.501496] dump_stack_lvl+0x73/0xb0 [ 16.501530] print_report+0xd1/0x610 [ 16.501557] ? __virt_addr_valid+0x1db/0x2d0 [ 16.501583] ? _copy_from_user+0x32/0x90 [ 16.501604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.501629] ? _copy_from_user+0x32/0x90 [ 16.501651] kasan_report+0x141/0x180 [ 16.501674] ? _copy_from_user+0x32/0x90 [ 16.501700] kasan_check_range+0x10c/0x1c0 [ 16.501726] __kasan_check_write+0x18/0x20 [ 16.501746] _copy_from_user+0x32/0x90 [ 16.501780] copy_user_test_oob+0x2be/0x10f0 [ 16.501809] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.501834] ? finish_task_switch.isra.0+0x153/0x700 [ 16.501860] ? __switch_to+0x47/0xf50 [ 16.501888] ? __schedule+0x10cc/0x2b60 [ 16.501912] ? __pfx_read_tsc+0x10/0x10 [ 16.501936] ? ktime_get_ts64+0x86/0x230 [ 16.501963] kunit_try_run_case+0x1a5/0x480 [ 16.501988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.502014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.502040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.502066] ? __kthread_parkme+0x82/0x180 [ 16.502088] ? preempt_count_sub+0x50/0x80 [ 16.502113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.502141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.502167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.502195] kthread+0x337/0x6f0 [ 16.502216] ? trace_preempt_on+0x20/0xc0 [ 16.502243] ? __pfx_kthread+0x10/0x10 [ 16.502265] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.502289] ? calculate_sigpending+0x7b/0xa0 [ 16.502316] ? __pfx_kthread+0x10/0x10 [ 16.502339] ret_from_fork+0x116/0x1d0 [ 16.502360] ? __pfx_kthread+0x10/0x10 [ 16.502387] ret_from_fork_asm+0x1a/0x30 [ 16.502420] </TASK> [ 16.502433] [ 16.509833] Allocated by task 302: [ 16.510018] kasan_save_stack+0x45/0x70 [ 16.510218] kasan_save_track+0x18/0x40 [ 16.510418] kasan_save_alloc_info+0x3b/0x50 [ 16.510585] __kasan_kmalloc+0xb7/0xc0 [ 16.510749] __kmalloc_noprof+0x1c9/0x500 [ 16.510967] kunit_kmalloc_array+0x25/0x60 [ 16.511184] copy_user_test_oob+0xab/0x10f0 [ 16.511349] kunit_try_run_case+0x1a5/0x480 [ 16.511633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.511876] kthread+0x337/0x6f0 [ 16.512032] ret_from_fork+0x116/0x1d0 [ 16.512191] ret_from_fork_asm+0x1a/0x30 [ 16.512391] [ 16.512504] The buggy address belongs to the object at ffff8881038e2900 [ 16.512504] which belongs to the cache kmalloc-128 of size 128 [ 16.512978] The buggy address is located 0 bytes inside of [ 16.512978] allocated 120-byte region [ffff8881038e2900, ffff8881038e2978) [ 16.513473] [ 16.513548] The buggy address belongs to the physical page: [ 16.513724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.513976] flags: 0x200000000000000(node=0|zone=2) [ 16.514141] page_type: f5(slab) [ 16.514285] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.514633] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.514976] page dumped because: kasan: bad access detected [ 16.515273] [ 16.515369] Memory state around the buggy address: [ 16.515655] ffff8881038e2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.515930] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516153] >ffff8881038e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.516371] ^ [ 16.517017] ffff8881038e2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517341] ffff8881038e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.428172] ================================================================== [ 16.429178] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.429529] Read of size 8 at addr ffff8881038e2878 by task kunit_try_catch/298 [ 16.429879] [ 16.429996] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.430046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.430060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.430083] Call Trace: [ 16.430097] <TASK> [ 16.430115] dump_stack_lvl+0x73/0xb0 [ 16.430148] print_report+0xd1/0x610 [ 16.430173] ? __virt_addr_valid+0x1db/0x2d0 [ 16.430198] ? copy_to_kernel_nofault+0x225/0x260 [ 16.430224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.430249] ? copy_to_kernel_nofault+0x225/0x260 [ 16.430275] kasan_report+0x141/0x180 [ 16.430298] ? copy_to_kernel_nofault+0x225/0x260 [ 16.430328] __asan_report_load8_noabort+0x18/0x20 [ 16.430356] copy_to_kernel_nofault+0x225/0x260 [ 16.430390] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.430416] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.430442] ? finish_task_switch.isra.0+0x153/0x700 [ 16.430467] ? __schedule+0x10cc/0x2b60 [ 16.430491] ? trace_hardirqs_on+0x37/0xe0 [ 16.430524] ? __pfx_read_tsc+0x10/0x10 [ 16.430547] ? ktime_get_ts64+0x86/0x230 [ 16.430573] kunit_try_run_case+0x1a5/0x480 [ 16.430599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.430624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.430651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.430676] ? __kthread_parkme+0x82/0x180 [ 16.430699] ? preempt_count_sub+0x50/0x80 [ 16.430724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.430750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.431174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.431205] kthread+0x337/0x6f0 [ 16.431227] ? trace_preempt_on+0x20/0xc0 [ 16.431252] ? __pfx_kthread+0x10/0x10 [ 16.431274] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.431298] ? calculate_sigpending+0x7b/0xa0 [ 16.431349] ? __pfx_kthread+0x10/0x10 [ 16.431372] ret_from_fork+0x116/0x1d0 [ 16.431395] ? __pfx_kthread+0x10/0x10 [ 16.431418] ret_from_fork_asm+0x1a/0x30 [ 16.431467] </TASK> [ 16.431479] [ 16.442524] Allocated by task 298: [ 16.442722] kasan_save_stack+0x45/0x70 [ 16.443650] kasan_save_track+0x18/0x40 [ 16.443815] kasan_save_alloc_info+0x3b/0x50 [ 16.444036] __kasan_kmalloc+0xb7/0xc0 [ 16.444531] __kmalloc_cache_noprof+0x189/0x420 [ 16.444921] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.445254] kunit_try_run_case+0x1a5/0x480 [ 16.445803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.446147] kthread+0x337/0x6f0 [ 16.446283] ret_from_fork+0x116/0x1d0 [ 16.446922] ret_from_fork_asm+0x1a/0x30 [ 16.447513] [ 16.447703] The buggy address belongs to the object at ffff8881038e2800 [ 16.447703] which belongs to the cache kmalloc-128 of size 128 [ 16.448998] The buggy address is located 0 bytes to the right of [ 16.448998] allocated 120-byte region [ffff8881038e2800, ffff8881038e2878) [ 16.449361] [ 16.449435] The buggy address belongs to the physical page: [ 16.449607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.450300] flags: 0x200000000000000(node=0|zone=2) [ 16.451048] page_type: f5(slab) [ 16.451488] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.451940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.452177] page dumped because: kasan: bad access detected [ 16.452769] [ 16.455054] Memory state around the buggy address: [ 16.455286] ffff8881038e2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.455518] ffff8881038e2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.455738] >ffff8881038e2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.456076] ^ [ 16.456407] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.456842] ffff8881038e2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.457601] ================================================================== [ 16.459556] ================================================================== [ 16.460224] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.460983] Write of size 8 at addr ffff8881038e2878 by task kunit_try_catch/298 [ 16.461284] [ 16.461421] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.461486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.461499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.461539] Call Trace: [ 16.461551] <TASK> [ 16.461569] dump_stack_lvl+0x73/0xb0 [ 16.461599] print_report+0xd1/0x610 [ 16.461623] ? __virt_addr_valid+0x1db/0x2d0 [ 16.461648] ? copy_to_kernel_nofault+0x99/0x260 [ 16.461674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.461699] ? copy_to_kernel_nofault+0x99/0x260 [ 16.461725] kasan_report+0x141/0x180 [ 16.461748] ? copy_to_kernel_nofault+0x99/0x260 [ 16.461790] kasan_check_range+0x10c/0x1c0 [ 16.461816] __kasan_check_write+0x18/0x20 [ 16.461837] copy_to_kernel_nofault+0x99/0x260 [ 16.461864] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.461890] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.461916] ? finish_task_switch.isra.0+0x153/0x700 [ 16.461941] ? __schedule+0x10cc/0x2b60 [ 16.461964] ? trace_hardirqs_on+0x37/0xe0 [ 16.461996] ? __pfx_read_tsc+0x10/0x10 [ 16.462018] ? ktime_get_ts64+0x86/0x230 [ 16.462043] kunit_try_run_case+0x1a5/0x480 [ 16.462070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.462095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.462121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.462147] ? __kthread_parkme+0x82/0x180 [ 16.462169] ? preempt_count_sub+0x50/0x80 [ 16.462194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.462220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.462246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.462274] kthread+0x337/0x6f0 [ 16.462295] ? trace_preempt_on+0x20/0xc0 [ 16.462351] ? __pfx_kthread+0x10/0x10 [ 16.462373] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.462403] ? calculate_sigpending+0x7b/0xa0 [ 16.462443] ? __pfx_kthread+0x10/0x10 [ 16.462467] ret_from_fork+0x116/0x1d0 [ 16.462487] ? __pfx_kthread+0x10/0x10 [ 16.462509] ret_from_fork_asm+0x1a/0x30 [ 16.462541] </TASK> [ 16.462553] [ 16.473769] Allocated by task 298: [ 16.474027] kasan_save_stack+0x45/0x70 [ 16.474231] kasan_save_track+0x18/0x40 [ 16.474642] kasan_save_alloc_info+0x3b/0x50 [ 16.474878] __kasan_kmalloc+0xb7/0xc0 [ 16.475272] __kmalloc_cache_noprof+0x189/0x420 [ 16.475489] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.475917] kunit_try_run_case+0x1a5/0x480 [ 16.476389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.476655] kthread+0x337/0x6f0 [ 16.477013] ret_from_fork+0x116/0x1d0 [ 16.477159] ret_from_fork_asm+0x1a/0x30 [ 16.477362] [ 16.477464] The buggy address belongs to the object at ffff8881038e2800 [ 16.477464] which belongs to the cache kmalloc-128 of size 128 [ 16.478331] The buggy address is located 0 bytes to the right of [ 16.478331] allocated 120-byte region [ffff8881038e2800, ffff8881038e2878) [ 16.478950] [ 16.479135] The buggy address belongs to the physical page: [ 16.479610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 16.480124] flags: 0x200000000000000(node=0|zone=2) [ 16.480466] page_type: f5(slab) [ 16.480602] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.481090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.481614] page dumped because: kasan: bad access detected [ 16.482226] [ 16.482451] Memory state around the buggy address: [ 16.482774] ffff8881038e2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.483632] ffff8881038e2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484088] >ffff8881038e2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.484310] ^ [ 16.485104] ffff8881038e2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485774] ffff8881038e2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486493] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.999195] ================================================================== [ 14.999530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.999893] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.000199] [ 15.000311] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.000354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.000366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.000389] Call Trace: [ 15.000403] <TASK> [ 15.000419] dump_stack_lvl+0x73/0xb0 [ 15.000495] print_report+0xd1/0x610 [ 15.000520] ? __virt_addr_valid+0x1db/0x2d0 [ 15.000544] ? kasan_atomics_helper+0x3df/0x5450 [ 15.000567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.000592] ? kasan_atomics_helper+0x3df/0x5450 [ 15.000615] kasan_report+0x141/0x180 [ 15.000639] ? kasan_atomics_helper+0x3df/0x5450 [ 15.000666] kasan_check_range+0x10c/0x1c0 [ 15.000691] __kasan_check_read+0x15/0x20 [ 15.000712] kasan_atomics_helper+0x3df/0x5450 [ 15.000736] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.000773] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.000811] ? kasan_atomics+0x152/0x310 [ 15.000840] kasan_atomics+0x1dc/0x310 [ 15.000864] ? __pfx_kasan_atomics+0x10/0x10 [ 15.000890] ? __pfx_read_tsc+0x10/0x10 [ 15.000912] ? ktime_get_ts64+0x86/0x230 [ 15.000938] kunit_try_run_case+0x1a5/0x480 [ 15.000965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.000989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.001015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.001042] ? __kthread_parkme+0x82/0x180 [ 15.001064] ? preempt_count_sub+0x50/0x80 [ 15.001090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.001116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.001171] kthread+0x337/0x6f0 [ 15.001192] ? trace_preempt_on+0x20/0xc0 [ 15.001217] ? __pfx_kthread+0x10/0x10 [ 15.001240] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.001263] ? calculate_sigpending+0x7b/0xa0 [ 15.001289] ? __pfx_kthread+0x10/0x10 [ 15.001312] ret_from_fork+0x116/0x1d0 [ 15.001368] ? __pfx_kthread+0x10/0x10 [ 15.001391] ret_from_fork_asm+0x1a/0x30 [ 15.001424] </TASK> [ 15.001436] [ 15.009591] Allocated by task 282: [ 15.009728] kasan_save_stack+0x45/0x70 [ 15.009892] kasan_save_track+0x18/0x40 [ 15.010030] kasan_save_alloc_info+0x3b/0x50 [ 15.010247] __kasan_kmalloc+0xb7/0xc0 [ 15.010444] __kmalloc_cache_noprof+0x189/0x420 [ 15.010670] kasan_atomics+0x95/0x310 [ 15.010872] kunit_try_run_case+0x1a5/0x480 [ 15.011021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011257] kthread+0x337/0x6f0 [ 15.011605] ret_from_fork+0x116/0x1d0 [ 15.011817] ret_from_fork_asm+0x1a/0x30 [ 15.012022] [ 15.012123] The buggy address belongs to the object at ffff8881038e7800 [ 15.012123] which belongs to the cache kmalloc-64 of size 64 [ 15.012673] The buggy address is located 0 bytes to the right of [ 15.012673] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.013090] [ 15.013187] The buggy address belongs to the physical page: [ 15.013484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.013983] flags: 0x200000000000000(node=0|zone=2) [ 15.014226] page_type: f5(slab) [ 15.014526] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.014898] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.015199] page dumped because: kasan: bad access detected [ 15.015513] [ 15.015597] Memory state around the buggy address: [ 15.015826] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.016119] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.016982] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.017207] ^ [ 15.017432] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.018492] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.018810] ================================================================== [ 16.341968] ================================================================== [ 16.342519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.342969] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.343274] [ 16.343376] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.343418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343452] Call Trace: [ 16.343466] <TASK> [ 16.343480] dump_stack_lvl+0x73/0xb0 [ 16.343510] print_report+0xd1/0x610 [ 16.343534] ? __virt_addr_valid+0x1db/0x2d0 [ 16.343557] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.343580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.343617] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.343640] kasan_report+0x141/0x180 [ 16.343675] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.343709] __asan_report_load8_noabort+0x18/0x20 [ 16.343736] kasan_atomics_helper+0x4fa5/0x5450 [ 16.343770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.343795] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.343822] ? kasan_atomics+0x152/0x310 [ 16.343849] kasan_atomics+0x1dc/0x310 [ 16.343873] ? __pfx_kasan_atomics+0x10/0x10 [ 16.343899] ? __pfx_read_tsc+0x10/0x10 [ 16.343922] ? ktime_get_ts64+0x86/0x230 [ 16.343949] kunit_try_run_case+0x1a5/0x480 [ 16.343976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.344026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.344052] ? __kthread_parkme+0x82/0x180 [ 16.344074] ? preempt_count_sub+0x50/0x80 [ 16.344099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344178] kthread+0x337/0x6f0 [ 16.344198] ? trace_preempt_on+0x20/0xc0 [ 16.344222] ? __pfx_kthread+0x10/0x10 [ 16.344244] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.344267] ? calculate_sigpending+0x7b/0xa0 [ 16.344292] ? __pfx_kthread+0x10/0x10 [ 16.344315] ret_from_fork+0x116/0x1d0 [ 16.344335] ? __pfx_kthread+0x10/0x10 [ 16.344356] ret_from_fork_asm+0x1a/0x30 [ 16.344388] </TASK> [ 16.344399] [ 16.352056] Allocated by task 282: [ 16.352253] kasan_save_stack+0x45/0x70 [ 16.352430] kasan_save_track+0x18/0x40 [ 16.352650] kasan_save_alloc_info+0x3b/0x50 [ 16.352861] __kasan_kmalloc+0xb7/0xc0 [ 16.353002] __kmalloc_cache_noprof+0x189/0x420 [ 16.353162] kasan_atomics+0x95/0x310 [ 16.353297] kunit_try_run_case+0x1a5/0x480 [ 16.353444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.353706] kthread+0x337/0x6f0 [ 16.354007] ret_from_fork+0x116/0x1d0 [ 16.354203] ret_from_fork_asm+0x1a/0x30 [ 16.354414] [ 16.354524] The buggy address belongs to the object at ffff8881038e7800 [ 16.354524] which belongs to the cache kmalloc-64 of size 64 [ 16.355084] The buggy address is located 0 bytes to the right of [ 16.355084] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.355610] [ 16.355684] The buggy address belongs to the physical page: [ 16.355917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.356235] flags: 0x200000000000000(node=0|zone=2) [ 16.356396] page_type: f5(slab) [ 16.356710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.357101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.357427] page dumped because: kasan: bad access detected [ 16.357682] [ 16.357795] Memory state around the buggy address: [ 16.357951] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.358169] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.358506] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.358840] ^ [ 16.359060] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359276] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359615] ================================================================== [ 15.523987] ================================================================== [ 15.524304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.525135] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.525644] [ 15.525730] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.525816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.525861] Call Trace: [ 15.525877] <TASK> [ 15.525894] dump_stack_lvl+0x73/0xb0 [ 15.525953] print_report+0xd1/0x610 [ 15.525976] ? __virt_addr_valid+0x1db/0x2d0 [ 15.525999] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.526033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.526058] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.526108] kasan_report+0x141/0x180 [ 15.526131] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.526170] __asan_report_load4_noabort+0x18/0x20 [ 15.526197] kasan_atomics_helper+0x4a36/0x5450 [ 15.526248] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.526272] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.526309] ? kasan_atomics+0x152/0x310 [ 15.526355] kasan_atomics+0x1dc/0x310 [ 15.526395] ? __pfx_kasan_atomics+0x10/0x10 [ 15.526420] ? __pfx_read_tsc+0x10/0x10 [ 15.526454] ? ktime_get_ts64+0x86/0x230 [ 15.526480] kunit_try_run_case+0x1a5/0x480 [ 15.526506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.526583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.526609] ? __kthread_parkme+0x82/0x180 [ 15.526641] ? preempt_count_sub+0x50/0x80 [ 15.526667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.526787] kthread+0x337/0x6f0 [ 15.526808] ? trace_preempt_on+0x20/0xc0 [ 15.526833] ? __pfx_kthread+0x10/0x10 [ 15.526882] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.526906] ? calculate_sigpending+0x7b/0xa0 [ 15.526932] ? __pfx_kthread+0x10/0x10 [ 15.526967] ret_from_fork+0x116/0x1d0 [ 15.526987] ? __pfx_kthread+0x10/0x10 [ 15.527009] ret_from_fork_asm+0x1a/0x30 [ 15.527041] </TASK> [ 15.527052] [ 15.535306] Allocated by task 282: [ 15.535563] kasan_save_stack+0x45/0x70 [ 15.535778] kasan_save_track+0x18/0x40 [ 15.535970] kasan_save_alloc_info+0x3b/0x50 [ 15.536178] __kasan_kmalloc+0xb7/0xc0 [ 15.536320] __kmalloc_cache_noprof+0x189/0x420 [ 15.536503] kasan_atomics+0x95/0x310 [ 15.536636] kunit_try_run_case+0x1a5/0x480 [ 15.536789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537047] kthread+0x337/0x6f0 [ 15.537251] ret_from_fork+0x116/0x1d0 [ 15.537575] ret_from_fork_asm+0x1a/0x30 [ 15.537876] [ 15.538014] The buggy address belongs to the object at ffff8881038e7800 [ 15.538014] which belongs to the cache kmalloc-64 of size 64 [ 15.538600] The buggy address is located 0 bytes to the right of [ 15.538600] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.539087] [ 15.539160] The buggy address belongs to the physical page: [ 15.539392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.539891] flags: 0x200000000000000(node=0|zone=2) [ 15.540185] page_type: f5(slab) [ 15.540355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.540779] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.541017] page dumped because: kasan: bad access detected [ 15.541315] [ 15.541413] Memory state around the buggy address: [ 15.541642] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.541942] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542155] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.542362] ^ [ 15.542589] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.542967] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543286] ================================================================== [ 15.153612] ================================================================== [ 15.154215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.154715] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.155284] [ 15.155560] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.155608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.155622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.155745] Call Trace: [ 15.155792] <TASK> [ 15.155809] dump_stack_lvl+0x73/0xb0 [ 15.155842] print_report+0xd1/0x610 [ 15.155866] ? __virt_addr_valid+0x1db/0x2d0 [ 15.155890] ? kasan_atomics_helper+0x72f/0x5450 [ 15.155914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.155939] ? kasan_atomics_helper+0x72f/0x5450 [ 15.155962] kasan_report+0x141/0x180 [ 15.155986] ? kasan_atomics_helper+0x72f/0x5450 [ 15.156015] kasan_check_range+0x10c/0x1c0 [ 15.156040] __kasan_check_write+0x18/0x20 [ 15.156062] kasan_atomics_helper+0x72f/0x5450 [ 15.156086] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.156111] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.156138] ? kasan_atomics+0x152/0x310 [ 15.156165] kasan_atomics+0x1dc/0x310 [ 15.156189] ? __pfx_kasan_atomics+0x10/0x10 [ 15.156215] ? __pfx_read_tsc+0x10/0x10 [ 15.156238] ? ktime_get_ts64+0x86/0x230 [ 15.156263] kunit_try_run_case+0x1a5/0x480 [ 15.156289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.156314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.156401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.156428] ? __kthread_parkme+0x82/0x180 [ 15.156461] ? preempt_count_sub+0x50/0x80 [ 15.156485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.156513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.156539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.156566] kthread+0x337/0x6f0 [ 15.156587] ? trace_preempt_on+0x20/0xc0 [ 15.156612] ? __pfx_kthread+0x10/0x10 [ 15.156634] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.156657] ? calculate_sigpending+0x7b/0xa0 [ 15.156682] ? __pfx_kthread+0x10/0x10 [ 15.156705] ret_from_fork+0x116/0x1d0 [ 15.156725] ? __pfx_kthread+0x10/0x10 [ 15.156747] ret_from_fork_asm+0x1a/0x30 [ 15.156791] </TASK> [ 15.156801] [ 15.171038] Allocated by task 282: [ 15.171174] kasan_save_stack+0x45/0x70 [ 15.171469] kasan_save_track+0x18/0x40 [ 15.171939] kasan_save_alloc_info+0x3b/0x50 [ 15.172443] __kasan_kmalloc+0xb7/0xc0 [ 15.172815] __kmalloc_cache_noprof+0x189/0x420 [ 15.173236] kasan_atomics+0x95/0x310 [ 15.173665] kunit_try_run_case+0x1a5/0x480 [ 15.174072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.174612] kthread+0x337/0x6f0 [ 15.174951] ret_from_fork+0x116/0x1d0 [ 15.175305] ret_from_fork_asm+0x1a/0x30 [ 15.175779] [ 15.175858] The buggy address belongs to the object at ffff8881038e7800 [ 15.175858] which belongs to the cache kmalloc-64 of size 64 [ 15.176215] The buggy address is located 0 bytes to the right of [ 15.176215] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.177550] [ 15.177721] The buggy address belongs to the physical page: [ 15.178235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.179060] flags: 0x200000000000000(node=0|zone=2) [ 15.179630] page_type: f5(slab) [ 15.180057] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.180740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.180990] page dumped because: kasan: bad access detected [ 15.181163] [ 15.181236] Memory state around the buggy address: [ 15.181565] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.182272] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.183070] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.183806] ^ [ 15.184239] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185003] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185795] ================================================================== [ 15.316193] ================================================================== [ 15.316434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.317708] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.318043] [ 15.318390] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.318441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.318455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.318477] Call Trace: [ 15.318493] <TASK> [ 15.318507] dump_stack_lvl+0x73/0xb0 [ 15.318539] print_report+0xd1/0x610 [ 15.318562] ? __virt_addr_valid+0x1db/0x2d0 [ 15.318586] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.318634] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318658] kasan_report+0x141/0x180 [ 15.318681] ? kasan_atomics_helper+0xac7/0x5450 [ 15.318709] kasan_check_range+0x10c/0x1c0 [ 15.318734] __kasan_check_write+0x18/0x20 [ 15.318768] kasan_atomics_helper+0xac7/0x5450 [ 15.318793] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.318817] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.318844] ? kasan_atomics+0x152/0x310 [ 15.318871] kasan_atomics+0x1dc/0x310 [ 15.318895] ? __pfx_kasan_atomics+0x10/0x10 [ 15.318921] ? __pfx_read_tsc+0x10/0x10 [ 15.318943] ? ktime_get_ts64+0x86/0x230 [ 15.318968] kunit_try_run_case+0x1a5/0x480 [ 15.318993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.319018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.319043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.319068] ? __kthread_parkme+0x82/0x180 [ 15.319090] ? preempt_count_sub+0x50/0x80 [ 15.319115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.319141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.319167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.319194] kthread+0x337/0x6f0 [ 15.319214] ? trace_preempt_on+0x20/0xc0 [ 15.319239] ? __pfx_kthread+0x10/0x10 [ 15.319261] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.319285] ? calculate_sigpending+0x7b/0xa0 [ 15.319311] ? __pfx_kthread+0x10/0x10 [ 15.319335] ret_from_fork+0x116/0x1d0 [ 15.319370] ? __pfx_kthread+0x10/0x10 [ 15.319392] ret_from_fork_asm+0x1a/0x30 [ 15.319425] </TASK> [ 15.319445] [ 15.334037] Allocated by task 282: [ 15.334174] kasan_save_stack+0x45/0x70 [ 15.334322] kasan_save_track+0x18/0x40 [ 15.334543] kasan_save_alloc_info+0x3b/0x50 [ 15.335577] __kasan_kmalloc+0xb7/0xc0 [ 15.336031] __kmalloc_cache_noprof+0x189/0x420 [ 15.336616] kasan_atomics+0x95/0x310 [ 15.337270] kunit_try_run_case+0x1a5/0x480 [ 15.337927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338769] kthread+0x337/0x6f0 [ 15.339096] ret_from_fork+0x116/0x1d0 [ 15.339429] ret_from_fork_asm+0x1a/0x30 [ 15.339728] [ 15.339820] The buggy address belongs to the object at ffff8881038e7800 [ 15.339820] which belongs to the cache kmalloc-64 of size 64 [ 15.340189] The buggy address is located 0 bytes to the right of [ 15.340189] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.340649] [ 15.340766] The buggy address belongs to the physical page: [ 15.341060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.341517] flags: 0x200000000000000(node=0|zone=2) [ 15.341827] page_type: f5(slab) [ 15.341987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.342610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.342924] page dumped because: kasan: bad access detected [ 15.343212] [ 15.343291] Memory state around the buggy address: [ 15.343585] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.344169] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344633] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.344998] ^ [ 15.345218] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345642] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345976] ================================================================== [ 15.346508] ================================================================== [ 15.347291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.347612] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.347932] [ 15.348049] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.348093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.348106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.348128] Call Trace: [ 15.348144] <TASK> [ 15.348163] dump_stack_lvl+0x73/0xb0 [ 15.348192] print_report+0xd1/0x610 [ 15.348239] ? __virt_addr_valid+0x1db/0x2d0 [ 15.348264] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.348286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.348311] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.348394] kasan_report+0x141/0x180 [ 15.348420] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.348449] kasan_check_range+0x10c/0x1c0 [ 15.348475] __kasan_check_write+0x18/0x20 [ 15.348497] kasan_atomics_helper+0xb6a/0x5450 [ 15.348523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.348547] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.348573] ? kasan_atomics+0x152/0x310 [ 15.348601] kasan_atomics+0x1dc/0x310 [ 15.348625] ? __pfx_kasan_atomics+0x10/0x10 [ 15.348651] ? __pfx_read_tsc+0x10/0x10 [ 15.348674] ? ktime_get_ts64+0x86/0x230 [ 15.348700] kunit_try_run_case+0x1a5/0x480 [ 15.348725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.348791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.348816] ? __kthread_parkme+0x82/0x180 [ 15.348876] ? preempt_count_sub+0x50/0x80 [ 15.348901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.348960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.348987] kthread+0x337/0x6f0 [ 15.349009] ? trace_preempt_on+0x20/0xc0 [ 15.349033] ? __pfx_kthread+0x10/0x10 [ 15.349055] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.349078] ? calculate_sigpending+0x7b/0xa0 [ 15.349104] ? __pfx_kthread+0x10/0x10 [ 15.349127] ret_from_fork+0x116/0x1d0 [ 15.349146] ? __pfx_kthread+0x10/0x10 [ 15.349169] ret_from_fork_asm+0x1a/0x30 [ 15.349200] </TASK> [ 15.349211] [ 15.359826] Allocated by task 282: [ 15.360276] kasan_save_stack+0x45/0x70 [ 15.360687] kasan_save_track+0x18/0x40 [ 15.360885] kasan_save_alloc_info+0x3b/0x50 [ 15.361077] __kasan_kmalloc+0xb7/0xc0 [ 15.361251] __kmalloc_cache_noprof+0x189/0x420 [ 15.361969] kasan_atomics+0x95/0x310 [ 15.362319] kunit_try_run_case+0x1a5/0x480 [ 15.362939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363214] kthread+0x337/0x6f0 [ 15.363431] ret_from_fork+0x116/0x1d0 [ 15.363617] ret_from_fork_asm+0x1a/0x30 [ 15.363808] [ 15.363899] The buggy address belongs to the object at ffff8881038e7800 [ 15.363899] which belongs to the cache kmalloc-64 of size 64 [ 15.364826] The buggy address is located 0 bytes to the right of [ 15.364826] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.365806] [ 15.366059] The buggy address belongs to the physical page: [ 15.366513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.366869] flags: 0x200000000000000(node=0|zone=2) [ 15.367090] page_type: f5(slab) [ 15.367250] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.368465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.368884] page dumped because: kasan: bad access detected [ 15.369542] [ 15.369786] Memory state around the buggy address: [ 15.370158] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.370864] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.371305] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.371937] ^ [ 15.372155] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372936] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373640] ================================================================== [ 15.971909] ================================================================== [ 15.972608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.973033] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.973393] [ 15.973571] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.973617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.973630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.973652] Call Trace: [ 15.973666] <TASK> [ 15.973680] dump_stack_lvl+0x73/0xb0 [ 15.973908] print_report+0xd1/0x610 [ 15.973934] ? __virt_addr_valid+0x1db/0x2d0 [ 15.973958] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.973981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.974006] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.974030] kasan_report+0x141/0x180 [ 15.974055] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.974084] kasan_check_range+0x10c/0x1c0 [ 15.974110] __kasan_check_write+0x18/0x20 [ 15.974130] kasan_atomics_helper+0x19e3/0x5450 [ 15.974155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.974179] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.974206] ? kasan_atomics+0x152/0x310 [ 15.974234] kasan_atomics+0x1dc/0x310 [ 15.974258] ? __pfx_kasan_atomics+0x10/0x10 [ 15.974283] ? __pfx_read_tsc+0x10/0x10 [ 15.974305] ? ktime_get_ts64+0x86/0x230 [ 15.974330] kunit_try_run_case+0x1a5/0x480 [ 15.974357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.974412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.974451] ? __kthread_parkme+0x82/0x180 [ 15.974473] ? preempt_count_sub+0x50/0x80 [ 15.974499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.974551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.974578] kthread+0x337/0x6f0 [ 15.974599] ? trace_preempt_on+0x20/0xc0 [ 15.974622] ? __pfx_kthread+0x10/0x10 [ 15.974645] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.974668] ? calculate_sigpending+0x7b/0xa0 [ 15.974692] ? __pfx_kthread+0x10/0x10 [ 15.974715] ret_from_fork+0x116/0x1d0 [ 15.974734] ? __pfx_kthread+0x10/0x10 [ 15.974767] ret_from_fork_asm+0x1a/0x30 [ 15.974799] </TASK> [ 15.974810] [ 15.984311] Allocated by task 282: [ 15.984474] kasan_save_stack+0x45/0x70 [ 15.985081] kasan_save_track+0x18/0x40 [ 15.985244] kasan_save_alloc_info+0x3b/0x50 [ 15.985606] __kasan_kmalloc+0xb7/0xc0 [ 15.985921] __kmalloc_cache_noprof+0x189/0x420 [ 15.986232] kasan_atomics+0x95/0x310 [ 15.986443] kunit_try_run_case+0x1a5/0x480 [ 15.986794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.987114] kthread+0x337/0x6f0 [ 15.987289] ret_from_fork+0x116/0x1d0 [ 15.987522] ret_from_fork_asm+0x1a/0x30 [ 15.987695] [ 15.987803] The buggy address belongs to the object at ffff8881038e7800 [ 15.987803] which belongs to the cache kmalloc-64 of size 64 [ 15.988289] The buggy address is located 0 bytes to the right of [ 15.988289] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.989142] [ 15.989239] The buggy address belongs to the physical page: [ 15.989723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.990168] flags: 0x200000000000000(node=0|zone=2) [ 15.990520] page_type: f5(slab) [ 15.990848] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.991210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.991678] page dumped because: kasan: bad access detected [ 15.992031] [ 15.992134] Memory state around the buggy address: [ 15.992432] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.993005] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.993367] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.993862] ^ [ 15.994152] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994417] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994903] ================================================================== [ 15.484232] ================================================================== [ 15.484645] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.484967] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.485319] [ 15.485427] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.485472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.485503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.485525] Call Trace: [ 15.485551] <TASK> [ 15.485565] dump_stack_lvl+0x73/0xb0 [ 15.485596] print_report+0xd1/0x610 [ 15.485634] ? __virt_addr_valid+0x1db/0x2d0 [ 15.485695] ? kasan_atomics_helper+0xf10/0x5450 [ 15.485718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.485743] ? kasan_atomics_helper+0xf10/0x5450 [ 15.485784] kasan_report+0x141/0x180 [ 15.485807] ? kasan_atomics_helper+0xf10/0x5450 [ 15.485834] kasan_check_range+0x10c/0x1c0 [ 15.485860] __kasan_check_write+0x18/0x20 [ 15.485880] kasan_atomics_helper+0xf10/0x5450 [ 15.485904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.485929] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.485956] ? kasan_atomics+0x152/0x310 [ 15.485984] kasan_atomics+0x1dc/0x310 [ 15.486008] ? __pfx_kasan_atomics+0x10/0x10 [ 15.486034] ? __pfx_read_tsc+0x10/0x10 [ 15.486057] ? ktime_get_ts64+0x86/0x230 [ 15.486082] kunit_try_run_case+0x1a5/0x480 [ 15.486109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.486134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.486159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.486186] ? __kthread_parkme+0x82/0x180 [ 15.486208] ? preempt_count_sub+0x50/0x80 [ 15.486233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.486260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.486286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.486314] kthread+0x337/0x6f0 [ 15.486334] ? trace_preempt_on+0x20/0xc0 [ 15.486358] ? __pfx_kthread+0x10/0x10 [ 15.486387] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.486410] ? calculate_sigpending+0x7b/0xa0 [ 15.486436] ? __pfx_kthread+0x10/0x10 [ 15.486469] ret_from_fork+0x116/0x1d0 [ 15.486489] ? __pfx_kthread+0x10/0x10 [ 15.486511] ret_from_fork_asm+0x1a/0x30 [ 15.486543] </TASK> [ 15.486554] [ 15.494920] Allocated by task 282: [ 15.495146] kasan_save_stack+0x45/0x70 [ 15.495347] kasan_save_track+0x18/0x40 [ 15.495537] kasan_save_alloc_info+0x3b/0x50 [ 15.495746] __kasan_kmalloc+0xb7/0xc0 [ 15.495941] __kmalloc_cache_noprof+0x189/0x420 [ 15.496117] kasan_atomics+0x95/0x310 [ 15.496306] kunit_try_run_case+0x1a5/0x480 [ 15.496520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.496842] kthread+0x337/0x6f0 [ 15.497081] ret_from_fork+0x116/0x1d0 [ 15.497269] ret_from_fork_asm+0x1a/0x30 [ 15.497477] [ 15.497573] The buggy address belongs to the object at ffff8881038e7800 [ 15.497573] which belongs to the cache kmalloc-64 of size 64 [ 15.498093] The buggy address is located 0 bytes to the right of [ 15.498093] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.498458] [ 15.498557] The buggy address belongs to the physical page: [ 15.498911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.499398] flags: 0x200000000000000(node=0|zone=2) [ 15.499684] page_type: f5(slab) [ 15.499868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.500112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.500375] page dumped because: kasan: bad access detected [ 15.500882] [ 15.501009] Memory state around the buggy address: [ 15.501254] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.501614] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.501959] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.502174] ^ [ 15.502434] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.502857] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.503202] ================================================================== [ 15.069157] ================================================================== [ 15.069503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.070333] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.070649] [ 15.070773] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.070817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.070829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.070851] Call Trace: [ 15.070868] <TASK> [ 15.070883] dump_stack_lvl+0x73/0xb0 [ 15.070914] print_report+0xd1/0x610 [ 15.070937] ? __virt_addr_valid+0x1db/0x2d0 [ 15.070961] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.070984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.071009] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.071033] kasan_report+0x141/0x180 [ 15.071056] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.071084] __asan_report_store4_noabort+0x1b/0x30 [ 15.071112] kasan_atomics_helper+0x4b3a/0x5450 [ 15.071136] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.071161] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.071188] ? kasan_atomics+0x152/0x310 [ 15.071215] kasan_atomics+0x1dc/0x310 [ 15.071240] ? __pfx_kasan_atomics+0x10/0x10 [ 15.071266] ? __pfx_read_tsc+0x10/0x10 [ 15.071288] ? ktime_get_ts64+0x86/0x230 [ 15.071379] kunit_try_run_case+0x1a5/0x480 [ 15.071409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.071459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.071485] ? __kthread_parkme+0x82/0x180 [ 15.071507] ? preempt_count_sub+0x50/0x80 [ 15.071533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.071585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.071612] kthread+0x337/0x6f0 [ 15.071633] ? trace_preempt_on+0x20/0xc0 [ 15.071657] ? __pfx_kthread+0x10/0x10 [ 15.071680] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.071702] ? calculate_sigpending+0x7b/0xa0 [ 15.071728] ? __pfx_kthread+0x10/0x10 [ 15.071751] ret_from_fork+0x116/0x1d0 [ 15.071783] ? __pfx_kthread+0x10/0x10 [ 15.071805] ret_from_fork_asm+0x1a/0x30 [ 15.071837] </TASK> [ 15.071848] [ 15.079544] Allocated by task 282: [ 15.079679] kasan_save_stack+0x45/0x70 [ 15.080054] kasan_save_track+0x18/0x40 [ 15.080252] kasan_save_alloc_info+0x3b/0x50 [ 15.080464] __kasan_kmalloc+0xb7/0xc0 [ 15.080795] __kmalloc_cache_noprof+0x189/0x420 [ 15.080970] kasan_atomics+0x95/0x310 [ 15.081164] kunit_try_run_case+0x1a5/0x480 [ 15.081413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081602] kthread+0x337/0x6f0 [ 15.081724] ret_from_fork+0x116/0x1d0 [ 15.081928] ret_from_fork_asm+0x1a/0x30 [ 15.082126] [ 15.082222] The buggy address belongs to the object at ffff8881038e7800 [ 15.082222] which belongs to the cache kmalloc-64 of size 64 [ 15.082857] The buggy address is located 0 bytes to the right of [ 15.082857] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.083619] [ 15.083727] The buggy address belongs to the physical page: [ 15.083942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.084299] flags: 0x200000000000000(node=0|zone=2) [ 15.084593] page_type: f5(slab) [ 15.084775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.085101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.085453] page dumped because: kasan: bad access detected [ 15.085737] [ 15.085835] Memory state around the buggy address: [ 15.086016] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.086376] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086711] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.086953] ^ [ 15.087110] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087326] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087640] ================================================================== [ 15.921132] ================================================================== [ 15.921830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.922266] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.922555] [ 15.922645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.922690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922725] Call Trace: [ 15.922741] <TASK> [ 15.922767] dump_stack_lvl+0x73/0xb0 [ 15.922798] print_report+0xd1/0x610 [ 15.922821] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922912] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.922939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922964] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.922987] kasan_report+0x141/0x180 [ 15.923011] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.923039] kasan_check_range+0x10c/0x1c0 [ 15.923064] __kasan_check_write+0x18/0x20 [ 15.923085] kasan_atomics_helper+0x18b1/0x5450 [ 15.923110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.923483] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.923516] ? kasan_atomics+0x152/0x310 [ 15.923545] kasan_atomics+0x1dc/0x310 [ 15.923570] ? __pfx_kasan_atomics+0x10/0x10 [ 15.923598] ? __pfx_read_tsc+0x10/0x10 [ 15.923621] ? ktime_get_ts64+0x86/0x230 [ 15.923647] kunit_try_run_case+0x1a5/0x480 [ 15.923673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.923726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.923751] ? __kthread_parkme+0x82/0x180 [ 15.923794] ? preempt_count_sub+0x50/0x80 [ 15.923819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.923899] kthread+0x337/0x6f0 [ 15.923920] ? trace_preempt_on+0x20/0xc0 [ 15.923945] ? __pfx_kthread+0x10/0x10 [ 15.923966] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.923990] ? calculate_sigpending+0x7b/0xa0 [ 15.924015] ? __pfx_kthread+0x10/0x10 [ 15.924038] ret_from_fork+0x116/0x1d0 [ 15.924058] ? __pfx_kthread+0x10/0x10 [ 15.924080] ret_from_fork_asm+0x1a/0x30 [ 15.924111] </TASK> [ 15.924122] [ 15.934803] Allocated by task 282: [ 15.935006] kasan_save_stack+0x45/0x70 [ 15.935227] kasan_save_track+0x18/0x40 [ 15.936856] kasan_save_alloc_info+0x3b/0x50 [ 15.937078] __kasan_kmalloc+0xb7/0xc0 [ 15.937244] __kmalloc_cache_noprof+0x189/0x420 [ 15.937500] kasan_atomics+0x95/0x310 [ 15.937908] kunit_try_run_case+0x1a5/0x480 [ 15.938101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938603] kthread+0x337/0x6f0 [ 15.938868] ret_from_fork+0x116/0x1d0 [ 15.939095] ret_from_fork_asm+0x1a/0x30 [ 15.939269] [ 15.939577] The buggy address belongs to the object at ffff8881038e7800 [ 15.939577] which belongs to the cache kmalloc-64 of size 64 [ 15.940115] The buggy address is located 0 bytes to the right of [ 15.940115] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.940923] [ 15.941029] The buggy address belongs to the physical page: [ 15.941337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.941898] flags: 0x200000000000000(node=0|zone=2) [ 15.942237] page_type: f5(slab) [ 15.942553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.942972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.943302] page dumped because: kasan: bad access detected [ 15.943744] [ 15.943967] Memory state around the buggy address: [ 15.944270] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.944688] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.945104] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.945520] ^ [ 15.945719] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946057] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946636] ================================================================== [ 15.439943] ================================================================== [ 15.440688] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.441075] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.441490] [ 15.441583] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.441639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.441653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.441674] Call Trace: [ 15.441702] <TASK> [ 15.441720] dump_stack_lvl+0x73/0xb0 [ 15.441749] print_report+0xd1/0x610 [ 15.441781] ? __virt_addr_valid+0x1db/0x2d0 [ 15.441806] ? kasan_atomics_helper+0xde0/0x5450 [ 15.441828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.441854] ? kasan_atomics_helper+0xde0/0x5450 [ 15.441877] kasan_report+0x141/0x180 [ 15.441900] ? kasan_atomics_helper+0xde0/0x5450 [ 15.441928] kasan_check_range+0x10c/0x1c0 [ 15.441953] __kasan_check_write+0x18/0x20 [ 15.441974] kasan_atomics_helper+0xde0/0x5450 [ 15.441999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.442023] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.442050] ? kasan_atomics+0x152/0x310 [ 15.442078] kasan_atomics+0x1dc/0x310 [ 15.442102] ? __pfx_kasan_atomics+0x10/0x10 [ 15.442128] ? __pfx_read_tsc+0x10/0x10 [ 15.442150] ? ktime_get_ts64+0x86/0x230 [ 15.442177] kunit_try_run_case+0x1a5/0x480 [ 15.442203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.442254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.442280] ? __kthread_parkme+0x82/0x180 [ 15.442302] ? preempt_count_sub+0x50/0x80 [ 15.442327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.442421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.442462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.442490] kthread+0x337/0x6f0 [ 15.442521] ? trace_preempt_on+0x20/0xc0 [ 15.442546] ? __pfx_kthread+0x10/0x10 [ 15.442569] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.442603] ? calculate_sigpending+0x7b/0xa0 [ 15.442629] ? __pfx_kthread+0x10/0x10 [ 15.442651] ret_from_fork+0x116/0x1d0 [ 15.442680] ? __pfx_kthread+0x10/0x10 [ 15.442702] ret_from_fork_asm+0x1a/0x30 [ 15.442734] </TASK> [ 15.442763] [ 15.451145] Allocated by task 282: [ 15.451280] kasan_save_stack+0x45/0x70 [ 15.451481] kasan_save_track+0x18/0x40 [ 15.451791] kasan_save_alloc_info+0x3b/0x50 [ 15.452077] __kasan_kmalloc+0xb7/0xc0 [ 15.452226] __kmalloc_cache_noprof+0x189/0x420 [ 15.452600] kasan_atomics+0x95/0x310 [ 15.452775] kunit_try_run_case+0x1a5/0x480 [ 15.453042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453244] kthread+0x337/0x6f0 [ 15.453529] ret_from_fork+0x116/0x1d0 [ 15.453768] ret_from_fork_asm+0x1a/0x30 [ 15.453912] [ 15.453985] The buggy address belongs to the object at ffff8881038e7800 [ 15.453985] which belongs to the cache kmalloc-64 of size 64 [ 15.454338] The buggy address is located 0 bytes to the right of [ 15.454338] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.454898] [ 15.455032] The buggy address belongs to the physical page: [ 15.455429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.455821] flags: 0x200000000000000(node=0|zone=2) [ 15.455982] page_type: f5(slab) [ 15.456104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.456826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.457384] page dumped because: kasan: bad access detected [ 15.457678] [ 15.457794] Memory state around the buggy address: [ 15.457955] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.458295] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.458746] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.459071] ^ [ 15.459294] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459681] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.460004] ================================================================== [ 15.685308] ================================================================== [ 15.685699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.686058] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.686416] [ 15.686523] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.686589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.686603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.686625] Call Trace: [ 15.686642] <TASK> [ 15.686659] dump_stack_lvl+0x73/0xb0 [ 15.686689] print_report+0xd1/0x610 [ 15.686712] ? __virt_addr_valid+0x1db/0x2d0 [ 15.686765] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.686787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.686812] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.686836] kasan_report+0x141/0x180 [ 15.686859] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.686886] kasan_check_range+0x10c/0x1c0 [ 15.686929] __kasan_check_write+0x18/0x20 [ 15.686950] kasan_atomics_helper+0x12e6/0x5450 [ 15.686975] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.687000] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.687026] ? kasan_atomics+0x152/0x310 [ 15.687054] kasan_atomics+0x1dc/0x310 [ 15.687078] ? __pfx_kasan_atomics+0x10/0x10 [ 15.687103] ? __pfx_read_tsc+0x10/0x10 [ 15.687125] ? ktime_get_ts64+0x86/0x230 [ 15.687167] kunit_try_run_case+0x1a5/0x480 [ 15.687207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.687245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.687284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.687309] ? __kthread_parkme+0x82/0x180 [ 15.687332] ? preempt_count_sub+0x50/0x80 [ 15.687357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.687383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.687408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.687461] kthread+0x337/0x6f0 [ 15.687483] ? trace_preempt_on+0x20/0xc0 [ 15.687506] ? __pfx_kthread+0x10/0x10 [ 15.687529] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.687551] ? calculate_sigpending+0x7b/0xa0 [ 15.687576] ? __pfx_kthread+0x10/0x10 [ 15.687618] ret_from_fork+0x116/0x1d0 [ 15.687652] ? __pfx_kthread+0x10/0x10 [ 15.687674] ret_from_fork_asm+0x1a/0x30 [ 15.687705] </TASK> [ 15.687716] [ 15.696278] Allocated by task 282: [ 15.696512] kasan_save_stack+0x45/0x70 [ 15.696745] kasan_save_track+0x18/0x40 [ 15.696953] kasan_save_alloc_info+0x3b/0x50 [ 15.697128] __kasan_kmalloc+0xb7/0xc0 [ 15.697294] __kmalloc_cache_noprof+0x189/0x420 [ 15.697566] kasan_atomics+0x95/0x310 [ 15.697816] kunit_try_run_case+0x1a5/0x480 [ 15.698011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.698275] kthread+0x337/0x6f0 [ 15.698502] ret_from_fork+0x116/0x1d0 [ 15.698740] ret_from_fork_asm+0x1a/0x30 [ 15.698948] [ 15.699045] The buggy address belongs to the object at ffff8881038e7800 [ 15.699045] which belongs to the cache kmalloc-64 of size 64 [ 15.699560] The buggy address is located 0 bytes to the right of [ 15.699560] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.700033] [ 15.700154] The buggy address belongs to the physical page: [ 15.700410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.700816] flags: 0x200000000000000(node=0|zone=2) [ 15.701051] page_type: f5(slab) [ 15.701236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.701581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.701932] page dumped because: kasan: bad access detected [ 15.702191] [ 15.702286] Memory state around the buggy address: [ 15.702495] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.702715] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.703063] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.703460] ^ [ 15.703701] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704000] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704218] ================================================================== [ 15.543858] ================================================================== [ 15.544248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.544661] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.544935] [ 15.545021] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.545064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.545076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.545098] Call Trace: [ 15.545111] <TASK> [ 15.545124] dump_stack_lvl+0x73/0xb0 [ 15.545152] print_report+0xd1/0x610 [ 15.545175] ? __virt_addr_valid+0x1db/0x2d0 [ 15.545199] ? kasan_atomics_helper+0x1079/0x5450 [ 15.545221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.545246] ? kasan_atomics_helper+0x1079/0x5450 [ 15.545271] kasan_report+0x141/0x180 [ 15.545294] ? kasan_atomics_helper+0x1079/0x5450 [ 15.545323] kasan_check_range+0x10c/0x1c0 [ 15.545348] __kasan_check_write+0x18/0x20 [ 15.545369] kasan_atomics_helper+0x1079/0x5450 [ 15.545393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.545418] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.545498] ? kasan_atomics+0x152/0x310 [ 15.545528] kasan_atomics+0x1dc/0x310 [ 15.545578] ? __pfx_kasan_atomics+0x10/0x10 [ 15.545628] ? __pfx_read_tsc+0x10/0x10 [ 15.545650] ? ktime_get_ts64+0x86/0x230 [ 15.545676] kunit_try_run_case+0x1a5/0x480 [ 15.545712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.545736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.545770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.545796] ? __kthread_parkme+0x82/0x180 [ 15.545817] ? preempt_count_sub+0x50/0x80 [ 15.545842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.545869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.545921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.545949] kthread+0x337/0x6f0 [ 15.545970] ? trace_preempt_on+0x20/0xc0 [ 15.546004] ? __pfx_kthread+0x10/0x10 [ 15.546026] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.546051] ? calculate_sigpending+0x7b/0xa0 [ 15.546077] ? __pfx_kthread+0x10/0x10 [ 15.546127] ret_from_fork+0x116/0x1d0 [ 15.546147] ? __pfx_kthread+0x10/0x10 [ 15.546169] ret_from_fork_asm+0x1a/0x30 [ 15.546212] </TASK> [ 15.546223] [ 15.554671] Allocated by task 282: [ 15.554860] kasan_save_stack+0x45/0x70 [ 15.555058] kasan_save_track+0x18/0x40 [ 15.555219] kasan_save_alloc_info+0x3b/0x50 [ 15.555366] __kasan_kmalloc+0xb7/0xc0 [ 15.555584] __kmalloc_cache_noprof+0x189/0x420 [ 15.555857] kasan_atomics+0x95/0x310 [ 15.556049] kunit_try_run_case+0x1a5/0x480 [ 15.556291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.556606] kthread+0x337/0x6f0 [ 15.556805] ret_from_fork+0x116/0x1d0 [ 15.556995] ret_from_fork_asm+0x1a/0x30 [ 15.557219] [ 15.557317] The buggy address belongs to the object at ffff8881038e7800 [ 15.557317] which belongs to the cache kmalloc-64 of size 64 [ 15.557794] The buggy address is located 0 bytes to the right of [ 15.557794] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.558221] [ 15.558357] The buggy address belongs to the physical page: [ 15.558630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.558984] flags: 0x200000000000000(node=0|zone=2) [ 15.559145] page_type: f5(slab) [ 15.559263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.559571] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.559956] page dumped because: kasan: bad access detected [ 15.560241] [ 15.560350] Memory state around the buggy address: [ 15.560621] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.560982] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.561297] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.561686] ^ [ 15.562626] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.563192] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.563576] ================================================================== [ 15.395307] ================================================================== [ 15.395903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.396247] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.396606] [ 15.396695] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.396738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.396751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.396783] Call Trace: [ 15.396797] <TASK> [ 15.396812] dump_stack_lvl+0x73/0xb0 [ 15.396852] print_report+0xd1/0x610 [ 15.396875] ? __virt_addr_valid+0x1db/0x2d0 [ 15.396911] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.396934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.396960] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.396995] kasan_report+0x141/0x180 [ 15.397018] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.397046] __asan_report_load4_noabort+0x18/0x20 [ 15.397074] kasan_atomics_helper+0x4a84/0x5450 [ 15.397098] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.397122] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.397149] ? kasan_atomics+0x152/0x310 [ 15.397177] kasan_atomics+0x1dc/0x310 [ 15.397201] ? __pfx_kasan_atomics+0x10/0x10 [ 15.397227] ? __pfx_read_tsc+0x10/0x10 [ 15.397250] ? ktime_get_ts64+0x86/0x230 [ 15.397275] kunit_try_run_case+0x1a5/0x480 [ 15.397300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.397395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.397436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.397462] ? __kthread_parkme+0x82/0x180 [ 15.397483] ? preempt_count_sub+0x50/0x80 [ 15.397509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.397535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.397562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.397589] kthread+0x337/0x6f0 [ 15.397609] ? trace_preempt_on+0x20/0xc0 [ 15.397633] ? __pfx_kthread+0x10/0x10 [ 15.397654] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.397677] ? calculate_sigpending+0x7b/0xa0 [ 15.397703] ? __pfx_kthread+0x10/0x10 [ 15.397726] ret_from_fork+0x116/0x1d0 [ 15.397746] ? __pfx_kthread+0x10/0x10 [ 15.397777] ret_from_fork_asm+0x1a/0x30 [ 15.397809] </TASK> [ 15.397819] [ 15.409797] Allocated by task 282: [ 15.409935] kasan_save_stack+0x45/0x70 [ 15.410081] kasan_save_track+0x18/0x40 [ 15.410219] kasan_save_alloc_info+0x3b/0x50 [ 15.410491] __kasan_kmalloc+0xb7/0xc0 [ 15.410635] __kmalloc_cache_noprof+0x189/0x420 [ 15.410894] kasan_atomics+0x95/0x310 [ 15.411108] kunit_try_run_case+0x1a5/0x480 [ 15.411307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.411479] kthread+0x337/0x6f0 [ 15.411595] ret_from_fork+0x116/0x1d0 [ 15.412559] ret_from_fork_asm+0x1a/0x30 [ 15.412710] [ 15.412805] The buggy address belongs to the object at ffff8881038e7800 [ 15.412805] which belongs to the cache kmalloc-64 of size 64 [ 15.413155] The buggy address is located 0 bytes to the right of [ 15.413155] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.414046] [ 15.414147] The buggy address belongs to the physical page: [ 15.414581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.414970] flags: 0x200000000000000(node=0|zone=2) [ 15.415185] page_type: f5(slab) [ 15.415413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.415752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.416107] page dumped because: kasan: bad access detected [ 15.416462] [ 15.416543] Memory state around the buggy address: [ 15.416699] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.417116] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.417648] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.417948] ^ [ 15.418105] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418553] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418920] ================================================================== [ 15.207700] ================================================================== [ 15.208101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.208365] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.208944] [ 15.209061] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.209106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.209119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.209162] Call Trace: [ 15.209177] <TASK> [ 15.209190] dump_stack_lvl+0x73/0xb0 [ 15.209220] print_report+0xd1/0x610 [ 15.209242] ? __virt_addr_valid+0x1db/0x2d0 [ 15.209267] ? kasan_atomics_helper+0x860/0x5450 [ 15.209290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.209315] ? kasan_atomics_helper+0x860/0x5450 [ 15.209339] kasan_report+0x141/0x180 [ 15.209363] ? kasan_atomics_helper+0x860/0x5450 [ 15.209391] kasan_check_range+0x10c/0x1c0 [ 15.209417] __kasan_check_write+0x18/0x20 [ 15.209439] kasan_atomics_helper+0x860/0x5450 [ 15.209464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.209488] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.209516] ? kasan_atomics+0x152/0x310 [ 15.209544] kasan_atomics+0x1dc/0x310 [ 15.209568] ? __pfx_kasan_atomics+0x10/0x10 [ 15.209595] ? __pfx_read_tsc+0x10/0x10 [ 15.209617] ? ktime_get_ts64+0x86/0x230 [ 15.209642] kunit_try_run_case+0x1a5/0x480 [ 15.209668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.209845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.209890] ? __kthread_parkme+0x82/0x180 [ 15.209914] ? preempt_count_sub+0x50/0x80 [ 15.209939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.209993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.210021] kthread+0x337/0x6f0 [ 15.210041] ? trace_preempt_on+0x20/0xc0 [ 15.210066] ? __pfx_kthread+0x10/0x10 [ 15.210089] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.210113] ? calculate_sigpending+0x7b/0xa0 [ 15.210140] ? __pfx_kthread+0x10/0x10 [ 15.210162] ret_from_fork+0x116/0x1d0 [ 15.210182] ? __pfx_kthread+0x10/0x10 [ 15.210204] ret_from_fork_asm+0x1a/0x30 [ 15.210236] </TASK> [ 15.210246] [ 15.220103] Allocated by task 282: [ 15.220571] kasan_save_stack+0x45/0x70 [ 15.221036] kasan_save_track+0x18/0x40 [ 15.221392] kasan_save_alloc_info+0x3b/0x50 [ 15.221644] __kasan_kmalloc+0xb7/0xc0 [ 15.221855] __kmalloc_cache_noprof+0x189/0x420 [ 15.222127] kasan_atomics+0x95/0x310 [ 15.222386] kunit_try_run_case+0x1a5/0x480 [ 15.222724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.223047] kthread+0x337/0x6f0 [ 15.223182] ret_from_fork+0x116/0x1d0 [ 15.223466] ret_from_fork_asm+0x1a/0x30 [ 15.223736] [ 15.223850] The buggy address belongs to the object at ffff8881038e7800 [ 15.223850] which belongs to the cache kmalloc-64 of size 64 [ 15.224290] The buggy address is located 0 bytes to the right of [ 15.224290] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.225030] [ 15.225115] The buggy address belongs to the physical page: [ 15.225668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.226126] flags: 0x200000000000000(node=0|zone=2) [ 15.226466] page_type: f5(slab) [ 15.226698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.227075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.227550] page dumped because: kasan: bad access detected [ 15.227889] [ 15.228088] Memory state around the buggy address: [ 15.228303] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.228775] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229070] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.229552] ^ [ 15.229840] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230146] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230641] ================================================================== [ 15.374293] ================================================================== [ 15.375129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.375653] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.376191] [ 15.376489] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.376544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.376558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.376580] Call Trace: [ 15.376597] <TASK> [ 15.376612] dump_stack_lvl+0x73/0xb0 [ 15.376643] print_report+0xd1/0x610 [ 15.376666] ? __virt_addr_valid+0x1db/0x2d0 [ 15.376692] ? kasan_atomics_helper+0xc70/0x5450 [ 15.376716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.376741] ? kasan_atomics_helper+0xc70/0x5450 [ 15.376774] kasan_report+0x141/0x180 [ 15.376798] ? kasan_atomics_helper+0xc70/0x5450 [ 15.376826] kasan_check_range+0x10c/0x1c0 [ 15.376851] __kasan_check_write+0x18/0x20 [ 15.376872] kasan_atomics_helper+0xc70/0x5450 [ 15.376897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.376933] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.376960] ? kasan_atomics+0x152/0x310 [ 15.377000] kasan_atomics+0x1dc/0x310 [ 15.377024] ? __pfx_kasan_atomics+0x10/0x10 [ 15.377049] ? __pfx_read_tsc+0x10/0x10 [ 15.377071] ? ktime_get_ts64+0x86/0x230 [ 15.377097] kunit_try_run_case+0x1a5/0x480 [ 15.377123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.377148] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.377174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.377199] ? __kthread_parkme+0x82/0x180 [ 15.377222] ? preempt_count_sub+0x50/0x80 [ 15.377248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.377275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.377303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.377379] kthread+0x337/0x6f0 [ 15.377402] ? trace_preempt_on+0x20/0xc0 [ 15.377428] ? __pfx_kthread+0x10/0x10 [ 15.377457] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.377481] ? calculate_sigpending+0x7b/0xa0 [ 15.377506] ? __pfx_kthread+0x10/0x10 [ 15.377529] ret_from_fork+0x116/0x1d0 [ 15.377548] ? __pfx_kthread+0x10/0x10 [ 15.377570] ret_from_fork_asm+0x1a/0x30 [ 15.377602] </TASK> [ 15.377613] [ 15.386150] Allocated by task 282: [ 15.386489] kasan_save_stack+0x45/0x70 [ 15.386673] kasan_save_track+0x18/0x40 [ 15.386824] kasan_save_alloc_info+0x3b/0x50 [ 15.387039] __kasan_kmalloc+0xb7/0xc0 [ 15.387226] __kmalloc_cache_noprof+0x189/0x420 [ 15.387449] kasan_atomics+0x95/0x310 [ 15.387583] kunit_try_run_case+0x1a5/0x480 [ 15.387945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.388233] kthread+0x337/0x6f0 [ 15.388492] ret_from_fork+0x116/0x1d0 [ 15.388648] ret_from_fork_asm+0x1a/0x30 [ 15.388815] [ 15.388921] The buggy address belongs to the object at ffff8881038e7800 [ 15.388921] which belongs to the cache kmalloc-64 of size 64 [ 15.389460] The buggy address is located 0 bytes to the right of [ 15.389460] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.390197] [ 15.390319] The buggy address belongs to the physical page: [ 15.390666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.390938] flags: 0x200000000000000(node=0|zone=2) [ 15.391174] page_type: f5(slab) [ 15.391381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.391915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.392251] page dumped because: kasan: bad access detected [ 15.392574] [ 15.392675] Memory state around the buggy address: [ 15.392905] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.393222] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.393667] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.393963] ^ [ 15.394121] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.394402] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.394965] ================================================================== [ 16.042249] ================================================================== [ 16.042569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.043649] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.043969] [ 16.044207] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.044254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.044267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.044289] Call Trace: [ 16.044305] <TASK> [ 16.044321] dump_stack_lvl+0x73/0xb0 [ 16.044352] print_report+0xd1/0x610 [ 16.044455] ? __virt_addr_valid+0x1db/0x2d0 [ 16.044488] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.044512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.044539] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.044563] kasan_report+0x141/0x180 [ 16.044587] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.044615] kasan_check_range+0x10c/0x1c0 [ 16.044640] __kasan_check_write+0x18/0x20 [ 16.044662] kasan_atomics_helper+0x1c18/0x5450 [ 16.044686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.044711] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.044738] ? kasan_atomics+0x152/0x310 [ 16.044779] kasan_atomics+0x1dc/0x310 [ 16.044803] ? __pfx_kasan_atomics+0x10/0x10 [ 16.044829] ? __pfx_read_tsc+0x10/0x10 [ 16.044851] ? ktime_get_ts64+0x86/0x230 [ 16.044876] kunit_try_run_case+0x1a5/0x480 [ 16.044902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.044926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.044953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.044979] ? __kthread_parkme+0x82/0x180 [ 16.045001] ? preempt_count_sub+0x50/0x80 [ 16.045027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.045053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.045080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.045107] kthread+0x337/0x6f0 [ 16.045127] ? trace_preempt_on+0x20/0xc0 [ 16.045152] ? __pfx_kthread+0x10/0x10 [ 16.045174] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.045198] ? calculate_sigpending+0x7b/0xa0 [ 16.045224] ? __pfx_kthread+0x10/0x10 [ 16.045246] ret_from_fork+0x116/0x1d0 [ 16.045266] ? __pfx_kthread+0x10/0x10 [ 16.045288] ret_from_fork_asm+0x1a/0x30 [ 16.045320] </TASK> [ 16.045331] [ 16.055206] Allocated by task 282: [ 16.055376] kasan_save_stack+0x45/0x70 [ 16.055777] kasan_save_track+0x18/0x40 [ 16.055965] kasan_save_alloc_info+0x3b/0x50 [ 16.056246] __kasan_kmalloc+0xb7/0xc0 [ 16.056395] __kmalloc_cache_noprof+0x189/0x420 [ 16.056821] kasan_atomics+0x95/0x310 [ 16.056976] kunit_try_run_case+0x1a5/0x480 [ 16.057193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.057430] kthread+0x337/0x6f0 [ 16.057810] ret_from_fork+0x116/0x1d0 [ 16.058001] ret_from_fork_asm+0x1a/0x30 [ 16.058303] [ 16.058410] The buggy address belongs to the object at ffff8881038e7800 [ 16.058410] which belongs to the cache kmalloc-64 of size 64 [ 16.059036] The buggy address is located 0 bytes to the right of [ 16.059036] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.059731] [ 16.059821] The buggy address belongs to the physical page: [ 16.060206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.060670] flags: 0x200000000000000(node=0|zone=2) [ 16.060896] page_type: f5(slab) [ 16.061173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.061623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.061961] page dumped because: kasan: bad access detected [ 16.062198] [ 16.062278] Memory state around the buggy address: [ 16.062705] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.063021] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.063374] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.063860] ^ [ 16.064032] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064452] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064901] ================================================================== [ 15.659792] ================================================================== [ 15.660139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.660545] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.660909] [ 15.661018] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.661061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.661095] Call Trace: [ 15.661109] <TASK> [ 15.661124] dump_stack_lvl+0x73/0xb0 [ 15.661153] print_report+0xd1/0x610 [ 15.661177] ? __virt_addr_valid+0x1db/0x2d0 [ 15.661210] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.661234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.661259] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.661283] kasan_report+0x141/0x180 [ 15.661306] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.661334] __asan_report_load4_noabort+0x18/0x20 [ 15.661361] kasan_atomics_helper+0x49e8/0x5450 [ 15.661385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.661409] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.661458] ? kasan_atomics+0x152/0x310 [ 15.661487] kasan_atomics+0x1dc/0x310 [ 15.661511] ? __pfx_kasan_atomics+0x10/0x10 [ 15.661537] ? __pfx_read_tsc+0x10/0x10 [ 15.661559] ? ktime_get_ts64+0x86/0x230 [ 15.661584] kunit_try_run_case+0x1a5/0x480 [ 15.661609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.661634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.661659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.661685] ? __kthread_parkme+0x82/0x180 [ 15.661707] ? preempt_count_sub+0x50/0x80 [ 15.661732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.661768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.661829] kthread+0x337/0x6f0 [ 15.661849] ? trace_preempt_on+0x20/0xc0 [ 15.661874] ? __pfx_kthread+0x10/0x10 [ 15.661895] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.661919] ? calculate_sigpending+0x7b/0xa0 [ 15.661944] ? __pfx_kthread+0x10/0x10 [ 15.661967] ret_from_fork+0x116/0x1d0 [ 15.661986] ? __pfx_kthread+0x10/0x10 [ 15.662024] ret_from_fork_asm+0x1a/0x30 [ 15.662058] </TASK> [ 15.662069] [ 15.677075] Allocated by task 282: [ 15.677258] kasan_save_stack+0x45/0x70 [ 15.677495] kasan_save_track+0x18/0x40 [ 15.677683] kasan_save_alloc_info+0x3b/0x50 [ 15.677919] __kasan_kmalloc+0xb7/0xc0 [ 15.678094] __kmalloc_cache_noprof+0x189/0x420 [ 15.678321] kasan_atomics+0x95/0x310 [ 15.678574] kunit_try_run_case+0x1a5/0x480 [ 15.678787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.679079] kthread+0x337/0x6f0 [ 15.679248] ret_from_fork+0x116/0x1d0 [ 15.679461] ret_from_fork_asm+0x1a/0x30 [ 15.679624] [ 15.679704] The buggy address belongs to the object at ffff8881038e7800 [ 15.679704] which belongs to the cache kmalloc-64 of size 64 [ 15.680272] The buggy address is located 0 bytes to the right of [ 15.680272] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.680810] [ 15.680929] The buggy address belongs to the physical page: [ 15.681163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.681530] flags: 0x200000000000000(node=0|zone=2) [ 15.681776] page_type: f5(slab) [ 15.681937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.682248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.682508] page dumped because: kasan: bad access detected [ 15.682763] [ 15.682860] Memory state around the buggy address: [ 15.683091] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.683368] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.683706] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.684032] ^ [ 15.684192] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684409] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684642] ================================================================== [ 15.419498] ================================================================== [ 15.420018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.420350] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.420611] [ 15.420884] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.420931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.420965] Call Trace: [ 15.420977] <TASK> [ 15.420992] dump_stack_lvl+0x73/0xb0 [ 15.421024] print_report+0xd1/0x610 [ 15.421047] ? __virt_addr_valid+0x1db/0x2d0 [ 15.421071] ? kasan_atomics_helper+0xd47/0x5450 [ 15.421095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.421120] ? kasan_atomics_helper+0xd47/0x5450 [ 15.421144] kasan_report+0x141/0x180 [ 15.421167] ? kasan_atomics_helper+0xd47/0x5450 [ 15.421196] kasan_check_range+0x10c/0x1c0 [ 15.421222] __kasan_check_write+0x18/0x20 [ 15.421243] kasan_atomics_helper+0xd47/0x5450 [ 15.421267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.421291] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.421319] ? kasan_atomics+0x152/0x310 [ 15.421348] kasan_atomics+0x1dc/0x310 [ 15.421372] ? __pfx_kasan_atomics+0x10/0x10 [ 15.421398] ? __pfx_read_tsc+0x10/0x10 [ 15.421421] ? ktime_get_ts64+0x86/0x230 [ 15.421507] kunit_try_run_case+0x1a5/0x480 [ 15.421564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.421590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.421616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.421642] ? __kthread_parkme+0x82/0x180 [ 15.421663] ? preempt_count_sub+0x50/0x80 [ 15.421688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.421714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.421742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.421779] kthread+0x337/0x6f0 [ 15.421799] ? trace_preempt_on+0x20/0xc0 [ 15.421823] ? __pfx_kthread+0x10/0x10 [ 15.421846] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.421869] ? calculate_sigpending+0x7b/0xa0 [ 15.421904] ? __pfx_kthread+0x10/0x10 [ 15.421927] ret_from_fork+0x116/0x1d0 [ 15.421946] ? __pfx_kthread+0x10/0x10 [ 15.421979] ret_from_fork_asm+0x1a/0x30 [ 15.422012] </TASK> [ 15.422023] [ 15.431071] Allocated by task 282: [ 15.431216] kasan_save_stack+0x45/0x70 [ 15.431546] kasan_save_track+0x18/0x40 [ 15.431740] kasan_save_alloc_info+0x3b/0x50 [ 15.431977] __kasan_kmalloc+0xb7/0xc0 [ 15.432178] __kmalloc_cache_noprof+0x189/0x420 [ 15.432481] kasan_atomics+0x95/0x310 [ 15.432691] kunit_try_run_case+0x1a5/0x480 [ 15.432960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433204] kthread+0x337/0x6f0 [ 15.433450] ret_from_fork+0x116/0x1d0 [ 15.433635] ret_from_fork_asm+0x1a/0x30 [ 15.433862] [ 15.433957] The buggy address belongs to the object at ffff8881038e7800 [ 15.433957] which belongs to the cache kmalloc-64 of size 64 [ 15.434360] The buggy address is located 0 bytes to the right of [ 15.434360] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.434771] [ 15.434885] The buggy address belongs to the physical page: [ 15.435208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.435786] flags: 0x200000000000000(node=0|zone=2) [ 15.435986] page_type: f5(slab) [ 15.436180] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.436628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.436973] page dumped because: kasan: bad access detected [ 15.437146] [ 15.437217] Memory state around the buggy address: [ 15.437551] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.437929] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.438277] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.438671] ^ [ 15.438912] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439193] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439409] ================================================================== [ 14.942185] ================================================================== [ 14.942497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.942814] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 14.943110] [ 14.943220] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.943263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.943274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.943296] Call Trace: [ 14.943306] <TASK> [ 14.943321] dump_stack_lvl+0x73/0xb0 [ 14.943349] print_report+0xd1/0x610 [ 14.943371] ? __virt_addr_valid+0x1db/0x2d0 [ 14.943394] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.943416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.943440] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.943463] kasan_report+0x141/0x180 [ 14.943484] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.943511] __asan_report_store4_noabort+0x1b/0x30 [ 14.943536] kasan_atomics_helper+0x4ba2/0x5450 [ 14.943560] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.943582] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.943664] ? kasan_atomics+0x152/0x310 [ 14.943694] kasan_atomics+0x1dc/0x310 [ 14.943716] ? __pfx_kasan_atomics+0x10/0x10 [ 14.943742] ? __pfx_read_tsc+0x10/0x10 [ 14.943774] ? ktime_get_ts64+0x86/0x230 [ 14.943797] kunit_try_run_case+0x1a5/0x480 [ 14.943822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.943847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.943871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.943896] ? __kthread_parkme+0x82/0x180 [ 14.943917] ? preempt_count_sub+0x50/0x80 [ 14.943941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.943966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.943991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.944017] kthread+0x337/0x6f0 [ 14.944036] ? trace_preempt_on+0x20/0xc0 [ 14.944060] ? __pfx_kthread+0x10/0x10 [ 14.944080] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.944103] ? calculate_sigpending+0x7b/0xa0 [ 14.944128] ? __pfx_kthread+0x10/0x10 [ 14.944149] ret_from_fork+0x116/0x1d0 [ 14.944168] ? __pfx_kthread+0x10/0x10 [ 14.944189] ret_from_fork_asm+0x1a/0x30 [ 14.944220] </TASK> [ 14.944229] [ 14.952536] Allocated by task 282: [ 14.952701] kasan_save_stack+0x45/0x70 [ 14.952905] kasan_save_track+0x18/0x40 [ 14.953103] kasan_save_alloc_info+0x3b/0x50 [ 14.953291] __kasan_kmalloc+0xb7/0xc0 [ 14.953500] __kmalloc_cache_noprof+0x189/0x420 [ 14.953678] kasan_atomics+0x95/0x310 [ 14.953872] kunit_try_run_case+0x1a5/0x480 [ 14.954083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954293] kthread+0x337/0x6f0 [ 14.954475] ret_from_fork+0x116/0x1d0 [ 14.954854] ret_from_fork_asm+0x1a/0x30 [ 14.955046] [ 14.955130] The buggy address belongs to the object at ffff8881038e7800 [ 14.955130] which belongs to the cache kmalloc-64 of size 64 [ 14.955740] The buggy address is located 0 bytes to the right of [ 14.955740] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 14.956232] [ 14.956317] The buggy address belongs to the physical page: [ 14.956569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 14.956929] flags: 0x200000000000000(node=0|zone=2) [ 14.957128] page_type: f5(slab) [ 14.957283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.957679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.957938] page dumped because: kasan: bad access detected [ 14.958111] [ 14.958179] Memory state around the buggy address: [ 14.958334] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.958700] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.959034] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.959437] ^ [ 14.959591] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959814] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.960514] ================================================================== [ 15.723291] ================================================================== [ 15.723684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.724022] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.724330] [ 15.724454] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.724500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.724514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.724536] Call Trace: [ 15.724568] <TASK> [ 15.724583] dump_stack_lvl+0x73/0xb0 [ 15.724628] print_report+0xd1/0x610 [ 15.724665] ? __virt_addr_valid+0x1db/0x2d0 [ 15.724703] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.724753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.724787] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.724824] kasan_report+0x141/0x180 [ 15.724861] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.724888] kasan_check_range+0x10c/0x1c0 [ 15.724913] __kasan_check_read+0x15/0x20 [ 15.724934] kasan_atomics_helper+0x13b5/0x5450 [ 15.724958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.724982] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.725008] ? kasan_atomics+0x152/0x310 [ 15.725036] kasan_atomics+0x1dc/0x310 [ 15.725060] ? __pfx_kasan_atomics+0x10/0x10 [ 15.725085] ? __pfx_read_tsc+0x10/0x10 [ 15.725107] ? ktime_get_ts64+0x86/0x230 [ 15.725131] kunit_try_run_case+0x1a5/0x480 [ 15.725157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.725181] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.725206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.725232] ? __kthread_parkme+0x82/0x180 [ 15.725254] ? preempt_count_sub+0x50/0x80 [ 15.725278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.725304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.725331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.725359] kthread+0x337/0x6f0 [ 15.725379] ? trace_preempt_on+0x20/0xc0 [ 15.725403] ? __pfx_kthread+0x10/0x10 [ 15.725463] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.725487] ? calculate_sigpending+0x7b/0xa0 [ 15.725512] ? __pfx_kthread+0x10/0x10 [ 15.725551] ret_from_fork+0x116/0x1d0 [ 15.725570] ? __pfx_kthread+0x10/0x10 [ 15.725606] ret_from_fork_asm+0x1a/0x30 [ 15.725651] </TASK> [ 15.725662] [ 15.733494] Allocated by task 282: [ 15.733625] kasan_save_stack+0x45/0x70 [ 15.733834] kasan_save_track+0x18/0x40 [ 15.734047] kasan_save_alloc_info+0x3b/0x50 [ 15.734277] __kasan_kmalloc+0xb7/0xc0 [ 15.734537] __kmalloc_cache_noprof+0x189/0x420 [ 15.734775] kasan_atomics+0x95/0x310 [ 15.734971] kunit_try_run_case+0x1a5/0x480 [ 15.735214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.735547] kthread+0x337/0x6f0 [ 15.735722] ret_from_fork+0x116/0x1d0 [ 15.735915] ret_from_fork_asm+0x1a/0x30 [ 15.736111] [ 15.736207] The buggy address belongs to the object at ffff8881038e7800 [ 15.736207] which belongs to the cache kmalloc-64 of size 64 [ 15.736658] The buggy address is located 0 bytes to the right of [ 15.736658] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.737113] [ 15.737234] The buggy address belongs to the physical page: [ 15.737540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.737961] flags: 0x200000000000000(node=0|zone=2) [ 15.738214] page_type: f5(slab) [ 15.738374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.738647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.739012] page dumped because: kasan: bad access detected [ 15.739312] [ 15.739406] Memory state around the buggy address: [ 15.739642] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.739895] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.740234] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.740547] ^ [ 15.740795] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741089] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741420] ================================================================== [ 16.133808] ================================================================== [ 16.134142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.134745] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.135250] [ 16.135359] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.135404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.135417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.135439] Call Trace: [ 16.135452] <TASK> [ 16.135466] dump_stack_lvl+0x73/0xb0 [ 16.135509] print_report+0xd1/0x610 [ 16.135533] ? __virt_addr_valid+0x1db/0x2d0 [ 16.135557] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.135580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.135605] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.135629] kasan_report+0x141/0x180 [ 16.135653] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.135681] kasan_check_range+0x10c/0x1c0 [ 16.135706] __kasan_check_write+0x18/0x20 [ 16.135727] kasan_atomics_helper+0x1e12/0x5450 [ 16.135752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.135787] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.135814] ? kasan_atomics+0x152/0x310 [ 16.135842] kasan_atomics+0x1dc/0x310 [ 16.135867] ? __pfx_kasan_atomics+0x10/0x10 [ 16.135893] ? __pfx_read_tsc+0x10/0x10 [ 16.135916] ? ktime_get_ts64+0x86/0x230 [ 16.135941] kunit_try_run_case+0x1a5/0x480 [ 16.135967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.135991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.136018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.136043] ? __kthread_parkme+0x82/0x180 [ 16.136065] ? preempt_count_sub+0x50/0x80 [ 16.136091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.136171] kthread+0x337/0x6f0 [ 16.136191] ? trace_preempt_on+0x20/0xc0 [ 16.136215] ? __pfx_kthread+0x10/0x10 [ 16.136238] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.136260] ? calculate_sigpending+0x7b/0xa0 [ 16.136285] ? __pfx_kthread+0x10/0x10 [ 16.136309] ret_from_fork+0x116/0x1d0 [ 16.136328] ? __pfx_kthread+0x10/0x10 [ 16.136350] ret_from_fork_asm+0x1a/0x30 [ 16.136382] </TASK> [ 16.136393] [ 16.146523] Allocated by task 282: [ 16.146704] kasan_save_stack+0x45/0x70 [ 16.146895] kasan_save_track+0x18/0x40 [ 16.147088] kasan_save_alloc_info+0x3b/0x50 [ 16.147282] __kasan_kmalloc+0xb7/0xc0 [ 16.147444] __kmalloc_cache_noprof+0x189/0x420 [ 16.148040] kasan_atomics+0x95/0x310 [ 16.148208] kunit_try_run_case+0x1a5/0x480 [ 16.148412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.148845] kthread+0x337/0x6f0 [ 16.149024] ret_from_fork+0x116/0x1d0 [ 16.149312] ret_from_fork_asm+0x1a/0x30 [ 16.149571] [ 16.149778] The buggy address belongs to the object at ffff8881038e7800 [ 16.149778] which belongs to the cache kmalloc-64 of size 64 [ 16.150316] The buggy address is located 0 bytes to the right of [ 16.150316] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.151046] [ 16.151264] The buggy address belongs to the physical page: [ 16.151469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.151955] flags: 0x200000000000000(node=0|zone=2) [ 16.152187] page_type: f5(slab) [ 16.152334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.152830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.153228] page dumped because: kasan: bad access detected [ 16.153496] [ 16.153573] Memory state around the buggy address: [ 16.153789] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.154084] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.154401] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.154988] ^ [ 16.155182] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155685] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156041] ================================================================== [ 15.947617] ================================================================== [ 15.947946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.948596] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.949039] [ 15.949321] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.949453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.949470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.949492] Call Trace: [ 15.949509] <TASK> [ 15.949528] dump_stack_lvl+0x73/0xb0 [ 15.949559] print_report+0xd1/0x610 [ 15.949583] ? __virt_addr_valid+0x1db/0x2d0 [ 15.949607] ? kasan_atomics_helper+0x194a/0x5450 [ 15.949630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.949656] ? kasan_atomics_helper+0x194a/0x5450 [ 15.949680] kasan_report+0x141/0x180 [ 15.949703] ? kasan_atomics_helper+0x194a/0x5450 [ 15.949732] kasan_check_range+0x10c/0x1c0 [ 15.949771] __kasan_check_write+0x18/0x20 [ 15.949793] kasan_atomics_helper+0x194a/0x5450 [ 15.949817] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.949842] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.949871] ? kasan_atomics+0x152/0x310 [ 15.949898] kasan_atomics+0x1dc/0x310 [ 15.949923] ? __pfx_kasan_atomics+0x10/0x10 [ 15.949949] ? __pfx_read_tsc+0x10/0x10 [ 15.949971] ? ktime_get_ts64+0x86/0x230 [ 15.949997] kunit_try_run_case+0x1a5/0x480 [ 15.950024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.950048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.950073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.950099] ? __kthread_parkme+0x82/0x180 [ 15.950121] ? preempt_count_sub+0x50/0x80 [ 15.950145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.950172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.950198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.950225] kthread+0x337/0x6f0 [ 15.950246] ? trace_preempt_on+0x20/0xc0 [ 15.950269] ? __pfx_kthread+0x10/0x10 [ 15.950291] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.950314] ? calculate_sigpending+0x7b/0xa0 [ 15.950340] ? __pfx_kthread+0x10/0x10 [ 15.950362] ret_from_fork+0x116/0x1d0 [ 15.950388] ? __pfx_kthread+0x10/0x10 [ 15.950409] ret_from_fork_asm+0x1a/0x30 [ 15.950448] </TASK> [ 15.950459] [ 15.961040] Allocated by task 282: [ 15.961303] kasan_save_stack+0x45/0x70 [ 15.961612] kasan_save_track+0x18/0x40 [ 15.961854] kasan_save_alloc_info+0x3b/0x50 [ 15.962033] __kasan_kmalloc+0xb7/0xc0 [ 15.962447] __kmalloc_cache_noprof+0x189/0x420 [ 15.962784] kasan_atomics+0x95/0x310 [ 15.962985] kunit_try_run_case+0x1a5/0x480 [ 15.963309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963684] kthread+0x337/0x6f0 [ 15.963882] ret_from_fork+0x116/0x1d0 [ 15.964198] ret_from_fork_asm+0x1a/0x30 [ 15.964503] [ 15.964602] The buggy address belongs to the object at ffff8881038e7800 [ 15.964602] which belongs to the cache kmalloc-64 of size 64 [ 15.965255] The buggy address is located 0 bytes to the right of [ 15.965255] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.965955] [ 15.966250] The buggy address belongs to the physical page: [ 15.966522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.966853] flags: 0x200000000000000(node=0|zone=2) [ 15.967177] page_type: f5(slab) [ 15.967468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.968119] page dumped because: kasan: bad access detected [ 15.968374] [ 15.968468] Memory state around the buggy address: [ 15.968693] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.969305] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.969782] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.970164] ^ [ 15.970478] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970836] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.971202] ================================================================== [ 15.782632] ================================================================== [ 15.783054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.783462] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.783831] [ 15.783943] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.783986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.784037] Call Trace: [ 15.784053] <TASK> [ 15.784069] dump_stack_lvl+0x73/0xb0 [ 15.784098] print_report+0xd1/0x610 [ 15.784121] ? __virt_addr_valid+0x1db/0x2d0 [ 15.784146] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.784169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.784194] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.784218] kasan_report+0x141/0x180 [ 15.784242] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.784269] __asan_report_store8_noabort+0x1b/0x30 [ 15.784297] kasan_atomics_helper+0x50d4/0x5450 [ 15.784321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.784346] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.784373] ? kasan_atomics+0x152/0x310 [ 15.784401] kasan_atomics+0x1dc/0x310 [ 15.784458] ? __pfx_kasan_atomics+0x10/0x10 [ 15.784486] ? __pfx_read_tsc+0x10/0x10 [ 15.784508] ? ktime_get_ts64+0x86/0x230 [ 15.784534] kunit_try_run_case+0x1a5/0x480 [ 15.784560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.784585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.784611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.784636] ? __kthread_parkme+0x82/0x180 [ 15.784658] ? preempt_count_sub+0x50/0x80 [ 15.784684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.784710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.784737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.784773] kthread+0x337/0x6f0 [ 15.784794] ? trace_preempt_on+0x20/0xc0 [ 15.784838] ? __pfx_kthread+0x10/0x10 [ 15.784861] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.784884] ? calculate_sigpending+0x7b/0xa0 [ 15.784927] ? __pfx_kthread+0x10/0x10 [ 15.784950] ret_from_fork+0x116/0x1d0 [ 15.784971] ? __pfx_kthread+0x10/0x10 [ 15.784992] ret_from_fork_asm+0x1a/0x30 [ 15.785024] </TASK> [ 15.785035] [ 15.792724] Allocated by task 282: [ 15.792897] kasan_save_stack+0x45/0x70 [ 15.793078] kasan_save_track+0x18/0x40 [ 15.793261] kasan_save_alloc_info+0x3b/0x50 [ 15.793516] __kasan_kmalloc+0xb7/0xc0 [ 15.793715] __kmalloc_cache_noprof+0x189/0x420 [ 15.793933] kasan_atomics+0x95/0x310 [ 15.794106] kunit_try_run_case+0x1a5/0x480 [ 15.794338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.794620] kthread+0x337/0x6f0 [ 15.794790] ret_from_fork+0x116/0x1d0 [ 15.794951] ret_from_fork_asm+0x1a/0x30 [ 15.795165] [ 15.795287] The buggy address belongs to the object at ffff8881038e7800 [ 15.795287] which belongs to the cache kmalloc-64 of size 64 [ 15.795777] The buggy address is located 0 bytes to the right of [ 15.795777] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.796307] [ 15.796413] The buggy address belongs to the physical page: [ 15.796657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.797039] flags: 0x200000000000000(node=0|zone=2) [ 15.797269] page_type: f5(slab) [ 15.797542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.797833] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.798177] page dumped because: kasan: bad access detected [ 15.798446] [ 15.798541] Memory state around the buggy address: [ 15.798801] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.799129] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.799415] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.799646] ^ [ 15.799839] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800173] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800538] ================================================================== [ 16.088156] ================================================================== [ 16.088752] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.089153] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.089602] [ 16.089780] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.089827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.089840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.089962] Call Trace: [ 16.089980] <TASK> [ 16.089996] dump_stack_lvl+0x73/0xb0 [ 16.090027] print_report+0xd1/0x610 [ 16.090050] ? __virt_addr_valid+0x1db/0x2d0 [ 16.090074] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.090098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.090123] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.090148] kasan_report+0x141/0x180 [ 16.090172] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.090200] kasan_check_range+0x10c/0x1c0 [ 16.090226] __kasan_check_write+0x18/0x20 [ 16.090247] kasan_atomics_helper+0x1ce1/0x5450 [ 16.090272] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.090297] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.090324] ? kasan_atomics+0x152/0x310 [ 16.090352] kasan_atomics+0x1dc/0x310 [ 16.090377] ? __pfx_kasan_atomics+0x10/0x10 [ 16.090410] ? __pfx_read_tsc+0x10/0x10 [ 16.090433] ? ktime_get_ts64+0x86/0x230 [ 16.090466] kunit_try_run_case+0x1a5/0x480 [ 16.090493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.090518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.090544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.090570] ? __kthread_parkme+0x82/0x180 [ 16.090591] ? preempt_count_sub+0x50/0x80 [ 16.090616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.090642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.090669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.090696] kthread+0x337/0x6f0 [ 16.090716] ? trace_preempt_on+0x20/0xc0 [ 16.090741] ? __pfx_kthread+0x10/0x10 [ 16.090773] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.090797] ? calculate_sigpending+0x7b/0xa0 [ 16.090822] ? __pfx_kthread+0x10/0x10 [ 16.090845] ret_from_fork+0x116/0x1d0 [ 16.090865] ? __pfx_kthread+0x10/0x10 [ 16.090887] ret_from_fork_asm+0x1a/0x30 [ 16.090918] </TASK> [ 16.090929] [ 16.100496] Allocated by task 282: [ 16.100750] kasan_save_stack+0x45/0x70 [ 16.101033] kasan_save_track+0x18/0x40 [ 16.101282] kasan_save_alloc_info+0x3b/0x50 [ 16.101569] __kasan_kmalloc+0xb7/0xc0 [ 16.101743] __kmalloc_cache_noprof+0x189/0x420 [ 16.102073] kasan_atomics+0x95/0x310 [ 16.102265] kunit_try_run_case+0x1a5/0x480 [ 16.102565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102876] kthread+0x337/0x6f0 [ 16.103048] ret_from_fork+0x116/0x1d0 [ 16.103218] ret_from_fork_asm+0x1a/0x30 [ 16.103398] [ 16.103746] The buggy address belongs to the object at ffff8881038e7800 [ 16.103746] which belongs to the cache kmalloc-64 of size 64 [ 16.104213] The buggy address is located 0 bytes to the right of [ 16.104213] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.104942] [ 16.105036] The buggy address belongs to the physical page: [ 16.105265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.105765] flags: 0x200000000000000(node=0|zone=2) [ 16.105992] page_type: f5(slab) [ 16.106230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.106628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.107070] page dumped because: kasan: bad access detected [ 16.107364] [ 16.107441] Memory state around the buggy address: [ 16.107696] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.108169] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.108549] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.108812] ^ [ 16.109120] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109427] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109926] ================================================================== [ 16.256969] ================================================================== [ 16.257364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.257774] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.258115] [ 16.258212] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.258286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.258299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.258331] Call Trace: [ 16.258346] <TASK> [ 16.258361] dump_stack_lvl+0x73/0xb0 [ 16.258398] print_report+0xd1/0x610 [ 16.258465] ? __virt_addr_valid+0x1db/0x2d0 [ 16.258491] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.258513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.258549] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.258573] kasan_report+0x141/0x180 [ 16.258623] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.258651] __asan_report_load8_noabort+0x18/0x20 [ 16.258678] kasan_atomics_helper+0x4f98/0x5450 [ 16.258713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.258737] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.258772] ? kasan_atomics+0x152/0x310 [ 16.258800] kasan_atomics+0x1dc/0x310 [ 16.258824] ? __pfx_kasan_atomics+0x10/0x10 [ 16.258850] ? __pfx_read_tsc+0x10/0x10 [ 16.258872] ? ktime_get_ts64+0x86/0x230 [ 16.258925] kunit_try_run_case+0x1a5/0x480 [ 16.258952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.259043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.259083] ? __kthread_parkme+0x82/0x180 [ 16.259105] ? preempt_count_sub+0x50/0x80 [ 16.259143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.259210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.259238] kthread+0x337/0x6f0 [ 16.259258] ? trace_preempt_on+0x20/0xc0 [ 16.259283] ? __pfx_kthread+0x10/0x10 [ 16.259314] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.259338] ? calculate_sigpending+0x7b/0xa0 [ 16.259374] ? __pfx_kthread+0x10/0x10 [ 16.259397] ret_from_fork+0x116/0x1d0 [ 16.259416] ? __pfx_kthread+0x10/0x10 [ 16.259456] ret_from_fork_asm+0x1a/0x30 [ 16.259489] </TASK> [ 16.259500] [ 16.271628] Allocated by task 282: [ 16.271990] kasan_save_stack+0x45/0x70 [ 16.272380] kasan_save_track+0x18/0x40 [ 16.272783] kasan_save_alloc_info+0x3b/0x50 [ 16.273174] __kasan_kmalloc+0xb7/0xc0 [ 16.273310] __kmalloc_cache_noprof+0x189/0x420 [ 16.273573] kasan_atomics+0x95/0x310 [ 16.273957] kunit_try_run_case+0x1a5/0x480 [ 16.274363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.274878] kthread+0x337/0x6f0 [ 16.275119] ret_from_fork+0x116/0x1d0 [ 16.275353] ret_from_fork_asm+0x1a/0x30 [ 16.275747] [ 16.275830] The buggy address belongs to the object at ffff8881038e7800 [ 16.275830] which belongs to the cache kmalloc-64 of size 64 [ 16.276185] The buggy address is located 0 bytes to the right of [ 16.276185] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.276876] [ 16.277037] The buggy address belongs to the physical page: [ 16.277542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.278224] flags: 0x200000000000000(node=0|zone=2) [ 16.278695] page_type: f5(slab) [ 16.279016] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.279727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.280345] page dumped because: kasan: bad access detected [ 16.280529] [ 16.280600] Memory state around the buggy address: [ 16.280766] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.281238] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.281618] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.281842] ^ [ 16.281994] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.282205] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.282418] ================================================================== [ 15.859189] ================================================================== [ 15.859623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.859952] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.860285] [ 15.860403] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.860468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.860481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.860502] Call Trace: [ 15.860519] <TASK> [ 15.860558] dump_stack_lvl+0x73/0xb0 [ 15.860590] print_report+0xd1/0x610 [ 15.860612] ? __virt_addr_valid+0x1db/0x2d0 [ 15.860637] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.860659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.860684] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.860724] kasan_report+0x141/0x180 [ 15.860748] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.860801] kasan_check_range+0x10c/0x1c0 [ 15.860827] __kasan_check_write+0x18/0x20 [ 15.860848] kasan_atomics_helper+0x16e7/0x5450 [ 15.860874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.860898] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.860924] ? kasan_atomics+0x152/0x310 [ 15.860953] kasan_atomics+0x1dc/0x310 [ 15.860977] ? __pfx_kasan_atomics+0x10/0x10 [ 15.861003] ? __pfx_read_tsc+0x10/0x10 [ 15.861025] ? ktime_get_ts64+0x86/0x230 [ 15.861050] kunit_try_run_case+0x1a5/0x480 [ 15.861075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.861118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.861145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.861183] ? __kthread_parkme+0x82/0x180 [ 15.861219] ? preempt_count_sub+0x50/0x80 [ 15.861258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.861286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.861326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.861367] kthread+0x337/0x6f0 [ 15.861388] ? trace_preempt_on+0x20/0xc0 [ 15.861413] ? __pfx_kthread+0x10/0x10 [ 15.861455] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.861479] ? calculate_sigpending+0x7b/0xa0 [ 15.861505] ? __pfx_kthread+0x10/0x10 [ 15.861528] ret_from_fork+0x116/0x1d0 [ 15.861548] ? __pfx_kthread+0x10/0x10 [ 15.861570] ret_from_fork_asm+0x1a/0x30 [ 15.861602] </TASK> [ 15.861613] [ 15.869270] Allocated by task 282: [ 15.869479] kasan_save_stack+0x45/0x70 [ 15.869679] kasan_save_track+0x18/0x40 [ 15.869904] kasan_save_alloc_info+0x3b/0x50 [ 15.870096] __kasan_kmalloc+0xb7/0xc0 [ 15.870275] __kmalloc_cache_noprof+0x189/0x420 [ 15.870540] kasan_atomics+0x95/0x310 [ 15.870742] kunit_try_run_case+0x1a5/0x480 [ 15.870961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.871239] kthread+0x337/0x6f0 [ 15.871399] ret_from_fork+0x116/0x1d0 [ 15.871604] ret_from_fork_asm+0x1a/0x30 [ 15.871787] [ 15.871886] The buggy address belongs to the object at ffff8881038e7800 [ 15.871886] which belongs to the cache kmalloc-64 of size 64 [ 15.872369] The buggy address is located 0 bytes to the right of [ 15.872369] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.872983] [ 15.873113] The buggy address belongs to the physical page: [ 15.873396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.873794] flags: 0x200000000000000(node=0|zone=2) [ 15.874030] page_type: f5(slab) [ 15.874199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.874533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.874770] page dumped because: kasan: bad access detected [ 15.874942] [ 15.875017] Memory state around the buggy address: [ 15.875241] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.875627] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.875995] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.876317] ^ [ 15.877194] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877598] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878244] ================================================================== [ 15.898596] ================================================================== [ 15.898956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.899358] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.899719] [ 15.899860] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.899905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.899918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.899941] Call Trace: [ 15.899955] <TASK> [ 15.899970] dump_stack_lvl+0x73/0xb0 [ 15.899999] print_report+0xd1/0x610 [ 15.900022] ? __virt_addr_valid+0x1db/0x2d0 [ 15.900045] ? kasan_atomics_helper+0x1818/0x5450 [ 15.900068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.900092] ? kasan_atomics_helper+0x1818/0x5450 [ 15.900116] kasan_report+0x141/0x180 [ 15.900140] ? kasan_atomics_helper+0x1818/0x5450 [ 15.900168] kasan_check_range+0x10c/0x1c0 [ 15.900193] __kasan_check_write+0x18/0x20 [ 15.900236] kasan_atomics_helper+0x1818/0x5450 [ 15.900261] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.900286] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.900313] ? kasan_atomics+0x152/0x310 [ 15.900357] kasan_atomics+0x1dc/0x310 [ 15.900381] ? __pfx_kasan_atomics+0x10/0x10 [ 15.900444] ? __pfx_read_tsc+0x10/0x10 [ 15.900468] ? ktime_get_ts64+0x86/0x230 [ 15.900493] kunit_try_run_case+0x1a5/0x480 [ 15.900519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.900543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.900569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.900595] ? __kthread_parkme+0x82/0x180 [ 15.900616] ? preempt_count_sub+0x50/0x80 [ 15.900641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.900667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.900693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.900720] kthread+0x337/0x6f0 [ 15.900768] ? trace_preempt_on+0x20/0xc0 [ 15.900793] ? __pfx_kthread+0x10/0x10 [ 15.900815] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.900838] ? calculate_sigpending+0x7b/0xa0 [ 15.900863] ? __pfx_kthread+0x10/0x10 [ 15.900887] ret_from_fork+0x116/0x1d0 [ 15.900923] ? __pfx_kthread+0x10/0x10 [ 15.900947] ret_from_fork_asm+0x1a/0x30 [ 15.900978] </TASK> [ 15.900989] [ 15.908586] Allocated by task 282: [ 15.910033] kasan_save_stack+0x45/0x70 [ 15.910237] kasan_save_track+0x18/0x40 [ 15.910407] kasan_save_alloc_info+0x3b/0x50 [ 15.910777] __kasan_kmalloc+0xb7/0xc0 [ 15.911060] __kmalloc_cache_noprof+0x189/0x420 [ 15.911374] kasan_atomics+0x95/0x310 [ 15.911667] kunit_try_run_case+0x1a5/0x480 [ 15.911955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.912287] kthread+0x337/0x6f0 [ 15.912586] ret_from_fork+0x116/0x1d0 [ 15.912914] ret_from_fork_asm+0x1a/0x30 [ 15.913188] [ 15.913373] The buggy address belongs to the object at ffff8881038e7800 [ 15.913373] which belongs to the cache kmalloc-64 of size 64 [ 15.914007] The buggy address is located 0 bytes to the right of [ 15.914007] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.914823] [ 15.914944] The buggy address belongs to the physical page: [ 15.915300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.915771] flags: 0x200000000000000(node=0|zone=2) [ 15.916088] page_type: f5(slab) [ 15.916319] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.916793] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.917220] page dumped because: kasan: bad access detected [ 15.917569] [ 15.917651] Memory state around the buggy address: [ 15.918036] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.918413] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.918831] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.919120] ^ [ 15.919506] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919907] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.920288] ================================================================== [ 15.819951] ================================================================== [ 15.820788] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.821093] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.821497] [ 15.821627] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.821683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.821695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.821731] Call Trace: [ 15.821768] <TASK> [ 15.821782] dump_stack_lvl+0x73/0xb0 [ 15.821842] print_report+0xd1/0x610 [ 15.821865] ? __virt_addr_valid+0x1db/0x2d0 [ 15.821902] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.821939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.821978] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.822002] kasan_report+0x141/0x180 [ 15.822026] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.822055] kasan_check_range+0x10c/0x1c0 [ 15.822080] __kasan_check_write+0x18/0x20 [ 15.822102] kasan_atomics_helper+0x15b6/0x5450 [ 15.822126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.822151] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.822178] ? kasan_atomics+0x152/0x310 [ 15.822206] kasan_atomics+0x1dc/0x310 [ 15.822229] ? __pfx_kasan_atomics+0x10/0x10 [ 15.822256] ? __pfx_read_tsc+0x10/0x10 [ 15.822278] ? ktime_get_ts64+0x86/0x230 [ 15.822303] kunit_try_run_case+0x1a5/0x480 [ 15.822329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.822379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.822412] ? __kthread_parkme+0x82/0x180 [ 15.822453] ? preempt_count_sub+0x50/0x80 [ 15.822479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.822558] kthread+0x337/0x6f0 [ 15.822579] ? trace_preempt_on+0x20/0xc0 [ 15.822623] ? __pfx_kthread+0x10/0x10 [ 15.822645] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.822669] ? calculate_sigpending+0x7b/0xa0 [ 15.822711] ? __pfx_kthread+0x10/0x10 [ 15.822733] ret_from_fork+0x116/0x1d0 [ 15.822833] ? __pfx_kthread+0x10/0x10 [ 15.822856] ret_from_fork_asm+0x1a/0x30 [ 15.822910] </TASK> [ 15.822923] [ 15.830727] Allocated by task 282: [ 15.830925] kasan_save_stack+0x45/0x70 [ 15.831149] kasan_save_track+0x18/0x40 [ 15.831355] kasan_save_alloc_info+0x3b/0x50 [ 15.831558] __kasan_kmalloc+0xb7/0xc0 [ 15.831775] __kmalloc_cache_noprof+0x189/0x420 [ 15.832055] kasan_atomics+0x95/0x310 [ 15.832248] kunit_try_run_case+0x1a5/0x480 [ 15.832485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832740] kthread+0x337/0x6f0 [ 15.832917] ret_from_fork+0x116/0x1d0 [ 15.833108] ret_from_fork_asm+0x1a/0x30 [ 15.833307] [ 15.833403] The buggy address belongs to the object at ffff8881038e7800 [ 15.833403] which belongs to the cache kmalloc-64 of size 64 [ 15.833928] The buggy address is located 0 bytes to the right of [ 15.833928] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.834300] [ 15.834407] The buggy address belongs to the physical page: [ 15.834700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.835115] flags: 0x200000000000000(node=0|zone=2) [ 15.835365] page_type: f5(slab) [ 15.835602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.835881] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.836112] page dumped because: kasan: bad access detected [ 15.836368] [ 15.836473] Memory state around the buggy address: [ 15.836702] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.837033] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.837308] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.837550] ^ [ 15.837808] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838123] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838484] ================================================================== [ 15.742111] ================================================================== [ 15.742661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.743007] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.743332] [ 15.743417] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.743459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.743471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.743493] Call Trace: [ 15.743507] <TASK> [ 15.743522] dump_stack_lvl+0x73/0xb0 [ 15.743552] print_report+0xd1/0x610 [ 15.743575] ? __virt_addr_valid+0x1db/0x2d0 [ 15.743599] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.743622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.743647] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.743670] kasan_report+0x141/0x180 [ 15.743693] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.743721] __asan_report_load8_noabort+0x18/0x20 [ 15.743747] kasan_atomics_helper+0x4eae/0x5450 [ 15.743781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.743805] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.743831] ? kasan_atomics+0x152/0x310 [ 15.743859] kasan_atomics+0x1dc/0x310 [ 15.743883] ? __pfx_kasan_atomics+0x10/0x10 [ 15.743908] ? __pfx_read_tsc+0x10/0x10 [ 15.743931] ? ktime_get_ts64+0x86/0x230 [ 15.743956] kunit_try_run_case+0x1a5/0x480 [ 15.743982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.744032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.744057] ? __kthread_parkme+0x82/0x180 [ 15.744079] ? preempt_count_sub+0x50/0x80 [ 15.744103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.744156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.744183] kthread+0x337/0x6f0 [ 15.744204] ? trace_preempt_on+0x20/0xc0 [ 15.744229] ? __pfx_kthread+0x10/0x10 [ 15.744251] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.744273] ? calculate_sigpending+0x7b/0xa0 [ 15.744299] ? __pfx_kthread+0x10/0x10 [ 15.744322] ret_from_fork+0x116/0x1d0 [ 15.744342] ? __pfx_kthread+0x10/0x10 [ 15.744365] ret_from_fork_asm+0x1a/0x30 [ 15.744396] </TASK> [ 15.744407] [ 15.753615] Allocated by task 282: [ 15.753791] kasan_save_stack+0x45/0x70 [ 15.754157] kasan_save_track+0x18/0x40 [ 15.754384] kasan_save_alloc_info+0x3b/0x50 [ 15.754767] __kasan_kmalloc+0xb7/0xc0 [ 15.754963] __kmalloc_cache_noprof+0x189/0x420 [ 15.755311] kasan_atomics+0x95/0x310 [ 15.755621] kunit_try_run_case+0x1a5/0x480 [ 15.755917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.756170] kthread+0x337/0x6f0 [ 15.756475] ret_from_fork+0x116/0x1d0 [ 15.756770] ret_from_fork_asm+0x1a/0x30 [ 15.757057] [ 15.757181] The buggy address belongs to the object at ffff8881038e7800 [ 15.757181] which belongs to the cache kmalloc-64 of size 64 [ 15.757829] The buggy address is located 0 bytes to the right of [ 15.757829] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.758337] [ 15.758491] The buggy address belongs to the physical page: [ 15.758708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.759074] flags: 0x200000000000000(node=0|zone=2) [ 15.759304] page_type: f5(slab) [ 15.759495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.759846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.760170] page dumped because: kasan: bad access detected [ 15.760411] [ 15.760535] Memory state around the buggy address: [ 15.760770] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.761074] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.761376] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.761687] ^ [ 15.761932] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762251] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762571] ================================================================== [ 16.019326] ================================================================== [ 16.019938] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.020279] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.020961] [ 16.021177] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.021225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.021238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.021261] Call Trace: [ 16.021277] <TASK> [ 16.021294] dump_stack_lvl+0x73/0xb0 [ 16.021396] print_report+0xd1/0x610 [ 16.021423] ? __virt_addr_valid+0x1db/0x2d0 [ 16.021458] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.021481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.021507] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.021531] kasan_report+0x141/0x180 [ 16.021554] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.021582] kasan_check_range+0x10c/0x1c0 [ 16.021607] __kasan_check_write+0x18/0x20 [ 16.021628] kasan_atomics_helper+0x1b22/0x5450 [ 16.021653] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.021678] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.021705] ? kasan_atomics+0x152/0x310 [ 16.021733] kasan_atomics+0x1dc/0x310 [ 16.021770] ? __pfx_kasan_atomics+0x10/0x10 [ 16.021796] ? __pfx_read_tsc+0x10/0x10 [ 16.021817] ? ktime_get_ts64+0x86/0x230 [ 16.021843] kunit_try_run_case+0x1a5/0x480 [ 16.021869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.021894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.021919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.021945] ? __kthread_parkme+0x82/0x180 [ 16.021967] ? preempt_count_sub+0x50/0x80 [ 16.021992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.022018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.022043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.022070] kthread+0x337/0x6f0 [ 16.022092] ? trace_preempt_on+0x20/0xc0 [ 16.022117] ? __pfx_kthread+0x10/0x10 [ 16.022142] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.022167] ? calculate_sigpending+0x7b/0xa0 [ 16.022192] ? __pfx_kthread+0x10/0x10 [ 16.022216] ret_from_fork+0x116/0x1d0 [ 16.022235] ? __pfx_kthread+0x10/0x10 [ 16.022257] ret_from_fork_asm+0x1a/0x30 [ 16.022290] </TASK> [ 16.022301] [ 16.031958] Allocated by task 282: [ 16.032158] kasan_save_stack+0x45/0x70 [ 16.032355] kasan_save_track+0x18/0x40 [ 16.032873] kasan_save_alloc_info+0x3b/0x50 [ 16.033060] __kasan_kmalloc+0xb7/0xc0 [ 16.033251] __kmalloc_cache_noprof+0x189/0x420 [ 16.033663] kasan_atomics+0x95/0x310 [ 16.033840] kunit_try_run_case+0x1a5/0x480 [ 16.034054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.034293] kthread+0x337/0x6f0 [ 16.034462] ret_from_fork+0x116/0x1d0 [ 16.034917] ret_from_fork_asm+0x1a/0x30 [ 16.035068] [ 16.035292] The buggy address belongs to the object at ffff8881038e7800 [ 16.035292] which belongs to the cache kmalloc-64 of size 64 [ 16.035974] The buggy address is located 0 bytes to the right of [ 16.035974] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.036656] [ 16.036737] The buggy address belongs to the physical page: [ 16.037017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.037340] flags: 0x200000000000000(node=0|zone=2) [ 16.037787] page_type: f5(slab) [ 16.037965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.038395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.038851] page dumped because: kasan: bad access detected [ 16.039192] [ 16.039291] Memory state around the buggy address: [ 16.039455] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.039952] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.040341] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.040692] ^ [ 16.041033] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041416] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041695] ================================================================== [ 16.111150] ================================================================== [ 16.111752] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.112090] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.112614] [ 16.112724] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.112781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.112795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.112816] Call Trace: [ 16.112833] <TASK> [ 16.112852] dump_stack_lvl+0x73/0xb0 [ 16.113056] print_report+0xd1/0x610 [ 16.113080] ? __virt_addr_valid+0x1db/0x2d0 [ 16.113105] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.113128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.113153] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.113177] kasan_report+0x141/0x180 [ 16.113200] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.113228] kasan_check_range+0x10c/0x1c0 [ 16.113254] __kasan_check_write+0x18/0x20 [ 16.113275] kasan_atomics_helper+0x1d7a/0x5450 [ 16.113299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.113325] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.113353] ? kasan_atomics+0x152/0x310 [ 16.113381] kasan_atomics+0x1dc/0x310 [ 16.113405] ? __pfx_kasan_atomics+0x10/0x10 [ 16.113431] ? __pfx_read_tsc+0x10/0x10 [ 16.113517] ? ktime_get_ts64+0x86/0x230 [ 16.113544] kunit_try_run_case+0x1a5/0x480 [ 16.113572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.113597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.113623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.113649] ? __kthread_parkme+0x82/0x180 [ 16.113671] ? preempt_count_sub+0x50/0x80 [ 16.113696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.113722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.113748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.113787] kthread+0x337/0x6f0 [ 16.113807] ? trace_preempt_on+0x20/0xc0 [ 16.113832] ? __pfx_kthread+0x10/0x10 [ 16.113853] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.113877] ? calculate_sigpending+0x7b/0xa0 [ 16.113902] ? __pfx_kthread+0x10/0x10 [ 16.113925] ret_from_fork+0x116/0x1d0 [ 16.113945] ? __pfx_kthread+0x10/0x10 [ 16.113967] ret_from_fork_asm+0x1a/0x30 [ 16.113998] </TASK> [ 16.114009] [ 16.123705] Allocated by task 282: [ 16.124005] kasan_save_stack+0x45/0x70 [ 16.124188] kasan_save_track+0x18/0x40 [ 16.124429] kasan_save_alloc_info+0x3b/0x50 [ 16.124771] __kasan_kmalloc+0xb7/0xc0 [ 16.124946] __kmalloc_cache_noprof+0x189/0x420 [ 16.125269] kasan_atomics+0x95/0x310 [ 16.125456] kunit_try_run_case+0x1a5/0x480 [ 16.125661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.125914] kthread+0x337/0x6f0 [ 16.126059] ret_from_fork+0x116/0x1d0 [ 16.126242] ret_from_fork_asm+0x1a/0x30 [ 16.126436] [ 16.126854] The buggy address belongs to the object at ffff8881038e7800 [ 16.126854] which belongs to the cache kmalloc-64 of size 64 [ 16.127312] The buggy address is located 0 bytes to the right of [ 16.127312] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.128028] [ 16.128227] The buggy address belongs to the physical page: [ 16.128427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.129029] flags: 0x200000000000000(node=0|zone=2) [ 16.129322] page_type: f5(slab) [ 16.129466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.129907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.130283] page dumped because: kasan: bad access detected [ 16.130607] [ 16.130689] Memory state around the buggy address: [ 16.130910] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.131206] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.131730] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.132022] ^ [ 16.132243] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.132714] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.133094] ================================================================== [ 16.234391] ================================================================== [ 16.234721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.235054] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.235907] [ 16.236253] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.236305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.236319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.236340] Call Trace: [ 16.236355] <TASK> [ 16.236370] dump_stack_lvl+0x73/0xb0 [ 16.236451] print_report+0xd1/0x610 [ 16.236476] ? __virt_addr_valid+0x1db/0x2d0 [ 16.236500] ? kasan_atomics_helper+0x2006/0x5450 [ 16.236523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.236549] ? kasan_atomics_helper+0x2006/0x5450 [ 16.236574] kasan_report+0x141/0x180 [ 16.236597] ? kasan_atomics_helper+0x2006/0x5450 [ 16.236626] kasan_check_range+0x10c/0x1c0 [ 16.236652] __kasan_check_write+0x18/0x20 [ 16.236673] kasan_atomics_helper+0x2006/0x5450 [ 16.236697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.236724] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.236767] ? kasan_atomics+0x152/0x310 [ 16.236795] kasan_atomics+0x1dc/0x310 [ 16.236819] ? __pfx_kasan_atomics+0x10/0x10 [ 16.236845] ? __pfx_read_tsc+0x10/0x10 [ 16.236867] ? ktime_get_ts64+0x86/0x230 [ 16.236893] kunit_try_run_case+0x1a5/0x480 [ 16.236919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.236944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.236970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.236996] ? __kthread_parkme+0x82/0x180 [ 16.237018] ? preempt_count_sub+0x50/0x80 [ 16.237043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.237070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.237097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.237124] kthread+0x337/0x6f0 [ 16.237144] ? trace_preempt_on+0x20/0xc0 [ 16.237169] ? __pfx_kthread+0x10/0x10 [ 16.237191] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.237215] ? calculate_sigpending+0x7b/0xa0 [ 16.237240] ? __pfx_kthread+0x10/0x10 [ 16.237263] ret_from_fork+0x116/0x1d0 [ 16.237283] ? __pfx_kthread+0x10/0x10 [ 16.237305] ret_from_fork_asm+0x1a/0x30 [ 16.237337] </TASK> [ 16.237348] [ 16.248100] Allocated by task 282: [ 16.248241] kasan_save_stack+0x45/0x70 [ 16.248393] kasan_save_track+0x18/0x40 [ 16.248540] kasan_save_alloc_info+0x3b/0x50 [ 16.248692] __kasan_kmalloc+0xb7/0xc0 [ 16.249263] __kmalloc_cache_noprof+0x189/0x420 [ 16.249608] kasan_atomics+0x95/0x310 [ 16.249750] kunit_try_run_case+0x1a5/0x480 [ 16.249909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250086] kthread+0x337/0x6f0 [ 16.250217] ret_from_fork+0x116/0x1d0 [ 16.250489] ret_from_fork_asm+0x1a/0x30 [ 16.250695] [ 16.250802] The buggy address belongs to the object at ffff8881038e7800 [ 16.250802] which belongs to the cache kmalloc-64 of size 64 [ 16.251372] The buggy address is located 0 bytes to the right of [ 16.251372] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.251961] [ 16.252036] The buggy address belongs to the physical page: [ 16.252284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.252764] flags: 0x200000000000000(node=0|zone=2) [ 16.252959] page_type: f5(slab) [ 16.253171] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.253566] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.253932] page dumped because: kasan: bad access detected [ 16.254118] [ 16.254215] Memory state around the buggy address: [ 16.254500] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.254749] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.255041] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.255380] ^ [ 16.255687] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.255998] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256299] ================================================================== [ 15.287099] ================================================================== [ 15.287340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.288484] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.289284] [ 15.289444] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.289726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.289744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.289778] Call Trace: [ 15.289796] <TASK> [ 15.289812] dump_stack_lvl+0x73/0xb0 [ 15.289845] print_report+0xd1/0x610 [ 15.289867] ? __virt_addr_valid+0x1db/0x2d0 [ 15.289892] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.289915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.289939] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.289963] kasan_report+0x141/0x180 [ 15.289988] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.290017] kasan_check_range+0x10c/0x1c0 [ 15.290042] __kasan_check_write+0x18/0x20 [ 15.290063] kasan_atomics_helper+0xa2b/0x5450 [ 15.290088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.290112] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.290140] ? kasan_atomics+0x152/0x310 [ 15.290167] kasan_atomics+0x1dc/0x310 [ 15.290191] ? __pfx_kasan_atomics+0x10/0x10 [ 15.290217] ? __pfx_read_tsc+0x10/0x10 [ 15.290239] ? ktime_get_ts64+0x86/0x230 [ 15.290264] kunit_try_run_case+0x1a5/0x480 [ 15.290291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.290315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.290390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.290417] ? __kthread_parkme+0x82/0x180 [ 15.290449] ? preempt_count_sub+0x50/0x80 [ 15.290474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.290502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.290529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.290556] kthread+0x337/0x6f0 [ 15.290578] ? trace_preempt_on+0x20/0xc0 [ 15.290602] ? __pfx_kthread+0x10/0x10 [ 15.290625] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.290648] ? calculate_sigpending+0x7b/0xa0 [ 15.290674] ? __pfx_kthread+0x10/0x10 [ 15.290697] ret_from_fork+0x116/0x1d0 [ 15.290717] ? __pfx_kthread+0x10/0x10 [ 15.290740] ret_from_fork_asm+0x1a/0x30 [ 15.290782] </TASK> [ 15.290794] [ 15.303061] Allocated by task 282: [ 15.303238] kasan_save_stack+0x45/0x70 [ 15.303644] kasan_save_track+0x18/0x40 [ 15.304009] kasan_save_alloc_info+0x3b/0x50 [ 15.304374] __kasan_kmalloc+0xb7/0xc0 [ 15.304739] __kmalloc_cache_noprof+0x189/0x420 [ 15.305101] kasan_atomics+0x95/0x310 [ 15.305614] kunit_try_run_case+0x1a5/0x480 [ 15.305858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306110] kthread+0x337/0x6f0 [ 15.306276] ret_from_fork+0x116/0x1d0 [ 15.306898] ret_from_fork_asm+0x1a/0x30 [ 15.307080] [ 15.307349] The buggy address belongs to the object at ffff8881038e7800 [ 15.307349] which belongs to the cache kmalloc-64 of size 64 [ 15.308050] The buggy address is located 0 bytes to the right of [ 15.308050] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.308971] [ 15.309071] The buggy address belongs to the physical page: [ 15.309292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.309887] flags: 0x200000000000000(node=0|zone=2) [ 15.310127] page_type: f5(slab) [ 15.310641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.311151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.311709] page dumped because: kasan: bad access detected [ 15.312072] [ 15.312176] Memory state around the buggy address: [ 15.312678] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.312989] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.313428] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.313913] ^ [ 15.314240] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.314878] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.315293] ================================================================== [ 16.305071] ================================================================== [ 16.305724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.306153] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.306392] [ 16.306525] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.306568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.306581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.306601] Call Trace: [ 16.306615] <TASK> [ 16.306628] dump_stack_lvl+0x73/0xb0 [ 16.306669] print_report+0xd1/0x610 [ 16.306691] ? __virt_addr_valid+0x1db/0x2d0 [ 16.306728] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.306750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.306785] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.306818] kasan_report+0x141/0x180 [ 16.306841] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.306879] __asan_report_load8_noabort+0x18/0x20 [ 16.306905] kasan_atomics_helper+0x4fb2/0x5450 [ 16.306930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.306954] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.306981] ? kasan_atomics+0x152/0x310 [ 16.307008] kasan_atomics+0x1dc/0x310 [ 16.307032] ? __pfx_kasan_atomics+0x10/0x10 [ 16.307057] ? __pfx_read_tsc+0x10/0x10 [ 16.307079] ? ktime_get_ts64+0x86/0x230 [ 16.307104] kunit_try_run_case+0x1a5/0x480 [ 16.307129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.307155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.307180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.307215] ? __kthread_parkme+0x82/0x180 [ 16.307237] ? preempt_count_sub+0x50/0x80 [ 16.307272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.307299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.307325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.307352] kthread+0x337/0x6f0 [ 16.307372] ? trace_preempt_on+0x20/0xc0 [ 16.307397] ? __pfx_kthread+0x10/0x10 [ 16.307419] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.307451] ? calculate_sigpending+0x7b/0xa0 [ 16.307476] ? __pfx_kthread+0x10/0x10 [ 16.307508] ret_from_fork+0x116/0x1d0 [ 16.307527] ? __pfx_kthread+0x10/0x10 [ 16.307549] ret_from_fork_asm+0x1a/0x30 [ 16.307591] </TASK> [ 16.307602] [ 16.315358] Allocated by task 282: [ 16.315584] kasan_save_stack+0x45/0x70 [ 16.315779] kasan_save_track+0x18/0x40 [ 16.315975] kasan_save_alloc_info+0x3b/0x50 [ 16.316198] __kasan_kmalloc+0xb7/0xc0 [ 16.316366] __kmalloc_cache_noprof+0x189/0x420 [ 16.316625] kasan_atomics+0x95/0x310 [ 16.316824] kunit_try_run_case+0x1a5/0x480 [ 16.317008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.317260] kthread+0x337/0x6f0 [ 16.317452] ret_from_fork+0x116/0x1d0 [ 16.317624] ret_from_fork_asm+0x1a/0x30 [ 16.317838] [ 16.317911] The buggy address belongs to the object at ffff8881038e7800 [ 16.317911] which belongs to the cache kmalloc-64 of size 64 [ 16.318424] The buggy address is located 0 bytes to the right of [ 16.318424] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.318952] [ 16.319025] The buggy address belongs to the physical page: [ 16.319200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.319571] flags: 0x200000000000000(node=0|zone=2) [ 16.319837] page_type: f5(slab) [ 16.319994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.320239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.320770] page dumped because: kasan: bad access detected [ 16.321046] [ 16.321152] Memory state around the buggy address: [ 16.321338] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.321677] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.321991] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.322300] ^ [ 16.322558] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322803] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.323019] ================================================================== [ 15.642843] ================================================================== [ 15.643192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.643481] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.643779] [ 15.643905] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.643950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.643985] Call Trace: [ 15.644001] <TASK> [ 15.644031] dump_stack_lvl+0x73/0xb0 [ 15.644078] print_report+0xd1/0x610 [ 15.644102] ? __virt_addr_valid+0x1db/0x2d0 [ 15.644126] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.644175] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644199] kasan_report+0x141/0x180 [ 15.644222] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644250] kasan_check_range+0x10c/0x1c0 [ 15.644275] __kasan_check_write+0x18/0x20 [ 15.644296] kasan_atomics_helper+0x1217/0x5450 [ 15.644338] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.644363] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.644390] ? kasan_atomics+0x152/0x310 [ 15.644418] kasan_atomics+0x1dc/0x310 [ 15.644459] ? __pfx_kasan_atomics+0x10/0x10 [ 15.644484] ? __pfx_read_tsc+0x10/0x10 [ 15.644507] ? ktime_get_ts64+0x86/0x230 [ 15.644532] kunit_try_run_case+0x1a5/0x480 [ 15.644558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.644608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.644633] ? __kthread_parkme+0x82/0x180 [ 15.644654] ? preempt_count_sub+0x50/0x80 [ 15.644680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.644732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.644767] kthread+0x337/0x6f0 [ 15.644788] ? trace_preempt_on+0x20/0xc0 [ 15.644813] ? __pfx_kthread+0x10/0x10 [ 15.644835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.644858] ? calculate_sigpending+0x7b/0xa0 [ 15.644883] ? __pfx_kthread+0x10/0x10 [ 15.644906] ret_from_fork+0x116/0x1d0 [ 15.644926] ? __pfx_kthread+0x10/0x10 [ 15.644947] ret_from_fork_asm+0x1a/0x30 [ 15.644979] </TASK> [ 15.644990] [ 15.652369] Allocated by task 282: [ 15.652553] kasan_save_stack+0x45/0x70 [ 15.652734] kasan_save_track+0x18/0x40 [ 15.652916] kasan_save_alloc_info+0x3b/0x50 [ 15.653118] __kasan_kmalloc+0xb7/0xc0 [ 15.653276] __kmalloc_cache_noprof+0x189/0x420 [ 15.653520] kasan_atomics+0x95/0x310 [ 15.653667] kunit_try_run_case+0x1a5/0x480 [ 15.653894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.654123] kthread+0x337/0x6f0 [ 15.654285] ret_from_fork+0x116/0x1d0 [ 15.654498] ret_from_fork_asm+0x1a/0x30 [ 15.654660] [ 15.654767] The buggy address belongs to the object at ffff8881038e7800 [ 15.654767] which belongs to the cache kmalloc-64 of size 64 [ 15.655221] The buggy address is located 0 bytes to the right of [ 15.655221] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.655736] [ 15.655818] The buggy address belongs to the physical page: [ 15.655991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.656232] flags: 0x200000000000000(node=0|zone=2) [ 15.656396] page_type: f5(slab) [ 15.656543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.656786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.657122] page dumped because: kasan: bad access detected [ 15.657373] [ 15.657495] Memory state around the buggy address: [ 15.657719] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.658054] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.658373] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.658726] ^ [ 15.658940] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659159] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659375] ================================================================== [ 15.044140] ================================================================== [ 15.044481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.045377] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.045813] [ 15.045922] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.045968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.046002] Call Trace: [ 15.046171] <TASK> [ 15.046187] dump_stack_lvl+0x73/0xb0 [ 15.046219] print_report+0xd1/0x610 [ 15.046242] ? __virt_addr_valid+0x1db/0x2d0 [ 15.046267] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.046289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.046314] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.046404] kasan_report+0x141/0x180 [ 15.046429] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.046463] kasan_check_range+0x10c/0x1c0 [ 15.046488] __kasan_check_write+0x18/0x20 [ 15.046509] kasan_atomics_helper+0x4a0/0x5450 [ 15.046534] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.046558] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.046585] ? kasan_atomics+0x152/0x310 [ 15.046614] kasan_atomics+0x1dc/0x310 [ 15.046637] ? __pfx_kasan_atomics+0x10/0x10 [ 15.046664] ? __pfx_read_tsc+0x10/0x10 [ 15.046686] ? ktime_get_ts64+0x86/0x230 [ 15.046711] kunit_try_run_case+0x1a5/0x480 [ 15.046737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.046801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.046827] ? __kthread_parkme+0x82/0x180 [ 15.046852] ? preempt_count_sub+0x50/0x80 [ 15.046876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.046957] kthread+0x337/0x6f0 [ 15.046978] ? trace_preempt_on+0x20/0xc0 [ 15.047003] ? __pfx_kthread+0x10/0x10 [ 15.047026] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.047050] ? calculate_sigpending+0x7b/0xa0 [ 15.047075] ? __pfx_kthread+0x10/0x10 [ 15.047099] ret_from_fork+0x116/0x1d0 [ 15.047121] ? __pfx_kthread+0x10/0x10 [ 15.047145] ret_from_fork_asm+0x1a/0x30 [ 15.047177] </TASK> [ 15.047188] [ 15.057997] Allocated by task 282: [ 15.058172] kasan_save_stack+0x45/0x70 [ 15.058713] kasan_save_track+0x18/0x40 [ 15.058924] kasan_save_alloc_info+0x3b/0x50 [ 15.059127] __kasan_kmalloc+0xb7/0xc0 [ 15.059600] __kmalloc_cache_noprof+0x189/0x420 [ 15.059798] kasan_atomics+0x95/0x310 [ 15.059995] kunit_try_run_case+0x1a5/0x480 [ 15.060180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.060443] kthread+0x337/0x6f0 [ 15.060928] ret_from_fork+0x116/0x1d0 [ 15.061197] ret_from_fork_asm+0x1a/0x30 [ 15.061352] [ 15.061691] The buggy address belongs to the object at ffff8881038e7800 [ 15.061691] which belongs to the cache kmalloc-64 of size 64 [ 15.062219] The buggy address is located 0 bytes to the right of [ 15.062219] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.062918] [ 15.063101] The buggy address belongs to the physical page: [ 15.063508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.063866] flags: 0x200000000000000(node=0|zone=2) [ 15.064082] page_type: f5(slab) [ 15.064243] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.064878] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.065186] page dumped because: kasan: bad access detected [ 15.065718] [ 15.065929] Memory state around the buggy address: [ 15.066222] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.066691] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.067086] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.067491] ^ [ 15.067878] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.068193] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.068610] ================================================================== [ 16.207219] ================================================================== [ 16.207792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.208219] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.208805] [ 16.209130] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.209185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.209199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.209221] Call Trace: [ 16.209238] <TASK> [ 16.209256] dump_stack_lvl+0x73/0xb0 [ 16.209322] print_report+0xd1/0x610 [ 16.209346] ? __virt_addr_valid+0x1db/0x2d0 [ 16.209371] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.209394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.209420] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.209457] kasan_report+0x141/0x180 [ 16.209481] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.209510] __asan_report_load8_noabort+0x18/0x20 [ 16.209536] kasan_atomics_helper+0x4f71/0x5450 [ 16.209562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.209586] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.209613] ? kasan_atomics+0x152/0x310 [ 16.209641] kasan_atomics+0x1dc/0x310 [ 16.209665] ? __pfx_kasan_atomics+0x10/0x10 [ 16.209691] ? __pfx_read_tsc+0x10/0x10 [ 16.209713] ? ktime_get_ts64+0x86/0x230 [ 16.209738] kunit_try_run_case+0x1a5/0x480 [ 16.209775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.209800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.209826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.209851] ? __kthread_parkme+0x82/0x180 [ 16.209874] ? preempt_count_sub+0x50/0x80 [ 16.209899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.209925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.209951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.209979] kthread+0x337/0x6f0 [ 16.209999] ? trace_preempt_on+0x20/0xc0 [ 16.210024] ? __pfx_kthread+0x10/0x10 [ 16.210046] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.210069] ? calculate_sigpending+0x7b/0xa0 [ 16.210094] ? __pfx_kthread+0x10/0x10 [ 16.210117] ret_from_fork+0x116/0x1d0 [ 16.210137] ? __pfx_kthread+0x10/0x10 [ 16.210158] ret_from_fork_asm+0x1a/0x30 [ 16.210190] </TASK> [ 16.210202] [ 16.221336] Allocated by task 282: [ 16.221712] kasan_save_stack+0x45/0x70 [ 16.222047] kasan_save_track+0x18/0x40 [ 16.222430] kasan_save_alloc_info+0x3b/0x50 [ 16.222874] __kasan_kmalloc+0xb7/0xc0 [ 16.223088] __kmalloc_cache_noprof+0x189/0x420 [ 16.223295] kasan_atomics+0x95/0x310 [ 16.223682] kunit_try_run_case+0x1a5/0x480 [ 16.223948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.224347] kthread+0x337/0x6f0 [ 16.224647] ret_from_fork+0x116/0x1d0 [ 16.224852] ret_from_fork_asm+0x1a/0x30 [ 16.225038] [ 16.225130] The buggy address belongs to the object at ffff8881038e7800 [ 16.225130] which belongs to the cache kmalloc-64 of size 64 [ 16.225946] The buggy address is located 0 bytes to the right of [ 16.225946] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.226828] [ 16.227057] The buggy address belongs to the physical page: [ 16.227398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.227892] flags: 0x200000000000000(node=0|zone=2) [ 16.228115] page_type: f5(slab) [ 16.228276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.228880] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.229487] page dumped because: kasan: bad access detected [ 16.229791] [ 16.230012] Memory state around the buggy address: [ 16.230339] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.230792] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.231084] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.231369] ^ [ 16.231947] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.232460] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.232952] ================================================================== [ 15.763896] ================================================================== [ 15.764219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.764599] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.764950] [ 15.765057] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.765100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.765114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.765134] Call Trace: [ 15.765148] <TASK> [ 15.765163] dump_stack_lvl+0x73/0xb0 [ 15.765192] print_report+0xd1/0x610 [ 15.765236] ? __virt_addr_valid+0x1db/0x2d0 [ 15.765260] ? kasan_atomics_helper+0x1467/0x5450 [ 15.765283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.765309] ? kasan_atomics_helper+0x1467/0x5450 [ 15.765333] kasan_report+0x141/0x180 [ 15.765356] ? kasan_atomics_helper+0x1467/0x5450 [ 15.765384] kasan_check_range+0x10c/0x1c0 [ 15.765409] __kasan_check_write+0x18/0x20 [ 15.765458] kasan_atomics_helper+0x1467/0x5450 [ 15.765483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.765507] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.765534] ? kasan_atomics+0x152/0x310 [ 15.765561] kasan_atomics+0x1dc/0x310 [ 15.765586] ? __pfx_kasan_atomics+0x10/0x10 [ 15.765634] ? __pfx_read_tsc+0x10/0x10 [ 15.765657] ? ktime_get_ts64+0x86/0x230 [ 15.765699] kunit_try_run_case+0x1a5/0x480 [ 15.765726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.765750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.765786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.765812] ? __kthread_parkme+0x82/0x180 [ 15.765834] ? preempt_count_sub+0x50/0x80 [ 15.765860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.765886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.765913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.765940] kthread+0x337/0x6f0 [ 15.765961] ? trace_preempt_on+0x20/0xc0 [ 15.765986] ? __pfx_kthread+0x10/0x10 [ 15.766009] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.766033] ? calculate_sigpending+0x7b/0xa0 [ 15.766058] ? __pfx_kthread+0x10/0x10 [ 15.766081] ret_from_fork+0x116/0x1d0 [ 15.766102] ? __pfx_kthread+0x10/0x10 [ 15.766123] ret_from_fork_asm+0x1a/0x30 [ 15.766155] </TASK> [ 15.766167] [ 15.774012] Allocated by task 282: [ 15.774209] kasan_save_stack+0x45/0x70 [ 15.774505] kasan_save_track+0x18/0x40 [ 15.774710] kasan_save_alloc_info+0x3b/0x50 [ 15.774936] __kasan_kmalloc+0xb7/0xc0 [ 15.775125] __kmalloc_cache_noprof+0x189/0x420 [ 15.775349] kasan_atomics+0x95/0x310 [ 15.775625] kunit_try_run_case+0x1a5/0x480 [ 15.775881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.776153] kthread+0x337/0x6f0 [ 15.776336] ret_from_fork+0x116/0x1d0 [ 15.776542] ret_from_fork_asm+0x1a/0x30 [ 15.776740] [ 15.776849] The buggy address belongs to the object at ffff8881038e7800 [ 15.776849] which belongs to the cache kmalloc-64 of size 64 [ 15.777301] The buggy address is located 0 bytes to the right of [ 15.777301] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.777742] [ 15.777874] The buggy address belongs to the physical page: [ 15.778138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.778583] flags: 0x200000000000000(node=0|zone=2) [ 15.778857] page_type: f5(slab) [ 15.779049] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.779288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.779638] page dumped because: kasan: bad access detected [ 15.779921] [ 15.780016] Memory state around the buggy address: [ 15.780234] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.780585] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.780920] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.781167] ^ [ 15.781383] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781740] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782032] ================================================================== [ 15.704908] ================================================================== [ 15.705252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.705647] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.706005] [ 15.706117] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.706161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.706173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.706195] Call Trace: [ 15.706210] <TASK> [ 15.706226] dump_stack_lvl+0x73/0xb0 [ 15.706254] print_report+0xd1/0x610 [ 15.706277] ? __virt_addr_valid+0x1db/0x2d0 [ 15.706302] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.706325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.706350] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.706374] kasan_report+0x141/0x180 [ 15.706403] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.706475] __asan_report_load4_noabort+0x18/0x20 [ 15.706503] kasan_atomics_helper+0x49ce/0x5450 [ 15.706527] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.706569] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.706596] ? kasan_atomics+0x152/0x310 [ 15.706641] kasan_atomics+0x1dc/0x310 [ 15.706666] ? __pfx_kasan_atomics+0x10/0x10 [ 15.706691] ? __pfx_read_tsc+0x10/0x10 [ 15.706713] ? ktime_get_ts64+0x86/0x230 [ 15.706738] kunit_try_run_case+0x1a5/0x480 [ 15.706773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.706797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.706823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.706849] ? __kthread_parkme+0x82/0x180 [ 15.706870] ? preempt_count_sub+0x50/0x80 [ 15.706896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.706922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.706948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.706975] kthread+0x337/0x6f0 [ 15.706995] ? trace_preempt_on+0x20/0xc0 [ 15.707038] ? __pfx_kthread+0x10/0x10 [ 15.707060] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.707083] ? calculate_sigpending+0x7b/0xa0 [ 15.707109] ? __pfx_kthread+0x10/0x10 [ 15.707131] ret_from_fork+0x116/0x1d0 [ 15.707151] ? __pfx_kthread+0x10/0x10 [ 15.707172] ret_from_fork_asm+0x1a/0x30 [ 15.707204] </TASK> [ 15.707215] [ 15.714748] Allocated by task 282: [ 15.714935] kasan_save_stack+0x45/0x70 [ 15.715156] kasan_save_track+0x18/0x40 [ 15.715351] kasan_save_alloc_info+0x3b/0x50 [ 15.715595] __kasan_kmalloc+0xb7/0xc0 [ 15.715787] __kmalloc_cache_noprof+0x189/0x420 [ 15.716000] kasan_atomics+0x95/0x310 [ 15.716208] kunit_try_run_case+0x1a5/0x480 [ 15.716415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.716705] kthread+0x337/0x6f0 [ 15.716876] ret_from_fork+0x116/0x1d0 [ 15.717095] ret_from_fork_asm+0x1a/0x30 [ 15.717328] [ 15.717467] The buggy address belongs to the object at ffff8881038e7800 [ 15.717467] which belongs to the cache kmalloc-64 of size 64 [ 15.718017] The buggy address is located 0 bytes to the right of [ 15.718017] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.718484] [ 15.718559] The buggy address belongs to the physical page: [ 15.718734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.719098] flags: 0x200000000000000(node=0|zone=2) [ 15.719355] page_type: f5(slab) [ 15.719585] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.719990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.720361] page dumped because: kasan: bad access detected [ 15.720592] [ 15.720663] Memory state around the buggy address: [ 15.720831] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.721175] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.721536] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.721904] ^ [ 15.722065] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.722366] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.722735] ================================================================== [ 15.019254] ================================================================== [ 15.019665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.020056] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.020622] [ 15.020728] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.020786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.020801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.020824] Call Trace: [ 15.020840] <TASK> [ 15.020857] dump_stack_lvl+0x73/0xb0 [ 15.020888] print_report+0xd1/0x610 [ 15.020913] ? __virt_addr_valid+0x1db/0x2d0 [ 15.020939] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.020966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.020991] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.021015] kasan_report+0x141/0x180 [ 15.021040] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.021069] __asan_report_load4_noabort+0x18/0x20 [ 15.021096] kasan_atomics_helper+0x4b54/0x5450 [ 15.021121] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.021145] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.021172] ? kasan_atomics+0x152/0x310 [ 15.021202] kasan_atomics+0x1dc/0x310 [ 15.021227] ? __pfx_kasan_atomics+0x10/0x10 [ 15.021252] ? __pfx_read_tsc+0x10/0x10 [ 15.021274] ? ktime_get_ts64+0x86/0x230 [ 15.021299] kunit_try_run_case+0x1a5/0x480 [ 15.021325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.021837] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.021867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.021892] ? __kthread_parkme+0x82/0x180 [ 15.021914] ? preempt_count_sub+0x50/0x80 [ 15.021940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.021965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.021993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.022019] kthread+0x337/0x6f0 [ 15.022040] ? trace_preempt_on+0x20/0xc0 [ 15.022065] ? __pfx_kthread+0x10/0x10 [ 15.022086] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.022110] ? calculate_sigpending+0x7b/0xa0 [ 15.022136] ? __pfx_kthread+0x10/0x10 [ 15.022159] ret_from_fork+0x116/0x1d0 [ 15.022179] ? __pfx_kthread+0x10/0x10 [ 15.022201] ret_from_fork_asm+0x1a/0x30 [ 15.022233] </TASK> [ 15.022243] [ 15.032496] Allocated by task 282: [ 15.033108] kasan_save_stack+0x45/0x70 [ 15.033318] kasan_save_track+0x18/0x40 [ 15.033555] kasan_save_alloc_info+0x3b/0x50 [ 15.033909] __kasan_kmalloc+0xb7/0xc0 [ 15.034178] __kmalloc_cache_noprof+0x189/0x420 [ 15.034670] kasan_atomics+0x95/0x310 [ 15.034884] kunit_try_run_case+0x1a5/0x480 [ 15.035066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.035535] kthread+0x337/0x6f0 [ 15.035806] ret_from_fork+0x116/0x1d0 [ 15.036076] ret_from_fork_asm+0x1a/0x30 [ 15.036378] [ 15.036485] The buggy address belongs to the object at ffff8881038e7800 [ 15.036485] which belongs to the cache kmalloc-64 of size 64 [ 15.037111] The buggy address is located 0 bytes to the right of [ 15.037111] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.037834] [ 15.037935] The buggy address belongs to the physical page: [ 15.038167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.038771] flags: 0x200000000000000(node=0|zone=2) [ 15.039072] page_type: f5(slab) [ 15.039204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.039988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.040308] page dumped because: kasan: bad access detected [ 15.040634] [ 15.040737] Memory state around the buggy address: [ 15.040959] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.041264] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.041929] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.042190] ^ [ 15.042643] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043080] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043575] ================================================================== [ 15.127022] ================================================================== [ 15.127347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.127672] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.127912] [ 15.127996] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.128039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.128051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.128072] Call Trace: [ 15.128085] <TASK> [ 15.128098] dump_stack_lvl+0x73/0xb0 [ 15.128127] print_report+0xd1/0x610 [ 15.128150] ? __virt_addr_valid+0x1db/0x2d0 [ 15.128174] ? kasan_atomics_helper+0x697/0x5450 [ 15.128197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.128222] ? kasan_atomics_helper+0x697/0x5450 [ 15.128246] kasan_report+0x141/0x180 [ 15.128270] ? kasan_atomics_helper+0x697/0x5450 [ 15.128297] kasan_check_range+0x10c/0x1c0 [ 15.128323] __kasan_check_write+0x18/0x20 [ 15.128390] kasan_atomics_helper+0x697/0x5450 [ 15.128415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.128440] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.128467] ? kasan_atomics+0x152/0x310 [ 15.128495] kasan_atomics+0x1dc/0x310 [ 15.128520] ? __pfx_kasan_atomics+0x10/0x10 [ 15.128546] ? __pfx_read_tsc+0x10/0x10 [ 15.128567] ? ktime_get_ts64+0x86/0x230 [ 15.128593] kunit_try_run_case+0x1a5/0x480 [ 15.128619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.128670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.128695] ? __kthread_parkme+0x82/0x180 [ 15.128717] ? preempt_count_sub+0x50/0x80 [ 15.128741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.128835] kthread+0x337/0x6f0 [ 15.128856] ? trace_preempt_on+0x20/0xc0 [ 15.128879] ? __pfx_kthread+0x10/0x10 [ 15.128902] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.128925] ? calculate_sigpending+0x7b/0xa0 [ 15.128951] ? __pfx_kthread+0x10/0x10 [ 15.128973] ret_from_fork+0x116/0x1d0 [ 15.128993] ? __pfx_kthread+0x10/0x10 [ 15.129014] ret_from_fork_asm+0x1a/0x30 [ 15.129046] </TASK> [ 15.129057] [ 15.137584] Allocated by task 282: [ 15.137722] kasan_save_stack+0x45/0x70 [ 15.138043] kasan_save_track+0x18/0x40 [ 15.138246] kasan_save_alloc_info+0x3b/0x50 [ 15.138767] __kasan_kmalloc+0xb7/0xc0 [ 15.138915] __kmalloc_cache_noprof+0x189/0x420 [ 15.139074] kasan_atomics+0x95/0x310 [ 15.139208] kunit_try_run_case+0x1a5/0x480 [ 15.139356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.139533] kthread+0x337/0x6f0 [ 15.139654] ret_from_fork+0x116/0x1d0 [ 15.139889] ret_from_fork_asm+0x1a/0x30 [ 15.140234] [ 15.140368] The buggy address belongs to the object at ffff8881038e7800 [ 15.140368] which belongs to the cache kmalloc-64 of size 64 [ 15.140915] The buggy address is located 0 bytes to the right of [ 15.140915] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.144647] [ 15.145255] The buggy address belongs to the physical page: [ 15.146083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.146985] flags: 0x200000000000000(node=0|zone=2) [ 15.147460] page_type: f5(slab) [ 15.147869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.148105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.148335] page dumped because: kasan: bad access detected [ 15.148688] [ 15.149660] Memory state around the buggy address: [ 15.149874] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.150096] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.150314] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.151652] ^ [ 15.151894] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.152360] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.153009] ================================================================== [ 15.801175] ================================================================== [ 15.801597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.801924] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.802232] [ 15.802354] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.802405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.802417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.802477] Call Trace: [ 15.802491] <TASK> [ 15.802505] dump_stack_lvl+0x73/0xb0 [ 15.802534] print_report+0xd1/0x610 [ 15.802576] ? __virt_addr_valid+0x1db/0x2d0 [ 15.802600] ? kasan_atomics_helper+0x151d/0x5450 [ 15.802623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.802648] ? kasan_atomics_helper+0x151d/0x5450 [ 15.802672] kasan_report+0x141/0x180 [ 15.802696] ? kasan_atomics_helper+0x151d/0x5450 [ 15.802741] kasan_check_range+0x10c/0x1c0 [ 15.802776] __kasan_check_write+0x18/0x20 [ 15.802798] kasan_atomics_helper+0x151d/0x5450 [ 15.802822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.802848] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.802892] ? kasan_atomics+0x152/0x310 [ 15.802921] kasan_atomics+0x1dc/0x310 [ 15.802945] ? __pfx_kasan_atomics+0x10/0x10 [ 15.802971] ? __pfx_read_tsc+0x10/0x10 [ 15.802993] ? ktime_get_ts64+0x86/0x230 [ 15.803019] kunit_try_run_case+0x1a5/0x480 [ 15.803045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.803069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.803095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.803121] ? __kthread_parkme+0x82/0x180 [ 15.803142] ? preempt_count_sub+0x50/0x80 [ 15.803168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.803210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.803237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.803291] kthread+0x337/0x6f0 [ 15.803326] ? trace_preempt_on+0x20/0xc0 [ 15.803365] ? __pfx_kthread+0x10/0x10 [ 15.803401] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.803470] ? calculate_sigpending+0x7b/0xa0 [ 15.803510] ? __pfx_kthread+0x10/0x10 [ 15.803533] ret_from_fork+0x116/0x1d0 [ 15.803554] ? __pfx_kthread+0x10/0x10 [ 15.803576] ret_from_fork_asm+0x1a/0x30 [ 15.803608] </TASK> [ 15.803619] [ 15.811498] Allocated by task 282: [ 15.811703] kasan_save_stack+0x45/0x70 [ 15.811935] kasan_save_track+0x18/0x40 [ 15.812092] kasan_save_alloc_info+0x3b/0x50 [ 15.812242] __kasan_kmalloc+0xb7/0xc0 [ 15.812398] __kmalloc_cache_noprof+0x189/0x420 [ 15.812656] kasan_atomics+0x95/0x310 [ 15.812897] kunit_try_run_case+0x1a5/0x480 [ 15.813096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813347] kthread+0x337/0x6f0 [ 15.813512] ret_from_fork+0x116/0x1d0 [ 15.813688] ret_from_fork_asm+0x1a/0x30 [ 15.813922] [ 15.814035] The buggy address belongs to the object at ffff8881038e7800 [ 15.814035] which belongs to the cache kmalloc-64 of size 64 [ 15.814557] The buggy address is located 0 bytes to the right of [ 15.814557] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.815080] [ 15.815174] The buggy address belongs to the physical page: [ 15.815436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.815836] flags: 0x200000000000000(node=0|zone=2) [ 15.816071] page_type: f5(slab) [ 15.816239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.816525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.816762] page dumped because: kasan: bad access detected [ 15.817002] [ 15.817097] Memory state around the buggy address: [ 15.817344] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.817721] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.818048] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.818388] ^ [ 15.818650] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.818965] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819237] ================================================================== [ 15.839017] ================================================================== [ 15.839255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.839678] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.840068] [ 15.840197] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.840254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.840267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.840288] Call Trace: [ 15.840302] <TASK> [ 15.840316] dump_stack_lvl+0x73/0xb0 [ 15.840345] print_report+0xd1/0x610 [ 15.840368] ? __virt_addr_valid+0x1db/0x2d0 [ 15.840392] ? kasan_atomics_helper+0x164f/0x5450 [ 15.840414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.840461] ? kasan_atomics_helper+0x164f/0x5450 [ 15.840485] kasan_report+0x141/0x180 [ 15.840508] ? kasan_atomics_helper+0x164f/0x5450 [ 15.840555] kasan_check_range+0x10c/0x1c0 [ 15.840582] __kasan_check_write+0x18/0x20 [ 15.840602] kasan_atomics_helper+0x164f/0x5450 [ 15.840626] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.840652] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.840679] ? kasan_atomics+0x152/0x310 [ 15.840707] kasan_atomics+0x1dc/0x310 [ 15.840731] ? __pfx_kasan_atomics+0x10/0x10 [ 15.840767] ? __pfx_read_tsc+0x10/0x10 [ 15.840791] ? ktime_get_ts64+0x86/0x230 [ 15.840817] kunit_try_run_case+0x1a5/0x480 [ 15.840843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.840912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.840939] ? __kthread_parkme+0x82/0x180 [ 15.840961] ? preempt_count_sub+0x50/0x80 [ 15.841003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.841056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.841100] kthread+0x337/0x6f0 [ 15.841121] ? trace_preempt_on+0x20/0xc0 [ 15.841146] ? __pfx_kthread+0x10/0x10 [ 15.841168] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.841192] ? calculate_sigpending+0x7b/0xa0 [ 15.841217] ? __pfx_kthread+0x10/0x10 [ 15.841240] ret_from_fork+0x116/0x1d0 [ 15.841260] ? __pfx_kthread+0x10/0x10 [ 15.841299] ret_from_fork_asm+0x1a/0x30 [ 15.841331] </TASK> [ 15.841342] [ 15.850492] Allocated by task 282: [ 15.850666] kasan_save_stack+0x45/0x70 [ 15.850911] kasan_save_track+0x18/0x40 [ 15.851109] kasan_save_alloc_info+0x3b/0x50 [ 15.851301] __kasan_kmalloc+0xb7/0xc0 [ 15.851529] __kmalloc_cache_noprof+0x189/0x420 [ 15.851769] kasan_atomics+0x95/0x310 [ 15.851974] kunit_try_run_case+0x1a5/0x480 [ 15.852178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852504] kthread+0x337/0x6f0 [ 15.852681] ret_from_fork+0x116/0x1d0 [ 15.852885] ret_from_fork_asm+0x1a/0x30 [ 15.853084] [ 15.853179] The buggy address belongs to the object at ffff8881038e7800 [ 15.853179] which belongs to the cache kmalloc-64 of size 64 [ 15.853621] The buggy address is located 0 bytes to the right of [ 15.853621] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.854203] [ 15.854301] The buggy address belongs to the physical page: [ 15.854572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.854916] flags: 0x200000000000000(node=0|zone=2) [ 15.855133] page_type: f5(slab) [ 15.855325] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.855681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.856015] page dumped because: kasan: bad access detected [ 15.856262] [ 15.856361] Memory state around the buggy address: [ 15.856619] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.856950] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.857273] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.857649] ^ [ 15.857889] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.858183] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.858400] ================================================================== [ 14.918777] ================================================================== [ 14.919587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.919932] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 14.920227] [ 14.920317] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.920362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.920373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.920394] Call Trace: [ 14.920406] <TASK> [ 14.920422] dump_stack_lvl+0x73/0xb0 [ 14.920521] print_report+0xd1/0x610 [ 14.920545] ? __virt_addr_valid+0x1db/0x2d0 [ 14.920569] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.920616] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920639] kasan_report+0x141/0x180 [ 14.920661] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920688] __asan_report_load4_noabort+0x18/0x20 [ 14.920714] kasan_atomics_helper+0x4bbc/0x5450 [ 14.920736] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.920770] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.920798] ? kasan_atomics+0x152/0x310 [ 14.920824] kasan_atomics+0x1dc/0x310 [ 14.920847] ? __pfx_kasan_atomics+0x10/0x10 [ 14.920872] ? __pfx_read_tsc+0x10/0x10 [ 14.920894] ? ktime_get_ts64+0x86/0x230 [ 14.920920] kunit_try_run_case+0x1a5/0x480 [ 14.920945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.921021] ? __kthread_parkme+0x82/0x180 [ 14.921042] ? preempt_count_sub+0x50/0x80 [ 14.921067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.921092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.921118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.921144] kthread+0x337/0x6f0 [ 14.921163] ? trace_preempt_on+0x20/0xc0 [ 14.921188] ? __pfx_kthread+0x10/0x10 [ 14.921209] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.921231] ? calculate_sigpending+0x7b/0xa0 [ 14.921257] ? __pfx_kthread+0x10/0x10 [ 14.921279] ret_from_fork+0x116/0x1d0 [ 14.921298] ? __pfx_kthread+0x10/0x10 [ 14.921319] ret_from_fork_asm+0x1a/0x30 [ 14.921399] </TASK> [ 14.921410] [ 14.931543] Allocated by task 282: [ 14.931884] kasan_save_stack+0x45/0x70 [ 14.932068] kasan_save_track+0x18/0x40 [ 14.932257] kasan_save_alloc_info+0x3b/0x50 [ 14.932809] __kasan_kmalloc+0xb7/0xc0 [ 14.933003] __kmalloc_cache_noprof+0x189/0x420 [ 14.933181] kasan_atomics+0x95/0x310 [ 14.933374] kunit_try_run_case+0x1a5/0x480 [ 14.933801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.934067] kthread+0x337/0x6f0 [ 14.934230] ret_from_fork+0x116/0x1d0 [ 14.934698] ret_from_fork_asm+0x1a/0x30 [ 14.934922] [ 14.935002] The buggy address belongs to the object at ffff8881038e7800 [ 14.935002] which belongs to the cache kmalloc-64 of size 64 [ 14.935690] The buggy address is located 0 bytes to the right of [ 14.935690] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 14.936196] [ 14.936300] The buggy address belongs to the physical page: [ 14.936921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 14.937293] flags: 0x200000000000000(node=0|zone=2) [ 14.937644] page_type: f5(slab) [ 14.937795] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.938126] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.938467] page dumped because: kasan: bad access detected [ 14.939096] [ 14.939175] Memory state around the buggy address: [ 14.939502] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.939859] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.940154] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.940432] ^ [ 14.940741] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941079] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941383] ================================================================== [ 14.980095] ================================================================== [ 14.980692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.980951] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 14.981279] [ 14.981382] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.981423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.981434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.981454] Call Trace: [ 14.981468] <TASK> [ 14.981481] dump_stack_lvl+0x73/0xb0 [ 14.981510] print_report+0xd1/0x610 [ 14.981531] ? __virt_addr_valid+0x1db/0x2d0 [ 14.981553] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.981575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.981598] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.981621] kasan_report+0x141/0x180 [ 14.981716] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.981864] __asan_report_store4_noabort+0x1b/0x30 [ 14.981893] kasan_atomics_helper+0x4b6e/0x5450 [ 14.981935] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.981959] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.981985] ? kasan_atomics+0x152/0x310 [ 14.982014] kasan_atomics+0x1dc/0x310 [ 14.982039] ? __pfx_kasan_atomics+0x10/0x10 [ 14.982064] ? __pfx_read_tsc+0x10/0x10 [ 14.982087] ? ktime_get_ts64+0x86/0x230 [ 14.982112] kunit_try_run_case+0x1a5/0x480 [ 14.982138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.982163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.982189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.982215] ? __kthread_parkme+0x82/0x180 [ 14.982237] ? preempt_count_sub+0x50/0x80 [ 14.982263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.982290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.982317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.982359] kthread+0x337/0x6f0 [ 14.982380] ? trace_preempt_on+0x20/0xc0 [ 14.982412] ? __pfx_kthread+0x10/0x10 [ 14.982434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.982504] ? calculate_sigpending+0x7b/0xa0 [ 14.982529] ? __pfx_kthread+0x10/0x10 [ 14.982552] ret_from_fork+0x116/0x1d0 [ 14.982572] ? __pfx_kthread+0x10/0x10 [ 14.982595] ret_from_fork_asm+0x1a/0x30 [ 14.982627] </TASK> [ 14.982638] [ 14.990377] Allocated by task 282: [ 14.990562] kasan_save_stack+0x45/0x70 [ 14.990790] kasan_save_track+0x18/0x40 [ 14.990997] kasan_save_alloc_info+0x3b/0x50 [ 14.991213] __kasan_kmalloc+0xb7/0xc0 [ 14.991405] __kmalloc_cache_noprof+0x189/0x420 [ 14.991614] kasan_atomics+0x95/0x310 [ 14.991851] kunit_try_run_case+0x1a5/0x480 [ 14.992026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992284] kthread+0x337/0x6f0 [ 14.992518] ret_from_fork+0x116/0x1d0 [ 14.992657] ret_from_fork_asm+0x1a/0x30 [ 14.992810] [ 14.992882] The buggy address belongs to the object at ffff8881038e7800 [ 14.992882] which belongs to the cache kmalloc-64 of size 64 [ 14.993684] The buggy address is located 0 bytes to the right of [ 14.993684] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 14.994086] [ 14.994160] The buggy address belongs to the physical page: [ 14.994363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 14.994803] flags: 0x200000000000000(node=0|zone=2) [ 14.995061] page_type: f5(slab) [ 14.995234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.995773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.996005] page dumped because: kasan: bad access detected [ 14.996179] [ 14.996249] Memory state around the buggy address: [ 14.996691] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.997039] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.997363] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.997880] ^ [ 14.998102] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998410] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998805] ================================================================== [ 15.259947] ================================================================== [ 15.260280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.260813] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.261564] [ 15.261891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.261940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.261954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.261975] Call Trace: [ 15.261991] <TASK> [ 15.262008] dump_stack_lvl+0x73/0xb0 [ 15.262040] print_report+0xd1/0x610 [ 15.262064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.262088] ? kasan_atomics_helper+0x992/0x5450 [ 15.262111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.262136] ? kasan_atomics_helper+0x992/0x5450 [ 15.262159] kasan_report+0x141/0x180 [ 15.262183] ? kasan_atomics_helper+0x992/0x5450 [ 15.262211] kasan_check_range+0x10c/0x1c0 [ 15.262236] __kasan_check_write+0x18/0x20 [ 15.262258] kasan_atomics_helper+0x992/0x5450 [ 15.262283] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.262311] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.262605] ? kasan_atomics+0x152/0x310 [ 15.262638] kasan_atomics+0x1dc/0x310 [ 15.262665] ? __pfx_kasan_atomics+0x10/0x10 [ 15.262691] ? __pfx_read_tsc+0x10/0x10 [ 15.262714] ? ktime_get_ts64+0x86/0x230 [ 15.262741] kunit_try_run_case+0x1a5/0x480 [ 15.262778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262855] ? __kthread_parkme+0x82/0x180 [ 15.262876] ? preempt_count_sub+0x50/0x80 [ 15.262901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262980] kthread+0x337/0x6f0 [ 15.263001] ? trace_preempt_on+0x20/0xc0 [ 15.263025] ? __pfx_kthread+0x10/0x10 [ 15.263048] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.263071] ? calculate_sigpending+0x7b/0xa0 [ 15.263096] ? __pfx_kthread+0x10/0x10 [ 15.263119] ret_from_fork+0x116/0x1d0 [ 15.263139] ? __pfx_kthread+0x10/0x10 [ 15.263162] ret_from_fork_asm+0x1a/0x30 [ 15.263197] </TASK> [ 15.263209] [ 15.276034] Allocated by task 282: [ 15.276221] kasan_save_stack+0x45/0x70 [ 15.276454] kasan_save_track+0x18/0x40 [ 15.277104] kasan_save_alloc_info+0x3b/0x50 [ 15.277458] __kasan_kmalloc+0xb7/0xc0 [ 15.277855] __kmalloc_cache_noprof+0x189/0x420 [ 15.278206] kasan_atomics+0x95/0x310 [ 15.278621] kunit_try_run_case+0x1a5/0x480 [ 15.279009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279448] kthread+0x337/0x6f0 [ 15.279640] ret_from_fork+0x116/0x1d0 [ 15.279847] ret_from_fork_asm+0x1a/0x30 [ 15.280039] [ 15.280129] The buggy address belongs to the object at ffff8881038e7800 [ 15.280129] which belongs to the cache kmalloc-64 of size 64 [ 15.281168] The buggy address is located 0 bytes to the right of [ 15.281168] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.282164] [ 15.282511] The buggy address belongs to the physical page: [ 15.282773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.283237] flags: 0x200000000000000(node=0|zone=2) [ 15.283623] page_type: f5(slab) [ 15.283767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.283998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.284220] page dumped because: kasan: bad access detected [ 15.284388] [ 15.284457] Memory state around the buggy address: [ 15.284609] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.285366] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.285749] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.285995] ^ [ 15.286153] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.286367] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.286586] ================================================================== [ 15.564857] ================================================================== [ 15.565173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.565791] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.566127] [ 15.566226] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.566270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.566283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.566303] Call Trace: [ 15.566319] <TASK> [ 15.566335] dump_stack_lvl+0x73/0xb0 [ 15.566365] print_report+0xd1/0x610 [ 15.566394] ? __virt_addr_valid+0x1db/0x2d0 [ 15.566419] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.566776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.566804] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.566828] kasan_report+0x141/0x180 [ 15.566852] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.566881] __asan_report_load4_noabort+0x18/0x20 [ 15.566908] kasan_atomics_helper+0x4a1c/0x5450 [ 15.566933] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.566957] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.566984] ? kasan_atomics+0x152/0x310 [ 15.567014] kasan_atomics+0x1dc/0x310 [ 15.567038] ? __pfx_kasan_atomics+0x10/0x10 [ 15.567064] ? __pfx_read_tsc+0x10/0x10 [ 15.567086] ? ktime_get_ts64+0x86/0x230 [ 15.567112] kunit_try_run_case+0x1a5/0x480 [ 15.567137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.567162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.567187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.567214] ? __kthread_parkme+0x82/0x180 [ 15.567235] ? preempt_count_sub+0x50/0x80 [ 15.567260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.567286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.567313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.567340] kthread+0x337/0x6f0 [ 15.567361] ? trace_preempt_on+0x20/0xc0 [ 15.567386] ? __pfx_kthread+0x10/0x10 [ 15.567408] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.567454] ? calculate_sigpending+0x7b/0xa0 [ 15.567480] ? __pfx_kthread+0x10/0x10 [ 15.567503] ret_from_fork+0x116/0x1d0 [ 15.567523] ? __pfx_kthread+0x10/0x10 [ 15.567546] ret_from_fork_asm+0x1a/0x30 [ 15.567578] </TASK> [ 15.567589] [ 15.579062] Allocated by task 282: [ 15.579227] kasan_save_stack+0x45/0x70 [ 15.579709] kasan_save_track+0x18/0x40 [ 15.579922] kasan_save_alloc_info+0x3b/0x50 [ 15.580234] __kasan_kmalloc+0xb7/0xc0 [ 15.580582] __kmalloc_cache_noprof+0x189/0x420 [ 15.580974] kasan_atomics+0x95/0x310 [ 15.581282] kunit_try_run_case+0x1a5/0x480 [ 15.581636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582046] kthread+0x337/0x6f0 [ 15.582353] ret_from_fork+0x116/0x1d0 [ 15.582710] ret_from_fork_asm+0x1a/0x30 [ 15.582911] [ 15.583010] The buggy address belongs to the object at ffff8881038e7800 [ 15.583010] which belongs to the cache kmalloc-64 of size 64 [ 15.583844] The buggy address is located 0 bytes to the right of [ 15.583844] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.584530] [ 15.584771] The buggy address belongs to the physical page: [ 15.585168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.585627] flags: 0x200000000000000(node=0|zone=2) [ 15.585998] page_type: f5(slab) [ 15.586282] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.586777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.587070] page dumped because: kasan: bad access detected [ 15.587332] [ 15.587691] Memory state around the buggy address: [ 15.587932] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.588338] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.588821] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.589263] ^ [ 15.589646] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590102] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590564] ================================================================== [ 15.186898] ================================================================== [ 15.187201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.187816] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.188556] [ 15.188794] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.188845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.188857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.188880] Call Trace: [ 15.188898] <TASK> [ 15.188916] dump_stack_lvl+0x73/0xb0 [ 15.188949] print_report+0xd1/0x610 [ 15.188996] ? __virt_addr_valid+0x1db/0x2d0 [ 15.189022] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.189046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.189071] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.189095] kasan_report+0x141/0x180 [ 15.189119] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.189147] kasan_check_range+0x10c/0x1c0 [ 15.189172] __kasan_check_write+0x18/0x20 [ 15.189193] kasan_atomics_helper+0x7c7/0x5450 [ 15.189218] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.189242] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.189269] ? kasan_atomics+0x152/0x310 [ 15.189297] kasan_atomics+0x1dc/0x310 [ 15.189321] ? __pfx_kasan_atomics+0x10/0x10 [ 15.189358] ? __pfx_read_tsc+0x10/0x10 [ 15.189381] ? ktime_get_ts64+0x86/0x230 [ 15.189408] kunit_try_run_case+0x1a5/0x480 [ 15.189434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.189509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.189536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.189563] ? __kthread_parkme+0x82/0x180 [ 15.189584] ? preempt_count_sub+0x50/0x80 [ 15.189609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.189635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.189662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.189690] kthread+0x337/0x6f0 [ 15.189710] ? trace_preempt_on+0x20/0xc0 [ 15.189734] ? __pfx_kthread+0x10/0x10 [ 15.189767] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.189790] ? calculate_sigpending+0x7b/0xa0 [ 15.189815] ? __pfx_kthread+0x10/0x10 [ 15.189838] ret_from_fork+0x116/0x1d0 [ 15.189859] ? __pfx_kthread+0x10/0x10 [ 15.189880] ret_from_fork_asm+0x1a/0x30 [ 15.189911] </TASK> [ 15.189922] [ 15.198671] Allocated by task 282: [ 15.198819] kasan_save_stack+0x45/0x70 [ 15.198969] kasan_save_track+0x18/0x40 [ 15.199105] kasan_save_alloc_info+0x3b/0x50 [ 15.199368] __kasan_kmalloc+0xb7/0xc0 [ 15.199660] __kmalloc_cache_noprof+0x189/0x420 [ 15.199906] kasan_atomics+0x95/0x310 [ 15.200113] kunit_try_run_case+0x1a5/0x480 [ 15.200540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.200787] kthread+0x337/0x6f0 [ 15.200959] ret_from_fork+0x116/0x1d0 [ 15.201149] ret_from_fork_asm+0x1a/0x30 [ 15.201348] [ 15.201432] The buggy address belongs to the object at ffff8881038e7800 [ 15.201432] which belongs to the cache kmalloc-64 of size 64 [ 15.201785] The buggy address is located 0 bytes to the right of [ 15.201785] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.202730] [ 15.202809] The buggy address belongs to the physical page: [ 15.202974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.203204] flags: 0x200000000000000(node=0|zone=2) [ 15.203709] page_type: f5(slab) [ 15.203898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.204270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.204646] page dumped because: kasan: bad access detected [ 15.204823] [ 15.205064] Memory state around the buggy address: [ 15.205292] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.205793] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.206137] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.206349] ^ [ 15.206580] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.206943] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207278] ================================================================== [ 15.231136] ================================================================== [ 15.231416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.232246] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.232636] [ 15.232871] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.232918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.232931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.232953] Call Trace: [ 15.232969] <TASK> [ 15.232983] dump_stack_lvl+0x73/0xb0 [ 15.233015] print_report+0xd1/0x610 [ 15.233038] ? __virt_addr_valid+0x1db/0x2d0 [ 15.233062] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.233085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.233110] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.233133] kasan_report+0x141/0x180 [ 15.233157] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.233184] kasan_check_range+0x10c/0x1c0 [ 15.233210] __kasan_check_write+0x18/0x20 [ 15.233231] kasan_atomics_helper+0x8f9/0x5450 [ 15.233256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.233280] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.233422] ? kasan_atomics+0x152/0x310 [ 15.233466] kasan_atomics+0x1dc/0x310 [ 15.233491] ? __pfx_kasan_atomics+0x10/0x10 [ 15.233517] ? __pfx_read_tsc+0x10/0x10 [ 15.233540] ? ktime_get_ts64+0x86/0x230 [ 15.233565] kunit_try_run_case+0x1a5/0x480 [ 15.233591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.233616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.233641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.233666] ? __kthread_parkme+0x82/0x180 [ 15.233688] ? preempt_count_sub+0x50/0x80 [ 15.233714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.233740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.233777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.233805] kthread+0x337/0x6f0 [ 15.233826] ? trace_preempt_on+0x20/0xc0 [ 15.233851] ? __pfx_kthread+0x10/0x10 [ 15.233873] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.233897] ? calculate_sigpending+0x7b/0xa0 [ 15.233923] ? __pfx_kthread+0x10/0x10 [ 15.233945] ret_from_fork+0x116/0x1d0 [ 15.233966] ? __pfx_kthread+0x10/0x10 [ 15.233988] ret_from_fork_asm+0x1a/0x30 [ 15.234020] </TASK> [ 15.234032] [ 15.245870] Allocated by task 282: [ 15.246067] kasan_save_stack+0x45/0x70 [ 15.246258] kasan_save_track+0x18/0x40 [ 15.247007] kasan_save_alloc_info+0x3b/0x50 [ 15.247227] __kasan_kmalloc+0xb7/0xc0 [ 15.247560] __kmalloc_cache_noprof+0x189/0x420 [ 15.248204] kasan_atomics+0x95/0x310 [ 15.248477] kunit_try_run_case+0x1a5/0x480 [ 15.248810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249241] kthread+0x337/0x6f0 [ 15.249582] ret_from_fork+0x116/0x1d0 [ 15.249793] ret_from_fork_asm+0x1a/0x30 [ 15.249990] [ 15.250080] The buggy address belongs to the object at ffff8881038e7800 [ 15.250080] which belongs to the cache kmalloc-64 of size 64 [ 15.251003] The buggy address is located 0 bytes to the right of [ 15.251003] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.251864] [ 15.251978] The buggy address belongs to the physical page: [ 15.252530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.253035] flags: 0x200000000000000(node=0|zone=2) [ 15.253445] page_type: f5(slab) [ 15.253806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.254279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.254821] page dumped because: kasan: bad access detected [ 15.255215] [ 15.255479] Memory state around the buggy address: [ 15.255924] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.256714] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.257035] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.257584] ^ [ 15.257893] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258224] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258845] ================================================================== [ 16.283332] ================================================================== [ 16.284032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.284820] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.285469] [ 16.285673] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.285717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.285730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.285752] Call Trace: [ 16.285780] <TASK> [ 16.285799] dump_stack_lvl+0x73/0xb0 [ 16.285828] print_report+0xd1/0x610 [ 16.285850] ? __virt_addr_valid+0x1db/0x2d0 [ 16.285885] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.285908] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.285933] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.285968] kasan_report+0x141/0x180 [ 16.285992] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.286019] kasan_check_range+0x10c/0x1c0 [ 16.286044] __kasan_check_write+0x18/0x20 [ 16.286065] kasan_atomics_helper+0x20c8/0x5450 [ 16.286090] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.286114] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.286141] ? kasan_atomics+0x152/0x310 [ 16.286168] kasan_atomics+0x1dc/0x310 [ 16.286192] ? __pfx_kasan_atomics+0x10/0x10 [ 16.286218] ? __pfx_read_tsc+0x10/0x10 [ 16.286240] ? ktime_get_ts64+0x86/0x230 [ 16.286266] kunit_try_run_case+0x1a5/0x480 [ 16.286291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.286341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.286367] ? __kthread_parkme+0x82/0x180 [ 16.286402] ? preempt_count_sub+0x50/0x80 [ 16.286426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.286489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.286517] kthread+0x337/0x6f0 [ 16.286537] ? trace_preempt_on+0x20/0xc0 [ 16.286561] ? __pfx_kthread+0x10/0x10 [ 16.286583] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.286606] ? calculate_sigpending+0x7b/0xa0 [ 16.286632] ? __pfx_kthread+0x10/0x10 [ 16.286655] ret_from_fork+0x116/0x1d0 [ 16.286675] ? __pfx_kthread+0x10/0x10 [ 16.286697] ret_from_fork_asm+0x1a/0x30 [ 16.286728] </TASK> [ 16.286739] [ 16.296819] Allocated by task 282: [ 16.297002] kasan_save_stack+0x45/0x70 [ 16.297198] kasan_save_track+0x18/0x40 [ 16.297394] kasan_save_alloc_info+0x3b/0x50 [ 16.297660] __kasan_kmalloc+0xb7/0xc0 [ 16.297868] __kmalloc_cache_noprof+0x189/0x420 [ 16.298033] kasan_atomics+0x95/0x310 [ 16.298169] kunit_try_run_case+0x1a5/0x480 [ 16.298317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.298688] kthread+0x337/0x6f0 [ 16.298878] ret_from_fork+0x116/0x1d0 [ 16.299069] ret_from_fork_asm+0x1a/0x30 [ 16.299268] [ 16.299365] The buggy address belongs to the object at ffff8881038e7800 [ 16.299365] which belongs to the cache kmalloc-64 of size 64 [ 16.299830] The buggy address is located 0 bytes to the right of [ 16.299830] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.300293] [ 16.300393] The buggy address belongs to the physical page: [ 16.300932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.301298] flags: 0x200000000000000(node=0|zone=2) [ 16.301574] page_type: f5(slab) [ 16.301749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.302094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.302410] page dumped because: kasan: bad access detected [ 16.302707] [ 16.302813] Memory state around the buggy address: [ 16.303035] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.303301] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.303621] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.303929] ^ [ 16.304153] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304370] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304584] ================================================================== [ 16.156836] ================================================================== [ 16.157427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.157832] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.158205] [ 16.158294] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.158339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.158352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.158373] Call Trace: [ 16.158395] <TASK> [ 16.158410] dump_stack_lvl+0x73/0xb0 [ 16.158636] print_report+0xd1/0x610 [ 16.158670] ? __virt_addr_valid+0x1db/0x2d0 [ 16.158694] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.158718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.158743] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.158781] kasan_report+0x141/0x180 [ 16.158805] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.158833] kasan_check_range+0x10c/0x1c0 [ 16.158858] __kasan_check_write+0x18/0x20 [ 16.158879] kasan_atomics_helper+0x1eaa/0x5450 [ 16.158904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.158929] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.158956] ? kasan_atomics+0x152/0x310 [ 16.158985] kasan_atomics+0x1dc/0x310 [ 16.159009] ? __pfx_kasan_atomics+0x10/0x10 [ 16.159035] ? __pfx_read_tsc+0x10/0x10 [ 16.159057] ? ktime_get_ts64+0x86/0x230 [ 16.159082] kunit_try_run_case+0x1a5/0x480 [ 16.159108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.159133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.159159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.159186] ? __kthread_parkme+0x82/0x180 [ 16.159208] ? preempt_count_sub+0x50/0x80 [ 16.159234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.159260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.159287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.159314] kthread+0x337/0x6f0 [ 16.159335] ? trace_preempt_on+0x20/0xc0 [ 16.159360] ? __pfx_kthread+0x10/0x10 [ 16.159382] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.159406] ? calculate_sigpending+0x7b/0xa0 [ 16.159431] ? __pfx_kthread+0x10/0x10 [ 16.159462] ret_from_fork+0x116/0x1d0 [ 16.159482] ? __pfx_kthread+0x10/0x10 [ 16.159504] ret_from_fork_asm+0x1a/0x30 [ 16.159535] </TASK> [ 16.159547] [ 16.168997] Allocated by task 282: [ 16.169132] kasan_save_stack+0x45/0x70 [ 16.169343] kasan_save_track+0x18/0x40 [ 16.169975] kasan_save_alloc_info+0x3b/0x50 [ 16.170194] __kasan_kmalloc+0xb7/0xc0 [ 16.170347] __kmalloc_cache_noprof+0x189/0x420 [ 16.170703] kasan_atomics+0x95/0x310 [ 16.170903] kunit_try_run_case+0x1a5/0x480 [ 16.171226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.171527] kthread+0x337/0x6f0 [ 16.171764] ret_from_fork+0x116/0x1d0 [ 16.171953] ret_from_fork_asm+0x1a/0x30 [ 16.172293] [ 16.172374] The buggy address belongs to the object at ffff8881038e7800 [ 16.172374] which belongs to the cache kmalloc-64 of size 64 [ 16.172968] The buggy address is located 0 bytes to the right of [ 16.172968] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.173491] [ 16.173836] The buggy address belongs to the physical page: [ 16.174079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.174548] flags: 0x200000000000000(node=0|zone=2) [ 16.174856] page_type: f5(slab) [ 16.174993] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.175477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.175800] page dumped because: kasan: bad access detected [ 16.176151] [ 16.176242] Memory state around the buggy address: [ 16.176592] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.176985] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.177299] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.177721] ^ [ 16.177930] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.178334] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.178752] ================================================================== [ 15.460540] ================================================================== [ 15.460901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.461294] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.461803] [ 15.461955] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.462000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.462013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.462034] Call Trace: [ 15.462055] <TASK> [ 15.462069] dump_stack_lvl+0x73/0xb0 [ 15.462099] print_report+0xd1/0x610 [ 15.462134] ? __virt_addr_valid+0x1db/0x2d0 [ 15.462158] ? kasan_atomics_helper+0xe78/0x5450 [ 15.462181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.462206] ? kasan_atomics_helper+0xe78/0x5450 [ 15.462229] kasan_report+0x141/0x180 [ 15.462252] ? kasan_atomics_helper+0xe78/0x5450 [ 15.462279] kasan_check_range+0x10c/0x1c0 [ 15.462305] __kasan_check_write+0x18/0x20 [ 15.462336] kasan_atomics_helper+0xe78/0x5450 [ 15.462361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.462390] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.462427] ? kasan_atomics+0x152/0x310 [ 15.462463] kasan_atomics+0x1dc/0x310 [ 15.462497] ? __pfx_kasan_atomics+0x10/0x10 [ 15.462525] ? __pfx_read_tsc+0x10/0x10 [ 15.462546] ? ktime_get_ts64+0x86/0x230 [ 15.462571] kunit_try_run_case+0x1a5/0x480 [ 15.462597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.462621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.462647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.462672] ? __kthread_parkme+0x82/0x180 [ 15.462694] ? preempt_count_sub+0x50/0x80 [ 15.462720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.462746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.462782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.462809] kthread+0x337/0x6f0 [ 15.462829] ? trace_preempt_on+0x20/0xc0 [ 15.462854] ? __pfx_kthread+0x10/0x10 [ 15.462877] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.462909] ? calculate_sigpending+0x7b/0xa0 [ 15.462935] ? __pfx_kthread+0x10/0x10 [ 15.462958] ret_from_fork+0x116/0x1d0 [ 15.462988] ? __pfx_kthread+0x10/0x10 [ 15.463010] ret_from_fork_asm+0x1a/0x30 [ 15.463042] </TASK> [ 15.463053] [ 15.470807] Allocated by task 282: [ 15.471034] kasan_save_stack+0x45/0x70 [ 15.471240] kasan_save_track+0x18/0x40 [ 15.471459] kasan_save_alloc_info+0x3b/0x50 [ 15.471896] __kasan_kmalloc+0xb7/0xc0 [ 15.472884] __kmalloc_cache_noprof+0x189/0x420 [ 15.473091] kasan_atomics+0x95/0x310 [ 15.473272] kunit_try_run_case+0x1a5/0x480 [ 15.474178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.474425] kthread+0x337/0x6f0 [ 15.474776] ret_from_fork+0x116/0x1d0 [ 15.474961] ret_from_fork_asm+0x1a/0x30 [ 15.475140] [ 15.475317] The buggy address belongs to the object at ffff8881038e7800 [ 15.475317] which belongs to the cache kmalloc-64 of size 64 [ 15.476347] The buggy address is located 0 bytes to the right of [ 15.476347] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.476993] [ 15.477248] The buggy address belongs to the physical page: [ 15.477635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.478056] flags: 0x200000000000000(node=0|zone=2) [ 15.478392] page_type: f5(slab) [ 15.478768] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.479224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.479750] page dumped because: kasan: bad access detected [ 15.480102] [ 15.480315] Memory state around the buggy address: [ 15.480589] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.480980] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.481405] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.481832] ^ [ 15.482141] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.482424] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.482897] ================================================================== [ 15.996382] ================================================================== [ 15.996773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.997212] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.997602] [ 15.997728] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.997785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.997798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.997820] Call Trace: [ 15.997837] <TASK> [ 15.997852] dump_stack_lvl+0x73/0xb0 [ 15.997882] print_report+0xd1/0x610 [ 15.997906] ? __virt_addr_valid+0x1db/0x2d0 [ 15.997930] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.997954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.997979] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.998003] kasan_report+0x141/0x180 [ 15.998027] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.998055] kasan_check_range+0x10c/0x1c0 [ 15.998081] __kasan_check_write+0x18/0x20 [ 15.998102] kasan_atomics_helper+0x1a7f/0x5450 [ 15.998127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.998151] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.998178] ? kasan_atomics+0x152/0x310 [ 15.998205] kasan_atomics+0x1dc/0x310 [ 15.998229] ? __pfx_kasan_atomics+0x10/0x10 [ 15.998255] ? __pfx_read_tsc+0x10/0x10 [ 15.998278] ? ktime_get_ts64+0x86/0x230 [ 15.998303] kunit_try_run_case+0x1a5/0x480 [ 15.998329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.998353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.998379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.998411] ? __kthread_parkme+0x82/0x180 [ 15.998433] ? preempt_count_sub+0x50/0x80 [ 15.998697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.998725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.998792] kthread+0x337/0x6f0 [ 15.998813] ? trace_preempt_on+0x20/0xc0 [ 15.998838] ? __pfx_kthread+0x10/0x10 [ 15.998860] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.998883] ? calculate_sigpending+0x7b/0xa0 [ 15.998910] ? __pfx_kthread+0x10/0x10 [ 15.998934] ret_from_fork+0x116/0x1d0 [ 15.998953] ? __pfx_kthread+0x10/0x10 [ 15.998976] ret_from_fork_asm+0x1a/0x30 [ 15.999007] </TASK> [ 15.999018] [ 16.009068] Allocated by task 282: [ 16.009331] kasan_save_stack+0x45/0x70 [ 16.009556] kasan_save_track+0x18/0x40 [ 16.009770] kasan_save_alloc_info+0x3b/0x50 [ 16.009967] __kasan_kmalloc+0xb7/0xc0 [ 16.010160] __kmalloc_cache_noprof+0x189/0x420 [ 16.010355] kasan_atomics+0x95/0x310 [ 16.010536] kunit_try_run_case+0x1a5/0x480 [ 16.011067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.011293] kthread+0x337/0x6f0 [ 16.011629] ret_from_fork+0x116/0x1d0 [ 16.011842] ret_from_fork_asm+0x1a/0x30 [ 16.012157] [ 16.012261] The buggy address belongs to the object at ffff8881038e7800 [ 16.012261] which belongs to the cache kmalloc-64 of size 64 [ 16.012888] The buggy address is located 0 bytes to the right of [ 16.012888] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.013517] [ 16.013614] The buggy address belongs to the physical page: [ 16.013870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.014195] flags: 0x200000000000000(node=0|zone=2) [ 16.014412] page_type: f5(slab) [ 16.014904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.015196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.015740] page dumped because: kasan: bad access detected [ 16.016064] [ 16.016159] Memory state around the buggy address: [ 16.016369] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.016835] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.017214] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.017593] ^ [ 16.017903] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.018278] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.018667] ================================================================== [ 15.088109] ================================================================== [ 15.088745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.089074] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.089496] [ 15.089601] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.089644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.089656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.089679] Call Trace: [ 15.089693] <TASK> [ 15.089708] dump_stack_lvl+0x73/0xb0 [ 15.089739] print_report+0xd1/0x610 [ 15.089775] ? __virt_addr_valid+0x1db/0x2d0 [ 15.089799] ? kasan_atomics_helper+0x565/0x5450 [ 15.089822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.089848] ? kasan_atomics_helper+0x565/0x5450 [ 15.089871] kasan_report+0x141/0x180 [ 15.089894] ? kasan_atomics_helper+0x565/0x5450 [ 15.089924] kasan_check_range+0x10c/0x1c0 [ 15.089950] __kasan_check_write+0x18/0x20 [ 15.089972] kasan_atomics_helper+0x565/0x5450 [ 15.089997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.090022] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.090050] ? kasan_atomics+0x152/0x310 [ 15.090078] kasan_atomics+0x1dc/0x310 [ 15.090103] ? __pfx_kasan_atomics+0x10/0x10 [ 15.090129] ? __pfx_read_tsc+0x10/0x10 [ 15.090152] ? ktime_get_ts64+0x86/0x230 [ 15.090178] kunit_try_run_case+0x1a5/0x480 [ 15.090203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.090257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.090284] ? __kthread_parkme+0x82/0x180 [ 15.090306] ? preempt_count_sub+0x50/0x80 [ 15.090330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.090419] kthread+0x337/0x6f0 [ 15.090441] ? trace_preempt_on+0x20/0xc0 [ 15.090465] ? __pfx_kthread+0x10/0x10 [ 15.090487] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.090511] ? calculate_sigpending+0x7b/0xa0 [ 15.090537] ? __pfx_kthread+0x10/0x10 [ 15.090559] ret_from_fork+0x116/0x1d0 [ 15.090579] ? __pfx_kthread+0x10/0x10 [ 15.090601] ret_from_fork_asm+0x1a/0x30 [ 15.090633] </TASK> [ 15.090644] [ 15.099031] Allocated by task 282: [ 15.099227] kasan_save_stack+0x45/0x70 [ 15.099525] kasan_save_track+0x18/0x40 [ 15.099817] kasan_save_alloc_info+0x3b/0x50 [ 15.100110] __kasan_kmalloc+0xb7/0xc0 [ 15.100271] __kmalloc_cache_noprof+0x189/0x420 [ 15.100642] kasan_atomics+0x95/0x310 [ 15.100865] kunit_try_run_case+0x1a5/0x480 [ 15.101056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.101260] kthread+0x337/0x6f0 [ 15.101413] ret_from_fork+0x116/0x1d0 [ 15.101674] ret_from_fork_asm+0x1a/0x30 [ 15.101965] [ 15.102051] The buggy address belongs to the object at ffff8881038e7800 [ 15.102051] which belongs to the cache kmalloc-64 of size 64 [ 15.102484] The buggy address is located 0 bytes to the right of [ 15.102484] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.103002] [ 15.103079] The buggy address belongs to the physical page: [ 15.103251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.103585] flags: 0x200000000000000(node=0|zone=2) [ 15.103973] page_type: f5(slab) [ 15.104251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.104574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.104824] page dumped because: kasan: bad access detected [ 15.105009] [ 15.105083] Memory state around the buggy address: [ 15.105426] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.105784] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.106115] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.106620] ^ [ 15.106871] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.107155] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.107743] ================================================================== [ 16.179444] ================================================================== [ 16.180026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.180503] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.180791] [ 16.181058] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.181106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.181119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.181140] Call Trace: [ 16.181155] <TASK> [ 16.181237] dump_stack_lvl+0x73/0xb0 [ 16.181272] print_report+0xd1/0x610 [ 16.181296] ? __virt_addr_valid+0x1db/0x2d0 [ 16.181319] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.181342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.181368] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.181392] kasan_report+0x141/0x180 [ 16.181415] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.181456] kasan_check_range+0x10c/0x1c0 [ 16.181482] __kasan_check_write+0x18/0x20 [ 16.181503] kasan_atomics_helper+0x1f43/0x5450 [ 16.181528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.181552] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.181579] ? kasan_atomics+0x152/0x310 [ 16.181607] kasan_atomics+0x1dc/0x310 [ 16.181631] ? __pfx_kasan_atomics+0x10/0x10 [ 16.181657] ? __pfx_read_tsc+0x10/0x10 [ 16.181680] ? ktime_get_ts64+0x86/0x230 [ 16.181707] kunit_try_run_case+0x1a5/0x480 [ 16.181733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.181780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.181808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.181834] ? __kthread_parkme+0x82/0x180 [ 16.181856] ? preempt_count_sub+0x50/0x80 [ 16.181881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.181908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.181934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.181962] kthread+0x337/0x6f0 [ 16.181982] ? trace_preempt_on+0x20/0xc0 [ 16.182006] ? __pfx_kthread+0x10/0x10 [ 16.182028] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.182052] ? calculate_sigpending+0x7b/0xa0 [ 16.182077] ? __pfx_kthread+0x10/0x10 [ 16.182100] ret_from_fork+0x116/0x1d0 [ 16.182120] ? __pfx_kthread+0x10/0x10 [ 16.182143] ret_from_fork_asm+0x1a/0x30 [ 16.182174] </TASK> [ 16.182185] [ 16.194247] Allocated by task 282: [ 16.194399] kasan_save_stack+0x45/0x70 [ 16.194554] kasan_save_track+0x18/0x40 [ 16.195181] kasan_save_alloc_info+0x3b/0x50 [ 16.195358] __kasan_kmalloc+0xb7/0xc0 [ 16.196027] __kmalloc_cache_noprof+0x189/0x420 [ 16.196197] kasan_atomics+0x95/0x310 [ 16.196340] kunit_try_run_case+0x1a5/0x480 [ 16.197030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.197308] kthread+0x337/0x6f0 [ 16.198345] ret_from_fork+0x116/0x1d0 [ 16.198551] ret_from_fork_asm+0x1a/0x30 [ 16.198710] [ 16.198827] The buggy address belongs to the object at ffff8881038e7800 [ 16.198827] which belongs to the cache kmalloc-64 of size 64 [ 16.199254] The buggy address is located 0 bytes to the right of [ 16.199254] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.199783] [ 16.199883] The buggy address belongs to the physical page: [ 16.200068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.200391] flags: 0x200000000000000(node=0|zone=2) [ 16.200874] page_type: f5(slab) [ 16.201037] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.201357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.202294] page dumped because: kasan: bad access detected [ 16.202726] [ 16.203016] Memory state around the buggy address: [ 16.203310] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.203778] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.204081] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.204377] ^ [ 16.205035] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205566] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.206064] ================================================================== [ 16.323439] ================================================================== [ 16.323820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.324225] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.324875] [ 16.324960] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.325002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.325014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.325035] Call Trace: [ 16.325050] <TASK> [ 16.325064] dump_stack_lvl+0x73/0xb0 [ 16.325092] print_report+0xd1/0x610 [ 16.325113] ? __virt_addr_valid+0x1db/0x2d0 [ 16.325136] ? kasan_atomics_helper+0x218a/0x5450 [ 16.325157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.325179] ? kasan_atomics_helper+0x218a/0x5450 [ 16.325201] kasan_report+0x141/0x180 [ 16.325223] ? kasan_atomics_helper+0x218a/0x5450 [ 16.325250] kasan_check_range+0x10c/0x1c0 [ 16.325274] __kasan_check_write+0x18/0x20 [ 16.325293] kasan_atomics_helper+0x218a/0x5450 [ 16.325316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.325339] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.325364] ? kasan_atomics+0x152/0x310 [ 16.325390] kasan_atomics+0x1dc/0x310 [ 16.325412] ? __pfx_kasan_atomics+0x10/0x10 [ 16.325437] ? __pfx_read_tsc+0x10/0x10 [ 16.325458] ? ktime_get_ts64+0x86/0x230 [ 16.325482] kunit_try_run_case+0x1a5/0x480 [ 16.325506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.325528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.325552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.325594] ? __kthread_parkme+0x82/0x180 [ 16.325616] ? preempt_count_sub+0x50/0x80 [ 16.325641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.325667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.325703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.325730] kthread+0x337/0x6f0 [ 16.325750] ? trace_preempt_on+0x20/0xc0 [ 16.325793] ? __pfx_kthread+0x10/0x10 [ 16.325815] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.325838] ? calculate_sigpending+0x7b/0xa0 [ 16.325863] ? __pfx_kthread+0x10/0x10 [ 16.325886] ret_from_fork+0x116/0x1d0 [ 16.325906] ? __pfx_kthread+0x10/0x10 [ 16.325927] ret_from_fork_asm+0x1a/0x30 [ 16.325968] </TASK> [ 16.325980] [ 16.333838] Allocated by task 282: [ 16.333995] kasan_save_stack+0x45/0x70 [ 16.334225] kasan_save_track+0x18/0x40 [ 16.334412] kasan_save_alloc_info+0x3b/0x50 [ 16.334618] __kasan_kmalloc+0xb7/0xc0 [ 16.334801] __kmalloc_cache_noprof+0x189/0x420 [ 16.335028] kasan_atomics+0x95/0x310 [ 16.335219] kunit_try_run_case+0x1a5/0x480 [ 16.335416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.335684] kthread+0x337/0x6f0 [ 16.335871] ret_from_fork+0x116/0x1d0 [ 16.336065] ret_from_fork_asm+0x1a/0x30 [ 16.336255] [ 16.336367] The buggy address belongs to the object at ffff8881038e7800 [ 16.336367] which belongs to the cache kmalloc-64 of size 64 [ 16.336934] The buggy address is located 0 bytes to the right of [ 16.336934] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.337451] [ 16.337550] The buggy address belongs to the physical page: [ 16.337769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.338008] flags: 0x200000000000000(node=0|zone=2) [ 16.338170] page_type: f5(slab) [ 16.338291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.338527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.338764] page dumped because: kasan: bad access detected [ 16.338935] [ 16.339004] Memory state around the buggy address: [ 16.339388] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.339730] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.340053] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.340368] ^ [ 16.340804] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341127] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341421] ================================================================== [ 15.624799] ================================================================== [ 15.625625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.626062] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.626295] [ 15.626391] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.626439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.626638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.626663] Call Trace: [ 15.626681] <TASK> [ 15.626699] dump_stack_lvl+0x73/0xb0 [ 15.626733] print_report+0xd1/0x610 [ 15.626918] ? __virt_addr_valid+0x1db/0x2d0 [ 15.626953] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.626977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.627002] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.627026] kasan_report+0x141/0x180 [ 15.627049] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.627078] __asan_report_load4_noabort+0x18/0x20 [ 15.627104] kasan_atomics_helper+0x4a02/0x5450 [ 15.627128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.627153] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.627180] ? kasan_atomics+0x152/0x310 [ 15.627209] kasan_atomics+0x1dc/0x310 [ 15.627232] ? __pfx_kasan_atomics+0x10/0x10 [ 15.627258] ? __pfx_read_tsc+0x10/0x10 [ 15.627281] ? ktime_get_ts64+0x86/0x230 [ 15.627306] kunit_try_run_case+0x1a5/0x480 [ 15.627332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.627357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.627382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.627408] ? __kthread_parkme+0x82/0x180 [ 15.627430] ? preempt_count_sub+0x50/0x80 [ 15.627469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.627496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.627522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.627549] kthread+0x337/0x6f0 [ 15.627570] ? trace_preempt_on+0x20/0xc0 [ 15.627594] ? __pfx_kthread+0x10/0x10 [ 15.627617] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.627641] ? calculate_sigpending+0x7b/0xa0 [ 15.627666] ? __pfx_kthread+0x10/0x10 [ 15.627689] ret_from_fork+0x116/0x1d0 [ 15.627709] ? __pfx_kthread+0x10/0x10 [ 15.627731] ret_from_fork_asm+0x1a/0x30 [ 15.627777] </TASK> [ 15.627788] [ 15.634747] Allocated by task 282: [ 15.635077] kasan_save_stack+0x45/0x70 [ 15.635229] kasan_save_track+0x18/0x40 [ 15.635367] kasan_save_alloc_info+0x3b/0x50 [ 15.635521] __kasan_kmalloc+0xb7/0xc0 [ 15.635656] __kmalloc_cache_noprof+0x189/0x420 [ 15.635896] kasan_atomics+0x95/0x310 [ 15.636087] kunit_try_run_case+0x1a5/0x480 [ 15.636307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.636568] kthread+0x337/0x6f0 [ 15.636736] ret_from_fork+0x116/0x1d0 [ 15.636953] ret_from_fork_asm+0x1a/0x30 [ 15.637153] [ 15.637250] The buggy address belongs to the object at ffff8881038e7800 [ 15.637250] which belongs to the cache kmalloc-64 of size 64 [ 15.637765] The buggy address is located 0 bytes to the right of [ 15.637765] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.638263] [ 15.638339] The buggy address belongs to the physical page: [ 15.638607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.638920] flags: 0x200000000000000(node=0|zone=2) [ 15.639127] page_type: f5(slab) [ 15.639290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.639590] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.639862] page dumped because: kasan: bad access detected [ 15.640118] [ 15.640215] Memory state around the buggy address: [ 15.640458] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.640771] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.641043] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.641278] ^ [ 15.641532] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641851] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.642100] ================================================================== [ 14.961082] ================================================================== [ 14.961563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.961845] Read of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 14.962069] [ 14.962149] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.962190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.962201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.962220] Call Trace: [ 14.962232] <TASK> [ 14.962244] dump_stack_lvl+0x73/0xb0 [ 14.962270] print_report+0xd1/0x610 [ 14.962293] ? __virt_addr_valid+0x1db/0x2d0 [ 14.962314] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.962396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.962421] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.962455] kasan_report+0x141/0x180 [ 14.962478] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.962505] __asan_report_load4_noabort+0x18/0x20 [ 14.962531] kasan_atomics_helper+0x4b88/0x5450 [ 14.962554] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.962578] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.962603] ? kasan_atomics+0x152/0x310 [ 14.962630] kasan_atomics+0x1dc/0x310 [ 14.962652] ? __pfx_kasan_atomics+0x10/0x10 [ 14.962677] ? __pfx_read_tsc+0x10/0x10 [ 14.962697] ? ktime_get_ts64+0x86/0x230 [ 14.962722] kunit_try_run_case+0x1a5/0x480 [ 14.962747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.962782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.962806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.962831] ? __kthread_parkme+0x82/0x180 [ 14.962852] ? preempt_count_sub+0x50/0x80 [ 14.962876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.962901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.962927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.962954] kthread+0x337/0x6f0 [ 14.962975] ? trace_preempt_on+0x20/0xc0 [ 14.962998] ? __pfx_kthread+0x10/0x10 [ 14.963019] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.963041] ? calculate_sigpending+0x7b/0xa0 [ 14.963066] ? __pfx_kthread+0x10/0x10 [ 14.963088] ret_from_fork+0x116/0x1d0 [ 14.963107] ? __pfx_kthread+0x10/0x10 [ 14.963130] ret_from_fork_asm+0x1a/0x30 [ 14.963161] </TASK> [ 14.963171] [ 14.971577] Allocated by task 282: [ 14.971744] kasan_save_stack+0x45/0x70 [ 14.971901] kasan_save_track+0x18/0x40 [ 14.972037] kasan_save_alloc_info+0x3b/0x50 [ 14.972191] __kasan_kmalloc+0xb7/0xc0 [ 14.972381] __kmalloc_cache_noprof+0x189/0x420 [ 14.972784] kasan_atomics+0x95/0x310 [ 14.972962] kunit_try_run_case+0x1a5/0x480 [ 14.973173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.973395] kthread+0x337/0x6f0 [ 14.973622] ret_from_fork+0x116/0x1d0 [ 14.973799] ret_from_fork_asm+0x1a/0x30 [ 14.973958] [ 14.974031] The buggy address belongs to the object at ffff8881038e7800 [ 14.974031] which belongs to the cache kmalloc-64 of size 64 [ 14.974589] The buggy address is located 0 bytes to the right of [ 14.974589] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 14.974991] [ 14.975062] The buggy address belongs to the physical page: [ 14.975238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 14.975559] flags: 0x200000000000000(node=0|zone=2) [ 14.975798] page_type: f5(slab) [ 14.975970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.976339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.976676] page dumped because: kasan: bad access detected [ 14.976872] [ 14.976941] Memory state around the buggy address: [ 14.977094] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.977311] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.977904] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.978229] ^ [ 14.978499] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979150] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979371] ================================================================== [ 16.065544] ================================================================== [ 16.065941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.066265] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.066977] [ 16.067219] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.067265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.067279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.067300] Call Trace: [ 16.067315] <TASK> [ 16.067330] dump_stack_lvl+0x73/0xb0 [ 16.067361] print_report+0xd1/0x610 [ 16.067384] ? __virt_addr_valid+0x1db/0x2d0 [ 16.067483] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.067509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.067535] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.067559] kasan_report+0x141/0x180 [ 16.067583] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.067611] __asan_report_load8_noabort+0x18/0x20 [ 16.067638] kasan_atomics_helper+0x4f30/0x5450 [ 16.067663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.067688] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.067716] ? kasan_atomics+0x152/0x310 [ 16.067744] kasan_atomics+0x1dc/0x310 [ 16.067780] ? __pfx_kasan_atomics+0x10/0x10 [ 16.067806] ? __pfx_read_tsc+0x10/0x10 [ 16.067829] ? ktime_get_ts64+0x86/0x230 [ 16.067855] kunit_try_run_case+0x1a5/0x480 [ 16.067882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.067906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.067931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.067957] ? __kthread_parkme+0x82/0x180 [ 16.067978] ? preempt_count_sub+0x50/0x80 [ 16.068003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.068055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.068083] kthread+0x337/0x6f0 [ 16.068104] ? trace_preempt_on+0x20/0xc0 [ 16.068128] ? __pfx_kthread+0x10/0x10 [ 16.068150] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.068173] ? calculate_sigpending+0x7b/0xa0 [ 16.068199] ? __pfx_kthread+0x10/0x10 [ 16.068222] ret_from_fork+0x116/0x1d0 [ 16.068242] ? __pfx_kthread+0x10/0x10 [ 16.068264] ret_from_fork_asm+0x1a/0x30 [ 16.068296] </TASK> [ 16.068307] [ 16.077745] Allocated by task 282: [ 16.078106] kasan_save_stack+0x45/0x70 [ 16.078276] kasan_save_track+0x18/0x40 [ 16.078619] kasan_save_alloc_info+0x3b/0x50 [ 16.078845] __kasan_kmalloc+0xb7/0xc0 [ 16.079023] __kmalloc_cache_noprof+0x189/0x420 [ 16.079229] kasan_atomics+0x95/0x310 [ 16.079403] kunit_try_run_case+0x1a5/0x480 [ 16.079857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.080195] kthread+0x337/0x6f0 [ 16.080434] ret_from_fork+0x116/0x1d0 [ 16.080672] ret_from_fork_asm+0x1a/0x30 [ 16.080963] [ 16.081057] The buggy address belongs to the object at ffff8881038e7800 [ 16.081057] which belongs to the cache kmalloc-64 of size 64 [ 16.081678] The buggy address is located 0 bytes to the right of [ 16.081678] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.082222] [ 16.082305] The buggy address belongs to the physical page: [ 16.082840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.083146] flags: 0x200000000000000(node=0|zone=2) [ 16.083474] page_type: f5(slab) [ 16.083661] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.084141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.084549] page dumped because: kasan: bad access detected [ 16.084810] [ 16.085021] Memory state around the buggy address: [ 16.085190] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.085605] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086021] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.086315] ^ [ 16.086640] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.087033] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.087332] ================================================================== [ 15.503745] ================================================================== [ 15.504072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.504448] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.504785] [ 15.504868] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.504940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.504953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.504991] Call Trace: [ 15.505016] <TASK> [ 15.505030] dump_stack_lvl+0x73/0xb0 [ 15.505060] print_report+0xd1/0x610 [ 15.505087] ? __virt_addr_valid+0x1db/0x2d0 [ 15.505111] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.505133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.505159] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.505211] kasan_report+0x141/0x180 [ 15.505235] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.505307] kasan_check_range+0x10c/0x1c0 [ 15.505342] __kasan_check_write+0x18/0x20 [ 15.505362] kasan_atomics_helper+0xfa9/0x5450 [ 15.505399] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.505424] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.505462] ? kasan_atomics+0x152/0x310 [ 15.505490] kasan_atomics+0x1dc/0x310 [ 15.505531] ? __pfx_kasan_atomics+0x10/0x10 [ 15.505570] ? __pfx_read_tsc+0x10/0x10 [ 15.505608] ? ktime_get_ts64+0x86/0x230 [ 15.505634] kunit_try_run_case+0x1a5/0x480 [ 15.505687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.505720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.505747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.505789] ? __kthread_parkme+0x82/0x180 [ 15.505811] ? preempt_count_sub+0x50/0x80 [ 15.505836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.505862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.505889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.505916] kthread+0x337/0x6f0 [ 15.505937] ? trace_preempt_on+0x20/0xc0 [ 15.505961] ? __pfx_kthread+0x10/0x10 [ 15.505984] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.506007] ? calculate_sigpending+0x7b/0xa0 [ 15.506033] ? __pfx_kthread+0x10/0x10 [ 15.506056] ret_from_fork+0x116/0x1d0 [ 15.506076] ? __pfx_kthread+0x10/0x10 [ 15.506098] ret_from_fork_asm+0x1a/0x30 [ 15.506130] </TASK> [ 15.506141] [ 15.514403] Allocated by task 282: [ 15.514538] kasan_save_stack+0x45/0x70 [ 15.514678] kasan_save_track+0x18/0x40 [ 15.514822] kasan_save_alloc_info+0x3b/0x50 [ 15.515107] __kasan_kmalloc+0xb7/0xc0 [ 15.515347] __kmalloc_cache_noprof+0x189/0x420 [ 15.515660] kasan_atomics+0x95/0x310 [ 15.515864] kunit_try_run_case+0x1a5/0x480 [ 15.516131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.516411] kthread+0x337/0x6f0 [ 15.516622] ret_from_fork+0x116/0x1d0 [ 15.516834] ret_from_fork_asm+0x1a/0x30 [ 15.517075] [ 15.517166] The buggy address belongs to the object at ffff8881038e7800 [ 15.517166] which belongs to the cache kmalloc-64 of size 64 [ 15.517724] The buggy address is located 0 bytes to the right of [ 15.517724] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.518279] [ 15.518390] The buggy address belongs to the physical page: [ 15.518733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.519084] flags: 0x200000000000000(node=0|zone=2) [ 15.519337] page_type: f5(slab) [ 15.519514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.519883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.520280] page dumped because: kasan: bad access detected [ 15.520652] [ 15.520781] Memory state around the buggy address: [ 15.521035] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.521390] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.522065] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.522352] ^ [ 15.522685] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523037] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523333] ================================================================== [ 16.360201] ================================================================== [ 16.360714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.360991] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.361221] [ 16.361305] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.361347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.361359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.361380] Call Trace: [ 16.361395] <TASK> [ 16.361411] dump_stack_lvl+0x73/0xb0 [ 16.361439] print_report+0xd1/0x610 [ 16.361474] ? __virt_addr_valid+0x1db/0x2d0 [ 16.361508] ? kasan_atomics_helper+0x224c/0x5450 [ 16.361532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.361557] ? kasan_atomics_helper+0x224c/0x5450 [ 16.361592] kasan_report+0x141/0x180 [ 16.361615] ? kasan_atomics_helper+0x224c/0x5450 [ 16.361643] kasan_check_range+0x10c/0x1c0 [ 16.361669] __kasan_check_write+0x18/0x20 [ 16.361690] kasan_atomics_helper+0x224c/0x5450 [ 16.361713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.361738] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.361776] ? kasan_atomics+0x152/0x310 [ 16.361804] kasan_atomics+0x1dc/0x310 [ 16.361828] ? __pfx_kasan_atomics+0x10/0x10 [ 16.361854] ? __pfx_read_tsc+0x10/0x10 [ 16.361876] ? ktime_get_ts64+0x86/0x230 [ 16.361901] kunit_try_run_case+0x1a5/0x480 [ 16.361927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.361952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.361978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.362004] ? __kthread_parkme+0x82/0x180 [ 16.362025] ? preempt_count_sub+0x50/0x80 [ 16.362050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.362076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.362102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.362130] kthread+0x337/0x6f0 [ 16.362150] ? trace_preempt_on+0x20/0xc0 [ 16.362174] ? __pfx_kthread+0x10/0x10 [ 16.362196] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.362219] ? calculate_sigpending+0x7b/0xa0 [ 16.362245] ? __pfx_kthread+0x10/0x10 [ 16.362267] ret_from_fork+0x116/0x1d0 [ 16.362286] ? __pfx_kthread+0x10/0x10 [ 16.362308] ret_from_fork_asm+0x1a/0x30 [ 16.362361] </TASK> [ 16.362371] [ 16.370300] Allocated by task 282: [ 16.370441] kasan_save_stack+0x45/0x70 [ 16.370648] kasan_save_track+0x18/0x40 [ 16.370856] kasan_save_alloc_info+0x3b/0x50 [ 16.371077] __kasan_kmalloc+0xb7/0xc0 [ 16.371463] __kmalloc_cache_noprof+0x189/0x420 [ 16.371693] kasan_atomics+0x95/0x310 [ 16.371924] kunit_try_run_case+0x1a5/0x480 [ 16.372103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.372371] kthread+0x337/0x6f0 [ 16.372613] ret_from_fork+0x116/0x1d0 [ 16.372749] ret_from_fork_asm+0x1a/0x30 [ 16.373185] [ 16.373285] The buggy address belongs to the object at ffff8881038e7800 [ 16.373285] which belongs to the cache kmalloc-64 of size 64 [ 16.374834] The buggy address is located 0 bytes to the right of [ 16.374834] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.375219] [ 16.375316] The buggy address belongs to the physical page: [ 16.375925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.376532] flags: 0x200000000000000(node=0|zone=2) [ 16.376776] page_type: f5(slab) [ 16.376936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.377261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.377997] page dumped because: kasan: bad access detected [ 16.378309] [ 16.378555] Memory state around the buggy address: [ 16.378995] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.379604] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.380132] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.380951] ^ [ 16.381378] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382099] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382619] ================================================================== [ 16.383255] ================================================================== [ 16.383962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.384588] Read of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 16.385212] [ 16.385325] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.385371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.385384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.385406] Call Trace: [ 16.385420] <TASK> [ 16.385436] dump_stack_lvl+0x73/0xb0 [ 16.385468] print_report+0xd1/0x610 [ 16.385490] ? __virt_addr_valid+0x1db/0x2d0 [ 16.385515] ? kasan_atomics_helper+0x5115/0x5450 [ 16.385538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.385563] ? kasan_atomics_helper+0x5115/0x5450 [ 16.385587] kasan_report+0x141/0x180 [ 16.385610] ? kasan_atomics_helper+0x5115/0x5450 [ 16.385638] __asan_report_load8_noabort+0x18/0x20 [ 16.385666] kasan_atomics_helper+0x5115/0x5450 [ 16.385689] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.385714] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.385741] ? kasan_atomics+0x152/0x310 [ 16.385781] kasan_atomics+0x1dc/0x310 [ 16.385805] ? __pfx_kasan_atomics+0x10/0x10 [ 16.385831] ? __pfx_read_tsc+0x10/0x10 [ 16.385853] ? ktime_get_ts64+0x86/0x230 [ 16.385878] kunit_try_run_case+0x1a5/0x480 [ 16.385915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.385940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.385977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.386003] ? __kthread_parkme+0x82/0x180 [ 16.386026] ? preempt_count_sub+0x50/0x80 [ 16.386051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.386112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.386140] kthread+0x337/0x6f0 [ 16.386171] ? trace_preempt_on+0x20/0xc0 [ 16.386196] ? __pfx_kthread+0x10/0x10 [ 16.386218] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.386241] ? calculate_sigpending+0x7b/0xa0 [ 16.386267] ? __pfx_kthread+0x10/0x10 [ 16.386290] ret_from_fork+0x116/0x1d0 [ 16.386311] ? __pfx_kthread+0x10/0x10 [ 16.386334] ret_from_fork_asm+0x1a/0x30 [ 16.386366] </TASK> [ 16.386376] [ 16.393858] Allocated by task 282: [ 16.394024] kasan_save_stack+0x45/0x70 [ 16.394237] kasan_save_track+0x18/0x40 [ 16.394432] kasan_save_alloc_info+0x3b/0x50 [ 16.394645] __kasan_kmalloc+0xb7/0xc0 [ 16.394861] __kmalloc_cache_noprof+0x189/0x420 [ 16.395073] kasan_atomics+0x95/0x310 [ 16.395260] kunit_try_run_case+0x1a5/0x480 [ 16.395410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.395708] kthread+0x337/0x6f0 [ 16.395892] ret_from_fork+0x116/0x1d0 [ 16.396042] ret_from_fork_asm+0x1a/0x30 [ 16.396183] [ 16.396256] The buggy address belongs to the object at ffff8881038e7800 [ 16.396256] which belongs to the cache kmalloc-64 of size 64 [ 16.396629] The buggy address is located 0 bytes to the right of [ 16.396629] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 16.397471] [ 16.397544] The buggy address belongs to the physical page: [ 16.397718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 16.397965] flags: 0x200000000000000(node=0|zone=2) [ 16.398165] page_type: f5(slab) [ 16.398336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.398971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.399350] page dumped because: kasan: bad access detected [ 16.399630] [ 16.399750] Memory state around the buggy address: [ 16.399986] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.400234] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.400656] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.400980] ^ [ 16.401180] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.401495] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.401813] ================================================================== [ 15.108217] ================================================================== [ 15.108785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.109104] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.109354] [ 15.109535] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.109579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.109591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.109614] Call Trace: [ 15.109630] <TASK> [ 15.109648] dump_stack_lvl+0x73/0xb0 [ 15.109676] print_report+0xd1/0x610 [ 15.109699] ? __virt_addr_valid+0x1db/0x2d0 [ 15.109723] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.109746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.109782] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.109806] kasan_report+0x141/0x180 [ 15.109829] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.109857] kasan_check_range+0x10c/0x1c0 [ 15.109883] __kasan_check_write+0x18/0x20 [ 15.109904] kasan_atomics_helper+0x5fe/0x5450 [ 15.109929] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.109954] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.109981] ? kasan_atomics+0x152/0x310 [ 15.110010] kasan_atomics+0x1dc/0x310 [ 15.110034] ? __pfx_kasan_atomics+0x10/0x10 [ 15.110061] ? __pfx_read_tsc+0x10/0x10 [ 15.110083] ? ktime_get_ts64+0x86/0x230 [ 15.110108] kunit_try_run_case+0x1a5/0x480 [ 15.110134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.110185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.110211] ? __kthread_parkme+0x82/0x180 [ 15.110232] ? preempt_count_sub+0x50/0x80 [ 15.110258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.110396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.110424] kthread+0x337/0x6f0 [ 15.110456] ? trace_preempt_on+0x20/0xc0 [ 15.110481] ? __pfx_kthread+0x10/0x10 [ 15.110504] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.110527] ? calculate_sigpending+0x7b/0xa0 [ 15.110552] ? __pfx_kthread+0x10/0x10 [ 15.110575] ret_from_fork+0x116/0x1d0 [ 15.110595] ? __pfx_kthread+0x10/0x10 [ 15.110617] ret_from_fork_asm+0x1a/0x30 [ 15.110649] </TASK> [ 15.110660] [ 15.118263] Allocated by task 282: [ 15.118420] kasan_save_stack+0x45/0x70 [ 15.118693] kasan_save_track+0x18/0x40 [ 15.118887] kasan_save_alloc_info+0x3b/0x50 [ 15.119097] __kasan_kmalloc+0xb7/0xc0 [ 15.119264] __kmalloc_cache_noprof+0x189/0x420 [ 15.119477] kasan_atomics+0x95/0x310 [ 15.119829] kunit_try_run_case+0x1a5/0x480 [ 15.120016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.120195] kthread+0x337/0x6f0 [ 15.120316] ret_from_fork+0x116/0x1d0 [ 15.120504] ret_from_fork_asm+0x1a/0x30 [ 15.120705] [ 15.120813] The buggy address belongs to the object at ffff8881038e7800 [ 15.120813] which belongs to the cache kmalloc-64 of size 64 [ 15.121579] The buggy address is located 0 bytes to the right of [ 15.121579] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.122065] [ 15.122167] The buggy address belongs to the physical page: [ 15.122506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.122861] flags: 0x200000000000000(node=0|zone=2) [ 15.123078] page_type: f5(slab) [ 15.123221] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.123589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.123926] page dumped because: kasan: bad access detected [ 15.124149] [ 15.124246] Memory state around the buggy address: [ 15.124616] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.124882] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.125102] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.125317] ^ [ 15.125769] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.126093] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.126564] ================================================================== [ 15.591829] ================================================================== [ 15.592153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.592684] Write of size 4 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.593362] [ 15.593654] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.593703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.593717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.593739] Call Trace: [ 15.593766] <TASK> [ 15.593783] dump_stack_lvl+0x73/0xb0 [ 15.593934] print_report+0xd1/0x610 [ 15.593970] ? __virt_addr_valid+0x1db/0x2d0 [ 15.593995] ? kasan_atomics_helper+0x1148/0x5450 [ 15.594019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594045] ? kasan_atomics_helper+0x1148/0x5450 [ 15.594068] kasan_report+0x141/0x180 [ 15.594091] ? kasan_atomics_helper+0x1148/0x5450 [ 15.594120] kasan_check_range+0x10c/0x1c0 [ 15.594144] __kasan_check_write+0x18/0x20 [ 15.594166] kasan_atomics_helper+0x1148/0x5450 [ 15.594190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.594215] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.594242] ? kasan_atomics+0x152/0x310 [ 15.594270] kasan_atomics+0x1dc/0x310 [ 15.594295] ? __pfx_kasan_atomics+0x10/0x10 [ 15.594320] ? __pfx_read_tsc+0x10/0x10 [ 15.594343] ? ktime_get_ts64+0x86/0x230 [ 15.594370] kunit_try_run_case+0x1a5/0x480 [ 15.594402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.594513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.594539] ? __kthread_parkme+0x82/0x180 [ 15.594561] ? preempt_count_sub+0x50/0x80 [ 15.594586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.594639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.594666] kthread+0x337/0x6f0 [ 15.594688] ? trace_preempt_on+0x20/0xc0 [ 15.594713] ? __pfx_kthread+0x10/0x10 [ 15.594734] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.594768] ? calculate_sigpending+0x7b/0xa0 [ 15.594793] ? __pfx_kthread+0x10/0x10 [ 15.594816] ret_from_fork+0x116/0x1d0 [ 15.594836] ? __pfx_kthread+0x10/0x10 [ 15.594858] ret_from_fork_asm+0x1a/0x30 [ 15.594890] </TASK> [ 15.594901] [ 15.607829] Allocated by task 282: [ 15.608295] kasan_save_stack+0x45/0x70 [ 15.608676] kasan_save_track+0x18/0x40 [ 15.608848] kasan_save_alloc_info+0x3b/0x50 [ 15.609001] __kasan_kmalloc+0xb7/0xc0 [ 15.609137] __kmalloc_cache_noprof+0x189/0x420 [ 15.609296] kasan_atomics+0x95/0x310 [ 15.609432] kunit_try_run_case+0x1a5/0x480 [ 15.610230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.611038] kthread+0x337/0x6f0 [ 15.611498] ret_from_fork+0x116/0x1d0 [ 15.612014] ret_from_fork_asm+0x1a/0x30 [ 15.612531] [ 15.612824] The buggy address belongs to the object at ffff8881038e7800 [ 15.612824] which belongs to the cache kmalloc-64 of size 64 [ 15.614181] The buggy address is located 0 bytes to the right of [ 15.614181] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.614886] [ 15.614970] The buggy address belongs to the physical page: [ 15.615148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.615390] flags: 0x200000000000000(node=0|zone=2) [ 15.616175] page_type: f5(slab) [ 15.616698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.617805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.618585] page dumped because: kasan: bad access detected [ 15.619208] [ 15.619527] Memory state around the buggy address: [ 15.620084] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.620643] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.621364] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.621953] ^ [ 15.622118] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622774] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623726] ================================================================== [ 15.879809] ================================================================== [ 15.880128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.880620] Write of size 8 at addr ffff8881038e7830 by task kunit_try_catch/282 [ 15.880991] [ 15.881106] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.881150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.881163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.881185] Call Trace: [ 15.881199] <TASK> [ 15.881213] dump_stack_lvl+0x73/0xb0 [ 15.881243] print_report+0xd1/0x610 [ 15.881266] ? __virt_addr_valid+0x1db/0x2d0 [ 15.881290] ? kasan_atomics_helper+0x177f/0x5450 [ 15.881312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.881338] ? kasan_atomics_helper+0x177f/0x5450 [ 15.881361] kasan_report+0x141/0x180 [ 15.881384] ? kasan_atomics_helper+0x177f/0x5450 [ 15.881412] kasan_check_range+0x10c/0x1c0 [ 15.881640] __kasan_check_write+0x18/0x20 [ 15.881663] kasan_atomics_helper+0x177f/0x5450 [ 15.881688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.881713] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.881739] ? kasan_atomics+0x152/0x310 [ 15.881781] kasan_atomics+0x1dc/0x310 [ 15.881805] ? __pfx_kasan_atomics+0x10/0x10 [ 15.881831] ? __pfx_read_tsc+0x10/0x10 [ 15.881853] ? ktime_get_ts64+0x86/0x230 [ 15.881878] kunit_try_run_case+0x1a5/0x480 [ 15.881904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.881928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.881954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.881980] ? __kthread_parkme+0x82/0x180 [ 15.882002] ? preempt_count_sub+0x50/0x80 [ 15.882027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.882053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.882079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.882106] kthread+0x337/0x6f0 [ 15.882127] ? trace_preempt_on+0x20/0xc0 [ 15.882152] ? __pfx_kthread+0x10/0x10 [ 15.882173] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.882197] ? calculate_sigpending+0x7b/0xa0 [ 15.882223] ? __pfx_kthread+0x10/0x10 [ 15.882246] ret_from_fork+0x116/0x1d0 [ 15.882265] ? __pfx_kthread+0x10/0x10 [ 15.882288] ret_from_fork_asm+0x1a/0x30 [ 15.882320] </TASK> [ 15.882331] [ 15.889842] Allocated by task 282: [ 15.890047] kasan_save_stack+0x45/0x70 [ 15.890268] kasan_save_track+0x18/0x40 [ 15.890484] kasan_save_alloc_info+0x3b/0x50 [ 15.890638] __kasan_kmalloc+0xb7/0xc0 [ 15.890837] __kmalloc_cache_noprof+0x189/0x420 [ 15.891103] kasan_atomics+0x95/0x310 [ 15.891306] kunit_try_run_case+0x1a5/0x480 [ 15.891538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.891789] kthread+0x337/0x6f0 [ 15.892005] ret_from_fork+0x116/0x1d0 [ 15.892261] ret_from_fork_asm+0x1a/0x30 [ 15.892529] [ 15.892631] The buggy address belongs to the object at ffff8881038e7800 [ 15.892631] which belongs to the cache kmalloc-64 of size 64 [ 15.893167] The buggy address is located 0 bytes to the right of [ 15.893167] allocated 48-byte region [ffff8881038e7800, ffff8881038e7830) [ 15.893745] [ 15.893841] The buggy address belongs to the physical page: [ 15.894015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e7 [ 15.894280] flags: 0x200000000000000(node=0|zone=2) [ 15.894551] page_type: f5(slab) [ 15.894743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.895102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.895467] page dumped because: kasan: bad access detected [ 15.895762] [ 15.895876] Memory state around the buggy address: [ 15.896101] ffff8881038e7700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.896420] ffff8881038e7780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.896766] >ffff8881038e7800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.897069] ^ [ 15.897226] ffff8881038e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.897583] ffff8881038e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.897911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.708722] ================================================================== [ 14.708989] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.709266] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.710217] [ 14.710545] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.710604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710637] Call Trace: [ 14.710649] <TASK> [ 14.710663] dump_stack_lvl+0x73/0xb0 [ 14.710694] print_report+0xd1/0x610 [ 14.710715] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710738] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.710848] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710879] kasan_report+0x141/0x180 [ 14.710900] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710935] kasan_check_range+0x10c/0x1c0 [ 14.710959] __kasan_check_write+0x18/0x20 [ 14.710979] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.711010] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.711041] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.711066] ? trace_hardirqs_on+0x37/0xe0 [ 14.711089] ? kasan_bitops_generic+0x92/0x1c0 [ 14.711117] kasan_bitops_generic+0x121/0x1c0 [ 14.711142] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.711169] ? __pfx_read_tsc+0x10/0x10 [ 14.711190] ? ktime_get_ts64+0x86/0x230 [ 14.711213] kunit_try_run_case+0x1a5/0x480 [ 14.711239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.711287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.711311] ? __kthread_parkme+0x82/0x180 [ 14.711417] ? preempt_count_sub+0x50/0x80 [ 14.711458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711538] kthread+0x337/0x6f0 [ 14.711562] ? trace_preempt_on+0x20/0xc0 [ 14.711588] ? __pfx_kthread+0x10/0x10 [ 14.711610] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711633] ? calculate_sigpending+0x7b/0xa0 [ 14.711658] ? __pfx_kthread+0x10/0x10 [ 14.711680] ret_from_fork+0x116/0x1d0 [ 14.711698] ? __pfx_kthread+0x10/0x10 [ 14.711719] ret_from_fork_asm+0x1a/0x30 [ 14.711752] </TASK> [ 14.711774] [ 14.724282] Allocated by task 278: [ 14.724625] kasan_save_stack+0x45/0x70 [ 14.724831] kasan_save_track+0x18/0x40 [ 14.725013] kasan_save_alloc_info+0x3b/0x50 [ 14.725209] __kasan_kmalloc+0xb7/0xc0 [ 14.726014] __kmalloc_cache_noprof+0x189/0x420 [ 14.726210] kasan_bitops_generic+0x92/0x1c0 [ 14.726368] kunit_try_run_case+0x1a5/0x480 [ 14.726641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.726898] kthread+0x337/0x6f0 [ 14.727063] ret_from_fork+0x116/0x1d0 [ 14.727231] ret_from_fork_asm+0x1a/0x30 [ 14.727884] [ 14.727994] The buggy address belongs to the object at ffff888102781700 [ 14.727994] which belongs to the cache kmalloc-16 of size 16 [ 14.728821] The buggy address is located 8 bytes inside of [ 14.728821] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.729309] [ 14.729521] The buggy address belongs to the physical page: [ 14.729767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.730089] flags: 0x200000000000000(node=0|zone=2) [ 14.730303] page_type: f5(slab) [ 14.731086] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.731450] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.732209] page dumped because: kasan: bad access detected [ 14.732611] [ 14.732712] Memory state around the buggy address: [ 14.732936] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.733232] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.733836] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734131] ^ [ 14.734286] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.735245] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.735598] ================================================================== [ 14.755474] ================================================================== [ 14.755945] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.756305] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.756819] [ 14.756914] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.756960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.756971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.756992] Call Trace: [ 14.757004] <TASK> [ 14.757018] dump_stack_lvl+0x73/0xb0 [ 14.757047] print_report+0xd1/0x610 [ 14.757070] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757092] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.757148] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757179] kasan_report+0x141/0x180 [ 14.757201] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757236] kasan_check_range+0x10c/0x1c0 [ 14.757260] __kasan_check_write+0x18/0x20 [ 14.757280] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757310] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.757403] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.757431] ? trace_hardirqs_on+0x37/0xe0 [ 14.757453] ? kasan_bitops_generic+0x92/0x1c0 [ 14.757482] kasan_bitops_generic+0x121/0x1c0 [ 14.757506] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.757532] ? __pfx_read_tsc+0x10/0x10 [ 14.757553] ? ktime_get_ts64+0x86/0x230 [ 14.757577] kunit_try_run_case+0x1a5/0x480 [ 14.757602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.757651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.757676] ? __kthread_parkme+0x82/0x180 [ 14.757696] ? preempt_count_sub+0x50/0x80 [ 14.757719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757784] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.757810] kthread+0x337/0x6f0 [ 14.757830] ? trace_preempt_on+0x20/0xc0 [ 14.757853] ? __pfx_kthread+0x10/0x10 [ 14.757875] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.757897] ? calculate_sigpending+0x7b/0xa0 [ 14.757922] ? __pfx_kthread+0x10/0x10 [ 14.757943] ret_from_fork+0x116/0x1d0 [ 14.757963] ? __pfx_kthread+0x10/0x10 [ 14.757984] ret_from_fork_asm+0x1a/0x30 [ 14.758015] </TASK> [ 14.758025] [ 14.766834] Allocated by task 278: [ 14.767024] kasan_save_stack+0x45/0x70 [ 14.767217] kasan_save_track+0x18/0x40 [ 14.767393] kasan_save_alloc_info+0x3b/0x50 [ 14.767543] __kasan_kmalloc+0xb7/0xc0 [ 14.767677] __kmalloc_cache_noprof+0x189/0x420 [ 14.767844] kasan_bitops_generic+0x92/0x1c0 [ 14.767994] kunit_try_run_case+0x1a5/0x480 [ 14.768143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768394] kthread+0x337/0x6f0 [ 14.768654] ret_from_fork+0x116/0x1d0 [ 14.768862] ret_from_fork_asm+0x1a/0x30 [ 14.769060] [ 14.769161] The buggy address belongs to the object at ffff888102781700 [ 14.769161] which belongs to the cache kmalloc-16 of size 16 [ 14.769894] The buggy address is located 8 bytes inside of [ 14.769894] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.770256] [ 14.770456] The buggy address belongs to the physical page: [ 14.770718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.771097] flags: 0x200000000000000(node=0|zone=2) [ 14.771790] page_type: f5(slab) [ 14.772137] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.772810] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.773088] page dumped because: kasan: bad access detected [ 14.773513] [ 14.773620] Memory state around the buggy address: [ 14.773850] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.774085] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.775407] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.775706] ^ [ 14.775895] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776191] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776583] ================================================================== [ 14.885573] ================================================================== [ 14.885832] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886113] Read of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.886334] [ 14.886421] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.886464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.886475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.886495] Call Trace: [ 14.886508] <TASK> [ 14.886522] dump_stack_lvl+0x73/0xb0 [ 14.886549] print_report+0xd1/0x610 [ 14.886570] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886591] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886641] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886668] kasan_report+0x141/0x180 [ 14.886689] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886721] __asan_report_load8_noabort+0x18/0x20 [ 14.886746] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.888730] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.888780] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.888806] ? trace_hardirqs_on+0x37/0xe0 [ 14.888829] ? kasan_bitops_generic+0x92/0x1c0 [ 14.888858] kasan_bitops_generic+0x121/0x1c0 [ 14.888882] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.888908] ? __pfx_read_tsc+0x10/0x10 [ 14.888930] ? ktime_get_ts64+0x86/0x230 [ 14.888953] kunit_try_run_case+0x1a5/0x480 [ 14.888978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.889027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.889051] ? __kthread_parkme+0x82/0x180 [ 14.889073] ? preempt_count_sub+0x50/0x80 [ 14.889097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.889152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.889178] kthread+0x337/0x6f0 [ 14.889198] ? trace_preempt_on+0x20/0xc0 [ 14.889221] ? __pfx_kthread+0x10/0x10 [ 14.889242] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.889265] ? calculate_sigpending+0x7b/0xa0 [ 14.889289] ? __pfx_kthread+0x10/0x10 [ 14.889318] ret_from_fork+0x116/0x1d0 [ 14.889337] ? __pfx_kthread+0x10/0x10 [ 14.889357] ret_from_fork_asm+0x1a/0x30 [ 14.889389] </TASK> [ 14.889399] [ 14.902481] Allocated by task 278: [ 14.902812] kasan_save_stack+0x45/0x70 [ 14.903017] kasan_save_track+0x18/0x40 [ 14.903199] kasan_save_alloc_info+0x3b/0x50 [ 14.903496] __kasan_kmalloc+0xb7/0xc0 [ 14.903679] __kmalloc_cache_noprof+0x189/0x420 [ 14.903894] kasan_bitops_generic+0x92/0x1c0 [ 14.904090] kunit_try_run_case+0x1a5/0x480 [ 14.904283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904746] kthread+0x337/0x6f0 [ 14.904931] ret_from_fork+0x116/0x1d0 [ 14.905101] ret_from_fork_asm+0x1a/0x30 [ 14.905284] [ 14.905472] The buggy address belongs to the object at ffff888102781700 [ 14.905472] which belongs to the cache kmalloc-16 of size 16 [ 14.905970] The buggy address is located 8 bytes inside of [ 14.905970] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.907427] [ 14.907527] The buggy address belongs to the physical page: [ 14.907704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.907958] flags: 0x200000000000000(node=0|zone=2) [ 14.908160] page_type: f5(slab) [ 14.908307] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.908781] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.909105] page dumped because: kasan: bad access detected [ 14.909308] [ 14.909496] Memory state around the buggy address: [ 14.909701] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.909965] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.910270] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910608] ^ [ 14.910775] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911091] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911324] ================================================================== [ 14.842001] ================================================================== [ 14.842519] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.842962] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.843274] [ 14.843457] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.843500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843531] Call Trace: [ 14.843544] <TASK> [ 14.843561] dump_stack_lvl+0x73/0xb0 [ 14.843591] print_report+0xd1/0x610 [ 14.843613] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843636] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843691] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843721] kasan_report+0x141/0x180 [ 14.843744] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843793] kasan_check_range+0x10c/0x1c0 [ 14.843818] __kasan_check_write+0x18/0x20 [ 14.843837] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843868] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.843899] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.843925] ? trace_hardirqs_on+0x37/0xe0 [ 14.843947] ? kasan_bitops_generic+0x92/0x1c0 [ 14.843975] kasan_bitops_generic+0x121/0x1c0 [ 14.844001] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.844028] ? __pfx_read_tsc+0x10/0x10 [ 14.844049] ? ktime_get_ts64+0x86/0x230 [ 14.844074] kunit_try_run_case+0x1a5/0x480 [ 14.844099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844173] ? __kthread_parkme+0x82/0x180 [ 14.844193] ? preempt_count_sub+0x50/0x80 [ 14.844218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844295] kthread+0x337/0x6f0 [ 14.844314] ? trace_preempt_on+0x20/0xc0 [ 14.844416] ? __pfx_kthread+0x10/0x10 [ 14.844442] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844467] ? calculate_sigpending+0x7b/0xa0 [ 14.844493] ? __pfx_kthread+0x10/0x10 [ 14.844516] ret_from_fork+0x116/0x1d0 [ 14.844535] ? __pfx_kthread+0x10/0x10 [ 14.844573] ret_from_fork_asm+0x1a/0x30 [ 14.844605] </TASK> [ 14.844616] [ 14.853671] Allocated by task 278: [ 14.853857] kasan_save_stack+0x45/0x70 [ 14.854007] kasan_save_track+0x18/0x40 [ 14.854144] kasan_save_alloc_info+0x3b/0x50 [ 14.854418] __kasan_kmalloc+0xb7/0xc0 [ 14.854615] __kmalloc_cache_noprof+0x189/0x420 [ 14.854886] kasan_bitops_generic+0x92/0x1c0 [ 14.855276] kunit_try_run_case+0x1a5/0x480 [ 14.855652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855855] kthread+0x337/0x6f0 [ 14.855979] ret_from_fork+0x116/0x1d0 [ 14.856149] ret_from_fork_asm+0x1a/0x30 [ 14.856342] [ 14.856439] The buggy address belongs to the object at ffff888102781700 [ 14.856439] which belongs to the cache kmalloc-16 of size 16 [ 14.856991] The buggy address is located 8 bytes inside of [ 14.856991] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.857356] [ 14.857453] The buggy address belongs to the physical page: [ 14.857711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.858081] flags: 0x200000000000000(node=0|zone=2) [ 14.858373] page_type: f5(slab) [ 14.858713] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.859023] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.859308] page dumped because: kasan: bad access detected [ 14.859843] [ 14.859939] Memory state around the buggy address: [ 14.860151] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.860490] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.860816] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861042] ^ [ 14.861221] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861634] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861915] ================================================================== [ 14.777038] ================================================================== [ 14.777294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.777965] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.778395] [ 14.778530] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.778577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.778587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.778609] Call Trace: [ 14.778625] <TASK> [ 14.778640] dump_stack_lvl+0x73/0xb0 [ 14.778669] print_report+0xd1/0x610 [ 14.778692] ? __virt_addr_valid+0x1db/0x2d0 [ 14.778716] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.778783] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778813] kasan_report+0x141/0x180 [ 14.778836] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778870] kasan_check_range+0x10c/0x1c0 [ 14.778895] __kasan_check_write+0x18/0x20 [ 14.778916] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778946] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.778979] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.779004] ? trace_hardirqs_on+0x37/0xe0 [ 14.779026] ? kasan_bitops_generic+0x92/0x1c0 [ 14.779055] kasan_bitops_generic+0x121/0x1c0 [ 14.779079] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.779105] ? __pfx_read_tsc+0x10/0x10 [ 14.779126] ? ktime_get_ts64+0x86/0x230 [ 14.779151] kunit_try_run_case+0x1a5/0x480 [ 14.779176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.779223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.779248] ? __kthread_parkme+0x82/0x180 [ 14.779270] ? preempt_count_sub+0x50/0x80 [ 14.779296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.779403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.779431] kthread+0x337/0x6f0 [ 14.779461] ? trace_preempt_on+0x20/0xc0 [ 14.779485] ? __pfx_kthread+0x10/0x10 [ 14.779506] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.779529] ? calculate_sigpending+0x7b/0xa0 [ 14.779553] ? __pfx_kthread+0x10/0x10 [ 14.779575] ret_from_fork+0x116/0x1d0 [ 14.779594] ? __pfx_kthread+0x10/0x10 [ 14.779615] ret_from_fork_asm+0x1a/0x30 [ 14.779647] </TASK> [ 14.779656] [ 14.788691] Allocated by task 278: [ 14.788888] kasan_save_stack+0x45/0x70 [ 14.789039] kasan_save_track+0x18/0x40 [ 14.789232] kasan_save_alloc_info+0x3b/0x50 [ 14.789441] __kasan_kmalloc+0xb7/0xc0 [ 14.789800] __kmalloc_cache_noprof+0x189/0x420 [ 14.790039] kasan_bitops_generic+0x92/0x1c0 [ 14.790241] kunit_try_run_case+0x1a5/0x480 [ 14.790513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.790822] kthread+0x337/0x6f0 [ 14.790989] ret_from_fork+0x116/0x1d0 [ 14.791165] ret_from_fork_asm+0x1a/0x30 [ 14.791406] [ 14.791515] The buggy address belongs to the object at ffff888102781700 [ 14.791515] which belongs to the cache kmalloc-16 of size 16 [ 14.792011] The buggy address is located 8 bytes inside of [ 14.792011] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.792628] [ 14.792720] The buggy address belongs to the physical page: [ 14.792958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.793295] flags: 0x200000000000000(node=0|zone=2) [ 14.793653] page_type: f5(slab) [ 14.793846] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.794171] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.795838] page dumped because: kasan: bad access detected [ 14.796322] [ 14.796403] Memory state around the buggy address: [ 14.796564] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.796795] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.797014] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797234] ^ [ 14.797359] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797575] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798520] ================================================================== [ 14.799679] ================================================================== [ 14.801001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.801426] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.802134] [ 14.802324] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.802622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.802635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.802654] Call Trace: [ 14.802668] <TASK> [ 14.802683] dump_stack_lvl+0x73/0xb0 [ 14.802713] print_report+0xd1/0x610 [ 14.802734] ? __virt_addr_valid+0x1db/0x2d0 [ 14.802771] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802802] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.802825] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802856] kasan_report+0x141/0x180 [ 14.802879] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802913] kasan_check_range+0x10c/0x1c0 [ 14.802939] __kasan_check_write+0x18/0x20 [ 14.802959] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802990] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.803022] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.803047] ? trace_hardirqs_on+0x37/0xe0 [ 14.803069] ? kasan_bitops_generic+0x92/0x1c0 [ 14.803098] kasan_bitops_generic+0x121/0x1c0 [ 14.803121] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.803149] ? __pfx_read_tsc+0x10/0x10 [ 14.803171] ? ktime_get_ts64+0x86/0x230 [ 14.803194] kunit_try_run_case+0x1a5/0x480 [ 14.803220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.803267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.803292] ? __kthread_parkme+0x82/0x180 [ 14.803313] ? preempt_count_sub+0x50/0x80 [ 14.803424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.803476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.803503] kthread+0x337/0x6f0 [ 14.803523] ? trace_preempt_on+0x20/0xc0 [ 14.803545] ? __pfx_kthread+0x10/0x10 [ 14.803567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.803590] ? calculate_sigpending+0x7b/0xa0 [ 14.803613] ? __pfx_kthread+0x10/0x10 [ 14.803635] ret_from_fork+0x116/0x1d0 [ 14.803655] ? __pfx_kthread+0x10/0x10 [ 14.803676] ret_from_fork_asm+0x1a/0x30 [ 14.803707] </TASK> [ 14.803717] [ 14.813922] Allocated by task 278: [ 14.814113] kasan_save_stack+0x45/0x70 [ 14.814299] kasan_save_track+0x18/0x40 [ 14.814649] kasan_save_alloc_info+0x3b/0x50 [ 14.814882] __kasan_kmalloc+0xb7/0xc0 [ 14.815053] __kmalloc_cache_noprof+0x189/0x420 [ 14.815216] kasan_bitops_generic+0x92/0x1c0 [ 14.815426] kunit_try_run_case+0x1a5/0x480 [ 14.815788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816012] kthread+0x337/0x6f0 [ 14.816134] ret_from_fork+0x116/0x1d0 [ 14.816285] ret_from_fork_asm+0x1a/0x30 [ 14.816487] [ 14.816588] The buggy address belongs to the object at ffff888102781700 [ 14.816588] which belongs to the cache kmalloc-16 of size 16 [ 14.817162] The buggy address is located 8 bytes inside of [ 14.817162] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.817589] [ 14.817746] The buggy address belongs to the physical page: [ 14.818018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.818386] flags: 0x200000000000000(node=0|zone=2) [ 14.818593] page_type: f5(slab) [ 14.818729] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.819083] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.819384] page dumped because: kasan: bad access detected [ 14.819631] [ 14.819711] Memory state around the buggy address: [ 14.819939] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820207] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820488] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820801] ^ [ 14.820924] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821219] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821431] ================================================================== [ 14.736123] ================================================================== [ 14.736367] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.736833] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.737314] [ 14.737445] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.737490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.737523] Call Trace: [ 14.737538] <TASK> [ 14.737552] dump_stack_lvl+0x73/0xb0 [ 14.737583] print_report+0xd1/0x610 [ 14.737606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.737630] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.737685] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737716] kasan_report+0x141/0x180 [ 14.737739] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737789] kasan_check_range+0x10c/0x1c0 [ 14.737815] __kasan_check_write+0x18/0x20 [ 14.737834] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737866] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.737897] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.737923] ? trace_hardirqs_on+0x37/0xe0 [ 14.737945] ? kasan_bitops_generic+0x92/0x1c0 [ 14.737974] kasan_bitops_generic+0x121/0x1c0 [ 14.737999] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.738026] ? __pfx_read_tsc+0x10/0x10 [ 14.738048] ? ktime_get_ts64+0x86/0x230 [ 14.738073] kunit_try_run_case+0x1a5/0x480 [ 14.738100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738175] ? __kthread_parkme+0x82/0x180 [ 14.738196] ? preempt_count_sub+0x50/0x80 [ 14.738221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738301] kthread+0x337/0x6f0 [ 14.738321] ? trace_preempt_on+0x20/0xc0 [ 14.738344] ? __pfx_kthread+0x10/0x10 [ 14.738366] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738396] ? calculate_sigpending+0x7b/0xa0 [ 14.738421] ? __pfx_kthread+0x10/0x10 [ 14.738443] ret_from_fork+0x116/0x1d0 [ 14.738462] ? __pfx_kthread+0x10/0x10 [ 14.738484] ret_from_fork_asm+0x1a/0x30 [ 14.738517] </TASK> [ 14.738526] [ 14.746842] Allocated by task 278: [ 14.747027] kasan_save_stack+0x45/0x70 [ 14.747237] kasan_save_track+0x18/0x40 [ 14.747516] kasan_save_alloc_info+0x3b/0x50 [ 14.747697] __kasan_kmalloc+0xb7/0xc0 [ 14.747892] __kmalloc_cache_noprof+0x189/0x420 [ 14.748100] kasan_bitops_generic+0x92/0x1c0 [ 14.748284] kunit_try_run_case+0x1a5/0x480 [ 14.748432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.748709] kthread+0x337/0x6f0 [ 14.748889] ret_from_fork+0x116/0x1d0 [ 14.749062] ret_from_fork_asm+0x1a/0x30 [ 14.749228] [ 14.749320] The buggy address belongs to the object at ffff888102781700 [ 14.749320] which belongs to the cache kmalloc-16 of size 16 [ 14.749738] The buggy address is located 8 bytes inside of [ 14.749738] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.750279] [ 14.750359] The buggy address belongs to the physical page: [ 14.750612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.750982] flags: 0x200000000000000(node=0|zone=2) [ 14.751188] page_type: f5(slab) [ 14.751336] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.751569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.751807] page dumped because: kasan: bad access detected [ 14.751979] [ 14.752072] Memory state around the buggy address: [ 14.752293] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.753060] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.753751] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.753986] ^ [ 14.754109] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754325] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755016] ================================================================== [ 14.821827] ================================================================== [ 14.822599] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823053] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.823467] [ 14.823584] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.823627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.823638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.823660] Call Trace: [ 14.823673] <TASK> [ 14.823687] dump_stack_lvl+0x73/0xb0 [ 14.823716] print_report+0xd1/0x610 [ 14.823738] ? __virt_addr_valid+0x1db/0x2d0 [ 14.823774] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.823829] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823859] kasan_report+0x141/0x180 [ 14.823881] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823917] kasan_check_range+0x10c/0x1c0 [ 14.823941] __kasan_check_write+0x18/0x20 [ 14.823961] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823992] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.824023] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.824049] ? trace_hardirqs_on+0x37/0xe0 [ 14.824071] ? kasan_bitops_generic+0x92/0x1c0 [ 14.824100] kasan_bitops_generic+0x121/0x1c0 [ 14.824123] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.824150] ? __pfx_read_tsc+0x10/0x10 [ 14.824172] ? ktime_get_ts64+0x86/0x230 [ 14.824195] kunit_try_run_case+0x1a5/0x480 [ 14.824220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.824268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.824293] ? __kthread_parkme+0x82/0x180 [ 14.824313] ? preempt_count_sub+0x50/0x80 [ 14.824338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.824389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.824415] kthread+0x337/0x6f0 [ 14.824434] ? trace_preempt_on+0x20/0xc0 [ 14.824456] ? __pfx_kthread+0x10/0x10 [ 14.824477] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.824500] ? calculate_sigpending+0x7b/0xa0 [ 14.824524] ? __pfx_kthread+0x10/0x10 [ 14.824545] ret_from_fork+0x116/0x1d0 [ 14.824564] ? __pfx_kthread+0x10/0x10 [ 14.824586] ret_from_fork_asm+0x1a/0x30 [ 14.824616] </TASK> [ 14.824626] [ 14.832930] Allocated by task 278: [ 14.833111] kasan_save_stack+0x45/0x70 [ 14.833313] kasan_save_track+0x18/0x40 [ 14.833585] kasan_save_alloc_info+0x3b/0x50 [ 14.833810] __kasan_kmalloc+0xb7/0xc0 [ 14.834005] __kmalloc_cache_noprof+0x189/0x420 [ 14.834227] kasan_bitops_generic+0x92/0x1c0 [ 14.834432] kunit_try_run_case+0x1a5/0x480 [ 14.834810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835029] kthread+0x337/0x6f0 [ 14.835152] ret_from_fork+0x116/0x1d0 [ 14.835285] ret_from_fork_asm+0x1a/0x30 [ 14.835424] [ 14.835496] The buggy address belongs to the object at ffff888102781700 [ 14.835496] which belongs to the cache kmalloc-16 of size 16 [ 14.836366] The buggy address is located 8 bytes inside of [ 14.836366] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.836960] [ 14.837036] The buggy address belongs to the physical page: [ 14.837207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.837768] flags: 0x200000000000000(node=0|zone=2) [ 14.838012] page_type: f5(slab) [ 14.838185] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.838536] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.838892] page dumped because: kasan: bad access detected [ 14.839406] [ 14.839525] Memory state around the buggy address: [ 14.839681] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.839941] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.840258] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840637] ^ [ 14.840920] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841145] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841514] ================================================================== [ 14.862279] ================================================================== [ 14.862722] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.863322] Read of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.863689] [ 14.863788] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.863833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.863855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.863877] Call Trace: [ 14.863893] <TASK> [ 14.863907] dump_stack_lvl+0x73/0xb0 [ 14.863936] print_report+0xd1/0x610 [ 14.863958] ? __virt_addr_valid+0x1db/0x2d0 [ 14.863981] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864036] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864067] kasan_report+0x141/0x180 [ 14.864089] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864124] kasan_check_range+0x10c/0x1c0 [ 14.864148] __kasan_check_read+0x15/0x20 [ 14.864168] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864198] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.864230] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.864255] ? trace_hardirqs_on+0x37/0xe0 [ 14.864278] ? kasan_bitops_generic+0x92/0x1c0 [ 14.864306] kasan_bitops_generic+0x121/0x1c0 [ 14.864331] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.864359] ? __pfx_read_tsc+0x10/0x10 [ 14.864381] ? ktime_get_ts64+0x86/0x230 [ 14.864404] kunit_try_run_case+0x1a5/0x480 [ 14.864432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.864658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.864683] ? __kthread_parkme+0x82/0x180 [ 14.864705] ? preempt_count_sub+0x50/0x80 [ 14.864730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.864821] kthread+0x337/0x6f0 [ 14.864841] ? trace_preempt_on+0x20/0xc0 [ 14.864864] ? __pfx_kthread+0x10/0x10 [ 14.864885] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.864907] ? calculate_sigpending+0x7b/0xa0 [ 14.864932] ? __pfx_kthread+0x10/0x10 [ 14.864954] ret_from_fork+0x116/0x1d0 [ 14.864974] ? __pfx_kthread+0x10/0x10 [ 14.864995] ret_from_fork_asm+0x1a/0x30 [ 14.865027] </TASK> [ 14.865036] [ 14.874581] Allocated by task 278: [ 14.874836] kasan_save_stack+0x45/0x70 [ 14.875009] kasan_save_track+0x18/0x40 [ 14.875205] kasan_save_alloc_info+0x3b/0x50 [ 14.875454] __kasan_kmalloc+0xb7/0xc0 [ 14.875638] __kmalloc_cache_noprof+0x189/0x420 [ 14.875867] kasan_bitops_generic+0x92/0x1c0 [ 14.876043] kunit_try_run_case+0x1a5/0x480 [ 14.876246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.876625] kthread+0x337/0x6f0 [ 14.876792] ret_from_fork+0x116/0x1d0 [ 14.876995] ret_from_fork_asm+0x1a/0x30 [ 14.877156] [ 14.877226] The buggy address belongs to the object at ffff888102781700 [ 14.877226] which belongs to the cache kmalloc-16 of size 16 [ 14.877577] The buggy address is located 8 bytes inside of [ 14.877577] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.878131] [ 14.878225] The buggy address belongs to the physical page: [ 14.878480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.879201] flags: 0x200000000000000(node=0|zone=2) [ 14.879411] page_type: f5(slab) [ 14.879536] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.879786] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.880224] page dumped because: kasan: bad access detected [ 14.880830] [ 14.880939] Memory state around the buggy address: [ 14.881128] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.881345] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.881805] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882400] ^ [ 14.882625] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883338] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.556882] ================================================================== [ 14.557244] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.557791] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.558056] [ 14.558138] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.558179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558213] Call Trace: [ 14.558223] <TASK> [ 14.558236] dump_stack_lvl+0x73/0xb0 [ 14.558265] print_report+0xd1/0x610 [ 14.558286] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558309] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.558361] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558396] kasan_report+0x141/0x180 [ 14.558419] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558451] kasan_check_range+0x10c/0x1c0 [ 14.558475] __kasan_check_write+0x18/0x20 [ 14.558496] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558523] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.558570] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.558595] ? trace_hardirqs_on+0x37/0xe0 [ 14.558617] ? kasan_bitops_generic+0x92/0x1c0 [ 14.558646] kasan_bitops_generic+0x116/0x1c0 [ 14.558671] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.558697] ? __pfx_read_tsc+0x10/0x10 [ 14.558719] ? ktime_get_ts64+0x86/0x230 [ 14.558743] kunit_try_run_case+0x1a5/0x480 [ 14.558853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.558905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.558930] ? __kthread_parkme+0x82/0x180 [ 14.558951] ? preempt_count_sub+0x50/0x80 [ 14.558977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559062] kthread+0x337/0x6f0 [ 14.559082] ? trace_preempt_on+0x20/0xc0 [ 14.559121] ? __pfx_kthread+0x10/0x10 [ 14.559142] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559166] ? calculate_sigpending+0x7b/0xa0 [ 14.559203] ? __pfx_kthread+0x10/0x10 [ 14.559227] ret_from_fork+0x116/0x1d0 [ 14.559247] ? __pfx_kthread+0x10/0x10 [ 14.559268] ret_from_fork_asm+0x1a/0x30 [ 14.559298] </TASK> [ 14.559308] [ 14.568714] Allocated by task 278: [ 14.568939] kasan_save_stack+0x45/0x70 [ 14.569144] kasan_save_track+0x18/0x40 [ 14.569334] kasan_save_alloc_info+0x3b/0x50 [ 14.569610] __kasan_kmalloc+0xb7/0xc0 [ 14.569781] __kmalloc_cache_noprof+0x189/0x420 [ 14.570026] kasan_bitops_generic+0x92/0x1c0 [ 14.570254] kunit_try_run_case+0x1a5/0x480 [ 14.570572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.570853] kthread+0x337/0x6f0 [ 14.571025] ret_from_fork+0x116/0x1d0 [ 14.571229] ret_from_fork_asm+0x1a/0x30 [ 14.571523] [ 14.571639] The buggy address belongs to the object at ffff888102781700 [ 14.571639] which belongs to the cache kmalloc-16 of size 16 [ 14.572159] The buggy address is located 8 bytes inside of [ 14.572159] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.572842] [ 14.572961] The buggy address belongs to the physical page: [ 14.573160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.573525] flags: 0x200000000000000(node=0|zone=2) [ 14.573886] page_type: f5(slab) [ 14.574015] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574319] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.574842] page dumped because: kasan: bad access detected [ 14.575024] [ 14.575093] Memory state around the buggy address: [ 14.575246] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.575566] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.576072] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576438] ^ [ 14.576561] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576998] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577401] ================================================================== [ 14.577984] ================================================================== [ 14.578282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.578723] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.579063] [ 14.579172] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.579215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579257] Call Trace: [ 14.579271] <TASK> [ 14.579285] dump_stack_lvl+0x73/0xb0 [ 14.579378] print_report+0xd1/0x610 [ 14.579403] ? __virt_addr_valid+0x1db/0x2d0 [ 14.579437] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.579510] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579538] kasan_report+0x141/0x180 [ 14.579561] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579593] kasan_check_range+0x10c/0x1c0 [ 14.579617] __kasan_check_write+0x18/0x20 [ 14.579637] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579666] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.579695] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.579720] ? trace_hardirqs_on+0x37/0xe0 [ 14.579743] ? kasan_bitops_generic+0x92/0x1c0 [ 14.579782] kasan_bitops_generic+0x116/0x1c0 [ 14.579806] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.579833] ? __pfx_read_tsc+0x10/0x10 [ 14.579855] ? ktime_get_ts64+0x86/0x230 [ 14.579887] kunit_try_run_case+0x1a5/0x480 [ 14.579914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.579948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.579973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.579998] ? __kthread_parkme+0x82/0x180 [ 14.580020] ? preempt_count_sub+0x50/0x80 [ 14.580044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580123] kthread+0x337/0x6f0 [ 14.580144] ? trace_preempt_on+0x20/0xc0 [ 14.580167] ? __pfx_kthread+0x10/0x10 [ 14.580188] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580211] ? calculate_sigpending+0x7b/0xa0 [ 14.580236] ? __pfx_kthread+0x10/0x10 [ 14.580258] ret_from_fork+0x116/0x1d0 [ 14.580277] ? __pfx_kthread+0x10/0x10 [ 14.580298] ret_from_fork_asm+0x1a/0x30 [ 14.580329] </TASK> [ 14.580340] [ 14.589891] Allocated by task 278: [ 14.590064] kasan_save_stack+0x45/0x70 [ 14.590275] kasan_save_track+0x18/0x40 [ 14.590500] kasan_save_alloc_info+0x3b/0x50 [ 14.590651] __kasan_kmalloc+0xb7/0xc0 [ 14.590940] __kmalloc_cache_noprof+0x189/0x420 [ 14.591167] kasan_bitops_generic+0x92/0x1c0 [ 14.591346] kunit_try_run_case+0x1a5/0x480 [ 14.591689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591952] kthread+0x337/0x6f0 [ 14.592129] ret_from_fork+0x116/0x1d0 [ 14.592306] ret_from_fork_asm+0x1a/0x30 [ 14.592671] [ 14.592794] The buggy address belongs to the object at ffff888102781700 [ 14.592794] which belongs to the cache kmalloc-16 of size 16 [ 14.593309] The buggy address is located 8 bytes inside of [ 14.593309] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.593900] [ 14.594000] The buggy address belongs to the physical page: [ 14.594212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.594626] flags: 0x200000000000000(node=0|zone=2) [ 14.594800] page_type: f5(slab) [ 14.594921] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.595151] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.595678] page dumped because: kasan: bad access detected [ 14.595948] [ 14.596042] Memory state around the buggy address: [ 14.596266] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.596736] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.597088] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597303] ^ [ 14.597425] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597640] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598322] ================================================================== [ 14.619817] ================================================================== [ 14.620308] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.620842] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.621069] [ 14.621165] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.621208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.621220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.621240] Call Trace: [ 14.621253] <TASK> [ 14.621268] dump_stack_lvl+0x73/0xb0 [ 14.621296] print_report+0xd1/0x610 [ 14.621318] ? __virt_addr_valid+0x1db/0x2d0 [ 14.621488] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.621521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.621546] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.621574] kasan_report+0x141/0x180 [ 14.621597] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.621629] kasan_check_range+0x10c/0x1c0 [ 14.621654] __kasan_check_write+0x18/0x20 [ 14.621675] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.621713] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.621742] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.621778] ? trace_hardirqs_on+0x37/0xe0 [ 14.621802] ? kasan_bitops_generic+0x92/0x1c0 [ 14.621841] kasan_bitops_generic+0x116/0x1c0 [ 14.621866] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.621903] ? __pfx_read_tsc+0x10/0x10 [ 14.621924] ? ktime_get_ts64+0x86/0x230 [ 14.621958] kunit_try_run_case+0x1a5/0x480 [ 14.621983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.622007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.622042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.622067] ? __kthread_parkme+0x82/0x180 [ 14.622089] ? preempt_count_sub+0x50/0x80 [ 14.622114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.622139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.622166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.622192] kthread+0x337/0x6f0 [ 14.622212] ? trace_preempt_on+0x20/0xc0 [ 14.622235] ? __pfx_kthread+0x10/0x10 [ 14.622255] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.622287] ? calculate_sigpending+0x7b/0xa0 [ 14.622312] ? __pfx_kthread+0x10/0x10 [ 14.622334] ret_from_fork+0x116/0x1d0 [ 14.622363] ? __pfx_kthread+0x10/0x10 [ 14.622397] ret_from_fork_asm+0x1a/0x30 [ 14.622429] </TASK> [ 14.622439] [ 14.636983] Allocated by task 278: [ 14.637149] kasan_save_stack+0x45/0x70 [ 14.637301] kasan_save_track+0x18/0x40 [ 14.637618] kasan_save_alloc_info+0x3b/0x50 [ 14.637851] __kasan_kmalloc+0xb7/0xc0 [ 14.638042] __kmalloc_cache_noprof+0x189/0x420 [ 14.638265] kasan_bitops_generic+0x92/0x1c0 [ 14.638571] kunit_try_run_case+0x1a5/0x480 [ 14.638773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639027] kthread+0x337/0x6f0 [ 14.639228] ret_from_fork+0x116/0x1d0 [ 14.639542] ret_from_fork_asm+0x1a/0x30 [ 14.639904] [ 14.640009] The buggy address belongs to the object at ffff888102781700 [ 14.640009] which belongs to the cache kmalloc-16 of size 16 [ 14.640461] The buggy address is located 8 bytes inside of [ 14.640461] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.641008] [ 14.641107] The buggy address belongs to the physical page: [ 14.641439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.641825] flags: 0x200000000000000(node=0|zone=2) [ 14.641989] page_type: f5(slab) [ 14.642154] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.642629] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.642994] page dumped because: kasan: bad access detected [ 14.643229] [ 14.643516] Memory state around the buggy address: [ 14.643783] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.644045] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.644454] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.644795] ^ [ 14.644968] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.645283] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.645689] ================================================================== [ 14.598866] ================================================================== [ 14.599218] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.599920] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.600220] [ 14.600329] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.600530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.600555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.600575] Call Trace: [ 14.600589] <TASK> [ 14.600605] dump_stack_lvl+0x73/0xb0 [ 14.600646] print_report+0xd1/0x610 [ 14.600668] ? __virt_addr_valid+0x1db/0x2d0 [ 14.600691] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.600727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.600751] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.600794] kasan_report+0x141/0x180 [ 14.600817] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.600849] kasan_check_range+0x10c/0x1c0 [ 14.600873] __kasan_check_write+0x18/0x20 [ 14.600903] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.600931] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.600970] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.600996] ? trace_hardirqs_on+0x37/0xe0 [ 14.601018] ? kasan_bitops_generic+0x92/0x1c0 [ 14.601055] kasan_bitops_generic+0x116/0x1c0 [ 14.601081] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.601108] ? __pfx_read_tsc+0x10/0x10 [ 14.601139] ? ktime_get_ts64+0x86/0x230 [ 14.601164] kunit_try_run_case+0x1a5/0x480 [ 14.601189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601271] ? __kthread_parkme+0x82/0x180 [ 14.601303] ? preempt_count_sub+0x50/0x80 [ 14.601406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601518] kthread+0x337/0x6f0 [ 14.601540] ? trace_preempt_on+0x20/0xc0 [ 14.601575] ? __pfx_kthread+0x10/0x10 [ 14.601598] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.601622] ? calculate_sigpending+0x7b/0xa0 [ 14.601648] ? __pfx_kthread+0x10/0x10 [ 14.601671] ret_from_fork+0x116/0x1d0 [ 14.601690] ? __pfx_kthread+0x10/0x10 [ 14.601719] ret_from_fork_asm+0x1a/0x30 [ 14.601752] </TASK> [ 14.601780] [ 14.610932] Allocated by task 278: [ 14.611106] kasan_save_stack+0x45/0x70 [ 14.611303] kasan_save_track+0x18/0x40 [ 14.611610] kasan_save_alloc_info+0x3b/0x50 [ 14.611823] __kasan_kmalloc+0xb7/0xc0 [ 14.612010] __kmalloc_cache_noprof+0x189/0x420 [ 14.612230] kasan_bitops_generic+0x92/0x1c0 [ 14.612514] kunit_try_run_case+0x1a5/0x480 [ 14.612739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612992] kthread+0x337/0x6f0 [ 14.613174] ret_from_fork+0x116/0x1d0 [ 14.613323] ret_from_fork_asm+0x1a/0x30 [ 14.613661] [ 14.613781] The buggy address belongs to the object at ffff888102781700 [ 14.613781] which belongs to the cache kmalloc-16 of size 16 [ 14.614135] The buggy address is located 8 bytes inside of [ 14.614135] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.614584] [ 14.614681] The buggy address belongs to the physical page: [ 14.615055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.615551] flags: 0x200000000000000(node=0|zone=2) [ 14.615782] page_type: f5(slab) [ 14.615976] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.616300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.616698] page dumped because: kasan: bad access detected [ 14.616897] [ 14.616967] Memory state around the buggy address: [ 14.617123] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.617651] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.618153] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.618638] ^ [ 14.618797] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.619018] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.619362] ================================================================== [ 14.536723] ================================================================== [ 14.537199] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.537544] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.538097] [ 14.538235] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.538282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.538295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.538317] Call Trace: [ 14.538395] <TASK> [ 14.538412] dump_stack_lvl+0x73/0xb0 [ 14.538446] print_report+0xd1/0x610 [ 14.538468] ? __virt_addr_valid+0x1db/0x2d0 [ 14.538492] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.538545] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538573] kasan_report+0x141/0x180 [ 14.538596] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538628] kasan_check_range+0x10c/0x1c0 [ 14.538653] __kasan_check_write+0x18/0x20 [ 14.538674] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538701] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.538730] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.538768] ? trace_hardirqs_on+0x37/0xe0 [ 14.538792] ? kasan_bitops_generic+0x92/0x1c0 [ 14.538820] kasan_bitops_generic+0x116/0x1c0 [ 14.538845] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.538872] ? __pfx_read_tsc+0x10/0x10 [ 14.538894] ? ktime_get_ts64+0x86/0x230 [ 14.538918] kunit_try_run_case+0x1a5/0x480 [ 14.538944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.538968] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.538994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.539019] ? __kthread_parkme+0x82/0x180 [ 14.539041] ? preempt_count_sub+0x50/0x80 [ 14.539065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.539117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.539143] kthread+0x337/0x6f0 [ 14.539163] ? trace_preempt_on+0x20/0xc0 [ 14.539186] ? __pfx_kthread+0x10/0x10 [ 14.539206] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.539228] ? calculate_sigpending+0x7b/0xa0 [ 14.539253] ? __pfx_kthread+0x10/0x10 [ 14.539275] ret_from_fork+0x116/0x1d0 [ 14.539294] ? __pfx_kthread+0x10/0x10 [ 14.539315] ret_from_fork_asm+0x1a/0x30 [ 14.539400] </TASK> [ 14.539411] [ 14.547354] Allocated by task 278: [ 14.547538] kasan_save_stack+0x45/0x70 [ 14.547831] kasan_save_track+0x18/0x40 [ 14.548031] kasan_save_alloc_info+0x3b/0x50 [ 14.548247] __kasan_kmalloc+0xb7/0xc0 [ 14.548482] __kmalloc_cache_noprof+0x189/0x420 [ 14.548679] kasan_bitops_generic+0x92/0x1c0 [ 14.548842] kunit_try_run_case+0x1a5/0x480 [ 14.549034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.549287] kthread+0x337/0x6f0 [ 14.549508] ret_from_fork+0x116/0x1d0 [ 14.549652] ret_from_fork_asm+0x1a/0x30 [ 14.549807] [ 14.549876] The buggy address belongs to the object at ffff888102781700 [ 14.549876] which belongs to the cache kmalloc-16 of size 16 [ 14.550254] The buggy address is located 8 bytes inside of [ 14.550254] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.551335] [ 14.551628] The buggy address belongs to the physical page: [ 14.551842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.552389] flags: 0x200000000000000(node=0|zone=2) [ 14.552619] page_type: f5(slab) [ 14.552786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.553017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.553242] page dumped because: kasan: bad access detected [ 14.553720] [ 14.553830] Memory state around the buggy address: [ 14.554059] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.554387] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.554791] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555042] ^ [ 14.555166] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555645] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555928] ================================================================== [ 14.646166] ================================================================== [ 14.646627] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.647028] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.647555] [ 14.647664] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.647708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.647721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.647741] Call Trace: [ 14.647768] <TASK> [ 14.647782] dump_stack_lvl+0x73/0xb0 [ 14.647813] print_report+0xd1/0x610 [ 14.647836] ? __virt_addr_valid+0x1db/0x2d0 [ 14.647858] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.647886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.647911] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.647939] kasan_report+0x141/0x180 [ 14.647961] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.647993] kasan_check_range+0x10c/0x1c0 [ 14.648018] __kasan_check_write+0x18/0x20 [ 14.648038] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.648066] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.648095] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.648121] ? trace_hardirqs_on+0x37/0xe0 [ 14.648156] ? kasan_bitops_generic+0x92/0x1c0 [ 14.648184] kasan_bitops_generic+0x116/0x1c0 [ 14.648222] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.648249] ? __pfx_read_tsc+0x10/0x10 [ 14.648271] ? ktime_get_ts64+0x86/0x230 [ 14.648294] kunit_try_run_case+0x1a5/0x480 [ 14.648388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.648415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.648458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.648484] ? __kthread_parkme+0x82/0x180 [ 14.648506] ? preempt_count_sub+0x50/0x80 [ 14.648532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.648560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.648586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.648612] kthread+0x337/0x6f0 [ 14.648631] ? trace_preempt_on+0x20/0xc0 [ 14.648656] ? __pfx_kthread+0x10/0x10 [ 14.648677] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.648701] ? calculate_sigpending+0x7b/0xa0 [ 14.648726] ? __pfx_kthread+0x10/0x10 [ 14.648748] ret_from_fork+0x116/0x1d0 [ 14.648775] ? __pfx_kthread+0x10/0x10 [ 14.648797] ret_from_fork_asm+0x1a/0x30 [ 14.648829] </TASK> [ 14.648839] [ 14.657558] Allocated by task 278: [ 14.657744] kasan_save_stack+0x45/0x70 [ 14.657984] kasan_save_track+0x18/0x40 [ 14.658214] kasan_save_alloc_info+0x3b/0x50 [ 14.658519] __kasan_kmalloc+0xb7/0xc0 [ 14.658723] __kmalloc_cache_noprof+0x189/0x420 [ 14.658972] kasan_bitops_generic+0x92/0x1c0 [ 14.659178] kunit_try_run_case+0x1a5/0x480 [ 14.659709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660016] kthread+0x337/0x6f0 [ 14.660185] ret_from_fork+0x116/0x1d0 [ 14.660465] ret_from_fork_asm+0x1a/0x30 [ 14.660682] [ 14.660775] The buggy address belongs to the object at ffff888102781700 [ 14.660775] which belongs to the cache kmalloc-16 of size 16 [ 14.661281] The buggy address is located 8 bytes inside of [ 14.661281] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.661877] [ 14.661993] The buggy address belongs to the physical page: [ 14.662202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.662565] flags: 0x200000000000000(node=0|zone=2) [ 14.662839] page_type: f5(slab) [ 14.663009] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.663528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.663933] page dumped because: kasan: bad access detected [ 14.664200] [ 14.664272] Memory state around the buggy address: [ 14.664445] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.664885] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.665241] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.665633] ^ [ 14.665805] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666126] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666522] ================================================================== [ 14.666972] ================================================================== [ 14.667493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.667887] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.668217] [ 14.668389] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.668452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.668464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.668493] Call Trace: [ 14.668507] <TASK> [ 14.668521] dump_stack_lvl+0x73/0xb0 [ 14.668551] print_report+0xd1/0x610 [ 14.668586] ? __virt_addr_valid+0x1db/0x2d0 [ 14.668609] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668637] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.668662] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668690] kasan_report+0x141/0x180 [ 14.668712] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668745] kasan_check_range+0x10c/0x1c0 [ 14.668777] __kasan_check_write+0x18/0x20 [ 14.668797] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.668862] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.668887] ? trace_hardirqs_on+0x37/0xe0 [ 14.668910] ? kasan_bitops_generic+0x92/0x1c0 [ 14.668948] kasan_bitops_generic+0x116/0x1c0 [ 14.668973] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.668999] ? __pfx_read_tsc+0x10/0x10 [ 14.669020] ? ktime_get_ts64+0x86/0x230 [ 14.669044] kunit_try_run_case+0x1a5/0x480 [ 14.669070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669118] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669143] ? __kthread_parkme+0x82/0x180 [ 14.669163] ? preempt_count_sub+0x50/0x80 [ 14.669186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669264] kthread+0x337/0x6f0 [ 14.669291] ? trace_preempt_on+0x20/0xc0 [ 14.669337] ? __pfx_kthread+0x10/0x10 [ 14.669358] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.669380] ? calculate_sigpending+0x7b/0xa0 [ 14.669405] ? __pfx_kthread+0x10/0x10 [ 14.669432] ret_from_fork+0x116/0x1d0 [ 14.669451] ? __pfx_kthread+0x10/0x10 [ 14.669472] ret_from_fork_asm+0x1a/0x30 [ 14.669503] </TASK> [ 14.669512] [ 14.678372] Allocated by task 278: [ 14.678599] kasan_save_stack+0x45/0x70 [ 14.678776] kasan_save_track+0x18/0x40 [ 14.678913] kasan_save_alloc_info+0x3b/0x50 [ 14.679065] __kasan_kmalloc+0xb7/0xc0 [ 14.679278] __kmalloc_cache_noprof+0x189/0x420 [ 14.679694] kasan_bitops_generic+0x92/0x1c0 [ 14.679961] kunit_try_run_case+0x1a5/0x480 [ 14.680160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680420] kthread+0x337/0x6f0 [ 14.680643] ret_from_fork+0x116/0x1d0 [ 14.680844] ret_from_fork_asm+0x1a/0x30 [ 14.681043] [ 14.681120] The buggy address belongs to the object at ffff888102781700 [ 14.681120] which belongs to the cache kmalloc-16 of size 16 [ 14.681701] The buggy address is located 8 bytes inside of [ 14.681701] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.682229] [ 14.682394] The buggy address belongs to the physical page: [ 14.682677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.683032] flags: 0x200000000000000(node=0|zone=2) [ 14.683263] page_type: f5(slab) [ 14.683429] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.683666] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684253] page dumped because: kasan: bad access detected [ 14.684635] [ 14.684767] Memory state around the buggy address: [ 14.684947] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.685262] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.685677] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.685986] ^ [ 14.686111] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686542] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686879] ================================================================== [ 14.687316] ================================================================== [ 14.687650] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.688364] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.688719] [ 14.688817] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688896] Call Trace: [ 14.688910] <TASK> [ 14.688927] dump_stack_lvl+0x73/0xb0 [ 14.688957] print_report+0xd1/0x610 [ 14.688978] ? __virt_addr_valid+0x1db/0x2d0 [ 14.689003] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.689031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.689055] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.689083] kasan_report+0x141/0x180 [ 14.689118] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.689150] kasan_check_range+0x10c/0x1c0 [ 14.689186] __kasan_check_write+0x18/0x20 [ 14.689206] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.689234] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.689263] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.689287] ? trace_hardirqs_on+0x37/0xe0 [ 14.689369] ? kasan_bitops_generic+0x92/0x1c0 [ 14.689404] kasan_bitops_generic+0x116/0x1c0 [ 14.689446] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689482] ? __pfx_read_tsc+0x10/0x10 [ 14.689504] ? ktime_get_ts64+0x86/0x230 [ 14.689528] kunit_try_run_case+0x1a5/0x480 [ 14.689564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689643] ? __kthread_parkme+0x82/0x180 [ 14.689673] ? preempt_count_sub+0x50/0x80 [ 14.689697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689793] kthread+0x337/0x6f0 [ 14.689814] ? trace_preempt_on+0x20/0xc0 [ 14.689836] ? __pfx_kthread+0x10/0x10 [ 14.689858] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689879] ? calculate_sigpending+0x7b/0xa0 [ 14.689905] ? __pfx_kthread+0x10/0x10 [ 14.689926] ret_from_fork+0x116/0x1d0 [ 14.689945] ? __pfx_kthread+0x10/0x10 [ 14.689966] ret_from_fork_asm+0x1a/0x30 [ 14.689998] </TASK> [ 14.690007] [ 14.698571] Allocated by task 278: [ 14.698792] kasan_save_stack+0x45/0x70 [ 14.698997] kasan_save_track+0x18/0x40 [ 14.699209] kasan_save_alloc_info+0x3b/0x50 [ 14.699442] __kasan_kmalloc+0xb7/0xc0 [ 14.699629] __kmalloc_cache_noprof+0x189/0x420 [ 14.699835] kasan_bitops_generic+0x92/0x1c0 [ 14.699986] kunit_try_run_case+0x1a5/0x480 [ 14.700133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.700502] kthread+0x337/0x6f0 [ 14.700697] ret_from_fork+0x116/0x1d0 [ 14.700902] ret_from_fork_asm+0x1a/0x30 [ 14.701098] [ 14.701197] The buggy address belongs to the object at ffff888102781700 [ 14.701197] which belongs to the cache kmalloc-16 of size 16 [ 14.701745] The buggy address is located 8 bytes inside of [ 14.701745] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.702233] [ 14.702452] The buggy address belongs to the physical page: [ 14.702751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.703117] flags: 0x200000000000000(node=0|zone=2) [ 14.703404] page_type: f5(slab) [ 14.703609] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.703994] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.704306] page dumped because: kasan: bad access detected [ 14.704744] [ 14.704851] Memory state around the buggy address: [ 14.705077] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.705438] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.705703] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706042] ^ [ 14.706219] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706592] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.510567] ================================================================== [ 14.510926] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.511162] Read of size 1 at addr ffff8881038e8050 by task kunit_try_catch/276 [ 14.511697] [ 14.511834] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.511878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.511890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.511911] Call Trace: [ 14.511924] <TASK> [ 14.511940] dump_stack_lvl+0x73/0xb0 [ 14.511970] print_report+0xd1/0x610 [ 14.511992] ? __virt_addr_valid+0x1db/0x2d0 [ 14.512014] ? strnlen+0x73/0x80 [ 14.512032] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.512055] ? strnlen+0x73/0x80 [ 14.512074] kasan_report+0x141/0x180 [ 14.512096] ? strnlen+0x73/0x80 [ 14.512118] __asan_report_load1_noabort+0x18/0x20 [ 14.512144] strnlen+0x73/0x80 [ 14.512164] kasan_strings+0x615/0xe80 [ 14.512185] ? trace_hardirqs_on+0x37/0xe0 [ 14.512210] ? __pfx_kasan_strings+0x10/0x10 [ 14.512231] ? finish_task_switch.isra.0+0x153/0x700 [ 14.512254] ? __switch_to+0x47/0xf50 [ 14.512279] ? __schedule+0x10cc/0x2b60 [ 14.512300] ? __pfx_read_tsc+0x10/0x10 [ 14.512321] ? ktime_get_ts64+0x86/0x230 [ 14.512347] kunit_try_run_case+0x1a5/0x480 [ 14.512372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.512396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.512421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.512446] ? __kthread_parkme+0x82/0x180 [ 14.512467] ? preempt_count_sub+0x50/0x80 [ 14.512491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.512516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.512567] kthread+0x337/0x6f0 [ 14.512587] ? trace_preempt_on+0x20/0xc0 [ 14.512610] ? __pfx_kthread+0x10/0x10 [ 14.512631] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.512716] ? calculate_sigpending+0x7b/0xa0 [ 14.512746] ? __pfx_kthread+0x10/0x10 [ 14.512780] ret_from_fork+0x116/0x1d0 [ 14.512799] ? __pfx_kthread+0x10/0x10 [ 14.512819] ret_from_fork_asm+0x1a/0x30 [ 14.512850] </TASK> [ 14.512859] [ 14.520853] Allocated by task 276: [ 14.521008] kasan_save_stack+0x45/0x70 [ 14.521155] kasan_save_track+0x18/0x40 [ 14.521291] kasan_save_alloc_info+0x3b/0x50 [ 14.521502] __kasan_kmalloc+0xb7/0xc0 [ 14.521692] __kmalloc_cache_noprof+0x189/0x420 [ 14.521938] kasan_strings+0xc0/0xe80 [ 14.522210] kunit_try_run_case+0x1a5/0x480 [ 14.522498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.522707] kthread+0x337/0x6f0 [ 14.522883] ret_from_fork+0x116/0x1d0 [ 14.523076] ret_from_fork_asm+0x1a/0x30 [ 14.523237] [ 14.523318] Freed by task 276: [ 14.523650] kasan_save_stack+0x45/0x70 [ 14.523870] kasan_save_track+0x18/0x40 [ 14.524038] kasan_save_free_info+0x3f/0x60 [ 14.524239] __kasan_slab_free+0x56/0x70 [ 14.524501] kfree+0x222/0x3f0 [ 14.524623] kasan_strings+0x2aa/0xe80 [ 14.524767] kunit_try_run_case+0x1a5/0x480 [ 14.524915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.525161] kthread+0x337/0x6f0 [ 14.525327] ret_from_fork+0x116/0x1d0 [ 14.525605] ret_from_fork_asm+0x1a/0x30 [ 14.525923] [ 14.526023] The buggy address belongs to the object at ffff8881038e8040 [ 14.526023] which belongs to the cache kmalloc-32 of size 32 [ 14.526643] The buggy address is located 16 bytes inside of [ 14.526643] freed 32-byte region [ffff8881038e8040, ffff8881038e8060) [ 14.527105] [ 14.527179] The buggy address belongs to the physical page: [ 14.527352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e8 [ 14.527834] flags: 0x200000000000000(node=0|zone=2) [ 14.528032] page_type: f5(slab) [ 14.528153] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.528388] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.528617] page dumped because: kasan: bad access detected [ 14.528815] [ 14.528913] Memory state around the buggy address: [ 14.529138] ffff8881038e7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.529453] ffff8881038e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.529907] >ffff8881038e8000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.530217] ^ [ 14.530402] ffff8881038e8080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.530617] ffff8881038e8100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.530842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.489274] ================================================================== [ 14.489531] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.489789] Read of size 1 at addr ffff8881038e8050 by task kunit_try_catch/276 [ 14.490234] [ 14.490365] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.490413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.490425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.490581] Call Trace: [ 14.490602] <TASK> [ 14.490615] dump_stack_lvl+0x73/0xb0 [ 14.490645] print_report+0xd1/0x610 [ 14.490669] ? __virt_addr_valid+0x1db/0x2d0 [ 14.490692] ? strlen+0x8f/0xb0 [ 14.490708] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.490733] ? strlen+0x8f/0xb0 [ 14.490750] kasan_report+0x141/0x180 [ 14.490787] ? strlen+0x8f/0xb0 [ 14.490809] __asan_report_load1_noabort+0x18/0x20 [ 14.490834] strlen+0x8f/0xb0 [ 14.490852] kasan_strings+0x57b/0xe80 [ 14.490872] ? trace_hardirqs_on+0x37/0xe0 [ 14.490896] ? __pfx_kasan_strings+0x10/0x10 [ 14.490917] ? finish_task_switch.isra.0+0x153/0x700 [ 14.490940] ? __switch_to+0x47/0xf50 [ 14.490966] ? __schedule+0x10cc/0x2b60 [ 14.490989] ? __pfx_read_tsc+0x10/0x10 [ 14.491010] ? ktime_get_ts64+0x86/0x230 [ 14.491034] kunit_try_run_case+0x1a5/0x480 [ 14.491059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.491084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.491109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.491133] ? __kthread_parkme+0x82/0x180 [ 14.491154] ? preempt_count_sub+0x50/0x80 [ 14.491178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.491203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.491254] kthread+0x337/0x6f0 [ 14.491274] ? trace_preempt_on+0x20/0xc0 [ 14.491297] ? __pfx_kthread+0x10/0x10 [ 14.491319] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.491341] ? calculate_sigpending+0x7b/0xa0 [ 14.491422] ? __pfx_kthread+0x10/0x10 [ 14.491452] ret_from_fork+0x116/0x1d0 [ 14.491471] ? __pfx_kthread+0x10/0x10 [ 14.491493] ret_from_fork_asm+0x1a/0x30 [ 14.491523] </TASK> [ 14.491533] [ 14.499230] Allocated by task 276: [ 14.499379] kasan_save_stack+0x45/0x70 [ 14.499522] kasan_save_track+0x18/0x40 [ 14.499715] kasan_save_alloc_info+0x3b/0x50 [ 14.500074] __kasan_kmalloc+0xb7/0xc0 [ 14.500293] __kmalloc_cache_noprof+0x189/0x420 [ 14.500599] kasan_strings+0xc0/0xe80 [ 14.500810] kunit_try_run_case+0x1a5/0x480 [ 14.501024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.501269] kthread+0x337/0x6f0 [ 14.501494] ret_from_fork+0x116/0x1d0 [ 14.501659] ret_from_fork_asm+0x1a/0x30 [ 14.501851] [ 14.501944] Freed by task 276: [ 14.502091] kasan_save_stack+0x45/0x70 [ 14.502260] kasan_save_track+0x18/0x40 [ 14.502405] kasan_save_free_info+0x3f/0x60 [ 14.502552] __kasan_slab_free+0x56/0x70 [ 14.502691] kfree+0x222/0x3f0 [ 14.502839] kasan_strings+0x2aa/0xe80 [ 14.503026] kunit_try_run_case+0x1a5/0x480 [ 14.503230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.503849] kthread+0x337/0x6f0 [ 14.504104] ret_from_fork+0x116/0x1d0 [ 14.504238] ret_from_fork_asm+0x1a/0x30 [ 14.504375] [ 14.504446] The buggy address belongs to the object at ffff8881038e8040 [ 14.504446] which belongs to the cache kmalloc-32 of size 32 [ 14.505476] The buggy address is located 16 bytes inside of [ 14.505476] freed 32-byte region [ffff8881038e8040, ffff8881038e8060) [ 14.505954] [ 14.506057] The buggy address belongs to the physical page: [ 14.506233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e8 [ 14.506885] flags: 0x200000000000000(node=0|zone=2) [ 14.507130] page_type: f5(slab) [ 14.507283] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.507673] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.507996] page dumped because: kasan: bad access detected [ 14.508225] [ 14.508298] Memory state around the buggy address: [ 14.508533] ffff8881038e7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.508809] ffff8881038e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.509111] >ffff8881038e8000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.509329] ^ [ 14.509547] ffff8881038e8080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.509877] ffff8881038e8100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.510164] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.461498] ================================================================== [ 14.462000] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.462277] Read of size 1 at addr ffff8881038e8050 by task kunit_try_catch/276 [ 14.462577] [ 14.462886] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.462932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.462944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.462963] Call Trace: [ 14.462976] <TASK> [ 14.462989] dump_stack_lvl+0x73/0xb0 [ 14.463018] print_report+0xd1/0x610 [ 14.463040] ? __virt_addr_valid+0x1db/0x2d0 [ 14.463063] ? kasan_strings+0xcbc/0xe80 [ 14.463083] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.463107] ? kasan_strings+0xcbc/0xe80 [ 14.463128] kasan_report+0x141/0x180 [ 14.463150] ? kasan_strings+0xcbc/0xe80 [ 14.463176] __asan_report_load1_noabort+0x18/0x20 [ 14.463204] kasan_strings+0xcbc/0xe80 [ 14.463224] ? trace_hardirqs_on+0x37/0xe0 [ 14.463247] ? __pfx_kasan_strings+0x10/0x10 [ 14.463268] ? finish_task_switch.isra.0+0x153/0x700 [ 14.463291] ? __switch_to+0x47/0xf50 [ 14.463316] ? __schedule+0x10cc/0x2b60 [ 14.463338] ? __pfx_read_tsc+0x10/0x10 [ 14.463359] ? ktime_get_ts64+0x86/0x230 [ 14.463383] kunit_try_run_case+0x1a5/0x480 [ 14.463409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.463457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.463482] ? __kthread_parkme+0x82/0x180 [ 14.463503] ? preempt_count_sub+0x50/0x80 [ 14.463526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.463603] kthread+0x337/0x6f0 [ 14.463622] ? trace_preempt_on+0x20/0xc0 [ 14.463645] ? __pfx_kthread+0x10/0x10 [ 14.463666] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.463688] ? calculate_sigpending+0x7b/0xa0 [ 14.463712] ? __pfx_kthread+0x10/0x10 [ 14.463734] ret_from_fork+0x116/0x1d0 [ 14.463752] ? __pfx_kthread+0x10/0x10 [ 14.463785] ret_from_fork_asm+0x1a/0x30 [ 14.463816] </TASK> [ 14.463825] [ 14.474252] Allocated by task 276: [ 14.474815] kasan_save_stack+0x45/0x70 [ 14.475023] kasan_save_track+0x18/0x40 [ 14.475397] kasan_save_alloc_info+0x3b/0x50 [ 14.475650] __kasan_kmalloc+0xb7/0xc0 [ 14.475943] __kmalloc_cache_noprof+0x189/0x420 [ 14.476259] kasan_strings+0xc0/0xe80 [ 14.476561] kunit_try_run_case+0x1a5/0x480 [ 14.476736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477021] kthread+0x337/0x6f0 [ 14.477185] ret_from_fork+0x116/0x1d0 [ 14.477371] ret_from_fork_asm+0x1a/0x30 [ 14.477907] [ 14.478007] Freed by task 276: [ 14.478391] kasan_save_stack+0x45/0x70 [ 14.478631] kasan_save_track+0x18/0x40 [ 14.478947] kasan_save_free_info+0x3f/0x60 [ 14.479256] __kasan_slab_free+0x56/0x70 [ 14.479826] kfree+0x222/0x3f0 [ 14.480007] kasan_strings+0x2aa/0xe80 [ 14.480155] kunit_try_run_case+0x1a5/0x480 [ 14.480376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.480937] kthread+0x337/0x6f0 [ 14.481108] ret_from_fork+0x116/0x1d0 [ 14.481250] ret_from_fork_asm+0x1a/0x30 [ 14.481782] [ 14.481890] The buggy address belongs to the object at ffff8881038e8040 [ 14.481890] which belongs to the cache kmalloc-32 of size 32 [ 14.482692] The buggy address is located 16 bytes inside of [ 14.482692] freed 32-byte region [ffff8881038e8040, ffff8881038e8060) [ 14.483185] [ 14.483273] The buggy address belongs to the physical page: [ 14.483829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e8 [ 14.484157] flags: 0x200000000000000(node=0|zone=2) [ 14.484612] page_type: f5(slab) [ 14.484804] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.485096] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.485787] page dumped because: kasan: bad access detected [ 14.486026] [ 14.486107] Memory state around the buggy address: [ 14.486333] ffff8881038e7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.486766] ffff8881038e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.487082] >ffff8881038e8000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.487369] ^ [ 14.488013] ffff8881038e8080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.488277] ffff8881038e8100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.488770] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.440444] ================================================================== [ 14.441321] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.441670] Read of size 1 at addr ffff8881038e8050 by task kunit_try_catch/276 [ 14.441987] [ 14.442100] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.442146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.442158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.442180] Call Trace: [ 14.442191] <TASK> [ 14.442207] dump_stack_lvl+0x73/0xb0 [ 14.442236] print_report+0xd1/0x610 [ 14.442259] ? __virt_addr_valid+0x1db/0x2d0 [ 14.442283] ? strcmp+0xb0/0xc0 [ 14.442299] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.442323] ? strcmp+0xb0/0xc0 [ 14.442341] kasan_report+0x141/0x180 [ 14.442363] ? strcmp+0xb0/0xc0 [ 14.442391] __asan_report_load1_noabort+0x18/0x20 [ 14.442417] strcmp+0xb0/0xc0 [ 14.442436] kasan_strings+0x431/0xe80 [ 14.442475] ? trace_hardirqs_on+0x37/0xe0 [ 14.442499] ? __pfx_kasan_strings+0x10/0x10 [ 14.442520] ? finish_task_switch.isra.0+0x153/0x700 [ 14.442544] ? __switch_to+0x47/0xf50 [ 14.442570] ? __schedule+0x10cc/0x2b60 [ 14.442593] ? __pfx_read_tsc+0x10/0x10 [ 14.442614] ? ktime_get_ts64+0x86/0x230 [ 14.442639] kunit_try_run_case+0x1a5/0x480 [ 14.442665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.442713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.442738] ? __kthread_parkme+0x82/0x180 [ 14.442771] ? preempt_count_sub+0x50/0x80 [ 14.442795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.442845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.442871] kthread+0x337/0x6f0 [ 14.442892] ? trace_preempt_on+0x20/0xc0 [ 14.442914] ? __pfx_kthread+0x10/0x10 [ 14.442935] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.442957] ? calculate_sigpending+0x7b/0xa0 [ 14.442981] ? __pfx_kthread+0x10/0x10 [ 14.443002] ret_from_fork+0x116/0x1d0 [ 14.443022] ? __pfx_kthread+0x10/0x10 [ 14.443042] ret_from_fork_asm+0x1a/0x30 [ 14.443075] </TASK> [ 14.443085] [ 14.450676] Allocated by task 276: [ 14.450872] kasan_save_stack+0x45/0x70 [ 14.451072] kasan_save_track+0x18/0x40 [ 14.451268] kasan_save_alloc_info+0x3b/0x50 [ 14.451635] __kasan_kmalloc+0xb7/0xc0 [ 14.451815] __kmalloc_cache_noprof+0x189/0x420 [ 14.452006] kasan_strings+0xc0/0xe80 [ 14.452198] kunit_try_run_case+0x1a5/0x480 [ 14.452457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.452683] kthread+0x337/0x6f0 [ 14.452860] ret_from_fork+0x116/0x1d0 [ 14.453034] ret_from_fork_asm+0x1a/0x30 [ 14.453217] [ 14.453294] Freed by task 276: [ 14.453508] kasan_save_stack+0x45/0x70 [ 14.453648] kasan_save_track+0x18/0x40 [ 14.453793] kasan_save_free_info+0x3f/0x60 [ 14.453944] __kasan_slab_free+0x56/0x70 [ 14.454079] kfree+0x222/0x3f0 [ 14.454229] kasan_strings+0x2aa/0xe80 [ 14.454602] kunit_try_run_case+0x1a5/0x480 [ 14.454833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.455087] kthread+0x337/0x6f0 [ 14.455256] ret_from_fork+0x116/0x1d0 [ 14.455397] ret_from_fork_asm+0x1a/0x30 [ 14.455535] [ 14.455605] The buggy address belongs to the object at ffff8881038e8040 [ 14.455605] which belongs to the cache kmalloc-32 of size 32 [ 14.456078] The buggy address is located 16 bytes inside of [ 14.456078] freed 32-byte region [ffff8881038e8040, ffff8881038e8060) [ 14.456809] [ 14.456893] The buggy address belongs to the physical page: [ 14.457127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e8 [ 14.457463] flags: 0x200000000000000(node=0|zone=2) [ 14.457736] page_type: f5(slab) [ 14.457912] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.458175] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.458405] page dumped because: kasan: bad access detected [ 14.458643] [ 14.458739] Memory state around the buggy address: [ 14.458974] ffff8881038e7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.459362] ffff8881038e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.459685] >ffff8881038e8000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.460015] ^ [ 14.460237] ffff8881038e8080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.460579] ffff8881038e8100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.460807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.409455] ================================================================== [ 14.410131] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.410894] Read of size 1 at addr ffff8881032dead8 by task kunit_try_catch/274 [ 14.411218] [ 14.411331] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.411698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.411711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.411733] Call Trace: [ 14.411746] <TASK> [ 14.411777] dump_stack_lvl+0x73/0xb0 [ 14.411808] print_report+0xd1/0x610 [ 14.411835] ? __virt_addr_valid+0x1db/0x2d0 [ 14.411860] ? memcmp+0x1b4/0x1d0 [ 14.411877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.411902] ? memcmp+0x1b4/0x1d0 [ 14.411919] kasan_report+0x141/0x180 [ 14.411941] ? memcmp+0x1b4/0x1d0 [ 14.411963] __asan_report_load1_noabort+0x18/0x20 [ 14.411989] memcmp+0x1b4/0x1d0 [ 14.412009] kasan_memcmp+0x18f/0x390 [ 14.412028] ? trace_hardirqs_on+0x37/0xe0 [ 14.412053] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.412074] ? finish_task_switch.isra.0+0x153/0x700 [ 14.412099] ? __switch_to+0x47/0xf50 [ 14.412128] ? __pfx_read_tsc+0x10/0x10 [ 14.412150] ? ktime_get_ts64+0x86/0x230 [ 14.412175] kunit_try_run_case+0x1a5/0x480 [ 14.412201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.412225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.412251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.412276] ? __kthread_parkme+0x82/0x180 [ 14.412297] ? preempt_count_sub+0x50/0x80 [ 14.412321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.412383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.412410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.412437] kthread+0x337/0x6f0 [ 14.412456] ? trace_preempt_on+0x20/0xc0 [ 14.412479] ? __pfx_kthread+0x10/0x10 [ 14.412500] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.412522] ? calculate_sigpending+0x7b/0xa0 [ 14.412548] ? __pfx_kthread+0x10/0x10 [ 14.412569] ret_from_fork+0x116/0x1d0 [ 14.412589] ? __pfx_kthread+0x10/0x10 [ 14.412610] ret_from_fork_asm+0x1a/0x30 [ 14.412642] </TASK> [ 14.412651] [ 14.423254] Allocated by task 274: [ 14.423448] kasan_save_stack+0x45/0x70 [ 14.423772] kasan_save_track+0x18/0x40 [ 14.423929] kasan_save_alloc_info+0x3b/0x50 [ 14.424109] __kasan_kmalloc+0xb7/0xc0 [ 14.424301] __kmalloc_cache_noprof+0x189/0x420 [ 14.424664] kasan_memcmp+0xb7/0x390 [ 14.424845] kunit_try_run_case+0x1a5/0x480 [ 14.425024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.425286] kthread+0x337/0x6f0 [ 14.425633] ret_from_fork+0x116/0x1d0 [ 14.425814] ret_from_fork_asm+0x1a/0x30 [ 14.426018] [ 14.426115] The buggy address belongs to the object at ffff8881032deac0 [ 14.426115] which belongs to the cache kmalloc-32 of size 32 [ 14.426679] The buggy address is located 0 bytes to the right of [ 14.426679] allocated 24-byte region [ffff8881032deac0, ffff8881032dead8) [ 14.427114] [ 14.427189] The buggy address belongs to the physical page: [ 14.427380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032de [ 14.427872] flags: 0x200000000000000(node=0|zone=2) [ 14.428243] page_type: f5(slab) [ 14.428468] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.428771] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.429050] page dumped because: kasan: bad access detected [ 14.429222] [ 14.429319] Memory state around the buggy address: [ 14.429697] ffff8881032de980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.430037] ffff8881032dea00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.430424] >ffff8881032dea80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.430701] ^ [ 14.430956] ffff8881032deb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.431255] ffff8881032deb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.431474] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.377341] ================================================================== [ 14.378868] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.380042] Read of size 1 at addr ffff8881039b7c4a by task kunit_try_catch/270 [ 14.380934] [ 14.381072] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.381118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.381129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.381150] Call Trace: [ 14.381162] <TASK> [ 14.381175] dump_stack_lvl+0x73/0xb0 [ 14.381207] print_report+0xd1/0x610 [ 14.381229] ? __virt_addr_valid+0x1db/0x2d0 [ 14.381252] ? kasan_alloca_oob_right+0x329/0x390 [ 14.381275] ? kasan_addr_to_slab+0x11/0xa0 [ 14.381297] ? kasan_alloca_oob_right+0x329/0x390 [ 14.381320] kasan_report+0x141/0x180 [ 14.381344] ? kasan_alloca_oob_right+0x329/0x390 [ 14.381373] __asan_report_load1_noabort+0x18/0x20 [ 14.381399] kasan_alloca_oob_right+0x329/0x390 [ 14.381422] ? __kasan_check_write+0x18/0x20 [ 14.381606] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.381636] ? finish_task_switch.isra.0+0x153/0x700 [ 14.381660] ? __schedule+0x200e/0x2b60 [ 14.381682] ? trace_hardirqs_on+0x37/0xe0 [ 14.381707] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.381777] ? __schedule+0x10cc/0x2b60 [ 14.381801] ? __pfx_read_tsc+0x10/0x10 [ 14.381822] ? ktime_get_ts64+0x86/0x230 [ 14.381847] kunit_try_run_case+0x1a5/0x480 [ 14.381874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.381897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.381922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.381946] ? __kthread_parkme+0x82/0x180 [ 14.381968] ? preempt_count_sub+0x50/0x80 [ 14.381991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.382016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.382068] kthread+0x337/0x6f0 [ 14.382087] ? trace_preempt_on+0x20/0xc0 [ 14.382110] ? __pfx_kthread+0x10/0x10 [ 14.382131] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.382154] ? calculate_sigpending+0x7b/0xa0 [ 14.382179] ? __pfx_kthread+0x10/0x10 [ 14.382203] ret_from_fork+0x116/0x1d0 [ 14.382224] ? __pfx_kthread+0x10/0x10 [ 14.382246] ret_from_fork_asm+0x1a/0x30 [ 14.382278] </TASK> [ 14.382288] [ 14.395067] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.395642] [ 14.395761] The buggy address belongs to the physical page: [ 14.396006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 14.396594] flags: 0x200000000000000(node=0|zone=2) [ 14.396918] raw: 0200000000000000 ffffea00040e6dc8 ffffea00040e6dc8 0000000000000000 [ 14.397580] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.397925] page dumped because: kasan: bad access detected [ 14.398163] [ 14.398253] Memory state around the buggy address: [ 14.398813] ffff8881039b7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.399128] ffff8881039b7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.399771] >ffff8881039b7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.400056] ^ [ 14.400304] ffff8881039b7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.400662] ffff8881039b7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.400966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.118666] ================================================================== [ 12.119292] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.119536] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/171 [ 12.119870] [ 12.120053] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.120098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.120109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.120128] Call Trace: [ 12.120139] <TASK> [ 12.120152] dump_stack_lvl+0x73/0xb0 [ 12.120181] print_report+0xd1/0x610 [ 12.120203] ? __virt_addr_valid+0x1db/0x2d0 [ 12.120225] ? page_alloc_uaf+0x356/0x3d0 [ 12.120248] ? kasan_addr_to_slab+0x11/0xa0 [ 12.120269] ? page_alloc_uaf+0x356/0x3d0 [ 12.120291] kasan_report+0x141/0x180 [ 12.120313] ? page_alloc_uaf+0x356/0x3d0 [ 12.120388] __asan_report_load1_noabort+0x18/0x20 [ 12.120417] page_alloc_uaf+0x356/0x3d0 [ 12.120447] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.120473] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.120500] kunit_try_run_case+0x1a5/0x480 [ 12.120526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.120549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.120573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.120598] ? __kthread_parkme+0x82/0x180 [ 12.120619] ? preempt_count_sub+0x50/0x80 [ 12.120643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.120668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.120693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.120718] kthread+0x337/0x6f0 [ 12.120737] ? trace_preempt_on+0x20/0xc0 [ 12.120774] ? __pfx_kthread+0x10/0x10 [ 12.120795] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.120816] ? calculate_sigpending+0x7b/0xa0 [ 12.120840] ? __pfx_kthread+0x10/0x10 [ 12.120861] ret_from_fork+0x116/0x1d0 [ 12.120880] ? __pfx_kthread+0x10/0x10 [ 12.120900] ret_from_fork_asm+0x1a/0x30 [ 12.120931] </TASK> [ 12.120941] [ 12.129289] The buggy address belongs to the physical page: [ 12.129964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 12.130290] flags: 0x200000000000000(node=0|zone=2) [ 12.130944] page_type: f0(buddy) [ 12.131407] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 12.131874] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.132197] page dumped because: kasan: bad access detected [ 12.132738] [ 12.132974] Memory state around the buggy address: [ 12.133509] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.133835] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.134126] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.134419] ^ [ 12.134570] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.135543] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.136046] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.353064] ================================================================== [ 14.353672] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.354011] Read of size 1 at addr ffff888103917c3f by task kunit_try_catch/268 [ 14.354300] [ 14.354476] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.354522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.354534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.354555] Call Trace: [ 14.354567] <TASK> [ 14.354582] dump_stack_lvl+0x73/0xb0 [ 14.354611] print_report+0xd1/0x610 [ 14.354633] ? __virt_addr_valid+0x1db/0x2d0 [ 14.354657] ? kasan_alloca_oob_left+0x320/0x380 [ 14.354680] ? kasan_addr_to_slab+0x11/0xa0 [ 14.354701] ? kasan_alloca_oob_left+0x320/0x380 [ 14.354725] kasan_report+0x141/0x180 [ 14.354747] ? kasan_alloca_oob_left+0x320/0x380 [ 14.354787] __asan_report_load1_noabort+0x18/0x20 [ 14.354813] kasan_alloca_oob_left+0x320/0x380 [ 14.354838] ? finish_task_switch.isra.0+0x153/0x700 [ 14.354863] ? __schedule+0x200e/0x2b60 [ 14.354884] ? trace_hardirqs_on+0x37/0xe0 [ 14.354908] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.354935] ? __schedule+0x10cc/0x2b60 [ 14.354957] ? __pfx_read_tsc+0x10/0x10 [ 14.354978] ? ktime_get_ts64+0x86/0x230 [ 14.355002] kunit_try_run_case+0x1a5/0x480 [ 14.355029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.355053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.355077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.355102] ? __kthread_parkme+0x82/0x180 [ 14.355123] ? preempt_count_sub+0x50/0x80 [ 14.355147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.355173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.355198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.355224] kthread+0x337/0x6f0 [ 14.355244] ? trace_preempt_on+0x20/0xc0 [ 14.355267] ? __pfx_kthread+0x10/0x10 [ 14.355289] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.355311] ? calculate_sigpending+0x7b/0xa0 [ 14.355379] ? __pfx_kthread+0x10/0x10 [ 14.355402] ret_from_fork+0x116/0x1d0 [ 14.355422] ? __pfx_kthread+0x10/0x10 [ 14.355448] ret_from_fork_asm+0x1a/0x30 [ 14.355480] </TASK> [ 14.355490] [ 14.365853] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.366086] [ 14.366158] The buggy address belongs to the physical page: [ 14.366334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 14.366581] flags: 0x200000000000000(node=0|zone=2) [ 14.366886] raw: 0200000000000000 ffffea00040e45c8 ffffea00040e45c8 0000000000000000 [ 14.367255] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.367846] page dumped because: kasan: bad access detected [ 14.368107] [ 14.368201] Memory state around the buggy address: [ 14.369511] ffff888103917b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.371002] ffff888103917b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.371742] >ffff888103917c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.371979] ^ [ 14.372145] ffff888103917c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.372361] ffff888103917d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.372575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.332732] ================================================================== [ 14.333427] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.333732] Read of size 1 at addr ffff888103937d02 by task kunit_try_catch/266 [ 14.334078] [ 14.334182] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.334226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334258] Call Trace: [ 14.334271] <TASK> [ 14.334286] dump_stack_lvl+0x73/0xb0 [ 14.334316] print_report+0xd1/0x610 [ 14.334408] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334433] ? kasan_stack_oob+0x2b5/0x300 [ 14.334453] ? kasan_addr_to_slab+0x11/0xa0 [ 14.334474] ? kasan_stack_oob+0x2b5/0x300 [ 14.334495] kasan_report+0x141/0x180 [ 14.334531] ? kasan_stack_oob+0x2b5/0x300 [ 14.334556] __asan_report_load1_noabort+0x18/0x20 [ 14.334581] kasan_stack_oob+0x2b5/0x300 [ 14.334602] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.334622] ? finish_task_switch.isra.0+0x153/0x700 [ 14.334647] ? __switch_to+0x47/0xf50 [ 14.334673] ? __schedule+0x10cc/0x2b60 [ 14.334696] ? __pfx_read_tsc+0x10/0x10 [ 14.334718] ? ktime_get_ts64+0x86/0x230 [ 14.334744] kunit_try_run_case+0x1a5/0x480 [ 14.334780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.334830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.334855] ? __kthread_parkme+0x82/0x180 [ 14.334876] ? preempt_count_sub+0x50/0x80 [ 14.334900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.334951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.334977] kthread+0x337/0x6f0 [ 14.334997] ? trace_preempt_on+0x20/0xc0 [ 14.335020] ? __pfx_kthread+0x10/0x10 [ 14.335041] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.335064] ? calculate_sigpending+0x7b/0xa0 [ 14.335089] ? __pfx_kthread+0x10/0x10 [ 14.335111] ret_from_fork+0x116/0x1d0 [ 14.335130] ? __pfx_kthread+0x10/0x10 [ 14.335150] ret_from_fork_asm+0x1a/0x30 [ 14.335181] </TASK> [ 14.335192] [ 14.342944] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.343409] and is located at offset 138 in frame: [ 14.343855] kasan_stack_oob+0x0/0x300 [ 14.344113] [ 14.344228] This frame has 4 objects: [ 14.344521] [48, 49) '__assertion' [ 14.344543] [64, 72) 'array' [ 14.344827] [96, 112) '__assertion' [ 14.345044] [128, 138) 'stack_array' [ 14.345190] [ 14.345581] The buggy address belongs to the physical page: [ 14.345773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103937 [ 14.346050] flags: 0x200000000000000(node=0|zone=2) [ 14.346293] raw: 0200000000000000 ffffea00040e4dc8 ffffea00040e4dc8 0000000000000000 [ 14.346644] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.346916] page dumped because: kasan: bad access detected [ 14.347157] [ 14.347259] Memory state around the buggy address: [ 14.347741] ffff888103937c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.348066] ffff888103937c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.348465] >ffff888103937d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.348702] ^ [ 14.348847] ffff888103937d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.349155] ffff888103937e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.349601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.302766] ================================================================== [ 14.303223] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.304840] Read of size 1 at addr ffffffffad063e8d by task kunit_try_catch/262 [ 14.305879] [ 14.306224] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.306274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306709] Call Trace: [ 14.306735] <TASK> [ 14.306751] dump_stack_lvl+0x73/0xb0 [ 14.306798] print_report+0xd1/0x610 [ 14.306821] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306845] ? kasan_global_oob_right+0x286/0x2d0 [ 14.306867] ? kasan_addr_to_slab+0x11/0xa0 [ 14.306888] ? kasan_global_oob_right+0x286/0x2d0 [ 14.306911] kasan_report+0x141/0x180 [ 14.306934] ? kasan_global_oob_right+0x286/0x2d0 [ 14.306961] __asan_report_load1_noabort+0x18/0x20 [ 14.306987] kasan_global_oob_right+0x286/0x2d0 [ 14.307010] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.307036] ? __schedule+0x10cc/0x2b60 [ 14.307060] ? __pfx_read_tsc+0x10/0x10 [ 14.307081] ? ktime_get_ts64+0x86/0x230 [ 14.307105] kunit_try_run_case+0x1a5/0x480 [ 14.307130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.307179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307204] ? __kthread_parkme+0x82/0x180 [ 14.307224] ? preempt_count_sub+0x50/0x80 [ 14.307249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307337] kthread+0x337/0x6f0 [ 14.307361] ? trace_preempt_on+0x20/0xc0 [ 14.307385] ? __pfx_kthread+0x10/0x10 [ 14.307407] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307429] ? calculate_sigpending+0x7b/0xa0 [ 14.307454] ? __pfx_kthread+0x10/0x10 [ 14.307476] ret_from_fork+0x116/0x1d0 [ 14.307495] ? __pfx_kthread+0x10/0x10 [ 14.307517] ret_from_fork_asm+0x1a/0x30 [ 14.307548] </TASK> [ 14.307558] [ 14.320182] The buggy address belongs to the variable: [ 14.320813] global_array+0xd/0x40 [ 14.321021] [ 14.321113] The buggy address belongs to the physical page: [ 14.321635] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x130263 [ 14.322120] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.322546] raw: 0200000000002000 ffffea0004c098c8 ffffea0004c098c8 0000000000000000 [ 14.322903] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.323417] page dumped because: kasan: bad access detected [ 14.323639] [ 14.323737] Memory state around the buggy address: [ 14.323936] ffffffffad063d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.324248] ffffffffad063e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.324550] >ffffffffad063e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.324875] ^ [ 14.325054] ffffffffad063f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.325381] ffffffffad063f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.325649] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.249483] ================================================================== [ 14.250031] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.250425] Free of addr ffff8881038e2401 by task kunit_try_catch/258 [ 14.250720] [ 14.250851] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.250895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.250907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.250927] Call Trace: [ 14.250939] <TASK> [ 14.250953] dump_stack_lvl+0x73/0xb0 [ 14.250984] print_report+0xd1/0x610 [ 14.251010] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.251059] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.251098] kasan_report_invalid_free+0x10a/0x130 [ 14.251123] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.251153] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.251179] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.251205] check_slab_allocation+0x11f/0x130 [ 14.251229] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.251255] mempool_free+0x2ec/0x380 [ 14.251281] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.251308] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.251337] ? kasan_save_track+0x18/0x40 [ 14.251357] ? kasan_save_alloc_info+0x3b/0x50 [ 14.251381] ? kasan_save_stack+0x45/0x70 [ 14.251405] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.251431] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.251460] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.251497] ? __pfx_mempool_kfree+0x10/0x10 [ 14.251523] ? __pfx_read_tsc+0x10/0x10 [ 14.251544] ? ktime_get_ts64+0x86/0x230 [ 14.251569] kunit_try_run_case+0x1a5/0x480 [ 14.251636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.251686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.251740] ? __kthread_parkme+0x82/0x180 [ 14.251773] ? preempt_count_sub+0x50/0x80 [ 14.251797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.251871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.251898] kthread+0x337/0x6f0 [ 14.251917] ? trace_preempt_on+0x20/0xc0 [ 14.251941] ? __pfx_kthread+0x10/0x10 [ 14.251963] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.251986] ? calculate_sigpending+0x7b/0xa0 [ 14.252010] ? __pfx_kthread+0x10/0x10 [ 14.252032] ret_from_fork+0x116/0x1d0 [ 14.252050] ? __pfx_kthread+0x10/0x10 [ 14.252072] ret_from_fork_asm+0x1a/0x30 [ 14.252103] </TASK> [ 14.252113] [ 14.262901] Allocated by task 258: [ 14.263091] kasan_save_stack+0x45/0x70 [ 14.263288] kasan_save_track+0x18/0x40 [ 14.263435] kasan_save_alloc_info+0x3b/0x50 [ 14.263590] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.263779] remove_element+0x11e/0x190 [ 14.264134] mempool_alloc_preallocated+0x4d/0x90 [ 14.264601] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.264896] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.265216] kunit_try_run_case+0x1a5/0x480 [ 14.265574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265864] kthread+0x337/0x6f0 [ 14.266044] ret_from_fork+0x116/0x1d0 [ 14.266266] ret_from_fork_asm+0x1a/0x30 [ 14.266557] [ 14.266632] The buggy address belongs to the object at ffff8881038e2400 [ 14.266632] which belongs to the cache kmalloc-128 of size 128 [ 14.267005] The buggy address is located 1 bytes inside of [ 14.267005] 128-byte region [ffff8881038e2400, ffff8881038e2480) [ 14.267823] [ 14.267977] The buggy address belongs to the physical page: [ 14.268298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 14.268935] flags: 0x200000000000000(node=0|zone=2) [ 14.269097] page_type: f5(slab) [ 14.269322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.269839] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.270291] page dumped because: kasan: bad access detected [ 14.270481] [ 14.270625] Memory state around the buggy address: [ 14.271117] ffff8881038e2300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.271480] ffff8881038e2380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.271943] >ffff8881038e2400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.272311] ^ [ 14.272522] ffff8881038e2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.272853] ffff8881038e2500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.273208] ================================================================== [ 14.278808] ================================================================== [ 14.279421] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.279905] Free of addr ffff8881029d4001 by task kunit_try_catch/260 [ 14.280216] [ 14.280316] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.280395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.280407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.280429] Call Trace: [ 14.280502] <TASK> [ 14.280556] dump_stack_lvl+0x73/0xb0 [ 14.280591] print_report+0xd1/0x610 [ 14.280614] ? __virt_addr_valid+0x1db/0x2d0 [ 14.280641] ? kasan_addr_to_slab+0x11/0xa0 [ 14.280661] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.280690] kasan_report_invalid_free+0x10a/0x130 [ 14.280715] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.280745] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.280818] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.280847] mempool_free+0x2ec/0x380 [ 14.280875] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.280903] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.280961] ? __kasan_check_write+0x18/0x20 [ 14.280983] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.281006] ? finish_task_switch.isra.0+0x153/0x700 [ 14.281034] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.281061] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.281089] ? __kasan_check_write+0x18/0x20 [ 14.281110] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.281135] ? __pfx_mempool_kfree+0x10/0x10 [ 14.281161] ? __pfx_read_tsc+0x10/0x10 [ 14.281182] ? ktime_get_ts64+0x86/0x230 [ 14.281205] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.281233] kunit_try_run_case+0x1a5/0x480 [ 14.281260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281285] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.281311] ? __kthread_parkme+0x82/0x180 [ 14.281472] ? preempt_count_sub+0x50/0x80 [ 14.281500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.281552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.281578] kthread+0x337/0x6f0 [ 14.281597] ? trace_preempt_on+0x20/0xc0 [ 14.281623] ? __pfx_kthread+0x10/0x10 [ 14.281643] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.281666] ? calculate_sigpending+0x7b/0xa0 [ 14.281691] ? __pfx_kthread+0x10/0x10 [ 14.281712] ret_from_fork+0x116/0x1d0 [ 14.281732] ? __pfx_kthread+0x10/0x10 [ 14.281768] ret_from_fork_asm+0x1a/0x30 [ 14.281800] </TASK> [ 14.281810] [ 14.292684] The buggy address belongs to the physical page: [ 14.292968] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 14.293361] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.293835] flags: 0x200000000000040(head|node=0|zone=2) [ 14.294100] page_type: f8(unknown) [ 14.294296] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.294838] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.295080] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.295378] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.295960] head: 0200000000000002 ffffea00040a7501 00000000ffffffff 00000000ffffffff [ 14.296311] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.296835] page dumped because: kasan: bad access detected [ 14.297011] [ 14.297080] Memory state around the buggy address: [ 14.297321] ffff8881029d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.297938] ffff8881029d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.298462] >ffff8881029d4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.298769] ^ [ 14.298906] ffff8881029d4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.299145] ffff8881029d4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.299856] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.198705] ================================================================== [ 14.199849] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.200175] Free of addr ffff8881029d4000 by task kunit_try_catch/254 [ 14.201060] [ 14.201184] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.201234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.201247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.201267] Call Trace: [ 14.201279] <TASK> [ 14.201295] dump_stack_lvl+0x73/0xb0 [ 14.201728] print_report+0xd1/0x610 [ 14.201781] ? __virt_addr_valid+0x1db/0x2d0 [ 14.201809] ? kasan_addr_to_slab+0x11/0xa0 [ 14.201830] ? mempool_double_free_helper+0x184/0x370 [ 14.201855] kasan_report_invalid_free+0x10a/0x130 [ 14.201881] ? mempool_double_free_helper+0x184/0x370 [ 14.201909] ? mempool_double_free_helper+0x184/0x370 [ 14.201933] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.201959] mempool_free+0x2ec/0x380 [ 14.201988] mempool_double_free_helper+0x184/0x370 [ 14.202014] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.202042] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.202065] ? finish_task_switch.isra.0+0x153/0x700 [ 14.202093] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.202119] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.202149] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.202173] ? __pfx_mempool_kfree+0x10/0x10 [ 14.202199] ? __pfx_read_tsc+0x10/0x10 [ 14.202220] ? ktime_get_ts64+0x86/0x230 [ 14.202246] kunit_try_run_case+0x1a5/0x480 [ 14.202271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.202416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.202458] ? __kthread_parkme+0x82/0x180 [ 14.202482] ? preempt_count_sub+0x50/0x80 [ 14.202507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.202532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.202558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.202584] kthread+0x337/0x6f0 [ 14.202604] ? trace_preempt_on+0x20/0xc0 [ 14.202628] ? __pfx_kthread+0x10/0x10 [ 14.202650] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.202672] ? calculate_sigpending+0x7b/0xa0 [ 14.202697] ? __pfx_kthread+0x10/0x10 [ 14.202719] ret_from_fork+0x116/0x1d0 [ 14.202738] ? __pfx_kthread+0x10/0x10 [ 14.202770] ret_from_fork_asm+0x1a/0x30 [ 14.202802] </TASK> [ 14.202813] [ 14.217666] The buggy address belongs to the physical page: [ 14.218138] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 14.218598] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.219274] flags: 0x200000000000040(head|node=0|zone=2) [ 14.219950] page_type: f8(unknown) [ 14.220216] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.220870] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.221115] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.221424] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.221865] head: 0200000000000002 ffffea00040a7501 00000000ffffffff 00000000ffffffff [ 14.222195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.222626] page dumped because: kasan: bad access detected [ 14.223125] [ 14.223202] Memory state around the buggy address: [ 14.223575] ffff8881029d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.223922] ffff8881029d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.224269] >ffff8881029d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.224695] ^ [ 14.224932] ffff8881029d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.225267] ffff8881029d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.225818] ================================================================== [ 14.153584] ================================================================== [ 14.154773] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.155555] Free of addr ffff8881038e2000 by task kunit_try_catch/252 [ 14.156537] [ 14.156829] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.156878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.156890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.156912] Call Trace: [ 14.156925] <TASK> [ 14.156940] dump_stack_lvl+0x73/0xb0 [ 14.156987] print_report+0xd1/0x610 [ 14.157011] ? __virt_addr_valid+0x1db/0x2d0 [ 14.157036] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.157074] ? mempool_double_free_helper+0x184/0x370 [ 14.157101] kasan_report_invalid_free+0x10a/0x130 [ 14.157127] ? mempool_double_free_helper+0x184/0x370 [ 14.157154] ? mempool_double_free_helper+0x184/0x370 [ 14.157179] ? mempool_double_free_helper+0x184/0x370 [ 14.157203] check_slab_allocation+0x101/0x130 [ 14.157226] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.157252] mempool_free+0x2ec/0x380 [ 14.157281] mempool_double_free_helper+0x184/0x370 [ 14.157305] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.157373] ? update_load_avg+0x1be/0x21b0 [ 14.157400] ? update_load_avg+0x1be/0x21b0 [ 14.157421] ? update_curr+0x80/0x810 [ 14.157457] ? finish_task_switch.isra.0+0x153/0x700 [ 14.157484] mempool_kmalloc_double_free+0xed/0x140 [ 14.157509] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.157538] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.157561] ? __pfx_mempool_kfree+0x10/0x10 [ 14.157587] ? __pfx_read_tsc+0x10/0x10 [ 14.157609] ? ktime_get_ts64+0x86/0x230 [ 14.157634] kunit_try_run_case+0x1a5/0x480 [ 14.157660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.157683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.157709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.157734] ? __kthread_parkme+0x82/0x180 [ 14.157765] ? preempt_count_sub+0x50/0x80 [ 14.157790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.157815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.157840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.157866] kthread+0x337/0x6f0 [ 14.157886] ? trace_preempt_on+0x20/0xc0 [ 14.157910] ? __pfx_kthread+0x10/0x10 [ 14.157931] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.157953] ? calculate_sigpending+0x7b/0xa0 [ 14.157978] ? __pfx_kthread+0x10/0x10 [ 14.158000] ret_from_fork+0x116/0x1d0 [ 14.158020] ? __pfx_kthread+0x10/0x10 [ 14.158040] ret_from_fork_asm+0x1a/0x30 [ 14.158072] </TASK> [ 14.158082] [ 14.174971] Allocated by task 252: [ 14.175207] kasan_save_stack+0x45/0x70 [ 14.175672] kasan_save_track+0x18/0x40 [ 14.176027] kasan_save_alloc_info+0x3b/0x50 [ 14.176178] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.176439] remove_element+0x11e/0x190 [ 14.176827] mempool_alloc_preallocated+0x4d/0x90 [ 14.177266] mempool_double_free_helper+0x8a/0x370 [ 14.177811] mempool_kmalloc_double_free+0xed/0x140 [ 14.178268] kunit_try_run_case+0x1a5/0x480 [ 14.178713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.179117] kthread+0x337/0x6f0 [ 14.179243] ret_from_fork+0x116/0x1d0 [ 14.179590] ret_from_fork_asm+0x1a/0x30 [ 14.180004] [ 14.180164] Freed by task 252: [ 14.180535] kasan_save_stack+0x45/0x70 [ 14.181039] kasan_save_track+0x18/0x40 [ 14.181492] kasan_save_free_info+0x3f/0x60 [ 14.181786] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.182121] mempool_free+0x2ec/0x380 [ 14.182503] mempool_double_free_helper+0x109/0x370 [ 14.182809] mempool_kmalloc_double_free+0xed/0x140 [ 14.182978] kunit_try_run_case+0x1a5/0x480 [ 14.183126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.183303] kthread+0x337/0x6f0 [ 14.183664] ret_from_fork+0x116/0x1d0 [ 14.184049] ret_from_fork_asm+0x1a/0x30 [ 14.184624] [ 14.184836] The buggy address belongs to the object at ffff8881038e2000 [ 14.184836] which belongs to the cache kmalloc-128 of size 128 [ 14.186063] The buggy address is located 0 bytes inside of [ 14.186063] 128-byte region [ffff8881038e2000, ffff8881038e2080) [ 14.187194] [ 14.187273] The buggy address belongs to the physical page: [ 14.187794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 14.188432] flags: 0x200000000000000(node=0|zone=2) [ 14.188894] page_type: f5(slab) [ 14.189021] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.189254] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.189911] page dumped because: kasan: bad access detected [ 14.190560] [ 14.190772] Memory state around the buggy address: [ 14.191210] ffff8881038e1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.191962] ffff8881038e1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192502] >ffff8881038e2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.193066] ^ [ 14.193186] ffff8881038e2080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.193559] ffff8881038e2100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.194268] ================================================================== [ 14.228898] ================================================================== [ 14.229804] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.230122] Free of addr ffff8881039c8000 by task kunit_try_catch/256 [ 14.230526] [ 14.230661] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.230706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.230717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.230739] Call Trace: [ 14.230750] <TASK> [ 14.230777] dump_stack_lvl+0x73/0xb0 [ 14.230834] print_report+0xd1/0x610 [ 14.230857] ? __virt_addr_valid+0x1db/0x2d0 [ 14.230882] ? kasan_addr_to_slab+0x11/0xa0 [ 14.230904] ? mempool_double_free_helper+0x184/0x370 [ 14.230929] kasan_report_invalid_free+0x10a/0x130 [ 14.230956] ? mempool_double_free_helper+0x184/0x370 [ 14.230983] ? mempool_double_free_helper+0x184/0x370 [ 14.231008] __kasan_mempool_poison_pages+0x115/0x130 [ 14.231034] mempool_free+0x290/0x380 [ 14.231061] mempool_double_free_helper+0x184/0x370 [ 14.231086] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.231116] ? finish_task_switch.isra.0+0x153/0x700 [ 14.231143] mempool_page_alloc_double_free+0xe8/0x140 [ 14.231170] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.231199] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.231224] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.231251] ? __pfx_read_tsc+0x10/0x10 [ 14.231272] ? ktime_get_ts64+0x86/0x230 [ 14.231296] kunit_try_run_case+0x1a5/0x480 [ 14.231321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.231379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.231404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.231428] ? __kthread_parkme+0x82/0x180 [ 14.231456] ? preempt_count_sub+0x50/0x80 [ 14.231481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.231506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.231531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.231557] kthread+0x337/0x6f0 [ 14.231578] ? trace_preempt_on+0x20/0xc0 [ 14.231601] ? __pfx_kthread+0x10/0x10 [ 14.231622] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.231645] ? calculate_sigpending+0x7b/0xa0 [ 14.231669] ? __pfx_kthread+0x10/0x10 [ 14.231691] ret_from_fork+0x116/0x1d0 [ 14.231711] ? __pfx_kthread+0x10/0x10 [ 14.231732] ret_from_fork_asm+0x1a/0x30 [ 14.231773] </TASK> [ 14.231783] [ 14.241191] The buggy address belongs to the physical page: [ 14.241617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 14.241999] flags: 0x200000000000000(node=0|zone=2) [ 14.242246] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.242742] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.243033] page dumped because: kasan: bad access detected [ 14.243225] [ 14.243318] Memory state around the buggy address: [ 14.243839] ffff8881039c7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.244176] ffff8881039c7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.244497] >ffff8881039c8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.245030] ^ [ 14.245191] ffff8881039c8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.245608] ffff8881039c8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.245973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.066282] ================================================================== [ 14.066961] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.067244] Read of size 1 at addr ffff8881039c8000 by task kunit_try_catch/246 [ 14.067586] [ 14.067691] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.067734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.067746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.067778] Call Trace: [ 14.067790] <TASK> [ 14.067804] dump_stack_lvl+0x73/0xb0 [ 14.067834] print_report+0xd1/0x610 [ 14.067856] ? __virt_addr_valid+0x1db/0x2d0 [ 14.067879] ? mempool_uaf_helper+0x392/0x400 [ 14.067903] ? kasan_addr_to_slab+0x11/0xa0 [ 14.067924] ? mempool_uaf_helper+0x392/0x400 [ 14.067949] kasan_report+0x141/0x180 [ 14.067974] ? mempool_uaf_helper+0x392/0x400 [ 14.068002] __asan_report_load1_noabort+0x18/0x20 [ 14.068029] mempool_uaf_helper+0x392/0x400 [ 14.068053] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.068076] ? update_load_avg+0x1be/0x21b0 [ 14.068101] ? update_load_avg+0x1be/0x21b0 [ 14.068122] ? update_curr+0x80/0x810 [ 14.068145] ? finish_task_switch.isra.0+0x153/0x700 [ 14.068172] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.068199] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.068226] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.068251] ? __pfx_mempool_kfree+0x10/0x10 [ 14.068277] ? __pfx_read_tsc+0x10/0x10 [ 14.068299] ? ktime_get_ts64+0x86/0x230 [ 14.068323] kunit_try_run_case+0x1a5/0x480 [ 14.068349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.068373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.068398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.068422] ? __kthread_parkme+0x82/0x180 [ 14.068443] ? preempt_count_sub+0x50/0x80 [ 14.068475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.068501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.068553] kthread+0x337/0x6f0 [ 14.068573] ? trace_preempt_on+0x20/0xc0 [ 14.068597] ? __pfx_kthread+0x10/0x10 [ 14.068618] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.068640] ? calculate_sigpending+0x7b/0xa0 [ 14.068664] ? __pfx_kthread+0x10/0x10 [ 14.068687] ret_from_fork+0x116/0x1d0 [ 14.068706] ? __pfx_kthread+0x10/0x10 [ 14.068727] ret_from_fork_asm+0x1a/0x30 [ 14.068769] </TASK> [ 14.068779] [ 14.076845] The buggy address belongs to the physical page: [ 14.077062] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 14.077317] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.077746] flags: 0x200000000000040(head|node=0|zone=2) [ 14.078008] page_type: f8(unknown) [ 14.078146] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.078378] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.078610] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.078957] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.079297] head: 0200000000000002 ffffea00040e7201 00000000ffffffff 00000000ffffffff [ 14.079719] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.079985] page dumped because: kasan: bad access detected [ 14.080240] [ 14.080334] Memory state around the buggy address: [ 14.080599] ffff8881039c7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.080827] ffff8881039c7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.081044] >ffff8881039c8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.081362] ^ [ 14.081647] ffff8881039c8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.081979] ffff8881039c8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.082262] ================================================================== [ 14.124644] ================================================================== [ 14.125080] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.125313] Read of size 1 at addr ffff8881029d4000 by task kunit_try_catch/250 [ 14.126047] [ 14.126240] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.126288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.126301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.126335] Call Trace: [ 14.126348] <TASK> [ 14.126366] dump_stack_lvl+0x73/0xb0 [ 14.126402] print_report+0xd1/0x610 [ 14.126424] ? __virt_addr_valid+0x1db/0x2d0 [ 14.126510] ? mempool_uaf_helper+0x392/0x400 [ 14.126534] ? kasan_addr_to_slab+0x11/0xa0 [ 14.126568] ? mempool_uaf_helper+0x392/0x400 [ 14.126590] kasan_report+0x141/0x180 [ 14.126614] ? mempool_uaf_helper+0x392/0x400 [ 14.126643] __asan_report_load1_noabort+0x18/0x20 [ 14.126668] mempool_uaf_helper+0x392/0x400 [ 14.126692] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.126715] ? update_load_avg+0x1be/0x21b0 [ 14.126748] ? dequeue_entities+0x27e/0x1740 [ 14.126788] ? finish_task_switch.isra.0+0x153/0x700 [ 14.126816] mempool_page_alloc_uaf+0xed/0x140 [ 14.126840] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.126868] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.126896] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.126924] ? __pfx_read_tsc+0x10/0x10 [ 14.126946] ? ktime_get_ts64+0x86/0x230 [ 14.126971] kunit_try_run_case+0x1a5/0x480 [ 14.126998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.127047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.127071] ? __kthread_parkme+0x82/0x180 [ 14.127093] ? preempt_count_sub+0x50/0x80 [ 14.127116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.127166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.127193] kthread+0x337/0x6f0 [ 14.127212] ? trace_preempt_on+0x20/0xc0 [ 14.127237] ? __pfx_kthread+0x10/0x10 [ 14.127258] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.127280] ? calculate_sigpending+0x7b/0xa0 [ 14.127304] ? __pfx_kthread+0x10/0x10 [ 14.127327] ret_from_fork+0x116/0x1d0 [ 14.127426] ? __pfx_kthread+0x10/0x10 [ 14.127460] ret_from_fork_asm+0x1a/0x30 [ 14.127493] </TASK> [ 14.127503] [ 14.142314] The buggy address belongs to the physical page: [ 14.142837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 14.143089] flags: 0x200000000000000(node=0|zone=2) [ 14.143267] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.143992] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.144693] page dumped because: kasan: bad access detected [ 14.145305] [ 14.145544] Memory state around the buggy address: [ 14.146008] ffff8881029d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.146669] ffff8881029d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.147094] >ffff8881029d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.147312] ^ [ 14.147772] ffff8881029d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.148438] ffff8881029d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.149137] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.041937] ================================================================== [ 14.042369] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.042694] Read of size 1 at addr ffff888102afcc00 by task kunit_try_catch/244 [ 14.043138] [ 14.043259] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.043304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.043317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.043352] Call Trace: [ 14.043364] <TASK> [ 14.043378] dump_stack_lvl+0x73/0xb0 [ 14.043408] print_report+0xd1/0x610 [ 14.043431] ? __virt_addr_valid+0x1db/0x2d0 [ 14.043463] ? mempool_uaf_helper+0x392/0x400 [ 14.043486] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.043511] ? mempool_uaf_helper+0x392/0x400 [ 14.043534] kasan_report+0x141/0x180 [ 14.043557] ? mempool_uaf_helper+0x392/0x400 [ 14.043584] __asan_report_load1_noabort+0x18/0x20 [ 14.043610] mempool_uaf_helper+0x392/0x400 [ 14.043633] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.043661] ? finish_task_switch.isra.0+0x153/0x700 [ 14.043689] mempool_kmalloc_uaf+0xef/0x140 [ 14.043712] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.043740] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.043777] ? __pfx_mempool_kfree+0x10/0x10 [ 14.043803] ? __pfx_read_tsc+0x10/0x10 [ 14.043824] ? ktime_get_ts64+0x86/0x230 [ 14.043849] kunit_try_run_case+0x1a5/0x480 [ 14.043875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.043899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.043925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.043949] ? __kthread_parkme+0x82/0x180 [ 14.043971] ? preempt_count_sub+0x50/0x80 [ 14.043994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.044019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.044045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.044071] kthread+0x337/0x6f0 [ 14.044090] ? trace_preempt_on+0x20/0xc0 [ 14.044114] ? __pfx_kthread+0x10/0x10 [ 14.044135] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.044157] ? calculate_sigpending+0x7b/0xa0 [ 14.044182] ? __pfx_kthread+0x10/0x10 [ 14.044204] ret_from_fork+0x116/0x1d0 [ 14.044223] ? __pfx_kthread+0x10/0x10 [ 14.044244] ret_from_fork_asm+0x1a/0x30 [ 14.044276] </TASK> [ 14.044286] [ 14.051509] Allocated by task 244: [ 14.051709] kasan_save_stack+0x45/0x70 [ 14.052125] kasan_save_track+0x18/0x40 [ 14.052318] kasan_save_alloc_info+0x3b/0x50 [ 14.052491] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.052667] remove_element+0x11e/0x190 [ 14.052877] mempool_alloc_preallocated+0x4d/0x90 [ 14.053106] mempool_uaf_helper+0x96/0x400 [ 14.053316] mempool_kmalloc_uaf+0xef/0x140 [ 14.053523] kunit_try_run_case+0x1a5/0x480 [ 14.053744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.053994] kthread+0x337/0x6f0 [ 14.054165] ret_from_fork+0x116/0x1d0 [ 14.054296] ret_from_fork_asm+0x1a/0x30 [ 14.054516] [ 14.054612] Freed by task 244: [ 14.054782] kasan_save_stack+0x45/0x70 [ 14.054955] kasan_save_track+0x18/0x40 [ 14.055147] kasan_save_free_info+0x3f/0x60 [ 14.055303] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.055474] mempool_free+0x2ec/0x380 [ 14.055608] mempool_uaf_helper+0x11a/0x400 [ 14.055767] mempool_kmalloc_uaf+0xef/0x140 [ 14.055980] kunit_try_run_case+0x1a5/0x480 [ 14.056187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.056463] kthread+0x337/0x6f0 [ 14.056633] ret_from_fork+0x116/0x1d0 [ 14.056830] ret_from_fork_asm+0x1a/0x30 [ 14.057028] [ 14.057122] The buggy address belongs to the object at ffff888102afcc00 [ 14.057122] which belongs to the cache kmalloc-128 of size 128 [ 14.057594] The buggy address is located 0 bytes inside of [ 14.057594] freed 128-byte region [ffff888102afcc00, ffff888102afcc80) [ 14.057995] [ 14.058065] The buggy address belongs to the physical page: [ 14.058284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 14.058878] flags: 0x200000000000000(node=0|zone=2) [ 14.059073] page_type: f5(slab) [ 14.059252] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.059607] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.059922] page dumped because: kasan: bad access detected [ 14.060114] [ 14.060183] Memory state around the buggy address: [ 14.060406] ffff888102afcb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.060779] ffff888102afcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.060995] >ffff888102afcc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.061322] ^ [ 14.061488] ffff888102afcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.061976] ffff888102afcd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.062188] ================================================================== [ 14.086512] ================================================================== [ 14.087017] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.087319] Read of size 1 at addr ffff8881038e2240 by task kunit_try_catch/248 [ 14.087633] [ 14.087730] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.087784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.087796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.087817] Call Trace: [ 14.087828] <TASK> [ 14.087842] dump_stack_lvl+0x73/0xb0 [ 14.087875] print_report+0xd1/0x610 [ 14.087902] ? __virt_addr_valid+0x1db/0x2d0 [ 14.087927] ? mempool_uaf_helper+0x392/0x400 [ 14.087951] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.087976] ? mempool_uaf_helper+0x392/0x400 [ 14.088000] kasan_report+0x141/0x180 [ 14.088024] ? mempool_uaf_helper+0x392/0x400 [ 14.088052] __asan_report_load1_noabort+0x18/0x20 [ 14.088079] mempool_uaf_helper+0x392/0x400 [ 14.088103] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.088126] ? update_load_avg+0x1be/0x21b0 [ 14.088155] ? finish_task_switch.isra.0+0x153/0x700 [ 14.088182] mempool_slab_uaf+0xea/0x140 [ 14.088206] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.088231] ? __kasan_check_write+0x18/0x20 [ 14.088255] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.088282] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.088309] ? __pfx_read_tsc+0x10/0x10 [ 14.088331] ? ktime_get_ts64+0x86/0x230 [ 14.088353] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.088383] kunit_try_run_case+0x1a5/0x480 [ 14.088409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088435] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.088461] ? __kthread_parkme+0x82/0x180 [ 14.088483] ? preempt_count_sub+0x50/0x80 [ 14.088507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.088532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.088559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.088585] kthread+0x337/0x6f0 [ 14.088605] ? trace_preempt_on+0x20/0xc0 [ 14.088628] ? __pfx_kthread+0x10/0x10 [ 14.088650] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.088780] ? calculate_sigpending+0x7b/0xa0 [ 14.088806] ? __pfx_kthread+0x10/0x10 [ 14.088829] ret_from_fork+0x116/0x1d0 [ 14.088848] ? __pfx_kthread+0x10/0x10 [ 14.088870] ret_from_fork_asm+0x1a/0x30 [ 14.088900] </TASK> [ 14.088911] [ 14.097122] Allocated by task 248: [ 14.097330] kasan_save_stack+0x45/0x70 [ 14.097727] kasan_save_track+0x18/0x40 [ 14.097886] kasan_save_alloc_info+0x3b/0x50 [ 14.098040] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.098260] remove_element+0x11e/0x190 [ 14.098688] mempool_alloc_preallocated+0x4d/0x90 [ 14.098920] mempool_uaf_helper+0x96/0x400 [ 14.099112] mempool_slab_uaf+0xea/0x140 [ 14.099295] kunit_try_run_case+0x1a5/0x480 [ 14.099559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.099806] kthread+0x337/0x6f0 [ 14.099967] ret_from_fork+0x116/0x1d0 [ 14.100134] ret_from_fork_asm+0x1a/0x30 [ 14.100322] [ 14.100620] Freed by task 248: [ 14.100782] kasan_save_stack+0x45/0x70 [ 14.100941] kasan_save_track+0x18/0x40 [ 14.101123] kasan_save_free_info+0x3f/0x60 [ 14.101311] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.101485] mempool_free+0x2ec/0x380 [ 14.101619] mempool_uaf_helper+0x11a/0x400 [ 14.101774] mempool_slab_uaf+0xea/0x140 [ 14.101913] kunit_try_run_case+0x1a5/0x480 [ 14.102066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102244] kthread+0x337/0x6f0 [ 14.102934] ret_from_fork+0x116/0x1d0 [ 14.103246] ret_from_fork_asm+0x1a/0x30 [ 14.105858] [ 14.105962] The buggy address belongs to the object at ffff8881038e2240 [ 14.105962] which belongs to the cache test_cache of size 123 [ 14.107387] The buggy address is located 0 bytes inside of [ 14.107387] freed 123-byte region [ffff8881038e2240, ffff8881038e22bb) [ 14.107831] [ 14.107908] The buggy address belongs to the physical page: [ 14.108077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e2 [ 14.108312] flags: 0x200000000000000(node=0|zone=2) [ 14.108471] page_type: f5(slab) [ 14.108590] raw: 0200000000000000 ffff8881038d9280 dead000000000122 0000000000000000 [ 14.109654] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.109992] page dumped because: kasan: bad access detected [ 14.110170] [ 14.110247] Memory state around the buggy address: [ 14.110558] ffff8881038e2100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.110800] ffff8881038e2180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.111011] >ffff8881038e2200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.111251] ^ [ 14.111551] ffff8881038e2280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.112462] ffff8881038e2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.112707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.961773] ================================================================== [ 13.962240] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.963170] Read of size 1 at addr ffff888102afc873 by task kunit_try_catch/238 [ 13.963636] [ 13.964001] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.964054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.964067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.964092] Call Trace: [ 13.964106] <TASK> [ 13.964126] dump_stack_lvl+0x73/0xb0 [ 13.964316] print_report+0xd1/0x610 [ 13.964388] ? __virt_addr_valid+0x1db/0x2d0 [ 13.964414] ? mempool_oob_right_helper+0x318/0x380 [ 13.964453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.964478] ? mempool_oob_right_helper+0x318/0x380 [ 13.964502] kasan_report+0x141/0x180 [ 13.964525] ? mempool_oob_right_helper+0x318/0x380 [ 13.964554] __asan_report_load1_noabort+0x18/0x20 [ 13.964580] mempool_oob_right_helper+0x318/0x380 [ 13.964606] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.964634] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.964658] ? finish_task_switch.isra.0+0x153/0x700 [ 13.964686] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.964710] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.964738] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.964779] ? __pfx_mempool_kfree+0x10/0x10 [ 13.964804] ? __pfx_read_tsc+0x10/0x10 [ 13.964827] ? ktime_get_ts64+0x86/0x230 [ 13.964852] kunit_try_run_case+0x1a5/0x480 [ 13.964879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.964903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.964929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.964954] ? __kthread_parkme+0x82/0x180 [ 13.964976] ? preempt_count_sub+0x50/0x80 [ 13.964999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.965023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.965075] kthread+0x337/0x6f0 [ 13.965095] ? trace_preempt_on+0x20/0xc0 [ 13.965119] ? __pfx_kthread+0x10/0x10 [ 13.965139] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.965162] ? calculate_sigpending+0x7b/0xa0 [ 13.965188] ? __pfx_kthread+0x10/0x10 [ 13.965210] ret_from_fork+0x116/0x1d0 [ 13.965229] ? __pfx_kthread+0x10/0x10 [ 13.965250] ret_from_fork_asm+0x1a/0x30 [ 13.965281] </TASK> [ 13.965292] [ 13.977550] Allocated by task 238: [ 13.977728] kasan_save_stack+0x45/0x70 [ 13.977979] kasan_save_track+0x18/0x40 [ 13.978453] kasan_save_alloc_info+0x3b/0x50 [ 13.978695] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.979116] remove_element+0x11e/0x190 [ 13.979313] mempool_alloc_preallocated+0x4d/0x90 [ 13.979658] mempool_oob_right_helper+0x8a/0x380 [ 13.979886] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.980101] kunit_try_run_case+0x1a5/0x480 [ 13.980296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.980847] kthread+0x337/0x6f0 [ 13.981082] ret_from_fork+0x116/0x1d0 [ 13.981292] ret_from_fork_asm+0x1a/0x30 [ 13.981696] [ 13.981818] The buggy address belongs to the object at ffff888102afc800 [ 13.981818] which belongs to the cache kmalloc-128 of size 128 [ 13.982269] The buggy address is located 0 bytes to the right of [ 13.982269] allocated 115-byte region [ffff888102afc800, ffff888102afc873) [ 13.982885] [ 13.982960] The buggy address belongs to the physical page: [ 13.983322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 13.983914] flags: 0x200000000000000(node=0|zone=2) [ 13.984194] page_type: f5(slab) [ 13.984413] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.984886] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.985199] page dumped because: kasan: bad access detected [ 13.985466] [ 13.985655] Memory state around the buggy address: [ 13.985912] ffff888102afc700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.986248] ffff888102afc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.986682] >ffff888102afc800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.987136] ^ [ 13.987443] ffff888102afc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.987833] ffff888102afc900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.988109] ================================================================== [ 13.991550] ================================================================== [ 13.992105] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.992624] Read of size 1 at addr ffff8881029d2001 by task kunit_try_catch/240 [ 13.992879] [ 13.993217] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.993264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.993276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.993299] Call Trace: [ 13.993312] <TASK> [ 13.993328] dump_stack_lvl+0x73/0xb0 [ 13.993435] print_report+0xd1/0x610 [ 13.993459] ? __virt_addr_valid+0x1db/0x2d0 [ 13.993483] ? mempool_oob_right_helper+0x318/0x380 [ 13.993532] ? kasan_addr_to_slab+0x11/0xa0 [ 13.993554] ? mempool_oob_right_helper+0x318/0x380 [ 13.993578] kasan_report+0x141/0x180 [ 13.993600] ? mempool_oob_right_helper+0x318/0x380 [ 13.993628] __asan_report_load1_noabort+0x18/0x20 [ 13.993654] mempool_oob_right_helper+0x318/0x380 [ 13.993680] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.993707] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.993731] ? finish_task_switch.isra.0+0x153/0x700 [ 13.993768] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.993795] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.993825] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.993850] ? __pfx_mempool_kfree+0x10/0x10 [ 13.993877] ? __pfx_read_tsc+0x10/0x10 [ 13.993899] ? ktime_get_ts64+0x86/0x230 [ 13.993924] kunit_try_run_case+0x1a5/0x480 [ 13.993949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.993973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.993998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.994023] ? __kthread_parkme+0x82/0x180 [ 13.994045] ? preempt_count_sub+0x50/0x80 [ 13.994068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.994144] kthread+0x337/0x6f0 [ 13.994164] ? trace_preempt_on+0x20/0xc0 [ 13.994187] ? __pfx_kthread+0x10/0x10 [ 13.994208] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.994231] ? calculate_sigpending+0x7b/0xa0 [ 13.994257] ? __pfx_kthread+0x10/0x10 [ 13.994278] ret_from_fork+0x116/0x1d0 [ 13.994298] ? __pfx_kthread+0x10/0x10 [ 13.994319] ret_from_fork_asm+0x1a/0x30 [ 13.994359] </TASK> [ 13.994369] [ 14.003085] The buggy address belongs to the physical page: [ 14.003325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 14.003966] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.004283] flags: 0x200000000000040(head|node=0|zone=2) [ 14.004726] page_type: f8(unknown) [ 14.004929] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.005163] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.005516] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.006347] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.006592] head: 0200000000000002 ffffea00040a7401 00000000ffffffff 00000000ffffffff [ 14.007011] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.007462] page dumped because: kasan: bad access detected [ 14.007724] [ 14.007817] Memory state around the buggy address: [ 14.008038] ffff8881029d1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.008325] ffff8881029d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.008776] >ffff8881029d2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.009031] ^ [ 14.009149] ffff8881029d2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.009691] ffff8881029d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.010008] ================================================================== [ 14.014311] ================================================================== [ 14.015038] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.015369] Read of size 1 at addr ffff8881038e02bb by task kunit_try_catch/242 [ 14.015745] [ 14.015948] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.015997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.016009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.016029] Call Trace: [ 14.016042] <TASK> [ 14.016059] dump_stack_lvl+0x73/0xb0 [ 14.016089] print_report+0xd1/0x610 [ 14.016111] ? __virt_addr_valid+0x1db/0x2d0 [ 14.016135] ? mempool_oob_right_helper+0x318/0x380 [ 14.016159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.016183] ? mempool_oob_right_helper+0x318/0x380 [ 14.016208] kasan_report+0x141/0x180 [ 14.016230] ? mempool_oob_right_helper+0x318/0x380 [ 14.016259] __asan_report_load1_noabort+0x18/0x20 [ 14.016284] mempool_oob_right_helper+0x318/0x380 [ 14.016310] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.016382] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.016407] ? finish_task_switch.isra.0+0x153/0x700 [ 14.016434] mempool_slab_oob_right+0xed/0x140 [ 14.016467] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.016495] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.016521] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.016547] ? __pfx_read_tsc+0x10/0x10 [ 14.016568] ? ktime_get_ts64+0x86/0x230 [ 14.016592] kunit_try_run_case+0x1a5/0x480 [ 14.016618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.016641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.016666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.016691] ? __kthread_parkme+0x82/0x180 [ 14.016712] ? preempt_count_sub+0x50/0x80 [ 14.016735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.016773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.016798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.016825] kthread+0x337/0x6f0 [ 14.016844] ? trace_preempt_on+0x20/0xc0 [ 14.016867] ? __pfx_kthread+0x10/0x10 [ 14.016888] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.016911] ? calculate_sigpending+0x7b/0xa0 [ 14.016935] ? __pfx_kthread+0x10/0x10 [ 14.016956] ret_from_fork+0x116/0x1d0 [ 14.016975] ? __pfx_kthread+0x10/0x10 [ 14.016996] ret_from_fork_asm+0x1a/0x30 [ 14.017026] </TASK> [ 14.017037] [ 14.025720] Allocated by task 242: [ 14.025926] kasan_save_stack+0x45/0x70 [ 14.026086] kasan_save_track+0x18/0x40 [ 14.026282] kasan_save_alloc_info+0x3b/0x50 [ 14.026542] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.026801] remove_element+0x11e/0x190 [ 14.027000] mempool_alloc_preallocated+0x4d/0x90 [ 14.027199] mempool_oob_right_helper+0x8a/0x380 [ 14.027455] mempool_slab_oob_right+0xed/0x140 [ 14.027614] kunit_try_run_case+0x1a5/0x480 [ 14.027775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.027958] kthread+0x337/0x6f0 [ 14.028126] ret_from_fork+0x116/0x1d0 [ 14.028337] ret_from_fork_asm+0x1a/0x30 [ 14.028700] [ 14.028818] The buggy address belongs to the object at ffff8881038e0240 [ 14.028818] which belongs to the cache test_cache of size 123 [ 14.029209] The buggy address is located 0 bytes to the right of [ 14.029209] allocated 123-byte region [ffff8881038e0240, ffff8881038e02bb) [ 14.030169] [ 14.030272] The buggy address belongs to the physical page: [ 14.030646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038e0 [ 14.030978] flags: 0x200000000000000(node=0|zone=2) [ 14.031184] page_type: f5(slab) [ 14.031342] raw: 0200000000000000 ffff8881038d9140 dead000000000122 0000000000000000 [ 14.031895] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.032197] page dumped because: kasan: bad access detected [ 14.032577] [ 14.032654] Memory state around the buggy address: [ 14.032832] ffff8881038e0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.033073] ffff8881038e0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.033394] >ffff8881038e0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.033829] ^ [ 14.034000] ffff8881038e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.034222] ffff8881038e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.034892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.396306] ================================================================== [ 13.396787] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.397180] Read of size 1 at addr ffff888101bdedc0 by task kunit_try_catch/232 [ 13.397455] [ 13.397621] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.397667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.397679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.397701] Call Trace: [ 13.397714] <TASK> [ 13.397729] dump_stack_lvl+0x73/0xb0 [ 13.397772] print_report+0xd1/0x610 [ 13.397795] ? __virt_addr_valid+0x1db/0x2d0 [ 13.397819] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.397845] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.397870] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.397895] kasan_report+0x141/0x180 [ 13.397918] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.397946] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.397972] __kasan_check_byte+0x3d/0x50 [ 13.397994] kmem_cache_destroy+0x25/0x1d0 [ 13.398018] kmem_cache_double_destroy+0x1bf/0x380 [ 13.398083] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.398109] ? finish_task_switch.isra.0+0x153/0x700 [ 13.398133] ? __switch_to+0x47/0xf50 [ 13.398162] ? __pfx_read_tsc+0x10/0x10 [ 13.398184] ? ktime_get_ts64+0x86/0x230 [ 13.398209] kunit_try_run_case+0x1a5/0x480 [ 13.398235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.398258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.398284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.398309] ? __kthread_parkme+0x82/0x180 [ 13.398330] ? preempt_count_sub+0x50/0x80 [ 13.398353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.398379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.398409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.398435] kthread+0x337/0x6f0 [ 13.398456] ? trace_preempt_on+0x20/0xc0 [ 13.398480] ? __pfx_kthread+0x10/0x10 [ 13.398501] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.398541] ? calculate_sigpending+0x7b/0xa0 [ 13.398568] ? __pfx_kthread+0x10/0x10 [ 13.398589] ret_from_fork+0x116/0x1d0 [ 13.398609] ? __pfx_kthread+0x10/0x10 [ 13.398630] ret_from_fork_asm+0x1a/0x30 [ 13.398662] </TASK> [ 13.398672] [ 13.407501] Allocated by task 232: [ 13.407694] kasan_save_stack+0x45/0x70 [ 13.407886] kasan_save_track+0x18/0x40 [ 13.408078] kasan_save_alloc_info+0x3b/0x50 [ 13.408310] __kasan_slab_alloc+0x91/0xa0 [ 13.408600] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.408832] __kmem_cache_create_args+0x169/0x240 [ 13.409058] kmem_cache_double_destroy+0xd5/0x380 [ 13.409310] kunit_try_run_case+0x1a5/0x480 [ 13.409628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.409889] kthread+0x337/0x6f0 [ 13.410047] ret_from_fork+0x116/0x1d0 [ 13.410180] ret_from_fork_asm+0x1a/0x30 [ 13.410319] [ 13.410538] Freed by task 232: [ 13.410729] kasan_save_stack+0x45/0x70 [ 13.410942] kasan_save_track+0x18/0x40 [ 13.411158] kasan_save_free_info+0x3f/0x60 [ 13.411493] __kasan_slab_free+0x56/0x70 [ 13.411708] kmem_cache_free+0x249/0x420 [ 13.411864] slab_kmem_cache_release+0x2e/0x40 [ 13.412018] kmem_cache_release+0x16/0x20 [ 13.412178] kobject_put+0x181/0x450 [ 13.412471] sysfs_slab_release+0x16/0x20 [ 13.412720] kmem_cache_destroy+0xf0/0x1d0 [ 13.412982] kmem_cache_double_destroy+0x14e/0x380 [ 13.413260] kunit_try_run_case+0x1a5/0x480 [ 13.413534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.413716] kthread+0x337/0x6f0 [ 13.413882] ret_from_fork+0x116/0x1d0 [ 13.414097] ret_from_fork_asm+0x1a/0x30 [ 13.414318] [ 13.414455] The buggy address belongs to the object at ffff888101bdedc0 [ 13.414455] which belongs to the cache kmem_cache of size 208 [ 13.415420] The buggy address is located 0 bytes inside of [ 13.415420] freed 208-byte region [ffff888101bdedc0, ffff888101bdee90) [ 13.416123] [ 13.416216] The buggy address belongs to the physical page: [ 13.416394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bde [ 13.416851] flags: 0x200000000000000(node=0|zone=2) [ 13.417116] page_type: f5(slab) [ 13.417408] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.417786] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.418047] page dumped because: kasan: bad access detected [ 13.418274] [ 13.418615] Memory state around the buggy address: [ 13.418868] ffff888101bdec80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.419100] ffff888101bded00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.419316] >ffff888101bded80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.419620] ^ [ 13.420063] ffff888101bdee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.420463] ffff888101bdee80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.420690] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.344522] ================================================================== [ 13.345018] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.345861] Read of size 1 at addr ffff8881032d8000 by task kunit_try_catch/230 [ 13.346328] [ 13.346953] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.347027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.347040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.347061] Call Trace: [ 13.347074] <TASK> [ 13.347093] dump_stack_lvl+0x73/0xb0 [ 13.347128] print_report+0xd1/0x610 [ 13.347151] ? __virt_addr_valid+0x1db/0x2d0 [ 13.347177] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.347200] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.347224] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.347247] kasan_report+0x141/0x180 [ 13.347269] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.347297] __asan_report_load1_noabort+0x18/0x20 [ 13.347322] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.347426] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.347450] ? finish_task_switch.isra.0+0x153/0x700 [ 13.347475] ? __switch_to+0x47/0xf50 [ 13.347504] ? __pfx_read_tsc+0x10/0x10 [ 13.347526] ? ktime_get_ts64+0x86/0x230 [ 13.347551] kunit_try_run_case+0x1a5/0x480 [ 13.347577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.347600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.347625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.347649] ? __kthread_parkme+0x82/0x180 [ 13.347670] ? preempt_count_sub+0x50/0x80 [ 13.347693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.347718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.347742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.347781] kthread+0x337/0x6f0 [ 13.347800] ? trace_preempt_on+0x20/0xc0 [ 13.347824] ? __pfx_kthread+0x10/0x10 [ 13.347845] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.347866] ? calculate_sigpending+0x7b/0xa0 [ 13.347891] ? __pfx_kthread+0x10/0x10 [ 13.347913] ret_from_fork+0x116/0x1d0 [ 13.347931] ? __pfx_kthread+0x10/0x10 [ 13.347951] ret_from_fork_asm+0x1a/0x30 [ 13.347983] </TASK> [ 13.347993] [ 13.359728] Allocated by task 230: [ 13.359880] kasan_save_stack+0x45/0x70 [ 13.360028] kasan_save_track+0x18/0x40 [ 13.360175] kasan_save_alloc_info+0x3b/0x50 [ 13.360474] __kasan_slab_alloc+0x91/0xa0 [ 13.360792] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.361007] kmem_cache_rcu_uaf+0x155/0x510 [ 13.361715] kunit_try_run_case+0x1a5/0x480 [ 13.361931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.362130] kthread+0x337/0x6f0 [ 13.362292] ret_from_fork+0x116/0x1d0 [ 13.362558] ret_from_fork_asm+0x1a/0x30 [ 13.362765] [ 13.362861] Freed by task 0: [ 13.362989] kasan_save_stack+0x45/0x70 [ 13.363173] kasan_save_track+0x18/0x40 [ 13.363354] kasan_save_free_info+0x3f/0x60 [ 13.364051] __kasan_slab_free+0x56/0x70 [ 13.364258] slab_free_after_rcu_debug+0xe4/0x310 [ 13.364631] rcu_core+0x66f/0x1c40 [ 13.365005] rcu_core_si+0x12/0x20 [ 13.365190] handle_softirqs+0x209/0x730 [ 13.365599] __irq_exit_rcu+0xc9/0x110 [ 13.365794] irq_exit_rcu+0x12/0x20 [ 13.365981] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.366306] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.366769] [ 13.366876] Last potentially related work creation: [ 13.367218] kasan_save_stack+0x45/0x70 [ 13.367488] kasan_record_aux_stack+0xb2/0xc0 [ 13.368004] kmem_cache_free+0x131/0x420 [ 13.368208] kmem_cache_rcu_uaf+0x194/0x510 [ 13.368359] kunit_try_run_case+0x1a5/0x480 [ 13.368652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.368918] kthread+0x337/0x6f0 [ 13.369076] ret_from_fork+0x116/0x1d0 [ 13.369252] ret_from_fork_asm+0x1a/0x30 [ 13.369829] [ 13.369927] The buggy address belongs to the object at ffff8881032d8000 [ 13.369927] which belongs to the cache test_cache of size 200 [ 13.370907] The buggy address is located 0 bytes inside of [ 13.370907] freed 200-byte region [ffff8881032d8000, ffff8881032d80c8) [ 13.371533] [ 13.371633] The buggy address belongs to the physical page: [ 13.371879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032d8 [ 13.372244] flags: 0x200000000000000(node=0|zone=2) [ 13.372877] page_type: f5(slab) [ 13.373033] raw: 0200000000000000 ffff8881032d5000 dead000000000122 0000000000000000 [ 13.373560] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.373888] page dumped because: kasan: bad access detected [ 13.374115] [ 13.374198] Memory state around the buggy address: [ 13.374392] ffff8881032d7f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 13.375026] ffff8881032d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.375333] >ffff8881032d8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.375922] ^ [ 13.376084] ffff8881032d8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.376378] ffff8881032d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.376737] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.279555] ================================================================== [ 13.279964] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.280197] Free of addr ffff8881038d8001 by task kunit_try_catch/228 [ 13.281189] [ 13.281508] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.281559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.281571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.281591] Call Trace: [ 13.281603] <TASK> [ 13.281619] dump_stack_lvl+0x73/0xb0 [ 13.281651] print_report+0xd1/0x610 [ 13.281674] ? __virt_addr_valid+0x1db/0x2d0 [ 13.281699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.281722] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.281748] kasan_report_invalid_free+0x10a/0x130 [ 13.281790] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.281816] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.281841] check_slab_allocation+0x11f/0x130 [ 13.281863] __kasan_slab_pre_free+0x28/0x40 [ 13.281884] kmem_cache_free+0xed/0x420 [ 13.281905] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.281926] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.281954] kmem_cache_invalid_free+0x1d8/0x460 [ 13.281979] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.282004] ? finish_task_switch.isra.0+0x153/0x700 [ 13.282028] ? __switch_to+0x47/0xf50 [ 13.282057] ? __pfx_read_tsc+0x10/0x10 [ 13.282077] ? ktime_get_ts64+0x86/0x230 [ 13.282101] kunit_try_run_case+0x1a5/0x480 [ 13.282127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.282149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.282174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.282198] ? __kthread_parkme+0x82/0x180 [ 13.282219] ? preempt_count_sub+0x50/0x80 [ 13.282242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.282266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.282290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.282315] kthread+0x337/0x6f0 [ 13.282334] ? trace_preempt_on+0x20/0xc0 [ 13.282358] ? __pfx_kthread+0x10/0x10 [ 13.282379] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.282406] ? calculate_sigpending+0x7b/0xa0 [ 13.282431] ? __pfx_kthread+0x10/0x10 [ 13.282452] ret_from_fork+0x116/0x1d0 [ 13.282470] ? __pfx_kthread+0x10/0x10 [ 13.282491] ret_from_fork_asm+0x1a/0x30 [ 13.282521] </TASK> [ 13.282531] [ 13.296324] Allocated by task 228: [ 13.296722] kasan_save_stack+0x45/0x70 [ 13.296952] kasan_save_track+0x18/0x40 [ 13.297128] kasan_save_alloc_info+0x3b/0x50 [ 13.297652] __kasan_slab_alloc+0x91/0xa0 [ 13.297869] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.298164] kmem_cache_invalid_free+0x157/0x460 [ 13.298528] kunit_try_run_case+0x1a5/0x480 [ 13.298749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.299002] kthread+0x337/0x6f0 [ 13.299162] ret_from_fork+0x116/0x1d0 [ 13.299344] ret_from_fork_asm+0x1a/0x30 [ 13.300006] [ 13.300104] The buggy address belongs to the object at ffff8881038d8000 [ 13.300104] which belongs to the cache test_cache of size 200 [ 13.300933] The buggy address is located 1 bytes inside of [ 13.300933] 200-byte region [ffff8881038d8000, ffff8881038d80c8) [ 13.301692] [ 13.301798] The buggy address belongs to the physical page: [ 13.302039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d8 [ 13.302387] flags: 0x200000000000000(node=0|zone=2) [ 13.302959] page_type: f5(slab) [ 13.303244] raw: 0200000000000000 ffff888101bdec80 dead000000000122 0000000000000000 [ 13.303635] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.303986] page dumped because: kasan: bad access detected [ 13.304225] [ 13.304305] Memory state around the buggy address: [ 13.304875] ffff8881038d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305164] ffff8881038d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305861] >ffff8881038d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.306135] ^ [ 13.306301] ffff8881038d8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.306949] ffff8881038d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.307337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.241176] ================================================================== [ 13.241846] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.242152] Free of addr ffff8881032d4000 by task kunit_try_catch/226 [ 13.242427] [ 13.242746] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.242803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.242814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.242834] Call Trace: [ 13.242845] <TASK> [ 13.242860] dump_stack_lvl+0x73/0xb0 [ 13.242891] print_report+0xd1/0x610 [ 13.242925] ? __virt_addr_valid+0x1db/0x2d0 [ 13.242949] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.242984] ? kmem_cache_double_free+0x1e5/0x480 [ 13.243011] kasan_report_invalid_free+0x10a/0x130 [ 13.243035] ? kmem_cache_double_free+0x1e5/0x480 [ 13.243062] ? kmem_cache_double_free+0x1e5/0x480 [ 13.243088] check_slab_allocation+0x101/0x130 [ 13.243111] __kasan_slab_pre_free+0x28/0x40 [ 13.243132] kmem_cache_free+0xed/0x420 [ 13.243153] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.243183] ? kmem_cache_double_free+0x1e5/0x480 [ 13.243211] kmem_cache_double_free+0x1e5/0x480 [ 13.243236] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.243272] ? finish_task_switch.isra.0+0x153/0x700 [ 13.243295] ? __switch_to+0x47/0xf50 [ 13.243322] ? __pfx_read_tsc+0x10/0x10 [ 13.243409] ? ktime_get_ts64+0x86/0x230 [ 13.243435] kunit_try_run_case+0x1a5/0x480 [ 13.243472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.243496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.243522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.243548] ? __kthread_parkme+0x82/0x180 [ 13.243568] ? preempt_count_sub+0x50/0x80 [ 13.243592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.243616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.243668] kthread+0x337/0x6f0 [ 13.243688] ? trace_preempt_on+0x20/0xc0 [ 13.243712] ? __pfx_kthread+0x10/0x10 [ 13.243732] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.243764] ? calculate_sigpending+0x7b/0xa0 [ 13.243789] ? __pfx_kthread+0x10/0x10 [ 13.243811] ret_from_fork+0x116/0x1d0 [ 13.243829] ? __pfx_kthread+0x10/0x10 [ 13.243850] ret_from_fork_asm+0x1a/0x30 [ 13.243881] </TASK> [ 13.243891] [ 13.256791] Allocated by task 226: [ 13.257223] kasan_save_stack+0x45/0x70 [ 13.257734] kasan_save_track+0x18/0x40 [ 13.257912] kasan_save_alloc_info+0x3b/0x50 [ 13.258210] __kasan_slab_alloc+0x91/0xa0 [ 13.258688] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.259022] kmem_cache_double_free+0x14f/0x480 [ 13.259395] kunit_try_run_case+0x1a5/0x480 [ 13.259777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.260142] kthread+0x337/0x6f0 [ 13.260369] ret_from_fork+0x116/0x1d0 [ 13.260717] ret_from_fork_asm+0x1a/0x30 [ 13.260939] [ 13.261023] Freed by task 226: [ 13.261178] kasan_save_stack+0x45/0x70 [ 13.261796] kasan_save_track+0x18/0x40 [ 13.261988] kasan_save_free_info+0x3f/0x60 [ 13.262406] __kasan_slab_free+0x56/0x70 [ 13.262700] kmem_cache_free+0x249/0x420 [ 13.262860] kmem_cache_double_free+0x16a/0x480 [ 13.263087] kunit_try_run_case+0x1a5/0x480 [ 13.263276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.263805] kthread+0x337/0x6f0 [ 13.263932] ret_from_fork+0x116/0x1d0 [ 13.264260] ret_from_fork_asm+0x1a/0x30 [ 13.264624] [ 13.264846] The buggy address belongs to the object at ffff8881032d4000 [ 13.264846] which belongs to the cache test_cache of size 200 [ 13.265605] The buggy address is located 0 bytes inside of [ 13.265605] 200-byte region [ffff8881032d4000, ffff8881032d40c8) [ 13.266046] [ 13.266354] The buggy address belongs to the physical page: [ 13.266919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032d4 [ 13.267247] flags: 0x200000000000000(node=0|zone=2) [ 13.267691] page_type: f5(slab) [ 13.267873] raw: 0200000000000000 ffff88810153adc0 dead000000000122 0000000000000000 [ 13.268214] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.268884] page dumped because: kasan: bad access detected [ 13.269131] [ 13.269210] Memory state around the buggy address: [ 13.269784] ffff8881032d3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270232] ffff8881032d3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270933] >ffff8881032d4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.271206] ^ [ 13.271392] ffff8881032d4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.271961] ffff8881032d4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.272395] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.207453] ================================================================== [ 13.207942] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.208254] Read of size 1 at addr ffff8881038d40c8 by task kunit_try_catch/224 [ 13.208766] [ 13.208887] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.209140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.209154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.209186] Call Trace: [ 13.209197] <TASK> [ 13.209212] dump_stack_lvl+0x73/0xb0 [ 13.209244] print_report+0xd1/0x610 [ 13.209266] ? __virt_addr_valid+0x1db/0x2d0 [ 13.209291] ? kmem_cache_oob+0x402/0x530 [ 13.209313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.209378] ? kmem_cache_oob+0x402/0x530 [ 13.209402] kasan_report+0x141/0x180 [ 13.209424] ? kmem_cache_oob+0x402/0x530 [ 13.209488] __asan_report_load1_noabort+0x18/0x20 [ 13.209514] kmem_cache_oob+0x402/0x530 [ 13.209535] ? trace_hardirqs_on+0x37/0xe0 [ 13.209560] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.209582] ? finish_task_switch.isra.0+0x153/0x700 [ 13.209606] ? __switch_to+0x47/0xf50 [ 13.209635] ? __pfx_read_tsc+0x10/0x10 [ 13.209656] ? ktime_get_ts64+0x86/0x230 [ 13.209680] kunit_try_run_case+0x1a5/0x480 [ 13.209706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.209729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.209766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.209790] ? __kthread_parkme+0x82/0x180 [ 13.209811] ? preempt_count_sub+0x50/0x80 [ 13.209834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.209858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.209883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.209908] kthread+0x337/0x6f0 [ 13.209927] ? trace_preempt_on+0x20/0xc0 [ 13.209949] ? __pfx_kthread+0x10/0x10 [ 13.209969] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.209991] ? calculate_sigpending+0x7b/0xa0 [ 13.210015] ? __pfx_kthread+0x10/0x10 [ 13.210037] ret_from_fork+0x116/0x1d0 [ 13.210055] ? __pfx_kthread+0x10/0x10 [ 13.210076] ret_from_fork_asm+0x1a/0x30 [ 13.210106] </TASK> [ 13.210116] [ 13.218218] Allocated by task 224: [ 13.218464] kasan_save_stack+0x45/0x70 [ 13.218745] kasan_save_track+0x18/0x40 [ 13.218966] kasan_save_alloc_info+0x3b/0x50 [ 13.219117] __kasan_slab_alloc+0x91/0xa0 [ 13.219335] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.219559] kmem_cache_oob+0x157/0x530 [ 13.219724] kunit_try_run_case+0x1a5/0x480 [ 13.220057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.220459] kthread+0x337/0x6f0 [ 13.220656] ret_from_fork+0x116/0x1d0 [ 13.220826] ret_from_fork_asm+0x1a/0x30 [ 13.221037] [ 13.221147] The buggy address belongs to the object at ffff8881038d4000 [ 13.221147] which belongs to the cache test_cache of size 200 [ 13.221786] The buggy address is located 0 bytes to the right of [ 13.221786] allocated 200-byte region [ffff8881038d4000, ffff8881038d40c8) [ 13.222159] [ 13.222260] The buggy address belongs to the physical page: [ 13.222535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4 [ 13.222904] flags: 0x200000000000000(node=0|zone=2) [ 13.223498] page_type: f5(slab) [ 13.223641] raw: 0200000000000000 ffff888101bdeb40 dead000000000122 0000000000000000 [ 13.223982] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.224346] page dumped because: kasan: bad access detected [ 13.224609] [ 13.224683] Memory state around the buggy address: [ 13.225012] ffff8881038d3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.225362] ffff8881038d4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.225646] >ffff8881038d4080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.226053] ^ [ 13.226291] ffff8881038d4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.226740] ffff8881038d4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.227062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.169014] ================================================================== [ 13.169453] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.169955] Read of size 8 at addr ffff8881032ef880 by task kunit_try_catch/217 [ 13.170293] [ 13.170481] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.170529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.170540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.170561] Call Trace: [ 13.170572] <TASK> [ 13.170587] dump_stack_lvl+0x73/0xb0 [ 13.170618] print_report+0xd1/0x610 [ 13.170640] ? __virt_addr_valid+0x1db/0x2d0 [ 13.170662] ? workqueue_uaf+0x4d6/0x560 [ 13.170683] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.170707] ? workqueue_uaf+0x4d6/0x560 [ 13.170728] kasan_report+0x141/0x180 [ 13.170750] ? workqueue_uaf+0x4d6/0x560 [ 13.170786] __asan_report_load8_noabort+0x18/0x20 [ 13.170812] workqueue_uaf+0x4d6/0x560 [ 13.170834] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.170857] ? __schedule+0x10cc/0x2b60 [ 13.170879] ? __pfx_read_tsc+0x10/0x10 [ 13.170900] ? ktime_get_ts64+0x86/0x230 [ 13.170924] kunit_try_run_case+0x1a5/0x480 [ 13.170949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.170972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.170996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.171020] ? __kthread_parkme+0x82/0x180 [ 13.171040] ? preempt_count_sub+0x50/0x80 [ 13.171064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.171089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.171113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.171138] kthread+0x337/0x6f0 [ 13.171157] ? trace_preempt_on+0x20/0xc0 [ 13.171181] ? __pfx_kthread+0x10/0x10 [ 13.171201] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.171223] ? calculate_sigpending+0x7b/0xa0 [ 13.171247] ? __pfx_kthread+0x10/0x10 [ 13.171268] ret_from_fork+0x116/0x1d0 [ 13.171316] ? __pfx_kthread+0x10/0x10 [ 13.171354] ret_from_fork_asm+0x1a/0x30 [ 13.171386] </TASK> [ 13.171396] [ 13.179085] Allocated by task 217: [ 13.179224] kasan_save_stack+0x45/0x70 [ 13.179661] kasan_save_track+0x18/0x40 [ 13.180012] kasan_save_alloc_info+0x3b/0x50 [ 13.180224] __kasan_kmalloc+0xb7/0xc0 [ 13.180600] __kmalloc_cache_noprof+0x189/0x420 [ 13.180841] workqueue_uaf+0x152/0x560 [ 13.181021] kunit_try_run_case+0x1a5/0x480 [ 13.181168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181456] kthread+0x337/0x6f0 [ 13.181667] ret_from_fork+0x116/0x1d0 [ 13.181875] ret_from_fork_asm+0x1a/0x30 [ 13.182072] [ 13.182176] Freed by task 44: [ 13.182407] kasan_save_stack+0x45/0x70 [ 13.182618] kasan_save_track+0x18/0x40 [ 13.182834] kasan_save_free_info+0x3f/0x60 [ 13.183030] __kasan_slab_free+0x56/0x70 [ 13.183233] kfree+0x222/0x3f0 [ 13.183478] workqueue_uaf_work+0x12/0x20 [ 13.183673] process_one_work+0x5ee/0xf60 [ 13.183894] worker_thread+0x758/0x1220 [ 13.184071] kthread+0x337/0x6f0 [ 13.184243] ret_from_fork+0x116/0x1d0 [ 13.184564] ret_from_fork_asm+0x1a/0x30 [ 13.184793] [ 13.184902] Last potentially related work creation: [ 13.185125] kasan_save_stack+0x45/0x70 [ 13.185265] kasan_record_aux_stack+0xb2/0xc0 [ 13.185417] __queue_work+0x626/0xeb0 [ 13.185550] queue_work_on+0xb6/0xc0 [ 13.185680] workqueue_uaf+0x26d/0x560 [ 13.185946] kunit_try_run_case+0x1a5/0x480 [ 13.186160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.186619] kthread+0x337/0x6f0 [ 13.186815] ret_from_fork+0x116/0x1d0 [ 13.187037] ret_from_fork_asm+0x1a/0x30 [ 13.187236] [ 13.187382] The buggy address belongs to the object at ffff8881032ef880 [ 13.187382] which belongs to the cache kmalloc-32 of size 32 [ 13.188059] The buggy address is located 0 bytes inside of [ 13.188059] freed 32-byte region [ffff8881032ef880, ffff8881032ef8a0) [ 13.188405] [ 13.188475] The buggy address belongs to the physical page: [ 13.188726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032ef [ 13.189096] flags: 0x200000000000000(node=0|zone=2) [ 13.189339] page_type: f5(slab) [ 13.189511] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.189976] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.190364] page dumped because: kasan: bad access detected [ 13.190668] [ 13.190895] Memory state around the buggy address: [ 13.191123] ffff8881032ef780: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 13.191507] ffff8881032ef800: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 13.191785] >ffff8881032ef880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.192128] ^ [ 13.192248] ffff8881032ef900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.192823] ffff8881032ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193110] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.121478] ================================================================== [ 13.122001] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.122395] Read of size 4 at addr ffff8881032ef700 by task swapper/1/0 [ 13.122661] [ 13.122791] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.122836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.122847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.122867] Call Trace: [ 13.122897] <IRQ> [ 13.122913] dump_stack_lvl+0x73/0xb0 [ 13.122945] print_report+0xd1/0x610 [ 13.122967] ? __virt_addr_valid+0x1db/0x2d0 [ 13.122991] ? rcu_uaf_reclaim+0x50/0x60 [ 13.123011] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.123034] ? rcu_uaf_reclaim+0x50/0x60 [ 13.123055] kasan_report+0x141/0x180 [ 13.123078] ? rcu_uaf_reclaim+0x50/0x60 [ 13.123104] __asan_report_load4_noabort+0x18/0x20 [ 13.123129] rcu_uaf_reclaim+0x50/0x60 [ 13.123149] rcu_core+0x66f/0x1c40 [ 13.123178] ? __pfx_rcu_core+0x10/0x10 [ 13.123199] ? ktime_get+0x6b/0x150 [ 13.123220] ? handle_softirqs+0x18e/0x730 [ 13.123245] rcu_core_si+0x12/0x20 [ 13.123265] handle_softirqs+0x209/0x730 [ 13.123284] ? hrtimer_interrupt+0x2fe/0x780 [ 13.123307] ? __pfx_handle_softirqs+0x10/0x10 [ 13.123391] __irq_exit_rcu+0xc9/0x110 [ 13.123415] irq_exit_rcu+0x12/0x20 [ 13.123435] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.123475] </IRQ> [ 13.123501] <TASK> [ 13.123511] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.123603] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.123826] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 72 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.123907] RSP: 0000:ffff888100877dc8 EFLAGS: 00010216 [ 13.123994] RAX: ffff8881ae172000 RBX: ffff888100853000 RCX: ffffffffaaa75125 [ 13.124040] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 00000000000141dc [ 13.124083] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 13.124125] R10: ffff88815b130c53 R11: 000000000001f000 R12: 0000000000000001 [ 13.124167] R13: ffffed102010a600 R14: ffffffffac7b1490 R15: 0000000000000000 [ 13.124223] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.124277] ? default_idle+0xd/0x20 [ 13.124300] arch_cpu_idle+0xd/0x20 [ 13.124321] default_idle_call+0x48/0x80 [ 13.124340] do_idle+0x379/0x4f0 [ 13.124459] ? complete+0x15b/0x1d0 [ 13.124478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.124505] ? __pfx_do_idle+0x10/0x10 [ 13.124526] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 13.124550] ? complete+0x15b/0x1d0 [ 13.124570] cpu_startup_entry+0x5c/0x70 [ 13.124591] start_secondary+0x211/0x290 [ 13.124614] ? __pfx_start_secondary+0x10/0x10 [ 13.124639] common_startup_64+0x13e/0x148 [ 13.124672] </TASK> [ 13.124681] [ 13.138389] Allocated by task 215: [ 13.138529] kasan_save_stack+0x45/0x70 [ 13.138684] kasan_save_track+0x18/0x40 [ 13.138963] kasan_save_alloc_info+0x3b/0x50 [ 13.139568] __kasan_kmalloc+0xb7/0xc0 [ 13.139750] __kmalloc_cache_noprof+0x189/0x420 [ 13.140256] rcu_uaf+0xb0/0x330 [ 13.140674] kunit_try_run_case+0x1a5/0x480 [ 13.141140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.141544] kthread+0x337/0x6f0 [ 13.141908] ret_from_fork+0x116/0x1d0 [ 13.142272] ret_from_fork_asm+0x1a/0x30 [ 13.142751] [ 13.142837] Freed by task 0: [ 13.142944] kasan_save_stack+0x45/0x70 [ 13.143083] kasan_save_track+0x18/0x40 [ 13.143218] kasan_save_free_info+0x3f/0x60 [ 13.143560] __kasan_slab_free+0x56/0x70 [ 13.143949] kfree+0x222/0x3f0 [ 13.144261] rcu_uaf_reclaim+0x1f/0x60 [ 13.144731] rcu_core+0x66f/0x1c40 [ 13.145076] rcu_core_si+0x12/0x20 [ 13.145613] handle_softirqs+0x209/0x730 [ 13.146005] __irq_exit_rcu+0xc9/0x110 [ 13.146463] irq_exit_rcu+0x12/0x20 [ 13.146711] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.147106] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.147278] [ 13.147521] Last potentially related work creation: [ 13.148015] kasan_save_stack+0x45/0x70 [ 13.148505] kasan_record_aux_stack+0xb2/0xc0 [ 13.148870] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.149043] call_rcu+0x12/0x20 [ 13.149160] rcu_uaf+0x168/0x330 [ 13.149280] kunit_try_run_case+0x1a5/0x480 [ 13.149433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.149610] kthread+0x337/0x6f0 [ 13.149732] ret_from_fork+0x116/0x1d0 [ 13.150081] ret_from_fork_asm+0x1a/0x30 [ 13.150494] [ 13.150867] The buggy address belongs to the object at ffff8881032ef700 [ 13.150867] which belongs to the cache kmalloc-32 of size 32 [ 13.152184] The buggy address is located 0 bytes inside of [ 13.152184] freed 32-byte region [ffff8881032ef700, ffff8881032ef720) [ 13.153505] [ 13.153706] The buggy address belongs to the physical page: [ 13.154215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032ef [ 13.155072] flags: 0x200000000000000(node=0|zone=2) [ 13.155560] page_type: f5(slab) [ 13.155687] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.155935] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.156162] page dumped because: kasan: bad access detected [ 13.156343] [ 13.156626] Memory state around the buggy address: [ 13.157180] ffff8881032ef600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.157934] ffff8881032ef680: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.158697] >ffff8881032ef700: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159322] ^ [ 13.159697] ffff8881032ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160317] ffff8881032ef800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.161091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.083478] ================================================================== [ 13.084300] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.085100] Read of size 1 at addr ffff888102afc578 by task kunit_try_catch/213 [ 13.085662] [ 13.085792] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.085836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.085848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.085867] Call Trace: [ 13.085878] <TASK> [ 13.085893] dump_stack_lvl+0x73/0xb0 [ 13.085925] print_report+0xd1/0x610 [ 13.085947] ? __virt_addr_valid+0x1db/0x2d0 [ 13.085969] ? ksize_uaf+0x5e4/0x6c0 [ 13.085990] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.086014] ? ksize_uaf+0x5e4/0x6c0 [ 13.086035] kasan_report+0x141/0x180 [ 13.086056] ? ksize_uaf+0x5e4/0x6c0 [ 13.086081] __asan_report_load1_noabort+0x18/0x20 [ 13.086107] ksize_uaf+0x5e4/0x6c0 [ 13.086128] ? __pfx_ksize_uaf+0x10/0x10 [ 13.086150] ? __schedule+0x10cc/0x2b60 [ 13.086172] ? __pfx_read_tsc+0x10/0x10 [ 13.086192] ? ktime_get_ts64+0x86/0x230 [ 13.086217] kunit_try_run_case+0x1a5/0x480 [ 13.086241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.086263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.086288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.086313] ? __kthread_parkme+0x82/0x180 [ 13.086596] ? preempt_count_sub+0x50/0x80 [ 13.086625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.086651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.086677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.086702] kthread+0x337/0x6f0 [ 13.086721] ? trace_preempt_on+0x20/0xc0 [ 13.086744] ? __pfx_kthread+0x10/0x10 [ 13.086780] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.086801] ? calculate_sigpending+0x7b/0xa0 [ 13.086825] ? __pfx_kthread+0x10/0x10 [ 13.086846] ret_from_fork+0x116/0x1d0 [ 13.086864] ? __pfx_kthread+0x10/0x10 [ 13.086884] ret_from_fork_asm+0x1a/0x30 [ 13.086914] </TASK> [ 13.086924] [ 13.097335] Allocated by task 213: [ 13.097933] kasan_save_stack+0x45/0x70 [ 13.098140] kasan_save_track+0x18/0x40 [ 13.098529] kasan_save_alloc_info+0x3b/0x50 [ 13.098750] __kasan_kmalloc+0xb7/0xc0 [ 13.098926] __kmalloc_cache_noprof+0x189/0x420 [ 13.099285] ksize_uaf+0xaa/0x6c0 [ 13.099773] kunit_try_run_case+0x1a5/0x480 [ 13.100135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.100595] kthread+0x337/0x6f0 [ 13.100886] ret_from_fork+0x116/0x1d0 [ 13.101165] ret_from_fork_asm+0x1a/0x30 [ 13.101540] [ 13.101706] Freed by task 213: [ 13.102054] kasan_save_stack+0x45/0x70 [ 13.102248] kasan_save_track+0x18/0x40 [ 13.102592] kasan_save_free_info+0x3f/0x60 [ 13.102803] __kasan_slab_free+0x56/0x70 [ 13.102993] kfree+0x222/0x3f0 [ 13.103147] ksize_uaf+0x12c/0x6c0 [ 13.103310] kunit_try_run_case+0x1a5/0x480 [ 13.103982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104234] kthread+0x337/0x6f0 [ 13.104562] ret_from_fork+0x116/0x1d0 [ 13.104781] ret_from_fork_asm+0x1a/0x30 [ 13.105121] [ 13.105224] The buggy address belongs to the object at ffff888102afc500 [ 13.105224] which belongs to the cache kmalloc-128 of size 128 [ 13.106104] The buggy address is located 120 bytes inside of [ 13.106104] freed 128-byte region [ffff888102afc500, ffff888102afc580) [ 13.106824] [ 13.106928] The buggy address belongs to the physical page: [ 13.107170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 13.107950] flags: 0x200000000000000(node=0|zone=2) [ 13.108181] page_type: f5(slab) [ 13.108529] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.108914] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.109332] page dumped because: kasan: bad access detected [ 13.109669] [ 13.109745] Memory state around the buggy address: [ 13.109987] ffff888102afc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.110284] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.110920] >ffff888102afc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.111289] ^ [ 13.111959] ffff888102afc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112226] ffff888102afc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112859] ================================================================== [ 13.052970] ================================================================== [ 13.053305] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.053985] Read of size 1 at addr ffff888102afc500 by task kunit_try_catch/213 [ 13.054386] [ 13.054536] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.054578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.054590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.054610] Call Trace: [ 13.054621] <TASK> [ 13.054634] dump_stack_lvl+0x73/0xb0 [ 13.054664] print_report+0xd1/0x610 [ 13.054696] ? __virt_addr_valid+0x1db/0x2d0 [ 13.054721] ? ksize_uaf+0x5fe/0x6c0 [ 13.054741] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.054778] ? ksize_uaf+0x5fe/0x6c0 [ 13.054799] kasan_report+0x141/0x180 [ 13.054821] ? ksize_uaf+0x5fe/0x6c0 [ 13.054846] __asan_report_load1_noabort+0x18/0x20 [ 13.054872] ksize_uaf+0x5fe/0x6c0 [ 13.054893] ? __pfx_ksize_uaf+0x10/0x10 [ 13.054915] ? __schedule+0x10cc/0x2b60 [ 13.054936] ? __pfx_read_tsc+0x10/0x10 [ 13.054957] ? ktime_get_ts64+0x86/0x230 [ 13.054982] kunit_try_run_case+0x1a5/0x480 [ 13.055006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.055030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.055053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.055077] ? __kthread_parkme+0x82/0x180 [ 13.055098] ? preempt_count_sub+0x50/0x80 [ 13.055121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.055146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.055170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.055195] kthread+0x337/0x6f0 [ 13.055214] ? trace_preempt_on+0x20/0xc0 [ 13.055237] ? __pfx_kthread+0x10/0x10 [ 13.055257] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.055279] ? calculate_sigpending+0x7b/0xa0 [ 13.055327] ? __pfx_kthread+0x10/0x10 [ 13.055622] ret_from_fork+0x116/0x1d0 [ 13.055657] ? __pfx_kthread+0x10/0x10 [ 13.055678] ret_from_fork_asm+0x1a/0x30 [ 13.055708] </TASK> [ 13.055719] [ 13.065822] Allocated by task 213: [ 13.065970] kasan_save_stack+0x45/0x70 [ 13.066177] kasan_save_track+0x18/0x40 [ 13.066367] kasan_save_alloc_info+0x3b/0x50 [ 13.066637] __kasan_kmalloc+0xb7/0xc0 [ 13.066933] __kmalloc_cache_noprof+0x189/0x420 [ 13.067119] ksize_uaf+0xaa/0x6c0 [ 13.067243] kunit_try_run_case+0x1a5/0x480 [ 13.067391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.067638] kthread+0x337/0x6f0 [ 13.067896] ret_from_fork+0x116/0x1d0 [ 13.068393] ret_from_fork_asm+0x1a/0x30 [ 13.068579] [ 13.068676] Freed by task 213: [ 13.068821] kasan_save_stack+0x45/0x70 [ 13.068962] kasan_save_track+0x18/0x40 [ 13.069125] kasan_save_free_info+0x3f/0x60 [ 13.069331] __kasan_slab_free+0x56/0x70 [ 13.069740] kfree+0x222/0x3f0 [ 13.069924] ksize_uaf+0x12c/0x6c0 [ 13.070093] kunit_try_run_case+0x1a5/0x480 [ 13.070282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.070655] kthread+0x337/0x6f0 [ 13.070831] ret_from_fork+0x116/0x1d0 [ 13.070992] ret_from_fork_asm+0x1a/0x30 [ 13.071167] [ 13.071263] The buggy address belongs to the object at ffff888102afc500 [ 13.071263] which belongs to the cache kmalloc-128 of size 128 [ 13.071859] The buggy address is located 0 bytes inside of [ 13.071859] freed 128-byte region [ffff888102afc500, ffff888102afc580) [ 13.072286] [ 13.072389] The buggy address belongs to the physical page: [ 13.072651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 13.074642] flags: 0x200000000000000(node=0|zone=2) [ 13.074834] page_type: f5(slab) [ 13.074958] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.075192] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.075426] page dumped because: kasan: bad access detected [ 13.075599] [ 13.075671] Memory state around the buggy address: [ 13.077509] ffff888102afc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.078675] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.079941] >ffff888102afc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.081075] ^ [ 13.081232] ffff888102afc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.082235] ffff888102afc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.082528] ================================================================== [ 13.032211] ================================================================== [ 13.032842] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.033116] Read of size 1 at addr ffff888102afc500 by task kunit_try_catch/213 [ 13.033411] [ 13.033553] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.033599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.033610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.033631] Call Trace: [ 13.033642] <TASK> [ 13.033658] dump_stack_lvl+0x73/0xb0 [ 13.033687] print_report+0xd1/0x610 [ 13.033709] ? __virt_addr_valid+0x1db/0x2d0 [ 13.033733] ? ksize_uaf+0x19d/0x6c0 [ 13.033764] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.033788] ? ksize_uaf+0x19d/0x6c0 [ 13.033809] kasan_report+0x141/0x180 [ 13.033833] ? ksize_uaf+0x19d/0x6c0 [ 13.033860] ? ksize_uaf+0x19d/0x6c0 [ 13.033882] __kasan_check_byte+0x3d/0x50 [ 13.033905] ksize+0x20/0x60 [ 13.033926] ksize_uaf+0x19d/0x6c0 [ 13.033946] ? __pfx_ksize_uaf+0x10/0x10 [ 13.033968] ? __schedule+0x10cc/0x2b60 [ 13.033990] ? __pfx_read_tsc+0x10/0x10 [ 13.034011] ? ktime_get_ts64+0x86/0x230 [ 13.034037] kunit_try_run_case+0x1a5/0x480 [ 13.034062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.034085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.034110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.034134] ? __kthread_parkme+0x82/0x180 [ 13.034155] ? preempt_count_sub+0x50/0x80 [ 13.034179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.034204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.034230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.034255] kthread+0x337/0x6f0 [ 13.034274] ? trace_preempt_on+0x20/0xc0 [ 13.034297] ? __pfx_kthread+0x10/0x10 [ 13.034318] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.034340] ? calculate_sigpending+0x7b/0xa0 [ 13.034365] ? __pfx_kthread+0x10/0x10 [ 13.034391] ret_from_fork+0x116/0x1d0 [ 13.034422] ? __pfx_kthread+0x10/0x10 [ 13.034453] ret_from_fork_asm+0x1a/0x30 [ 13.034493] </TASK> [ 13.034503] [ 13.041814] Allocated by task 213: [ 13.042129] kasan_save_stack+0x45/0x70 [ 13.042341] kasan_save_track+0x18/0x40 [ 13.042565] kasan_save_alloc_info+0x3b/0x50 [ 13.042712] __kasan_kmalloc+0xb7/0xc0 [ 13.042856] __kmalloc_cache_noprof+0x189/0x420 [ 13.043138] ksize_uaf+0xaa/0x6c0 [ 13.043313] kunit_try_run_case+0x1a5/0x480 [ 13.043654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.043921] kthread+0x337/0x6f0 [ 13.044068] ret_from_fork+0x116/0x1d0 [ 13.044227] ret_from_fork_asm+0x1a/0x30 [ 13.044547] [ 13.044648] Freed by task 213: [ 13.044816] kasan_save_stack+0x45/0x70 [ 13.044987] kasan_save_track+0x18/0x40 [ 13.045169] kasan_save_free_info+0x3f/0x60 [ 13.045438] __kasan_slab_free+0x56/0x70 [ 13.045640] kfree+0x222/0x3f0 [ 13.045801] ksize_uaf+0x12c/0x6c0 [ 13.045932] kunit_try_run_case+0x1a5/0x480 [ 13.046079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.046253] kthread+0x337/0x6f0 [ 13.046372] ret_from_fork+0x116/0x1d0 [ 13.046510] ret_from_fork_asm+0x1a/0x30 [ 13.046713] [ 13.046821] The buggy address belongs to the object at ffff888102afc500 [ 13.046821] which belongs to the cache kmalloc-128 of size 128 [ 13.047596] The buggy address is located 0 bytes inside of [ 13.047596] freed 128-byte region [ffff888102afc500, ffff888102afc580) [ 13.048152] [ 13.048253] The buggy address belongs to the physical page: [ 13.048567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 13.048880] flags: 0x200000000000000(node=0|zone=2) [ 13.049047] page_type: f5(slab) [ 13.049175] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.049453] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.049792] page dumped because: kasan: bad access detected [ 13.049977] [ 13.050046] Memory state around the buggy address: [ 13.050247] ffff888102afc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.050781] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.051108] >ffff888102afc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.051438] ^ [ 13.051551] ffff888102afc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.051770] ffff888102afc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.052219] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.998970] ================================================================== [ 12.999957] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.000739] Read of size 1 at addr ffff888102afc47f by task kunit_try_catch/211 [ 13.001439] [ 13.001729] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.001785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.001797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.001816] Call Trace: [ 13.001843] <TASK> [ 13.001859] dump_stack_lvl+0x73/0xb0 [ 13.001889] print_report+0xd1/0x610 [ 13.001923] ? __virt_addr_valid+0x1db/0x2d0 [ 13.001946] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.001970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.001994] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.002018] kasan_report+0x141/0x180 [ 13.002039] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.002068] __asan_report_load1_noabort+0x18/0x20 [ 13.002092] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.002117] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.002140] ? finish_task_switch.isra.0+0x153/0x700 [ 13.002162] ? __switch_to+0x47/0xf50 [ 13.002187] ? __schedule+0x10cc/0x2b60 [ 13.002210] ? __pfx_read_tsc+0x10/0x10 [ 13.002231] ? ktime_get_ts64+0x86/0x230 [ 13.002256] kunit_try_run_case+0x1a5/0x480 [ 13.002280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.002344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.002368] ? __kthread_parkme+0x82/0x180 [ 13.002395] ? preempt_count_sub+0x50/0x80 [ 13.002418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.002538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.002563] kthread+0x337/0x6f0 [ 13.002583] ? trace_preempt_on+0x20/0xc0 [ 13.002606] ? __pfx_kthread+0x10/0x10 [ 13.002626] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.002648] ? calculate_sigpending+0x7b/0xa0 [ 13.002672] ? __pfx_kthread+0x10/0x10 [ 13.002693] ret_from_fork+0x116/0x1d0 [ 13.002711] ? __pfx_kthread+0x10/0x10 [ 13.002732] ret_from_fork_asm+0x1a/0x30 [ 13.002776] </TASK> [ 13.002786] [ 13.015570] Allocated by task 211: [ 13.016055] kasan_save_stack+0x45/0x70 [ 13.016548] kasan_save_track+0x18/0x40 [ 13.016933] kasan_save_alloc_info+0x3b/0x50 [ 13.017270] __kasan_kmalloc+0xb7/0xc0 [ 13.017618] __kmalloc_cache_noprof+0x189/0x420 [ 13.018121] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.018568] kunit_try_run_case+0x1a5/0x480 [ 13.018922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.019105] kthread+0x337/0x6f0 [ 13.019228] ret_from_fork+0x116/0x1d0 [ 13.019576] ret_from_fork_asm+0x1a/0x30 [ 13.020099] [ 13.020260] The buggy address belongs to the object at ffff888102afc400 [ 13.020260] which belongs to the cache kmalloc-128 of size 128 [ 13.021635] The buggy address is located 12 bytes to the right of [ 13.021635] allocated 115-byte region [ffff888102afc400, ffff888102afc473) [ 13.022767] [ 13.022954] The buggy address belongs to the physical page: [ 13.023292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 13.023965] flags: 0x200000000000000(node=0|zone=2) [ 13.024136] page_type: f5(slab) [ 13.024258] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.024970] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.025769] page dumped because: kasan: bad access detected [ 13.026435] [ 13.026639] Memory state around the buggy address: [ 13.027110] ffff888102afc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.027529] ffff888102afc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.027750] >ffff888102afc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.027978] ^ [ 13.028191] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.028556] ffff888102afc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.028862] ================================================================== [ 12.964941] ================================================================== [ 12.965242] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.966674] Read of size 1 at addr ffff888102afc478 by task kunit_try_catch/211 [ 12.967452] [ 12.967886] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.967933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.967958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.967978] Call Trace: [ 12.967993] <TASK> [ 12.968036] dump_stack_lvl+0x73/0xb0 [ 12.968069] print_report+0xd1/0x610 [ 12.968091] ? __virt_addr_valid+0x1db/0x2d0 [ 12.968113] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.968137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.968160] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.968184] kasan_report+0x141/0x180 [ 12.968206] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.968234] __asan_report_load1_noabort+0x18/0x20 [ 12.968259] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.968284] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.968307] ? finish_task_switch.isra.0+0x153/0x700 [ 12.968518] ? __switch_to+0x47/0xf50 [ 12.968551] ? __schedule+0x10cc/0x2b60 [ 12.968574] ? __pfx_read_tsc+0x10/0x10 [ 12.968595] ? ktime_get_ts64+0x86/0x230 [ 12.968618] kunit_try_run_case+0x1a5/0x480 [ 12.968643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.968666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.968690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.968714] ? __kthread_parkme+0x82/0x180 [ 12.968733] ? preempt_count_sub+0x50/0x80 [ 12.968771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.968796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.968821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.968847] kthread+0x337/0x6f0 [ 12.968866] ? trace_preempt_on+0x20/0xc0 [ 12.968889] ? __pfx_kthread+0x10/0x10 [ 12.968909] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.968931] ? calculate_sigpending+0x7b/0xa0 [ 12.968955] ? __pfx_kthread+0x10/0x10 [ 12.968976] ret_from_fork+0x116/0x1d0 [ 12.968994] ? __pfx_kthread+0x10/0x10 [ 12.969015] ret_from_fork_asm+0x1a/0x30 [ 12.969045] </TASK> [ 12.969054] [ 12.983637] Allocated by task 211: [ 12.984140] kasan_save_stack+0x45/0x70 [ 12.984630] kasan_save_track+0x18/0x40 [ 12.985035] kasan_save_alloc_info+0x3b/0x50 [ 12.985606] __kasan_kmalloc+0xb7/0xc0 [ 12.985751] __kmalloc_cache_noprof+0x189/0x420 [ 12.985924] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.986078] kunit_try_run_case+0x1a5/0x480 [ 12.986225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.986726] kthread+0x337/0x6f0 [ 12.987088] ret_from_fork+0x116/0x1d0 [ 12.987593] ret_from_fork_asm+0x1a/0x30 [ 12.988094] [ 12.988254] The buggy address belongs to the object at ffff888102afc400 [ 12.988254] which belongs to the cache kmalloc-128 of size 128 [ 12.989676] The buggy address is located 5 bytes to the right of [ 12.989676] allocated 115-byte region [ffff888102afc400, ffff888102afc473) [ 12.990983] [ 12.991188] The buggy address belongs to the physical page: [ 12.991560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 12.992163] flags: 0x200000000000000(node=0|zone=2) [ 12.992404] page_type: f5(slab) [ 12.992784] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.993466] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.994367] page dumped because: kasan: bad access detected [ 12.994611] [ 12.994682] Memory state around the buggy address: [ 12.994850] ffff888102afc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.995068] ffff888102afc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.995288] >ffff888102afc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.995839] ^ [ 12.996482] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.997273] ffff888102afc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.998096] ================================================================== [ 12.943176] ================================================================== [ 12.943565] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.943858] Read of size 1 at addr ffff888102afc473 by task kunit_try_catch/211 [ 12.944416] [ 12.944643] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.944689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.944701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.944721] Call Trace: [ 12.944731] <TASK> [ 12.944747] dump_stack_lvl+0x73/0xb0 [ 12.944788] print_report+0xd1/0x610 [ 12.944810] ? __virt_addr_valid+0x1db/0x2d0 [ 12.944833] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.944856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.944880] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.944905] kasan_report+0x141/0x180 [ 12.944926] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.944955] __asan_report_load1_noabort+0x18/0x20 [ 12.944980] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.945005] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.945028] ? finish_task_switch.isra.0+0x153/0x700 [ 12.945051] ? __switch_to+0x47/0xf50 [ 12.945078] ? __schedule+0x10cc/0x2b60 [ 12.945099] ? __pfx_read_tsc+0x10/0x10 [ 12.945119] ? ktime_get_ts64+0x86/0x230 [ 12.945143] kunit_try_run_case+0x1a5/0x480 [ 12.945169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.945191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.945215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.945239] ? __kthread_parkme+0x82/0x180 [ 12.945260] ? preempt_count_sub+0x50/0x80 [ 12.945282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.945307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.945338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.945363] kthread+0x337/0x6f0 [ 12.945382] ? trace_preempt_on+0x20/0xc0 [ 12.945406] ? __pfx_kthread+0x10/0x10 [ 12.945426] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.945448] ? calculate_sigpending+0x7b/0xa0 [ 12.945472] ? __pfx_kthread+0x10/0x10 [ 12.945493] ret_from_fork+0x116/0x1d0 [ 12.945511] ? __pfx_kthread+0x10/0x10 [ 12.945531] ret_from_fork_asm+0x1a/0x30 [ 12.945562] </TASK> [ 12.945572] [ 12.953706] Allocated by task 211: [ 12.953904] kasan_save_stack+0x45/0x70 [ 12.954108] kasan_save_track+0x18/0x40 [ 12.954299] kasan_save_alloc_info+0x3b/0x50 [ 12.954586] __kasan_kmalloc+0xb7/0xc0 [ 12.954771] __kmalloc_cache_noprof+0x189/0x420 [ 12.954967] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.955163] kunit_try_run_case+0x1a5/0x480 [ 12.955450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.955704] kthread+0x337/0x6f0 [ 12.955880] ret_from_fork+0x116/0x1d0 [ 12.956056] ret_from_fork_asm+0x1a/0x30 [ 12.956225] [ 12.956501] The buggy address belongs to the object at ffff888102afc400 [ 12.956501] which belongs to the cache kmalloc-128 of size 128 [ 12.957030] The buggy address is located 0 bytes to the right of [ 12.957030] allocated 115-byte region [ffff888102afc400, ffff888102afc473) [ 12.957619] [ 12.957717] The buggy address belongs to the physical page: [ 12.957976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 12.958249] flags: 0x200000000000000(node=0|zone=2) [ 12.958578] page_type: f5(slab) [ 12.958742] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.959068] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.959407] page dumped because: kasan: bad access detected [ 12.959653] [ 12.959751] Memory state around the buggy address: [ 12.959934] ffff888102afc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.960152] ffff888102afc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.960534] >ffff888102afc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.960887] ^ [ 12.961193] ffff888102afc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.961619] ffff888102afc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.961961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.913267] ================================================================== [ 12.914150] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.914667] Free of addr ffff888102514900 by task kunit_try_catch/209 [ 12.914981] [ 12.915074] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.915118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.915129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.915148] Call Trace: [ 12.915162] <TASK> [ 12.915176] dump_stack_lvl+0x73/0xb0 [ 12.915206] print_report+0xd1/0x610 [ 12.915229] ? __virt_addr_valid+0x1db/0x2d0 [ 12.915252] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.915275] ? kfree_sensitive+0x2e/0x90 [ 12.915297] kasan_report_invalid_free+0x10a/0x130 [ 12.915323] ? kfree_sensitive+0x2e/0x90 [ 12.915401] ? kfree_sensitive+0x2e/0x90 [ 12.915422] check_slab_allocation+0x101/0x130 [ 12.915444] __kasan_slab_pre_free+0x28/0x40 [ 12.915466] kfree+0xf0/0x3f0 [ 12.915487] ? kfree_sensitive+0x2e/0x90 [ 12.915509] kfree_sensitive+0x2e/0x90 [ 12.915529] kmalloc_double_kzfree+0x19c/0x350 [ 12.915553] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.915578] ? __schedule+0x10cc/0x2b60 [ 12.915600] ? __pfx_read_tsc+0x10/0x10 [ 12.915620] ? ktime_get_ts64+0x86/0x230 [ 12.915644] kunit_try_run_case+0x1a5/0x480 [ 12.915668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.915691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.915715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.915739] ? __kthread_parkme+0x82/0x180 [ 12.915773] ? preempt_count_sub+0x50/0x80 [ 12.915796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.915820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.915845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.915870] kthread+0x337/0x6f0 [ 12.915889] ? trace_preempt_on+0x20/0xc0 [ 12.915912] ? __pfx_kthread+0x10/0x10 [ 12.915932] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.915954] ? calculate_sigpending+0x7b/0xa0 [ 12.915978] ? __pfx_kthread+0x10/0x10 [ 12.915999] ret_from_fork+0x116/0x1d0 [ 12.916017] ? __pfx_kthread+0x10/0x10 [ 12.916038] ret_from_fork_asm+0x1a/0x30 [ 12.916068] </TASK> [ 12.916078] [ 12.924300] Allocated by task 209: [ 12.924620] kasan_save_stack+0x45/0x70 [ 12.924838] kasan_save_track+0x18/0x40 [ 12.925027] kasan_save_alloc_info+0x3b/0x50 [ 12.925221] __kasan_kmalloc+0xb7/0xc0 [ 12.925940] __kmalloc_cache_noprof+0x189/0x420 [ 12.926119] kmalloc_double_kzfree+0xa9/0x350 [ 12.926272] kunit_try_run_case+0x1a5/0x480 [ 12.927324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.928083] kthread+0x337/0x6f0 [ 12.928596] ret_from_fork+0x116/0x1d0 [ 12.928801] ret_from_fork_asm+0x1a/0x30 [ 12.928982] [ 12.929060] Freed by task 209: [ 12.929227] kasan_save_stack+0x45/0x70 [ 12.929385] kasan_save_track+0x18/0x40 [ 12.930015] kasan_save_free_info+0x3f/0x60 [ 12.930215] __kasan_slab_free+0x56/0x70 [ 12.930501] kfree+0x222/0x3f0 [ 12.930906] kfree_sensitive+0x67/0x90 [ 12.931061] kmalloc_double_kzfree+0x12b/0x350 [ 12.931360] kunit_try_run_case+0x1a5/0x480 [ 12.931784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.932312] kthread+0x337/0x6f0 [ 12.932655] ret_from_fork+0x116/0x1d0 [ 12.932832] ret_from_fork_asm+0x1a/0x30 [ 12.933147] [ 12.933249] The buggy address belongs to the object at ffff888102514900 [ 12.933249] which belongs to the cache kmalloc-16 of size 16 [ 12.934066] The buggy address is located 0 bytes inside of [ 12.934066] 16-byte region [ffff888102514900, ffff888102514910) [ 12.934669] [ 12.934787] The buggy address belongs to the physical page: [ 12.935048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 12.935369] flags: 0x200000000000000(node=0|zone=2) [ 12.935998] page_type: f5(slab) [ 12.936135] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.936699] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.937040] page dumped because: kasan: bad access detected [ 12.937273] [ 12.937590] Memory state around the buggy address: [ 12.937803] ffff888102514800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 12.938116] ffff888102514880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.938680] >ffff888102514900: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.938953] ^ [ 12.939124] ffff888102514980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939417] ffff888102514a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.940053] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.891001] ================================================================== [ 12.892145] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.892606] Read of size 1 at addr ffff888102514900 by task kunit_try_catch/209 [ 12.893297] [ 12.893599] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.893649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.893661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.893683] Call Trace: [ 12.893695] <TASK> [ 12.893712] dump_stack_lvl+0x73/0xb0 [ 12.893745] print_report+0xd1/0x610 [ 12.893795] ? __virt_addr_valid+0x1db/0x2d0 [ 12.893819] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.893843] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.893867] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.893891] kasan_report+0x141/0x180 [ 12.893913] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.893939] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.893963] __kasan_check_byte+0x3d/0x50 [ 12.893985] kfree_sensitive+0x22/0x90 [ 12.894008] kmalloc_double_kzfree+0x19c/0x350 [ 12.894031] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.894056] ? __schedule+0x10cc/0x2b60 [ 12.894079] ? __pfx_read_tsc+0x10/0x10 [ 12.894101] ? ktime_get_ts64+0x86/0x230 [ 12.894126] kunit_try_run_case+0x1a5/0x480 [ 12.894155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.894202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.894228] ? __kthread_parkme+0x82/0x180 [ 12.894249] ? preempt_count_sub+0x50/0x80 [ 12.894274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.894323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.894409] kthread+0x337/0x6f0 [ 12.894429] ? trace_preempt_on+0x20/0xc0 [ 12.894453] ? __pfx_kthread+0x10/0x10 [ 12.894473] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.894495] ? calculate_sigpending+0x7b/0xa0 [ 12.894520] ? __pfx_kthread+0x10/0x10 [ 12.894541] ret_from_fork+0x116/0x1d0 [ 12.894561] ? __pfx_kthread+0x10/0x10 [ 12.894581] ret_from_fork_asm+0x1a/0x30 [ 12.894612] </TASK> [ 12.894623] [ 12.902821] Allocated by task 209: [ 12.902987] kasan_save_stack+0x45/0x70 [ 12.903166] kasan_save_track+0x18/0x40 [ 12.903340] kasan_save_alloc_info+0x3b/0x50 [ 12.903550] __kasan_kmalloc+0xb7/0xc0 [ 12.903736] __kmalloc_cache_noprof+0x189/0x420 [ 12.903906] kmalloc_double_kzfree+0xa9/0x350 [ 12.904081] kunit_try_run_case+0x1a5/0x480 [ 12.904289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.904548] kthread+0x337/0x6f0 [ 12.904789] ret_from_fork+0x116/0x1d0 [ 12.904951] ret_from_fork_asm+0x1a/0x30 [ 12.905124] [ 12.905194] Freed by task 209: [ 12.905342] kasan_save_stack+0x45/0x70 [ 12.905538] kasan_save_track+0x18/0x40 [ 12.905682] kasan_save_free_info+0x3f/0x60 [ 12.905841] __kasan_slab_free+0x56/0x70 [ 12.906059] kfree+0x222/0x3f0 [ 12.906224] kfree_sensitive+0x67/0x90 [ 12.906412] kmalloc_double_kzfree+0x12b/0x350 [ 12.906663] kunit_try_run_case+0x1a5/0x480 [ 12.906819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.906995] kthread+0x337/0x6f0 [ 12.907113] ret_from_fork+0x116/0x1d0 [ 12.907244] ret_from_fork_asm+0x1a/0x30 [ 12.907425] [ 12.907518] The buggy address belongs to the object at ffff888102514900 [ 12.907518] which belongs to the cache kmalloc-16 of size 16 [ 12.908083] The buggy address is located 0 bytes inside of [ 12.908083] freed 16-byte region [ffff888102514900, ffff888102514910) [ 12.908598] [ 12.908698] The buggy address belongs to the physical page: [ 12.908882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 12.909123] flags: 0x200000000000000(node=0|zone=2) [ 12.909286] page_type: f5(slab) [ 12.909707] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.910070] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.910418] page dumped because: kasan: bad access detected [ 12.910679] [ 12.910854] Memory state around the buggy address: [ 12.911077] ffff888102514800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 12.911498] ffff888102514880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.911730] >ffff888102514900: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.912003] ^ [ 12.912164] ffff888102514980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.912478] ffff888102514a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.912871] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.844161] ================================================================== [ 12.845488] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.846375] Read of size 1 at addr ffff8881032c88a8 by task kunit_try_catch/205 [ 12.847052] [ 12.847232] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.847278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.847289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.847310] Call Trace: [ 12.847322] <TASK> [ 12.847339] dump_stack_lvl+0x73/0xb0 [ 12.847369] print_report+0xd1/0x610 [ 12.847391] ? __virt_addr_valid+0x1db/0x2d0 [ 12.847416] ? kmalloc_uaf2+0x4a8/0x520 [ 12.847482] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.847509] ? kmalloc_uaf2+0x4a8/0x520 [ 12.847530] kasan_report+0x141/0x180 [ 12.847553] ? kmalloc_uaf2+0x4a8/0x520 [ 12.847578] __asan_report_load1_noabort+0x18/0x20 [ 12.847603] kmalloc_uaf2+0x4a8/0x520 [ 12.847623] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.847643] ? finish_task_switch.isra.0+0x153/0x700 [ 12.847667] ? __switch_to+0x47/0xf50 [ 12.847693] ? __schedule+0x10cc/0x2b60 [ 12.847716] ? __pfx_read_tsc+0x10/0x10 [ 12.847737] ? ktime_get_ts64+0x86/0x230 [ 12.847775] kunit_try_run_case+0x1a5/0x480 [ 12.847800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.847823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.847848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.847872] ? __kthread_parkme+0x82/0x180 [ 12.847893] ? preempt_count_sub+0x50/0x80 [ 12.847917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.847941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.847966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.847991] kthread+0x337/0x6f0 [ 12.848011] ? trace_preempt_on+0x20/0xc0 [ 12.848035] ? __pfx_kthread+0x10/0x10 [ 12.848056] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.848079] ? calculate_sigpending+0x7b/0xa0 [ 12.848104] ? __pfx_kthread+0x10/0x10 [ 12.848125] ret_from_fork+0x116/0x1d0 [ 12.848144] ? __pfx_kthread+0x10/0x10 [ 12.848164] ret_from_fork_asm+0x1a/0x30 [ 12.848195] </TASK> [ 12.848205] [ 12.862504] Allocated by task 205: [ 12.862740] kasan_save_stack+0x45/0x70 [ 12.862897] kasan_save_track+0x18/0x40 [ 12.863033] kasan_save_alloc_info+0x3b/0x50 [ 12.863182] __kasan_kmalloc+0xb7/0xc0 [ 12.863314] __kmalloc_cache_noprof+0x189/0x420 [ 12.863784] kmalloc_uaf2+0xc6/0x520 [ 12.864166] kunit_try_run_case+0x1a5/0x480 [ 12.864636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.865205] kthread+0x337/0x6f0 [ 12.865558] ret_from_fork+0x116/0x1d0 [ 12.866076] ret_from_fork_asm+0x1a/0x30 [ 12.866524] [ 12.866784] Freed by task 205: [ 12.867066] kasan_save_stack+0x45/0x70 [ 12.867430] kasan_save_track+0x18/0x40 [ 12.867665] kasan_save_free_info+0x3f/0x60 [ 12.868069] __kasan_slab_free+0x56/0x70 [ 12.868308] kfree+0x222/0x3f0 [ 12.868648] kmalloc_uaf2+0x14c/0x520 [ 12.868902] kunit_try_run_case+0x1a5/0x480 [ 12.869050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.869226] kthread+0x337/0x6f0 [ 12.869390] ret_from_fork+0x116/0x1d0 [ 12.869738] ret_from_fork_asm+0x1a/0x30 [ 12.870157] [ 12.870510] The buggy address belongs to the object at ffff8881032c8880 [ 12.870510] which belongs to the cache kmalloc-64 of size 64 [ 12.871569] The buggy address is located 40 bytes inside of [ 12.871569] freed 64-byte region [ffff8881032c8880, ffff8881032c88c0) [ 12.872645] [ 12.872831] The buggy address belongs to the physical page: [ 12.873050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032c8 [ 12.873291] flags: 0x200000000000000(node=0|zone=2) [ 12.873528] page_type: f5(slab) [ 12.873831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.874580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.875219] page dumped because: kasan: bad access detected [ 12.875733] [ 12.876055] Memory state around the buggy address: [ 12.876560] ffff8881032c8780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.877061] ffff8881032c8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.877281] >ffff8881032c8880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.877705] ^ [ 12.878109] ffff8881032c8900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.878774] ffff8881032c8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.879476] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.809989] ================================================================== [ 12.810439] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.810746] Write of size 33 at addr ffff8881032c8780 by task kunit_try_catch/203 [ 12.811087] [ 12.811185] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.811229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.811240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.811261] Call Trace: [ 12.811272] <TASK> [ 12.811288] dump_stack_lvl+0x73/0xb0 [ 12.811317] print_report+0xd1/0x610 [ 12.811338] ? __virt_addr_valid+0x1db/0x2d0 [ 12.811359] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.811379] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.811400] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.811421] kasan_report+0x141/0x180 [ 12.811441] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.811466] kasan_check_range+0x10c/0x1c0 [ 12.811488] __asan_memset+0x27/0x50 [ 12.811946] kmalloc_uaf_memset+0x1a3/0x360 [ 12.811979] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.812003] ? __schedule+0x10cc/0x2b60 [ 12.812026] ? __pfx_read_tsc+0x10/0x10 [ 12.812047] ? ktime_get_ts64+0x86/0x230 [ 12.812072] kunit_try_run_case+0x1a5/0x480 [ 12.812097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.812144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.812168] ? __kthread_parkme+0x82/0x180 [ 12.812188] ? preempt_count_sub+0x50/0x80 [ 12.812212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.812261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.812286] kthread+0x337/0x6f0 [ 12.812305] ? trace_preempt_on+0x20/0xc0 [ 12.812397] ? __pfx_kthread+0x10/0x10 [ 12.812420] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.812454] ? calculate_sigpending+0x7b/0xa0 [ 12.812478] ? __pfx_kthread+0x10/0x10 [ 12.812500] ret_from_fork+0x116/0x1d0 [ 12.812518] ? __pfx_kthread+0x10/0x10 [ 12.812538] ret_from_fork_asm+0x1a/0x30 [ 12.812569] </TASK> [ 12.812581] [ 12.824146] Allocated by task 203: [ 12.824630] kasan_save_stack+0x45/0x70 [ 12.825009] kasan_save_track+0x18/0x40 [ 12.825153] kasan_save_alloc_info+0x3b/0x50 [ 12.825303] __kasan_kmalloc+0xb7/0xc0 [ 12.825904] __kmalloc_cache_noprof+0x189/0x420 [ 12.826378] kmalloc_uaf_memset+0xa9/0x360 [ 12.826803] kunit_try_run_case+0x1a5/0x480 [ 12.827177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.827521] kthread+0x337/0x6f0 [ 12.827836] ret_from_fork+0x116/0x1d0 [ 12.828129] ret_from_fork_asm+0x1a/0x30 [ 12.828270] [ 12.828459] Freed by task 203: [ 12.828764] kasan_save_stack+0x45/0x70 [ 12.829119] kasan_save_track+0x18/0x40 [ 12.829521] kasan_save_free_info+0x3f/0x60 [ 12.829677] __kasan_slab_free+0x56/0x70 [ 12.829943] kfree+0x222/0x3f0 [ 12.830236] kmalloc_uaf_memset+0x12b/0x360 [ 12.830917] kunit_try_run_case+0x1a5/0x480 [ 12.831294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.831675] kthread+0x337/0x6f0 [ 12.831810] ret_from_fork+0x116/0x1d0 [ 12.831943] ret_from_fork_asm+0x1a/0x30 [ 12.832082] [ 12.832153] The buggy address belongs to the object at ffff8881032c8780 [ 12.832153] which belongs to the cache kmalloc-64 of size 64 [ 12.832996] The buggy address is located 0 bytes inside of [ 12.832996] freed 64-byte region [ffff8881032c8780, ffff8881032c87c0) [ 12.834082] [ 12.834243] The buggy address belongs to the physical page: [ 12.834805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032c8 [ 12.835671] flags: 0x200000000000000(node=0|zone=2) [ 12.836023] page_type: f5(slab) [ 12.836148] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.836592] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.837240] page dumped because: kasan: bad access detected [ 12.837812] [ 12.837983] Memory state around the buggy address: [ 12.838200] ffff8881032c8680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.838431] ffff8881032c8700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.838647] >ffff8881032c8780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.838869] ^ [ 12.838986] ffff8881032c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839199] ffff8881032c8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.770803] ================================================================== [ 12.771208] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.771812] Read of size 1 at addr ffff8881025148e8 by task kunit_try_catch/201 [ 12.772438] [ 12.772705] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.772751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.772775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.772795] Call Trace: [ 12.772806] <TASK> [ 12.772821] dump_stack_lvl+0x73/0xb0 [ 12.772852] print_report+0xd1/0x610 [ 12.772874] ? __virt_addr_valid+0x1db/0x2d0 [ 12.772898] ? kmalloc_uaf+0x320/0x380 [ 12.772918] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.772941] ? kmalloc_uaf+0x320/0x380 [ 12.772961] kasan_report+0x141/0x180 [ 12.772982] ? kmalloc_uaf+0x320/0x380 [ 12.773007] __asan_report_load1_noabort+0x18/0x20 [ 12.773031] kmalloc_uaf+0x320/0x380 [ 12.773051] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.773072] ? __schedule+0x10cc/0x2b60 [ 12.773093] ? __pfx_read_tsc+0x10/0x10 [ 12.773113] ? ktime_get_ts64+0x86/0x230 [ 12.773137] kunit_try_run_case+0x1a5/0x480 [ 12.773162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.773185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.773209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.773232] ? __kthread_parkme+0x82/0x180 [ 12.773253] ? preempt_count_sub+0x50/0x80 [ 12.773277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.773301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.773379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.773408] kthread+0x337/0x6f0 [ 12.773427] ? trace_preempt_on+0x20/0xc0 [ 12.773463] ? __pfx_kthread+0x10/0x10 [ 12.773483] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.773505] ? calculate_sigpending+0x7b/0xa0 [ 12.773529] ? __pfx_kthread+0x10/0x10 [ 12.773550] ret_from_fork+0x116/0x1d0 [ 12.773568] ? __pfx_kthread+0x10/0x10 [ 12.773588] ret_from_fork_asm+0x1a/0x30 [ 12.773618] </TASK> [ 12.773628] [ 12.786151] Allocated by task 201: [ 12.786285] kasan_save_stack+0x45/0x70 [ 12.787113] kasan_save_track+0x18/0x40 [ 12.787617] kasan_save_alloc_info+0x3b/0x50 [ 12.787859] __kasan_kmalloc+0xb7/0xc0 [ 12.787996] __kmalloc_cache_noprof+0x189/0x420 [ 12.788155] kmalloc_uaf+0xaa/0x380 [ 12.788282] kunit_try_run_case+0x1a5/0x480 [ 12.788609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.789413] kthread+0x337/0x6f0 [ 12.789902] ret_from_fork+0x116/0x1d0 [ 12.790472] ret_from_fork_asm+0x1a/0x30 [ 12.791010] [ 12.791171] Freed by task 201: [ 12.791667] kasan_save_stack+0x45/0x70 [ 12.792136] kasan_save_track+0x18/0x40 [ 12.792666] kasan_save_free_info+0x3f/0x60 [ 12.793053] __kasan_slab_free+0x56/0x70 [ 12.793198] kfree+0x222/0x3f0 [ 12.793318] kmalloc_uaf+0x12c/0x380 [ 12.793949] kunit_try_run_case+0x1a5/0x480 [ 12.794335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.795116] kthread+0x337/0x6f0 [ 12.795555] ret_from_fork+0x116/0x1d0 [ 12.795963] ret_from_fork_asm+0x1a/0x30 [ 12.796150] [ 12.796223] The buggy address belongs to the object at ffff8881025148e0 [ 12.796223] which belongs to the cache kmalloc-16 of size 16 [ 12.797546] The buggy address is located 8 bytes inside of [ 12.797546] freed 16-byte region [ffff8881025148e0, ffff8881025148f0) [ 12.798234] [ 12.798314] The buggy address belongs to the physical page: [ 12.799110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 12.799950] flags: 0x200000000000000(node=0|zone=2) [ 12.800343] page_type: f5(slab) [ 12.800852] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.801144] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.801615] page dumped because: kasan: bad access detected [ 12.802183] [ 12.802452] Memory state around the buggy address: [ 12.803032] ffff888102514780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.803598] ffff888102514800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 12.803957] >ffff888102514880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.804719] ^ [ 12.805355] ffff888102514900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.805861] ffff888102514980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.806079] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.737933] ================================================================== [ 12.738433] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.738875] Read of size 64 at addr ffff8881032c8604 by task kunit_try_catch/199 [ 12.739210] [ 12.739313] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.739357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.739367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.739387] Call Trace: [ 12.739398] <TASK> [ 12.739413] dump_stack_lvl+0x73/0xb0 [ 12.739492] print_report+0xd1/0x610 [ 12.739516] ? __virt_addr_valid+0x1db/0x2d0 [ 12.739540] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.739565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.739588] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.739614] kasan_report+0x141/0x180 [ 12.739635] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.739665] kasan_check_range+0x10c/0x1c0 [ 12.739689] __asan_memmove+0x27/0x70 [ 12.739709] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.739734] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.739773] ? __schedule+0x10cc/0x2b60 [ 12.739796] ? __pfx_read_tsc+0x10/0x10 [ 12.739817] ? ktime_get_ts64+0x86/0x230 [ 12.739843] kunit_try_run_case+0x1a5/0x480 [ 12.739868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.739891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.739916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.739941] ? __kthread_parkme+0x82/0x180 [ 12.739962] ? preempt_count_sub+0x50/0x80 [ 12.739986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.740010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.740035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.740060] kthread+0x337/0x6f0 [ 12.740079] ? trace_preempt_on+0x20/0xc0 [ 12.740102] ? __pfx_kthread+0x10/0x10 [ 12.740122] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.740144] ? calculate_sigpending+0x7b/0xa0 [ 12.740168] ? __pfx_kthread+0x10/0x10 [ 12.740191] ret_from_fork+0x116/0x1d0 [ 12.740211] ? __pfx_kthread+0x10/0x10 [ 12.740233] ret_from_fork_asm+0x1a/0x30 [ 12.740264] </TASK> [ 12.740274] [ 12.753100] Allocated by task 199: [ 12.753242] kasan_save_stack+0x45/0x70 [ 12.753576] kasan_save_track+0x18/0x40 [ 12.753949] kasan_save_alloc_info+0x3b/0x50 [ 12.754386] __kasan_kmalloc+0xb7/0xc0 [ 12.754825] __kmalloc_cache_noprof+0x189/0x420 [ 12.755224] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.755850] kunit_try_run_case+0x1a5/0x480 [ 12.756301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.756908] kthread+0x337/0x6f0 [ 12.757214] ret_from_fork+0x116/0x1d0 [ 12.757579] ret_from_fork_asm+0x1a/0x30 [ 12.758017] [ 12.758342] The buggy address belongs to the object at ffff8881032c8600 [ 12.758342] which belongs to the cache kmalloc-64 of size 64 [ 12.759290] The buggy address is located 4 bytes inside of [ 12.759290] allocated 64-byte region [ffff8881032c8600, ffff8881032c8640) [ 12.760109] [ 12.760282] The buggy address belongs to the physical page: [ 12.760848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032c8 [ 12.761518] flags: 0x200000000000000(node=0|zone=2) [ 12.761687] page_type: f5(slab) [ 12.761823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.762057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.762289] page dumped because: kasan: bad access detected [ 12.762969] [ 12.763130] Memory state around the buggy address: [ 12.763678] ffff8881032c8500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.764335] ffff8881032c8580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.764654] >ffff8881032c8600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.764882] ^ [ 12.765654] ffff8881032c8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.766402] ffff8881032c8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.767415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.712206] ================================================================== [ 12.712624] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.712925] Read of size 18446744073709551614 at addr ffff8881032ecb04 by task kunit_try_catch/197 [ 12.713440] [ 12.713564] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.713845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.713866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.714062] Call Trace: [ 12.714076] <TASK> [ 12.714091] dump_stack_lvl+0x73/0xb0 [ 12.714123] print_report+0xd1/0x610 [ 12.714145] ? __virt_addr_valid+0x1db/0x2d0 [ 12.714167] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.714192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.714215] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.714264] kasan_report+0x141/0x180 [ 12.714286] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.714316] kasan_check_range+0x10c/0x1c0 [ 12.714413] __asan_memmove+0x27/0x70 [ 12.714434] kmalloc_memmove_negative_size+0x171/0x330 [ 12.714460] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.714487] ? __schedule+0x10cc/0x2b60 [ 12.714508] ? __pfx_read_tsc+0x10/0x10 [ 12.714530] ? ktime_get_ts64+0x86/0x230 [ 12.714554] kunit_try_run_case+0x1a5/0x480 [ 12.714578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.714601] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.714625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.714648] ? __kthread_parkme+0x82/0x180 [ 12.714668] ? preempt_count_sub+0x50/0x80 [ 12.714692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.714716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.714740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.714778] kthread+0x337/0x6f0 [ 12.714797] ? trace_preempt_on+0x20/0xc0 [ 12.714820] ? __pfx_kthread+0x10/0x10 [ 12.714840] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.714861] ? calculate_sigpending+0x7b/0xa0 [ 12.714885] ? __pfx_kthread+0x10/0x10 [ 12.714906] ret_from_fork+0x116/0x1d0 [ 12.714924] ? __pfx_kthread+0x10/0x10 [ 12.714944] ret_from_fork_asm+0x1a/0x30 [ 12.714974] </TASK> [ 12.714983] [ 12.722787] Allocated by task 197: [ 12.722971] kasan_save_stack+0x45/0x70 [ 12.723229] kasan_save_track+0x18/0x40 [ 12.723537] kasan_save_alloc_info+0x3b/0x50 [ 12.723691] __kasan_kmalloc+0xb7/0xc0 [ 12.723871] __kmalloc_cache_noprof+0x189/0x420 [ 12.724095] kmalloc_memmove_negative_size+0xac/0x330 [ 12.724331] kunit_try_run_case+0x1a5/0x480 [ 12.724661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.724880] kthread+0x337/0x6f0 [ 12.725051] ret_from_fork+0x116/0x1d0 [ 12.725242] ret_from_fork_asm+0x1a/0x30 [ 12.725564] [ 12.725638] The buggy address belongs to the object at ffff8881032ecb00 [ 12.725638] which belongs to the cache kmalloc-64 of size 64 [ 12.726208] The buggy address is located 4 bytes inside of [ 12.726208] 64-byte region [ffff8881032ecb00, ffff8881032ecb40) [ 12.726816] [ 12.726919] The buggy address belongs to the physical page: [ 12.727144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032ec [ 12.727411] flags: 0x200000000000000(node=0|zone=2) [ 12.727574] page_type: f5(slab) [ 12.727694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.728023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.728361] page dumped because: kasan: bad access detected [ 12.728610] [ 12.728697] Memory state around the buggy address: [ 12.728930] ffff8881032eca00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.729145] ffff8881032eca80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.729358] >ffff8881032ecb00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.729922] ^ [ 12.730088] ffff8881032ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.730422] ffff8881032ecc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.730999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.683916] ================================================================== [ 12.684375] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.684748] Write of size 16 at addr ffff888102afc369 by task kunit_try_catch/195 [ 12.685078] [ 12.685173] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.685218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.685229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.685250] Call Trace: [ 12.685261] <TASK> [ 12.685276] dump_stack_lvl+0x73/0xb0 [ 12.685305] print_report+0xd1/0x610 [ 12.685326] ? __virt_addr_valid+0x1db/0x2d0 [ 12.685350] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.685372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.685395] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.685419] kasan_report+0x141/0x180 [ 12.685441] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.685736] kasan_check_range+0x10c/0x1c0 [ 12.685780] __asan_memset+0x27/0x50 [ 12.685800] kmalloc_oob_memset_16+0x166/0x330 [ 12.685823] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.685847] ? __schedule+0x10cc/0x2b60 [ 12.685869] ? __pfx_read_tsc+0x10/0x10 [ 12.685890] ? ktime_get_ts64+0x86/0x230 [ 12.685916] kunit_try_run_case+0x1a5/0x480 [ 12.685941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.686013] ? __kthread_parkme+0x82/0x180 [ 12.686033] ? preempt_count_sub+0x50/0x80 [ 12.686057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.686106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686131] kthread+0x337/0x6f0 [ 12.686150] ? trace_preempt_on+0x20/0xc0 [ 12.686173] ? __pfx_kthread+0x10/0x10 [ 12.686194] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686215] ? calculate_sigpending+0x7b/0xa0 [ 12.686240] ? __pfx_kthread+0x10/0x10 [ 12.686261] ret_from_fork+0x116/0x1d0 [ 12.686279] ? __pfx_kthread+0x10/0x10 [ 12.686300] ret_from_fork_asm+0x1a/0x30 [ 12.686437] </TASK> [ 12.686452] [ 12.693645] Allocated by task 195: [ 12.693834] kasan_save_stack+0x45/0x70 [ 12.694337] kasan_save_track+0x18/0x40 [ 12.694639] kasan_save_alloc_info+0x3b/0x50 [ 12.694906] __kasan_kmalloc+0xb7/0xc0 [ 12.695048] __kmalloc_cache_noprof+0x189/0x420 [ 12.695270] kmalloc_oob_memset_16+0xac/0x330 [ 12.695726] kunit_try_run_case+0x1a5/0x480 [ 12.695955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.696198] kthread+0x337/0x6f0 [ 12.696355] ret_from_fork+0x116/0x1d0 [ 12.696640] ret_from_fork_asm+0x1a/0x30 [ 12.696826] [ 12.696945] The buggy address belongs to the object at ffff888102afc300 [ 12.696945] which belongs to the cache kmalloc-128 of size 128 [ 12.699639] The buggy address is located 105 bytes inside of [ 12.699639] allocated 120-byte region [ffff888102afc300, ffff888102afc378) [ 12.700700] [ 12.700793] The buggy address belongs to the physical page: [ 12.700970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 12.701213] flags: 0x200000000000000(node=0|zone=2) [ 12.701385] page_type: f5(slab) [ 12.701506] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.701736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.704304] page dumped because: kasan: bad access detected [ 12.705410] [ 12.705673] Memory state around the buggy address: [ 12.705934] ffff888102afc200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.706228] ffff888102afc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707475] >ffff888102afc300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.707800] ^ [ 12.708169] ffff888102afc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.708710] ffff888102afc400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.709166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.646511] ================================================================== [ 12.647096] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.647343] Write of size 8 at addr ffff888102afc271 by task kunit_try_catch/193 [ 12.647580] [ 12.647665] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.647707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647739] Call Trace: [ 12.647750] <TASK> [ 12.647775] dump_stack_lvl+0x73/0xb0 [ 12.647805] print_report+0xd1/0x610 [ 12.647830] ? __virt_addr_valid+0x1db/0x2d0 [ 12.647854] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.647876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.647901] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.647923] kasan_report+0x141/0x180 [ 12.647945] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.647972] kasan_check_range+0x10c/0x1c0 [ 12.647995] __asan_memset+0x27/0x50 [ 12.648015] kmalloc_oob_memset_8+0x166/0x330 [ 12.648572] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.648606] ? __schedule+0x10cc/0x2b60 [ 12.648630] ? __pfx_read_tsc+0x10/0x10 [ 12.648651] ? ktime_get_ts64+0x86/0x230 [ 12.648676] kunit_try_run_case+0x1a5/0x480 [ 12.648702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.648749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.648784] ? __kthread_parkme+0x82/0x180 [ 12.648804] ? preempt_count_sub+0x50/0x80 [ 12.648828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648902] kthread+0x337/0x6f0 [ 12.648921] ? trace_preempt_on+0x20/0xc0 [ 12.648945] ? __pfx_kthread+0x10/0x10 [ 12.648965] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648987] ? calculate_sigpending+0x7b/0xa0 [ 12.649011] ? __pfx_kthread+0x10/0x10 [ 12.649032] ret_from_fork+0x116/0x1d0 [ 12.649051] ? __pfx_kthread+0x10/0x10 [ 12.649071] ret_from_fork_asm+0x1a/0x30 [ 12.649102] </TASK> [ 12.649112] [ 12.665546] Allocated by task 193: [ 12.665950] kasan_save_stack+0x45/0x70 [ 12.666359] kasan_save_track+0x18/0x40 [ 12.666967] kasan_save_alloc_info+0x3b/0x50 [ 12.667443] __kasan_kmalloc+0xb7/0xc0 [ 12.667582] __kmalloc_cache_noprof+0x189/0x420 [ 12.668231] kmalloc_oob_memset_8+0xac/0x330 [ 12.668765] kunit_try_run_case+0x1a5/0x480 [ 12.669221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.669452] kthread+0x337/0x6f0 [ 12.669599] ret_from_fork+0x116/0x1d0 [ 12.670015] ret_from_fork_asm+0x1a/0x30 [ 12.670458] [ 12.670663] The buggy address belongs to the object at ffff888102afc200 [ 12.670663] which belongs to the cache kmalloc-128 of size 128 [ 12.671176] The buggy address is located 113 bytes inside of [ 12.671176] allocated 120-byte region [ffff888102afc200, ffff888102afc278) [ 12.672274] [ 12.672582] The buggy address belongs to the physical page: [ 12.673281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102afc [ 12.674236] flags: 0x200000000000000(node=0|zone=2) [ 12.674968] page_type: f5(slab) [ 12.675448] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.676031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.676580] page dumped because: kasan: bad access detected [ 12.677086] [ 12.677164] Memory state around the buggy address: [ 12.677338] ffff888102afc100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.677556] ffff888102afc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.677803] >ffff888102afc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.678401] ^ [ 12.679106] ffff888102afc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.680029] ffff888102afc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.680839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.615786] ================================================================== [ 12.616854] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.617190] Write of size 4 at addr ffff8881032bb975 by task kunit_try_catch/191 [ 12.617928] [ 12.618319] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.618438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.618450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.618479] Call Trace: [ 12.618490] <TASK> [ 12.618504] dump_stack_lvl+0x73/0xb0 [ 12.618536] print_report+0xd1/0x610 [ 12.618559] ? __virt_addr_valid+0x1db/0x2d0 [ 12.618582] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.618604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.618627] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.618649] kasan_report+0x141/0x180 [ 12.618671] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.618698] kasan_check_range+0x10c/0x1c0 [ 12.618721] __asan_memset+0x27/0x50 [ 12.618740] kmalloc_oob_memset_4+0x166/0x330 [ 12.618772] ? __kasan_check_write+0x18/0x20 [ 12.618792] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.618815] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.618840] ? trace_hardirqs_on+0x37/0xe0 [ 12.618864] ? __pfx_read_tsc+0x10/0x10 [ 12.618884] ? ktime_get_ts64+0x86/0x230 [ 12.618908] kunit_try_run_case+0x1a5/0x480 [ 12.618932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.618957] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.618982] ? __kthread_parkme+0x82/0x180 [ 12.619003] ? preempt_count_sub+0x50/0x80 [ 12.619026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.619051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.619075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.619101] kthread+0x337/0x6f0 [ 12.619119] ? trace_preempt_on+0x20/0xc0 [ 12.619141] ? __pfx_kthread+0x10/0x10 [ 12.619162] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.619183] ? calculate_sigpending+0x7b/0xa0 [ 12.619207] ? __pfx_kthread+0x10/0x10 [ 12.619228] ret_from_fork+0x116/0x1d0 [ 12.619246] ? __pfx_kthread+0x10/0x10 [ 12.619266] ret_from_fork_asm+0x1a/0x30 [ 12.619296] </TASK> [ 12.619306] [ 12.631079] Allocated by task 191: [ 12.631305] kasan_save_stack+0x45/0x70 [ 12.631611] kasan_save_track+0x18/0x40 [ 12.631966] kasan_save_alloc_info+0x3b/0x50 [ 12.632347] __kasan_kmalloc+0xb7/0xc0 [ 12.632668] __kmalloc_cache_noprof+0x189/0x420 [ 12.632887] kmalloc_oob_memset_4+0xac/0x330 [ 12.633084] kunit_try_run_case+0x1a5/0x480 [ 12.633278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.633880] kthread+0x337/0x6f0 [ 12.634117] ret_from_fork+0x116/0x1d0 [ 12.634424] ret_from_fork_asm+0x1a/0x30 [ 12.634833] [ 12.634933] The buggy address belongs to the object at ffff8881032bb900 [ 12.634933] which belongs to the cache kmalloc-128 of size 128 [ 12.635949] The buggy address is located 117 bytes inside of [ 12.635949] allocated 120-byte region [ffff8881032bb900, ffff8881032bb978) [ 12.637004] [ 12.637116] The buggy address belongs to the physical page: [ 12.637729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 12.638082] flags: 0x200000000000000(node=0|zone=2) [ 12.638301] page_type: f5(slab) [ 12.638719] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.639220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.639811] page dumped because: kasan: bad access detected [ 12.640156] [ 12.640260] Memory state around the buggy address: [ 12.640649] ffff8881032bb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.640985] ffff8881032bb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.641275] >ffff8881032bb900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.641910] ^ [ 12.642490] ffff8881032bb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.642983] ffff8881032bba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.643504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.581934] ================================================================== [ 12.582313] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.583510] Write of size 2 at addr ffff8881032bb877 by task kunit_try_catch/189 [ 12.584656] [ 12.584903] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.584951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.584962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.584984] Call Trace: [ 12.584995] <TASK> [ 12.585012] dump_stack_lvl+0x73/0xb0 [ 12.585046] print_report+0xd1/0x610 [ 12.585068] ? __virt_addr_valid+0x1db/0x2d0 [ 12.585092] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.585114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.585138] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.585160] kasan_report+0x141/0x180 [ 12.585182] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.585209] kasan_check_range+0x10c/0x1c0 [ 12.585232] __asan_memset+0x27/0x50 [ 12.585251] kmalloc_oob_memset_2+0x166/0x330 [ 12.585273] ? __kasan_check_write+0x18/0x20 [ 12.585293] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.585315] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.585341] ? trace_hardirqs_on+0x37/0xe0 [ 12.585365] ? __pfx_read_tsc+0x10/0x10 [ 12.585386] ? ktime_get_ts64+0x86/0x230 [ 12.585411] kunit_try_run_case+0x1a5/0x480 [ 12.585640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.585690] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.585719] ? __kthread_parkme+0x82/0x180 [ 12.585743] ? preempt_count_sub+0x50/0x80 [ 12.585777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.585801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.585827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.585854] kthread+0x337/0x6f0 [ 12.585874] ? trace_preempt_on+0x20/0xc0 [ 12.585896] ? __pfx_kthread+0x10/0x10 [ 12.585917] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.585939] ? calculate_sigpending+0x7b/0xa0 [ 12.585964] ? __pfx_kthread+0x10/0x10 [ 12.585986] ret_from_fork+0x116/0x1d0 [ 12.586005] ? __pfx_kthread+0x10/0x10 [ 12.586026] ret_from_fork_asm+0x1a/0x30 [ 12.586057] </TASK> [ 12.586068] [ 12.597417] Allocated by task 189: [ 12.598007] kasan_save_stack+0x45/0x70 [ 12.598436] kasan_save_track+0x18/0x40 [ 12.598714] kasan_save_alloc_info+0x3b/0x50 [ 12.599141] __kasan_kmalloc+0xb7/0xc0 [ 12.599622] __kmalloc_cache_noprof+0x189/0x420 [ 12.599866] kmalloc_oob_memset_2+0xac/0x330 [ 12.600069] kunit_try_run_case+0x1a5/0x480 [ 12.600264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.600978] kthread+0x337/0x6f0 [ 12.601152] ret_from_fork+0x116/0x1d0 [ 12.601558] ret_from_fork_asm+0x1a/0x30 [ 12.601833] [ 12.602100] The buggy address belongs to the object at ffff8881032bb800 [ 12.602100] which belongs to the cache kmalloc-128 of size 128 [ 12.602995] The buggy address is located 119 bytes inside of [ 12.602995] allocated 120-byte region [ffff8881032bb800, ffff8881032bb878) [ 12.603984] [ 12.604075] The buggy address belongs to the physical page: [ 12.604319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 12.604896] flags: 0x200000000000000(node=0|zone=2) [ 12.605120] page_type: f5(slab) [ 12.605281] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.606305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.607022] page dumped because: kasan: bad access detected [ 12.607269] [ 12.607617] Memory state around the buggy address: [ 12.607867] ffff8881032bb700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.608159] ffff8881032bb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.608889] >ffff8881032bb800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.609390] ^ [ 12.610049] ffff8881032bb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610741] ffff8881032bb900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.094660] ================================================================== [ 12.095177] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.095701] Free of addr ffff8881029bc001 by task kunit_try_catch/167 [ 12.096038] [ 12.096133] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.096177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.096189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.096209] Call Trace: [ 12.096221] <TASK> [ 12.096236] dump_stack_lvl+0x73/0xb0 [ 12.096266] print_report+0xd1/0x610 [ 12.096288] ? __virt_addr_valid+0x1db/0x2d0 [ 12.096315] ? kasan_addr_to_slab+0x11/0xa0 [ 12.096477] ? kfree+0x274/0x3f0 [ 12.096504] kasan_report_invalid_free+0x10a/0x130 [ 12.096530] ? kfree+0x274/0x3f0 [ 12.096553] ? kfree+0x274/0x3f0 [ 12.096572] __kasan_kfree_large+0x86/0xd0 [ 12.096594] free_large_kmalloc+0x4b/0x110 [ 12.096618] kfree+0x274/0x3f0 [ 12.096643] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.096667] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.096692] ? __schedule+0x10cc/0x2b60 [ 12.096715] ? __pfx_read_tsc+0x10/0x10 [ 12.096737] ? ktime_get_ts64+0x86/0x230 [ 12.096775] kunit_try_run_case+0x1a5/0x480 [ 12.096802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.096825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.096849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.096873] ? __kthread_parkme+0x82/0x180 [ 12.096895] ? preempt_count_sub+0x50/0x80 [ 12.096920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.096944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.096969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.096995] kthread+0x337/0x6f0 [ 12.097014] ? trace_preempt_on+0x20/0xc0 [ 12.097038] ? __pfx_kthread+0x10/0x10 [ 12.097058] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.097080] ? calculate_sigpending+0x7b/0xa0 [ 12.097105] ? __pfx_kthread+0x10/0x10 [ 12.097126] ret_from_fork+0x116/0x1d0 [ 12.097145] ? __pfx_kthread+0x10/0x10 [ 12.097166] ret_from_fork_asm+0x1a/0x30 [ 12.097197] </TASK> [ 12.097207] [ 12.104734] The buggy address belongs to the physical page: [ 12.104928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 12.105228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.105559] flags: 0x200000000000040(head|node=0|zone=2) [ 12.105878] page_type: f8(unknown) [ 12.106148] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.106620] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.106913] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.107259] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.107885] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 12.108185] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.108641] page dumped because: kasan: bad access detected [ 12.108875] [ 12.108959] Memory state around the buggy address: [ 12.109113] ffff8881029bbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.109329] ffff8881029bbf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.109844] >ffff8881029bc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.110159] ^ [ 12.110363] ffff8881029bc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.110790] ffff8881029bc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.111105] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.078520] ================================================================== [ 12.078987] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.079277] Read of size 1 at addr ffff8881026b8000 by task kunit_try_catch/165 [ 12.079746] [ 12.079863] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.079906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.079917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.079937] Call Trace: [ 12.079948] <TASK> [ 12.079962] dump_stack_lvl+0x73/0xb0 [ 12.079992] print_report+0xd1/0x610 [ 12.080014] ? __virt_addr_valid+0x1db/0x2d0 [ 12.080037] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.080058] ? kasan_addr_to_slab+0x11/0xa0 [ 12.080078] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.080100] kasan_report+0x141/0x180 [ 12.080122] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.080147] __asan_report_load1_noabort+0x18/0x20 [ 12.080172] kmalloc_large_uaf+0x2f1/0x340 [ 12.080193] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.080215] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.080242] ? trace_hardirqs_on+0x37/0xe0 [ 12.080265] ? __pfx_read_tsc+0x10/0x10 [ 12.080285] ? ktime_get_ts64+0x86/0x230 [ 12.080310] kunit_try_run_case+0x1a5/0x480 [ 12.080528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080557] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.080581] ? __kthread_parkme+0x82/0x180 [ 12.080601] ? preempt_count_sub+0x50/0x80 [ 12.080624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.080683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.080708] kthread+0x337/0x6f0 [ 12.080727] ? trace_preempt_on+0x20/0xc0 [ 12.080749] ? __pfx_kthread+0x10/0x10 [ 12.080787] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.080808] ? calculate_sigpending+0x7b/0xa0 [ 12.080832] ? __pfx_kthread+0x10/0x10 [ 12.080854] ret_from_fork+0x116/0x1d0 [ 12.080872] ? __pfx_kthread+0x10/0x10 [ 12.080893] ret_from_fork_asm+0x1a/0x30 [ 12.080923] </TASK> [ 12.080933] [ 12.088510] The buggy address belongs to the physical page: [ 12.088972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.089323] flags: 0x200000000000000(node=0|zone=2) [ 12.089642] raw: 0200000000000000 ffffea000409af08 ffff88815b139f80 0000000000000000 [ 12.089958] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.090291] page dumped because: kasan: bad access detected [ 12.090514] [ 12.090629] Memory state around the buggy address: [ 12.090830] ffff8881026b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091052] ffff8881026b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091377] >ffff8881026b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.091974] ^ [ 12.092125] ffff8881026b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.092365] ffff8881026b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.092577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.057672] ================================================================== [ 12.058171] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.058552] Write of size 1 at addr ffff8881026ba00a by task kunit_try_catch/163 [ 12.058868] [ 12.058979] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.059021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.059032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.059052] Call Trace: [ 12.059063] <TASK> [ 12.059076] dump_stack_lvl+0x73/0xb0 [ 12.059106] print_report+0xd1/0x610 [ 12.059129] ? __virt_addr_valid+0x1db/0x2d0 [ 12.059151] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.059173] ? kasan_addr_to_slab+0x11/0xa0 [ 12.059194] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.059217] kasan_report+0x141/0x180 [ 12.059239] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.059266] __asan_report_store1_noabort+0x1b/0x30 [ 12.059292] kmalloc_large_oob_right+0x2e9/0x330 [ 12.059314] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.059384] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.059415] kunit_try_run_case+0x1a5/0x480 [ 12.059441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.059496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.059520] ? __kthread_parkme+0x82/0x180 [ 12.059540] ? preempt_count_sub+0x50/0x80 [ 12.059564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.059613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.059638] kthread+0x337/0x6f0 [ 12.059657] ? trace_preempt_on+0x20/0xc0 [ 12.059680] ? __pfx_kthread+0x10/0x10 [ 12.059700] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.059722] ? calculate_sigpending+0x7b/0xa0 [ 12.059746] ? __pfx_kthread+0x10/0x10 [ 12.059780] ret_from_fork+0x116/0x1d0 [ 12.059799] ? __pfx_kthread+0x10/0x10 [ 12.059819] ret_from_fork_asm+0x1a/0x30 [ 12.059849] </TASK> [ 12.059859] [ 12.066873] The buggy address belongs to the physical page: [ 12.067101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b8 [ 12.067341] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.067600] flags: 0x200000000000040(head|node=0|zone=2) [ 12.067875] page_type: f8(unknown) [ 12.068066] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.068400] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.068717] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.069154] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.069389] head: 0200000000000002 ffffea000409ae01 00000000ffffffff 00000000ffffffff [ 12.070125] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.070544] page dumped because: kasan: bad access detected [ 12.070719] [ 12.070801] Memory state around the buggy address: [ 12.070977] ffff8881026b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.071297] ffff8881026b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.071773] >ffff8881026ba000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.072015] ^ [ 12.072191] ffff8881026ba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.072581] ffff8881026ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.072890] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.033920] ================================================================== [ 12.034417] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.034651] Write of size 1 at addr ffff888103881f00 by task kunit_try_catch/161 [ 12.034902] [ 12.034986] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.035028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.035039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.035057] Call Trace: [ 12.035068] <TASK> [ 12.035082] dump_stack_lvl+0x73/0xb0 [ 12.035108] print_report+0xd1/0x610 [ 12.035128] ? __virt_addr_valid+0x1db/0x2d0 [ 12.035149] ? kmalloc_big_oob_right+0x316/0x370 [ 12.035170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.035191] ? kmalloc_big_oob_right+0x316/0x370 [ 12.035213] kasan_report+0x141/0x180 [ 12.035234] ? kmalloc_big_oob_right+0x316/0x370 [ 12.035259] __asan_report_store1_noabort+0x1b/0x30 [ 12.035283] kmalloc_big_oob_right+0x316/0x370 [ 12.035304] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.035326] ? __schedule+0x10cc/0x2b60 [ 12.035347] ? __pfx_read_tsc+0x10/0x10 [ 12.035366] ? ktime_get_ts64+0x86/0x230 [ 12.035388] kunit_try_run_case+0x1a5/0x480 [ 12.035411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.035433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.035454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.035477] ? __kthread_parkme+0x82/0x180 [ 12.035495] ? preempt_count_sub+0x50/0x80 [ 12.035518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.035540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.035563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.035585] kthread+0x337/0x6f0 [ 12.035603] ? trace_preempt_on+0x20/0xc0 [ 12.035625] ? __pfx_kthread+0x10/0x10 [ 12.035644] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.035664] ? calculate_sigpending+0x7b/0xa0 [ 12.035687] ? __pfx_kthread+0x10/0x10 [ 12.035707] ret_from_fork+0x116/0x1d0 [ 12.035724] ? __pfx_kthread+0x10/0x10 [ 12.035743] ret_from_fork_asm+0x1a/0x30 [ 12.035808] </TASK> [ 12.035817] [ 12.043066] Allocated by task 161: [ 12.043199] kasan_save_stack+0x45/0x70 [ 12.043344] kasan_save_track+0x18/0x40 [ 12.043522] kasan_save_alloc_info+0x3b/0x50 [ 12.043807] __kasan_kmalloc+0xb7/0xc0 [ 12.043994] __kmalloc_cache_noprof+0x189/0x420 [ 12.044218] kmalloc_big_oob_right+0xa9/0x370 [ 12.044481] kunit_try_run_case+0x1a5/0x480 [ 12.044697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.044963] kthread+0x337/0x6f0 [ 12.045131] ret_from_fork+0x116/0x1d0 [ 12.045285] ret_from_fork_asm+0x1a/0x30 [ 12.045628] [ 12.045702] The buggy address belongs to the object at ffff888103880000 [ 12.045702] which belongs to the cache kmalloc-8k of size 8192 [ 12.046081] The buggy address is located 0 bytes to the right of [ 12.046081] allocated 7936-byte region [ffff888103880000, ffff888103881f00) [ 12.046631] [ 12.046909] The buggy address belongs to the physical page: [ 12.047094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103880 [ 12.047590] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.047902] flags: 0x200000000000040(head|node=0|zone=2) [ 12.048134] page_type: f5(slab) [ 12.048260] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.048744] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.049116] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.049464] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.049699] head: 0200000000000003 ffffea00040e2001 00000000ffffffff 00000000ffffffff [ 12.049944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.050193] page dumped because: kasan: bad access detected [ 12.050622] [ 12.050723] Memory state around the buggy address: [ 12.050963] ffff888103881e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.051290] ffff888103881e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.051681] >ffff888103881f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.052025] ^ [ 12.052182] ffff888103881f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.052534] ffff888103882000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.052774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.997014] ================================================================== [ 11.997517] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.998004] Write of size 1 at addr ffff8881032bb678 by task kunit_try_catch/159 [ 11.998327] [ 11.998653] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.998701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.998712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.998732] Call Trace: [ 11.998742] <TASK> [ 11.998769] dump_stack_lvl+0x73/0xb0 [ 11.998801] print_report+0xd1/0x610 [ 11.998822] ? __virt_addr_valid+0x1db/0x2d0 [ 11.998844] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.998870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.998894] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.998919] kasan_report+0x141/0x180 [ 11.998941] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.998972] __asan_report_store1_noabort+0x1b/0x30 [ 11.998997] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.999022] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.999050] ? __schedule+0x10cc/0x2b60 [ 11.999073] ? __pfx_read_tsc+0x10/0x10 [ 11.999093] ? ktime_get_ts64+0x86/0x230 [ 11.999117] kunit_try_run_case+0x1a5/0x480 [ 11.999142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.999165] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.999188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.999212] ? __kthread_parkme+0x82/0x180 [ 11.999232] ? preempt_count_sub+0x50/0x80 [ 11.999256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.999281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.999305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.999389] kthread+0x337/0x6f0 [ 11.999410] ? trace_preempt_on+0x20/0xc0 [ 11.999433] ? __pfx_kthread+0x10/0x10 [ 11.999455] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.999477] ? calculate_sigpending+0x7b/0xa0 [ 11.999501] ? __pfx_kthread+0x10/0x10 [ 11.999522] ret_from_fork+0x116/0x1d0 [ 11.999541] ? __pfx_kthread+0x10/0x10 [ 11.999561] ret_from_fork_asm+0x1a/0x30 [ 11.999592] </TASK> [ 11.999602] [ 12.007172] Allocated by task 159: [ 12.007310] kasan_save_stack+0x45/0x70 [ 12.007492] kasan_save_track+0x18/0x40 [ 12.007679] kasan_save_alloc_info+0x3b/0x50 [ 12.007899] __kasan_kmalloc+0xb7/0xc0 [ 12.008105] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.008339] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.008737] kunit_try_run_case+0x1a5/0x480 [ 12.008926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.009139] kthread+0x337/0x6f0 [ 12.009309] ret_from_fork+0x116/0x1d0 [ 12.009643] ret_from_fork_asm+0x1a/0x30 [ 12.009843] [ 12.009915] The buggy address belongs to the object at ffff8881032bb600 [ 12.009915] which belongs to the cache kmalloc-128 of size 128 [ 12.010527] The buggy address is located 0 bytes to the right of [ 12.010527] allocated 120-byte region [ffff8881032bb600, ffff8881032bb678) [ 12.011033] [ 12.011119] The buggy address belongs to the physical page: [ 12.011528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 12.011881] flags: 0x200000000000000(node=0|zone=2) [ 12.012095] page_type: f5(slab) [ 12.012240] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.012684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.013091] page dumped because: kasan: bad access detected [ 12.013321] [ 12.013428] Memory state around the buggy address: [ 12.013775] ffff8881032bb500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.014047] ffff8881032bb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.014421] >ffff8881032bb600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.014706] ^ [ 12.014989] ffff8881032bb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.015274] ffff8881032bb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.015583] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.971499] ================================================================== [ 11.971972] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.972279] Read of size 1 at addr ffff888102857000 by task kunit_try_catch/157 [ 11.972638] [ 11.972766] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.972809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.972820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.972840] Call Trace: [ 11.972851] <TASK> [ 11.972864] dump_stack_lvl+0x73/0xb0 [ 11.972892] print_report+0xd1/0x610 [ 11.972914] ? __virt_addr_valid+0x1db/0x2d0 [ 11.972936] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.972959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.972983] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.973007] kasan_report+0x141/0x180 [ 11.973028] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.973057] __asan_report_load1_noabort+0x18/0x20 [ 11.973082] kmalloc_node_oob_right+0x369/0x3c0 [ 11.973106] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.973132] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.973158] ? trace_hardirqs_on+0x37/0xe0 [ 11.973182] ? __pfx_read_tsc+0x10/0x10 [ 11.973203] ? ktime_get_ts64+0x86/0x230 [ 11.973227] kunit_try_run_case+0x1a5/0x480 [ 11.973251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.973276] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.973300] ? __kthread_parkme+0x82/0x180 [ 11.973320] ? preempt_count_sub+0x50/0x80 [ 11.973344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.973368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.973393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.973418] kthread+0x337/0x6f0 [ 11.973437] ? trace_preempt_on+0x20/0xc0 [ 11.973590] ? __pfx_kthread+0x10/0x10 [ 11.973615] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.973637] ? calculate_sigpending+0x7b/0xa0 [ 11.973661] ? __pfx_kthread+0x10/0x10 [ 11.973683] ret_from_fork+0x116/0x1d0 [ 11.973702] ? __pfx_kthread+0x10/0x10 [ 11.973722] ret_from_fork_asm+0x1a/0x30 [ 11.973767] </TASK> [ 11.973778] [ 11.981095] Allocated by task 157: [ 11.981284] kasan_save_stack+0x45/0x70 [ 11.981575] kasan_save_track+0x18/0x40 [ 11.981742] kasan_save_alloc_info+0x3b/0x50 [ 11.981908] __kasan_kmalloc+0xb7/0xc0 [ 11.982079] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.982310] kmalloc_node_oob_right+0xab/0x3c0 [ 11.982532] kunit_try_run_case+0x1a5/0x480 [ 11.982805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.982980] kthread+0x337/0x6f0 [ 11.983101] ret_from_fork+0x116/0x1d0 [ 11.983450] ret_from_fork_asm+0x1a/0x30 [ 11.983662] [ 11.983766] The buggy address belongs to the object at ffff888102856000 [ 11.983766] which belongs to the cache kmalloc-4k of size 4096 [ 11.984274] The buggy address is located 0 bytes to the right of [ 11.984274] allocated 4096-byte region [ffff888102856000, ffff888102857000) [ 11.984642] [ 11.984802] The buggy address belongs to the physical page: [ 11.985535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 11.986078] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.986518] flags: 0x200000000000040(head|node=0|zone=2) [ 11.986804] page_type: f5(slab) [ 11.986935] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.987280] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.987801] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.988040] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.988384] head: 0200000000000003 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 11.988742] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.989122] page dumped because: kasan: bad access detected [ 11.989563] [ 11.989677] Memory state around the buggy address: [ 11.989850] ffff888102856f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.990118] ffff888102856f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.990542] >ffff888102857000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.990914] ^ [ 11.991037] ffff888102857080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.991325] ffff888102857100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.991752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.934864] ================================================================== [ 11.935967] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.936203] Read of size 1 at addr ffff88810251487f by task kunit_try_catch/155 [ 11.936432] [ 11.936526] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.936572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.936583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.936604] Call Trace: [ 11.936616] <TASK> [ 11.936633] dump_stack_lvl+0x73/0xb0 [ 11.936663] print_report+0xd1/0x610 [ 11.936684] ? __virt_addr_valid+0x1db/0x2d0 [ 11.936709] ? kmalloc_oob_left+0x361/0x3c0 [ 11.936729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.936752] ? kmalloc_oob_left+0x361/0x3c0 [ 11.936809] kasan_report+0x141/0x180 [ 11.936837] ? kmalloc_oob_left+0x361/0x3c0 [ 11.936863] __asan_report_load1_noabort+0x18/0x20 [ 11.936888] kmalloc_oob_left+0x361/0x3c0 [ 11.936909] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.936932] ? __schedule+0x10cc/0x2b60 [ 11.936978] ? __pfx_read_tsc+0x10/0x10 [ 11.937013] ? ktime_get_ts64+0x86/0x230 [ 11.937052] kunit_try_run_case+0x1a5/0x480 [ 11.937104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.937127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.937151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.937175] ? __kthread_parkme+0x82/0x180 [ 11.937197] ? preempt_count_sub+0x50/0x80 [ 11.937221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.937245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.937269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.937294] kthread+0x337/0x6f0 [ 11.937313] ? trace_preempt_on+0x20/0xc0 [ 11.937338] ? __pfx_kthread+0x10/0x10 [ 11.937358] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.937380] ? calculate_sigpending+0x7b/0xa0 [ 11.937404] ? __pfx_kthread+0x10/0x10 [ 11.937436] ret_from_fork+0x116/0x1d0 [ 11.937464] ? __pfx_kthread+0x10/0x10 [ 11.937716] ret_from_fork_asm+0x1a/0x30 [ 11.937748] </TASK> [ 11.937768] [ 11.952538] Allocated by task 1: [ 11.953077] kasan_save_stack+0x45/0x70 [ 11.953255] kasan_save_track+0x18/0x40 [ 11.953415] kasan_save_alloc_info+0x3b/0x50 [ 11.953587] __kasan_kmalloc+0xb7/0xc0 [ 11.953721] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.953913] kvasprintf+0xc5/0x150 [ 11.954037] __kthread_create_on_node+0x18b/0x3a0 [ 11.954193] kthread_create_on_node+0xab/0xe0 [ 11.954340] create_worker+0x3e5/0x7b0 [ 11.954553] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.954956] apply_wqattrs_prepare+0x332/0xd20 [ 11.955349] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.955884] alloc_workqueue+0xcc7/0x1ad0 [ 11.956371] latency_fsnotify_init+0x1b/0x50 [ 11.956809] do_one_initcall+0xd8/0x370 [ 11.957039] kernel_init_freeable+0x420/0x6f0 [ 11.957194] kernel_init+0x23/0x1e0 [ 11.957320] ret_from_fork+0x116/0x1d0 [ 11.957928] ret_from_fork_asm+0x1a/0x30 [ 11.958068] [ 11.958138] The buggy address belongs to the object at ffff888102514860 [ 11.958138] which belongs to the cache kmalloc-16 of size 16 [ 11.958892] The buggy address is located 18 bytes to the right of [ 11.958892] allocated 13-byte region [ffff888102514860, ffff88810251486d) [ 11.960176] [ 11.960338] The buggy address belongs to the physical page: [ 11.960904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 11.961790] flags: 0x200000000000000(node=0|zone=2) [ 11.962245] page_type: f5(slab) [ 11.962648] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.962955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.963182] page dumped because: kasan: bad access detected [ 11.963407] [ 11.963543] Memory state around the buggy address: [ 11.963719] ffff888102514700: 00 05 fc fc 00 05 fc fc 00 02 fc fc 00 03 fc fc [ 11.964034] ffff888102514780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.964306] >ffff888102514800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 11.964631] ^ [ 11.964933] ffff888102514880: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965394] ffff888102514900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.842920] ================================================================== [ 11.844128] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.845211] Write of size 1 at addr ffff8881032bb573 by task kunit_try_catch/153 [ 11.846030] [ 11.847144] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.847523] Tainted: [N]=TEST [ 11.847557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.847786] Call Trace: [ 11.847851] <TASK> [ 11.847989] dump_stack_lvl+0x73/0xb0 [ 11.848075] print_report+0xd1/0x610 [ 11.848104] ? __virt_addr_valid+0x1db/0x2d0 [ 11.848130] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.848151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.848174] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.848196] kasan_report+0x141/0x180 [ 11.848218] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.848245] __asan_report_store1_noabort+0x1b/0x30 [ 11.848270] kmalloc_oob_right+0x6f0/0x7f0 [ 11.848292] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.848316] ? __schedule+0x10cc/0x2b60 [ 11.848464] ? __pfx_read_tsc+0x10/0x10 [ 11.848488] ? ktime_get_ts64+0x86/0x230 [ 11.848515] kunit_try_run_case+0x1a5/0x480 [ 11.848543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.848566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.848591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.848616] ? __kthread_parkme+0x82/0x180 [ 11.848638] ? preempt_count_sub+0x50/0x80 [ 11.848663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.848688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.848713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.848738] kthread+0x337/0x6f0 [ 11.848770] ? trace_preempt_on+0x20/0xc0 [ 11.848795] ? __pfx_kthread+0x10/0x10 [ 11.848816] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.848837] ? calculate_sigpending+0x7b/0xa0 [ 11.848863] ? __pfx_kthread+0x10/0x10 [ 11.848885] ret_from_fork+0x116/0x1d0 [ 11.848904] ? __pfx_kthread+0x10/0x10 [ 11.848925] ret_from_fork_asm+0x1a/0x30 [ 11.848986] </TASK> [ 11.849050] [ 11.861092] Allocated by task 153: [ 11.861375] kasan_save_stack+0x45/0x70 [ 11.861921] kasan_save_track+0x18/0x40 [ 11.862316] kasan_save_alloc_info+0x3b/0x50 [ 11.862869] __kasan_kmalloc+0xb7/0xc0 [ 11.863241] __kmalloc_cache_noprof+0x189/0x420 [ 11.863737] kmalloc_oob_right+0xa9/0x7f0 [ 11.864149] kunit_try_run_case+0x1a5/0x480 [ 11.864306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.864950] kthread+0x337/0x6f0 [ 11.865075] ret_from_fork+0x116/0x1d0 [ 11.865209] ret_from_fork_asm+0x1a/0x30 [ 11.865550] [ 11.865871] The buggy address belongs to the object at ffff8881032bb500 [ 11.865871] which belongs to the cache kmalloc-128 of size 128 [ 11.867165] The buggy address is located 0 bytes to the right of [ 11.867165] allocated 115-byte region [ffff8881032bb500, ffff8881032bb573) [ 11.867818] [ 11.867968] The buggy address belongs to the physical page: [ 11.868309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 11.869467] flags: 0x200000000000000(node=0|zone=2) [ 11.870319] page_type: f5(slab) [ 11.871107] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.871887] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.872717] page dumped because: kasan: bad access detected [ 11.873186] [ 11.873268] Memory state around the buggy address: [ 11.873766] ffff8881032bb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.874425] ffff8881032bb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.875319] >ffff8881032bb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.875893] ^ [ 11.876142] ffff8881032bb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.876408] ffff8881032bb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.877188] ================================================================== [ 11.879836] ================================================================== [ 11.880427] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.880886] Write of size 1 at addr ffff8881032bb578 by task kunit_try_catch/153 [ 11.881144] [ 11.881313] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.881354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.881365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.881386] Call Trace: [ 11.881398] <TASK> [ 11.881412] dump_stack_lvl+0x73/0xb0 [ 11.881441] print_report+0xd1/0x610 [ 11.881463] ? __virt_addr_valid+0x1db/0x2d0 [ 11.881719] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.881746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.881783] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.881827] kasan_report+0x141/0x180 [ 11.881850] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.881876] __asan_report_store1_noabort+0x1b/0x30 [ 11.881902] kmalloc_oob_right+0x6bd/0x7f0 [ 11.881925] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.881948] ? __schedule+0x10cc/0x2b60 [ 11.881970] ? __pfx_read_tsc+0x10/0x10 [ 11.882010] ? ktime_get_ts64+0x86/0x230 [ 11.882034] kunit_try_run_case+0x1a5/0x480 [ 11.882058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.882105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.882148] ? __kthread_parkme+0x82/0x180 [ 11.882168] ? preempt_count_sub+0x50/0x80 [ 11.882192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.882241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.882266] kthread+0x337/0x6f0 [ 11.882285] ? trace_preempt_on+0x20/0xc0 [ 11.882308] ? __pfx_kthread+0x10/0x10 [ 11.882376] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.882411] ? calculate_sigpending+0x7b/0xa0 [ 11.882435] ? __pfx_kthread+0x10/0x10 [ 11.882456] ret_from_fork+0x116/0x1d0 [ 11.882475] ? __pfx_kthread+0x10/0x10 [ 11.882495] ret_from_fork_asm+0x1a/0x30 [ 11.882526] </TASK> [ 11.882536] [ 11.892921] Allocated by task 153: [ 11.893092] kasan_save_stack+0x45/0x70 [ 11.893281] kasan_save_track+0x18/0x40 [ 11.893650] kasan_save_alloc_info+0x3b/0x50 [ 11.893872] __kasan_kmalloc+0xb7/0xc0 [ 11.894046] __kmalloc_cache_noprof+0x189/0x420 [ 11.894249] kmalloc_oob_right+0xa9/0x7f0 [ 11.894748] kunit_try_run_case+0x1a5/0x480 [ 11.894968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.895206] kthread+0x337/0x6f0 [ 11.895452] ret_from_fork+0x116/0x1d0 [ 11.895627] ret_from_fork_asm+0x1a/0x30 [ 11.895819] [ 11.895908] The buggy address belongs to the object at ffff8881032bb500 [ 11.895908] which belongs to the cache kmalloc-128 of size 128 [ 11.896599] The buggy address is located 5 bytes to the right of [ 11.896599] allocated 115-byte region [ffff8881032bb500, ffff8881032bb573) [ 11.897126] [ 11.897217] The buggy address belongs to the physical page: [ 11.897570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 11.897909] flags: 0x200000000000000(node=0|zone=2) [ 11.898125] page_type: f5(slab) [ 11.898283] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.898885] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.899197] page dumped because: kasan: bad access detected [ 11.899556] [ 11.899713] Memory state around the buggy address: [ 11.899930] ffff8881032bb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.900212] ffff8881032bb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.901944] >ffff8881032bb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.902171] ^ [ 11.902536] ffff8881032bb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.903067] ffff8881032bb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.903718] ================================================================== [ 11.904582] ================================================================== [ 11.904954] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.905286] Read of size 1 at addr ffff8881032bb580 by task kunit_try_catch/153 [ 11.906508] [ 11.906794] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.906884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.906897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.906918] Call Trace: [ 11.906929] <TASK> [ 11.906944] dump_stack_lvl+0x73/0xb0 [ 11.906975] print_report+0xd1/0x610 [ 11.906997] ? __virt_addr_valid+0x1db/0x2d0 [ 11.907019] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.907040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.907064] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.907086] kasan_report+0x141/0x180 [ 11.907108] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.907134] __asan_report_load1_noabort+0x18/0x20 [ 11.907159] kmalloc_oob_right+0x68a/0x7f0 [ 11.907182] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.907204] ? __schedule+0x10cc/0x2b60 [ 11.907227] ? __pfx_read_tsc+0x10/0x10 [ 11.907248] ? ktime_get_ts64+0x86/0x230 [ 11.907272] kunit_try_run_case+0x1a5/0x480 [ 11.907296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.907343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.907367] ? __kthread_parkme+0x82/0x180 [ 11.907387] ? preempt_count_sub+0x50/0x80 [ 11.907410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.907494] kthread+0x337/0x6f0 [ 11.907513] ? trace_preempt_on+0x20/0xc0 [ 11.907537] ? __pfx_kthread+0x10/0x10 [ 11.907558] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.907579] ? calculate_sigpending+0x7b/0xa0 [ 11.907603] ? __pfx_kthread+0x10/0x10 [ 11.907625] ret_from_fork+0x116/0x1d0 [ 11.907643] ? __pfx_kthread+0x10/0x10 [ 11.907663] ret_from_fork_asm+0x1a/0x30 [ 11.907694] </TASK> [ 11.907703] [ 11.919331] Allocated by task 153: [ 11.919801] kasan_save_stack+0x45/0x70 [ 11.919972] kasan_save_track+0x18/0x40 [ 11.920112] kasan_save_alloc_info+0x3b/0x50 [ 11.920267] __kasan_kmalloc+0xb7/0xc0 [ 11.920449] __kmalloc_cache_noprof+0x189/0x420 [ 11.920676] kmalloc_oob_right+0xa9/0x7f0 [ 11.920876] kunit_try_run_case+0x1a5/0x480 [ 11.921067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.921304] kthread+0x337/0x6f0 [ 11.921466] ret_from_fork+0x116/0x1d0 [ 11.921638] ret_from_fork_asm+0x1a/0x30 [ 11.921939] [ 11.922100] The buggy address belongs to the object at ffff8881032bb500 [ 11.922100] which belongs to the cache kmalloc-128 of size 128 [ 11.923201] The buggy address is located 13 bytes to the right of [ 11.923201] allocated 115-byte region [ffff8881032bb500, ffff8881032bb573) [ 11.924344] [ 11.924527] The buggy address belongs to the physical page: [ 11.925031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1032bb [ 11.925718] flags: 0x200000000000000(node=0|zone=2) [ 11.926167] page_type: f5(slab) [ 11.926498] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.927146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.927699] page dumped because: kasan: bad access detected [ 11.927879] [ 11.927948] Memory state around the buggy address: [ 11.928103] ffff8881032bb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.928319] ffff8881032bb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.928853] >ffff8881032bb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.929477] ^ [ 11.929790] ffff8881032bb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.930469] ffff8881032bb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.931092] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.842594] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.843519] Modules linked in: [ 141.843739] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.844080] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.844257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.844708] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.845204] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.846344] RSP: 0000:ffff88810a717c78 EFLAGS: 00010286 [ 141.846780] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.847437] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffab033c34 [ 141.848049] RBP: ffff88810a717ca0 R08: 0000000000000000 R09: ffffed1020ce3aa0 [ 141.848738] R10: ffff88810671d507 R11: 0000000000000000 R12: ffffffffab033c20 [ 141.849178] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a717d38 [ 141.849705] FS: 0000000000000000(0000) GS:ffff8881ae172000(0000) knlGS:0000000000000000 [ 141.850462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.850972] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.851192] DR0: ffffffffad052444 DR1: ffffffffad052449 DR2: ffffffffad05244a [ 141.851631] DR3: ffffffffad05244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.852233] Call Trace: [ 141.852611] <TASK> [ 141.852907] drm_test_rect_calc_vscale+0x108/0x270 [ 141.853556] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.854036] ? __schedule+0x10cc/0x2b60 [ 141.854183] ? __pfx_read_tsc+0x10/0x10 [ 141.854401] ? ktime_get_ts64+0x86/0x230 [ 141.854831] kunit_try_run_case+0x1a5/0x480 [ 141.855221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.855787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.856186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.856505] ? __kthread_parkme+0x82/0x180 [ 141.856895] ? preempt_count_sub+0x50/0x80 [ 141.857264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.857917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.858145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.858415] kthread+0x337/0x6f0 [ 141.858793] ? trace_preempt_on+0x20/0xc0 [ 141.859234] ? __pfx_kthread+0x10/0x10 [ 141.859660] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.860091] ? calculate_sigpending+0x7b/0xa0 [ 141.860492] ? __pfx_kthread+0x10/0x10 [ 141.860788] ret_from_fork+0x116/0x1d0 [ 141.861154] ? __pfx_kthread+0x10/0x10 [ 141.861526] ret_from_fork_asm+0x1a/0x30 [ 141.861857] </TASK> [ 141.861951] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.816230] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.817212] Modules linked in: [ 141.817448] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.818505] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.819118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.820126] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.820776] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.821286] RSP: 0000:ffff88810a59fc78 EFLAGS: 00010286 [ 141.821865] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.822593] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffab033bfc [ 141.823212] RBP: ffff88810a59fca0 R08: 0000000000000000 R09: ffffed1020ce3a80 [ 141.824118] R10: ffff88810671d407 R11: 0000000000000000 R12: ffffffffab033be8 [ 141.824980] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a59fd38 [ 141.825707] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 141.826141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.826361] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.827105] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 141.827828] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.828137] Call Trace: [ 141.828238] <TASK> [ 141.828391] drm_test_rect_calc_vscale+0x108/0x270 [ 141.829037] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.829613] ? __schedule+0x10cc/0x2b60 [ 141.830080] ? __pfx_read_tsc+0x10/0x10 [ 141.830358] ? ktime_get_ts64+0x86/0x230 [ 141.830837] kunit_try_run_case+0x1a5/0x480 [ 141.831015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.831178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.831407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.831873] ? __kthread_parkme+0x82/0x180 [ 141.832259] ? preempt_count_sub+0x50/0x80 [ 141.832721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.833171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.833700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.834142] kthread+0x337/0x6f0 [ 141.834278] ? trace_preempt_on+0x20/0xc0 [ 141.834716] ? __pfx_kthread+0x10/0x10 [ 141.835070] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.835550] ? calculate_sigpending+0x7b/0xa0 [ 141.836055] ? __pfx_kthread+0x10/0x10 [ 141.836262] ret_from_fork+0x116/0x1d0 [ 141.836489] ? __pfx_kthread+0x10/0x10 [ 141.836888] ret_from_fork_asm+0x1a/0x30 [ 141.837266] </TASK> [ 141.837592] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.784293] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.785422] Modules linked in: [ 141.785797] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.786636] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.786839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.787105] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.787282] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.787781] RSP: 0000:ffff88810a577c78 EFLAGS: 00010286 [ 141.788463] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.789158] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffab033c38 [ 141.790183] RBP: ffff88810a577ca0 R08: 0000000000000000 R09: ffffed1020cc85a0 [ 141.790989] R10: ffff888106642d07 R11: 0000000000000000 R12: ffffffffab033c20 [ 141.791780] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a577d38 [ 141.792490] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 141.793178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.793795] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.794615] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 141.795304] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.795886] Call Trace: [ 141.795993] <TASK> [ 141.796093] drm_test_rect_calc_hscale+0x108/0x270 [ 141.796270] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.796466] ? __schedule+0x10cc/0x2b60 [ 141.796749] ? __pfx_read_tsc+0x10/0x10 [ 141.797026] ? ktime_get_ts64+0x86/0x230 [ 141.797209] kunit_try_run_case+0x1a5/0x480 [ 141.797519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.797692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.797935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.798130] ? __kthread_parkme+0x82/0x180 [ 141.798278] ? preempt_count_sub+0x50/0x80 [ 141.798601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.798947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.799189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.799545] kthread+0x337/0x6f0 [ 141.799778] ? trace_preempt_on+0x20/0xc0 [ 141.800009] ? __pfx_kthread+0x10/0x10 [ 141.800199] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.800603] ? calculate_sigpending+0x7b/0xa0 [ 141.800859] ? __pfx_kthread+0x10/0x10 [ 141.801028] ret_from_fork+0x116/0x1d0 [ 141.801190] ? __pfx_kthread+0x10/0x10 [ 141.801380] ret_from_fork_asm+0x1a/0x30 [ 141.801788] </TASK> [ 141.801899] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.758432] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.759101] Modules linked in: [ 141.759260] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.759740] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.760308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.761733] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.762211] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.764060] RSP: 0000:ffff88810a3bfc78 EFLAGS: 00010286 [ 141.764257] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.764943] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffab033c00 [ 141.765718] RBP: ffff88810a3bfca0 R08: 0000000000000000 R09: ffffed10204fcf60 [ 141.766141] R10: ffff8881027e7b07 R11: 0000000000000000 R12: ffffffffab033be8 [ 141.766475] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a3bfd38 [ 141.767070] FS: 0000000000000000(0000) GS:ffff8881ae172000(0000) knlGS:0000000000000000 [ 141.767630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.767824] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.768034] DR0: ffffffffad052444 DR1: ffffffffad052449 DR2: ffffffffad05244a [ 141.768242] DR3: ffffffffad05244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.768882] Call Trace: [ 141.769177] <TASK> [ 141.769584] drm_test_rect_calc_hscale+0x108/0x270 [ 141.770056] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.770653] ? __schedule+0x10cc/0x2b60 [ 141.771410] ? __pfx_read_tsc+0x10/0x10 [ 141.771961] ? ktime_get_ts64+0x86/0x230 [ 141.772323] kunit_try_run_case+0x1a5/0x480 [ 141.772691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.772862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.773021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.773342] ? __kthread_parkme+0x82/0x180 [ 141.773508] ? preempt_count_sub+0x50/0x80 [ 141.773663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.773836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.774007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.774193] kthread+0x337/0x6f0 [ 141.774311] ? trace_preempt_on+0x20/0xc0 [ 141.774670] ? __pfx_kthread+0x10/0x10 [ 141.775037] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.775415] ? calculate_sigpending+0x7b/0xa0 [ 141.775842] ? __pfx_kthread+0x10/0x10 [ 141.777744] ret_from_fork+0x116/0x1d0 [ 141.778004] ? __pfx_kthread+0x10/0x10 [ 141.778210] ret_from_fork_asm+0x1a/0x30 [ 141.778442] </TASK> [ 141.778574] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.140812] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.140911] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.142259] Modules linked in: [ 141.142657] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.143197] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.144389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.144915] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.145305] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a fe aa 4c 89 f2 48 c7 c7 a0 87 fe aa 48 89 c6 e8 34 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.146117] RSP: 0000:ffff888109c9fd18 EFLAGS: 00010286 [ 141.146419] RAX: 0000000000000000 RBX: ffff888101ee6800 RCX: 1ffffffff57a4cf0 [ 141.146840] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.147117] RBP: ffff888109c9fd48 R08: 0000000000000000 R09: fffffbfff57a4cf0 [ 141.147479] R10: 0000000000000003 R11: 00000000000389e0 R12: ffff888109de1000 [ 141.147799] R13: ffff888101ee68f8 R14: ffff88810858c380 R15: ffff88810039fb40 [ 141.148044] FS: 0000000000000000(0000) GS:ffff8881ae172000(0000) knlGS:0000000000000000 [ 141.148677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.148952] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.149243] DR0: ffffffffad052444 DR1: ffffffffad052449 DR2: ffffffffad05244a [ 141.149606] DR3: ffffffffad05244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.149908] Call Trace: [ 141.150059] <TASK> [ 141.150185] ? trace_preempt_on+0x20/0xc0 [ 141.150356] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.150773] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.151019] __kunit_action_free+0x57/0x70 [ 141.151255] kunit_remove_resource+0x133/0x200 [ 141.151592] ? preempt_count_sub+0x50/0x80 [ 141.151871] kunit_cleanup+0x7a/0x120 [ 141.152071] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.152618] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.152877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.153144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.153494] kthread+0x337/0x6f0 [ 141.153701] ? trace_preempt_on+0x20/0xc0 [ 141.153923] ? __pfx_kthread+0x10/0x10 [ 141.154154] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.154460] ? calculate_sigpending+0x7b/0xa0 [ 141.154668] ? __pfx_kthread+0x10/0x10 [ 141.154906] ret_from_fork+0x116/0x1d0 [ 141.155134] ? __pfx_kthread+0x10/0x10 [ 141.155469] ret_from_fork_asm+0x1a/0x30 [ 141.155918] </TASK> [ 141.156062] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.998220] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 140.999575] Modules linked in: [ 140.999746] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.001737] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.002421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.003429] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 141.004131] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 141.005820] RSP: 0000:ffff888109807b20 EFLAGS: 00010246 [ 141.006022] RAX: ffff888109807ba8 RBX: ffff888109807c28 RCX: 1ffff11021300f8e [ 141.006244] RDX: dffffc0000000000 RSI: ffff888109b66000 RDI: ffff888109b66000 [ 141.007621] RBP: ffff888109807b70 R08: ffff888109b66000 R09: ffffffffaafd8e20 [ 141.008169] R10: 0000000000000003 R11: 0000000095a68688 R12: 1ffff11021300f71 [ 141.009234] R13: ffff888109807c70 R14: ffff888109807db8 R15: 0000000000000000 [ 141.010022] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 141.010820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.011812] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 141.012262] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 141.013133] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.013852] Call Trace: [ 141.014156] <TASK> [ 141.014589] ? trace_preempt_on+0x20/0xc0 [ 141.015008] ? add_dr+0xc1/0x1d0 [ 141.015146] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 141.015581] ? add_dr+0x148/0x1d0 [ 141.016021] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.016956] ? __drmm_add_action+0x1a4/0x280 [ 141.017659] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.018086] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.018287] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.018910] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.020071] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.020986] kunit_try_run_case+0x1a5/0x480 [ 141.021680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.021950] ? queued_spin_lock_slowpath+0x116/0xb40 [ 141.022132] ? __kthread_parkme+0x82/0x180 [ 141.022278] ? preempt_count_sub+0x50/0x80 [ 141.022592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.023045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.023878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.024697] kthread+0x337/0x6f0 [ 141.025123] ? trace_preempt_on+0x20/0xc0 [ 141.025588] ? __pfx_kthread+0x10/0x10 [ 141.025877] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.026031] ? calculate_sigpending+0x7b/0xa0 [ 141.026186] ? __pfx_kthread+0x10/0x10 [ 141.026371] ret_from_fork+0x116/0x1d0 [ 141.026811] ? __pfx_kthread+0x10/0x10 [ 141.027154] ret_from_fork_asm+0x1a/0x30 [ 141.027783] </TASK> [ 141.028050] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.962143] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.962265] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.963329] Modules linked in: [ 140.963955] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.964690] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.964951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.965312] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.965980] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 fd aa 4c 89 fa 48 c7 c7 20 39 fd aa 48 89 c6 e8 b2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.967166] RSP: 0000:ffff888109eefb68 EFLAGS: 00010282 [ 140.967802] RAX: 0000000000000000 RBX: ffff888109eefc40 RCX: 1ffffffff57a4cf0 [ 140.968180] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.968621] RBP: ffff888109eefb90 R08: 0000000000000000 R09: fffffbfff57a4cf0 [ 140.968931] R10: 0000000000000003 R11: 00000000000370b0 R12: ffff888109eefc18 [ 140.969208] R13: ffff888109c3d000 R14: ffff888109b62000 R15: ffff888100356100 [ 140.969950] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 140.970644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.971009] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 140.971663] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 140.972053] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.972550] Call Trace: [ 140.972697] <TASK> [ 140.972835] drm_test_framebuffer_free+0x1ab/0x610 [ 140.973074] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.973308] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.974144] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.974779] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.975311] ? __schedule+0x10cc/0x2b60 [ 140.975483] ? __pfx_read_tsc+0x10/0x10 [ 140.975774] ? ktime_get_ts64+0x86/0x230 [ 140.975950] kunit_try_run_case+0x1a5/0x480 [ 140.976180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.976438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.976678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.976915] ? __kthread_parkme+0x82/0x180 [ 140.977089] ? preempt_count_sub+0x50/0x80 [ 140.977260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.977617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.977839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.978117] kthread+0x337/0x6f0 [ 140.978295] ? trace_preempt_on+0x20/0xc0 [ 140.978707] ? __pfx_kthread+0x10/0x10 [ 140.978869] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.979090] ? calculate_sigpending+0x7b/0xa0 [ 140.979330] ? __pfx_kthread+0x10/0x10 [ 140.979813] ret_from_fork+0x116/0x1d0 [ 140.979994] ? __pfx_kthread+0x10/0x10 [ 140.980148] ret_from_fork_asm+0x1a/0x30 [ 140.980454] </TASK> [ 140.980652] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.727200] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.728831] Modules linked in: [ 139.729709] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.730249] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.731039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.732089] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.732861] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.733519] RSP: 0000:ffff888108c9fc90 EFLAGS: 00010246 [ 139.733941] RAX: dffffc0000000000 RBX: ffff888108b46000 RCX: 0000000000000000 [ 139.734496] RDX: 1ffff11021168c32 RSI: ffffffffa82067f8 RDI: ffff888108b46190 [ 139.734963] RBP: ffff888108c9fca0 R08: 1ffff11020073f69 R09: ffffed1021193f65 [ 139.735613] R10: 0000000000000003 R11: ffffffffa77859f8 R12: 0000000000000000 [ 139.736012] R13: ffff888108c9fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.736671] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 139.737069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.737299] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 139.737918] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 139.738493] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.738908] Call Trace: [ 139.739042] <TASK> [ 139.739166] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.739994] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.740527] ? __schedule+0x10cc/0x2b60 [ 139.740894] ? __pfx_read_tsc+0x10/0x10 [ 139.741088] ? ktime_get_ts64+0x86/0x230 [ 139.741281] kunit_try_run_case+0x1a5/0x480 [ 139.741964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.742300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.742789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.743391] ? __kthread_parkme+0x82/0x180 [ 139.743787] ? preempt_count_sub+0x50/0x80 [ 139.744196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.744856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.745414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.745894] kthread+0x337/0x6f0 [ 139.746321] ? trace_preempt_on+0x20/0xc0 [ 139.746714] ? __pfx_kthread+0x10/0x10 [ 139.746911] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.747109] ? calculate_sigpending+0x7b/0xa0 [ 139.747599] ? __pfx_kthread+0x10/0x10 [ 139.747891] ret_from_fork+0x116/0x1d0 [ 139.748215] ? __pfx_kthread+0x10/0x10 [ 139.748707] ret_from_fork_asm+0x1a/0x30 [ 139.749132] </TASK> [ 139.749409] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.644061] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.644988] Modules linked in: [ 139.645426] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.646607] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.647219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.648119] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.648604] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.649186] RSP: 0000:ffff888108e97c90 EFLAGS: 00010246 [ 139.649536] RAX: dffffc0000000000 RBX: ffff888108f2a000 RCX: 0000000000000000 [ 139.650238] RDX: 1ffff110211e5432 RSI: ffffffffa82067f8 RDI: ffff888108f2a190 [ 139.651131] RBP: ffff888108e97ca0 R08: 1ffff11020073f69 R09: ffffed10211d2f65 [ 139.652147] R10: 0000000000000003 R11: ffffffffa77859f8 R12: 0000000000000000 [ 139.652998] R13: ffff888108e97d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.653463] FS: 0000000000000000(0000) GS:ffff8881ae072000(0000) knlGS:0000000000000000 [ 139.654073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.654253] CR2: 00007ffff7ffe000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 139.654712] DR0: ffffffffad052440 DR1: ffffffffad052441 DR2: ffffffffad052443 [ 139.655463] DR3: ffffffffad052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.656183] Call Trace: [ 139.656460] <TASK> [ 139.656721] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.657186] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.657812] ? __schedule+0x10cc/0x2b60 [ 139.658217] ? __pfx_read_tsc+0x10/0x10 [ 139.658612] ? ktime_get_ts64+0x86/0x230 [ 139.659063] kunit_try_run_case+0x1a5/0x480 [ 139.659270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.659749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.660205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.660459] ? __kthread_parkme+0x82/0x180 [ 139.660615] ? preempt_count_sub+0x50/0x80 [ 139.660777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.660943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.661121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.661414] kthread+0x337/0x6f0 [ 139.661743] ? trace_preempt_on+0x20/0xc0 [ 139.662167] ? __pfx_kthread+0x10/0x10 [ 139.662564] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.663086] ? calculate_sigpending+0x7b/0xa0 [ 139.663539] ? __pfx_kthread+0x10/0x10 [ 139.663929] ret_from_fork+0x116/0x1d0 [ 139.664379] ? __pfx_kthread+0x10/0x10 [ 139.664841] ret_from_fork_asm+0x1a/0x30 [ 139.665273] </TASK> [ 139.665550] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 109.699640] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 109.700957] Modules linked in: [ 109.701544] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.702413] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 109.702930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.703203] RIP: 0010:intlog10+0x2a/0x40 [ 109.703749] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 07 aa 86 02 90 <0f> 0b 90 31 c0 e9 fc a9 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 109.705854] RSP: 0000:ffff88810b01fcb0 EFLAGS: 00010246 [ 109.706528] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021603fb4 [ 109.707133] RDX: 1ffffffff55d2dc4 RSI: 1ffff11021603fb3 RDI: 0000000000000000 [ 109.707840] RBP: ffff88810b01fd60 R08: 0000000000000000 R09: ffffed10207fdbe0 [ 109.708693] R10: ffff888103fedf07 R11: 0000000000000000 R12: 1ffff11021603f97 [ 109.709215] R13: ffffffffaae96e20 R14: 0000000000000000 R15: ffff88810b01fd38 [ 109.709445] FS: 0000000000000000(0000) GS:ffff8881ae172000(0000) knlGS:0000000000000000 [ 109.709681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.710220] CR2: dffffc0000000000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 109.711153] DR0: ffffffffad052444 DR1: ffffffffad052449 DR2: ffffffffad05244a [ 109.711599] DR3: ffffffffad05244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.711824] Call Trace: [ 109.711950] <TASK> [ 109.712282] ? intlog10_test+0xf2/0x220 [ 109.712868] ? __pfx_intlog10_test+0x10/0x10 [ 109.713414] ? __schedule+0x10cc/0x2b60 [ 109.713850] ? __pfx_read_tsc+0x10/0x10 [ 109.714222] ? ktime_get_ts64+0x86/0x230 [ 109.714730] kunit_try_run_case+0x1a5/0x480 [ 109.714994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.715158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.715382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.715898] ? __kthread_parkme+0x82/0x180 [ 109.716288] ? preempt_count_sub+0x50/0x80 [ 109.716800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.717243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.717950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.718157] kthread+0x337/0x6f0 [ 109.719091] ? trace_preempt_on+0x20/0xc0 [ 109.719781] ? __pfx_kthread+0x10/0x10 [ 109.720390] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.720960] ? calculate_sigpending+0x7b/0xa0 [ 109.721183] ? __pfx_kthread+0x10/0x10 [ 109.721377] ret_from_fork+0x116/0x1d0 [ 109.721562] ? __pfx_kthread+0x10/0x10 [ 109.721741] ret_from_fork_asm+0x1a/0x30 [ 109.722662] </TASK> [ 109.722830] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 109.658153] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 109.658815] Modules linked in: [ 109.659176] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.660246] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 109.660865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.661154] RIP: 0010:intlog2+0xdf/0x110 [ 109.661306] Code: e9 aa c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 109.663088] RSP: 0000:ffff88810adc7cb0 EFLAGS: 00010246 [ 109.663277] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110215b8fb4 [ 109.663873] RDX: 1ffffffff55d2e18 RSI: 1ffff110215b8fb3 RDI: 0000000000000000 [ 109.664697] RBP: ffff88810adc7d60 R08: 0000000000000000 R09: ffffed1020138520 [ 109.665308] R10: ffff8881009c2907 R11: 0000000000000000 R12: 1ffff110215b8f97 [ 109.665583] R13: ffffffffaae970c0 R14: 0000000000000000 R15: ffff88810adc7d38 [ 109.665812] FS: 0000000000000000(0000) GS:ffff8881ae172000(0000) knlGS:0000000000000000 [ 109.666050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.666228] CR2: dffffc0000000000 CR3: 000000012eebc000 CR4: 00000000000006f0 [ 109.666743] DR0: ffffffffad052444 DR1: ffffffffad052449 DR2: ffffffffad05244a [ 109.667577] DR3: ffffffffad05244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.668172] Call Trace: [ 109.668464] <TASK> [ 109.668698] ? intlog2_test+0xf2/0x220 [ 109.669100] ? __pfx_intlog2_test+0x10/0x10 [ 109.669544] ? __schedule+0x10cc/0x2b60 [ 109.669994] ? __pfx_read_tsc+0x10/0x10 [ 109.670404] ? ktime_get_ts64+0x86/0x230 [ 109.670910] kunit_try_run_case+0x1a5/0x480 [ 109.671482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.671921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.672218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.672437] ? __kthread_parkme+0x82/0x180 [ 109.672638] ? preempt_count_sub+0x50/0x80 [ 109.673016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.673490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.673978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.674285] kthread+0x337/0x6f0 [ 109.674465] ? trace_preempt_on+0x20/0xc0 [ 109.674619] ? __pfx_kthread+0x10/0x10 [ 109.674756] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.674921] ? calculate_sigpending+0x7b/0xa0 [ 109.675076] ? __pfx_kthread+0x10/0x10 [ 109.675213] ret_from_fork+0x116/0x1d0 [ 109.675387] ? __pfx_kthread+0x10/0x10 [ 109.675564] ret_from_fork_asm+0x1a/0x30 [ 109.675718] </TASK> [ 109.675854] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 109.091957] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI