Date
July 18, 2025, 11:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.398986] ================================================================== [ 12.399850] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.400577] Read of size 64 at addr ffff8881029d4684 by task kunit_try_catch/201 [ 12.400979] [ 12.401075] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.401120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.401132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.401152] Call Trace: [ 12.401164] <TASK> [ 12.401179] dump_stack_lvl+0x73/0xb0 [ 12.401454] print_report+0xd1/0x610 [ 12.401492] ? __virt_addr_valid+0x1db/0x2d0 [ 12.401515] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.401540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.401561] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.401586] kasan_report+0x141/0x180 [ 12.401607] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.401635] kasan_check_range+0x10c/0x1c0 [ 12.401658] __asan_memmove+0x27/0x70 [ 12.401677] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.401701] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.401726] ? __schedule+0x10cc/0x2b60 [ 12.401749] ? __pfx_read_tsc+0x10/0x10 [ 12.401769] ? ktime_get_ts64+0x86/0x230 [ 12.401792] kunit_try_run_case+0x1a5/0x480 [ 12.401816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.401861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.401885] ? __kthread_parkme+0x82/0x180 [ 12.401905] ? preempt_count_sub+0x50/0x80 [ 12.401929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.401975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.401998] kthread+0x337/0x6f0 [ 12.402016] ? trace_preempt_on+0x20/0xc0 [ 12.402039] ? __pfx_kthread+0x10/0x10 [ 12.402058] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.402079] ? calculate_sigpending+0x7b/0xa0 [ 12.402103] ? __pfx_kthread+0x10/0x10 [ 12.402123] ret_from_fork+0x116/0x1d0 [ 12.402140] ? __pfx_kthread+0x10/0x10 [ 12.402160] ret_from_fork_asm+0x1a/0x30 [ 12.402190] </TASK> [ 12.402199] [ 12.412907] Allocated by task 201: [ 12.413314] kasan_save_stack+0x45/0x70 [ 12.413657] kasan_save_track+0x18/0x40 [ 12.413843] kasan_save_alloc_info+0x3b/0x50 [ 12.414295] __kasan_kmalloc+0xb7/0xc0 [ 12.414445] __kmalloc_cache_noprof+0x189/0x420 [ 12.414681] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.414911] kunit_try_run_case+0x1a5/0x480 [ 12.415626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.415879] kthread+0x337/0x6f0 [ 12.416020] ret_from_fork+0x116/0x1d0 [ 12.416430] ret_from_fork_asm+0x1a/0x30 [ 12.416642] [ 12.416724] The buggy address belongs to the object at ffff8881029d4680 [ 12.416724] which belongs to the cache kmalloc-64 of size 64 [ 12.417218] The buggy address is located 4 bytes inside of [ 12.417218] allocated 64-byte region [ffff8881029d4680, ffff8881029d46c0) [ 12.417968] [ 12.418066] The buggy address belongs to the physical page: [ 12.418341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 12.418923] flags: 0x200000000000000(node=0|zone=2) [ 12.419307] page_type: f5(slab) [ 12.419478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.419943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.420545] page dumped because: kasan: bad access detected [ 12.420762] [ 12.420958] Memory state around the buggy address: [ 12.421215] ffff8881029d4580: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.421547] ffff8881029d4600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.421841] >ffff8881029d4680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.422137] ^ [ 12.422374] ffff8881029d4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.423066] ffff8881029d4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.423342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.366309] ================================================================== [ 12.366945] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.368034] Read of size 18446744073709551614 at addr ffff8881029d4484 by task kunit_try_catch/199 [ 12.369412] [ 12.369663] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.369712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.369724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.369746] Call Trace: [ 12.369759] <TASK> [ 12.369778] dump_stack_lvl+0x73/0xb0 [ 12.369811] print_report+0xd1/0x610 [ 12.369834] ? __virt_addr_valid+0x1db/0x2d0 [ 12.369858] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.369882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.369904] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.369951] kasan_report+0x141/0x180 [ 12.369972] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.370002] kasan_check_range+0x10c/0x1c0 [ 12.370227] __asan_memmove+0x27/0x70 [ 12.370247] kmalloc_memmove_negative_size+0x171/0x330 [ 12.370273] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.370312] ? __schedule+0x10cc/0x2b60 [ 12.370336] ? __pfx_read_tsc+0x10/0x10 [ 12.370357] ? ktime_get_ts64+0x86/0x230 [ 12.370383] kunit_try_run_case+0x1a5/0x480 [ 12.370409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.370454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.370477] ? __kthread_parkme+0x82/0x180 [ 12.370496] ? preempt_count_sub+0x50/0x80 [ 12.370520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.370566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.370589] kthread+0x337/0x6f0 [ 12.370607] ? trace_preempt_on+0x20/0xc0 [ 12.370631] ? __pfx_kthread+0x10/0x10 [ 12.370650] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.370671] ? calculate_sigpending+0x7b/0xa0 [ 12.370695] ? __pfx_kthread+0x10/0x10 [ 12.370715] ret_from_fork+0x116/0x1d0 [ 12.370733] ? __pfx_kthread+0x10/0x10 [ 12.370753] ret_from_fork_asm+0x1a/0x30 [ 12.370784] </TASK> [ 12.370794] [ 12.385966] Allocated by task 199: [ 12.386116] kasan_save_stack+0x45/0x70 [ 12.386532] kasan_save_track+0x18/0x40 [ 12.386849] kasan_save_alloc_info+0x3b/0x50 [ 12.387018] __kasan_kmalloc+0xb7/0xc0 [ 12.387657] __kmalloc_cache_noprof+0x189/0x420 [ 12.387887] kmalloc_memmove_negative_size+0xac/0x330 [ 12.388187] kunit_try_run_case+0x1a5/0x480 [ 12.388476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.388689] kthread+0x337/0x6f0 [ 12.389013] ret_from_fork+0x116/0x1d0 [ 12.389295] ret_from_fork_asm+0x1a/0x30 [ 12.389446] [ 12.389548] The buggy address belongs to the object at ffff8881029d4480 [ 12.389548] which belongs to the cache kmalloc-64 of size 64 [ 12.390009] The buggy address is located 4 bytes inside of [ 12.390009] 64-byte region [ffff8881029d4480, ffff8881029d44c0) [ 12.390903] [ 12.391220] The buggy address belongs to the physical page: [ 12.391498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 12.391855] flags: 0x200000000000000(node=0|zone=2) [ 12.392268] page_type: f5(slab) [ 12.392439] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.392987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.393440] page dumped because: kasan: bad access detected [ 12.393776] [ 12.393861] Memory state around the buggy address: [ 12.394058] ffff8881029d4380: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.394433] ffff8881029d4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.394776] >ffff8881029d4480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.395070] ^ [ 12.395669] ffff8881029d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.395975] ffff8881029d4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.396460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.329349] ================================================================== [ 12.330931] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.332311] Write of size 16 at addr ffff8881030d9a69 by task kunit_try_catch/197 [ 12.332826] [ 12.332930] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.332978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.332990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.333010] Call Trace: [ 12.333022] <TASK> [ 12.333037] dump_stack_lvl+0x73/0xb0 [ 12.333067] print_report+0xd1/0x610 [ 12.333088] ? __virt_addr_valid+0x1db/0x2d0 [ 12.333109] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.333131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.333153] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.333175] kasan_report+0x141/0x180 [ 12.333196] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.333222] kasan_check_range+0x10c/0x1c0 [ 12.333244] __asan_memset+0x27/0x50 [ 12.333262] kmalloc_oob_memset_16+0x166/0x330 [ 12.333296] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.333318] ? __schedule+0x10cc/0x2b60 [ 12.333339] ? __pfx_read_tsc+0x10/0x10 [ 12.333359] ? ktime_get_ts64+0x86/0x230 [ 12.333383] kunit_try_run_case+0x1a5/0x480 [ 12.333406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.333457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.333480] ? __kthread_parkme+0x82/0x180 [ 12.333591] ? preempt_count_sub+0x50/0x80 [ 12.333618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.333688] kthread+0x337/0x6f0 [ 12.333706] ? trace_preempt_on+0x20/0xc0 [ 12.333729] ? __pfx_kthread+0x10/0x10 [ 12.333749] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.333769] ? calculate_sigpending+0x7b/0xa0 [ 12.333792] ? __pfx_kthread+0x10/0x10 [ 12.333812] ret_from_fork+0x116/0x1d0 [ 12.333830] ? __pfx_kthread+0x10/0x10 [ 12.333849] ret_from_fork_asm+0x1a/0x30 [ 12.333878] </TASK> [ 12.333888] [ 12.345830] Allocated by task 197: [ 12.346263] kasan_save_stack+0x45/0x70 [ 12.346533] kasan_save_track+0x18/0x40 [ 12.347059] kasan_save_alloc_info+0x3b/0x50 [ 12.347302] __kasan_kmalloc+0xb7/0xc0 [ 12.347439] __kmalloc_cache_noprof+0x189/0x420 [ 12.347597] kmalloc_oob_memset_16+0xac/0x330 [ 12.347744] kunit_try_run_case+0x1a5/0x480 [ 12.347889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.348064] kthread+0x337/0x6f0 [ 12.348183] ret_from_fork+0x116/0x1d0 [ 12.348633] ret_from_fork_asm+0x1a/0x30 [ 12.349486] [ 12.349855] The buggy address belongs to the object at ffff8881030d9a00 [ 12.349855] which belongs to the cache kmalloc-128 of size 128 [ 12.351464] The buggy address is located 105 bytes inside of [ 12.351464] allocated 120-byte region [ffff8881030d9a00, ffff8881030d9a78) [ 12.352819] [ 12.352997] The buggy address belongs to the physical page: [ 12.353794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030d9 [ 12.354567] flags: 0x200000000000000(node=0|zone=2) [ 12.355186] page_type: f5(slab) [ 12.355331] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.355923] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.356846] page dumped because: kasan: bad access detected [ 12.357376] [ 12.357455] Memory state around the buggy address: [ 12.357611] ffff8881030d9900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.357826] ffff8881030d9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.358097] >ffff8881030d9a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.359132] ^ [ 12.359912] ffff8881030d9a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.360746] ffff8881030d9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.361624] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.300910] ================================================================== [ 12.301709] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.303071] Write of size 8 at addr ffff8881030d9971 by task kunit_try_catch/195 [ 12.303724] [ 12.303829] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.303876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.303888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.303909] Call Trace: [ 12.303921] <TASK> [ 12.303938] dump_stack_lvl+0x73/0xb0 [ 12.303971] print_report+0xd1/0x610 [ 12.303992] ? __virt_addr_valid+0x1db/0x2d0 [ 12.304015] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.304036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.304059] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.304080] kasan_report+0x141/0x180 [ 12.304101] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.304126] kasan_check_range+0x10c/0x1c0 [ 12.304149] __asan_memset+0x27/0x50 [ 12.304167] kmalloc_oob_memset_8+0x166/0x330 [ 12.304189] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.304210] ? __schedule+0x10cc/0x2b60 [ 12.304232] ? __pfx_read_tsc+0x10/0x10 [ 12.304252] ? ktime_get_ts64+0x86/0x230 [ 12.304287] kunit_try_run_case+0x1a5/0x480 [ 12.304312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.304355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.304378] ? __kthread_parkme+0x82/0x180 [ 12.304397] ? preempt_count_sub+0x50/0x80 [ 12.304420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.304848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.304876] kthread+0x337/0x6f0 [ 12.304897] ? trace_preempt_on+0x20/0xc0 [ 12.304921] ? __pfx_kthread+0x10/0x10 [ 12.304947] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.304969] ? calculate_sigpending+0x7b/0xa0 [ 12.304992] ? __pfx_kthread+0x10/0x10 [ 12.305013] ret_from_fork+0x116/0x1d0 [ 12.305031] ? __pfx_kthread+0x10/0x10 [ 12.305050] ret_from_fork_asm+0x1a/0x30 [ 12.305081] </TASK> [ 12.305091] [ 12.316242] Allocated by task 195: [ 12.316481] kasan_save_stack+0x45/0x70 [ 12.316685] kasan_save_track+0x18/0x40 [ 12.316875] kasan_save_alloc_info+0x3b/0x50 [ 12.317267] __kasan_kmalloc+0xb7/0xc0 [ 12.317521] __kmalloc_cache_noprof+0x189/0x420 [ 12.317689] kmalloc_oob_memset_8+0xac/0x330 [ 12.317838] kunit_try_run_case+0x1a5/0x480 [ 12.318131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.318409] kthread+0x337/0x6f0 [ 12.318596] ret_from_fork+0x116/0x1d0 [ 12.318789] ret_from_fork_asm+0x1a/0x30 [ 12.318989] [ 12.319169] The buggy address belongs to the object at ffff8881030d9900 [ 12.319169] which belongs to the cache kmalloc-128 of size 128 [ 12.319681] The buggy address is located 113 bytes inside of [ 12.319681] allocated 120-byte region [ffff8881030d9900, ffff8881030d9978) [ 12.320317] [ 12.320429] The buggy address belongs to the physical page: [ 12.320680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030d9 [ 12.321156] flags: 0x200000000000000(node=0|zone=2) [ 12.321533] page_type: f5(slab) [ 12.321733] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.322148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.322504] page dumped because: kasan: bad access detected [ 12.322761] [ 12.322860] Memory state around the buggy address: [ 12.323043] ffff8881030d9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.323261] ffff8881030d9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.323676] >ffff8881030d9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.324049] ^ [ 12.324385] ffff8881030d9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.324740] ffff8881030d9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.325241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.275539] ================================================================== [ 12.275996] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.276539] Write of size 4 at addr ffff8881030d9875 by task kunit_try_catch/193 [ 12.277094] [ 12.277205] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.277328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.277341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.277373] Call Trace: [ 12.277385] <TASK> [ 12.277400] dump_stack_lvl+0x73/0xb0 [ 12.277429] print_report+0xd1/0x610 [ 12.277450] ? __virt_addr_valid+0x1db/0x2d0 [ 12.277481] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.277511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.277533] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.277556] kasan_report+0x141/0x180 [ 12.277588] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.277614] kasan_check_range+0x10c/0x1c0 [ 12.277636] __asan_memset+0x27/0x50 [ 12.277655] kmalloc_oob_memset_4+0x166/0x330 [ 12.277685] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.277708] ? __schedule+0x10cc/0x2b60 [ 12.277730] ? __pfx_read_tsc+0x10/0x10 [ 12.277750] ? ktime_get_ts64+0x86/0x230 [ 12.277785] kunit_try_run_case+0x1a5/0x480 [ 12.277810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.277855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.277877] ? __kthread_parkme+0x82/0x180 [ 12.277906] ? preempt_count_sub+0x50/0x80 [ 12.277929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.278009] kthread+0x337/0x6f0 [ 12.278092] ? trace_preempt_on+0x20/0xc0 [ 12.278116] ? __pfx_kthread+0x10/0x10 [ 12.278135] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.278156] ? calculate_sigpending+0x7b/0xa0 [ 12.278180] ? __pfx_kthread+0x10/0x10 [ 12.278200] ret_from_fork+0x116/0x1d0 [ 12.278219] ? __pfx_kthread+0x10/0x10 [ 12.278238] ret_from_fork_asm+0x1a/0x30 [ 12.278268] </TASK> [ 12.278291] [ 12.286768] Allocated by task 193: [ 12.286929] kasan_save_stack+0x45/0x70 [ 12.287306] kasan_save_track+0x18/0x40 [ 12.287549] kasan_save_alloc_info+0x3b/0x50 [ 12.287740] __kasan_kmalloc+0xb7/0xc0 [ 12.287875] __kmalloc_cache_noprof+0x189/0x420 [ 12.288048] kmalloc_oob_memset_4+0xac/0x330 [ 12.288294] kunit_try_run_case+0x1a5/0x480 [ 12.288585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.288835] kthread+0x337/0x6f0 [ 12.288964] ret_from_fork+0x116/0x1d0 [ 12.289368] ret_from_fork_asm+0x1a/0x30 [ 12.289689] [ 12.289782] The buggy address belongs to the object at ffff8881030d9800 [ 12.289782] which belongs to the cache kmalloc-128 of size 128 [ 12.290399] The buggy address is located 117 bytes inside of [ 12.290399] allocated 120-byte region [ffff8881030d9800, ffff8881030d9878) [ 12.290993] [ 12.291066] The buggy address belongs to the physical page: [ 12.291240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030d9 [ 12.291488] flags: 0x200000000000000(node=0|zone=2) [ 12.291849] page_type: f5(slab) [ 12.292206] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.292721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.293137] page dumped because: kasan: bad access detected [ 12.293324] [ 12.293393] Memory state around the buggy address: [ 12.293548] ffff8881030d9700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.294161] ffff8881030d9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.294618] >ffff8881030d9800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.294949] ^ [ 12.295504] ffff8881030d9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.295865] ffff8881030d9900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296271] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.251698] ================================================================== [ 12.252209] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.252838] Write of size 2 at addr ffff8881029ce277 by task kunit_try_catch/191 [ 12.253338] [ 12.253457] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.253511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.253522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.253541] Call Trace: [ 12.253551] <TASK> [ 12.253564] dump_stack_lvl+0x73/0xb0 [ 12.253592] print_report+0xd1/0x610 [ 12.253613] ? __virt_addr_valid+0x1db/0x2d0 [ 12.253634] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.253654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.253676] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.253697] kasan_report+0x141/0x180 [ 12.253719] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.253744] kasan_check_range+0x10c/0x1c0 [ 12.253766] __asan_memset+0x27/0x50 [ 12.253785] kmalloc_oob_memset_2+0x166/0x330 [ 12.253816] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.253838] ? __schedule+0x10cc/0x2b60 [ 12.253860] ? __pfx_read_tsc+0x10/0x10 [ 12.253889] ? ktime_get_ts64+0x86/0x230 [ 12.253913] kunit_try_run_case+0x1a5/0x480 [ 12.253935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.253956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.253980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.254003] ? __kthread_parkme+0x82/0x180 [ 12.254069] ? preempt_count_sub+0x50/0x80 [ 12.254092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.254114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.254138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.254161] kthread+0x337/0x6f0 [ 12.254179] ? trace_preempt_on+0x20/0xc0 [ 12.254200] ? __pfx_kthread+0x10/0x10 [ 12.254220] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.254240] ? calculate_sigpending+0x7b/0xa0 [ 12.254263] ? __pfx_kthread+0x10/0x10 [ 12.254295] ret_from_fork+0x116/0x1d0 [ 12.254312] ? __pfx_kthread+0x10/0x10 [ 12.254331] ret_from_fork_asm+0x1a/0x30 [ 12.254360] </TASK> [ 12.254369] [ 12.262240] Allocated by task 191: [ 12.262456] kasan_save_stack+0x45/0x70 [ 12.262661] kasan_save_track+0x18/0x40 [ 12.262854] kasan_save_alloc_info+0x3b/0x50 [ 12.263205] __kasan_kmalloc+0xb7/0xc0 [ 12.263634] __kmalloc_cache_noprof+0x189/0x420 [ 12.263829] kmalloc_oob_memset_2+0xac/0x330 [ 12.264158] kunit_try_run_case+0x1a5/0x480 [ 12.264368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.264678] kthread+0x337/0x6f0 [ 12.264855] ret_from_fork+0x116/0x1d0 [ 12.265031] ret_from_fork_asm+0x1a/0x30 [ 12.265168] [ 12.265239] The buggy address belongs to the object at ffff8881029ce200 [ 12.265239] which belongs to the cache kmalloc-128 of size 128 [ 12.265611] The buggy address is located 119 bytes inside of [ 12.265611] allocated 120-byte region [ffff8881029ce200, ffff8881029ce278) [ 12.266576] [ 12.266680] The buggy address belongs to the physical page: [ 12.266945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.267454] flags: 0x200000000000000(node=0|zone=2) [ 12.267663] page_type: f5(slab) [ 12.267870] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.268451] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.268685] page dumped because: kasan: bad access detected [ 12.268862] [ 12.268976] Memory state around the buggy address: [ 12.269269] ffff8881029ce100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.269936] ffff8881029ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270373] >ffff8881029ce200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.270669] ^ [ 12.270906] ffff8881029ce280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271381] ffff8881029ce300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.229004] ================================================================== [ 12.229466] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.229787] Write of size 128 at addr ffff8881029ce100 by task kunit_try_catch/189 [ 12.230122] [ 12.230233] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.230287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.230298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.230318] Call Trace: [ 12.230329] <TASK> [ 12.230343] dump_stack_lvl+0x73/0xb0 [ 12.230382] print_report+0xd1/0x610 [ 12.230403] ? __virt_addr_valid+0x1db/0x2d0 [ 12.230426] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.230459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.230481] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.230502] kasan_report+0x141/0x180 [ 12.230523] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.230550] kasan_check_range+0x10c/0x1c0 [ 12.230573] __asan_memset+0x27/0x50 [ 12.230591] kmalloc_oob_in_memset+0x15f/0x320 [ 12.230612] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.230655] ? __schedule+0x10cc/0x2b60 [ 12.230677] ? __pfx_read_tsc+0x10/0x10 [ 12.230696] ? ktime_get_ts64+0x86/0x230 [ 12.230719] kunit_try_run_case+0x1a5/0x480 [ 12.230753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.230797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.230819] ? __kthread_parkme+0x82/0x180 [ 12.230839] ? preempt_count_sub+0x50/0x80 [ 12.230862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.230885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.230941] kthread+0x337/0x6f0 [ 12.230959] ? trace_preempt_on+0x20/0xc0 [ 12.230992] ? __pfx_kthread+0x10/0x10 [ 12.231012] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.231032] ? calculate_sigpending+0x7b/0xa0 [ 12.231055] ? __pfx_kthread+0x10/0x10 [ 12.231075] ret_from_fork+0x116/0x1d0 [ 12.231093] ? __pfx_kthread+0x10/0x10 [ 12.231123] ret_from_fork_asm+0x1a/0x30 [ 12.231164] </TASK> [ 12.231174] [ 12.238635] Allocated by task 189: [ 12.238775] kasan_save_stack+0x45/0x70 [ 12.239153] kasan_save_track+0x18/0x40 [ 12.239469] kasan_save_alloc_info+0x3b/0x50 [ 12.239925] __kasan_kmalloc+0xb7/0xc0 [ 12.240247] __kmalloc_cache_noprof+0x189/0x420 [ 12.240545] kmalloc_oob_in_memset+0xac/0x320 [ 12.240707] kunit_try_run_case+0x1a5/0x480 [ 12.240854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.241038] kthread+0x337/0x6f0 [ 12.241189] ret_from_fork+0x116/0x1d0 [ 12.241385] ret_from_fork_asm+0x1a/0x30 [ 12.241629] [ 12.241728] The buggy address belongs to the object at ffff8881029ce100 [ 12.241728] which belongs to the cache kmalloc-128 of size 128 [ 12.242493] The buggy address is located 0 bytes inside of [ 12.242493] allocated 120-byte region [ffff8881029ce100, ffff8881029ce178) [ 12.243254] [ 12.243382] The buggy address belongs to the physical page: [ 12.243864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.244144] flags: 0x200000000000000(node=0|zone=2) [ 12.244321] page_type: f5(slab) [ 12.244442] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.244776] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.245170] page dumped because: kasan: bad access detected [ 12.245409] [ 12.245477] Memory state around the buggy address: [ 12.245631] ffff8881029ce000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.246256] ffff8881029ce080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.246658] >ffff8881029ce100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.246942] ^ [ 12.247285] ffff8881029ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.247615] ffff8881029ce200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.247911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.193898] ================================================================== [ 12.195370] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.196597] Read of size 16 at addr ffff8881025c74c0 by task kunit_try_catch/187 [ 12.197699] [ 12.197810] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.197917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.197930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.197981] Call Trace: [ 12.197993] <TASK> [ 12.198010] dump_stack_lvl+0x73/0xb0 [ 12.198257] print_report+0xd1/0x610 [ 12.198297] ? __virt_addr_valid+0x1db/0x2d0 [ 12.198320] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.198340] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.198362] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.198382] kasan_report+0x141/0x180 [ 12.198403] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.198428] __asan_report_load16_noabort+0x18/0x20 [ 12.198466] kmalloc_uaf_16+0x47b/0x4c0 [ 12.198486] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.198507] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.198533] ? trace_hardirqs_on+0x37/0xe0 [ 12.198557] ? __pfx_read_tsc+0x10/0x10 [ 12.198577] ? ktime_get_ts64+0x86/0x230 [ 12.198602] kunit_try_run_case+0x1a5/0x480 [ 12.198626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198649] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.198674] ? __kthread_parkme+0x82/0x180 [ 12.198694] ? preempt_count_sub+0x50/0x80 [ 12.198718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.198741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.198764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.198787] kthread+0x337/0x6f0 [ 12.198805] ? trace_preempt_on+0x20/0xc0 [ 12.198826] ? __pfx_kthread+0x10/0x10 [ 12.198845] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.198865] ? calculate_sigpending+0x7b/0xa0 [ 12.198889] ? __pfx_kthread+0x10/0x10 [ 12.198909] ret_from_fork+0x116/0x1d0 [ 12.198927] ? __pfx_kthread+0x10/0x10 [ 12.198946] ret_from_fork_asm+0x1a/0x30 [ 12.198977] </TASK> [ 12.198987] [ 12.209191] Allocated by task 187: [ 12.209611] kasan_save_stack+0x45/0x70 [ 12.210099] kasan_save_track+0x18/0x40 [ 12.210533] kasan_save_alloc_info+0x3b/0x50 [ 12.210953] __kasan_kmalloc+0xb7/0xc0 [ 12.211417] __kmalloc_cache_noprof+0x189/0x420 [ 12.211886] kmalloc_uaf_16+0x15b/0x4c0 [ 12.212268] kunit_try_run_case+0x1a5/0x480 [ 12.212432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.212956] kthread+0x337/0x6f0 [ 12.213470] ret_from_fork+0x116/0x1d0 [ 12.213885] ret_from_fork_asm+0x1a/0x30 [ 12.214245] [ 12.214336] Freed by task 187: [ 12.214452] kasan_save_stack+0x45/0x70 [ 12.214813] kasan_save_track+0x18/0x40 [ 12.215268] kasan_save_free_info+0x3f/0x60 [ 12.215768] __kasan_slab_free+0x56/0x70 [ 12.216218] kfree+0x222/0x3f0 [ 12.216526] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.216666] kunit_try_run_case+0x1a5/0x480 [ 12.216812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.217004] kthread+0x337/0x6f0 [ 12.217126] ret_from_fork+0x116/0x1d0 [ 12.217257] ret_from_fork_asm+0x1a/0x30 [ 12.217840] [ 12.218014] The buggy address belongs to the object at ffff8881025c74c0 [ 12.218014] which belongs to the cache kmalloc-16 of size 16 [ 12.219303] The buggy address is located 0 bytes inside of [ 12.219303] freed 16-byte region [ffff8881025c74c0, ffff8881025c74d0) [ 12.220511] [ 12.220672] The buggy address belongs to the physical page: [ 12.221412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 12.222034] flags: 0x200000000000000(node=0|zone=2) [ 12.222599] page_type: f5(slab) [ 12.222769] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.223390] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.223995] page dumped because: kasan: bad access detected [ 12.224511] [ 12.224584] Memory state around the buggy address: [ 12.224741] ffff8881025c7380: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 12.224966] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 12.225191] >ffff8881025c7480: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.225689] ^ [ 12.225870] ffff8881025c7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.226186] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.226455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.163561] ================================================================== [ 12.165142] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.166410] Write of size 16 at addr ffff88810216cb00 by task kunit_try_catch/185 [ 12.167365] [ 12.167489] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.167537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.167548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.167568] Call Trace: [ 12.167580] <TASK> [ 12.167596] dump_stack_lvl+0x73/0xb0 [ 12.167626] print_report+0xd1/0x610 [ 12.167648] ? __virt_addr_valid+0x1db/0x2d0 [ 12.167672] ? kmalloc_oob_16+0x452/0x4a0 [ 12.167692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.167715] ? kmalloc_oob_16+0x452/0x4a0 [ 12.167735] kasan_report+0x141/0x180 [ 12.167757] ? kmalloc_oob_16+0x452/0x4a0 [ 12.167781] __asan_report_store16_noabort+0x1b/0x30 [ 12.167806] kmalloc_oob_16+0x452/0x4a0 [ 12.167827] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.167848] ? __schedule+0x10cc/0x2b60 [ 12.167870] ? __pfx_read_tsc+0x10/0x10 [ 12.167890] ? ktime_get_ts64+0x86/0x230 [ 12.167914] kunit_try_run_case+0x1a5/0x480 [ 12.167938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.167960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.167984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.168007] ? __kthread_parkme+0x82/0x180 [ 12.168027] ? preempt_count_sub+0x50/0x80 [ 12.168051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.168075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.168099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.168122] kthread+0x337/0x6f0 [ 12.168141] ? trace_preempt_on+0x20/0xc0 [ 12.168164] ? __pfx_kthread+0x10/0x10 [ 12.168184] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.168204] ? calculate_sigpending+0x7b/0xa0 [ 12.168229] ? __pfx_kthread+0x10/0x10 [ 12.168261] ret_from_fork+0x116/0x1d0 [ 12.168289] ? __pfx_kthread+0x10/0x10 [ 12.168308] ret_from_fork_asm+0x1a/0x30 [ 12.168339] </TASK> [ 12.168349] [ 12.175384] Allocated by task 185: [ 12.175611] kasan_save_stack+0x45/0x70 [ 12.175774] kasan_save_track+0x18/0x40 [ 12.175957] kasan_save_alloc_info+0x3b/0x50 [ 12.176152] __kasan_kmalloc+0xb7/0xc0 [ 12.176379] __kmalloc_cache_noprof+0x189/0x420 [ 12.176572] kmalloc_oob_16+0xa8/0x4a0 [ 12.176868] kunit_try_run_case+0x1a5/0x480 [ 12.177179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.177383] kthread+0x337/0x6f0 [ 12.177664] ret_from_fork+0x116/0x1d0 [ 12.177825] ret_from_fork_asm+0x1a/0x30 [ 12.178007] [ 12.178103] The buggy address belongs to the object at ffff88810216cb00 [ 12.178103] which belongs to the cache kmalloc-16 of size 16 [ 12.178630] The buggy address is located 0 bytes inside of [ 12.178630] allocated 13-byte region [ffff88810216cb00, ffff88810216cb0d) [ 12.179012] [ 12.179118] The buggy address belongs to the physical page: [ 12.179384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10216c [ 12.179756] flags: 0x200000000000000(node=0|zone=2) [ 12.179922] page_type: f5(slab) [ 12.180042] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.180283] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.180612] page dumped because: kasan: bad access detected [ 12.180857] [ 12.180952] Memory state around the buggy address: [ 12.181247] ffff88810216ca00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.181576] ffff88810216ca80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.182008] >ffff88810216cb00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.182347] ^ [ 12.182548] ffff88810216cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.182826] ffff88810216cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.183207] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.111428] ================================================================== [ 12.111963] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.112255] Read of size 1 at addr ffff888100344000 by task kunit_try_catch/183 [ 12.112652] [ 12.112860] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.112907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.112919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.112947] Call Trace: [ 12.112960] <TASK> [ 12.112976] dump_stack_lvl+0x73/0xb0 [ 12.113006] print_report+0xd1/0x610 [ 12.113027] ? __virt_addr_valid+0x1db/0x2d0 [ 12.113063] ? krealloc_uaf+0x1b8/0x5e0 [ 12.113084] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.113106] ? krealloc_uaf+0x1b8/0x5e0 [ 12.113126] kasan_report+0x141/0x180 [ 12.113147] ? krealloc_uaf+0x1b8/0x5e0 [ 12.113171] ? krealloc_uaf+0x1b8/0x5e0 [ 12.113191] __kasan_check_byte+0x3d/0x50 [ 12.113212] krealloc_noprof+0x3f/0x340 [ 12.113235] krealloc_uaf+0x1b8/0x5e0 [ 12.113256] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.113287] ? finish_task_switch.isra.0+0x153/0x700 [ 12.113310] ? __switch_to+0x47/0xf50 [ 12.113335] ? __schedule+0x10cc/0x2b60 [ 12.113357] ? __pfx_read_tsc+0x10/0x10 [ 12.113377] ? ktime_get_ts64+0x86/0x230 [ 12.113402] kunit_try_run_case+0x1a5/0x480 [ 12.113426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.113448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.113471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.113493] ? __kthread_parkme+0x82/0x180 [ 12.113513] ? preempt_count_sub+0x50/0x80 [ 12.113535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.113558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.113581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.113604] kthread+0x337/0x6f0 [ 12.113672] ? trace_preempt_on+0x20/0xc0 [ 12.113696] ? __pfx_kthread+0x10/0x10 [ 12.113715] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.113736] ? calculate_sigpending+0x7b/0xa0 [ 12.113760] ? __pfx_kthread+0x10/0x10 [ 12.113780] ret_from_fork+0x116/0x1d0 [ 12.113798] ? __pfx_kthread+0x10/0x10 [ 12.113817] ret_from_fork_asm+0x1a/0x30 [ 12.113847] </TASK> [ 12.113857] [ 12.121831] Allocated by task 183: [ 12.122020] kasan_save_stack+0x45/0x70 [ 12.122224] kasan_save_track+0x18/0x40 [ 12.122428] kasan_save_alloc_info+0x3b/0x50 [ 12.122867] __kasan_kmalloc+0xb7/0xc0 [ 12.123166] __kmalloc_cache_noprof+0x189/0x420 [ 12.123411] krealloc_uaf+0xbb/0x5e0 [ 12.123604] kunit_try_run_case+0x1a5/0x480 [ 12.123837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.124247] kthread+0x337/0x6f0 [ 12.124427] ret_from_fork+0x116/0x1d0 [ 12.124603] ret_from_fork_asm+0x1a/0x30 [ 12.124767] [ 12.124856] Freed by task 183: [ 12.125083] kasan_save_stack+0x45/0x70 [ 12.125304] kasan_save_track+0x18/0x40 [ 12.125472] kasan_save_free_info+0x3f/0x60 [ 12.125683] __kasan_slab_free+0x56/0x70 [ 12.125850] kfree+0x222/0x3f0 [ 12.125981] krealloc_uaf+0x13d/0x5e0 [ 12.126114] kunit_try_run_case+0x1a5/0x480 [ 12.126384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.126631] kthread+0x337/0x6f0 [ 12.126815] ret_from_fork+0x116/0x1d0 [ 12.126978] ret_from_fork_asm+0x1a/0x30 [ 12.127356] [ 12.127440] The buggy address belongs to the object at ffff888100344000 [ 12.127440] which belongs to the cache kmalloc-256 of size 256 [ 12.127840] The buggy address is located 0 bytes inside of [ 12.127840] freed 256-byte region [ffff888100344000, ffff888100344100) [ 12.128192] [ 12.128299] The buggy address belongs to the physical page: [ 12.128550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.129036] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.129384] flags: 0x200000000000040(head|node=0|zone=2) [ 12.129889] page_type: f5(slab) [ 12.130095] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.130400] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.130906] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.131369] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.131779] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.132286] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.132671] page dumped because: kasan: bad access detected [ 12.132903] [ 12.132977] Memory state around the buggy address: [ 12.133144] ffff888100343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.133700] ffff888100343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.134003] >ffff888100344000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.134291] ^ [ 12.134415] ffff888100344080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.134798] ffff888100344100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.135012] ================================================================== [ 12.135745] ================================================================== [ 12.136203] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.136534] Read of size 1 at addr ffff888100344000 by task kunit_try_catch/183 [ 12.136821] [ 12.136919] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.136967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.136978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.136998] Call Trace: [ 12.137009] <TASK> [ 12.137064] dump_stack_lvl+0x73/0xb0 [ 12.137093] print_report+0xd1/0x610 [ 12.137115] ? __virt_addr_valid+0x1db/0x2d0 [ 12.137137] ? krealloc_uaf+0x53c/0x5e0 [ 12.137157] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.137179] ? krealloc_uaf+0x53c/0x5e0 [ 12.137200] kasan_report+0x141/0x180 [ 12.137221] ? krealloc_uaf+0x53c/0x5e0 [ 12.137246] __asan_report_load1_noabort+0x18/0x20 [ 12.137270] krealloc_uaf+0x53c/0x5e0 [ 12.137303] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.137323] ? finish_task_switch.isra.0+0x153/0x700 [ 12.137345] ? __switch_to+0x47/0xf50 [ 12.137369] ? __schedule+0x10cc/0x2b60 [ 12.137390] ? __pfx_read_tsc+0x10/0x10 [ 12.137410] ? ktime_get_ts64+0x86/0x230 [ 12.137433] kunit_try_run_case+0x1a5/0x480 [ 12.137466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.137487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.137510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.137533] ? __kthread_parkme+0x82/0x180 [ 12.137553] ? preempt_count_sub+0x50/0x80 [ 12.137575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.137598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.137620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.137644] kthread+0x337/0x6f0 [ 12.137662] ? trace_preempt_on+0x20/0xc0 [ 12.137685] ? __pfx_kthread+0x10/0x10 [ 12.137704] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.137724] ? calculate_sigpending+0x7b/0xa0 [ 12.137748] ? __pfx_kthread+0x10/0x10 [ 12.137768] ret_from_fork+0x116/0x1d0 [ 12.137786] ? __pfx_kthread+0x10/0x10 [ 12.137805] ret_from_fork_asm+0x1a/0x30 [ 12.137834] </TASK> [ 12.137844] [ 12.145298] Allocated by task 183: [ 12.145428] kasan_save_stack+0x45/0x70 [ 12.145570] kasan_save_track+0x18/0x40 [ 12.145704] kasan_save_alloc_info+0x3b/0x50 [ 12.145853] __kasan_kmalloc+0xb7/0xc0 [ 12.145986] __kmalloc_cache_noprof+0x189/0x420 [ 12.146141] krealloc_uaf+0xbb/0x5e0 [ 12.146270] kunit_try_run_case+0x1a5/0x480 [ 12.146733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.147354] kthread+0x337/0x6f0 [ 12.147586] ret_from_fork+0x116/0x1d0 [ 12.147777] ret_from_fork_asm+0x1a/0x30 [ 12.147973] [ 12.148131] Freed by task 183: [ 12.148302] kasan_save_stack+0x45/0x70 [ 12.148557] kasan_save_track+0x18/0x40 [ 12.148749] kasan_save_free_info+0x3f/0x60 [ 12.148960] __kasan_slab_free+0x56/0x70 [ 12.149392] kfree+0x222/0x3f0 [ 12.149589] krealloc_uaf+0x13d/0x5e0 [ 12.149778] kunit_try_run_case+0x1a5/0x480 [ 12.149949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.150359] kthread+0x337/0x6f0 [ 12.150561] ret_from_fork+0x116/0x1d0 [ 12.150705] ret_from_fork_asm+0x1a/0x30 [ 12.150844] [ 12.150918] The buggy address belongs to the object at ffff888100344000 [ 12.150918] which belongs to the cache kmalloc-256 of size 256 [ 12.151294] The buggy address is located 0 bytes inside of [ 12.151294] freed 256-byte region [ffff888100344000, ffff888100344100) [ 12.151819] [ 12.151914] The buggy address belongs to the physical page: [ 12.152190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 12.152906] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.153203] flags: 0x200000000000040(head|node=0|zone=2) [ 12.153475] page_type: f5(slab) [ 12.153612] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.153842] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.154128] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.154727] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.155207] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 12.155601] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.155892] page dumped because: kasan: bad access detected [ 12.156205] [ 12.156301] Memory state around the buggy address: [ 12.156544] ffff888100343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.156826] ffff888100343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.158560] >ffff888100344000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.158811] ^ [ 12.158930] ffff888100344080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.159391] ffff888100344100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.159960] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.033902] ================================================================== [ 12.034392] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.035138] Write of size 1 at addr ffff888102a3a0da by task kunit_try_catch/181 [ 12.036233] [ 12.036523] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.036569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.036580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.036812] Call Trace: [ 12.036832] <TASK> [ 12.036848] dump_stack_lvl+0x73/0xb0 [ 12.036916] print_report+0xd1/0x610 [ 12.036944] ? __virt_addr_valid+0x1db/0x2d0 [ 12.036965] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.036999] ? kasan_addr_to_slab+0x11/0xa0 [ 12.037019] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.037043] kasan_report+0x141/0x180 [ 12.037212] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.037242] __asan_report_store1_noabort+0x1b/0x30 [ 12.037266] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.037318] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.037341] ? finish_task_switch.isra.0+0x153/0x700 [ 12.037364] ? __switch_to+0x47/0xf50 [ 12.037387] ? __schedule+0x10cc/0x2b60 [ 12.037408] ? __pfx_read_tsc+0x10/0x10 [ 12.037430] krealloc_large_less_oob+0x1c/0x30 [ 12.037453] kunit_try_run_case+0x1a5/0x480 [ 12.037476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.037497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.037519] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.037542] ? __kthread_parkme+0x82/0x180 [ 12.037560] ? preempt_count_sub+0x50/0x80 [ 12.037582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.037605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.037628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.037654] kthread+0x337/0x6f0 [ 12.037672] ? trace_preempt_on+0x20/0xc0 [ 12.037694] ? __pfx_kthread+0x10/0x10 [ 12.037713] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.037733] ? calculate_sigpending+0x7b/0xa0 [ 12.037756] ? __pfx_kthread+0x10/0x10 [ 12.037776] ret_from_fork+0x116/0x1d0 [ 12.037793] ? __pfx_kthread+0x10/0x10 [ 12.037812] ret_from_fork_asm+0x1a/0x30 [ 12.037842] </TASK> [ 12.037851] [ 12.053423] The buggy address belongs to the physical page: [ 12.053994] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.054659] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.055384] flags: 0x200000000000040(head|node=0|zone=2) [ 12.055921] page_type: f8(unknown) [ 12.056203] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.056632] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.056866] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.057230] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.058164] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.058970] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.059565] page dumped because: kasan: bad access detected [ 12.059742] [ 12.059812] Memory state around the buggy address: [ 12.059967] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.060541] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.061474] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.062119] ^ [ 12.062762] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.063490] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.063778] ================================================================== [ 12.064119] ================================================================== [ 12.064412] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.064704] Write of size 1 at addr ffff888102a3a0ea by task kunit_try_catch/181 [ 12.064985] [ 12.065077] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.065116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.065127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.065145] Call Trace: [ 12.065159] <TASK> [ 12.065172] dump_stack_lvl+0x73/0xb0 [ 12.065197] print_report+0xd1/0x610 [ 12.065217] ? __virt_addr_valid+0x1db/0x2d0 [ 12.065238] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.065260] ? kasan_addr_to_slab+0x11/0xa0 [ 12.065303] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.065326] kasan_report+0x141/0x180 [ 12.065346] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.065373] __asan_report_store1_noabort+0x1b/0x30 [ 12.065396] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.065420] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.065442] ? finish_task_switch.isra.0+0x153/0x700 [ 12.065463] ? __switch_to+0x47/0xf50 [ 12.065512] ? __schedule+0x10cc/0x2b60 [ 12.065548] ? __pfx_read_tsc+0x10/0x10 [ 12.065571] krealloc_large_less_oob+0x1c/0x30 [ 12.065605] kunit_try_run_case+0x1a5/0x480 [ 12.065628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.065650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.065672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.065695] ? __kthread_parkme+0x82/0x180 [ 12.065717] ? preempt_count_sub+0x50/0x80 [ 12.065738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.065760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.065781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.066034] kthread+0x337/0x6f0 [ 12.066054] ? trace_preempt_on+0x20/0xc0 [ 12.066076] ? __pfx_kthread+0x10/0x10 [ 12.066096] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.066117] ? calculate_sigpending+0x7b/0xa0 [ 12.066139] ? __pfx_kthread+0x10/0x10 [ 12.066160] ret_from_fork+0x116/0x1d0 [ 12.066177] ? __pfx_kthread+0x10/0x10 [ 12.066197] ret_from_fork_asm+0x1a/0x30 [ 12.066226] </TASK> [ 12.066236] [ 12.082400] The buggy address belongs to the physical page: [ 12.082702] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.083049] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.083383] flags: 0x200000000000040(head|node=0|zone=2) [ 12.083917] page_type: f8(unknown) [ 12.084067] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.084762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.085252] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.085719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.086284] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.086824] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.087355] page dumped because: kasan: bad access detected [ 12.087679] [ 12.087770] Memory state around the buggy address: [ 12.087958] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.088537] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.088914] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.089320] ^ [ 12.089600] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.090013] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.090438] ================================================================== [ 11.811068] ================================================================== [ 11.811710] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.812254] Write of size 1 at addr ffff888100aae6d0 by task kunit_try_catch/177 [ 11.812521] [ 11.812671] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.812713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.812723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.812835] Call Trace: [ 11.812857] <TASK> [ 11.812870] dump_stack_lvl+0x73/0xb0 [ 11.812898] print_report+0xd1/0x610 [ 11.812931] ? __virt_addr_valid+0x1db/0x2d0 [ 11.812953] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.812976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.812997] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.813134] kasan_report+0x141/0x180 [ 11.813157] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.813185] __asan_report_store1_noabort+0x1b/0x30 [ 11.813281] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.813308] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.813332] ? finish_task_switch.isra.0+0x153/0x700 [ 11.813355] ? __switch_to+0x47/0xf50 [ 11.813379] ? __schedule+0x10cc/0x2b60 [ 11.813400] ? __pfx_read_tsc+0x10/0x10 [ 11.813422] krealloc_less_oob+0x1c/0x30 [ 11.813443] kunit_try_run_case+0x1a5/0x480 [ 11.813532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.813554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.813577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.813599] ? __kthread_parkme+0x82/0x180 [ 11.813619] ? preempt_count_sub+0x50/0x80 [ 11.813641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.813663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.813686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.813709] kthread+0x337/0x6f0 [ 11.813727] ? trace_preempt_on+0x20/0xc0 [ 11.813748] ? __pfx_kthread+0x10/0x10 [ 11.813767] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.813788] ? calculate_sigpending+0x7b/0xa0 [ 11.813810] ? __pfx_kthread+0x10/0x10 [ 11.813830] ret_from_fork+0x116/0x1d0 [ 11.813847] ? __pfx_kthread+0x10/0x10 [ 11.813866] ret_from_fork_asm+0x1a/0x30 [ 11.813896] </TASK> [ 11.813905] [ 11.824713] Allocated by task 177: [ 11.825055] kasan_save_stack+0x45/0x70 [ 11.825241] kasan_save_track+0x18/0x40 [ 11.825537] kasan_save_alloc_info+0x3b/0x50 [ 11.825924] __kasan_krealloc+0x190/0x1f0 [ 11.826311] krealloc_noprof+0xf3/0x340 [ 11.826543] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.826908] krealloc_less_oob+0x1c/0x30 [ 11.827217] kunit_try_run_case+0x1a5/0x480 [ 11.827406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.827680] kthread+0x337/0x6f0 [ 11.827799] ret_from_fork+0x116/0x1d0 [ 11.827994] ret_from_fork_asm+0x1a/0x30 [ 11.828264] [ 11.828370] The buggy address belongs to the object at ffff888100aae600 [ 11.828370] which belongs to the cache kmalloc-256 of size 256 [ 11.829190] The buggy address is located 7 bytes to the right of [ 11.829190] allocated 201-byte region [ffff888100aae600, ffff888100aae6c9) [ 11.829935] [ 11.830011] The buggy address belongs to the physical page: [ 11.830332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 11.830842] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.831140] flags: 0x200000000000040(head|node=0|zone=2) [ 11.831525] page_type: f5(slab) [ 11.831673] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.832164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.832457] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.832785] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.833297] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 11.833732] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.834126] page dumped because: kasan: bad access detected [ 11.834412] [ 11.834573] Memory state around the buggy address: [ 11.834761] ffff888100aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.835242] ffff888100aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.835532] >ffff888100aae680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.835940] ^ [ 11.836421] ffff888100aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.836734] ffff888100aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.837034] ================================================================== [ 12.090817] ================================================================== [ 12.091131] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.091456] Write of size 1 at addr ffff888102a3a0eb by task kunit_try_catch/181 [ 12.091724] [ 12.091935] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.091977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.091988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.092007] Call Trace: [ 12.092022] <TASK> [ 12.092037] dump_stack_lvl+0x73/0xb0 [ 12.092063] print_report+0xd1/0x610 [ 12.092085] ? __virt_addr_valid+0x1db/0x2d0 [ 12.092106] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.092170] ? kasan_addr_to_slab+0x11/0xa0 [ 12.092190] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.092213] kasan_report+0x141/0x180 [ 12.092234] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.092262] __asan_report_store1_noabort+0x1b/0x30 [ 12.092297] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.092322] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.092346] ? finish_task_switch.isra.0+0x153/0x700 [ 12.092367] ? __switch_to+0x47/0xf50 [ 12.092391] ? __schedule+0x10cc/0x2b60 [ 12.092412] ? __pfx_read_tsc+0x10/0x10 [ 12.092435] krealloc_large_less_oob+0x1c/0x30 [ 12.092457] kunit_try_run_case+0x1a5/0x480 [ 12.092480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.092502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.092525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.092548] ? __kthread_parkme+0x82/0x180 [ 12.092567] ? preempt_count_sub+0x50/0x80 [ 12.092589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.092611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.092634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.092657] kthread+0x337/0x6f0 [ 12.092675] ? trace_preempt_on+0x20/0xc0 [ 12.092697] ? __pfx_kthread+0x10/0x10 [ 12.092716] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.092736] ? calculate_sigpending+0x7b/0xa0 [ 12.092759] ? __pfx_kthread+0x10/0x10 [ 12.092779] ret_from_fork+0x116/0x1d0 [ 12.092799] ? __pfx_kthread+0x10/0x10 [ 12.092818] ret_from_fork_asm+0x1a/0x30 [ 12.092847] </TASK> [ 12.092856] [ 12.100909] The buggy address belongs to the physical page: [ 12.101288] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.101674] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.101939] flags: 0x200000000000040(head|node=0|zone=2) [ 12.102116] page_type: f8(unknown) [ 12.102583] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.103242] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.103716] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.104057] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.104379] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.104698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.105055] page dumped because: kasan: bad access detected [ 12.105288] [ 12.105381] Memory state around the buggy address: [ 12.105646] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.105892] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.106108] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.106332] ^ [ 12.106585] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.106923] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.107233] ================================================================== [ 12.004794] ================================================================== [ 12.005321] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.006443] Write of size 1 at addr ffff888102a3a0d0 by task kunit_try_catch/181 [ 12.006867] [ 12.006955] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.006997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.007009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.007028] Call Trace: [ 12.007039] <TASK> [ 12.007053] dump_stack_lvl+0x73/0xb0 [ 12.007080] print_report+0xd1/0x610 [ 12.007102] ? __virt_addr_valid+0x1db/0x2d0 [ 12.007123] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.007146] ? kasan_addr_to_slab+0x11/0xa0 [ 12.007165] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.007189] kasan_report+0x141/0x180 [ 12.007209] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.007237] __asan_report_store1_noabort+0x1b/0x30 [ 12.007261] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.007405] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.007433] ? finish_task_switch.isra.0+0x153/0x700 [ 12.007467] ? __switch_to+0x47/0xf50 [ 12.007492] ? __schedule+0x10cc/0x2b60 [ 12.007513] ? __pfx_read_tsc+0x10/0x10 [ 12.007536] krealloc_large_less_oob+0x1c/0x30 [ 12.007559] kunit_try_run_case+0x1a5/0x480 [ 12.007583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.007604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.007627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.007649] ? __kthread_parkme+0x82/0x180 [ 12.007669] ? preempt_count_sub+0x50/0x80 [ 12.007692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.007715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.007738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.007761] kthread+0x337/0x6f0 [ 12.007779] ? trace_preempt_on+0x20/0xc0 [ 12.007800] ? __pfx_kthread+0x10/0x10 [ 12.007819] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.007840] ? calculate_sigpending+0x7b/0xa0 [ 12.007863] ? __pfx_kthread+0x10/0x10 [ 12.007883] ret_from_fork+0x116/0x1d0 [ 12.007901] ? __pfx_kthread+0x10/0x10 [ 12.007920] ret_from_fork_asm+0x1a/0x30 [ 12.007950] </TASK> [ 12.007959] [ 12.022583] The buggy address belongs to the physical page: [ 12.023215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.023705] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.023938] flags: 0x200000000000040(head|node=0|zone=2) [ 12.024437] page_type: f8(unknown) [ 12.024770] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.025634] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.026390] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.026837] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.027637] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.028239] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.028712] page dumped because: kasan: bad access detected [ 12.028887] [ 12.028963] Memory state around the buggy address: [ 12.029502] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.030219] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.030914] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.031432] ^ [ 12.031836] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.032605] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.033068] ================================================================== [ 11.969926] ================================================================== [ 11.970441] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.970700] Write of size 1 at addr ffff888102a3a0c9 by task kunit_try_catch/181 [ 11.970927] [ 11.971014] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.971056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.971067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.971088] Call Trace: [ 11.971099] <TASK> [ 11.971114] dump_stack_lvl+0x73/0xb0 [ 11.971142] print_report+0xd1/0x610 [ 11.971163] ? __virt_addr_valid+0x1db/0x2d0 [ 11.971186] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.971209] ? kasan_addr_to_slab+0x11/0xa0 [ 11.971229] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.971252] kasan_report+0x141/0x180 [ 11.971283] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.971311] __asan_report_store1_noabort+0x1b/0x30 [ 11.971335] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.971360] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.971383] ? finish_task_switch.isra.0+0x153/0x700 [ 11.971406] ? __switch_to+0x47/0xf50 [ 11.971431] ? __schedule+0x10cc/0x2b60 [ 11.971452] ? __pfx_read_tsc+0x10/0x10 [ 11.971475] krealloc_large_less_oob+0x1c/0x30 [ 11.971497] kunit_try_run_case+0x1a5/0x480 [ 11.971522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.971543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.971566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.971588] ? __kthread_parkme+0x82/0x180 [ 11.971608] ? preempt_count_sub+0x50/0x80 [ 11.971630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.971652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.971675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.971698] kthread+0x337/0x6f0 [ 11.971716] ? trace_preempt_on+0x20/0xc0 [ 11.971740] ? __pfx_kthread+0x10/0x10 [ 11.971760] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.971781] ? calculate_sigpending+0x7b/0xa0 [ 11.971804] ? __pfx_kthread+0x10/0x10 [ 11.971824] ret_from_fork+0x116/0x1d0 [ 11.971842] ? __pfx_kthread+0x10/0x10 [ 11.971861] ret_from_fork_asm+0x1a/0x30 [ 11.971891] </TASK> [ 11.971900] [ 11.992530] The buggy address belongs to the physical page: [ 11.992728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.992983] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.993987] flags: 0x200000000000040(head|node=0|zone=2) [ 11.994793] page_type: f8(unknown) [ 11.995313] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.995951] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.996779] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.997526] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.997772] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.998018] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.999109] page dumped because: kasan: bad access detected [ 11.999794] [ 12.000088] Memory state around the buggy address: [ 12.000623] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.001006] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.001596] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.001816] ^ [ 12.001992] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.002899] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.003755] ================================================================== [ 11.780822] ================================================================== [ 11.781329] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.782449] Write of size 1 at addr ffff888100aae6c9 by task kunit_try_catch/177 [ 11.782831] [ 11.783302] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.783418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.783444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.783465] Call Trace: [ 11.783477] <TASK> [ 11.783492] dump_stack_lvl+0x73/0xb0 [ 11.783521] print_report+0xd1/0x610 [ 11.783543] ? __virt_addr_valid+0x1db/0x2d0 [ 11.783565] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.783588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.783610] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.783633] kasan_report+0x141/0x180 [ 11.783654] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.783681] __asan_report_store1_noabort+0x1b/0x30 [ 11.783706] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.783732] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.783755] ? finish_task_switch.isra.0+0x153/0x700 [ 11.783777] ? __switch_to+0x47/0xf50 [ 11.783802] ? __schedule+0x10cc/0x2b60 [ 11.783823] ? __pfx_read_tsc+0x10/0x10 [ 11.783846] krealloc_less_oob+0x1c/0x30 [ 11.783866] kunit_try_run_case+0x1a5/0x480 [ 11.783890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.783911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.783934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.783956] ? __kthread_parkme+0x82/0x180 [ 11.783975] ? preempt_count_sub+0x50/0x80 [ 11.783997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.784035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.784058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.784083] kthread+0x337/0x6f0 [ 11.784101] ? trace_preempt_on+0x20/0xc0 [ 11.784123] ? __pfx_kthread+0x10/0x10 [ 11.784142] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.784162] ? calculate_sigpending+0x7b/0xa0 [ 11.784185] ? __pfx_kthread+0x10/0x10 [ 11.784205] ret_from_fork+0x116/0x1d0 [ 11.784223] ? __pfx_kthread+0x10/0x10 [ 11.784242] ret_from_fork_asm+0x1a/0x30 [ 11.784281] </TASK> [ 11.784291] [ 11.796555] Allocated by task 177: [ 11.796958] kasan_save_stack+0x45/0x70 [ 11.797314] kasan_save_track+0x18/0x40 [ 11.797563] kasan_save_alloc_info+0x3b/0x50 [ 11.797904] __kasan_krealloc+0x190/0x1f0 [ 11.798232] krealloc_noprof+0xf3/0x340 [ 11.798425] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.798811] krealloc_less_oob+0x1c/0x30 [ 11.799139] kunit_try_run_case+0x1a5/0x480 [ 11.799336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.799753] kthread+0x337/0x6f0 [ 11.799907] ret_from_fork+0x116/0x1d0 [ 11.800259] ret_from_fork_asm+0x1a/0x30 [ 11.800444] [ 11.800608] The buggy address belongs to the object at ffff888100aae600 [ 11.800608] which belongs to the cache kmalloc-256 of size 256 [ 11.801877] The buggy address is located 0 bytes to the right of [ 11.801877] allocated 201-byte region [ffff888100aae600, ffff888100aae6c9) [ 11.802952] [ 11.803029] The buggy address belongs to the physical page: [ 11.803200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 11.803464] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.803880] flags: 0x200000000000040(head|node=0|zone=2) [ 11.804431] page_type: f5(slab) [ 11.804576] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.804908] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.805245] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.805782] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.806302] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 11.806666] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.807162] page dumped because: kasan: bad access detected [ 11.807570] [ 11.807669] Memory state around the buggy address: [ 11.807866] ffff888100aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.808413] ffff888100aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.808734] >ffff888100aae680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.809287] ^ [ 11.809525] ffff888100aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809845] ffff888100aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.810310] ================================================================== [ 11.891783] ================================================================== [ 11.892080] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.892334] Write of size 1 at addr ffff888100aae6eb by task kunit_try_catch/177 [ 11.892736] [ 11.893083] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.893126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.893137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.893155] Call Trace: [ 11.893169] <TASK> [ 11.893182] dump_stack_lvl+0x73/0xb0 [ 11.893208] print_report+0xd1/0x610 [ 11.893228] ? __virt_addr_valid+0x1db/0x2d0 [ 11.893261] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.893294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.893316] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.893339] kasan_report+0x141/0x180 [ 11.893360] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.893426] __asan_report_store1_noabort+0x1b/0x30 [ 11.893481] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.893506] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.893530] ? finish_task_switch.isra.0+0x153/0x700 [ 11.893551] ? __switch_to+0x47/0xf50 [ 11.893575] ? __schedule+0x10cc/0x2b60 [ 11.893595] ? __pfx_read_tsc+0x10/0x10 [ 11.893618] krealloc_less_oob+0x1c/0x30 [ 11.893639] kunit_try_run_case+0x1a5/0x480 [ 11.893661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.893682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.893704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.893726] ? __kthread_parkme+0x82/0x180 [ 11.893746] ? preempt_count_sub+0x50/0x80 [ 11.893767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.893790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.893813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.893835] kthread+0x337/0x6f0 [ 11.893853] ? trace_preempt_on+0x20/0xc0 [ 11.893874] ? __pfx_kthread+0x10/0x10 [ 11.893893] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.893914] ? calculate_sigpending+0x7b/0xa0 [ 11.893936] ? __pfx_kthread+0x10/0x10 [ 11.893956] ret_from_fork+0x116/0x1d0 [ 11.893974] ? __pfx_kthread+0x10/0x10 [ 11.893993] ret_from_fork_asm+0x1a/0x30 [ 11.894059] </TASK> [ 11.894069] [ 11.906793] Allocated by task 177: [ 11.906932] kasan_save_stack+0x45/0x70 [ 11.907077] kasan_save_track+0x18/0x40 [ 11.907211] kasan_save_alloc_info+0x3b/0x50 [ 11.907913] __kasan_krealloc+0x190/0x1f0 [ 11.908264] krealloc_noprof+0xf3/0x340 [ 11.908851] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.909416] krealloc_less_oob+0x1c/0x30 [ 11.909834] kunit_try_run_case+0x1a5/0x480 [ 11.910330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.910896] kthread+0x337/0x6f0 [ 11.911332] ret_from_fork+0x116/0x1d0 [ 11.911737] ret_from_fork_asm+0x1a/0x30 [ 11.912128] [ 11.912392] The buggy address belongs to the object at ffff888100aae600 [ 11.912392] which belongs to the cache kmalloc-256 of size 256 [ 11.913689] The buggy address is located 34 bytes to the right of [ 11.913689] allocated 201-byte region [ffff888100aae600, ffff888100aae6c9) [ 11.914984] [ 11.915066] The buggy address belongs to the physical page: [ 11.915241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 11.915494] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.915721] flags: 0x200000000000040(head|node=0|zone=2) [ 11.915894] page_type: f5(slab) [ 11.916012] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.916242] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.916483] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.916715] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.916958] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 11.917190] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.917675] page dumped because: kasan: bad access detected [ 11.918285] [ 11.918388] Memory state around the buggy address: [ 11.918635] ffff888100aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.918870] ffff888100aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.919085] >ffff888100aae680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.919406] ^ [ 11.919723] ffff888100aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.920371] ffff888100aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.920696] ================================================================== [ 11.864369] ================================================================== [ 11.864782] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.865241] Write of size 1 at addr ffff888100aae6ea by task kunit_try_catch/177 [ 11.865797] [ 11.865907] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.865948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.865959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.865978] Call Trace: [ 11.865993] <TASK> [ 11.866007] dump_stack_lvl+0x73/0xb0 [ 11.866033] print_report+0xd1/0x610 [ 11.866205] ? __virt_addr_valid+0x1db/0x2d0 [ 11.866229] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.866252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.866287] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.866310] kasan_report+0x141/0x180 [ 11.866331] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.866359] __asan_report_store1_noabort+0x1b/0x30 [ 11.866383] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.866408] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.866431] ? finish_task_switch.isra.0+0x153/0x700 [ 11.866467] ? __switch_to+0x47/0xf50 [ 11.866491] ? __schedule+0x10cc/0x2b60 [ 11.866512] ? __pfx_read_tsc+0x10/0x10 [ 11.866534] krealloc_less_oob+0x1c/0x30 [ 11.866555] kunit_try_run_case+0x1a5/0x480 [ 11.866577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.866621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.866643] ? __kthread_parkme+0x82/0x180 [ 11.866661] ? preempt_count_sub+0x50/0x80 [ 11.866683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.866729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.866753] kthread+0x337/0x6f0 [ 11.866771] ? trace_preempt_on+0x20/0xc0 [ 11.866792] ? __pfx_kthread+0x10/0x10 [ 11.866811] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.866831] ? calculate_sigpending+0x7b/0xa0 [ 11.866854] ? __pfx_kthread+0x10/0x10 [ 11.866874] ret_from_fork+0x116/0x1d0 [ 11.866891] ? __pfx_kthread+0x10/0x10 [ 11.866910] ret_from_fork_asm+0x1a/0x30 [ 11.866939] </TASK> [ 11.866948] [ 11.877385] Allocated by task 177: [ 11.877689] kasan_save_stack+0x45/0x70 [ 11.877989] kasan_save_track+0x18/0x40 [ 11.878328] kasan_save_alloc_info+0x3b/0x50 [ 11.878681] __kasan_krealloc+0x190/0x1f0 [ 11.878861] krealloc_noprof+0xf3/0x340 [ 11.879338] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.879607] krealloc_less_oob+0x1c/0x30 [ 11.879787] kunit_try_run_case+0x1a5/0x480 [ 11.879974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.880461] kthread+0x337/0x6f0 [ 11.880673] ret_from_fork+0x116/0x1d0 [ 11.880990] ret_from_fork_asm+0x1a/0x30 [ 11.881334] [ 11.881413] The buggy address belongs to the object at ffff888100aae600 [ 11.881413] which belongs to the cache kmalloc-256 of size 256 [ 11.881910] The buggy address is located 33 bytes to the right of [ 11.881910] allocated 201-byte region [ffff888100aae600, ffff888100aae6c9) [ 11.882818] [ 11.882923] The buggy address belongs to the physical page: [ 11.883451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 11.883781] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.884300] flags: 0x200000000000040(head|node=0|zone=2) [ 11.884533] page_type: f5(slab) [ 11.884843] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.885366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.885836] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.886329] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.886770] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 11.887366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.887835] page dumped because: kasan: bad access detected [ 11.888020] [ 11.888118] Memory state around the buggy address: [ 11.888642] ffff888100aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.888904] ffff888100aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.889469] >ffff888100aae680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.889762] ^ [ 11.890085] ffff888100aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.890361] ffff888100aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.890674] ================================================================== [ 11.837922] ================================================================== [ 11.838392] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.838856] Write of size 1 at addr ffff888100aae6da by task kunit_try_catch/177 [ 11.839353] [ 11.839443] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.839484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.839495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.839514] Call Trace: [ 11.839526] <TASK> [ 11.839540] dump_stack_lvl+0x73/0xb0 [ 11.839569] print_report+0xd1/0x610 [ 11.839662] ? __virt_addr_valid+0x1db/0x2d0 [ 11.839685] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.839708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.839730] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.839753] kasan_report+0x141/0x180 [ 11.839774] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.839802] __asan_report_store1_noabort+0x1b/0x30 [ 11.839825] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.839850] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.839874] ? finish_task_switch.isra.0+0x153/0x700 [ 11.839895] ? __switch_to+0x47/0xf50 [ 11.839919] ? __schedule+0x10cc/0x2b60 [ 11.839941] ? __pfx_read_tsc+0x10/0x10 [ 11.839964] krealloc_less_oob+0x1c/0x30 [ 11.839985] kunit_try_run_case+0x1a5/0x480 [ 11.840007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.840174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.840197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.840221] ? __kthread_parkme+0x82/0x180 [ 11.840240] ? preempt_count_sub+0x50/0x80 [ 11.840262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.840299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.840322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.840346] kthread+0x337/0x6f0 [ 11.840532] ? trace_preempt_on+0x20/0xc0 [ 11.840555] ? __pfx_kthread+0x10/0x10 [ 11.840575] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.840596] ? calculate_sigpending+0x7b/0xa0 [ 11.840619] ? __pfx_kthread+0x10/0x10 [ 11.840639] ret_from_fork+0x116/0x1d0 [ 11.840657] ? __pfx_kthread+0x10/0x10 [ 11.840677] ret_from_fork_asm+0x1a/0x30 [ 11.840705] </TASK> [ 11.840714] [ 11.850838] Allocated by task 177: [ 11.851168] kasan_save_stack+0x45/0x70 [ 11.851436] kasan_save_track+0x18/0x40 [ 11.851577] kasan_save_alloc_info+0x3b/0x50 [ 11.851892] __kasan_krealloc+0x190/0x1f0 [ 11.852197] krealloc_noprof+0xf3/0x340 [ 11.852381] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.852800] krealloc_less_oob+0x1c/0x30 [ 11.853124] kunit_try_run_case+0x1a5/0x480 [ 11.853533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.853824] kthread+0x337/0x6f0 [ 11.854068] ret_from_fork+0x116/0x1d0 [ 11.854324] ret_from_fork_asm+0x1a/0x30 [ 11.854684] [ 11.854787] The buggy address belongs to the object at ffff888100aae600 [ 11.854787] which belongs to the cache kmalloc-256 of size 256 [ 11.855402] The buggy address is located 17 bytes to the right of [ 11.855402] allocated 201-byte region [ffff888100aae600, ffff888100aae6c9) [ 11.856036] [ 11.856138] The buggy address belongs to the physical page: [ 11.856333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 11.857129] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.857462] flags: 0x200000000000040(head|node=0|zone=2) [ 11.857767] page_type: f5(slab) [ 11.857997] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.858493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.858815] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.859413] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.859938] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 11.860495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.860809] page dumped because: kasan: bad access detected [ 11.861032] [ 11.861113] Memory state around the buggy address: [ 11.861559] ffff888100aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861933] ffff888100aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.862316] >ffff888100aae680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.862676] ^ [ 11.862936] ffff888100aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863350] ffff888100aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863621] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.735979] ================================================================== [ 11.736754] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.737013] Write of size 1 at addr ffff888100343ef0 by task kunit_try_catch/175 [ 11.737239] [ 11.737337] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.737378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.737389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.737408] Call Trace: [ 11.737419] <TASK> [ 11.737432] dump_stack_lvl+0x73/0xb0 [ 11.737524] print_report+0xd1/0x610 [ 11.737546] ? __virt_addr_valid+0x1db/0x2d0 [ 11.737593] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.737617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.737638] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.737676] kasan_report+0x141/0x180 [ 11.737697] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.737813] __asan_report_store1_noabort+0x1b/0x30 [ 11.737842] krealloc_more_oob_helper+0x7eb/0x930 [ 11.737864] ? __schedule+0x10cc/0x2b60 [ 11.737885] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.737909] ? finish_task_switch.isra.0+0x153/0x700 [ 11.737931] ? __switch_to+0x47/0xf50 [ 11.737955] ? __schedule+0x10cc/0x2b60 [ 11.737984] ? __pfx_read_tsc+0x10/0x10 [ 11.738007] krealloc_more_oob+0x1c/0x30 [ 11.738398] kunit_try_run_case+0x1a5/0x480 [ 11.738424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.738461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.738488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.738512] ? __kthread_parkme+0x82/0x180 [ 11.738532] ? preempt_count_sub+0x50/0x80 [ 11.738554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.738577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.738601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.738624] kthread+0x337/0x6f0 [ 11.738643] ? trace_preempt_on+0x20/0xc0 [ 11.738664] ? __pfx_kthread+0x10/0x10 [ 11.738684] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.738704] ? calculate_sigpending+0x7b/0xa0 [ 11.738727] ? __pfx_kthread+0x10/0x10 [ 11.738747] ret_from_fork+0x116/0x1d0 [ 11.738765] ? __pfx_kthread+0x10/0x10 [ 11.738784] ret_from_fork_asm+0x1a/0x30 [ 11.738814] </TASK> [ 11.738823] [ 11.756711] Allocated by task 175: [ 11.757241] kasan_save_stack+0x45/0x70 [ 11.757569] kasan_save_track+0x18/0x40 [ 11.757711] kasan_save_alloc_info+0x3b/0x50 [ 11.757859] __kasan_krealloc+0x190/0x1f0 [ 11.757995] krealloc_noprof+0xf3/0x340 [ 11.758696] krealloc_more_oob_helper+0x1a9/0x930 [ 11.759525] krealloc_more_oob+0x1c/0x30 [ 11.760029] kunit_try_run_case+0x1a5/0x480 [ 11.760640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.761248] kthread+0x337/0x6f0 [ 11.761567] ret_from_fork+0x116/0x1d0 [ 11.761711] ret_from_fork_asm+0x1a/0x30 [ 11.761853] [ 11.761927] The buggy address belongs to the object at ffff888100343e00 [ 11.761927] which belongs to the cache kmalloc-256 of size 256 [ 11.763089] The buggy address is located 5 bytes to the right of [ 11.763089] allocated 235-byte region [ffff888100343e00, ffff888100343eeb) [ 11.764753] [ 11.765070] The buggy address belongs to the physical page: [ 11.765713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 11.766197] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.766998] flags: 0x200000000000040(head|node=0|zone=2) [ 11.767487] page_type: f5(slab) [ 11.767925] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.768756] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.769017] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.770054] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.770797] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 11.771211] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.771934] page dumped because: kasan: bad access detected [ 11.772530] [ 11.772681] Memory state around the buggy address: [ 11.773042] ffff888100343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.773529] ffff888100343e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.774283] >ffff888100343e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.774653] ^ [ 11.775323] ffff888100343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.775828] ffff888100343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.776090] ================================================================== [ 11.924547] ================================================================== [ 11.925643] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.926355] Write of size 1 at addr ffff8881028aa0eb by task kunit_try_catch/179 [ 11.926680] [ 11.926775] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.926821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.926832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.926853] Call Trace: [ 11.926866] <TASK> [ 11.926882] dump_stack_lvl+0x73/0xb0 [ 11.926911] print_report+0xd1/0x610 [ 11.926933] ? __virt_addr_valid+0x1db/0x2d0 [ 11.926958] ? krealloc_more_oob_helper+0x821/0x930 [ 11.926981] ? kasan_addr_to_slab+0x11/0xa0 [ 11.927001] ? krealloc_more_oob_helper+0x821/0x930 [ 11.927026] kasan_report+0x141/0x180 [ 11.927046] ? krealloc_more_oob_helper+0x821/0x930 [ 11.927074] __asan_report_store1_noabort+0x1b/0x30 [ 11.927099] krealloc_more_oob_helper+0x821/0x930 [ 11.927122] ? __schedule+0x10cc/0x2b60 [ 11.927146] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.927171] ? finish_task_switch.isra.0+0x153/0x700 [ 11.927194] ? __switch_to+0x47/0xf50 [ 11.927219] ? __schedule+0x10cc/0x2b60 [ 11.927239] ? __pfx_read_tsc+0x10/0x10 [ 11.927263] krealloc_large_more_oob+0x1c/0x30 [ 11.927297] kunit_try_run_case+0x1a5/0x480 [ 11.927321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.927344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.927368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.927391] ? __kthread_parkme+0x82/0x180 [ 11.927411] ? preempt_count_sub+0x50/0x80 [ 11.927433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.927464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.927487] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.927512] kthread+0x337/0x6f0 [ 11.927532] ? trace_preempt_on+0x20/0xc0 [ 11.927556] ? __pfx_kthread+0x10/0x10 [ 11.927576] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.927623] ? calculate_sigpending+0x7b/0xa0 [ 11.927648] ? __pfx_kthread+0x10/0x10 [ 11.927669] ret_from_fork+0x116/0x1d0 [ 11.927687] ? __pfx_kthread+0x10/0x10 [ 11.927706] ret_from_fork_asm+0x1a/0x30 [ 11.927736] </TASK> [ 11.927746] [ 11.938120] The buggy address belongs to the physical page: [ 11.938619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a8 [ 11.939031] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.939413] flags: 0x200000000000040(head|node=0|zone=2) [ 11.939949] page_type: f8(unknown) [ 11.940081] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.940480] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.940822] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.941079] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.941511] head: 0200000000000002 ffffea00040a2a01 00000000ffffffff 00000000ffffffff [ 11.942157] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.942952] page dumped because: kasan: bad access detected [ 11.943501] [ 11.943657] Memory state around the buggy address: [ 11.944115] ffff8881028a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.944544] ffff8881028aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.944772] >ffff8881028aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.944988] ^ [ 11.945281] ffff8881028aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.945593] ffff8881028aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.945883] ================================================================== [ 11.701794] ================================================================== [ 11.702291] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.702813] Write of size 1 at addr ffff888100343eeb by task kunit_try_catch/175 [ 11.703425] [ 11.703566] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.703610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.703621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.703642] Call Trace: [ 11.703654] <TASK> [ 11.703669] dump_stack_lvl+0x73/0xb0 [ 11.703698] print_report+0xd1/0x610 [ 11.703719] ? __virt_addr_valid+0x1db/0x2d0 [ 11.703742] ? krealloc_more_oob_helper+0x821/0x930 [ 11.703765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.703787] ? krealloc_more_oob_helper+0x821/0x930 [ 11.703811] kasan_report+0x141/0x180 [ 11.703924] ? krealloc_more_oob_helper+0x821/0x930 [ 11.703957] __asan_report_store1_noabort+0x1b/0x30 [ 11.703981] krealloc_more_oob_helper+0x821/0x930 [ 11.704003] ? __schedule+0x10cc/0x2b60 [ 11.704097] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.704122] ? finish_task_switch.isra.0+0x153/0x700 [ 11.704145] ? __switch_to+0x47/0xf50 [ 11.704170] ? __schedule+0x10cc/0x2b60 [ 11.704191] ? __pfx_read_tsc+0x10/0x10 [ 11.704214] krealloc_more_oob+0x1c/0x30 [ 11.704235] kunit_try_run_case+0x1a5/0x480 [ 11.704259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.704294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.704317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.704339] ? __kthread_parkme+0x82/0x180 [ 11.704359] ? preempt_count_sub+0x50/0x80 [ 11.704381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.704403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.704426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.704449] kthread+0x337/0x6f0 [ 11.704467] ? trace_preempt_on+0x20/0xc0 [ 11.704489] ? __pfx_kthread+0x10/0x10 [ 11.704508] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.704529] ? calculate_sigpending+0x7b/0xa0 [ 11.704551] ? __pfx_kthread+0x10/0x10 [ 11.704572] ret_from_fork+0x116/0x1d0 [ 11.704589] ? __pfx_kthread+0x10/0x10 [ 11.704608] ret_from_fork_asm+0x1a/0x30 [ 11.704638] </TASK> [ 11.704648] [ 11.717025] Allocated by task 175: [ 11.717537] kasan_save_stack+0x45/0x70 [ 11.717741] kasan_save_track+0x18/0x40 [ 11.717928] kasan_save_alloc_info+0x3b/0x50 [ 11.718394] __kasan_krealloc+0x190/0x1f0 [ 11.718756] krealloc_noprof+0xf3/0x340 [ 11.718973] krealloc_more_oob_helper+0x1a9/0x930 [ 11.719418] krealloc_more_oob+0x1c/0x30 [ 11.719708] kunit_try_run_case+0x1a5/0x480 [ 11.719918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.720387] kthread+0x337/0x6f0 [ 11.720740] ret_from_fork+0x116/0x1d0 [ 11.721116] ret_from_fork_asm+0x1a/0x30 [ 11.721439] [ 11.721717] The buggy address belongs to the object at ffff888100343e00 [ 11.721717] which belongs to the cache kmalloc-256 of size 256 [ 11.722883] The buggy address is located 0 bytes to the right of [ 11.722883] allocated 235-byte region [ffff888100343e00, ffff888100343eeb) [ 11.723958] [ 11.724242] The buggy address belongs to the physical page: [ 11.724844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 11.725471] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.726234] flags: 0x200000000000040(head|node=0|zone=2) [ 11.726675] page_type: f5(slab) [ 11.727007] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.727496] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.728237] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.728721] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.729328] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 11.729791] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.730218] page dumped because: kasan: bad access detected [ 11.730686] [ 11.730758] Memory state around the buggy address: [ 11.730915] ffff888100343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.731472] ffff888100343e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.732153] >ffff888100343e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.733178] ^ [ 11.733429] ffff888100343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.734462] ffff888100343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.734920] ================================================================== [ 11.946287] ================================================================== [ 11.946621] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.946933] Write of size 1 at addr ffff8881028aa0f0 by task kunit_try_catch/179 [ 11.947286] [ 11.947421] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.947461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.947472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.947489] Call Trace: [ 11.947503] <TASK> [ 11.947515] dump_stack_lvl+0x73/0xb0 [ 11.947540] print_report+0xd1/0x610 [ 11.947560] ? __virt_addr_valid+0x1db/0x2d0 [ 11.947581] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.947604] ? kasan_addr_to_slab+0x11/0xa0 [ 11.947623] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.947647] kasan_report+0x141/0x180 [ 11.947667] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.947695] __asan_report_store1_noabort+0x1b/0x30 [ 11.947718] krealloc_more_oob_helper+0x7eb/0x930 [ 11.947740] ? __schedule+0x10cc/0x2b60 [ 11.947761] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.947784] ? finish_task_switch.isra.0+0x153/0x700 [ 11.947806] ? __switch_to+0x47/0xf50 [ 11.947829] ? __schedule+0x10cc/0x2b60 [ 11.947850] ? __pfx_read_tsc+0x10/0x10 [ 11.947872] krealloc_large_more_oob+0x1c/0x30 [ 11.947894] kunit_try_run_case+0x1a5/0x480 [ 11.947917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.947961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.947984] ? __kthread_parkme+0x82/0x180 [ 11.948002] ? preempt_count_sub+0x50/0x80 [ 11.948036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.948059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.948082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.948105] kthread+0x337/0x6f0 [ 11.948124] ? trace_preempt_on+0x20/0xc0 [ 11.948145] ? __pfx_kthread+0x10/0x10 [ 11.948164] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.948184] ? calculate_sigpending+0x7b/0xa0 [ 11.948207] ? __pfx_kthread+0x10/0x10 [ 11.948227] ret_from_fork+0x116/0x1d0 [ 11.948244] ? __pfx_kthread+0x10/0x10 [ 11.948263] ret_from_fork_asm+0x1a/0x30 [ 11.948302] </TASK> [ 11.948310] [ 11.956828] The buggy address belongs to the physical page: [ 11.957254] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a8 [ 11.958096] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.958355] flags: 0x200000000000040(head|node=0|zone=2) [ 11.958987] page_type: f8(unknown) [ 11.959595] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.960330] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.960802] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.961409] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.961763] head: 0200000000000002 ffffea00040a2a01 00000000ffffffff 00000000ffffffff [ 11.962303] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.962940] page dumped because: kasan: bad access detected [ 11.963421] [ 11.963671] Memory state around the buggy address: [ 11.963887] ffff8881028a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.964508] ffff8881028aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.964844] >ffff8881028aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.965416] ^ [ 11.965877] ffff8881028aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.966504] ffff8881028aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.966941] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.673140] ================================================================== [ 11.674550] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.675384] Read of size 1 at addr ffff888103940000 by task kunit_try_catch/173 [ 11.675887] [ 11.676223] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.676285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.676296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.676316] Call Trace: [ 11.676330] <TASK> [ 11.676346] dump_stack_lvl+0x73/0xb0 [ 11.676375] print_report+0xd1/0x610 [ 11.676396] ? __virt_addr_valid+0x1db/0x2d0 [ 11.676419] ? page_alloc_uaf+0x356/0x3d0 [ 11.676439] ? kasan_addr_to_slab+0x11/0xa0 [ 11.676510] ? page_alloc_uaf+0x356/0x3d0 [ 11.676532] kasan_report+0x141/0x180 [ 11.676553] ? page_alloc_uaf+0x356/0x3d0 [ 11.676579] __asan_report_load1_noabort+0x18/0x20 [ 11.676602] page_alloc_uaf+0x356/0x3d0 [ 11.676623] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.676645] ? __schedule+0x10cc/0x2b60 [ 11.676667] ? __pfx_read_tsc+0x10/0x10 [ 11.676687] ? ktime_get_ts64+0x86/0x230 [ 11.676710] kunit_try_run_case+0x1a5/0x480 [ 11.676734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.676756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.676779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.676801] ? __kthread_parkme+0x82/0x180 [ 11.676821] ? preempt_count_sub+0x50/0x80 [ 11.676844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.676867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.676890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.676913] kthread+0x337/0x6f0 [ 11.676939] ? trace_preempt_on+0x20/0xc0 [ 11.676961] ? __pfx_kthread+0x10/0x10 [ 11.676980] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.677001] ? calculate_sigpending+0x7b/0xa0 [ 11.677071] ? __pfx_kthread+0x10/0x10 [ 11.677091] ret_from_fork+0x116/0x1d0 [ 11.677109] ? __pfx_kthread+0x10/0x10 [ 11.677128] ret_from_fork_asm+0x1a/0x30 [ 11.677158] </TASK> [ 11.677168] [ 11.688446] The buggy address belongs to the physical page: [ 11.688633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103940 [ 11.688881] flags: 0x200000000000000(node=0|zone=2) [ 11.689053] page_type: f0(buddy) [ 11.689175] raw: 0200000000000000 ffff88817fffb4f0 ffff88817fffb4f0 0000000000000000 [ 11.690313] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 11.691364] page dumped because: kasan: bad access detected [ 11.692196] [ 11.692553] Memory state around the buggy address: [ 11.693306] ffff88810393ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.694363] ffff88810393ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.695451] >ffff888103940000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.695963] ^ [ 11.696557] ffff888103940080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.697478] ffff888103940100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.697971] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.635863] ================================================================== [ 11.637410] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.637964] Free of addr ffff888102a38001 by task kunit_try_catch/169 [ 11.638765] [ 11.639089] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.639401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.639416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.639436] Call Trace: [ 11.639447] <TASK> [ 11.639461] dump_stack_lvl+0x73/0xb0 [ 11.639491] print_report+0xd1/0x610 [ 11.639512] ? __virt_addr_valid+0x1db/0x2d0 [ 11.639535] ? kasan_addr_to_slab+0x11/0xa0 [ 11.639554] ? kfree+0x274/0x3f0 [ 11.639574] kasan_report_invalid_free+0x10a/0x130 [ 11.639598] ? kfree+0x274/0x3f0 [ 11.639620] ? kfree+0x274/0x3f0 [ 11.639639] __kasan_kfree_large+0x86/0xd0 [ 11.639660] free_large_kmalloc+0x4b/0x110 [ 11.639683] kfree+0x274/0x3f0 [ 11.639706] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.639729] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.639752] ? __schedule+0x10cc/0x2b60 [ 11.639773] ? __pfx_read_tsc+0x10/0x10 [ 11.639792] ? ktime_get_ts64+0x86/0x230 [ 11.639815] kunit_try_run_case+0x1a5/0x480 [ 11.639838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.639859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.639881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.639904] ? __kthread_parkme+0x82/0x180 [ 11.639922] ? preempt_count_sub+0x50/0x80 [ 11.639945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.639968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.639991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.640035] kthread+0x337/0x6f0 [ 11.640053] ? trace_preempt_on+0x20/0xc0 [ 11.640075] ? __pfx_kthread+0x10/0x10 [ 11.640094] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.640115] ? calculate_sigpending+0x7b/0xa0 [ 11.640137] ? __pfx_kthread+0x10/0x10 [ 11.640157] ret_from_fork+0x116/0x1d0 [ 11.640175] ? __pfx_kthread+0x10/0x10 [ 11.640194] ret_from_fork_asm+0x1a/0x30 [ 11.640223] </TASK> [ 11.640232] [ 11.655969] The buggy address belongs to the physical page: [ 11.656159] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.656419] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.657178] flags: 0x200000000000040(head|node=0|zone=2) [ 11.657757] page_type: f8(unknown) [ 11.658157] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.658908] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.659970] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.660759] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.661188] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.661964] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.662582] page dumped because: kasan: bad access detected [ 11.662758] [ 11.662827] Memory state around the buggy address: [ 11.662982] ffff888102a37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.663814] ffff888102a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.664616] >ffff888102a38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.665494] ^ [ 11.665919] ffff888102a38080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.666517] ffff888102a38100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.667333] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.604714] ================================================================== [ 11.605723] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.606074] Read of size 1 at addr ffff8881028a4000 by task kunit_try_catch/167 [ 11.606334] [ 11.606783] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.606830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.606841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.606861] Call Trace: [ 11.606872] <TASK> [ 11.606887] dump_stack_lvl+0x73/0xb0 [ 11.606915] print_report+0xd1/0x610 [ 11.607028] ? __virt_addr_valid+0x1db/0x2d0 [ 11.607051] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.607071] ? kasan_addr_to_slab+0x11/0xa0 [ 11.607205] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.607230] kasan_report+0x141/0x180 [ 11.607252] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.607289] __asan_report_load1_noabort+0x18/0x20 [ 11.607313] kmalloc_large_uaf+0x2f1/0x340 [ 11.607334] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.607355] ? __schedule+0x10cc/0x2b60 [ 11.607377] ? __pfx_read_tsc+0x10/0x10 [ 11.607398] ? ktime_get_ts64+0x86/0x230 [ 11.607420] kunit_try_run_case+0x1a5/0x480 [ 11.607443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.607488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.607511] ? __kthread_parkme+0x82/0x180 [ 11.607530] ? preempt_count_sub+0x50/0x80 [ 11.607553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.607576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.607599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.607622] kthread+0x337/0x6f0 [ 11.607641] ? trace_preempt_on+0x20/0xc0 [ 11.607663] ? __pfx_kthread+0x10/0x10 [ 11.607682] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.607703] ? calculate_sigpending+0x7b/0xa0 [ 11.607726] ? __pfx_kthread+0x10/0x10 [ 11.607746] ret_from_fork+0x116/0x1d0 [ 11.607764] ? __pfx_kthread+0x10/0x10 [ 11.607783] ret_from_fork_asm+0x1a/0x30 [ 11.607813] </TASK> [ 11.607822] [ 11.622923] The buggy address belongs to the physical page: [ 11.623180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a4 [ 11.624514] flags: 0x200000000000000(node=0|zone=2) [ 11.625350] raw: 0200000000000000 ffffea00040a2a08 ffff88815b039f80 0000000000000000 [ 11.626280] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.626778] page dumped because: kasan: bad access detected [ 11.627441] [ 11.627518] Memory state around the buggy address: [ 11.627677] ffff8881028a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.627895] ffff8881028a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.628707] >ffff8881028a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.629686] ^ [ 11.629994] ffff8881028a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.631102] ffff8881028a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.631868] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.573780] ================================================================== [ 11.574843] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.575671] Write of size 1 at addr ffff8881028a600a by task kunit_try_catch/165 [ 11.576349] [ 11.576696] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.576840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.576852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.576872] Call Trace: [ 11.576884] <TASK> [ 11.576899] dump_stack_lvl+0x73/0xb0 [ 11.576941] print_report+0xd1/0x610 [ 11.576962] ? __virt_addr_valid+0x1db/0x2d0 [ 11.576985] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.577006] ? kasan_addr_to_slab+0x11/0xa0 [ 11.577072] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.577094] kasan_report+0x141/0x180 [ 11.577115] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.577142] __asan_report_store1_noabort+0x1b/0x30 [ 11.577166] kmalloc_large_oob_right+0x2e9/0x330 [ 11.577187] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.577211] ? __schedule+0x10cc/0x2b60 [ 11.577232] ? __pfx_read_tsc+0x10/0x10 [ 11.577253] ? ktime_get_ts64+0x86/0x230 [ 11.577288] kunit_try_run_case+0x1a5/0x480 [ 11.577313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.577334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.577357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.577379] ? __kthread_parkme+0x82/0x180 [ 11.577400] ? preempt_count_sub+0x50/0x80 [ 11.577423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.577458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.577481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.577504] kthread+0x337/0x6f0 [ 11.577522] ? trace_preempt_on+0x20/0xc0 [ 11.577544] ? __pfx_kthread+0x10/0x10 [ 11.577564] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.577584] ? calculate_sigpending+0x7b/0xa0 [ 11.577607] ? __pfx_kthread+0x10/0x10 [ 11.577627] ret_from_fork+0x116/0x1d0 [ 11.577645] ? __pfx_kthread+0x10/0x10 [ 11.577665] ret_from_fork_asm+0x1a/0x30 [ 11.577695] </TASK> [ 11.577704] [ 11.591248] The buggy address belongs to the physical page: [ 11.591624] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a4 [ 11.591957] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.592697] flags: 0x200000000000040(head|node=0|zone=2) [ 11.593454] page_type: f8(unknown) [ 11.593589] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.593822] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.594072] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.594885] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.595781] head: 0200000000000002 ffffea00040a2901 00000000ffffffff 00000000ffffffff [ 11.596592] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.597445] page dumped because: kasan: bad access detected [ 11.597899] [ 11.597969] Memory state around the buggy address: [ 11.598188] ffff8881028a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.598962] ffff8881028a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.599770] >ffff8881028a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.600222] ^ [ 11.600552] ffff8881028a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.600928] ffff8881028a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.601434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.540135] ================================================================== [ 11.540660] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.540997] Write of size 1 at addr ffff888102925f00 by task kunit_try_catch/163 [ 11.541399] [ 11.541532] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.541574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.541585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.541604] Call Trace: [ 11.541616] <TASK> [ 11.541629] dump_stack_lvl+0x73/0xb0 [ 11.541656] print_report+0xd1/0x610 [ 11.541676] ? __virt_addr_valid+0x1db/0x2d0 [ 11.541719] ? kmalloc_big_oob_right+0x316/0x370 [ 11.541754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.541776] ? kmalloc_big_oob_right+0x316/0x370 [ 11.541812] kasan_report+0x141/0x180 [ 11.541833] ? kmalloc_big_oob_right+0x316/0x370 [ 11.541859] __asan_report_store1_noabort+0x1b/0x30 [ 11.541883] kmalloc_big_oob_right+0x316/0x370 [ 11.541905] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.541928] ? __schedule+0x10cc/0x2b60 [ 11.541949] ? __pfx_read_tsc+0x10/0x10 [ 11.541968] ? ktime_get_ts64+0x86/0x230 [ 11.541991] kunit_try_run_case+0x1a5/0x480 [ 11.542026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.542048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.542070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.542093] ? __kthread_parkme+0x82/0x180 [ 11.542112] ? preempt_count_sub+0x50/0x80 [ 11.542134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.542157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.542196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.542220] kthread+0x337/0x6f0 [ 11.542251] ? trace_preempt_on+0x20/0xc0 [ 11.542284] ? __pfx_kthread+0x10/0x10 [ 11.542303] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.542323] ? calculate_sigpending+0x7b/0xa0 [ 11.542346] ? __pfx_kthread+0x10/0x10 [ 11.542366] ret_from_fork+0x116/0x1d0 [ 11.542384] ? __pfx_kthread+0x10/0x10 [ 11.542403] ret_from_fork_asm+0x1a/0x30 [ 11.542432] </TASK> [ 11.542441] [ 11.550844] Allocated by task 163: [ 11.551022] kasan_save_stack+0x45/0x70 [ 11.551334] kasan_save_track+0x18/0x40 [ 11.551656] kasan_save_alloc_info+0x3b/0x50 [ 11.551873] __kasan_kmalloc+0xb7/0xc0 [ 11.552053] __kmalloc_cache_noprof+0x189/0x420 [ 11.552285] kmalloc_big_oob_right+0xa9/0x370 [ 11.552565] kunit_try_run_case+0x1a5/0x480 [ 11.552764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.553050] kthread+0x337/0x6f0 [ 11.553223] ret_from_fork+0x116/0x1d0 [ 11.553366] ret_from_fork_asm+0x1a/0x30 [ 11.553506] [ 11.553576] The buggy address belongs to the object at ffff888102924000 [ 11.553576] which belongs to the cache kmalloc-8k of size 8192 [ 11.554363] The buggy address is located 0 bytes to the right of [ 11.554363] allocated 7936-byte region [ffff888102924000, ffff888102925f00) [ 11.554773] [ 11.554845] The buggy address belongs to the physical page: [ 11.555336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102920 [ 11.555955] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.556759] flags: 0x200000000000040(head|node=0|zone=2) [ 11.556946] page_type: f5(slab) [ 11.558197] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.559055] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.559891] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.560141] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.560882] head: 0200000000000003 ffffea00040a4801 00000000ffffffff 00000000ffffffff [ 11.561793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.562747] page dumped because: kasan: bad access detected [ 11.563398] [ 11.563766] Memory state around the buggy address: [ 11.563937] ffff888102925e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.564833] ffff888102925e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.565664] >ffff888102925f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.566098] ^ [ 11.566520] ffff888102925f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.567071] ffff888102926000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.567700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.509951] ================================================================== [ 11.510485] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.510979] Write of size 1 at addr ffff8881029ce078 by task kunit_try_catch/161 [ 11.511773] [ 11.512069] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.512118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.512130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.512150] Call Trace: [ 11.512162] <TASK> [ 11.512177] dump_stack_lvl+0x73/0xb0 [ 11.512240] print_report+0xd1/0x610 [ 11.512262] ? __virt_addr_valid+0x1db/0x2d0 [ 11.512295] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.512318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.512340] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.512364] kasan_report+0x141/0x180 [ 11.512385] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.512414] __asan_report_store1_noabort+0x1b/0x30 [ 11.512457] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.512481] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.512506] ? __schedule+0x10cc/0x2b60 [ 11.512528] ? __pfx_read_tsc+0x10/0x10 [ 11.512547] ? ktime_get_ts64+0x86/0x230 [ 11.512571] kunit_try_run_case+0x1a5/0x480 [ 11.512594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.512616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.512638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.512661] ? __kthread_parkme+0x82/0x180 [ 11.512679] ? preempt_count_sub+0x50/0x80 [ 11.512702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.512725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.512747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.512770] kthread+0x337/0x6f0 [ 11.512788] ? trace_preempt_on+0x20/0xc0 [ 11.512810] ? __pfx_kthread+0x10/0x10 [ 11.512829] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.512849] ? calculate_sigpending+0x7b/0xa0 [ 11.512872] ? __pfx_kthread+0x10/0x10 [ 11.512892] ret_from_fork+0x116/0x1d0 [ 11.512910] ? __pfx_kthread+0x10/0x10 [ 11.512938] ret_from_fork_asm+0x1a/0x30 [ 11.512967] </TASK> [ 11.512976] [ 11.524579] Allocated by task 161: [ 11.524747] kasan_save_stack+0x45/0x70 [ 11.524940] kasan_save_track+0x18/0x40 [ 11.525387] kasan_save_alloc_info+0x3b/0x50 [ 11.525803] __kasan_kmalloc+0xb7/0xc0 [ 11.526098] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.526630] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.527028] kunit_try_run_case+0x1a5/0x480 [ 11.527240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.527738] kthread+0x337/0x6f0 [ 11.527952] ret_from_fork+0x116/0x1d0 [ 11.528286] ret_from_fork_asm+0x1a/0x30 [ 11.528680] [ 11.528780] The buggy address belongs to the object at ffff8881029ce000 [ 11.528780] which belongs to the cache kmalloc-128 of size 128 [ 11.529800] The buggy address is located 0 bytes to the right of [ 11.529800] allocated 120-byte region [ffff8881029ce000, ffff8881029ce078) [ 11.530730] [ 11.530847] The buggy address belongs to the physical page: [ 11.531363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 11.531866] flags: 0x200000000000000(node=0|zone=2) [ 11.532263] page_type: f5(slab) [ 11.532433] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.532752] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.533308] page dumped because: kasan: bad access detected [ 11.533736] [ 11.533832] Memory state around the buggy address: [ 11.534319] ffff8881029cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.534775] ffff8881029cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.535332] >ffff8881029ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.535826] ^ [ 11.536424] ffff8881029ce080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.536722] ffff8881029ce100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.537011] ================================================================== [ 11.476797] ================================================================== [ 11.477630] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.477897] Write of size 1 at addr ffff8881029c3f78 by task kunit_try_catch/161 [ 11.478122] [ 11.478206] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.478247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.478257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.478287] Call Trace: [ 11.478300] <TASK> [ 11.478315] dump_stack_lvl+0x73/0xb0 [ 11.478344] print_report+0xd1/0x610 [ 11.478364] ? __virt_addr_valid+0x1db/0x2d0 [ 11.478387] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.478411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.478433] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.478460] kasan_report+0x141/0x180 [ 11.478483] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.478514] __asan_report_store1_noabort+0x1b/0x30 [ 11.478538] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.478562] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.478589] ? __schedule+0x10cc/0x2b60 [ 11.478610] ? __pfx_read_tsc+0x10/0x10 [ 11.478631] ? ktime_get_ts64+0x86/0x230 [ 11.478655] kunit_try_run_case+0x1a5/0x480 [ 11.478680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.478704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.478726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.478749] ? __kthread_parkme+0x82/0x180 [ 11.478769] ? preempt_count_sub+0x50/0x80 [ 11.478793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.478815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.478839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.478862] kthread+0x337/0x6f0 [ 11.478880] ? trace_preempt_on+0x20/0xc0 [ 11.478902] ? __pfx_kthread+0x10/0x10 [ 11.478921] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.478941] ? calculate_sigpending+0x7b/0xa0 [ 11.478965] ? __pfx_kthread+0x10/0x10 [ 11.478985] ret_from_fork+0x116/0x1d0 [ 11.479004] ? __pfx_kthread+0x10/0x10 [ 11.479023] ret_from_fork_asm+0x1a/0x30 [ 11.479053] </TASK> [ 11.479062] [ 11.496353] Allocated by task 161: [ 11.496754] kasan_save_stack+0x45/0x70 [ 11.497106] kasan_save_track+0x18/0x40 [ 11.497556] kasan_save_alloc_info+0x3b/0x50 [ 11.497783] __kasan_kmalloc+0xb7/0xc0 [ 11.497956] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.498202] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.498800] kunit_try_run_case+0x1a5/0x480 [ 11.499139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.499380] kthread+0x337/0x6f0 [ 11.499526] ret_from_fork+0x116/0x1d0 [ 11.499695] ret_from_fork_asm+0x1a/0x30 [ 11.499869] [ 11.499958] The buggy address belongs to the object at ffff8881029c3f00 [ 11.499958] which belongs to the cache kmalloc-128 of size 128 [ 11.500421] The buggy address is located 0 bytes to the right of [ 11.500421] allocated 120-byte region [ffff8881029c3f00, ffff8881029c3f78) [ 11.500894] [ 11.500991] The buggy address belongs to the physical page: [ 11.501225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.502143] flags: 0x200000000000000(node=0|zone=2) [ 11.502613] page_type: f5(slab) [ 11.503047] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.503718] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.504183] page dumped because: kasan: bad access detected [ 11.504647] [ 11.504911] Memory state around the buggy address: [ 11.505262] ffff8881029c3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.505851] ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.506599] >ffff8881029c3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.506908] ^ [ 11.507419] ffff8881029c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.508090] ffff8881029c4000: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 11.508553] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.452236] ================================================================== [ 11.452841] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.453211] Read of size 1 at addr ffff888102b11000 by task kunit_try_catch/159 [ 11.453575] [ 11.453680] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.453724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.453734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.453754] Call Trace: [ 11.453764] <TASK> [ 11.453778] dump_stack_lvl+0x73/0xb0 [ 11.453803] print_report+0xd1/0x610 [ 11.453824] ? __virt_addr_valid+0x1db/0x2d0 [ 11.453844] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.453867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.453936] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.453959] kasan_report+0x141/0x180 [ 11.453987] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.454014] __asan_report_load1_noabort+0x18/0x20 [ 11.454037] kmalloc_node_oob_right+0x369/0x3c0 [ 11.454061] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.454115] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.454143] kunit_try_run_case+0x1a5/0x480 [ 11.454165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.454187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.454209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.454231] ? __kthread_parkme+0x82/0x180 [ 11.454250] ? preempt_count_sub+0x50/0x80 [ 11.454281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.454321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.454344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.454367] kthread+0x337/0x6f0 [ 11.454385] ? trace_preempt_on+0x20/0xc0 [ 11.454407] ? __pfx_kthread+0x10/0x10 [ 11.454426] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.454446] ? calculate_sigpending+0x7b/0xa0 [ 11.454468] ? __pfx_kthread+0x10/0x10 [ 11.454498] ret_from_fork+0x116/0x1d0 [ 11.454516] ? __pfx_kthread+0x10/0x10 [ 11.454535] ret_from_fork_asm+0x1a/0x30 [ 11.454577] </TASK> [ 11.454586] [ 11.462156] Allocated by task 159: [ 11.462292] kasan_save_stack+0x45/0x70 [ 11.462432] kasan_save_track+0x18/0x40 [ 11.462565] kasan_save_alloc_info+0x3b/0x50 [ 11.462904] __kasan_kmalloc+0xb7/0xc0 [ 11.463319] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.463644] kmalloc_node_oob_right+0xab/0x3c0 [ 11.463873] kunit_try_run_case+0x1a5/0x480 [ 11.464076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.464401] kthread+0x337/0x6f0 [ 11.464676] ret_from_fork+0x116/0x1d0 [ 11.464809] ret_from_fork_asm+0x1a/0x30 [ 11.465012] [ 11.465104] The buggy address belongs to the object at ffff888102b10000 [ 11.465104] which belongs to the cache kmalloc-4k of size 4096 [ 11.465662] The buggy address is located 0 bytes to the right of [ 11.465662] allocated 4096-byte region [ffff888102b10000, ffff888102b11000) [ 11.466365] [ 11.466483] The buggy address belongs to the physical page: [ 11.466797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 11.467324] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.467726] flags: 0x200000000000040(head|node=0|zone=2) [ 11.468032] page_type: f5(slab) [ 11.468337] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.468754] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.469158] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.469404] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.469637] head: 0200000000000003 ffffea00040ac401 00000000ffffffff 00000000ffffffff [ 11.469869] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.470204] page dumped because: kasan: bad access detected [ 11.470622] [ 11.470714] Memory state around the buggy address: [ 11.470932] ffff888102b10f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.471244] ffff888102b10f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.471561] >ffff888102b11000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.471773] ^ [ 11.471887] ffff888102b11080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.472102] ffff888102b11100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.472567] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.427598] ================================================================== [ 11.428159] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.428468] Read of size 1 at addr ffff8881025c747f by task kunit_try_catch/157 [ 11.428766] [ 11.428880] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.428930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.428941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.428963] Call Trace: [ 11.428975] <TASK> [ 11.428993] dump_stack_lvl+0x73/0xb0 [ 11.429023] print_report+0xd1/0x610 [ 11.429044] ? __virt_addr_valid+0x1db/0x2d0 [ 11.429067] ? kmalloc_oob_left+0x361/0x3c0 [ 11.429088] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.429110] ? kmalloc_oob_left+0x361/0x3c0 [ 11.429131] kasan_report+0x141/0x180 [ 11.429152] ? kmalloc_oob_left+0x361/0x3c0 [ 11.429177] __asan_report_load1_noabort+0x18/0x20 [ 11.429201] kmalloc_oob_left+0x361/0x3c0 [ 11.429222] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.429243] ? __schedule+0x10cc/0x2b60 [ 11.429490] ? __pfx_read_tsc+0x10/0x10 [ 11.429533] ? ktime_get_ts64+0x86/0x230 [ 11.429558] kunit_try_run_case+0x1a5/0x480 [ 11.429585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.429618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.429642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.429665] ? __kthread_parkme+0x82/0x180 [ 11.429684] ? preempt_count_sub+0x50/0x80 [ 11.429708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.429730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.429753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.429777] kthread+0x337/0x6f0 [ 11.429795] ? trace_preempt_on+0x20/0xc0 [ 11.429818] ? __pfx_kthread+0x10/0x10 [ 11.429837] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.429858] ? calculate_sigpending+0x7b/0xa0 [ 11.429882] ? __pfx_kthread+0x10/0x10 [ 11.429902] ret_from_fork+0x116/0x1d0 [ 11.429921] ? __pfx_kthread+0x10/0x10 [ 11.429940] ret_from_fork_asm+0x1a/0x30 [ 11.429970] </TASK> [ 11.429980] [ 11.437864] Allocated by task 1: [ 11.438036] kasan_save_stack+0x45/0x70 [ 11.438337] kasan_save_track+0x18/0x40 [ 11.438502] kasan_save_alloc_info+0x3b/0x50 [ 11.438652] __kasan_kmalloc+0xb7/0xc0 [ 11.438783] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.439130] kstrdup+0x3e/0xa0 [ 11.439306] kstrdup_const+0x2c/0x40 [ 11.439512] __kernfs_new_node+0xa7/0x6d0 [ 11.439715] kernfs_new_node+0x140/0x1e0 [ 11.439885] kernfs_create_dir_ns+0x30/0x140 [ 11.440254] sysfs_create_dir_ns+0x130/0x290 [ 11.440480] kobject_add_internal+0x222/0x9b0 [ 11.440710] kobject_init_and_add+0xf1/0x160 [ 11.440921] sysfs_slab_add+0x19a/0x1f0 [ 11.441115] slab_sysfs_init+0x76/0x110 [ 11.441396] do_one_initcall+0xd8/0x370 [ 11.441613] kernel_init_freeable+0x420/0x6f0 [ 11.441806] kernel_init+0x23/0x1e0 [ 11.442062] ret_from_fork+0x116/0x1d0 [ 11.442246] ret_from_fork_asm+0x1a/0x30 [ 11.442452] [ 11.442572] The buggy address belongs to the object at ffff8881025c7460 [ 11.442572] which belongs to the cache kmalloc-16 of size 16 [ 11.442942] The buggy address is located 19 bytes to the right of [ 11.442942] allocated 12-byte region [ffff8881025c7460, ffff8881025c746c) [ 11.443518] [ 11.443632] The buggy address belongs to the physical page: [ 11.443885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 11.444426] flags: 0x200000000000000(node=0|zone=2) [ 11.444677] page_type: f5(slab) [ 11.444844] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.445145] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.445426] page dumped because: kasan: bad access detected [ 11.445640] [ 11.445731] Memory state around the buggy address: [ 11.445957] ffff8881025c7300: 00 06 fc fc 00 00 fc fc 00 02 fc fc 00 02 fc fc [ 11.446356] ffff8881025c7380: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 11.446703] >ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 11.447065] ^ [ 11.447385] ffff8881025c7480: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.447706] ffff8881025c7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.448174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.335711] ================================================================== [ 11.336720] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.337768] Write of size 1 at addr ffff8881029c3e73 by task kunit_try_catch/155 [ 11.338575] [ 11.339719] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.340072] Tainted: [N]=TEST [ 11.340106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.340330] Call Trace: [ 11.340399] <TASK> [ 11.340553] dump_stack_lvl+0x73/0xb0 [ 11.340643] print_report+0xd1/0x610 [ 11.340672] ? __virt_addr_valid+0x1db/0x2d0 [ 11.340696] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.340739] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340760] kasan_report+0x141/0x180 [ 11.340781] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.340807] __asan_report_store1_noabort+0x1b/0x30 [ 11.340832] kmalloc_oob_right+0x6f0/0x7f0 [ 11.340854] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.340877] ? __schedule+0x10cc/0x2b60 [ 11.340900] ? __pfx_read_tsc+0x10/0x10 [ 11.340933] ? ktime_get_ts64+0x86/0x230 [ 11.340959] kunit_try_run_case+0x1a5/0x480 [ 11.340985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.341031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.341054] ? __kthread_parkme+0x82/0x180 [ 11.341075] ? preempt_count_sub+0x50/0x80 [ 11.341099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.341145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.341168] kthread+0x337/0x6f0 [ 11.341188] ? trace_preempt_on+0x20/0xc0 [ 11.341212] ? __pfx_kthread+0x10/0x10 [ 11.341231] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.341252] ? calculate_sigpending+0x7b/0xa0 [ 11.341287] ? __pfx_kthread+0x10/0x10 [ 11.341308] ret_from_fork+0x116/0x1d0 [ 11.341326] ? __pfx_kthread+0x10/0x10 [ 11.341345] ret_from_fork_asm+0x1a/0x30 [ 11.341399] </TASK> [ 11.341477] [ 11.353219] Allocated by task 155: [ 11.353504] kasan_save_stack+0x45/0x70 [ 11.353907] kasan_save_track+0x18/0x40 [ 11.354335] kasan_save_alloc_info+0x3b/0x50 [ 11.354808] __kasan_kmalloc+0xb7/0xc0 [ 11.355199] __kmalloc_cache_noprof+0x189/0x420 [ 11.355661] kmalloc_oob_right+0xa9/0x7f0 [ 11.356154] kunit_try_run_case+0x1a5/0x480 [ 11.356661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.356862] kthread+0x337/0x6f0 [ 11.357229] ret_from_fork+0x116/0x1d0 [ 11.357666] ret_from_fork_asm+0x1a/0x30 [ 11.358021] [ 11.358323] The buggy address belongs to the object at ffff8881029c3e00 [ 11.358323] which belongs to the cache kmalloc-128 of size 128 [ 11.358950] The buggy address is located 0 bytes to the right of [ 11.358950] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.359784] [ 11.359932] The buggy address belongs to the physical page: [ 11.360457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.361665] flags: 0x200000000000000(node=0|zone=2) [ 11.362519] page_type: f5(slab) [ 11.363201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.363981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.364625] page dumped because: kasan: bad access detected [ 11.365127] [ 11.365401] Memory state around the buggy address: [ 11.366057] ffff8881029c3d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.366611] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.367134] >ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.367821] ^ [ 11.368330] ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.368823] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.369284] ================================================================== [ 11.401735] ================================================================== [ 11.402490] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.403133] Read of size 1 at addr ffff8881029c3e80 by task kunit_try_catch/155 [ 11.403529] [ 11.403728] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.403768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.403779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.403817] Call Trace: [ 11.403832] <TASK> [ 11.403845] dump_stack_lvl+0x73/0xb0 [ 11.403871] print_report+0xd1/0x610 [ 11.403903] ? __virt_addr_valid+0x1db/0x2d0 [ 11.403923] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.403944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.403965] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.403986] kasan_report+0x141/0x180 [ 11.404007] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.404033] __asan_report_load1_noabort+0x18/0x20 [ 11.404056] kmalloc_oob_right+0x68a/0x7f0 [ 11.404078] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.404100] ? __schedule+0x10cc/0x2b60 [ 11.404334] ? __pfx_read_tsc+0x10/0x10 [ 11.404353] ? ktime_get_ts64+0x86/0x230 [ 11.404378] kunit_try_run_case+0x1a5/0x480 [ 11.404410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.404432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.404454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.404487] ? __kthread_parkme+0x82/0x180 [ 11.404506] ? preempt_count_sub+0x50/0x80 [ 11.404529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.404553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.404576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.404599] kthread+0x337/0x6f0 [ 11.404617] ? trace_preempt_on+0x20/0xc0 [ 11.404639] ? __pfx_kthread+0x10/0x10 [ 11.404658] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.404678] ? calculate_sigpending+0x7b/0xa0 [ 11.404701] ? __pfx_kthread+0x10/0x10 [ 11.404722] ret_from_fork+0x116/0x1d0 [ 11.404739] ? __pfx_kthread+0x10/0x10 [ 11.404758] ret_from_fork_asm+0x1a/0x30 [ 11.404788] </TASK> [ 11.404798] [ 11.414236] Allocated by task 155: [ 11.414484] kasan_save_stack+0x45/0x70 [ 11.414688] kasan_save_track+0x18/0x40 [ 11.414876] kasan_save_alloc_info+0x3b/0x50 [ 11.415094] __kasan_kmalloc+0xb7/0xc0 [ 11.415475] __kmalloc_cache_noprof+0x189/0x420 [ 11.415689] kmalloc_oob_right+0xa9/0x7f0 [ 11.415887] kunit_try_run_case+0x1a5/0x480 [ 11.416090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.416416] kthread+0x337/0x6f0 [ 11.416613] ret_from_fork+0x116/0x1d0 [ 11.416810] ret_from_fork_asm+0x1a/0x30 [ 11.416995] [ 11.417087] The buggy address belongs to the object at ffff8881029c3e00 [ 11.417087] which belongs to the cache kmalloc-128 of size 128 [ 11.417565] The buggy address is located 13 bytes to the right of [ 11.417565] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.417940] [ 11.418017] The buggy address belongs to the physical page: [ 11.418272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.418936] flags: 0x200000000000000(node=0|zone=2) [ 11.419169] page_type: f5(slab) [ 11.419413] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.419766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.420156] page dumped because: kasan: bad access detected [ 11.420349] [ 11.420418] Memory state around the buggy address: [ 11.420587] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.420888] ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.421405] >ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.421730] ^ [ 11.421874] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422345] ffff8881029c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422848] ================================================================== [ 11.370925] ================================================================== [ 11.371687] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.372168] Write of size 1 at addr ffff8881029c3e78 by task kunit_try_catch/155 [ 11.372769] [ 11.372870] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.372911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.372931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.372951] Call Trace: [ 11.372962] <TASK> [ 11.372976] dump_stack_lvl+0x73/0xb0 [ 11.373002] print_report+0xd1/0x610 [ 11.373022] ? __virt_addr_valid+0x1db/0x2d0 [ 11.373044] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.373086] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373107] kasan_report+0x141/0x180 [ 11.373128] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.373154] __asan_report_store1_noabort+0x1b/0x30 [ 11.373178] kmalloc_oob_right+0x6bd/0x7f0 [ 11.373200] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.373221] ? __schedule+0x10cc/0x2b60 [ 11.373242] ? __pfx_read_tsc+0x10/0x10 [ 11.373261] ? ktime_get_ts64+0x86/0x230 [ 11.373294] kunit_try_run_case+0x1a5/0x480 [ 11.373317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.373360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.373383] ? __kthread_parkme+0x82/0x180 [ 11.373401] ? preempt_count_sub+0x50/0x80 [ 11.373424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.373491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.373514] kthread+0x337/0x6f0 [ 11.373543] ? trace_preempt_on+0x20/0xc0 [ 11.373566] ? __pfx_kthread+0x10/0x10 [ 11.373596] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.373746] ? calculate_sigpending+0x7b/0xa0 [ 11.373780] ? __pfx_kthread+0x10/0x10 [ 11.373800] ret_from_fork+0x116/0x1d0 [ 11.373817] ? __pfx_kthread+0x10/0x10 [ 11.373836] ret_from_fork_asm+0x1a/0x30 [ 11.373866] </TASK> [ 11.373876] [ 11.387029] Allocated by task 155: [ 11.387190] kasan_save_stack+0x45/0x70 [ 11.387590] kasan_save_track+0x18/0x40 [ 11.388073] kasan_save_alloc_info+0x3b/0x50 [ 11.388490] __kasan_kmalloc+0xb7/0xc0 [ 11.388839] __kmalloc_cache_noprof+0x189/0x420 [ 11.389309] kmalloc_oob_right+0xa9/0x7f0 [ 11.389651] kunit_try_run_case+0x1a5/0x480 [ 11.389824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.390237] kthread+0x337/0x6f0 [ 11.390666] ret_from_fork+0x116/0x1d0 [ 11.390945] ret_from_fork_asm+0x1a/0x30 [ 11.391392] [ 11.391608] The buggy address belongs to the object at ffff8881029c3e00 [ 11.391608] which belongs to the cache kmalloc-128 of size 128 [ 11.392491] The buggy address is located 5 bytes to the right of [ 11.392491] allocated 115-byte region [ffff8881029c3e00, ffff8881029c3e73) [ 11.393039] [ 11.393113] The buggy address belongs to the physical page: [ 11.393294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c3 [ 11.394340] flags: 0x200000000000000(node=0|zone=2) [ 11.394893] page_type: f5(slab) [ 11.395195] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.396041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.396830] page dumped because: kasan: bad access detected [ 11.397010] [ 11.397081] Memory state around the buggy address: [ 11.397348] ffff8881029c3d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.398068] ffff8881029c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.398725] >ffff8881029c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.399538] ^ [ 11.400167] ffff8881029c3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.400452] ffff8881029c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.400856] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.539842] WARNING: CPU: 0 PID: 2767 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.540803] Modules linked in: [ 141.541256] CPU: 0 UID: 0 PID: 2767 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.541794] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.542393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.542921] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.543488] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.544530] RSP: 0000:ffff8881042e7c78 EFLAGS: 00010286 [ 141.544938] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.545476] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff86233c34 [ 141.545918] RBP: ffff8881042e7ca0 R08: 0000000000000000 R09: ffffed10204ecc20 [ 141.546472] R10: ffff888102766107 R11: 0000000000000000 R12: ffffffff86233c20 [ 141.546928] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881042e7d38 [ 141.547476] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 141.547973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.548571] CR2: 00007ffff7ffe000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 141.548949] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 141.549625] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.549946] Call Trace: [ 141.550336] <TASK> [ 141.550474] drm_test_rect_calc_vscale+0x108/0x270 [ 141.550805] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.551174] ? __schedule+0x10cc/0x2b60 [ 141.551381] ? __pfx_read_tsc+0x10/0x10 [ 141.551585] ? ktime_get_ts64+0x86/0x230 [ 141.551797] kunit_try_run_case+0x1a5/0x480 [ 141.552498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.552731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.553131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.553661] ? __kthread_parkme+0x82/0x180 [ 141.553985] ? preempt_count_sub+0x50/0x80 [ 141.554649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.554898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.555501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.555768] kthread+0x337/0x6f0 [ 141.556089] ? trace_preempt_on+0x20/0xc0 [ 141.556482] ? __pfx_kthread+0x10/0x10 [ 141.556669] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.556886] ? calculate_sigpending+0x7b/0xa0 [ 141.557459] ? __pfx_kthread+0x10/0x10 [ 141.557681] ret_from_fork+0x116/0x1d0 [ 141.558155] ? __pfx_kthread+0x10/0x10 [ 141.558366] ret_from_fork_asm+0x1a/0x30 [ 141.558725] </TASK> [ 141.558889] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.520429] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.520837] Modules linked in: [ 141.521008] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.521912] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.522232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.522670] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.522928] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.523717] RSP: 0000:ffff88810122fc78 EFLAGS: 00010286 [ 141.524115] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.524388] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff86233bfc [ 141.524689] RBP: ffff88810122fca0 R08: 0000000000000000 R09: ffffed102112ff20 [ 141.524997] R10: ffff88810897f907 R11: 0000000000000000 R12: ffffffff86233be8 [ 141.525473] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810122fd38 [ 141.525811] FS: 0000000000000000(0000) GS:ffff8881d2f72000(0000) knlGS:0000000000000000 [ 141.526085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.526467] CR2: ffffffffffffffff CR3: 00000000542bc000 CR4: 00000000000006f0 [ 141.526781] DR0: ffffffff88252444 DR1: ffffffff88252449 DR2: ffffffff8825244a [ 141.527191] DR3: ffffffff8825244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.527454] Call Trace: [ 141.527598] <TASK> [ 141.527732] drm_test_rect_calc_vscale+0x108/0x270 [ 141.527962] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.528415] ? __schedule+0x10cc/0x2b60 [ 141.528576] ? __pfx_read_tsc+0x10/0x10 [ 141.528734] ? ktime_get_ts64+0x86/0x230 [ 141.528957] kunit_try_run_case+0x1a5/0x480 [ 141.529246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.529701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.529949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.530800] ? __kthread_parkme+0x82/0x180 [ 141.531264] ? preempt_count_sub+0x50/0x80 [ 141.531599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.531948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.532411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.532831] kthread+0x337/0x6f0 [ 141.533441] ? trace_preempt_on+0x20/0xc0 [ 141.533663] ? __pfx_kthread+0x10/0x10 [ 141.533998] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.534263] ? calculate_sigpending+0x7b/0xa0 [ 141.534494] ? __pfx_kthread+0x10/0x10 [ 141.534689] ret_from_fork+0x116/0x1d0 [ 141.534889] ? __pfx_kthread+0x10/0x10 [ 141.535468] ret_from_fork_asm+0x1a/0x30 [ 141.535771] </TASK> [ 141.536000] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.489727] WARNING: CPU: 0 PID: 2755 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.490472] Modules linked in: [ 141.490751] CPU: 0 UID: 0 PID: 2755 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.491491] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.491724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.492275] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.492501] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e3 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.493443] RSP: 0000:ffff888103737c78 EFLAGS: 00010286 [ 141.493840] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.494150] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff86233c38 [ 141.494529] RBP: ffff888103737ca0 R08: 0000000000000000 R09: ffffed102018c2a0 [ 141.494959] R10: ffff888100c61507 R11: 0000000000000000 R12: ffffffff86233c20 [ 141.495721] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103737d38 [ 141.496231] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 141.496577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.496964] CR2: 00007ffff7ffe000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 141.497510] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 141.497824] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.498294] Call Trace: [ 141.498432] <TASK> [ 141.498576] drm_test_rect_calc_hscale+0x108/0x270 [ 141.499037] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.499384] ? __schedule+0x10cc/0x2b60 [ 141.499707] ? __pfx_read_tsc+0x10/0x10 [ 141.500016] ? ktime_get_ts64+0x86/0x230 [ 141.500320] kunit_try_run_case+0x1a5/0x480 [ 141.500520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.500731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.500956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.501678] ? __kthread_parkme+0x82/0x180 [ 141.501867] ? preempt_count_sub+0x50/0x80 [ 141.502647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.502908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.503410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.503827] kthread+0x337/0x6f0 [ 141.504192] ? trace_preempt_on+0x20/0xc0 [ 141.504562] ? __pfx_kthread+0x10/0x10 [ 141.504770] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.505216] ? calculate_sigpending+0x7b/0xa0 [ 141.505682] ? __pfx_kthread+0x10/0x10 [ 141.505904] ret_from_fork+0x116/0x1d0 [ 141.506357] ? __pfx_kthread+0x10/0x10 [ 141.506570] ret_from_fork_asm+0x1a/0x30 [ 141.506778] </TASK> [ 141.506891] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.465630] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.467242] Modules linked in: [ 141.467940] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.469227] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.469919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.470762] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.471663] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e3 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.473704] RSP: 0000:ffff88810122fc78 EFLAGS: 00010286 [ 141.473914] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.474710] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff86233c00 [ 141.475056] RBP: ffff88810122fca0 R08: 0000000000000000 R09: ffffed102112fe40 [ 141.475581] R10: ffff88810897f207 R11: 0000000000000000 R12: ffffffff86233be8 [ 141.475896] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810122fd38 [ 141.476460] FS: 0000000000000000(0000) GS:ffff8881d2f72000(0000) knlGS:0000000000000000 [ 141.476884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.477286] CR2: ffffffffffffffff CR3: 00000000542bc000 CR4: 00000000000006f0 [ 141.477604] DR0: ffffffff88252444 DR1: ffffffff88252449 DR2: ffffffff8825244a [ 141.477913] DR3: ffffffff8825244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.478542] Call Trace: [ 141.478674] <TASK> [ 141.478941] drm_test_rect_calc_hscale+0x108/0x270 [ 141.479414] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.479672] ? __schedule+0x10cc/0x2b60 [ 141.479959] ? __pfx_read_tsc+0x10/0x10 [ 141.480294] ? ktime_get_ts64+0x86/0x230 [ 141.480497] kunit_try_run_case+0x1a5/0x480 [ 141.480710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.480938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.481493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.481711] ? __kthread_parkme+0x82/0x180 [ 141.482099] ? preempt_count_sub+0x50/0x80 [ 141.482560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.482768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.483328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.483687] kthread+0x337/0x6f0 [ 141.483876] ? trace_preempt_on+0x20/0xc0 [ 141.484322] ? __pfx_kthread+0x10/0x10 [ 141.484474] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.484827] ? calculate_sigpending+0x7b/0xa0 [ 141.485226] ? __pfx_kthread+0x10/0x10 [ 141.485425] ret_from_fork+0x116/0x1d0 [ 141.485603] ? __pfx_kthread+0x10/0x10 [ 141.485777] ret_from_fork_asm+0x1a/0x30 [ 141.485984] </TASK> [ 141.486528] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.846123] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.846560] WARNING: CPU: 0 PID: 2570 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.847906] Modules linked in: [ 140.848275] CPU: 0 UID: 0 PID: 2570 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.848878] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.849418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.849915] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.850400] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 1e 86 4c 89 f2 48 c7 c7 a0 87 1e 86 48 89 c6 e8 74 b6 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.851354] RSP: 0000:ffff8881016bfd18 EFLAGS: 00010286 [ 140.851729] RAX: 0000000000000000 RBX: ffff888109c5c800 RCX: 1ffffffff0de4cf0 [ 140.852292] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.852711] RBP: ffff8881016bfd48 R08: 0000000000000000 R09: fffffbfff0de4cf0 [ 140.853220] R10: 0000000000000003 R11: 00000000000393b0 R12: ffff888101f3d000 [ 140.853511] R13: ffff888109c5c8f8 R14: ffff8881047fb800 R15: ffff88810039fb40 [ 140.854042] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 140.854545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.854931] CR2: 00007ffff7ffe000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 140.855398] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 140.855821] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.856237] Call Trace: [ 140.856555] <TASK> [ 140.856665] ? trace_preempt_on+0x20/0xc0 [ 140.857205] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.857695] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.858181] __kunit_action_free+0x57/0x70 [ 140.858505] kunit_remove_resource+0x133/0x200 [ 140.858843] ? preempt_count_sub+0x50/0x80 [ 140.859252] kunit_cleanup+0x7a/0x120 [ 140.859443] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.859864] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.860277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.860643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.861160] kthread+0x337/0x6f0 [ 140.861361] ? trace_preempt_on+0x20/0xc0 [ 140.861724] ? __pfx_kthread+0x10/0x10 [ 140.862236] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.862486] ? calculate_sigpending+0x7b/0xa0 [ 140.862812] ? __pfx_kthread+0x10/0x10 [ 140.863280] ret_from_fork+0x116/0x1d0 [ 140.863490] ? __pfx_kthread+0x10/0x10 [ 140.863723] ret_from_fork_asm+0x1a/0x30 [ 140.864149] </TASK> [ 140.864383] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.721731] WARNING: CPU: 1 PID: 2551 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 140.722485] Modules linked in: [ 140.722697] CPU: 1 UID: 0 PID: 2551 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.723235] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.723704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.724229] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 140.724541] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 140.725493] RSP: 0000:ffff888101ddfb20 EFLAGS: 00010246 [ 140.725754] RAX: ffff888101ddfba8 RBX: ffff888101ddfc28 RCX: 1ffff110203bbf8e [ 140.726390] RDX: dffffc0000000000 RSI: ffff888102203000 RDI: ffff888102203000 [ 140.726809] RBP: ffff888101ddfb70 R08: ffff888102203000 R09: ffffffff861d8e20 [ 140.727223] R10: 0000000000000003 R11: 0000000085c0a694 R12: 1ffff110203bbf71 [ 140.727550] R13: ffff888101ddfc70 R14: ffff888101ddfdb8 R15: 0000000000000000 [ 140.727880] FS: 0000000000000000(0000) GS:ffff8881d2f72000(0000) knlGS:0000000000000000 [ 140.728363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.728756] CR2: ffffffffffffffff CR3: 00000000542bc000 CR4: 00000000000006f0 [ 140.729161] DR0: ffffffff88252444 DR1: ffffffff88252449 DR2: ffffffff8825244a [ 140.729750] DR3: ffffffff8825244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.730250] Call Trace: [ 140.730399] <TASK> [ 140.730532] ? trace_preempt_on+0x20/0xc0 [ 140.730722] ? add_dr+0xc1/0x1d0 [ 140.730916] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.731293] ? add_dr+0x148/0x1d0 [ 140.731475] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.731878] ? __drmm_add_action+0x1a4/0x280 [ 140.732107] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.732480] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.732771] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.733423] ? __schedule+0x10cc/0x2b60 [ 140.733686] ? __pfx_read_tsc+0x10/0x10 [ 140.733860] ? ktime_get_ts64+0x86/0x230 [ 140.734210] kunit_try_run_case+0x1a5/0x480 [ 140.734641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.734905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.735201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.735416] ? __kthread_parkme+0x82/0x180 [ 140.735614] ? preempt_count_sub+0x50/0x80 [ 140.735831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.736214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.736469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.736855] kthread+0x337/0x6f0 [ 140.737080] ? trace_preempt_on+0x20/0xc0 [ 140.737271] ? __pfx_kthread+0x10/0x10 [ 140.737787] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.738179] ? calculate_sigpending+0x7b/0xa0 [ 140.738454] ? __pfx_kthread+0x10/0x10 [ 140.738643] ret_from_fork+0x116/0x1d0 [ 140.738823] ? __pfx_kthread+0x10/0x10 [ 140.739401] ret_from_fork_asm+0x1a/0x30 [ 140.739584] </TASK> [ 140.739806] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.685568] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.685694] WARNING: CPU: 1 PID: 2547 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.688141] Modules linked in: [ 140.688746] CPU: 1 UID: 0 PID: 2547 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.690067] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.690484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.690753] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.690948] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 1d 86 4c 89 fa 48 c7 c7 20 39 1d 86 48 89 c6 e8 f2 dc 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.691675] RSP: 0000:ffff888101d1fb68 EFLAGS: 00010282 [ 140.691880] RAX: 0000000000000000 RBX: ffff888101d1fc40 RCX: 1ffffffff0de4cf0 [ 140.692116] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.692849] RBP: ffff888101d1fb90 R08: 0000000000000000 R09: fffffbfff0de4cf0 [ 140.693442] R10: 0000000000000003 R11: 00000000000379a8 R12: ffff888101d1fc18 [ 140.693860] R13: ffff888101d22000 R14: ffff88810229f000 R15: ffff8881047c9000 [ 140.694486] FS: 0000000000000000(0000) GS:ffff8881d2f72000(0000) knlGS:0000000000000000 [ 140.694867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.695461] CR2: ffffffffffffffff CR3: 00000000542bc000 CR4: 00000000000006f0 [ 140.695798] DR0: ffffffff88252444 DR1: ffffffff88252449 DR2: ffffffff8825244a [ 140.696358] DR3: ffffffff8825244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.696853] Call Trace: [ 140.697302] <TASK> [ 140.697669] drm_test_framebuffer_free+0x1ab/0x610 [ 140.698273] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.698827] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.699388] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.700112] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.700666] ? __schedule+0x10cc/0x2b60 [ 140.701163] ? __pfx_read_tsc+0x10/0x10 [ 140.701338] ? ktime_get_ts64+0x86/0x230 [ 140.701484] kunit_try_run_case+0x1a5/0x480 [ 140.701638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.701816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.701981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.702699] ? __kthread_parkme+0x82/0x180 [ 140.703087] ? preempt_count_sub+0x50/0x80 [ 140.703418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.703740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.704346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.704625] kthread+0x337/0x6f0 [ 140.704908] ? trace_preempt_on+0x20/0xc0 [ 140.705349] ? __pfx_kthread+0x10/0x10 [ 140.705540] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.705728] ? calculate_sigpending+0x7b/0xa0 [ 140.705941] ? __pfx_kthread+0x10/0x10 [ 140.706451] ret_from_fork+0x116/0x1d0 [ 140.706655] ? __pfx_kthread+0x10/0x10 [ 140.706939] ret_from_fork_asm+0x1a/0x30 [ 140.707287] </TASK> [ 140.707603] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.410703] WARNING: CPU: 1 PID: 1977 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.411257] Modules linked in: [ 139.411746] CPU: 1 UID: 0 PID: 1977 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.412549] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.412728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.413157] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.413886] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 34 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.415032] RSP: 0000:ffff888103477c90 EFLAGS: 00010246 [ 139.415652] RAX: dffffc0000000000 RBX: ffff8881035c8000 RCX: 0000000000000000 [ 139.416814] RDX: 1ffff110206b9032 RSI: ffffffff83406998 RDI: ffff8881035c8190 [ 139.417392] RBP: ffff888103477ca0 R08: 1ffff11020073f69 R09: ffffed102068ef65 [ 139.417721] R10: 0000000000000003 R11: ffffffff81e049da R12: 0000000000000000 [ 139.418029] R13: ffff888103477d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.418466] FS: 0000000000000000(0000) GS:ffff8881d2f72000(0000) knlGS:0000000000000000 [ 139.418783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.419142] CR2: ffffffffffffffff CR3: 00000000542bc000 CR4: 00000000000006f0 [ 139.419659] DR0: ffffffff88252444 DR1: ffffffff88252449 DR2: ffffffff8825244a [ 139.420030] DR3: ffffffff8825244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.420442] Call Trace: [ 139.420808] <TASK> [ 139.420946] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.421436] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.422156] ? __schedule+0x10cc/0x2b60 [ 139.422366] ? __pfx_read_tsc+0x10/0x10 [ 139.422675] ? ktime_get_ts64+0x86/0x230 [ 139.422884] kunit_try_run_case+0x1a5/0x480 [ 139.423341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.423557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.423799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.424034] ? __kthread_parkme+0x82/0x180 [ 139.424375] ? preempt_count_sub+0x50/0x80 [ 139.424589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.424840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.425093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.425437] kthread+0x337/0x6f0 [ 139.425680] ? trace_preempt_on+0x20/0xc0 [ 139.425937] ? __pfx_kthread+0x10/0x10 [ 139.426153] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.426386] ? calculate_sigpending+0x7b/0xa0 [ 139.426685] ? __pfx_kthread+0x10/0x10 [ 139.426916] ret_from_fork+0x116/0x1d0 [ 139.427334] ? __pfx_kthread+0x10/0x10 [ 139.427567] ret_from_fork_asm+0x1a/0x30 [ 139.427787] </TASK> [ 139.427916] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.484567] WARNING: CPU: 0 PID: 1985 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.485156] Modules linked in: [ 139.485614] CPU: 0 UID: 0 PID: 1985 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.486394] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.486829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.487554] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.487860] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 34 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.488806] RSP: 0000:ffff8881039afc90 EFLAGS: 00010246 [ 139.489267] RAX: dffffc0000000000 RBX: ffff88810347a000 RCX: 0000000000000000 [ 139.489721] RDX: 1ffff1102068f432 RSI: ffffffff83406998 RDI: ffff88810347a190 [ 139.490243] RBP: ffff8881039afca0 R08: 1ffff11020073f69 R09: ffffed1020735f65 [ 139.490697] R10: 0000000000000003 R11: ffffffff829859b8 R12: 0000000000000000 [ 139.491219] R13: ffff8881039afd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.491662] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 139.492187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.492589] CR2: 00007ffff7ffe000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 139.492926] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 139.493485] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.493914] Call Trace: [ 139.494237] <TASK> [ 139.494513] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.494956] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.495446] ? __schedule+0x10cc/0x2b60 [ 139.495781] ? __pfx_read_tsc+0x10/0x10 [ 139.496305] ? ktime_get_ts64+0x86/0x230 [ 139.496524] kunit_try_run_case+0x1a5/0x480 [ 139.496849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.497258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.497484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.497682] ? __kthread_parkme+0x82/0x180 [ 139.497903] ? preempt_count_sub+0x50/0x80 [ 139.498413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.498747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.499334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.499639] kthread+0x337/0x6f0 [ 139.499824] ? trace_preempt_on+0x20/0xc0 [ 139.500219] ? __pfx_kthread+0x10/0x10 [ 139.500526] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.500840] ? calculate_sigpending+0x7b/0xa0 [ 139.501261] ? __pfx_kthread+0x10/0x10 [ 139.501457] ret_from_fork+0x116/0x1d0 [ 139.501644] ? __pfx_kthread+0x10/0x10 [ 139.501851] ret_from_fork_asm+0x1a/0x30 [ 139.502403] </TASK> [ 139.502535] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 109.423937] WARNING: CPU: 0 PID: 675 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 109.425021] Modules linked in: [ 109.425869] CPU: 0 UID: 0 PID: 675 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.426858] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 109.427379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.427840] RIP: 0010:intlog10+0x2a/0x40 [ 109.427997] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 109.429902] RSP: 0000:ffff8881088dfcb0 EFLAGS: 00010246 [ 109.430517] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102111bfb4 [ 109.431040] RDX: 1ffffffff0c12dc4 RSI: 1ffff1102111bfb3 RDI: 0000000000000000 [ 109.431498] RBP: ffff8881088dfd60 R08: 0000000000000000 R09: ffffed10208d8760 [ 109.431868] R10: ffff8881046c3b07 R11: 0000000000000000 R12: 1ffff1102111bf97 [ 109.432312] R13: ffffffff86096e20 R14: 0000000000000000 R15: ffff8881088dfd38 [ 109.433083] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 109.433952] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.434231] CR2: dffffc0000000000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 109.435031] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 109.435364] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.435591] Call Trace: [ 109.435692] <TASK> [ 109.435782] ? intlog10_test+0xf2/0x220 [ 109.435937] ? __pfx_intlog10_test+0x10/0x10 [ 109.436109] ? __schedule+0x10cc/0x2b60 [ 109.436253] ? __pfx_read_tsc+0x10/0x10 [ 109.436630] ? ktime_get_ts64+0x86/0x230 [ 109.436836] kunit_try_run_case+0x1a5/0x480 [ 109.437109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.437298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.437482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.437936] ? __kthread_parkme+0x82/0x180 [ 109.438127] ? preempt_count_sub+0x50/0x80 [ 109.438330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.438800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.439116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.439434] kthread+0x337/0x6f0 [ 109.439615] ? trace_preempt_on+0x20/0xc0 [ 109.439811] ? __pfx_kthread+0x10/0x10 [ 109.440019] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.440249] ? calculate_sigpending+0x7b/0xa0 [ 109.440471] ? __pfx_kthread+0x10/0x10 [ 109.440749] ret_from_fork+0x116/0x1d0 [ 109.440948] ? __pfx_kthread+0x10/0x10 [ 109.441209] ret_from_fork_asm+0x1a/0x30 [ 109.441382] </TASK> [ 109.441524] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 109.390068] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 109.390439] Modules linked in: [ 109.390621] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.391007] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 109.391166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.391544] RIP: 0010:intlog2+0xdf/0x110 [ 109.391861] Code: 09 86 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 b8 86 02 90 <0f> 0b 90 31 c0 e9 c7 b8 86 02 89 45 e4 e8 8f d6 55 ff 8b 45 e4 eb [ 109.392854] RSP: 0000:ffff8881089c7cb0 EFLAGS: 00010246 [ 109.393203] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021138fb4 [ 109.393497] RDX: 1ffffffff0c12e18 RSI: 1ffff11021138fb3 RDI: 0000000000000000 [ 109.393826] RBP: ffff8881089c7d60 R08: 0000000000000000 R09: ffffed10208d8620 [ 109.394236] R10: ffff8881046c3107 R11: 0000000000000000 R12: 1ffff11021138f97 [ 109.394523] R13: ffffffff860970c0 R14: 0000000000000000 R15: ffff8881089c7d38 [ 109.394824] FS: 0000000000000000(0000) GS:ffff8881d2e72000(0000) knlGS:0000000000000000 [ 109.395130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.395306] CR2: dffffc0000000000 CR3: 00000000542bc000 CR4: 00000000000006f0 [ 109.395649] DR0: ffffffff88252440 DR1: ffffffff88252441 DR2: ffffffff88252443 [ 109.395971] DR3: ffffffff88252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.396314] Call Trace: [ 109.396575] <TASK> [ 109.396738] ? intlog2_test+0xf2/0x220 [ 109.396946] ? __pfx_intlog2_test+0x10/0x10 [ 109.397247] ? __pfx_intlog2_test+0x10/0x10 [ 109.397435] kunit_try_run_case+0x1a5/0x480 [ 109.397703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.397888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.398163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.398397] ? __kthread_parkme+0x82/0x180 [ 109.398560] ? preempt_count_sub+0x50/0x80 [ 109.398709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.398883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.399139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.399493] kthread+0x337/0x6f0 [ 109.399619] ? trace_preempt_on+0x20/0xc0 [ 109.399765] ? __pfx_kthread+0x10/0x10 [ 109.400003] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.400261] ? calculate_sigpending+0x7b/0xa0 [ 109.400504] ? __pfx_kthread+0x10/0x10 [ 109.400822] ret_from_fork+0x116/0x1d0 [ 109.401054] ? __pfx_kthread+0x10/0x10 [ 109.401212] ret_from_fork_asm+0x1a/0x30 [ 109.401428] </TASK> [ 109.401553] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.151024] ================================================================== [ 49.151386] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.151386] [ 49.151813] Use-after-free read at 0x(____ptrval____) (in kfence-#135): [ 49.152082] test_krealloc+0x6fc/0xbe0 [ 49.152295] kunit_try_run_case+0x1a5/0x480 [ 49.152517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.152769] kthread+0x337/0x6f0 [ 49.152958] ret_from_fork+0x116/0x1d0 [ 49.153150] ret_from_fork_asm+0x1a/0x30 [ 49.153521] [ 49.153623] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.153623] [ 49.154333] allocated by task 356 on cpu 1 at 49.150328s (0.004003s ago): [ 49.154667] test_alloc+0x364/0x10f0 [ 49.154853] test_krealloc+0xad/0xbe0 [ 49.155274] kunit_try_run_case+0x1a5/0x480 [ 49.155631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.156079] kthread+0x337/0x6f0 [ 49.156270] ret_from_fork+0x116/0x1d0 [ 49.156446] ret_from_fork_asm+0x1a/0x30 [ 49.156620] [ 49.156720] freed by task 356 on cpu 1 at 49.150596s (0.006111s ago): [ 49.156982] krealloc_noprof+0x108/0x340 [ 49.157134] test_krealloc+0x226/0xbe0 [ 49.157266] kunit_try_run_case+0x1a5/0x480 [ 49.157477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.157744] kthread+0x337/0x6f0 [ 49.157877] ret_from_fork+0x116/0x1d0 [ 49.158050] ret_from_fork_asm+0x1a/0x30 [ 49.158332] [ 49.158456] CPU: 1 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.158879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.159093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.159351] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.262417] ================================================================== [ 18.262810] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.262810] [ 18.263107] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.263412] test_double_free+0x112/0x260 [ 18.263622] kunit_try_run_case+0x1a5/0x480 [ 18.263775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.264034] kthread+0x337/0x6f0 [ 18.264207] ret_from_fork+0x116/0x1d0 [ 18.264409] ret_from_fork_asm+0x1a/0x30 [ 18.264623] [ 18.264707] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.264707] [ 18.265051] allocated by task 324 on cpu 0 at 18.262255s (0.002795s ago): [ 18.265311] test_alloc+0x2a6/0x10f0 [ 18.265508] test_double_free+0xdb/0x260 [ 18.265715] kunit_try_run_case+0x1a5/0x480 [ 18.265905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.266124] kthread+0x337/0x6f0 [ 18.266245] ret_from_fork+0x116/0x1d0 [ 18.266389] ret_from_fork_asm+0x1a/0x30 [ 18.266585] [ 18.266680] freed by task 324 on cpu 0 at 18.262292s (0.004386s ago): [ 18.266981] test_double_free+0xfa/0x260 [ 18.267176] kunit_try_run_case+0x1a5/0x480 [ 18.267324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.267508] kthread+0x337/0x6f0 [ 18.267687] ret_from_fork+0x116/0x1d0 [ 18.267875] ret_from_fork_asm+0x1a/0x30 [ 18.268068] [ 18.268187] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.268693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.268881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.269217] ================================================================== [ 18.158469] ================================================================== [ 18.158938] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.158938] [ 18.159367] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.159640] test_double_free+0x1d3/0x260 [ 18.160006] kunit_try_run_case+0x1a5/0x480 [ 18.160333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160994] kthread+0x337/0x6f0 [ 18.161166] ret_from_fork+0x116/0x1d0 [ 18.161659] ret_from_fork_asm+0x1a/0x30 [ 18.161851] [ 18.161957] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.161957] [ 18.162360] allocated by task 322 on cpu 1 at 18.158224s (0.004133s ago): [ 18.162938] test_alloc+0x364/0x10f0 [ 18.163099] test_double_free+0xdb/0x260 [ 18.163458] kunit_try_run_case+0x1a5/0x480 [ 18.163795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.164111] kthread+0x337/0x6f0 [ 18.164396] ret_from_fork+0x116/0x1d0 [ 18.164620] ret_from_fork_asm+0x1a/0x30 [ 18.164927] [ 18.165126] freed by task 322 on cpu 1 at 18.158282s (0.006841s ago): [ 18.165422] test_double_free+0x1e0/0x260 [ 18.165828] kunit_try_run_case+0x1a5/0x480 [ 18.166117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.166442] kthread+0x337/0x6f0 [ 18.166719] ret_from_fork+0x116/0x1d0 [ 18.166880] ret_from_fork_asm+0x1a/0x30 [ 18.167084] [ 18.167410] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.167931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.168139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.168703] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.068029] ================================================================== [ 49.068429] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.068429] [ 49.068817] Use-after-free read at 0x(____ptrval____) (in kfence-#134): [ 49.069571] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.069773] kunit_try_run_case+0x1a5/0x480 [ 49.070073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.070304] kthread+0x337/0x6f0 [ 49.070478] ret_from_fork+0x116/0x1d0 [ 49.070643] ret_from_fork_asm+0x1a/0x30 [ 49.070814] [ 49.070926] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.070926] [ 49.071286] allocated by task 354 on cpu 0 at 49.047158s (0.024127s ago): [ 49.071514] test_alloc+0x2a6/0x10f0 [ 49.071669] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.071918] kunit_try_run_case+0x1a5/0x480 [ 49.072240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.072415] kthread+0x337/0x6f0 [ 49.072575] ret_from_fork+0x116/0x1d0 [ 49.072775] ret_from_fork_asm+0x1a/0x30 [ 49.073000] [ 49.073099] freed by task 354 on cpu 0 at 49.047256s (0.025840s ago): [ 49.073414] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.073612] kunit_try_run_case+0x1a5/0x480 [ 49.073813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.074008] kthread+0x337/0x6f0 [ 49.074237] ret_from_fork+0x116/0x1d0 [ 49.074416] ret_from_fork_asm+0x1a/0x30 [ 49.074590] [ 49.074703] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.075125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.075376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.075642] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.995447] ================================================================== [ 23.996091] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.996091] [ 23.997324] Invalid read at 0x(____ptrval____): [ 23.997586] test_invalid_access+0xf0/0x210 [ 23.997787] kunit_try_run_case+0x1a5/0x480 [ 23.997974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.999272] kthread+0x337/0x6f0 [ 23.999550] ret_from_fork+0x116/0x1d0 [ 23.999856] ret_from_fork_asm+0x1a/0x30 [ 24.000056] [ 24.000189] CPU: 1 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.001007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.001297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.001685] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.774584] ================================================================== [ 23.774958] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.774958] [ 23.775560] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#130): [ 23.776156] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.776391] kunit_try_run_case+0x1a5/0x480 [ 23.776638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.776850] kthread+0x337/0x6f0 [ 23.776984] ret_from_fork+0x116/0x1d0 [ 23.777207] ret_from_fork_asm+0x1a/0x30 [ 23.777469] [ 23.777598] kfence-#130: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.777598] [ 23.778029] allocated by task 344 on cpu 0 at 23.774305s (0.003722s ago): [ 23.778310] test_alloc+0x364/0x10f0 [ 23.778540] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.778848] kunit_try_run_case+0x1a5/0x480 [ 23.779052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.779330] kthread+0x337/0x6f0 [ 23.779543] ret_from_fork+0x116/0x1d0 [ 23.779780] ret_from_fork_asm+0x1a/0x30 [ 23.780028] [ 23.780126] freed by task 344 on cpu 0 at 23.774454s (0.005669s ago): [ 23.780408] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.780725] kunit_try_run_case+0x1a5/0x480 [ 23.780905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.781190] kthread+0x337/0x6f0 [ 23.781335] ret_from_fork+0x116/0x1d0 [ 23.781560] ret_from_fork_asm+0x1a/0x30 [ 23.781789] [ 23.781952] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.782385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.782593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.782950] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.670546] ================================================================== [ 23.670958] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.670958] [ 23.671520] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#129): [ 23.672348] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.672608] kunit_try_run_case+0x1a5/0x480 [ 23.672964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.673426] kthread+0x337/0x6f0 [ 23.673575] ret_from_fork+0x116/0x1d0 [ 23.673939] ret_from_fork_asm+0x1a/0x30 [ 23.674154] [ 23.674250] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.674250] [ 23.674919] allocated by task 342 on cpu 1 at 23.670311s (0.004605s ago): [ 23.675533] test_alloc+0x364/0x10f0 [ 23.675809] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.676135] kunit_try_run_case+0x1a5/0x480 [ 23.676355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.676796] kthread+0x337/0x6f0 [ 23.677079] ret_from_fork+0x116/0x1d0 [ 23.677268] ret_from_fork_asm+0x1a/0x30 [ 23.677467] [ 23.677867] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.678435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.678776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.679171] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.886484] ================================================================== [ 18.886857] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.886857] [ 18.887163] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 18.887952] test_corruption+0x131/0x3e0 [ 18.888103] kunit_try_run_case+0x1a5/0x480 [ 18.888297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.888611] kthread+0x337/0x6f0 [ 18.888789] ret_from_fork+0x116/0x1d0 [ 18.888976] ret_from_fork_asm+0x1a/0x30 [ 18.889158] [ 18.889256] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.889256] [ 18.889636] allocated by task 332 on cpu 0 at 18.886373s (0.003261s ago): [ 18.889990] test_alloc+0x2a6/0x10f0 [ 18.890287] test_corruption+0xe6/0x3e0 [ 18.890457] kunit_try_run_case+0x1a5/0x480 [ 18.890604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.891120] kthread+0x337/0x6f0 [ 18.891291] ret_from_fork+0x116/0x1d0 [ 18.891499] ret_from_fork_asm+0x1a/0x30 [ 18.891709] [ 18.891795] freed by task 332 on cpu 0 at 18.886416s (0.005377s ago): [ 18.892035] test_corruption+0x131/0x3e0 [ 18.892249] kunit_try_run_case+0x1a5/0x480 [ 18.892469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.892729] kthread+0x337/0x6f0 [ 18.892882] ret_from_fork+0x116/0x1d0 [ 18.893061] ret_from_fork_asm+0x1a/0x30 [ 18.893280] [ 18.893408] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.893873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.894013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.894526] ================================================================== [ 18.574553] ================================================================== [ 18.574966] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.574966] [ 18.575335] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 18.576656] test_corruption+0x2d2/0x3e0 [ 18.576937] kunit_try_run_case+0x1a5/0x480 [ 18.577123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.577538] kthread+0x337/0x6f0 [ 18.577784] ret_from_fork+0x116/0x1d0 [ 18.577964] ret_from_fork_asm+0x1a/0x30 [ 18.578146] [ 18.578239] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.578239] [ 18.578938] allocated by task 330 on cpu 1 at 18.574306s (0.004629s ago): [ 18.579192] test_alloc+0x364/0x10f0 [ 18.579552] test_corruption+0xe6/0x3e0 [ 18.579843] kunit_try_run_case+0x1a5/0x480 [ 18.580013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.580376] kthread+0x337/0x6f0 [ 18.580636] ret_from_fork+0x116/0x1d0 [ 18.580879] ret_from_fork_asm+0x1a/0x30 [ 18.581091] [ 18.581165] freed by task 330 on cpu 1 at 18.574398s (0.006764s ago): [ 18.581456] test_corruption+0x2d2/0x3e0 [ 18.581839] kunit_try_run_case+0x1a5/0x480 [ 18.582097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.582298] kthread+0x337/0x6f0 [ 18.582581] ret_from_fork+0x116/0x1d0 [ 18.582802] ret_from_fork_asm+0x1a/0x30 [ 18.582984] [ 18.583172] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.583751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.583941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.584303] ================================================================== [ 18.782532] ================================================================== [ 18.782924] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.782924] [ 18.783212] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 18.783901] test_corruption+0x2df/0x3e0 [ 18.784098] kunit_try_run_case+0x1a5/0x480 [ 18.784282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.784537] kthread+0x337/0x6f0 [ 18.784697] ret_from_fork+0x116/0x1d0 [ 18.784871] ret_from_fork_asm+0x1a/0x30 [ 18.785087] [ 18.785171] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.785171] [ 18.786079] allocated by task 330 on cpu 1 at 18.782274s (0.003803s ago): [ 18.786556] test_alloc+0x364/0x10f0 [ 18.786797] test_corruption+0x1cb/0x3e0 [ 18.786984] kunit_try_run_case+0x1a5/0x480 [ 18.787295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.787647] kthread+0x337/0x6f0 [ 18.787793] ret_from_fork+0x116/0x1d0 [ 18.788055] ret_from_fork_asm+0x1a/0x30 [ 18.788365] [ 18.788444] freed by task 330 on cpu 1 at 18.782369s (0.006073s ago): [ 18.788862] test_corruption+0x2df/0x3e0 [ 18.789162] kunit_try_run_case+0x1a5/0x480 [ 18.789443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.789723] kthread+0x337/0x6f0 [ 18.789969] ret_from_fork+0x116/0x1d0 [ 18.790147] ret_from_fork_asm+0x1a/0x30 [ 18.790333] [ 18.790443] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.791175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.791537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.791927] ================================================================== [ 18.990490] ================================================================== [ 18.990858] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.990858] [ 18.991159] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 18.991619] test_corruption+0x216/0x3e0 [ 18.991808] kunit_try_run_case+0x1a5/0x480 [ 18.992027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.992284] kthread+0x337/0x6f0 [ 18.992466] ret_from_fork+0x116/0x1d0 [ 18.992678] ret_from_fork_asm+0x1a/0x30 [ 18.992857] [ 18.992957] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.992957] [ 18.993317] allocated by task 332 on cpu 0 at 18.990370s (0.002945s ago): [ 18.993793] test_alloc+0x2a6/0x10f0 [ 18.993995] test_corruption+0x1cb/0x3e0 [ 18.994165] kunit_try_run_case+0x1a5/0x480 [ 18.994416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.994742] kthread+0x337/0x6f0 [ 18.994935] ret_from_fork+0x116/0x1d0 [ 18.995126] ret_from_fork_asm+0x1a/0x30 [ 18.995323] [ 18.995430] freed by task 332 on cpu 0 at 18.990425s (0.005002s ago): [ 18.995790] test_corruption+0x216/0x3e0 [ 18.996034] kunit_try_run_case+0x1a5/0x480 [ 18.996241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.996514] kthread+0x337/0x6f0 [ 18.996747] ret_from_fork+0x116/0x1d0 [ 18.996956] ret_from_fork_asm+0x1a/0x30 [ 18.997189] [ 18.997304] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.997840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.998033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.998442] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.366440] ================================================================== [ 18.366828] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.366828] [ 18.367154] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.367570] test_invalid_addr_free+0x1e1/0x260 [ 18.367746] kunit_try_run_case+0x1a5/0x480 [ 18.367964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.368189] kthread+0x337/0x6f0 [ 18.368313] ret_from_fork+0x116/0x1d0 [ 18.368503] ret_from_fork_asm+0x1a/0x30 [ 18.368700] [ 18.368794] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.368794] [ 18.369257] allocated by task 326 on cpu 0 at 18.366331s (0.002925s ago): [ 18.369571] test_alloc+0x364/0x10f0 [ 18.369732] test_invalid_addr_free+0xdb/0x260 [ 18.369930] kunit_try_run_case+0x1a5/0x480 [ 18.370111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.370358] kthread+0x337/0x6f0 [ 18.370484] ret_from_fork+0x116/0x1d0 [ 18.370741] ret_from_fork_asm+0x1a/0x30 [ 18.370997] [ 18.371097] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.371538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.371694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.371960] ================================================================== [ 18.470447] ================================================================== [ 18.470832] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.470832] [ 18.471269] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 18.471590] test_invalid_addr_free+0xfb/0x260 [ 18.471809] kunit_try_run_case+0x1a5/0x480 [ 18.471958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.472186] kthread+0x337/0x6f0 [ 18.472381] ret_from_fork+0x116/0x1d0 [ 18.472567] ret_from_fork_asm+0x1a/0x30 [ 18.472799] [ 18.472909] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.472909] [ 18.473312] allocated by task 328 on cpu 0 at 18.470339s (0.002971s ago): [ 18.473660] test_alloc+0x2a6/0x10f0 [ 18.473835] test_invalid_addr_free+0xdb/0x260 [ 18.474046] kunit_try_run_case+0x1a5/0x480 [ 18.474253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.474523] kthread+0x337/0x6f0 [ 18.474747] ret_from_fork+0x116/0x1d0 [ 18.474989] ret_from_fork_asm+0x1a/0x30 [ 18.475166] [ 18.475260] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.475927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.476120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.476511] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.846467] ================================================================== [ 17.846893] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.846893] [ 17.847496] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 17.848136] test_use_after_free_read+0x129/0x270 [ 17.848374] kunit_try_run_case+0x1a5/0x480 [ 17.848812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.849161] kthread+0x337/0x6f0 [ 17.849370] ret_from_fork+0x116/0x1d0 [ 17.849752] ret_from_fork_asm+0x1a/0x30 [ 17.849967] [ 17.850246] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.850246] [ 17.850649] allocated by task 316 on cpu 1 at 17.846327s (0.004319s ago): [ 17.851059] test_alloc+0x2a6/0x10f0 [ 17.851405] test_use_after_free_read+0xdc/0x270 [ 17.851738] kunit_try_run_case+0x1a5/0x480 [ 17.852035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.852288] kthread+0x337/0x6f0 [ 17.852675] ret_from_fork+0x116/0x1d0 [ 17.852948] ret_from_fork_asm+0x1a/0x30 [ 17.853231] [ 17.853359] freed by task 316 on cpu 1 at 17.846390s (0.006966s ago): [ 17.853794] test_use_after_free_read+0xfb/0x270 [ 17.854027] kunit_try_run_case+0x1a5/0x480 [ 17.854235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.854492] kthread+0x337/0x6f0 [ 17.854916] ret_from_fork+0x116/0x1d0 [ 17.855087] ret_from_fork_asm+0x1a/0x30 [ 17.855411] [ 17.855654] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.856183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.856387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.857012] ================================================================== [ 17.742541] ================================================================== [ 17.743036] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.743036] [ 17.743590] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 17.743844] test_use_after_free_read+0x129/0x270 [ 17.744099] kunit_try_run_case+0x1a5/0x480 [ 17.744311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.744555] kthread+0x337/0x6f0 [ 17.744744] ret_from_fork+0x116/0x1d0 [ 17.744923] ret_from_fork_asm+0x1a/0x30 [ 17.745075] [ 17.745175] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.745175] [ 17.745603] allocated by task 314 on cpu 0 at 17.742309s (0.003292s ago): [ 17.746075] test_alloc+0x364/0x10f0 [ 17.746254] test_use_after_free_read+0xdc/0x270 [ 17.746492] kunit_try_run_case+0x1a5/0x480 [ 17.746711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.747042] kthread+0x337/0x6f0 [ 17.747240] ret_from_fork+0x116/0x1d0 [ 17.747389] ret_from_fork_asm+0x1a/0x30 [ 17.747692] [ 17.747937] freed by task 314 on cpu 0 at 17.742394s (0.005431s ago): [ 17.748301] test_use_after_free_read+0x1e7/0x270 [ 17.748580] kunit_try_run_case+0x1a5/0x480 [ 17.748752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.748929] kthread+0x337/0x6f0 [ 17.749068] ret_from_fork+0x116/0x1d0 [ 17.749278] ret_from_fork_asm+0x1a/0x30 [ 17.749496] [ 17.749616] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.750285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.750485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.750867] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.534397] ================================================================== [ 17.534806] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.534806] [ 17.535188] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 17.535833] test_out_of_bounds_write+0x10d/0x260 [ 17.536059] kunit_try_run_case+0x1a5/0x480 [ 17.536256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.536492] kthread+0x337/0x6f0 [ 17.536891] ret_from_fork+0x116/0x1d0 [ 17.537174] ret_from_fork_asm+0x1a/0x30 [ 17.537501] [ 17.537606] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.537606] [ 17.537975] allocated by task 310 on cpu 1 at 17.534285s (0.003688s ago): [ 17.538255] test_alloc+0x364/0x10f0 [ 17.538612] test_out_of_bounds_write+0xd4/0x260 [ 17.538791] kunit_try_run_case+0x1a5/0x480 [ 17.539262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.539511] kthread+0x337/0x6f0 [ 17.539680] ret_from_fork+0x116/0x1d0 [ 17.539846] ret_from_fork_asm+0x1a/0x30 [ 17.540016] [ 17.540140] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.540851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.541036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.541612] ================================================================== [ 17.638387] ================================================================== [ 17.638920] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.638920] [ 17.639509] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 17.639833] test_out_of_bounds_write+0x10d/0x260 [ 17.640068] kunit_try_run_case+0x1a5/0x480 [ 17.640218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.640470] kthread+0x337/0x6f0 [ 17.640786] ret_from_fork+0x116/0x1d0 [ 17.640980] ret_from_fork_asm+0x1a/0x30 [ 17.641208] [ 17.641328] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.641328] [ 17.641683] allocated by task 312 on cpu 0 at 17.638319s (0.003363s ago): [ 17.642044] test_alloc+0x2a6/0x10f0 [ 17.642218] test_out_of_bounds_write+0xd4/0x260 [ 17.642455] kunit_try_run_case+0x1a5/0x480 [ 17.642637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.643020] kthread+0x337/0x6f0 [ 17.643205] ret_from_fork+0x116/0x1d0 [ 17.643384] ret_from_fork_asm+0x1a/0x30 [ 17.643646] [ 17.643830] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.644330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.644535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.644970] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.326374] ================================================================== [ 17.326792] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.326792] [ 17.327168] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#68): [ 17.327844] test_out_of_bounds_read+0x216/0x4e0 [ 17.328085] kunit_try_run_case+0x1a5/0x480 [ 17.328242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.328871] kthread+0x337/0x6f0 [ 17.329130] ret_from_fork+0x116/0x1d0 [ 17.329294] ret_from_fork_asm+0x1a/0x30 [ 17.329577] [ 17.329662] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.329662] [ 17.330046] allocated by task 308 on cpu 1 at 17.326311s (0.003733s ago): [ 17.330351] test_alloc+0x2a6/0x10f0 [ 17.330541] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.331098] kunit_try_run_case+0x1a5/0x480 [ 17.331264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.331667] kthread+0x337/0x6f0 [ 17.331831] ret_from_fork+0x116/0x1d0 [ 17.332130] ret_from_fork_asm+0x1a/0x30 [ 17.332396] [ 17.332503] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.333081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.333357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.333804] ================================================================== [ 17.118439] ================================================================== [ 17.118821] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.118821] [ 17.119273] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 17.119654] test_out_of_bounds_read+0x126/0x4e0 [ 17.120213] kunit_try_run_case+0x1a5/0x480 [ 17.120465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.120865] kthread+0x337/0x6f0 [ 17.121202] ret_from_fork+0x116/0x1d0 [ 17.121363] ret_from_fork_asm+0x1a/0x30 [ 17.121568] [ 17.121904] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.121904] [ 17.122286] allocated by task 308 on cpu 1 at 17.118380s (0.003904s ago): [ 17.122628] test_alloc+0x2a6/0x10f0 [ 17.122815] test_out_of_bounds_read+0xed/0x4e0 [ 17.123025] kunit_try_run_case+0x1a5/0x480 [ 17.123205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.123851] kthread+0x337/0x6f0 [ 17.123996] ret_from_fork+0x116/0x1d0 [ 17.124322] ret_from_fork_asm+0x1a/0x30 [ 17.124627] [ 17.124744] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.125351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.125562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.126063] ================================================================== [ 16.911341] ================================================================== [ 16.911960] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.911960] [ 16.912449] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#64): [ 16.912899] test_out_of_bounds_read+0x126/0x4e0 [ 16.913154] kunit_try_run_case+0x1a5/0x480 [ 16.913317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.913672] kthread+0x337/0x6f0 [ 16.913980] ret_from_fork+0x116/0x1d0 [ 16.914324] ret_from_fork_asm+0x1a/0x30 [ 16.914742] [ 16.915050] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.915050] [ 16.915716] allocated by task 306 on cpu 0 at 16.910306s (0.005354s ago): [ 16.916310] test_alloc+0x364/0x10f0 [ 16.916556] test_out_of_bounds_read+0xed/0x4e0 [ 16.916773] kunit_try_run_case+0x1a5/0x480 [ 16.916958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.917204] kthread+0x337/0x6f0 [ 16.917347] ret_from_fork+0x116/0x1d0 [ 16.917485] ret_from_fork_asm+0x1a/0x30 [ 16.917841] [ 16.917994] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.918454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.918708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.919076] ================================================================== [ 17.014517] ================================================================== [ 17.014906] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.014906] [ 17.015370] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 17.015818] test_out_of_bounds_read+0x216/0x4e0 [ 17.016043] kunit_try_run_case+0x1a5/0x480 [ 17.016218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.016458] kthread+0x337/0x6f0 [ 17.016627] ret_from_fork+0x116/0x1d0 [ 17.016932] ret_from_fork_asm+0x1a/0x30 [ 17.017120] [ 17.017200] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.017200] [ 17.017606] allocated by task 306 on cpu 0 at 17.014342s (0.003262s ago): [ 17.017893] test_alloc+0x364/0x10f0 [ 17.018028] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.018226] kunit_try_run_case+0x1a5/0x480 [ 17.018449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.018724] kthread+0x337/0x6f0 [ 17.018883] ret_from_fork+0x116/0x1d0 [ 17.019078] ret_from_fork_asm+0x1a/0x30 [ 17.019266] [ 17.019390] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.019815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.020056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.020381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.386835] ================================================================== [ 16.387402] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.387824] Write of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.388092] [ 16.388213] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.388257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.388270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.388292] Call Trace: [ 16.388308] <TASK> [ 16.388335] dump_stack_lvl+0x73/0xb0 [ 16.388363] print_report+0xd1/0x610 [ 16.388385] ? __virt_addr_valid+0x1db/0x2d0 [ 16.388407] ? strncpy_from_user+0x2e/0x1d0 [ 16.388431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.388454] ? strncpy_from_user+0x2e/0x1d0 [ 16.388489] kasan_report+0x141/0x180 [ 16.388512] ? strncpy_from_user+0x2e/0x1d0 [ 16.388541] kasan_check_range+0x10c/0x1c0 [ 16.388585] __kasan_check_write+0x18/0x20 [ 16.388614] strncpy_from_user+0x2e/0x1d0 [ 16.388637] ? __kasan_check_read+0x15/0x20 [ 16.388658] copy_user_test_oob+0x760/0x10f0 [ 16.388695] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.388720] ? __kasan_check_write+0x18/0x20 [ 16.388739] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.388767] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.388792] ? __pfx_read_tsc+0x10/0x10 [ 16.388812] ? ktime_get_ts64+0x86/0x230 [ 16.388846] kunit_try_run_case+0x1a5/0x480 [ 16.388870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.388893] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.388926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.388951] ? __kthread_parkme+0x82/0x180 [ 16.388971] ? preempt_count_sub+0x50/0x80 [ 16.389001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.389034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.389059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.389084] kthread+0x337/0x6f0 [ 16.389114] ? trace_preempt_on+0x20/0xc0 [ 16.389137] ? __pfx_kthread+0x10/0x10 [ 16.389157] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.389179] ? calculate_sigpending+0x7b/0xa0 [ 16.389203] ? __pfx_kthread+0x10/0x10 [ 16.389224] ret_from_fork+0x116/0x1d0 [ 16.389244] ? __pfx_kthread+0x10/0x10 [ 16.389264] ret_from_fork_asm+0x1a/0x30 [ 16.389295] </TASK> [ 16.389305] [ 16.397170] Allocated by task 304: [ 16.397363] kasan_save_stack+0x45/0x70 [ 16.397555] kasan_save_track+0x18/0x40 [ 16.397819] kasan_save_alloc_info+0x3b/0x50 [ 16.398032] __kasan_kmalloc+0xb7/0xc0 [ 16.398223] __kmalloc_noprof+0x1c9/0x500 [ 16.398415] kunit_kmalloc_array+0x25/0x60 [ 16.398654] copy_user_test_oob+0xab/0x10f0 [ 16.398847] kunit_try_run_case+0x1a5/0x480 [ 16.399074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.399299] kthread+0x337/0x6f0 [ 16.399461] ret_from_fork+0x116/0x1d0 [ 16.399695] ret_from_fork_asm+0x1a/0x30 [ 16.400010] [ 16.400110] The buggy address belongs to the object at ffff8881039ee400 [ 16.400110] which belongs to the cache kmalloc-128 of size 128 [ 16.400640] The buggy address is located 0 bytes inside of [ 16.400640] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.401133] [ 16.401206] The buggy address belongs to the physical page: [ 16.401491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.401856] flags: 0x200000000000000(node=0|zone=2) [ 16.402022] page_type: f5(slab) [ 16.402145] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.402392] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.402623] page dumped because: kasan: bad access detected [ 16.402798] [ 16.402892] Memory state around the buggy address: [ 16.403113] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.403469] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403794] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.404109] ^ [ 16.404429] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405205] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405447] ================================================================== [ 16.407177] ================================================================== [ 16.407518] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.407823] Write of size 1 at addr ffff8881039ee478 by task kunit_try_catch/304 [ 16.408680] [ 16.408840] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.408887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.408901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.409041] Call Trace: [ 16.409061] <TASK> [ 16.409077] dump_stack_lvl+0x73/0xb0 [ 16.409121] print_report+0xd1/0x610 [ 16.409145] ? __virt_addr_valid+0x1db/0x2d0 [ 16.409201] ? strncpy_from_user+0x1a5/0x1d0 [ 16.409227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.409252] ? strncpy_from_user+0x1a5/0x1d0 [ 16.409276] kasan_report+0x141/0x180 [ 16.409299] ? strncpy_from_user+0x1a5/0x1d0 [ 16.409338] __asan_report_store1_noabort+0x1b/0x30 [ 16.409363] strncpy_from_user+0x1a5/0x1d0 [ 16.409390] copy_user_test_oob+0x760/0x10f0 [ 16.409416] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.409440] ? __kasan_check_write+0x18/0x20 [ 16.409461] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.409487] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.409523] ? __pfx_read_tsc+0x10/0x10 [ 16.409544] ? ktime_get_ts64+0x86/0x230 [ 16.409568] kunit_try_run_case+0x1a5/0x480 [ 16.409593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.409616] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.409639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.409663] ? __kthread_parkme+0x82/0x180 [ 16.409683] ? preempt_count_sub+0x50/0x80 [ 16.409709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.409733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.409757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.409781] kthread+0x337/0x6f0 [ 16.409801] ? trace_preempt_on+0x20/0xc0 [ 16.409824] ? __pfx_kthread+0x10/0x10 [ 16.409845] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.409867] ? calculate_sigpending+0x7b/0xa0 [ 16.409891] ? __pfx_kthread+0x10/0x10 [ 16.409913] ret_from_fork+0x116/0x1d0 [ 16.409932] ? __pfx_kthread+0x10/0x10 [ 16.409954] ret_from_fork_asm+0x1a/0x30 [ 16.409986] </TASK> [ 16.409999] [ 16.421410] Allocated by task 304: [ 16.421742] kasan_save_stack+0x45/0x70 [ 16.421932] kasan_save_track+0x18/0x40 [ 16.422100] kasan_save_alloc_info+0x3b/0x50 [ 16.422292] __kasan_kmalloc+0xb7/0xc0 [ 16.422472] __kmalloc_noprof+0x1c9/0x500 [ 16.422659] kunit_kmalloc_array+0x25/0x60 [ 16.422846] copy_user_test_oob+0xab/0x10f0 [ 16.423035] kunit_try_run_case+0x1a5/0x480 [ 16.423213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423947] kthread+0x337/0x6f0 [ 16.424343] ret_from_fork+0x116/0x1d0 [ 16.424750] ret_from_fork_asm+0x1a/0x30 [ 16.425032] [ 16.425260] The buggy address belongs to the object at ffff8881039ee400 [ 16.425260] which belongs to the cache kmalloc-128 of size 128 [ 16.426372] The buggy address is located 0 bytes to the right of [ 16.426372] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.427258] [ 16.427371] The buggy address belongs to the physical page: [ 16.427964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.428441] flags: 0x200000000000000(node=0|zone=2) [ 16.428886] page_type: f5(slab) [ 16.429188] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.429838] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.430155] page dumped because: kasan: bad access detected [ 16.430393] [ 16.430481] Memory state around the buggy address: [ 16.431015] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.431482] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.431768] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.432058] ^ [ 16.432355] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433074] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.364227] ================================================================== [ 16.364630] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.364955] Read of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.365293] [ 16.365400] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.365443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.365456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.365477] Call Trace: [ 16.365492] <TASK> [ 16.365505] dump_stack_lvl+0x73/0xb0 [ 16.365543] print_report+0xd1/0x610 [ 16.365566] ? __virt_addr_valid+0x1db/0x2d0 [ 16.365588] ? copy_user_test_oob+0x604/0x10f0 [ 16.365624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.365657] ? copy_user_test_oob+0x604/0x10f0 [ 16.365682] kasan_report+0x141/0x180 [ 16.365705] ? copy_user_test_oob+0x604/0x10f0 [ 16.365744] kasan_check_range+0x10c/0x1c0 [ 16.365768] __kasan_check_read+0x15/0x20 [ 16.365788] copy_user_test_oob+0x604/0x10f0 [ 16.365823] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.365848] ? __kasan_check_write+0x18/0x20 [ 16.365867] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.365905] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.365930] ? __pfx_read_tsc+0x10/0x10 [ 16.365952] ? ktime_get_ts64+0x86/0x230 [ 16.365984] kunit_try_run_case+0x1a5/0x480 [ 16.366009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366031] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.366065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.366090] ? __kthread_parkme+0x82/0x180 [ 16.366110] ? preempt_count_sub+0x50/0x80 [ 16.366144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.366192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.366228] kthread+0x337/0x6f0 [ 16.366248] ? trace_preempt_on+0x20/0xc0 [ 16.366271] ? __pfx_kthread+0x10/0x10 [ 16.366293] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.366315] ? calculate_sigpending+0x7b/0xa0 [ 16.366348] ? __pfx_kthread+0x10/0x10 [ 16.366370] ret_from_fork+0x116/0x1d0 [ 16.366388] ? __pfx_kthread+0x10/0x10 [ 16.366409] ret_from_fork_asm+0x1a/0x30 [ 16.366441] </TASK> [ 16.366452] [ 16.374023] Allocated by task 304: [ 16.374457] kasan_save_stack+0x45/0x70 [ 16.374934] kasan_save_track+0x18/0x40 [ 16.375552] kasan_save_alloc_info+0x3b/0x50 [ 16.376019] __kasan_kmalloc+0xb7/0xc0 [ 16.376545] __kmalloc_noprof+0x1c9/0x500 [ 16.376874] kunit_kmalloc_array+0x25/0x60 [ 16.377081] copy_user_test_oob+0xab/0x10f0 [ 16.377281] kunit_try_run_case+0x1a5/0x480 [ 16.378223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.378429] kthread+0x337/0x6f0 [ 16.378690] ret_from_fork+0x116/0x1d0 [ 16.378862] ret_from_fork_asm+0x1a/0x30 [ 16.379044] [ 16.379137] The buggy address belongs to the object at ffff8881039ee400 [ 16.379137] which belongs to the cache kmalloc-128 of size 128 [ 16.380128] The buggy address is located 0 bytes inside of [ 16.380128] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.381049] [ 16.381315] The buggy address belongs to the physical page: [ 16.381601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.381925] flags: 0x200000000000000(node=0|zone=2) [ 16.382130] page_type: f5(slab) [ 16.382288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.383021] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.383489] page dumped because: kasan: bad access detected [ 16.383874] [ 16.383968] Memory state around the buggy address: [ 16.384172] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.384435] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384685] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.385022] ^ [ 16.385305] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.385675] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.385948] ================================================================== [ 16.345176] ================================================================== [ 16.345529] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.345838] Write of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.346167] [ 16.346251] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.346292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.346305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.346337] Call Trace: [ 16.346353] <TASK> [ 16.346368] dump_stack_lvl+0x73/0xb0 [ 16.346396] print_report+0xd1/0x610 [ 16.346418] ? __virt_addr_valid+0x1db/0x2d0 [ 16.346441] ? copy_user_test_oob+0x557/0x10f0 [ 16.346465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.346488] ? copy_user_test_oob+0x557/0x10f0 [ 16.346524] kasan_report+0x141/0x180 [ 16.346557] ? copy_user_test_oob+0x557/0x10f0 [ 16.346585] kasan_check_range+0x10c/0x1c0 [ 16.346610] __kasan_check_write+0x18/0x20 [ 16.346642] copy_user_test_oob+0x557/0x10f0 [ 16.346669] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.346694] ? __kasan_check_write+0x18/0x20 [ 16.346714] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.346740] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.346765] ? __pfx_read_tsc+0x10/0x10 [ 16.346785] ? ktime_get_ts64+0x86/0x230 [ 16.346810] kunit_try_run_case+0x1a5/0x480 [ 16.346834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.346859] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.346883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.346916] ? __kthread_parkme+0x82/0x180 [ 16.346938] ? preempt_count_sub+0x50/0x80 [ 16.346962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.346999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.347025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.347050] kthread+0x337/0x6f0 [ 16.347071] ? trace_preempt_on+0x20/0xc0 [ 16.347103] ? __pfx_kthread+0x10/0x10 [ 16.347123] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.347146] ? calculate_sigpending+0x7b/0xa0 [ 16.347181] ? __pfx_kthread+0x10/0x10 [ 16.347202] ret_from_fork+0x116/0x1d0 [ 16.347222] ? __pfx_kthread+0x10/0x10 [ 16.347243] ret_from_fork_asm+0x1a/0x30 [ 16.347282] </TASK> [ 16.347292] [ 16.355078] Allocated by task 304: [ 16.355265] kasan_save_stack+0x45/0x70 [ 16.355481] kasan_save_track+0x18/0x40 [ 16.355671] kasan_save_alloc_info+0x3b/0x50 [ 16.355856] __kasan_kmalloc+0xb7/0xc0 [ 16.356055] __kmalloc_noprof+0x1c9/0x500 [ 16.356230] kunit_kmalloc_array+0x25/0x60 [ 16.356398] copy_user_test_oob+0xab/0x10f0 [ 16.356741] kunit_try_run_case+0x1a5/0x480 [ 16.356945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.357196] kthread+0x337/0x6f0 [ 16.357385] ret_from_fork+0x116/0x1d0 [ 16.357575] ret_from_fork_asm+0x1a/0x30 [ 16.357770] [ 16.357848] The buggy address belongs to the object at ffff8881039ee400 [ 16.357848] which belongs to the cache kmalloc-128 of size 128 [ 16.358378] The buggy address is located 0 bytes inside of [ 16.358378] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.358900] [ 16.359006] The buggy address belongs to the physical page: [ 16.359254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.359646] flags: 0x200000000000000(node=0|zone=2) [ 16.359873] page_type: f5(slab) [ 16.360041] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.360297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.360806] page dumped because: kasan: bad access detected [ 16.361047] [ 16.361119] Memory state around the buggy address: [ 16.361299] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.361817] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.362151] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.362403] ^ [ 16.362904] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363181] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363466] ================================================================== [ 16.307586] ================================================================== [ 16.307906] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.308263] Write of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.308663] [ 16.308791] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.308847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.308860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.308882] Call Trace: [ 16.308895] <TASK> [ 16.308920] dump_stack_lvl+0x73/0xb0 [ 16.308948] print_report+0xd1/0x610 [ 16.308971] ? __virt_addr_valid+0x1db/0x2d0 [ 16.309009] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.309034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.309058] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.309091] kasan_report+0x141/0x180 [ 16.309114] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.309143] kasan_check_range+0x10c/0x1c0 [ 16.309177] __kasan_check_write+0x18/0x20 [ 16.309197] copy_user_test_oob+0x3fd/0x10f0 [ 16.309223] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.309249] ? __kasan_check_write+0x18/0x20 [ 16.309270] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.309297] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.309334] ? __pfx_read_tsc+0x10/0x10 [ 16.309355] ? ktime_get_ts64+0x86/0x230 [ 16.309379] kunit_try_run_case+0x1a5/0x480 [ 16.309404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.309427] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.309451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.309475] ? __kthread_parkme+0x82/0x180 [ 16.309496] ? preempt_count_sub+0x50/0x80 [ 16.309529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.309562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.309587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.309623] kthread+0x337/0x6f0 [ 16.309643] ? trace_preempt_on+0x20/0xc0 [ 16.309667] ? __pfx_kthread+0x10/0x10 [ 16.309688] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.309710] ? calculate_sigpending+0x7b/0xa0 [ 16.309734] ? __pfx_kthread+0x10/0x10 [ 16.309756] ret_from_fork+0x116/0x1d0 [ 16.309775] ? __pfx_kthread+0x10/0x10 [ 16.309796] ret_from_fork_asm+0x1a/0x30 [ 16.309827] </TASK> [ 16.309836] [ 16.317335] Allocated by task 304: [ 16.317558] kasan_save_stack+0x45/0x70 [ 16.317756] kasan_save_track+0x18/0x40 [ 16.317948] kasan_save_alloc_info+0x3b/0x50 [ 16.318158] __kasan_kmalloc+0xb7/0xc0 [ 16.318353] __kmalloc_noprof+0x1c9/0x500 [ 16.318613] kunit_kmalloc_array+0x25/0x60 [ 16.318816] copy_user_test_oob+0xab/0x10f0 [ 16.318991] kunit_try_run_case+0x1a5/0x480 [ 16.319198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.319453] kthread+0x337/0x6f0 [ 16.319745] ret_from_fork+0x116/0x1d0 [ 16.319927] ret_from_fork_asm+0x1a/0x30 [ 16.320084] [ 16.320158] The buggy address belongs to the object at ffff8881039ee400 [ 16.320158] which belongs to the cache kmalloc-128 of size 128 [ 16.320531] The buggy address is located 0 bytes inside of [ 16.320531] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.321065] [ 16.321160] The buggy address belongs to the physical page: [ 16.321429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.321858] flags: 0x200000000000000(node=0|zone=2) [ 16.322025] page_type: f5(slab) [ 16.322147] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.322421] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.323092] page dumped because: kasan: bad access detected [ 16.323381] [ 16.323474] Memory state around the buggy address: [ 16.323825] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.324142] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.324450] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.324826] ^ [ 16.325145] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325454] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325761] ================================================================== [ 16.326353] ================================================================== [ 16.326823] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.327180] Read of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.327550] [ 16.327663] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.327706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.327729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.327751] Call Trace: [ 16.327766] <TASK> [ 16.327781] dump_stack_lvl+0x73/0xb0 [ 16.327810] print_report+0xd1/0x610 [ 16.327832] ? __virt_addr_valid+0x1db/0x2d0 [ 16.327855] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.327890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.327914] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.327949] kasan_report+0x141/0x180 [ 16.327972] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.328001] kasan_check_range+0x10c/0x1c0 [ 16.328025] __kasan_check_read+0x15/0x20 [ 16.328046] copy_user_test_oob+0x4aa/0x10f0 [ 16.328072] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.328098] ? __kasan_check_write+0x18/0x20 [ 16.328118] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.328143] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.328169] ? __pfx_read_tsc+0x10/0x10 [ 16.328190] ? ktime_get_ts64+0x86/0x230 [ 16.328213] kunit_try_run_case+0x1a5/0x480 [ 16.328239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328262] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.328285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.328309] ? __kthread_parkme+0x82/0x180 [ 16.328340] ? preempt_count_sub+0x50/0x80 [ 16.328364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.328389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.328413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.328438] kthread+0x337/0x6f0 [ 16.328459] ? trace_preempt_on+0x20/0xc0 [ 16.328483] ? __pfx_kthread+0x10/0x10 [ 16.328503] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.328525] ? calculate_sigpending+0x7b/0xa0 [ 16.328549] ? __pfx_kthread+0x10/0x10 [ 16.328571] ret_from_fork+0x116/0x1d0 [ 16.328590] ? __pfx_kthread+0x10/0x10 [ 16.328611] ret_from_fork_asm+0x1a/0x30 [ 16.328651] </TASK> [ 16.328661] [ 16.336594] Allocated by task 304: [ 16.336783] kasan_save_stack+0x45/0x70 [ 16.336963] kasan_save_track+0x18/0x40 [ 16.337164] kasan_save_alloc_info+0x3b/0x50 [ 16.337314] __kasan_kmalloc+0xb7/0xc0 [ 16.337459] __kmalloc_noprof+0x1c9/0x500 [ 16.337600] kunit_kmalloc_array+0x25/0x60 [ 16.337745] copy_user_test_oob+0xab/0x10f0 [ 16.337944] kunit_try_run_case+0x1a5/0x480 [ 16.338168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.338442] kthread+0x337/0x6f0 [ 16.338758] ret_from_fork+0x116/0x1d0 [ 16.338942] ret_from_fork_asm+0x1a/0x30 [ 16.339134] [ 16.339227] The buggy address belongs to the object at ffff8881039ee400 [ 16.339227] which belongs to the cache kmalloc-128 of size 128 [ 16.339751] The buggy address is located 0 bytes inside of [ 16.339751] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.340190] [ 16.340283] The buggy address belongs to the physical page: [ 16.340628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.340947] flags: 0x200000000000000(node=0|zone=2) [ 16.341190] page_type: f5(slab) [ 16.341356] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.341713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.342037] page dumped because: kasan: bad access detected [ 16.342297] [ 16.342403] Memory state around the buggy address: [ 16.342635] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.342988] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.343365] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.343700] ^ [ 16.344011] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344248] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344472] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.285180] ================================================================== [ 16.285527] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.285818] Read of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.286141] [ 16.286293] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.286348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.286360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.286381] Call Trace: [ 16.286395] <TASK> [ 16.286411] dump_stack_lvl+0x73/0xb0 [ 16.286441] print_report+0xd1/0x610 [ 16.286464] ? __virt_addr_valid+0x1db/0x2d0 [ 16.286487] ? _copy_to_user+0x3c/0x70 [ 16.286506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.286541] ? _copy_to_user+0x3c/0x70 [ 16.286570] kasan_report+0x141/0x180 [ 16.286593] ? _copy_to_user+0x3c/0x70 [ 16.286628] kasan_check_range+0x10c/0x1c0 [ 16.286652] __kasan_check_read+0x15/0x20 [ 16.286672] _copy_to_user+0x3c/0x70 [ 16.286692] copy_user_test_oob+0x364/0x10f0 [ 16.286719] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.286745] ? __kasan_check_write+0x18/0x20 [ 16.286765] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.286794] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.286819] ? __pfx_read_tsc+0x10/0x10 [ 16.286841] ? ktime_get_ts64+0x86/0x230 [ 16.286874] kunit_try_run_case+0x1a5/0x480 [ 16.286898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286922] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.286956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.286980] ? __kthread_parkme+0x82/0x180 [ 16.287001] ? preempt_count_sub+0x50/0x80 [ 16.287026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.287051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.287075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.287100] kthread+0x337/0x6f0 [ 16.287120] ? trace_preempt_on+0x20/0xc0 [ 16.287143] ? __pfx_kthread+0x10/0x10 [ 16.287164] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.287188] ? calculate_sigpending+0x7b/0xa0 [ 16.287212] ? __pfx_kthread+0x10/0x10 [ 16.287234] ret_from_fork+0x116/0x1d0 [ 16.287253] ? __pfx_kthread+0x10/0x10 [ 16.287274] ret_from_fork_asm+0x1a/0x30 [ 16.287305] </TASK> [ 16.287316] [ 16.295138] Allocated by task 304: [ 16.295276] kasan_save_stack+0x45/0x70 [ 16.295454] kasan_save_track+0x18/0x40 [ 16.295823] kasan_save_alloc_info+0x3b/0x50 [ 16.296063] __kasan_kmalloc+0xb7/0xc0 [ 16.296273] __kmalloc_noprof+0x1c9/0x500 [ 16.296482] kunit_kmalloc_array+0x25/0x60 [ 16.296697] copy_user_test_oob+0xab/0x10f0 [ 16.296920] kunit_try_run_case+0x1a5/0x480 [ 16.297072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.297359] kthread+0x337/0x6f0 [ 16.297529] ret_from_fork+0x116/0x1d0 [ 16.297713] ret_from_fork_asm+0x1a/0x30 [ 16.297879] [ 16.298070] The buggy address belongs to the object at ffff8881039ee400 [ 16.298070] which belongs to the cache kmalloc-128 of size 128 [ 16.298610] The buggy address is located 0 bytes inside of [ 16.298610] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.299084] [ 16.299158] The buggy address belongs to the physical page: [ 16.299343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.299713] flags: 0x200000000000000(node=0|zone=2) [ 16.299946] page_type: f5(slab) [ 16.300144] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.300460] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.300860] page dumped because: kasan: bad access detected [ 16.301107] [ 16.301206] Memory state around the buggy address: [ 16.301400] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.301619] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.301834] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.302048] ^ [ 16.302404] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.302946] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.303254] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.259555] ================================================================== [ 16.260123] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.260494] Write of size 121 at addr ffff8881039ee400 by task kunit_try_catch/304 [ 16.260913] [ 16.261016] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.261076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.261088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.261124] Call Trace: [ 16.261139] <TASK> [ 16.261159] dump_stack_lvl+0x73/0xb0 [ 16.261204] print_report+0xd1/0x610 [ 16.261229] ? __virt_addr_valid+0x1db/0x2d0 [ 16.261254] ? _copy_from_user+0x32/0x90 [ 16.261275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.261299] ? _copy_from_user+0x32/0x90 [ 16.261320] kasan_report+0x141/0x180 [ 16.261353] ? _copy_from_user+0x32/0x90 [ 16.261379] kasan_check_range+0x10c/0x1c0 [ 16.261416] __kasan_check_write+0x18/0x20 [ 16.261437] _copy_from_user+0x32/0x90 [ 16.261458] copy_user_test_oob+0x2be/0x10f0 [ 16.261498] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.261524] ? __kasan_check_write+0x18/0x20 [ 16.261566] ? queued_spin_lock_slowpath+0x116/0xb40 [ 16.261595] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 16.261623] ? __pfx_read_tsc+0x10/0x10 [ 16.261644] ? ktime_get_ts64+0x86/0x230 [ 16.261680] kunit_try_run_case+0x1a5/0x480 [ 16.261705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.261728] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 16.261763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.261787] ? __kthread_parkme+0x82/0x180 [ 16.261809] ? preempt_count_sub+0x50/0x80 [ 16.261834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.261859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.261892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.261917] kthread+0x337/0x6f0 [ 16.261936] ? trace_preempt_on+0x20/0xc0 [ 16.261970] ? __pfx_kthread+0x10/0x10 [ 16.261991] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.262014] ? calculate_sigpending+0x7b/0xa0 [ 16.262106] ? __pfx_kthread+0x10/0x10 [ 16.262128] ret_from_fork+0x116/0x1d0 [ 16.262149] ? __pfx_kthread+0x10/0x10 [ 16.262170] ret_from_fork_asm+0x1a/0x30 [ 16.262202] </TASK> [ 16.262214] [ 16.270982] Allocated by task 304: [ 16.271173] kasan_save_stack+0x45/0x70 [ 16.271439] kasan_save_track+0x18/0x40 [ 16.271736] kasan_save_alloc_info+0x3b/0x50 [ 16.271920] __kasan_kmalloc+0xb7/0xc0 [ 16.272134] __kmalloc_noprof+0x1c9/0x500 [ 16.272392] kunit_kmalloc_array+0x25/0x60 [ 16.272712] copy_user_test_oob+0xab/0x10f0 [ 16.272928] kunit_try_run_case+0x1a5/0x480 [ 16.273220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.273466] kthread+0x337/0x6f0 [ 16.273590] ret_from_fork+0x116/0x1d0 [ 16.273724] ret_from_fork_asm+0x1a/0x30 [ 16.273865] [ 16.273941] The buggy address belongs to the object at ffff8881039ee400 [ 16.273941] which belongs to the cache kmalloc-128 of size 128 [ 16.274795] The buggy address is located 0 bytes inside of [ 16.274795] allocated 120-byte region [ffff8881039ee400, ffff8881039ee478) [ 16.275956] [ 16.276088] The buggy address belongs to the physical page: [ 16.276332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.276768] flags: 0x200000000000000(node=0|zone=2) [ 16.276940] page_type: f5(slab) [ 16.277256] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.277767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.278139] page dumped because: kasan: bad access detected [ 16.278439] [ 16.278530] Memory state around the buggy address: [ 16.278778] ffff8881039ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.279099] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.279621] >ffff8881039ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.279962] ^ [ 16.280398] ffff8881039ee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.280751] ffff8881039ee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.281134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.195412] ================================================================== [ 16.196670] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.197849] Read of size 8 at addr ffff8881039ee378 by task kunit_try_catch/300 [ 16.198621] [ 16.198837] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.198892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.198907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.198930] Call Trace: [ 16.198944] <TASK> [ 16.198961] dump_stack_lvl+0x73/0xb0 [ 16.199153] print_report+0xd1/0x610 [ 16.199195] ? __virt_addr_valid+0x1db/0x2d0 [ 16.199236] ? copy_to_kernel_nofault+0x225/0x260 [ 16.199293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.199319] ? copy_to_kernel_nofault+0x225/0x260 [ 16.199356] kasan_report+0x141/0x180 [ 16.199379] ? copy_to_kernel_nofault+0x225/0x260 [ 16.199409] __asan_report_load8_noabort+0x18/0x20 [ 16.199434] copy_to_kernel_nofault+0x225/0x260 [ 16.199462] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.199506] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.199531] ? finish_task_switch.isra.0+0x153/0x700 [ 16.199557] ? __schedule+0x10cc/0x2b60 [ 16.199580] ? trace_hardirqs_on+0x37/0xe0 [ 16.199611] ? __pfx_read_tsc+0x10/0x10 [ 16.199634] ? ktime_get_ts64+0x86/0x230 [ 16.199661] kunit_try_run_case+0x1a5/0x480 [ 16.199688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.199711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.199736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.199760] ? __kthread_parkme+0x82/0x180 [ 16.199782] ? preempt_count_sub+0x50/0x80 [ 16.199806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.199831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.199855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.199880] kthread+0x337/0x6f0 [ 16.199901] ? trace_preempt_on+0x20/0xc0 [ 16.199924] ? __pfx_kthread+0x10/0x10 [ 16.199944] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.199967] ? calculate_sigpending+0x7b/0xa0 [ 16.199992] ? __pfx_kthread+0x10/0x10 [ 16.200035] ret_from_fork+0x116/0x1d0 [ 16.200055] ? __pfx_kthread+0x10/0x10 [ 16.200076] ret_from_fork_asm+0x1a/0x30 [ 16.200108] </TASK> [ 16.200120] [ 16.216192] Allocated by task 300: [ 16.216467] kasan_save_stack+0x45/0x70 [ 16.216798] kasan_save_track+0x18/0x40 [ 16.216948] kasan_save_alloc_info+0x3b/0x50 [ 16.217114] __kasan_kmalloc+0xb7/0xc0 [ 16.217248] __kmalloc_cache_noprof+0x189/0x420 [ 16.217556] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.217799] kunit_try_run_case+0x1a5/0x480 [ 16.218111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.218385] kthread+0x337/0x6f0 [ 16.218537] ret_from_fork+0x116/0x1d0 [ 16.218722] ret_from_fork_asm+0x1a/0x30 [ 16.218966] [ 16.219081] The buggy address belongs to the object at ffff8881039ee300 [ 16.219081] which belongs to the cache kmalloc-128 of size 128 [ 16.219648] The buggy address is located 0 bytes to the right of [ 16.219648] allocated 120-byte region [ffff8881039ee300, ffff8881039ee378) [ 16.220916] [ 16.221045] The buggy address belongs to the physical page: [ 16.221284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.221633] flags: 0x200000000000000(node=0|zone=2) [ 16.222058] page_type: f5(slab) [ 16.222230] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.222546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.222855] page dumped because: kasan: bad access detected [ 16.223252] [ 16.223361] Memory state around the buggy address: [ 16.223566] ffff8881039ee200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.223932] ffff8881039ee280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.224350] >ffff8881039ee300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.224749] ^ [ 16.225117] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.225451] ffff8881039ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.225801] ================================================================== [ 16.226484] ================================================================== [ 16.226823] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.227233] Write of size 8 at addr ffff8881039ee378 by task kunit_try_catch/300 [ 16.227729] [ 16.227843] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.227887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.227900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.227922] Call Trace: [ 16.227934] <TASK> [ 16.227950] dump_stack_lvl+0x73/0xb0 [ 16.227979] print_report+0xd1/0x610 [ 16.228000] ? __virt_addr_valid+0x1db/0x2d0 [ 16.228023] ? copy_to_kernel_nofault+0x99/0x260 [ 16.228047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.228071] ? copy_to_kernel_nofault+0x99/0x260 [ 16.228096] kasan_report+0x141/0x180 [ 16.228119] ? copy_to_kernel_nofault+0x99/0x260 [ 16.228148] kasan_check_range+0x10c/0x1c0 [ 16.228172] __kasan_check_write+0x18/0x20 [ 16.228193] copy_to_kernel_nofault+0x99/0x260 [ 16.228218] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.228243] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.228289] ? finish_task_switch.isra.0+0x153/0x700 [ 16.228330] ? __schedule+0x10cc/0x2b60 [ 16.228353] ? trace_hardirqs_on+0x37/0xe0 [ 16.228395] ? __pfx_read_tsc+0x10/0x10 [ 16.228417] ? ktime_get_ts64+0x86/0x230 [ 16.228442] kunit_try_run_case+0x1a5/0x480 [ 16.228466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.228531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.228555] ? __kthread_parkme+0x82/0x180 [ 16.228575] ? preempt_count_sub+0x50/0x80 [ 16.228599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.228623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.228648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.228673] kthread+0x337/0x6f0 [ 16.228693] ? trace_preempt_on+0x20/0xc0 [ 16.228714] ? __pfx_kthread+0x10/0x10 [ 16.228735] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.228757] ? calculate_sigpending+0x7b/0xa0 [ 16.228783] ? __pfx_kthread+0x10/0x10 [ 16.228805] ret_from_fork+0x116/0x1d0 [ 16.228838] ? __pfx_kthread+0x10/0x10 [ 16.228859] ret_from_fork_asm+0x1a/0x30 [ 16.228890] </TASK> [ 16.228900] [ 16.237187] Allocated by task 300: [ 16.237460] kasan_save_stack+0x45/0x70 [ 16.237627] kasan_save_track+0x18/0x40 [ 16.237765] kasan_save_alloc_info+0x3b/0x50 [ 16.237916] __kasan_kmalloc+0xb7/0xc0 [ 16.238145] __kmalloc_cache_noprof+0x189/0x420 [ 16.238378] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.238666] kunit_try_run_case+0x1a5/0x480 [ 16.239075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.239284] kthread+0x337/0x6f0 [ 16.239542] ret_from_fork+0x116/0x1d0 [ 16.239709] ret_from_fork_asm+0x1a/0x30 [ 16.239851] [ 16.239948] The buggy address belongs to the object at ffff8881039ee300 [ 16.239948] which belongs to the cache kmalloc-128 of size 128 [ 16.240714] The buggy address is located 0 bytes to the right of [ 16.240714] allocated 120-byte region [ffff8881039ee300, ffff8881039ee378) [ 16.241278] [ 16.241425] The buggy address belongs to the physical page: [ 16.241688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 16.242083] flags: 0x200000000000000(node=0|zone=2) [ 16.242269] page_type: f5(slab) [ 16.242408] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.242650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.242881] page dumped because: kasan: bad access detected [ 16.243053] [ 16.243241] Memory state around the buggy address: [ 16.243499] ffff8881039ee200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.243817] ffff8881039ee280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.244337] >ffff8881039ee300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.244668] ^ [ 16.244925] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245329] ffff8881039ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245760] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.687334] ================================================================== [ 14.687836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.688267] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.688502] [ 14.688624] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688700] Call Trace: [ 14.688790] <TASK> [ 14.688818] dump_stack_lvl+0x73/0xb0 [ 14.688847] print_report+0xd1/0x610 [ 14.688869] ? __virt_addr_valid+0x1db/0x2d0 [ 14.688892] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.688914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.688938] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.688967] kasan_report+0x141/0x180 [ 14.688989] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.689015] __asan_report_load4_noabort+0x18/0x20 [ 14.689039] kasan_atomics_helper+0x4b88/0x5450 [ 14.689139] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.689177] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.689200] ? trace_hardirqs_on+0x37/0xe0 [ 14.689223] ? kasan_atomics+0x152/0x310 [ 14.689249] kasan_atomics+0x1dc/0x310 [ 14.689272] ? __pfx_kasan_atomics+0x10/0x10 [ 14.689294] ? __pfx_kasan_atomics+0x10/0x10 [ 14.689331] kunit_try_run_case+0x1a5/0x480 [ 14.689354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689424] ? __kthread_parkme+0x82/0x180 [ 14.689443] ? preempt_count_sub+0x50/0x80 [ 14.689467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689581] kthread+0x337/0x6f0 [ 14.689601] ? trace_preempt_on+0x20/0xc0 [ 14.689622] ? __pfx_kthread+0x10/0x10 [ 14.689679] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689700] ? calculate_sigpending+0x7b/0xa0 [ 14.689735] ? __pfx_kthread+0x10/0x10 [ 14.689755] ret_from_fork+0x116/0x1d0 [ 14.689774] ? __pfx_kthread+0x10/0x10 [ 14.689794] ret_from_fork_asm+0x1a/0x30 [ 14.689824] </TASK> [ 14.689834] [ 14.698998] Allocated by task 284: [ 14.699444] kasan_save_stack+0x45/0x70 [ 14.699785] kasan_save_track+0x18/0x40 [ 14.700005] kasan_save_alloc_info+0x3b/0x50 [ 14.700337] __kasan_kmalloc+0xb7/0xc0 [ 14.700475] __kmalloc_cache_noprof+0x189/0x420 [ 14.700732] kasan_atomics+0x95/0x310 [ 14.700982] kunit_try_run_case+0x1a5/0x480 [ 14.701197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701411] kthread+0x337/0x6f0 [ 14.701535] ret_from_fork+0x116/0x1d0 [ 14.701838] ret_from_fork_asm+0x1a/0x30 [ 14.702103] [ 14.702253] The buggy address belongs to the object at ffff888103a28200 [ 14.702253] which belongs to the cache kmalloc-64 of size 64 [ 14.702771] The buggy address is located 0 bytes to the right of [ 14.702771] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.703528] [ 14.703628] The buggy address belongs to the physical page: [ 14.703880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.704195] flags: 0x200000000000000(node=0|zone=2) [ 14.704708] page_type: f5(slab) [ 14.704933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.705350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.705800] page dumped because: kasan: bad access detected [ 14.706010] [ 14.706132] Memory state around the buggy address: [ 14.706426] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.706829] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.707106] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.707605] ^ [ 14.707833] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.708232] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.708786] ================================================================== [ 14.859704] ================================================================== [ 14.860042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.860418] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.860907] [ 14.861092] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.861139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.861152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.861174] Call Trace: [ 14.861191] <TASK> [ 14.861219] dump_stack_lvl+0x73/0xb0 [ 14.861248] print_report+0xd1/0x610 [ 14.861272] ? __virt_addr_valid+0x1db/0x2d0 [ 14.861318] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.861349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.861373] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.861396] kasan_report+0x141/0x180 [ 14.861429] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.861457] kasan_check_range+0x10c/0x1c0 [ 14.861481] __kasan_check_write+0x18/0x20 [ 14.861514] kasan_atomics_helper+0x5fe/0x5450 [ 14.861537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.861560] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.861585] ? trace_hardirqs_on+0x37/0xe0 [ 14.861608] ? kasan_atomics+0x152/0x310 [ 14.861636] kasan_atomics+0x1dc/0x310 [ 14.861660] ? __pfx_kasan_atomics+0x10/0x10 [ 14.861684] ? __pfx_kasan_atomics+0x10/0x10 [ 14.861711] kunit_try_run_case+0x1a5/0x480 [ 14.861736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.861759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.861784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.861809] ? __kthread_parkme+0x82/0x180 [ 14.861829] ? preempt_count_sub+0x50/0x80 [ 14.861853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.861878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.861902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.861927] kthread+0x337/0x6f0 [ 14.861946] ? trace_preempt_on+0x20/0xc0 [ 14.861970] ? __pfx_kthread+0x10/0x10 [ 14.861990] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.862012] ? calculate_sigpending+0x7b/0xa0 [ 14.862036] ? __pfx_kthread+0x10/0x10 [ 14.862058] ret_from_fork+0x116/0x1d0 [ 14.862078] ? __pfx_kthread+0x10/0x10 [ 14.862108] ret_from_fork_asm+0x1a/0x30 [ 14.862153] </TASK> [ 14.862165] [ 14.870879] Allocated by task 284: [ 14.871266] kasan_save_stack+0x45/0x70 [ 14.871567] kasan_save_track+0x18/0x40 [ 14.871765] kasan_save_alloc_info+0x3b/0x50 [ 14.871978] __kasan_kmalloc+0xb7/0xc0 [ 14.872355] __kmalloc_cache_noprof+0x189/0x420 [ 14.872521] kasan_atomics+0x95/0x310 [ 14.872657] kunit_try_run_case+0x1a5/0x480 [ 14.872834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.873158] kthread+0x337/0x6f0 [ 14.873357] ret_from_fork+0x116/0x1d0 [ 14.873625] ret_from_fork_asm+0x1a/0x30 [ 14.873820] [ 14.873918] The buggy address belongs to the object at ffff888103a28200 [ 14.873918] which belongs to the cache kmalloc-64 of size 64 [ 14.874457] The buggy address is located 0 bytes to the right of [ 14.874457] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.875008] [ 14.875117] The buggy address belongs to the physical page: [ 14.875513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.875863] flags: 0x200000000000000(node=0|zone=2) [ 14.876233] page_type: f5(slab) [ 14.876425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.876804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.877144] page dumped because: kasan: bad access detected [ 14.877437] [ 14.877592] Memory state around the buggy address: [ 14.877797] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.878224] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.878642] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.878865] ^ [ 14.879024] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.879322] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.879635] ================================================================== [ 14.880068] ================================================================== [ 14.880738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.880981] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.881411] [ 14.881580] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.881624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881657] Call Trace: [ 14.881673] <TASK> [ 14.881688] dump_stack_lvl+0x73/0xb0 [ 14.881717] print_report+0xd1/0x610 [ 14.881738] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881760] ? kasan_atomics_helper+0x697/0x5450 [ 14.881782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881806] ? kasan_atomics_helper+0x697/0x5450 [ 14.881828] kasan_report+0x141/0x180 [ 14.881851] ? kasan_atomics_helper+0x697/0x5450 [ 14.881878] kasan_check_range+0x10c/0x1c0 [ 14.881902] __kasan_check_write+0x18/0x20 [ 14.881934] kasan_atomics_helper+0x697/0x5450 [ 14.881958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.881980] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.882016] ? trace_hardirqs_on+0x37/0xe0 [ 14.882039] ? kasan_atomics+0x152/0x310 [ 14.882066] kasan_atomics+0x1dc/0x310 [ 14.882089] ? __pfx_kasan_atomics+0x10/0x10 [ 14.882113] ? __pfx_kasan_atomics+0x10/0x10 [ 14.882230] kunit_try_run_case+0x1a5/0x480 [ 14.882256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.882322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.882346] ? __kthread_parkme+0x82/0x180 [ 14.882376] ? preempt_count_sub+0x50/0x80 [ 14.882402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882476] kthread+0x337/0x6f0 [ 14.882506] ? trace_preempt_on+0x20/0xc0 [ 14.882528] ? __pfx_kthread+0x10/0x10 [ 14.882549] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882581] ? calculate_sigpending+0x7b/0xa0 [ 14.882605] ? __pfx_kthread+0x10/0x10 [ 14.882626] ret_from_fork+0x116/0x1d0 [ 14.882646] ? __pfx_kthread+0x10/0x10 [ 14.882667] ret_from_fork_asm+0x1a/0x30 [ 14.882698] </TASK> [ 14.882707] [ 14.891096] Allocated by task 284: [ 14.891376] kasan_save_stack+0x45/0x70 [ 14.891681] kasan_save_track+0x18/0x40 [ 14.891857] kasan_save_alloc_info+0x3b/0x50 [ 14.892117] __kasan_kmalloc+0xb7/0xc0 [ 14.892287] __kmalloc_cache_noprof+0x189/0x420 [ 14.892710] kasan_atomics+0x95/0x310 [ 14.892919] kunit_try_run_case+0x1a5/0x480 [ 14.893155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.893477] kthread+0x337/0x6f0 [ 14.893641] ret_from_fork+0x116/0x1d0 [ 14.893776] ret_from_fork_asm+0x1a/0x30 [ 14.893999] [ 14.894170] The buggy address belongs to the object at ffff888103a28200 [ 14.894170] which belongs to the cache kmalloc-64 of size 64 [ 14.894755] The buggy address is located 0 bytes to the right of [ 14.894755] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.895405] [ 14.895528] The buggy address belongs to the physical page: [ 14.895737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.895983] flags: 0x200000000000000(node=0|zone=2) [ 14.896215] page_type: f5(slab) [ 14.896479] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.897283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.897674] page dumped because: kasan: bad access detected [ 14.897952] [ 14.898131] Memory state around the buggy address: [ 14.898375] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.898770] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.899063] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.899432] ^ [ 14.899707] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.899928] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.900248] ================================================================== [ 14.900824] ================================================================== [ 14.901339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.901675] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.901968] [ 14.902190] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.902235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.902246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.902287] Call Trace: [ 14.902301] <TASK> [ 14.902333] dump_stack_lvl+0x73/0xb0 [ 14.902361] print_report+0xd1/0x610 [ 14.902383] ? __virt_addr_valid+0x1db/0x2d0 [ 14.902406] ? kasan_atomics_helper+0x72f/0x5450 [ 14.902428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.902452] ? kasan_atomics_helper+0x72f/0x5450 [ 14.902475] kasan_report+0x141/0x180 [ 14.902498] ? kasan_atomics_helper+0x72f/0x5450 [ 14.902525] kasan_check_range+0x10c/0x1c0 [ 14.902559] __kasan_check_write+0x18/0x20 [ 14.902579] kasan_atomics_helper+0x72f/0x5450 [ 14.902602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.902635] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.902660] ? trace_hardirqs_on+0x37/0xe0 [ 14.902682] ? kasan_atomics+0x152/0x310 [ 14.902718] kasan_atomics+0x1dc/0x310 [ 14.902742] ? __pfx_kasan_atomics+0x10/0x10 [ 14.902766] ? __pfx_kasan_atomics+0x10/0x10 [ 14.902804] kunit_try_run_case+0x1a5/0x480 [ 14.902828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.902851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.902875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.902898] ? __kthread_parkme+0x82/0x180 [ 14.902919] ? preempt_count_sub+0x50/0x80 [ 14.902943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.902967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.902991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.903095] kthread+0x337/0x6f0 [ 14.903117] ? trace_preempt_on+0x20/0xc0 [ 14.903141] ? __pfx_kthread+0x10/0x10 [ 14.903162] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.903184] ? calculate_sigpending+0x7b/0xa0 [ 14.903208] ? __pfx_kthread+0x10/0x10 [ 14.903230] ret_from_fork+0x116/0x1d0 [ 14.903249] ? __pfx_kthread+0x10/0x10 [ 14.903270] ret_from_fork_asm+0x1a/0x30 [ 14.903301] </TASK> [ 14.903370] [ 14.913330] Allocated by task 284: [ 14.914045] kasan_save_stack+0x45/0x70 [ 14.914253] kasan_save_track+0x18/0x40 [ 14.914709] kasan_save_alloc_info+0x3b/0x50 [ 14.914961] __kasan_kmalloc+0xb7/0xc0 [ 14.915220] __kmalloc_cache_noprof+0x189/0x420 [ 14.915461] kasan_atomics+0x95/0x310 [ 14.915691] kunit_try_run_case+0x1a5/0x480 [ 14.915934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.916333] kthread+0x337/0x6f0 [ 14.916602] ret_from_fork+0x116/0x1d0 [ 14.916786] ret_from_fork_asm+0x1a/0x30 [ 14.917108] [ 14.917212] The buggy address belongs to the object at ffff888103a28200 [ 14.917212] which belongs to the cache kmalloc-64 of size 64 [ 14.917830] The buggy address is located 0 bytes to the right of [ 14.917830] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.919046] [ 14.919141] The buggy address belongs to the physical page: [ 14.919618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.919949] flags: 0x200000000000000(node=0|zone=2) [ 14.920344] page_type: f5(slab) [ 14.920634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.921031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.921454] page dumped because: kasan: bad access detected [ 14.921758] [ 14.921845] Memory state around the buggy address: [ 14.922320] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.922693] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.922911] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.923464] ^ [ 14.923720] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.924113] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.924522] ================================================================== [ 15.208803] ================================================================== [ 15.209265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.209918] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.210428] [ 15.210690] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.210739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.210766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.210788] Call Trace: [ 15.210804] <TASK> [ 15.210820] dump_stack_lvl+0x73/0xb0 [ 15.210848] print_report+0xd1/0x610 [ 15.210871] ? __virt_addr_valid+0x1db/0x2d0 [ 15.210893] ? kasan_atomics_helper+0xe78/0x5450 [ 15.210916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.210939] ? kasan_atomics_helper+0xe78/0x5450 [ 15.210962] kasan_report+0x141/0x180 [ 15.210984] ? kasan_atomics_helper+0xe78/0x5450 [ 15.211010] kasan_check_range+0x10c/0x1c0 [ 15.211034] __kasan_check_write+0x18/0x20 [ 15.211054] kasan_atomics_helper+0xe78/0x5450 [ 15.211077] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.211100] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.211124] ? trace_hardirqs_on+0x37/0xe0 [ 15.211147] ? kasan_atomics+0x152/0x310 [ 15.211174] kasan_atomics+0x1dc/0x310 [ 15.211197] ? __pfx_kasan_atomics+0x10/0x10 [ 15.211220] ? __pfx_kasan_atomics+0x10/0x10 [ 15.211247] kunit_try_run_case+0x1a5/0x480 [ 15.211271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.211331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.211356] ? __kthread_parkme+0x82/0x180 [ 15.211376] ? preempt_count_sub+0x50/0x80 [ 15.211401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.211450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.211475] kthread+0x337/0x6f0 [ 15.211678] ? trace_preempt_on+0x20/0xc0 [ 15.211704] ? __pfx_kthread+0x10/0x10 [ 15.211726] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.211748] ? calculate_sigpending+0x7b/0xa0 [ 15.211775] ? __pfx_kthread+0x10/0x10 [ 15.211796] ret_from_fork+0x116/0x1d0 [ 15.211815] ? __pfx_kthread+0x10/0x10 [ 15.211836] ret_from_fork_asm+0x1a/0x30 [ 15.211867] </TASK> [ 15.211878] [ 15.221686] Allocated by task 284: [ 15.222062] kasan_save_stack+0x45/0x70 [ 15.222338] kasan_save_track+0x18/0x40 [ 15.222491] kasan_save_alloc_info+0x3b/0x50 [ 15.222923] __kasan_kmalloc+0xb7/0xc0 [ 15.223177] __kmalloc_cache_noprof+0x189/0x420 [ 15.223361] kasan_atomics+0x95/0x310 [ 15.223758] kunit_try_run_case+0x1a5/0x480 [ 15.223952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224203] kthread+0x337/0x6f0 [ 15.224508] ret_from_fork+0x116/0x1d0 [ 15.224682] ret_from_fork_asm+0x1a/0x30 [ 15.224871] [ 15.224950] The buggy address belongs to the object at ffff888103a28200 [ 15.224950] which belongs to the cache kmalloc-64 of size 64 [ 15.225445] The buggy address is located 0 bytes to the right of [ 15.225445] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.226251] [ 15.226440] The buggy address belongs to the physical page: [ 15.226692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.227129] flags: 0x200000000000000(node=0|zone=2) [ 15.227436] page_type: f5(slab) [ 15.227572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.228006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.228404] page dumped because: kasan: bad access detected [ 15.228644] [ 15.228744] Memory state around the buggy address: [ 15.229152] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229437] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229855] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.230166] ^ [ 15.230389] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230842] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231221] ================================================================== [ 15.647927] ================================================================== [ 15.648298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.648675] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.649011] [ 15.649120] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.649164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.649177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.649198] Call Trace: [ 15.649213] <TASK> [ 15.649228] dump_stack_lvl+0x73/0xb0 [ 15.649256] print_report+0xd1/0x610 [ 15.649278] ? __virt_addr_valid+0x1db/0x2d0 [ 15.649301] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.649336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.649360] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.649383] kasan_report+0x141/0x180 [ 15.649406] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.649433] kasan_check_range+0x10c/0x1c0 [ 15.649458] __kasan_check_write+0x18/0x20 [ 15.649499] kasan_atomics_helper+0x16e7/0x5450 [ 15.649524] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.649547] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.649573] ? trace_hardirqs_on+0x37/0xe0 [ 15.649597] ? kasan_atomics+0x152/0x310 [ 15.649625] kasan_atomics+0x1dc/0x310 [ 15.649648] ? __pfx_kasan_atomics+0x10/0x10 [ 15.649673] ? __pfx_kasan_atomics+0x10/0x10 [ 15.649701] kunit_try_run_case+0x1a5/0x480 [ 15.649726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.649774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.649799] ? __kthread_parkme+0x82/0x180 [ 15.649820] ? preempt_count_sub+0x50/0x80 [ 15.649846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.649871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.649897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.649923] kthread+0x337/0x6f0 [ 15.649944] ? trace_preempt_on+0x20/0xc0 [ 15.649967] ? __pfx_kthread+0x10/0x10 [ 15.649988] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.650011] ? calculate_sigpending+0x7b/0xa0 [ 15.650035] ? __pfx_kthread+0x10/0x10 [ 15.650058] ret_from_fork+0x116/0x1d0 [ 15.650077] ? __pfx_kthread+0x10/0x10 [ 15.650098] ret_from_fork_asm+0x1a/0x30 [ 15.650129] </TASK> [ 15.650140] [ 15.657507] Allocated by task 284: [ 15.657687] kasan_save_stack+0x45/0x70 [ 15.657886] kasan_save_track+0x18/0x40 [ 15.658078] kasan_save_alloc_info+0x3b/0x50 [ 15.658294] __kasan_kmalloc+0xb7/0xc0 [ 15.658456] __kmalloc_cache_noprof+0x189/0x420 [ 15.658632] kasan_atomics+0x95/0x310 [ 15.658768] kunit_try_run_case+0x1a5/0x480 [ 15.658916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.659093] kthread+0x337/0x6f0 [ 15.659214] ret_from_fork+0x116/0x1d0 [ 15.659373] ret_from_fork_asm+0x1a/0x30 [ 15.659595] [ 15.659690] The buggy address belongs to the object at ffff888103a28200 [ 15.659690] which belongs to the cache kmalloc-64 of size 64 [ 15.660206] The buggy address is located 0 bytes to the right of [ 15.660206] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.660786] [ 15.660881] The buggy address belongs to the physical page: [ 15.661136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.661517] flags: 0x200000000000000(node=0|zone=2) [ 15.661753] page_type: f5(slab) [ 15.661920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.662227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.662541] page dumped because: kasan: bad access detected [ 15.662752] [ 15.662822] Memory state around the buggy address: [ 15.662978] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.663197] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.663471] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.663807] ^ [ 15.664032] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664371] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664717] ================================================================== [ 15.682407] ================================================================== [ 15.682783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.683144] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.683461] [ 15.683583] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.683627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.683639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.683659] Call Trace: [ 15.683675] <TASK> [ 15.683689] dump_stack_lvl+0x73/0xb0 [ 15.683717] print_report+0xd1/0x610 [ 15.683740] ? __virt_addr_valid+0x1db/0x2d0 [ 15.683762] ? kasan_atomics_helper+0x1818/0x5450 [ 15.683784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.683807] ? kasan_atomics_helper+0x1818/0x5450 [ 15.683830] kasan_report+0x141/0x180 [ 15.683853] ? kasan_atomics_helper+0x1818/0x5450 [ 15.683880] kasan_check_range+0x10c/0x1c0 [ 15.683904] __kasan_check_write+0x18/0x20 [ 15.683924] kasan_atomics_helper+0x1818/0x5450 [ 15.683947] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.683969] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.683994] ? trace_hardirqs_on+0x37/0xe0 [ 15.684016] ? kasan_atomics+0x152/0x310 [ 15.684043] kasan_atomics+0x1dc/0x310 [ 15.684066] ? __pfx_kasan_atomics+0x10/0x10 [ 15.684089] ? __pfx_kasan_atomics+0x10/0x10 [ 15.684117] kunit_try_run_case+0x1a5/0x480 [ 15.684142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684165] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.684189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.684214] ? __kthread_parkme+0x82/0x180 [ 15.684235] ? preempt_count_sub+0x50/0x80 [ 15.684259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.684309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.684343] kthread+0x337/0x6f0 [ 15.684363] ? trace_preempt_on+0x20/0xc0 [ 15.684386] ? __pfx_kthread+0x10/0x10 [ 15.684407] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.684429] ? calculate_sigpending+0x7b/0xa0 [ 15.684453] ? __pfx_kthread+0x10/0x10 [ 15.684475] ret_from_fork+0x116/0x1d0 [ 15.684514] ? __pfx_kthread+0x10/0x10 [ 15.684535] ret_from_fork_asm+0x1a/0x30 [ 15.684566] </TASK> [ 15.684577] [ 15.691778] Allocated by task 284: [ 15.691954] kasan_save_stack+0x45/0x70 [ 15.692100] kasan_save_track+0x18/0x40 [ 15.692237] kasan_save_alloc_info+0x3b/0x50 [ 15.692399] __kasan_kmalloc+0xb7/0xc0 [ 15.692553] __kmalloc_cache_noprof+0x189/0x420 [ 15.692713] kasan_atomics+0x95/0x310 [ 15.692847] kunit_try_run_case+0x1a5/0x480 [ 15.692999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.693177] kthread+0x337/0x6f0 [ 15.693328] ret_from_fork+0x116/0x1d0 [ 15.693535] ret_from_fork_asm+0x1a/0x30 [ 15.693730] [ 15.693823] The buggy address belongs to the object at ffff888103a28200 [ 15.693823] which belongs to the cache kmalloc-64 of size 64 [ 15.694348] The buggy address is located 0 bytes to the right of [ 15.694348] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.694913] [ 15.695007] The buggy address belongs to the physical page: [ 15.695254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.695544] flags: 0x200000000000000(node=0|zone=2) [ 15.695720] page_type: f5(slab) [ 15.695841] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.696075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.696391] page dumped because: kasan: bad access detected [ 15.696671] [ 15.696766] Memory state around the buggy address: [ 15.696995] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.697329] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.697677] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.697994] ^ [ 15.698219] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698569] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698885] ================================================================== [ 16.092170] ================================================================== [ 16.092600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.093045] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.093386] [ 16.093479] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.093574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.093589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.093621] Call Trace: [ 16.093637] <TASK> [ 16.093653] dump_stack_lvl+0x73/0xb0 [ 16.093682] print_report+0xd1/0x610 [ 16.093705] ? __virt_addr_valid+0x1db/0x2d0 [ 16.093728] ? kasan_atomics_helper+0x218a/0x5450 [ 16.093750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.093774] ? kasan_atomics_helper+0x218a/0x5450 [ 16.093797] kasan_report+0x141/0x180 [ 16.093853] ? kasan_atomics_helper+0x218a/0x5450 [ 16.093880] kasan_check_range+0x10c/0x1c0 [ 16.093915] __kasan_check_write+0x18/0x20 [ 16.093936] kasan_atomics_helper+0x218a/0x5450 [ 16.093959] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.093982] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.094007] ? trace_hardirqs_on+0x37/0xe0 [ 16.094029] ? kasan_atomics+0x152/0x310 [ 16.094056] kasan_atomics+0x1dc/0x310 [ 16.094078] ? __pfx_kasan_atomics+0x10/0x10 [ 16.094103] ? __pfx_kasan_atomics+0x10/0x10 [ 16.094159] kunit_try_run_case+0x1a5/0x480 [ 16.094184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.094253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.094278] ? __kthread_parkme+0x82/0x180 [ 16.094300] ? preempt_count_sub+0x50/0x80 [ 16.094333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.094407] kthread+0x337/0x6f0 [ 16.094455] ? trace_preempt_on+0x20/0xc0 [ 16.094478] ? __pfx_kthread+0x10/0x10 [ 16.094547] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.094569] ? calculate_sigpending+0x7b/0xa0 [ 16.094618] ? __pfx_kthread+0x10/0x10 [ 16.094640] ret_from_fork+0x116/0x1d0 [ 16.094660] ? __pfx_kthread+0x10/0x10 [ 16.094691] ret_from_fork_asm+0x1a/0x30 [ 16.094721] </TASK> [ 16.094731] [ 16.102903] Allocated by task 284: [ 16.103069] kasan_save_stack+0x45/0x70 [ 16.103304] kasan_save_track+0x18/0x40 [ 16.103518] kasan_save_alloc_info+0x3b/0x50 [ 16.103691] __kasan_kmalloc+0xb7/0xc0 [ 16.103827] __kmalloc_cache_noprof+0x189/0x420 [ 16.104100] kasan_atomics+0x95/0x310 [ 16.104361] kunit_try_run_case+0x1a5/0x480 [ 16.104664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.104877] kthread+0x337/0x6f0 [ 16.105013] ret_from_fork+0x116/0x1d0 [ 16.105204] ret_from_fork_asm+0x1a/0x30 [ 16.105458] [ 16.105607] The buggy address belongs to the object at ffff888103a28200 [ 16.105607] which belongs to the cache kmalloc-64 of size 64 [ 16.106070] The buggy address is located 0 bytes to the right of [ 16.106070] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.106769] [ 16.106877] The buggy address belongs to the physical page: [ 16.107051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.107456] flags: 0x200000000000000(node=0|zone=2) [ 16.107641] page_type: f5(slab) [ 16.107798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.108152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.108510] page dumped because: kasan: bad access detected [ 16.108741] [ 16.108836] Memory state around the buggy address: [ 16.109045] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.109273] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.109698] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.110094] ^ [ 16.110253] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.110576] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.110940] ================================================================== [ 16.156341] ================================================================== [ 16.156715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.157082] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.157437] [ 16.157549] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.157594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.157606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.157627] Call Trace: [ 16.157641] <TASK> [ 16.157655] dump_stack_lvl+0x73/0xb0 [ 16.157682] print_report+0xd1/0x610 [ 16.157703] ? __virt_addr_valid+0x1db/0x2d0 [ 16.157726] ? kasan_atomics_helper+0x5115/0x5450 [ 16.157749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.157772] ? kasan_atomics_helper+0x5115/0x5450 [ 16.157794] kasan_report+0x141/0x180 [ 16.157817] ? kasan_atomics_helper+0x5115/0x5450 [ 16.157844] __asan_report_load8_noabort+0x18/0x20 [ 16.157869] kasan_atomics_helper+0x5115/0x5450 [ 16.157892] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.157915] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.157939] ? trace_hardirqs_on+0x37/0xe0 [ 16.157961] ? kasan_atomics+0x152/0x310 [ 16.157988] kasan_atomics+0x1dc/0x310 [ 16.158011] ? __pfx_kasan_atomics+0x10/0x10 [ 16.158035] ? __pfx_kasan_atomics+0x10/0x10 [ 16.158062] kunit_try_run_case+0x1a5/0x480 [ 16.158086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.158109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.158133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.158158] ? __kthread_parkme+0x82/0x180 [ 16.158179] ? preempt_count_sub+0x50/0x80 [ 16.158204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.158228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.158253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.158278] kthread+0x337/0x6f0 [ 16.158299] ? trace_preempt_on+0x20/0xc0 [ 16.158377] ? __pfx_kthread+0x10/0x10 [ 16.158413] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.158471] ? calculate_sigpending+0x7b/0xa0 [ 16.158522] ? __pfx_kthread+0x10/0x10 [ 16.158545] ret_from_fork+0x116/0x1d0 [ 16.158565] ? __pfx_kthread+0x10/0x10 [ 16.158585] ret_from_fork_asm+0x1a/0x30 [ 16.158616] </TASK> [ 16.158626] [ 16.166824] Allocated by task 284: [ 16.166993] kasan_save_stack+0x45/0x70 [ 16.167201] kasan_save_track+0x18/0x40 [ 16.167389] kasan_save_alloc_info+0x3b/0x50 [ 16.167621] __kasan_kmalloc+0xb7/0xc0 [ 16.167776] __kmalloc_cache_noprof+0x189/0x420 [ 16.167975] kasan_atomics+0x95/0x310 [ 16.168170] kunit_try_run_case+0x1a5/0x480 [ 16.168363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.168650] kthread+0x337/0x6f0 [ 16.168776] ret_from_fork+0x116/0x1d0 [ 16.168964] ret_from_fork_asm+0x1a/0x30 [ 16.169248] [ 16.169375] The buggy address belongs to the object at ffff888103a28200 [ 16.169375] which belongs to the cache kmalloc-64 of size 64 [ 16.169877] The buggy address is located 0 bytes to the right of [ 16.169877] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.170421] [ 16.170511] The buggy address belongs to the physical page: [ 16.170685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.171080] flags: 0x200000000000000(node=0|zone=2) [ 16.171310] page_type: f5(slab) [ 16.171501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.171841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.172076] page dumped because: kasan: bad access detected [ 16.172304] [ 16.172442] Memory state around the buggy address: [ 16.172780] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.173093] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.173383] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.173754] ^ [ 16.174044] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.174273] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.174675] ================================================================== [ 15.520631] ================================================================== [ 15.520873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.521117] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.521708] [ 15.522341] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.522394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.522408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.522429] Call Trace: [ 15.522452] <TASK> [ 15.522467] dump_stack_lvl+0x73/0xb0 [ 15.522496] print_report+0xd1/0x610 [ 15.522519] ? __virt_addr_valid+0x1db/0x2d0 [ 15.522541] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.522564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.522586] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.522623] kasan_report+0x141/0x180 [ 15.522646] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.522673] __asan_report_load8_noabort+0x18/0x20 [ 15.522698] kasan_atomics_helper+0x4eae/0x5450 [ 15.522721] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.522744] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.522768] ? trace_hardirqs_on+0x37/0xe0 [ 15.522791] ? kasan_atomics+0x152/0x310 [ 15.522817] kasan_atomics+0x1dc/0x310 [ 15.522841] ? __pfx_kasan_atomics+0x10/0x10 [ 15.522864] ? __pfx_kasan_atomics+0x10/0x10 [ 15.522890] kunit_try_run_case+0x1a5/0x480 [ 15.522914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.522937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.522961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.522986] ? __kthread_parkme+0x82/0x180 [ 15.523007] ? preempt_count_sub+0x50/0x80 [ 15.523032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.523056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.523080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.523106] kthread+0x337/0x6f0 [ 15.523125] ? trace_preempt_on+0x20/0xc0 [ 15.523148] ? __pfx_kthread+0x10/0x10 [ 15.523168] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.523191] ? calculate_sigpending+0x7b/0xa0 [ 15.523215] ? __pfx_kthread+0x10/0x10 [ 15.523237] ret_from_fork+0x116/0x1d0 [ 15.523256] ? __pfx_kthread+0x10/0x10 [ 15.523279] ret_from_fork_asm+0x1a/0x30 [ 15.523311] </TASK> [ 15.523331] [ 15.532327] Allocated by task 284: [ 15.532542] kasan_save_stack+0x45/0x70 [ 15.532765] kasan_save_track+0x18/0x40 [ 15.532962] kasan_save_alloc_info+0x3b/0x50 [ 15.533148] __kasan_kmalloc+0xb7/0xc0 [ 15.533337] __kmalloc_cache_noprof+0x189/0x420 [ 15.533590] kasan_atomics+0x95/0x310 [ 15.533770] kunit_try_run_case+0x1a5/0x480 [ 15.533950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534202] kthread+0x337/0x6f0 [ 15.534373] ret_from_fork+0x116/0x1d0 [ 15.534580] ret_from_fork_asm+0x1a/0x30 [ 15.534780] [ 15.534886] The buggy address belongs to the object at ffff888103a28200 [ 15.534886] which belongs to the cache kmalloc-64 of size 64 [ 15.535450] The buggy address is located 0 bytes to the right of [ 15.535450] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.535978] [ 15.536071] The buggy address belongs to the physical page: [ 15.536290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.536533] flags: 0x200000000000000(node=0|zone=2) [ 15.536691] page_type: f5(slab) [ 15.536868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.537229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.537666] page dumped because: kasan: bad access detected [ 15.537919] [ 15.538024] Memory state around the buggy address: [ 15.538206] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.538553] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.538849] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.539120] ^ [ 15.539353] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.539677] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.539997] ================================================================== [ 15.591937] ================================================================== [ 15.592186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.592817] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.593438] [ 15.593635] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.593679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.593691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.593713] Call Trace: [ 15.593730] <TASK> [ 15.593746] dump_stack_lvl+0x73/0xb0 [ 15.593776] print_report+0xd1/0x610 [ 15.593798] ? __virt_addr_valid+0x1db/0x2d0 [ 15.593821] ? kasan_atomics_helper+0x151d/0x5450 [ 15.593843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.593867] ? kasan_atomics_helper+0x151d/0x5450 [ 15.593890] kasan_report+0x141/0x180 [ 15.593912] ? kasan_atomics_helper+0x151d/0x5450 [ 15.593939] kasan_check_range+0x10c/0x1c0 [ 15.593963] __kasan_check_write+0x18/0x20 [ 15.593983] kasan_atomics_helper+0x151d/0x5450 [ 15.594006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.594030] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.594055] ? trace_hardirqs_on+0x37/0xe0 [ 15.594078] ? kasan_atomics+0x152/0x310 [ 15.594105] kasan_atomics+0x1dc/0x310 [ 15.594128] ? __pfx_kasan_atomics+0x10/0x10 [ 15.594152] ? __pfx_kasan_atomics+0x10/0x10 [ 15.594179] kunit_try_run_case+0x1a5/0x480 [ 15.594205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.594253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.594278] ? __kthread_parkme+0x82/0x180 [ 15.594300] ? preempt_count_sub+0x50/0x80 [ 15.594335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.594387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.594412] kthread+0x337/0x6f0 [ 15.594432] ? trace_preempt_on+0x20/0xc0 [ 15.594455] ? __pfx_kthread+0x10/0x10 [ 15.594496] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.594520] ? calculate_sigpending+0x7b/0xa0 [ 15.594545] ? __pfx_kthread+0x10/0x10 [ 15.594566] ret_from_fork+0x116/0x1d0 [ 15.594586] ? __pfx_kthread+0x10/0x10 [ 15.594606] ret_from_fork_asm+0x1a/0x30 [ 15.594637] </TASK> [ 15.594647] [ 15.605307] Allocated by task 284: [ 15.605524] kasan_save_stack+0x45/0x70 [ 15.605724] kasan_save_track+0x18/0x40 [ 15.605898] kasan_save_alloc_info+0x3b/0x50 [ 15.606090] __kasan_kmalloc+0xb7/0xc0 [ 15.606278] __kmalloc_cache_noprof+0x189/0x420 [ 15.606516] kasan_atomics+0x95/0x310 [ 15.606681] kunit_try_run_case+0x1a5/0x480 [ 15.606875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.607085] kthread+0x337/0x6f0 [ 15.607247] ret_from_fork+0x116/0x1d0 [ 15.607432] ret_from_fork_asm+0x1a/0x30 [ 15.607634] [ 15.607729] The buggy address belongs to the object at ffff888103a28200 [ 15.607729] which belongs to the cache kmalloc-64 of size 64 [ 15.608189] The buggy address is located 0 bytes to the right of [ 15.608189] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.608613] [ 15.608685] The buggy address belongs to the physical page: [ 15.608858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.609182] flags: 0x200000000000000(node=0|zone=2) [ 15.609422] page_type: f5(slab) [ 15.609613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.609949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.610275] page dumped because: kasan: bad access detected [ 15.610555] [ 15.610625] Memory state around the buggy address: [ 15.610852] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.611074] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.611322] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.611667] ^ [ 15.611895] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.612216] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.612524] ================================================================== [ 15.754644] ================================================================== [ 15.755074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.755571] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.756238] [ 15.756371] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.756548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.756563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.756583] Call Trace: [ 15.756600] <TASK> [ 15.756615] dump_stack_lvl+0x73/0xb0 [ 15.756680] print_report+0xd1/0x610 [ 15.756702] ? __virt_addr_valid+0x1db/0x2d0 [ 15.756727] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.756751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.756777] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.756800] kasan_report+0x141/0x180 [ 15.756822] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.756849] kasan_check_range+0x10c/0x1c0 [ 15.756874] __kasan_check_write+0x18/0x20 [ 15.756895] kasan_atomics_helper+0x1a7f/0x5450 [ 15.756919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.756942] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.756975] ? trace_hardirqs_on+0x37/0xe0 [ 15.756997] ? kasan_atomics+0x152/0x310 [ 15.757025] kasan_atomics+0x1dc/0x310 [ 15.757049] ? __pfx_kasan_atomics+0x10/0x10 [ 15.757073] ? __pfx_kasan_atomics+0x10/0x10 [ 15.757100] kunit_try_run_case+0x1a5/0x480 [ 15.757126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.757149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.757173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.757198] ? __kthread_parkme+0x82/0x180 [ 15.757220] ? preempt_count_sub+0x50/0x80 [ 15.757244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.757270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.757295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.757332] kthread+0x337/0x6f0 [ 15.757352] ? trace_preempt_on+0x20/0xc0 [ 15.757376] ? __pfx_kthread+0x10/0x10 [ 15.757397] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.757419] ? calculate_sigpending+0x7b/0xa0 [ 15.757444] ? __pfx_kthread+0x10/0x10 [ 15.757466] ret_from_fork+0x116/0x1d0 [ 15.757512] ? __pfx_kthread+0x10/0x10 [ 15.757533] ret_from_fork_asm+0x1a/0x30 [ 15.757565] </TASK> [ 15.757576] [ 15.768907] Allocated by task 284: [ 15.769221] kasan_save_stack+0x45/0x70 [ 15.769741] kasan_save_track+0x18/0x40 [ 15.769890] kasan_save_alloc_info+0x3b/0x50 [ 15.770044] __kasan_kmalloc+0xb7/0xc0 [ 15.770180] __kmalloc_cache_noprof+0x189/0x420 [ 15.770352] kasan_atomics+0x95/0x310 [ 15.771014] kunit_try_run_case+0x1a5/0x480 [ 15.771429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.771698] kthread+0x337/0x6f0 [ 15.772172] ret_from_fork+0x116/0x1d0 [ 15.772663] ret_from_fork_asm+0x1a/0x30 [ 15.773212] [ 15.773497] The buggy address belongs to the object at ffff888103a28200 [ 15.773497] which belongs to the cache kmalloc-64 of size 64 [ 15.774089] The buggy address is located 0 bytes to the right of [ 15.774089] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.774474] [ 15.774653] The buggy address belongs to the physical page: [ 15.775413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.776229] flags: 0x200000000000000(node=0|zone=2) [ 15.776792] page_type: f5(slab) [ 15.777194] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.777972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.778352] page dumped because: kasan: bad access detected [ 15.778928] [ 15.779091] Memory state around the buggy address: [ 15.779523] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.779853] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.780550] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.780784] ^ [ 15.780940] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781158] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781384] ================================================================== [ 15.350276] ================================================================== [ 15.350940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.351464] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.351934] [ 15.352055] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.352103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.352115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.352135] Call Trace: [ 15.352151] <TASK> [ 15.352165] dump_stack_lvl+0x73/0xb0 [ 15.352195] print_report+0xd1/0x610 [ 15.352217] ? __virt_addr_valid+0x1db/0x2d0 [ 15.352240] ? kasan_atomics_helper+0x1148/0x5450 [ 15.352262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.352286] ? kasan_atomics_helper+0x1148/0x5450 [ 15.352308] kasan_report+0x141/0x180 [ 15.352344] ? kasan_atomics_helper+0x1148/0x5450 [ 15.352372] kasan_check_range+0x10c/0x1c0 [ 15.352397] __kasan_check_write+0x18/0x20 [ 15.352417] kasan_atomics_helper+0x1148/0x5450 [ 15.352441] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.352464] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.352489] ? trace_hardirqs_on+0x37/0xe0 [ 15.352511] ? kasan_atomics+0x152/0x310 [ 15.352539] kasan_atomics+0x1dc/0x310 [ 15.352561] ? __pfx_kasan_atomics+0x10/0x10 [ 15.352585] ? __pfx_kasan_atomics+0x10/0x10 [ 15.352613] kunit_try_run_case+0x1a5/0x480 [ 15.352637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.352685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.352709] ? __kthread_parkme+0x82/0x180 [ 15.352730] ? preempt_count_sub+0x50/0x80 [ 15.352755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.352779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.352806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.352831] kthread+0x337/0x6f0 [ 15.352851] ? trace_preempt_on+0x20/0xc0 [ 15.352874] ? __pfx_kthread+0x10/0x10 [ 15.352894] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.352916] ? calculate_sigpending+0x7b/0xa0 [ 15.352941] ? __pfx_kthread+0x10/0x10 [ 15.352970] ret_from_fork+0x116/0x1d0 [ 15.352989] ? __pfx_kthread+0x10/0x10 [ 15.353011] ret_from_fork_asm+0x1a/0x30 [ 15.353042] </TASK> [ 15.353052] [ 15.363656] Allocated by task 284: [ 15.363847] kasan_save_stack+0x45/0x70 [ 15.364167] kasan_save_track+0x18/0x40 [ 15.364351] kasan_save_alloc_info+0x3b/0x50 [ 15.364787] __kasan_kmalloc+0xb7/0xc0 [ 15.364982] __kmalloc_cache_noprof+0x189/0x420 [ 15.365169] kasan_atomics+0x95/0x310 [ 15.365502] kunit_try_run_case+0x1a5/0x480 [ 15.365824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.366169] kthread+0x337/0x6f0 [ 15.366494] ret_from_fork+0x116/0x1d0 [ 15.366677] ret_from_fork_asm+0x1a/0x30 [ 15.366881] [ 15.366968] The buggy address belongs to the object at ffff888103a28200 [ 15.366968] which belongs to the cache kmalloc-64 of size 64 [ 15.367480] The buggy address is located 0 bytes to the right of [ 15.367480] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.367975] [ 15.368061] The buggy address belongs to the physical page: [ 15.368298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.369067] flags: 0x200000000000000(node=0|zone=2) [ 15.369414] page_type: f5(slab) [ 15.369629] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.370102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.370512] page dumped because: kasan: bad access detected [ 15.370858] [ 15.370940] Memory state around the buggy address: [ 15.371306] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.371813] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.372183] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.372623] ^ [ 15.372861] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373170] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373731] ================================================================== [ 15.183662] ================================================================== [ 15.183978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.185259] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.185697] [ 15.185805] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.185851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.185863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.185885] Call Trace: [ 15.185900] <TASK> [ 15.185916] dump_stack_lvl+0x73/0xb0 [ 15.185946] print_report+0xd1/0x610 [ 15.185968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.185991] ? kasan_atomics_helper+0xde0/0x5450 [ 15.186013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.186037] ? kasan_atomics_helper+0xde0/0x5450 [ 15.186059] kasan_report+0x141/0x180 [ 15.186081] ? kasan_atomics_helper+0xde0/0x5450 [ 15.186108] kasan_check_range+0x10c/0x1c0 [ 15.186132] __kasan_check_write+0x18/0x20 [ 15.186152] kasan_atomics_helper+0xde0/0x5450 [ 15.186175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.186198] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.186223] ? trace_hardirqs_on+0x37/0xe0 [ 15.186245] ? kasan_atomics+0x152/0x310 [ 15.186272] kasan_atomics+0x1dc/0x310 [ 15.186295] ? __pfx_kasan_atomics+0x10/0x10 [ 15.186329] ? __pfx_kasan_atomics+0x10/0x10 [ 15.186357] kunit_try_run_case+0x1a5/0x480 [ 15.186382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.186406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.186431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.186480] ? __kthread_parkme+0x82/0x180 [ 15.186501] ? preempt_count_sub+0x50/0x80 [ 15.186539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.186577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.186645] kthread+0x337/0x6f0 [ 15.186664] ? trace_preempt_on+0x20/0xc0 [ 15.186687] ? __pfx_kthread+0x10/0x10 [ 15.186708] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.186731] ? calculate_sigpending+0x7b/0xa0 [ 15.186756] ? __pfx_kthread+0x10/0x10 [ 15.186777] ret_from_fork+0x116/0x1d0 [ 15.186797] ? __pfx_kthread+0x10/0x10 [ 15.186817] ret_from_fork_asm+0x1a/0x30 [ 15.186849] </TASK> [ 15.186859] [ 15.197368] Allocated by task 284: [ 15.197848] kasan_save_stack+0x45/0x70 [ 15.198049] kasan_save_track+0x18/0x40 [ 15.198291] kasan_save_alloc_info+0x3b/0x50 [ 15.198662] __kasan_kmalloc+0xb7/0xc0 [ 15.198952] __kmalloc_cache_noprof+0x189/0x420 [ 15.199183] kasan_atomics+0x95/0x310 [ 15.199396] kunit_try_run_case+0x1a5/0x480 [ 15.199764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.200123] kthread+0x337/0x6f0 [ 15.200381] ret_from_fork+0x116/0x1d0 [ 15.200702] ret_from_fork_asm+0x1a/0x30 [ 15.200916] [ 15.201145] The buggy address belongs to the object at ffff888103a28200 [ 15.201145] which belongs to the cache kmalloc-64 of size 64 [ 15.201819] The buggy address is located 0 bytes to the right of [ 15.201819] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.202508] [ 15.202616] The buggy address belongs to the physical page: [ 15.202894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.203332] flags: 0x200000000000000(node=0|zone=2) [ 15.203821] page_type: f5(slab) [ 15.203989] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.204386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.204883] page dumped because: kasan: bad access detected [ 15.205168] [ 15.205384] Memory state around the buggy address: [ 15.205745] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.206050] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.206491] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.206868] ^ [ 15.207201] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207640] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.208048] ================================================================== [ 16.138255] ================================================================== [ 16.138656] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.138990] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.139335] [ 16.139424] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.139468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.139481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.139531] Call Trace: [ 16.139548] <TASK> [ 16.139564] dump_stack_lvl+0x73/0xb0 [ 16.139592] print_report+0xd1/0x610 [ 16.139626] ? __virt_addr_valid+0x1db/0x2d0 [ 16.139648] ? kasan_atomics_helper+0x224c/0x5450 [ 16.139671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.139703] ? kasan_atomics_helper+0x224c/0x5450 [ 16.139725] kasan_report+0x141/0x180 [ 16.139747] ? kasan_atomics_helper+0x224c/0x5450 [ 16.139785] kasan_check_range+0x10c/0x1c0 [ 16.139809] __kasan_check_write+0x18/0x20 [ 16.139829] kasan_atomics_helper+0x224c/0x5450 [ 16.139852] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.139875] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.139899] ? trace_hardirqs_on+0x37/0xe0 [ 16.139931] ? kasan_atomics+0x152/0x310 [ 16.139957] kasan_atomics+0x1dc/0x310 [ 16.139980] ? __pfx_kasan_atomics+0x10/0x10 [ 16.140015] ? __pfx_kasan_atomics+0x10/0x10 [ 16.140042] kunit_try_run_case+0x1a5/0x480 [ 16.140067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.140089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.140123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.140149] ? __kthread_parkme+0x82/0x180 [ 16.140179] ? preempt_count_sub+0x50/0x80 [ 16.140203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.140228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.140253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.140278] kthread+0x337/0x6f0 [ 16.140297] ? trace_preempt_on+0x20/0xc0 [ 16.140328] ? __pfx_kthread+0x10/0x10 [ 16.140349] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.140371] ? calculate_sigpending+0x7b/0xa0 [ 16.140404] ? __pfx_kthread+0x10/0x10 [ 16.140426] ret_from_fork+0x116/0x1d0 [ 16.140445] ? __pfx_kthread+0x10/0x10 [ 16.140475] ret_from_fork_asm+0x1a/0x30 [ 16.140523] </TASK> [ 16.140533] [ 16.147921] Allocated by task 284: [ 16.148102] kasan_save_stack+0x45/0x70 [ 16.148292] kasan_save_track+0x18/0x40 [ 16.148499] kasan_save_alloc_info+0x3b/0x50 [ 16.148711] __kasan_kmalloc+0xb7/0xc0 [ 16.148898] __kmalloc_cache_noprof+0x189/0x420 [ 16.149135] kasan_atomics+0x95/0x310 [ 16.149406] kunit_try_run_case+0x1a5/0x480 [ 16.149666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.149888] kthread+0x337/0x6f0 [ 16.150012] ret_from_fork+0x116/0x1d0 [ 16.150144] ret_from_fork_asm+0x1a/0x30 [ 16.150284] [ 16.150365] The buggy address belongs to the object at ffff888103a28200 [ 16.150365] which belongs to the cache kmalloc-64 of size 64 [ 16.150784] The buggy address is located 0 bytes to the right of [ 16.150784] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.151415] [ 16.151538] The buggy address belongs to the physical page: [ 16.151794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.152158] flags: 0x200000000000000(node=0|zone=2) [ 16.152360] page_type: f5(slab) [ 16.152504] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.152892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.153264] page dumped because: kasan: bad access detected [ 16.153550] [ 16.153622] Memory state around the buggy address: [ 16.153780] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.153999] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.154217] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.154535] ^ [ 16.154762] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155083] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155407] ================================================================== [ 15.302573] ================================================================== [ 15.302828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.303594] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.304056] [ 15.304338] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.304389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.304401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.304422] Call Trace: [ 15.304439] <TASK> [ 15.304453] dump_stack_lvl+0x73/0xb0 [ 15.304483] print_report+0xd1/0x610 [ 15.304519] ? __virt_addr_valid+0x1db/0x2d0 [ 15.304540] ? kasan_atomics_helper+0x1079/0x5450 [ 15.304562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.304586] ? kasan_atomics_helper+0x1079/0x5450 [ 15.304608] kasan_report+0x141/0x180 [ 15.304630] ? kasan_atomics_helper+0x1079/0x5450 [ 15.304658] kasan_check_range+0x10c/0x1c0 [ 15.304682] __kasan_check_write+0x18/0x20 [ 15.304701] kasan_atomics_helper+0x1079/0x5450 [ 15.304725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.304748] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.304772] ? trace_hardirqs_on+0x37/0xe0 [ 15.304794] ? kasan_atomics+0x152/0x310 [ 15.304821] kasan_atomics+0x1dc/0x310 [ 15.304844] ? __pfx_kasan_atomics+0x10/0x10 [ 15.304869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.304897] kunit_try_run_case+0x1a5/0x480 [ 15.304921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.304944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.304974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.304999] ? __kthread_parkme+0x82/0x180 [ 15.305019] ? preempt_count_sub+0x50/0x80 [ 15.305044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.305069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.305093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.305118] kthread+0x337/0x6f0 [ 15.305138] ? trace_preempt_on+0x20/0xc0 [ 15.305161] ? __pfx_kthread+0x10/0x10 [ 15.305182] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.305204] ? calculate_sigpending+0x7b/0xa0 [ 15.305229] ? __pfx_kthread+0x10/0x10 [ 15.305251] ret_from_fork+0x116/0x1d0 [ 15.305270] ? __pfx_kthread+0x10/0x10 [ 15.305290] ret_from_fork_asm+0x1a/0x30 [ 15.305332] </TASK> [ 15.305343] [ 15.315436] Allocated by task 284: [ 15.315609] kasan_save_stack+0x45/0x70 [ 15.316245] kasan_save_track+0x18/0x40 [ 15.316494] kasan_save_alloc_info+0x3b/0x50 [ 15.316782] __kasan_kmalloc+0xb7/0xc0 [ 15.317063] __kmalloc_cache_noprof+0x189/0x420 [ 15.317392] kasan_atomics+0x95/0x310 [ 15.317598] kunit_try_run_case+0x1a5/0x480 [ 15.317886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.318101] kthread+0x337/0x6f0 [ 15.318274] ret_from_fork+0x116/0x1d0 [ 15.318471] ret_from_fork_asm+0x1a/0x30 [ 15.318881] [ 15.318986] The buggy address belongs to the object at ffff888103a28200 [ 15.318986] which belongs to the cache kmalloc-64 of size 64 [ 15.319600] The buggy address is located 0 bytes to the right of [ 15.319600] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.320183] [ 15.320273] The buggy address belongs to the physical page: [ 15.320761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.321092] flags: 0x200000000000000(node=0|zone=2) [ 15.321420] page_type: f5(slab) [ 15.321646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.322109] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.322577] page dumped because: kasan: bad access detected [ 15.322922] [ 15.323022] Memory state around the buggy address: [ 15.323381] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.323816] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.324216] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.324693] ^ [ 15.324992] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325382] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325827] ================================================================== [ 14.925759] ================================================================== [ 14.926329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.926882] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.927331] [ 14.927481] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.927537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.927549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.927570] Call Trace: [ 14.927612] <TASK> [ 14.927628] dump_stack_lvl+0x73/0xb0 [ 14.927658] print_report+0xd1/0x610 [ 14.927692] ? __virt_addr_valid+0x1db/0x2d0 [ 14.927714] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.927737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.927761] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.927802] kasan_report+0x141/0x180 [ 14.927834] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.927861] kasan_check_range+0x10c/0x1c0 [ 14.927895] __kasan_check_write+0x18/0x20 [ 14.927916] kasan_atomics_helper+0x7c7/0x5450 [ 14.927939] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.927988] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.928013] ? trace_hardirqs_on+0x37/0xe0 [ 14.928076] ? kasan_atomics+0x152/0x310 [ 14.928104] kasan_atomics+0x1dc/0x310 [ 14.928128] ? __pfx_kasan_atomics+0x10/0x10 [ 14.928270] ? __pfx_kasan_atomics+0x10/0x10 [ 14.928298] kunit_try_run_case+0x1a5/0x480 [ 14.928336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.928360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.928385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.928410] ? __kthread_parkme+0x82/0x180 [ 14.928431] ? preempt_count_sub+0x50/0x80 [ 14.928456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.928481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.928543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.928569] kthread+0x337/0x6f0 [ 14.928588] ? trace_preempt_on+0x20/0xc0 [ 14.928622] ? __pfx_kthread+0x10/0x10 [ 14.928644] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.928681] ? calculate_sigpending+0x7b/0xa0 [ 14.928706] ? __pfx_kthread+0x10/0x10 [ 14.928737] ret_from_fork+0x116/0x1d0 [ 14.928757] ? __pfx_kthread+0x10/0x10 [ 14.928778] ret_from_fork_asm+0x1a/0x30 [ 14.928819] </TASK> [ 14.928830] [ 14.938785] Allocated by task 284: [ 14.938960] kasan_save_stack+0x45/0x70 [ 14.939408] kasan_save_track+0x18/0x40 [ 14.939729] kasan_save_alloc_info+0x3b/0x50 [ 14.939951] __kasan_kmalloc+0xb7/0xc0 [ 14.940232] __kmalloc_cache_noprof+0x189/0x420 [ 14.940675] kasan_atomics+0x95/0x310 [ 14.940887] kunit_try_run_case+0x1a5/0x480 [ 14.941137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.941621] kthread+0x337/0x6f0 [ 14.941828] ret_from_fork+0x116/0x1d0 [ 14.942028] ret_from_fork_asm+0x1a/0x30 [ 14.942534] [ 14.942659] The buggy address belongs to the object at ffff888103a28200 [ 14.942659] which belongs to the cache kmalloc-64 of size 64 [ 14.943197] The buggy address is located 0 bytes to the right of [ 14.943197] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.943740] [ 14.943826] The buggy address belongs to the physical page: [ 14.944001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.944571] flags: 0x200000000000000(node=0|zone=2) [ 14.944797] page_type: f5(slab) [ 14.945012] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.945482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.945879] page dumped because: kasan: bad access detected [ 14.946153] [ 14.946385] Memory state around the buggy address: [ 14.946639] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.946977] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.947473] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.947824] ^ [ 14.948062] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.948477] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.948844] ================================================================== [ 16.073810] ================================================================== [ 16.074165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.074607] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.074892] [ 16.075003] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.075078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.075090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.075132] Call Trace: [ 16.075147] <TASK> [ 16.075160] dump_stack_lvl+0x73/0xb0 [ 16.075187] print_report+0xd1/0x610 [ 16.075210] ? __virt_addr_valid+0x1db/0x2d0 [ 16.075232] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.075254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.075278] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.075300] kasan_report+0x141/0x180 [ 16.075331] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.075358] __asan_report_load8_noabort+0x18/0x20 [ 16.075383] kasan_atomics_helper+0x4fb2/0x5450 [ 16.075406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.075458] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.075532] ? trace_hardirqs_on+0x37/0xe0 [ 16.075556] ? kasan_atomics+0x152/0x310 [ 16.075583] kasan_atomics+0x1dc/0x310 [ 16.075618] ? __pfx_kasan_atomics+0x10/0x10 [ 16.075642] ? __pfx_kasan_atomics+0x10/0x10 [ 16.075669] kunit_try_run_case+0x1a5/0x480 [ 16.075694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.075771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.075796] ? __kthread_parkme+0x82/0x180 [ 16.075827] ? preempt_count_sub+0x50/0x80 [ 16.075852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.075876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.075901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.075925] kthread+0x337/0x6f0 [ 16.075973] ? trace_preempt_on+0x20/0xc0 [ 16.075995] ? __pfx_kthread+0x10/0x10 [ 16.076016] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.076049] ? calculate_sigpending+0x7b/0xa0 [ 16.076074] ? __pfx_kthread+0x10/0x10 [ 16.076095] ret_from_fork+0x116/0x1d0 [ 16.076114] ? __pfx_kthread+0x10/0x10 [ 16.076134] ret_from_fork_asm+0x1a/0x30 [ 16.076164] </TASK> [ 16.076175] [ 16.083861] Allocated by task 284: [ 16.084037] kasan_save_stack+0x45/0x70 [ 16.084233] kasan_save_track+0x18/0x40 [ 16.084433] kasan_save_alloc_info+0x3b/0x50 [ 16.084645] __kasan_kmalloc+0xb7/0xc0 [ 16.084818] __kmalloc_cache_noprof+0x189/0x420 [ 16.085047] kasan_atomics+0x95/0x310 [ 16.085222] kunit_try_run_case+0x1a5/0x480 [ 16.085415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.085656] kthread+0x337/0x6f0 [ 16.085821] ret_from_fork+0x116/0x1d0 [ 16.085988] ret_from_fork_asm+0x1a/0x30 [ 16.086162] [ 16.086259] The buggy address belongs to the object at ffff888103a28200 [ 16.086259] which belongs to the cache kmalloc-64 of size 64 [ 16.086776] The buggy address is located 0 bytes to the right of [ 16.086776] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.087207] [ 16.087303] The buggy address belongs to the physical page: [ 16.087628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.087950] flags: 0x200000000000000(node=0|zone=2) [ 16.088112] page_type: f5(slab) [ 16.088278] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.088664] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.089001] page dumped because: kasan: bad access detected [ 16.089300] [ 16.089411] Memory state around the buggy address: [ 16.089665] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.089887] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.090103] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.090426] ^ [ 16.090720] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.091047] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.091455] ================================================================== [ 15.398337] ================================================================== [ 15.399339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.399837] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.400222] [ 15.400573] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.400623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.400637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.400659] Call Trace: [ 15.400674] <TASK> [ 15.400688] dump_stack_lvl+0x73/0xb0 [ 15.400717] print_report+0xd1/0x610 [ 15.400739] ? __virt_addr_valid+0x1db/0x2d0 [ 15.400763] ? kasan_atomics_helper+0x1217/0x5450 [ 15.400785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.400809] ? kasan_atomics_helper+0x1217/0x5450 [ 15.400831] kasan_report+0x141/0x180 [ 15.400853] ? kasan_atomics_helper+0x1217/0x5450 [ 15.400880] kasan_check_range+0x10c/0x1c0 [ 15.400904] __kasan_check_write+0x18/0x20 [ 15.400925] kasan_atomics_helper+0x1217/0x5450 [ 15.400948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.400978] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.401002] ? trace_hardirqs_on+0x37/0xe0 [ 15.401024] ? kasan_atomics+0x152/0x310 [ 15.401052] kasan_atomics+0x1dc/0x310 [ 15.401075] ? __pfx_kasan_atomics+0x10/0x10 [ 15.401098] ? __pfx_kasan_atomics+0x10/0x10 [ 15.401125] kunit_try_run_case+0x1a5/0x480 [ 15.401149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.401196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.401221] ? __kthread_parkme+0x82/0x180 [ 15.401242] ? preempt_count_sub+0x50/0x80 [ 15.401266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.401325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.401351] kthread+0x337/0x6f0 [ 15.401372] ? trace_preempt_on+0x20/0xc0 [ 15.401394] ? __pfx_kthread+0x10/0x10 [ 15.401415] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.401436] ? calculate_sigpending+0x7b/0xa0 [ 15.401461] ? __pfx_kthread+0x10/0x10 [ 15.401482] ret_from_fork+0x116/0x1d0 [ 15.401511] ? __pfx_kthread+0x10/0x10 [ 15.401531] ret_from_fork_asm+0x1a/0x30 [ 15.401562] </TASK> [ 15.401573] [ 15.411932] Allocated by task 284: [ 15.412245] kasan_save_stack+0x45/0x70 [ 15.412482] kasan_save_track+0x18/0x40 [ 15.412817] kasan_save_alloc_info+0x3b/0x50 [ 15.412993] __kasan_kmalloc+0xb7/0xc0 [ 15.413332] __kmalloc_cache_noprof+0x189/0x420 [ 15.413669] kasan_atomics+0x95/0x310 [ 15.413850] kunit_try_run_case+0x1a5/0x480 [ 15.414057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.414300] kthread+0x337/0x6f0 [ 15.414476] ret_from_fork+0x116/0x1d0 [ 15.414949] ret_from_fork_asm+0x1a/0x30 [ 15.415125] [ 15.415385] The buggy address belongs to the object at ffff888103a28200 [ 15.415385] which belongs to the cache kmalloc-64 of size 64 [ 15.416136] The buggy address is located 0 bytes to the right of [ 15.416136] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.416941] [ 15.417035] The buggy address belongs to the physical page: [ 15.417429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.417970] flags: 0x200000000000000(node=0|zone=2) [ 15.418295] page_type: f5(slab) [ 15.418474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.418803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.419123] page dumped because: kasan: bad access detected [ 15.419380] [ 15.419466] Memory state around the buggy address: [ 15.419982] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.420365] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.420821] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.421175] ^ [ 15.421379] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.421839] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.422218] ================================================================== [ 15.422889] ================================================================== [ 15.423711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.424108] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.424630] [ 15.424834] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.424883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.424897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.424918] Call Trace: [ 15.424935] <TASK> [ 15.424950] dump_stack_lvl+0x73/0xb0 [ 15.425083] print_report+0xd1/0x610 [ 15.425108] ? __virt_addr_valid+0x1db/0x2d0 [ 15.425132] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.425154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.425177] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.425200] kasan_report+0x141/0x180 [ 15.425222] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.425249] __asan_report_load4_noabort+0x18/0x20 [ 15.425274] kasan_atomics_helper+0x49e8/0x5450 [ 15.425297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.425334] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.425359] ? trace_hardirqs_on+0x37/0xe0 [ 15.425381] ? kasan_atomics+0x152/0x310 [ 15.425408] kasan_atomics+0x1dc/0x310 [ 15.425431] ? __pfx_kasan_atomics+0x10/0x10 [ 15.425455] ? __pfx_kasan_atomics+0x10/0x10 [ 15.425483] kunit_try_run_case+0x1a5/0x480 [ 15.425517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.425540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.425564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.425589] ? __kthread_parkme+0x82/0x180 [ 15.425612] ? preempt_count_sub+0x50/0x80 [ 15.425637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.425661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.425686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.425711] kthread+0x337/0x6f0 [ 15.425731] ? trace_preempt_on+0x20/0xc0 [ 15.425753] ? __pfx_kthread+0x10/0x10 [ 15.425774] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.425797] ? calculate_sigpending+0x7b/0xa0 [ 15.425821] ? __pfx_kthread+0x10/0x10 [ 15.425842] ret_from_fork+0x116/0x1d0 [ 15.425861] ? __pfx_kthread+0x10/0x10 [ 15.425883] ret_from_fork_asm+0x1a/0x30 [ 15.425914] </TASK> [ 15.425925] [ 15.436051] Allocated by task 284: [ 15.436353] kasan_save_stack+0x45/0x70 [ 15.436657] kasan_save_track+0x18/0x40 [ 15.436938] kasan_save_alloc_info+0x3b/0x50 [ 15.437252] __kasan_kmalloc+0xb7/0xc0 [ 15.437458] __kmalloc_cache_noprof+0x189/0x420 [ 15.437790] kasan_atomics+0x95/0x310 [ 15.438049] kunit_try_run_case+0x1a5/0x480 [ 15.438215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.438617] kthread+0x337/0x6f0 [ 15.438876] ret_from_fork+0x116/0x1d0 [ 15.439127] ret_from_fork_asm+0x1a/0x30 [ 15.439289] [ 15.439425] The buggy address belongs to the object at ffff888103a28200 [ 15.439425] which belongs to the cache kmalloc-64 of size 64 [ 15.440212] The buggy address is located 0 bytes to the right of [ 15.440212] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.441000] [ 15.441093] The buggy address belongs to the physical page: [ 15.441326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.441951] flags: 0x200000000000000(node=0|zone=2) [ 15.442188] page_type: f5(slab) [ 15.442445] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.442873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.443264] page dumped because: kasan: bad access detected [ 15.443645] [ 15.443749] Memory state around the buggy address: [ 15.444078] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.444391] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.444851] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.445253] ^ [ 15.445511] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445872] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446252] ================================================================== [ 15.278131] ================================================================== [ 15.278862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.279201] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.279702] [ 15.279959] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.280008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.280022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.280043] Call Trace: [ 15.280060] <TASK> [ 15.280075] dump_stack_lvl+0x73/0xb0 [ 15.280105] print_report+0xd1/0x610 [ 15.280129] ? __virt_addr_valid+0x1db/0x2d0 [ 15.280152] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.280174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.280198] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.280220] kasan_report+0x141/0x180 [ 15.280242] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.280270] __asan_report_load4_noabort+0x18/0x20 [ 15.280295] kasan_atomics_helper+0x4a36/0x5450 [ 15.280332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.280356] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.280380] ? trace_hardirqs_on+0x37/0xe0 [ 15.280403] ? kasan_atomics+0x152/0x310 [ 15.280430] kasan_atomics+0x1dc/0x310 [ 15.280453] ? __pfx_kasan_atomics+0x10/0x10 [ 15.280477] ? __pfx_kasan_atomics+0x10/0x10 [ 15.280646] kunit_try_run_case+0x1a5/0x480 [ 15.280672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.280696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.280722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.280746] ? __kthread_parkme+0x82/0x180 [ 15.280767] ? preempt_count_sub+0x50/0x80 [ 15.280791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.280816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.280841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.280866] kthread+0x337/0x6f0 [ 15.280887] ? trace_preempt_on+0x20/0xc0 [ 15.280909] ? __pfx_kthread+0x10/0x10 [ 15.280931] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.280953] ? calculate_sigpending+0x7b/0xa0 [ 15.280987] ? __pfx_kthread+0x10/0x10 [ 15.281009] ret_from_fork+0x116/0x1d0 [ 15.281029] ? __pfx_kthread+0x10/0x10 [ 15.281051] ret_from_fork_asm+0x1a/0x30 [ 15.281082] </TASK> [ 15.281093] [ 15.291246] Allocated by task 284: [ 15.291693] kasan_save_stack+0x45/0x70 [ 15.291979] kasan_save_track+0x18/0x40 [ 15.292291] kasan_save_alloc_info+0x3b/0x50 [ 15.292571] __kasan_kmalloc+0xb7/0xc0 [ 15.292731] __kmalloc_cache_noprof+0x189/0x420 [ 15.293086] kasan_atomics+0x95/0x310 [ 15.293280] kunit_try_run_case+0x1a5/0x480 [ 15.293686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.293935] kthread+0x337/0x6f0 [ 15.294200] ret_from_fork+0x116/0x1d0 [ 15.294365] ret_from_fork_asm+0x1a/0x30 [ 15.294835] [ 15.294915] The buggy address belongs to the object at ffff888103a28200 [ 15.294915] which belongs to the cache kmalloc-64 of size 64 [ 15.295490] The buggy address is located 0 bytes to the right of [ 15.295490] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.296254] [ 15.296347] The buggy address belongs to the physical page: [ 15.296893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.297352] flags: 0x200000000000000(node=0|zone=2) [ 15.297718] page_type: f5(slab) [ 15.298036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.298391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.298841] page dumped because: kasan: bad access detected [ 15.299163] [ 15.299255] Memory state around the buggy address: [ 15.299567] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.299886] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.300194] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.300774] ^ [ 15.301000] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301392] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301843] ================================================================== [ 16.111585] ================================================================== [ 16.111927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.112357] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.113008] [ 16.113096] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.113139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.113153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.113173] Call Trace: [ 16.113188] <TASK> [ 16.113202] dump_stack_lvl+0x73/0xb0 [ 16.113229] print_report+0xd1/0x610 [ 16.113252] ? __virt_addr_valid+0x1db/0x2d0 [ 16.113274] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.113296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.113331] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.113354] kasan_report+0x141/0x180 [ 16.113376] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.113403] __asan_report_load8_noabort+0x18/0x20 [ 16.113428] kasan_atomics_helper+0x4fa5/0x5450 [ 16.113452] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.113474] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.113525] ? trace_hardirqs_on+0x37/0xe0 [ 16.113548] ? kasan_atomics+0x152/0x310 [ 16.113576] kasan_atomics+0x1dc/0x310 [ 16.113632] ? __pfx_kasan_atomics+0x10/0x10 [ 16.113657] ? __pfx_kasan_atomics+0x10/0x10 [ 16.113707] kunit_try_run_case+0x1a5/0x480 [ 16.113731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.113754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.113780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.113804] ? __kthread_parkme+0x82/0x180 [ 16.113825] ? preempt_count_sub+0x50/0x80 [ 16.113849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.113874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.113899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.113923] kthread+0x337/0x6f0 [ 16.113943] ? trace_preempt_on+0x20/0xc0 [ 16.113966] ? __pfx_kthread+0x10/0x10 [ 16.113987] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.114009] ? calculate_sigpending+0x7b/0xa0 [ 16.114033] ? __pfx_kthread+0x10/0x10 [ 16.114055] ret_from_fork+0x116/0x1d0 [ 16.114074] ? __pfx_kthread+0x10/0x10 [ 16.114094] ret_from_fork_asm+0x1a/0x30 [ 16.114125] </TASK> [ 16.114134] [ 16.127951] Allocated by task 284: [ 16.128092] kasan_save_stack+0x45/0x70 [ 16.128241] kasan_save_track+0x18/0x40 [ 16.128468] kasan_save_alloc_info+0x3b/0x50 [ 16.128882] __kasan_kmalloc+0xb7/0xc0 [ 16.129233] __kmalloc_cache_noprof+0x189/0x420 [ 16.129693] kasan_atomics+0x95/0x310 [ 16.130031] kunit_try_run_case+0x1a5/0x480 [ 16.130440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.130945] kthread+0x337/0x6f0 [ 16.131260] ret_from_fork+0x116/0x1d0 [ 16.131646] ret_from_fork_asm+0x1a/0x30 [ 16.131908] [ 16.132083] The buggy address belongs to the object at ffff888103a28200 [ 16.132083] which belongs to the cache kmalloc-64 of size 64 [ 16.132768] The buggy address is located 0 bytes to the right of [ 16.132768] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.133800] [ 16.133875] The buggy address belongs to the physical page: [ 16.134049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.134291] flags: 0x200000000000000(node=0|zone=2) [ 16.134515] page_type: f5(slab) [ 16.134693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.135007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.135294] page dumped because: kasan: bad access detected [ 16.135595] [ 16.135683] Memory state around the buggy address: [ 16.135868] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.136175] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.136506] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.136784] ^ [ 16.136993] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137224] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137575] ================================================================== [ 15.138755] ================================================================== [ 15.139103] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.139446] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.139792] [ 15.139899] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.139943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.139955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.139977] Call Trace: [ 15.139990] <TASK> [ 15.140004] dump_stack_lvl+0x73/0xb0 [ 15.140052] print_report+0xd1/0x610 [ 15.140075] ? __virt_addr_valid+0x1db/0x2d0 [ 15.140098] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.140120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.140162] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.140185] kasan_report+0x141/0x180 [ 15.140207] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.140235] __asan_report_load4_noabort+0x18/0x20 [ 15.140260] kasan_atomics_helper+0x4a84/0x5450 [ 15.140284] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.140307] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.140362] ? trace_hardirqs_on+0x37/0xe0 [ 15.140398] ? kasan_atomics+0x152/0x310 [ 15.140438] kasan_atomics+0x1dc/0x310 [ 15.140461] ? __pfx_kasan_atomics+0x10/0x10 [ 15.140485] ? __pfx_kasan_atomics+0x10/0x10 [ 15.140522] kunit_try_run_case+0x1a5/0x480 [ 15.140547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.140569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.140594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.140618] ? __kthread_parkme+0x82/0x180 [ 15.140639] ? preempt_count_sub+0x50/0x80 [ 15.140663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.140687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.140711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.140736] kthread+0x337/0x6f0 [ 15.140756] ? trace_preempt_on+0x20/0xc0 [ 15.140778] ? __pfx_kthread+0x10/0x10 [ 15.140816] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.140838] ? calculate_sigpending+0x7b/0xa0 [ 15.140862] ? __pfx_kthread+0x10/0x10 [ 15.140883] ret_from_fork+0x116/0x1d0 [ 15.140903] ? __pfx_kthread+0x10/0x10 [ 15.140923] ret_from_fork_asm+0x1a/0x30 [ 15.140955] </TASK> [ 15.140973] [ 15.148729] Allocated by task 284: [ 15.148857] kasan_save_stack+0x45/0x70 [ 15.149073] kasan_save_track+0x18/0x40 [ 15.149260] kasan_save_alloc_info+0x3b/0x50 [ 15.149480] __kasan_kmalloc+0xb7/0xc0 [ 15.149692] __kmalloc_cache_noprof+0x189/0x420 [ 15.149914] kasan_atomics+0x95/0x310 [ 15.150095] kunit_try_run_case+0x1a5/0x480 [ 15.150286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.150531] kthread+0x337/0x6f0 [ 15.150690] ret_from_fork+0x116/0x1d0 [ 15.150902] ret_from_fork_asm+0x1a/0x30 [ 15.151114] [ 15.151198] The buggy address belongs to the object at ffff888103a28200 [ 15.151198] which belongs to the cache kmalloc-64 of size 64 [ 15.151698] The buggy address is located 0 bytes to the right of [ 15.151698] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.152168] [ 15.152279] The buggy address belongs to the physical page: [ 15.153001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.153762] flags: 0x200000000000000(node=0|zone=2) [ 15.154176] page_type: f5(slab) [ 15.154472] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.155182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.155799] page dumped because: kasan: bad access detected [ 15.156225] [ 15.156423] Memory state around the buggy address: [ 15.156617] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.156831] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.157061] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.157267] ^ [ 15.157459] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157765] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158066] ================================================================== [ 15.008545] ================================================================== [ 15.008868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.009344] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.010015] [ 15.010160] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.010206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.010220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.010242] Call Trace: [ 15.010259] <TASK> [ 15.010274] dump_stack_lvl+0x73/0xb0 [ 15.010304] print_report+0xd1/0x610 [ 15.010340] ? __virt_addr_valid+0x1db/0x2d0 [ 15.010363] ? kasan_atomics_helper+0x992/0x5450 [ 15.010385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.010409] ? kasan_atomics_helper+0x992/0x5450 [ 15.010433] kasan_report+0x141/0x180 [ 15.010456] ? kasan_atomics_helper+0x992/0x5450 [ 15.010483] kasan_check_range+0x10c/0x1c0 [ 15.010506] __kasan_check_write+0x18/0x20 [ 15.010526] kasan_atomics_helper+0x992/0x5450 [ 15.010548] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.010571] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.010596] ? trace_hardirqs_on+0x37/0xe0 [ 15.010619] ? kasan_atomics+0x152/0x310 [ 15.010646] kasan_atomics+0x1dc/0x310 [ 15.010670] ? __pfx_kasan_atomics+0x10/0x10 [ 15.010694] ? __pfx_kasan_atomics+0x10/0x10 [ 15.010825] kunit_try_run_case+0x1a5/0x480 [ 15.010853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.010877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.010902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.010926] ? __kthread_parkme+0x82/0x180 [ 15.010947] ? preempt_count_sub+0x50/0x80 [ 15.010972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.010997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.011285] kthread+0x337/0x6f0 [ 15.011318] ? trace_preempt_on+0x20/0xc0 [ 15.011341] ? __pfx_kthread+0x10/0x10 [ 15.011363] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.011385] ? calculate_sigpending+0x7b/0xa0 [ 15.011410] ? __pfx_kthread+0x10/0x10 [ 15.011431] ret_from_fork+0x116/0x1d0 [ 15.011451] ? __pfx_kthread+0x10/0x10 [ 15.011472] ret_from_fork_asm+0x1a/0x30 [ 15.011503] </TASK> [ 15.011514] [ 15.023157] Allocated by task 284: [ 15.023810] kasan_save_stack+0x45/0x70 [ 15.023972] kasan_save_track+0x18/0x40 [ 15.024422] kasan_save_alloc_info+0x3b/0x50 [ 15.024827] __kasan_kmalloc+0xb7/0xc0 [ 15.025164] __kmalloc_cache_noprof+0x189/0x420 [ 15.025364] kasan_atomics+0x95/0x310 [ 15.025878] kunit_try_run_case+0x1a5/0x480 [ 15.026144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026655] kthread+0x337/0x6f0 [ 15.026821] ret_from_fork+0x116/0x1d0 [ 15.027457] ret_from_fork_asm+0x1a/0x30 [ 15.027788] [ 15.027893] The buggy address belongs to the object at ffff888103a28200 [ 15.027893] which belongs to the cache kmalloc-64 of size 64 [ 15.028532] The buggy address is located 0 bytes to the right of [ 15.028532] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.029637] [ 15.029746] The buggy address belongs to the physical page: [ 15.030251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.030603] flags: 0x200000000000000(node=0|zone=2) [ 15.030947] page_type: f5(slab) [ 15.031085] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.031434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.032204] page dumped because: kasan: bad access detected [ 15.032622] [ 15.032711] Memory state around the buggy address: [ 15.032915] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.033630] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.034123] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.034390] ^ [ 15.034817] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035290] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035992] ================================================================== [ 14.976705] ================================================================== [ 14.977690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.978105] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.979324] [ 14.979443] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.979489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.979502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.979523] Call Trace: [ 14.979538] <TASK> [ 14.979553] dump_stack_lvl+0x73/0xb0 [ 14.979706] print_report+0xd1/0x610 [ 14.979729] ? __virt_addr_valid+0x1db/0x2d0 [ 14.979753] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.979775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.979798] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.979821] kasan_report+0x141/0x180 [ 14.979843] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.979870] kasan_check_range+0x10c/0x1c0 [ 14.979894] __kasan_check_write+0x18/0x20 [ 14.979914] kasan_atomics_helper+0x8f9/0x5450 [ 14.979938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.979961] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.979986] ? trace_hardirqs_on+0x37/0xe0 [ 14.980009] ? kasan_atomics+0x152/0x310 [ 14.980036] kasan_atomics+0x1dc/0x310 [ 14.980059] ? __pfx_kasan_atomics+0x10/0x10 [ 14.980084] ? __pfx_kasan_atomics+0x10/0x10 [ 14.980111] kunit_try_run_case+0x1a5/0x480 [ 14.980135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.980183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.980207] ? __kthread_parkme+0x82/0x180 [ 14.980228] ? preempt_count_sub+0x50/0x80 [ 14.980252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.980302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.980337] kthread+0x337/0x6f0 [ 14.980357] ? trace_preempt_on+0x20/0xc0 [ 14.980379] ? __pfx_kthread+0x10/0x10 [ 14.980400] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.980422] ? calculate_sigpending+0x7b/0xa0 [ 14.980446] ? __pfx_kthread+0x10/0x10 [ 14.980469] ret_from_fork+0x116/0x1d0 [ 14.980544] ? __pfx_kthread+0x10/0x10 [ 14.980567] ret_from_fork_asm+0x1a/0x30 [ 14.980599] </TASK> [ 14.980610] [ 14.994447] Allocated by task 284: [ 14.994797] kasan_save_stack+0x45/0x70 [ 14.995195] kasan_save_track+0x18/0x40 [ 14.995523] kasan_save_alloc_info+0x3b/0x50 [ 14.995787] __kasan_kmalloc+0xb7/0xc0 [ 14.996175] __kmalloc_cache_noprof+0x189/0x420 [ 14.996436] kasan_atomics+0x95/0x310 [ 14.996898] kunit_try_run_case+0x1a5/0x480 [ 14.997413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.997878] kthread+0x337/0x6f0 [ 14.998203] ret_from_fork+0x116/0x1d0 [ 14.998659] ret_from_fork_asm+0x1a/0x30 [ 14.998871] [ 14.998967] The buggy address belongs to the object at ffff888103a28200 [ 14.998967] which belongs to the cache kmalloc-64 of size 64 [ 14.999950] The buggy address is located 0 bytes to the right of [ 14.999950] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.000847] [ 15.000955] The buggy address belongs to the physical page: [ 15.001678] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.002241] flags: 0x200000000000000(node=0|zone=2) [ 15.002610] page_type: f5(slab) [ 15.002797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.003350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.003865] page dumped because: kasan: bad access detected [ 15.004366] [ 15.004595] Memory state around the buggy address: [ 15.004812] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.005663] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.006238] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.006672] ^ [ 15.006939] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007348] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007796] ================================================================== [ 15.036649] ================================================================== [ 15.036962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.037594] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.038151] [ 15.038267] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.038324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038359] Call Trace: [ 15.038375] <TASK> [ 15.038391] dump_stack_lvl+0x73/0xb0 [ 15.038421] print_report+0xd1/0x610 [ 15.038549] ? __virt_addr_valid+0x1db/0x2d0 [ 15.038573] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.038595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.038619] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.038641] kasan_report+0x141/0x180 [ 15.038664] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.038690] kasan_check_range+0x10c/0x1c0 [ 15.038714] __kasan_check_write+0x18/0x20 [ 15.038734] kasan_atomics_helper+0xa2b/0x5450 [ 15.038758] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.038781] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.038805] ? trace_hardirqs_on+0x37/0xe0 [ 15.038828] ? kasan_atomics+0x152/0x310 [ 15.038855] kasan_atomics+0x1dc/0x310 [ 15.038878] ? __pfx_kasan_atomics+0x10/0x10 [ 15.038902] ? __pfx_kasan_atomics+0x10/0x10 [ 15.038929] kunit_try_run_case+0x1a5/0x480 [ 15.038953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.039001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.039227] ? __kthread_parkme+0x82/0x180 [ 15.039249] ? preempt_count_sub+0x50/0x80 [ 15.039274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039366] kthread+0x337/0x6f0 [ 15.039386] ? trace_preempt_on+0x20/0xc0 [ 15.039409] ? __pfx_kthread+0x10/0x10 [ 15.039430] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039452] ? calculate_sigpending+0x7b/0xa0 [ 15.039477] ? __pfx_kthread+0x10/0x10 [ 15.039499] ret_from_fork+0x116/0x1d0 [ 15.039518] ? __pfx_kthread+0x10/0x10 [ 15.039539] ret_from_fork_asm+0x1a/0x30 [ 15.039570] </TASK> [ 15.039581] [ 15.052040] Allocated by task 284: [ 15.052514] kasan_save_stack+0x45/0x70 [ 15.052810] kasan_save_track+0x18/0x40 [ 15.053188] kasan_save_alloc_info+0x3b/0x50 [ 15.053514] __kasan_kmalloc+0xb7/0xc0 [ 15.053694] __kmalloc_cache_noprof+0x189/0x420 [ 15.054121] kasan_atomics+0x95/0x310 [ 15.054417] kunit_try_run_case+0x1a5/0x480 [ 15.054667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.054915] kthread+0x337/0x6f0 [ 15.055451] ret_from_fork+0x116/0x1d0 [ 15.055657] ret_from_fork_asm+0x1a/0x30 [ 15.055803] [ 15.056120] The buggy address belongs to the object at ffff888103a28200 [ 15.056120] which belongs to the cache kmalloc-64 of size 64 [ 15.056888] The buggy address is located 0 bytes to the right of [ 15.056888] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.057701] [ 15.057804] The buggy address belongs to the physical page: [ 15.058130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.058703] flags: 0x200000000000000(node=0|zone=2) [ 15.058945] page_type: f5(slab) [ 15.059252] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.059922] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.060435] page dumped because: kasan: bad access detected [ 15.060828] [ 15.061005] Memory state around the buggy address: [ 15.061200] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.061816] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.062441] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.062729] ^ [ 15.063279] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.063748] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.064111] ================================================================== [ 15.630955] ================================================================== [ 15.631307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.631592] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.631821] [ 15.631926] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.631971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.631983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.632004] Call Trace: [ 15.632020] <TASK> [ 15.632036] dump_stack_lvl+0x73/0xb0 [ 15.632063] print_report+0xd1/0x610 [ 15.632085] ? __virt_addr_valid+0x1db/0x2d0 [ 15.632108] ? kasan_atomics_helper+0x164f/0x5450 [ 15.632131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.632155] ? kasan_atomics_helper+0x164f/0x5450 [ 15.632178] kasan_report+0x141/0x180 [ 15.632201] ? kasan_atomics_helper+0x164f/0x5450 [ 15.632228] kasan_check_range+0x10c/0x1c0 [ 15.632253] __kasan_check_write+0x18/0x20 [ 15.632274] kasan_atomics_helper+0x164f/0x5450 [ 15.632297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.632331] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.632357] ? trace_hardirqs_on+0x37/0xe0 [ 15.632381] ? kasan_atomics+0x152/0x310 [ 15.632409] kasan_atomics+0x1dc/0x310 [ 15.632433] ? __pfx_kasan_atomics+0x10/0x10 [ 15.632458] ? __pfx_kasan_atomics+0x10/0x10 [ 15.632504] kunit_try_run_case+0x1a5/0x480 [ 15.632530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.632578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.632603] ? __kthread_parkme+0x82/0x180 [ 15.632624] ? preempt_count_sub+0x50/0x80 [ 15.632649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.632674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.632699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.632724] kthread+0x337/0x6f0 [ 15.632746] ? trace_preempt_on+0x20/0xc0 [ 15.632769] ? __pfx_kthread+0x10/0x10 [ 15.632791] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.632814] ? calculate_sigpending+0x7b/0xa0 [ 15.632838] ? __pfx_kthread+0x10/0x10 [ 15.632861] ret_from_fork+0x116/0x1d0 [ 15.632881] ? __pfx_kthread+0x10/0x10 [ 15.632902] ret_from_fork_asm+0x1a/0x30 [ 15.632934] </TASK> [ 15.632945] [ 15.640412] Allocated by task 284: [ 15.640585] kasan_save_stack+0x45/0x70 [ 15.640788] kasan_save_track+0x18/0x40 [ 15.640947] kasan_save_alloc_info+0x3b/0x50 [ 15.641156] __kasan_kmalloc+0xb7/0xc0 [ 15.641311] __kmalloc_cache_noprof+0x189/0x420 [ 15.641565] kasan_atomics+0x95/0x310 [ 15.641741] kunit_try_run_case+0x1a5/0x480 [ 15.641889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.642067] kthread+0x337/0x6f0 [ 15.642189] ret_from_fork+0x116/0x1d0 [ 15.642333] ret_from_fork_asm+0x1a/0x30 [ 15.642561] [ 15.642655] The buggy address belongs to the object at ffff888103a28200 [ 15.642655] which belongs to the cache kmalloc-64 of size 64 [ 15.643178] The buggy address is located 0 bytes to the right of [ 15.643178] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.643747] [ 15.643819] The buggy address belongs to the physical page: [ 15.643995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.644308] flags: 0x200000000000000(node=0|zone=2) [ 15.644576] page_type: f5(slab) [ 15.644757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.645113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.645447] page dumped because: kasan: bad access detected [ 15.645695] [ 15.645789] Memory state around the buggy address: [ 15.645961] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.646251] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.646578] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.646831] ^ [ 15.646988] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.647206] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.647435] ================================================================== [ 15.064855] ================================================================== [ 15.065104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.065872] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.066569] [ 15.066669] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.066724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.066738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.066759] Call Trace: [ 15.066773] <TASK> [ 15.066788] dump_stack_lvl+0x73/0xb0 [ 15.066823] print_report+0xd1/0x610 [ 15.066845] ? __virt_addr_valid+0x1db/0x2d0 [ 15.066869] ? kasan_atomics_helper+0xac7/0x5450 [ 15.066890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.066914] ? kasan_atomics_helper+0xac7/0x5450 [ 15.066936] kasan_report+0x141/0x180 [ 15.066958] ? kasan_atomics_helper+0xac7/0x5450 [ 15.066985] kasan_check_range+0x10c/0x1c0 [ 15.067009] __kasan_check_write+0x18/0x20 [ 15.067346] kasan_atomics_helper+0xac7/0x5450 [ 15.067372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.067395] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.067420] ? trace_hardirqs_on+0x37/0xe0 [ 15.067443] ? kasan_atomics+0x152/0x310 [ 15.067469] kasan_atomics+0x1dc/0x310 [ 15.067493] ? __pfx_kasan_atomics+0x10/0x10 [ 15.067516] ? __pfx_kasan_atomics+0x10/0x10 [ 15.067543] kunit_try_run_case+0x1a5/0x480 [ 15.067567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.067615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.067639] ? __kthread_parkme+0x82/0x180 [ 15.067659] ? preempt_count_sub+0x50/0x80 [ 15.067683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.067733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.067760] kthread+0x337/0x6f0 [ 15.067781] ? trace_preempt_on+0x20/0xc0 [ 15.067804] ? __pfx_kthread+0x10/0x10 [ 15.067826] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.067847] ? calculate_sigpending+0x7b/0xa0 [ 15.067873] ? __pfx_kthread+0x10/0x10 [ 15.067894] ret_from_fork+0x116/0x1d0 [ 15.067913] ? __pfx_kthread+0x10/0x10 [ 15.067934] ret_from_fork_asm+0x1a/0x30 [ 15.067965] </TASK> [ 15.067976] [ 15.080378] Allocated by task 284: [ 15.080801] kasan_save_stack+0x45/0x70 [ 15.081230] kasan_save_track+0x18/0x40 [ 15.081433] kasan_save_alloc_info+0x3b/0x50 [ 15.081744] __kasan_kmalloc+0xb7/0xc0 [ 15.081931] __kmalloc_cache_noprof+0x189/0x420 [ 15.082385] kasan_atomics+0x95/0x310 [ 15.082739] kunit_try_run_case+0x1a5/0x480 [ 15.083132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.083513] kthread+0x337/0x6f0 [ 15.083647] ret_from_fork+0x116/0x1d0 [ 15.083995] ret_from_fork_asm+0x1a/0x30 [ 15.084399] [ 15.084477] The buggy address belongs to the object at ffff888103a28200 [ 15.084477] which belongs to the cache kmalloc-64 of size 64 [ 15.085031] The buggy address is located 0 bytes to the right of [ 15.085031] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.086041] [ 15.086172] The buggy address belongs to the physical page: [ 15.086439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.086987] flags: 0x200000000000000(node=0|zone=2) [ 15.087423] page_type: f5(slab) [ 15.087627] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.087918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.088431] page dumped because: kasan: bad access detected [ 15.088641] [ 15.088849] Memory state around the buggy address: [ 15.089263] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.089702] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.090122] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.090397] ^ [ 15.090780] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091189] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091500] ================================================================== [ 16.034681] ================================================================== [ 16.035246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.035645] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.035994] [ 16.036082] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.036127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.036141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.036162] Call Trace: [ 16.036176] <TASK> [ 16.036191] dump_stack_lvl+0x73/0xb0 [ 16.036218] print_report+0xd1/0x610 [ 16.036241] ? __virt_addr_valid+0x1db/0x2d0 [ 16.036264] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.036335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.036359] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.036382] kasan_report+0x141/0x180 [ 16.036432] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.036459] __asan_report_load8_noabort+0x18/0x20 [ 16.036513] kasan_atomics_helper+0x4f98/0x5450 [ 16.036537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.036560] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.036584] ? trace_hardirqs_on+0x37/0xe0 [ 16.036607] ? kasan_atomics+0x152/0x310 [ 16.036635] kasan_atomics+0x1dc/0x310 [ 16.036658] ? __pfx_kasan_atomics+0x10/0x10 [ 16.036710] ? __pfx_kasan_atomics+0x10/0x10 [ 16.036738] kunit_try_run_case+0x1a5/0x480 [ 16.036773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.036822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.036846] ? __kthread_parkme+0x82/0x180 [ 16.036866] ? preempt_count_sub+0x50/0x80 [ 16.036891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.036940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.037007] kthread+0x337/0x6f0 [ 16.037064] ? trace_preempt_on+0x20/0xc0 [ 16.037087] ? __pfx_kthread+0x10/0x10 [ 16.037107] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.037141] ? calculate_sigpending+0x7b/0xa0 [ 16.037166] ? __pfx_kthread+0x10/0x10 [ 16.037187] ret_from_fork+0x116/0x1d0 [ 16.037207] ? __pfx_kthread+0x10/0x10 [ 16.037229] ret_from_fork_asm+0x1a/0x30 [ 16.037263] </TASK> [ 16.037274] [ 16.044880] Allocated by task 284: [ 16.045117] kasan_save_stack+0x45/0x70 [ 16.045377] kasan_save_track+0x18/0x40 [ 16.045667] kasan_save_alloc_info+0x3b/0x50 [ 16.045871] __kasan_kmalloc+0xb7/0xc0 [ 16.046005] __kmalloc_cache_noprof+0x189/0x420 [ 16.046197] kasan_atomics+0x95/0x310 [ 16.046395] kunit_try_run_case+0x1a5/0x480 [ 16.046717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.047091] kthread+0x337/0x6f0 [ 16.047262] ret_from_fork+0x116/0x1d0 [ 16.047500] ret_from_fork_asm+0x1a/0x30 [ 16.047644] [ 16.047741] The buggy address belongs to the object at ffff888103a28200 [ 16.047741] which belongs to the cache kmalloc-64 of size 64 [ 16.048301] The buggy address is located 0 bytes to the right of [ 16.048301] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.048876] [ 16.049026] The buggy address belongs to the physical page: [ 16.049260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.049758] flags: 0x200000000000000(node=0|zone=2) [ 16.049968] page_type: f5(slab) [ 16.050182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.050588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.050846] page dumped because: kasan: bad access detected [ 16.051096] [ 16.051234] Memory state around the buggy address: [ 16.051450] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.051728] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.052080] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.052507] ^ [ 16.052720] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.052980] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.053354] ================================================================== [ 15.158616] ================================================================== [ 15.159695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.160596] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.160903] [ 15.161001] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.161044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.161058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.161079] Call Trace: [ 15.161095] <TASK> [ 15.161109] dump_stack_lvl+0x73/0xb0 [ 15.161137] print_report+0xd1/0x610 [ 15.161158] ? __virt_addr_valid+0x1db/0x2d0 [ 15.161182] ? kasan_atomics_helper+0xd47/0x5450 [ 15.161205] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.161228] ? kasan_atomics_helper+0xd47/0x5450 [ 15.161251] kasan_report+0x141/0x180 [ 15.161274] ? kasan_atomics_helper+0xd47/0x5450 [ 15.161301] kasan_check_range+0x10c/0x1c0 [ 15.161341] __kasan_check_write+0x18/0x20 [ 15.161361] kasan_atomics_helper+0xd47/0x5450 [ 15.161385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.161408] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.161433] ? trace_hardirqs_on+0x37/0xe0 [ 15.161455] ? kasan_atomics+0x152/0x310 [ 15.161482] kasan_atomics+0x1dc/0x310 [ 15.161505] ? __pfx_kasan_atomics+0x10/0x10 [ 15.161530] ? __pfx_kasan_atomics+0x10/0x10 [ 15.161557] kunit_try_run_case+0x1a5/0x480 [ 15.161581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.161630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.161654] ? __kthread_parkme+0x82/0x180 [ 15.161699] ? preempt_count_sub+0x50/0x80 [ 15.161724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.161773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.161798] kthread+0x337/0x6f0 [ 15.161819] ? trace_preempt_on+0x20/0xc0 [ 15.161841] ? __pfx_kthread+0x10/0x10 [ 15.161863] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.161885] ? calculate_sigpending+0x7b/0xa0 [ 15.161908] ? __pfx_kthread+0x10/0x10 [ 15.161930] ret_from_fork+0x116/0x1d0 [ 15.161949] ? __pfx_kthread+0x10/0x10 [ 15.161969] ret_from_fork_asm+0x1a/0x30 [ 15.162000] </TASK> [ 15.162010] [ 15.170924] Allocated by task 284: [ 15.171111] kasan_save_stack+0x45/0x70 [ 15.171290] kasan_save_track+0x18/0x40 [ 15.171473] kasan_save_alloc_info+0x3b/0x50 [ 15.172081] __kasan_kmalloc+0xb7/0xc0 [ 15.172221] __kmalloc_cache_noprof+0x189/0x420 [ 15.172413] kasan_atomics+0x95/0x310 [ 15.173018] kunit_try_run_case+0x1a5/0x480 [ 15.173299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.173735] kthread+0x337/0x6f0 [ 15.174041] ret_from_fork+0x116/0x1d0 [ 15.174221] ret_from_fork_asm+0x1a/0x30 [ 15.174414] [ 15.174757] The buggy address belongs to the object at ffff888103a28200 [ 15.174757] which belongs to the cache kmalloc-64 of size 64 [ 15.175211] The buggy address is located 0 bytes to the right of [ 15.175211] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.176357] [ 15.176624] The buggy address belongs to the physical page: [ 15.176932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.177582] flags: 0x200000000000000(node=0|zone=2) [ 15.177968] page_type: f5(slab) [ 15.178275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.178883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.179307] page dumped because: kasan: bad access detected [ 15.179866] [ 15.180121] Memory state around the buggy address: [ 15.180350] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.180925] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.181413] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.182040] ^ [ 15.182341] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182851] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183148] ================================================================== [ 15.326325] ================================================================== [ 15.326694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.327494] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.327928] [ 15.328350] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.328402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.328436] Call Trace: [ 15.328452] <TASK> [ 15.328467] dump_stack_lvl+0x73/0xb0 [ 15.328510] print_report+0xd1/0x610 [ 15.328533] ? __virt_addr_valid+0x1db/0x2d0 [ 15.328556] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.328578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.328601] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.328624] kasan_report+0x141/0x180 [ 15.328648] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.328675] __asan_report_load4_noabort+0x18/0x20 [ 15.328699] kasan_atomics_helper+0x4a1c/0x5450 [ 15.328723] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.328747] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.328772] ? trace_hardirqs_on+0x37/0xe0 [ 15.328795] ? kasan_atomics+0x152/0x310 [ 15.328822] kasan_atomics+0x1dc/0x310 [ 15.328844] ? __pfx_kasan_atomics+0x10/0x10 [ 15.328869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.328896] kunit_try_run_case+0x1a5/0x480 [ 15.328920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.328976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.329001] ? __kthread_parkme+0x82/0x180 [ 15.329022] ? preempt_count_sub+0x50/0x80 [ 15.329047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.329071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.329096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.329122] kthread+0x337/0x6f0 [ 15.329141] ? trace_preempt_on+0x20/0xc0 [ 15.329165] ? __pfx_kthread+0x10/0x10 [ 15.329186] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.329208] ? calculate_sigpending+0x7b/0xa0 [ 15.329232] ? __pfx_kthread+0x10/0x10 [ 15.329254] ret_from_fork+0x116/0x1d0 [ 15.329273] ? __pfx_kthread+0x10/0x10 [ 15.329294] ret_from_fork_asm+0x1a/0x30 [ 15.329337] </TASK> [ 15.329347] [ 15.339408] Allocated by task 284: [ 15.339624] kasan_save_stack+0x45/0x70 [ 15.339966] kasan_save_track+0x18/0x40 [ 15.340238] kasan_save_alloc_info+0x3b/0x50 [ 15.340523] __kasan_kmalloc+0xb7/0xc0 [ 15.340773] __kmalloc_cache_noprof+0x189/0x420 [ 15.341101] kasan_atomics+0x95/0x310 [ 15.341376] kunit_try_run_case+0x1a5/0x480 [ 15.341663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342000] kthread+0x337/0x6f0 [ 15.342157] ret_from_fork+0x116/0x1d0 [ 15.342439] ret_from_fork_asm+0x1a/0x30 [ 15.342621] [ 15.342723] The buggy address belongs to the object at ffff888103a28200 [ 15.342723] which belongs to the cache kmalloc-64 of size 64 [ 15.343296] The buggy address is located 0 bytes to the right of [ 15.343296] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.344060] [ 15.344342] The buggy address belongs to the physical page: [ 15.344577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.345081] flags: 0x200000000000000(node=0|zone=2) [ 15.345304] page_type: f5(slab) [ 15.345469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.345792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.346125] page dumped because: kasan: bad access detected [ 15.346651] [ 15.346747] Memory state around the buggy address: [ 15.346902] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.347388] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.347832] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.348195] ^ [ 15.348442] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348993] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.349358] ================================================================== [ 15.613120] ================================================================== [ 15.613446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.613770] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.614017] [ 15.614103] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.614149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.614161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.614183] Call Trace: [ 15.614197] <TASK> [ 15.614212] dump_stack_lvl+0x73/0xb0 [ 15.614240] print_report+0xd1/0x610 [ 15.614263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.614285] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.614307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.614342] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.614365] kasan_report+0x141/0x180 [ 15.614387] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.614414] kasan_check_range+0x10c/0x1c0 [ 15.614438] __kasan_check_write+0x18/0x20 [ 15.614458] kasan_atomics_helper+0x15b6/0x5450 [ 15.614502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.614527] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.614552] ? trace_hardirqs_on+0x37/0xe0 [ 15.614575] ? kasan_atomics+0x152/0x310 [ 15.614602] kasan_atomics+0x1dc/0x310 [ 15.614625] ? __pfx_kasan_atomics+0x10/0x10 [ 15.614649] ? __pfx_kasan_atomics+0x10/0x10 [ 15.614676] kunit_try_run_case+0x1a5/0x480 [ 15.614702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.614727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.614752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.614778] ? __kthread_parkme+0x82/0x180 [ 15.614799] ? preempt_count_sub+0x50/0x80 [ 15.614824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.614849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.614875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.614901] kthread+0x337/0x6f0 [ 15.614921] ? trace_preempt_on+0x20/0xc0 [ 15.614945] ? __pfx_kthread+0x10/0x10 [ 15.614968] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.614990] ? calculate_sigpending+0x7b/0xa0 [ 15.615016] ? __pfx_kthread+0x10/0x10 [ 15.615038] ret_from_fork+0x116/0x1d0 [ 15.615060] ? __pfx_kthread+0x10/0x10 [ 15.615081] ret_from_fork_asm+0x1a/0x30 [ 15.615113] </TASK> [ 15.615123] [ 15.622553] Allocated by task 284: [ 15.622697] kasan_save_stack+0x45/0x70 [ 15.622843] kasan_save_track+0x18/0x40 [ 15.622981] kasan_save_alloc_info+0x3b/0x50 [ 15.623150] __kasan_kmalloc+0xb7/0xc0 [ 15.623348] __kmalloc_cache_noprof+0x189/0x420 [ 15.623596] kasan_atomics+0x95/0x310 [ 15.623786] kunit_try_run_case+0x1a5/0x480 [ 15.623992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.624242] kthread+0x337/0x6f0 [ 15.624423] ret_from_fork+0x116/0x1d0 [ 15.624637] ret_from_fork_asm+0x1a/0x30 [ 15.624833] [ 15.624928] The buggy address belongs to the object at ffff888103a28200 [ 15.624928] which belongs to the cache kmalloc-64 of size 64 [ 15.625361] The buggy address is located 0 bytes to the right of [ 15.625361] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.625823] [ 15.625922] The buggy address belongs to the physical page: [ 15.626175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.626565] flags: 0x200000000000000(node=0|zone=2) [ 15.626807] page_type: f5(slab) [ 15.626973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.627343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.627681] page dumped because: kasan: bad access detected [ 15.627912] [ 15.628009] Memory state around the buggy address: [ 15.628197] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.628425] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.628775] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.629097] ^ [ 15.629258] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.629590] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.629902] ================================================================== [ 15.716878] ================================================================== [ 15.717228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.717890] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.718152] [ 15.718264] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.718307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.718332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.718353] Call Trace: [ 15.718369] <TASK> [ 15.718384] dump_stack_lvl+0x73/0xb0 [ 15.718413] print_report+0xd1/0x610 [ 15.718435] ? __virt_addr_valid+0x1db/0x2d0 [ 15.718458] ? kasan_atomics_helper+0x194a/0x5450 [ 15.718501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.718526] ? kasan_atomics_helper+0x194a/0x5450 [ 15.718549] kasan_report+0x141/0x180 [ 15.718572] ? kasan_atomics_helper+0x194a/0x5450 [ 15.718598] kasan_check_range+0x10c/0x1c0 [ 15.718623] __kasan_check_write+0x18/0x20 [ 15.718643] kasan_atomics_helper+0x194a/0x5450 [ 15.718666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.718689] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.718714] ? trace_hardirqs_on+0x37/0xe0 [ 15.718737] ? kasan_atomics+0x152/0x310 [ 15.718763] kasan_atomics+0x1dc/0x310 [ 15.718787] ? __pfx_kasan_atomics+0x10/0x10 [ 15.718810] ? __pfx_kasan_atomics+0x10/0x10 [ 15.718837] kunit_try_run_case+0x1a5/0x480 [ 15.718861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.718885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.718909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.718933] ? __kthread_parkme+0x82/0x180 [ 15.718954] ? preempt_count_sub+0x50/0x80 [ 15.718978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.719002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.719052] kthread+0x337/0x6f0 [ 15.719072] ? trace_preempt_on+0x20/0xc0 [ 15.719095] ? __pfx_kthread+0x10/0x10 [ 15.719116] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.719139] ? calculate_sigpending+0x7b/0xa0 [ 15.719163] ? __pfx_kthread+0x10/0x10 [ 15.719185] ret_from_fork+0x116/0x1d0 [ 15.719204] ? __pfx_kthread+0x10/0x10 [ 15.719225] ret_from_fork_asm+0x1a/0x30 [ 15.719255] </TASK> [ 15.719267] [ 15.726289] Allocated by task 284: [ 15.726472] kasan_save_stack+0x45/0x70 [ 15.726689] kasan_save_track+0x18/0x40 [ 15.726882] kasan_save_alloc_info+0x3b/0x50 [ 15.727092] __kasan_kmalloc+0xb7/0xc0 [ 15.727277] __kmalloc_cache_noprof+0x189/0x420 [ 15.727575] kasan_atomics+0x95/0x310 [ 15.727714] kunit_try_run_case+0x1a5/0x480 [ 15.727863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.728113] kthread+0x337/0x6f0 [ 15.728279] ret_from_fork+0x116/0x1d0 [ 15.728499] ret_from_fork_asm+0x1a/0x30 [ 15.728700] [ 15.728799] The buggy address belongs to the object at ffff888103a28200 [ 15.728799] which belongs to the cache kmalloc-64 of size 64 [ 15.729266] The buggy address is located 0 bytes to the right of [ 15.729266] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.729794] [ 15.729895] The buggy address belongs to the physical page: [ 15.730112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.730412] flags: 0x200000000000000(node=0|zone=2) [ 15.730665] page_type: f5(slab) [ 15.730810] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.731121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.731437] page dumped because: kasan: bad access detected [ 15.731678] [ 15.731770] Memory state around the buggy address: [ 15.731961] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.732265] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.732576] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.732848] ^ [ 15.733044] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.733337] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.733649] ================================================================== [ 15.868620] ================================================================== [ 15.869669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.870303] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.870910] [ 15.871008] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.871054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.871067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.871089] Call Trace: [ 15.871106] <TASK> [ 15.871122] dump_stack_lvl+0x73/0xb0 [ 15.871152] print_report+0xd1/0x610 [ 15.871175] ? __virt_addr_valid+0x1db/0x2d0 [ 15.871198] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.871220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.871243] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.871265] kasan_report+0x141/0x180 [ 15.871287] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.871314] kasan_check_range+0x10c/0x1c0 [ 15.871353] __kasan_check_write+0x18/0x20 [ 15.871373] kasan_atomics_helper+0x1ce1/0x5450 [ 15.871396] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.871531] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.871566] ? trace_hardirqs_on+0x37/0xe0 [ 15.871682] ? kasan_atomics+0x152/0x310 [ 15.871715] kasan_atomics+0x1dc/0x310 [ 15.871739] ? __pfx_kasan_atomics+0x10/0x10 [ 15.871764] ? __pfx_kasan_atomics+0x10/0x10 [ 15.871791] kunit_try_run_case+0x1a5/0x480 [ 15.871816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.871839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.871865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.871890] ? __kthread_parkme+0x82/0x180 [ 15.871911] ? preempt_count_sub+0x50/0x80 [ 15.871935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.871960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.871984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.872010] kthread+0x337/0x6f0 [ 15.872030] ? trace_preempt_on+0x20/0xc0 [ 15.872052] ? __pfx_kthread+0x10/0x10 [ 15.872073] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.872095] ? calculate_sigpending+0x7b/0xa0 [ 15.872120] ? __pfx_kthread+0x10/0x10 [ 15.872141] ret_from_fork+0x116/0x1d0 [ 15.872161] ? __pfx_kthread+0x10/0x10 [ 15.872181] ret_from_fork_asm+0x1a/0x30 [ 15.872213] </TASK> [ 15.872224] [ 15.883177] Allocated by task 284: [ 15.883621] kasan_save_stack+0x45/0x70 [ 15.883866] kasan_save_track+0x18/0x40 [ 15.884060] kasan_save_alloc_info+0x3b/0x50 [ 15.884265] __kasan_kmalloc+0xb7/0xc0 [ 15.884450] __kmalloc_cache_noprof+0x189/0x420 [ 15.884976] kasan_atomics+0x95/0x310 [ 15.885155] kunit_try_run_case+0x1a5/0x480 [ 15.885642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.885996] kthread+0x337/0x6f0 [ 15.886178] ret_from_fork+0x116/0x1d0 [ 15.886383] ret_from_fork_asm+0x1a/0x30 [ 15.886599] [ 15.886706] The buggy address belongs to the object at ffff888103a28200 [ 15.886706] which belongs to the cache kmalloc-64 of size 64 [ 15.887282] The buggy address is located 0 bytes to the right of [ 15.887282] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.888222] [ 15.888332] The buggy address belongs to the physical page: [ 15.888825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.889294] flags: 0x200000000000000(node=0|zone=2) [ 15.889723] page_type: f5(slab) [ 15.890007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.890357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.890821] page dumped because: kasan: bad access detected [ 15.891230] [ 15.891343] Memory state around the buggy address: [ 15.891852] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.892275] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.892735] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.893025] ^ [ 15.893242] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.893841] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.894135] ================================================================== [ 14.783548] ================================================================== [ 14.783953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.784418] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.785160] [ 14.785449] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.785498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.785511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.785532] Call Trace: [ 14.785548] <TASK> [ 14.785564] dump_stack_lvl+0x73/0xb0 [ 14.785594] print_report+0xd1/0x610 [ 14.785616] ? __virt_addr_valid+0x1db/0x2d0 [ 14.785638] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.785660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.785683] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.785756] kasan_report+0x141/0x180 [ 14.785780] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.785821] kasan_check_range+0x10c/0x1c0 [ 14.785845] __kasan_check_write+0x18/0x20 [ 14.785865] kasan_atomics_helper+0x4a0/0x5450 [ 14.785889] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.785912] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.785936] ? trace_hardirqs_on+0x37/0xe0 [ 14.785959] ? kasan_atomics+0x152/0x310 [ 14.785987] kasan_atomics+0x1dc/0x310 [ 14.786010] ? __pfx_kasan_atomics+0x10/0x10 [ 14.786082] ? __pfx_kasan_atomics+0x10/0x10 [ 14.786109] kunit_try_run_case+0x1a5/0x480 [ 14.786134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.786157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.786184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.786207] ? __kthread_parkme+0x82/0x180 [ 14.786229] ? preempt_count_sub+0x50/0x80 [ 14.786254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.786278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.786314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.786338] kthread+0x337/0x6f0 [ 14.786359] ? trace_preempt_on+0x20/0xc0 [ 14.786381] ? __pfx_kthread+0x10/0x10 [ 14.786402] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.786425] ? calculate_sigpending+0x7b/0xa0 [ 14.786449] ? __pfx_kthread+0x10/0x10 [ 14.786471] ret_from_fork+0x116/0x1d0 [ 14.786502] ? __pfx_kthread+0x10/0x10 [ 14.786522] ret_from_fork_asm+0x1a/0x30 [ 14.786553] </TASK> [ 14.786564] [ 14.796286] Allocated by task 284: [ 14.796562] kasan_save_stack+0x45/0x70 [ 14.796913] kasan_save_track+0x18/0x40 [ 14.797119] kasan_save_alloc_info+0x3b/0x50 [ 14.797352] __kasan_kmalloc+0xb7/0xc0 [ 14.797650] __kmalloc_cache_noprof+0x189/0x420 [ 14.797878] kasan_atomics+0x95/0x310 [ 14.798233] kunit_try_run_case+0x1a5/0x480 [ 14.798429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798608] kthread+0x337/0x6f0 [ 14.798731] ret_from_fork+0x116/0x1d0 [ 14.798924] ret_from_fork_asm+0x1a/0x30 [ 14.799271] [ 14.799583] The buggy address belongs to the object at ffff888103a28200 [ 14.799583] which belongs to the cache kmalloc-64 of size 64 [ 14.800281] The buggy address is located 0 bytes to the right of [ 14.800281] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.801179] [ 14.801288] The buggy address belongs to the physical page: [ 14.801636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.801932] flags: 0x200000000000000(node=0|zone=2) [ 14.802364] page_type: f5(slab) [ 14.802615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.802957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.803657] page dumped because: kasan: bad access detected [ 14.803956] [ 14.804233] Memory state around the buggy address: [ 14.804462] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.804948] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.805421] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.805812] ^ [ 14.805982] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.806506] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807002] ================================================================== [ 14.733594] ================================================================== [ 14.733942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.734282] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.735141] [ 14.735251] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.735297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.735319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.735342] Call Trace: [ 14.735394] <TASK> [ 14.735409] dump_stack_lvl+0x73/0xb0 [ 14.735440] print_report+0xd1/0x610 [ 14.735493] ? __virt_addr_valid+0x1db/0x2d0 [ 14.735517] ? kasan_atomics_helper+0x3df/0x5450 [ 14.735539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.735563] ? kasan_atomics_helper+0x3df/0x5450 [ 14.735585] kasan_report+0x141/0x180 [ 14.735608] ? kasan_atomics_helper+0x3df/0x5450 [ 14.735634] kasan_check_range+0x10c/0x1c0 [ 14.735658] __kasan_check_read+0x15/0x20 [ 14.735677] kasan_atomics_helper+0x3df/0x5450 [ 14.735701] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.735723] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.735749] ? trace_hardirqs_on+0x37/0xe0 [ 14.735772] ? kasan_atomics+0x152/0x310 [ 14.735798] kasan_atomics+0x1dc/0x310 [ 14.735821] ? __pfx_kasan_atomics+0x10/0x10 [ 14.735845] ? __pfx_kasan_atomics+0x10/0x10 [ 14.735871] kunit_try_run_case+0x1a5/0x480 [ 14.735896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.735942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.735967] ? __kthread_parkme+0x82/0x180 [ 14.735989] ? preempt_count_sub+0x50/0x80 [ 14.736199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.736226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.736252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.736277] kthread+0x337/0x6f0 [ 14.736297] ? trace_preempt_on+0x20/0xc0 [ 14.736336] ? __pfx_kthread+0x10/0x10 [ 14.736357] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.736380] ? calculate_sigpending+0x7b/0xa0 [ 14.736404] ? __pfx_kthread+0x10/0x10 [ 14.736426] ret_from_fork+0x116/0x1d0 [ 14.736445] ? __pfx_kthread+0x10/0x10 [ 14.736487] ret_from_fork_asm+0x1a/0x30 [ 14.736519] </TASK> [ 14.736529] [ 14.746759] Allocated by task 284: [ 14.746974] kasan_save_stack+0x45/0x70 [ 14.747326] kasan_save_track+0x18/0x40 [ 14.747618] kasan_save_alloc_info+0x3b/0x50 [ 14.747790] __kasan_kmalloc+0xb7/0xc0 [ 14.748294] __kmalloc_cache_noprof+0x189/0x420 [ 14.748529] kasan_atomics+0x95/0x310 [ 14.748836] kunit_try_run_case+0x1a5/0x480 [ 14.749169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.749430] kthread+0x337/0x6f0 [ 14.749661] ret_from_fork+0x116/0x1d0 [ 14.749849] ret_from_fork_asm+0x1a/0x30 [ 14.750219] [ 14.750323] The buggy address belongs to the object at ffff888103a28200 [ 14.750323] which belongs to the cache kmalloc-64 of size 64 [ 14.750821] The buggy address is located 0 bytes to the right of [ 14.750821] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.751282] [ 14.751532] The buggy address belongs to the physical page: [ 14.751729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.752348] flags: 0x200000000000000(node=0|zone=2) [ 14.752618] page_type: f5(slab) [ 14.752784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.753292] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.753717] page dumped because: kasan: bad access detected [ 14.753946] [ 14.754146] Memory state around the buggy address: [ 14.754382] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.754804] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.755201] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.755552] ^ [ 14.755780] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.756423] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.756786] ================================================================== [ 16.054680] ================================================================== [ 16.054947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.055398] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.055804] [ 16.055903] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.055948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.055960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.056014] Call Trace: [ 16.056031] <TASK> [ 16.056046] dump_stack_lvl+0x73/0xb0 [ 16.056099] print_report+0xd1/0x610 [ 16.056120] ? __virt_addr_valid+0x1db/0x2d0 [ 16.056142] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.056164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.056189] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.056212] kasan_report+0x141/0x180 [ 16.056234] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.056261] kasan_check_range+0x10c/0x1c0 [ 16.056313] __kasan_check_write+0x18/0x20 [ 16.056350] kasan_atomics_helper+0x20c8/0x5450 [ 16.056401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.056424] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.056448] ? trace_hardirqs_on+0x37/0xe0 [ 16.056501] ? kasan_atomics+0x152/0x310 [ 16.056530] kasan_atomics+0x1dc/0x310 [ 16.056553] ? __pfx_kasan_atomics+0x10/0x10 [ 16.056577] ? __pfx_kasan_atomics+0x10/0x10 [ 16.056604] kunit_try_run_case+0x1a5/0x480 [ 16.056628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.056652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.056676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.056700] ? __kthread_parkme+0x82/0x180 [ 16.056720] ? preempt_count_sub+0x50/0x80 [ 16.056745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.056769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.056794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.056819] kthread+0x337/0x6f0 [ 16.056838] ? trace_preempt_on+0x20/0xc0 [ 16.056861] ? __pfx_kthread+0x10/0x10 [ 16.056881] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.056903] ? calculate_sigpending+0x7b/0xa0 [ 16.056927] ? __pfx_kthread+0x10/0x10 [ 16.056948] ret_from_fork+0x116/0x1d0 [ 16.056966] ? __pfx_kthread+0x10/0x10 [ 16.056992] ret_from_fork_asm+0x1a/0x30 [ 16.057022] </TASK> [ 16.057032] [ 16.064994] Allocated by task 284: [ 16.065127] kasan_save_stack+0x45/0x70 [ 16.065342] kasan_save_track+0x18/0x40 [ 16.065602] kasan_save_alloc_info+0x3b/0x50 [ 16.065875] __kasan_kmalloc+0xb7/0xc0 [ 16.066098] __kmalloc_cache_noprof+0x189/0x420 [ 16.066333] kasan_atomics+0x95/0x310 [ 16.066555] kunit_try_run_case+0x1a5/0x480 [ 16.066705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.066956] kthread+0x337/0x6f0 [ 16.067175] ret_from_fork+0x116/0x1d0 [ 16.067422] ret_from_fork_asm+0x1a/0x30 [ 16.067749] [ 16.067844] The buggy address belongs to the object at ffff888103a28200 [ 16.067844] which belongs to the cache kmalloc-64 of size 64 [ 16.068302] The buggy address is located 0 bytes to the right of [ 16.068302] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.068930] [ 16.069029] The buggy address belongs to the physical page: [ 16.069201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.069564] flags: 0x200000000000000(node=0|zone=2) [ 16.069798] page_type: f5(slab) [ 16.069965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.070301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.070711] page dumped because: kasan: bad access detected [ 16.070887] [ 16.070955] Memory state around the buggy address: [ 16.071178] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.071564] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.071960] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.072215] ^ [ 16.072401] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.072791] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073231] ================================================================== [ 15.374362] ================================================================== [ 15.375047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.375566] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.375955] [ 15.376302] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.376365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.376378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.376399] Call Trace: [ 15.376415] <TASK> [ 15.376431] dump_stack_lvl+0x73/0xb0 [ 15.376460] print_report+0xd1/0x610 [ 15.376482] ? __virt_addr_valid+0x1db/0x2d0 [ 15.376516] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.376537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.376561] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.376584] kasan_report+0x141/0x180 [ 15.376606] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.376632] __asan_report_load4_noabort+0x18/0x20 [ 15.376657] kasan_atomics_helper+0x4a02/0x5450 [ 15.376681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.376703] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.376728] ? trace_hardirqs_on+0x37/0xe0 [ 15.376750] ? kasan_atomics+0x152/0x310 [ 15.376777] kasan_atomics+0x1dc/0x310 [ 15.376799] ? __pfx_kasan_atomics+0x10/0x10 [ 15.376823] ? __pfx_kasan_atomics+0x10/0x10 [ 15.376851] kunit_try_run_case+0x1a5/0x480 [ 15.376874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.376897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.376923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.376947] ? __kthread_parkme+0x82/0x180 [ 15.376978] ? preempt_count_sub+0x50/0x80 [ 15.377003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.377027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.377052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.377077] kthread+0x337/0x6f0 [ 15.377096] ? trace_preempt_on+0x20/0xc0 [ 15.377119] ? __pfx_kthread+0x10/0x10 [ 15.377140] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.377162] ? calculate_sigpending+0x7b/0xa0 [ 15.377187] ? __pfx_kthread+0x10/0x10 [ 15.377209] ret_from_fork+0x116/0x1d0 [ 15.377228] ? __pfx_kthread+0x10/0x10 [ 15.377248] ret_from_fork_asm+0x1a/0x30 [ 15.377279] </TASK> [ 15.377289] [ 15.387435] Allocated by task 284: [ 15.387814] kasan_save_stack+0x45/0x70 [ 15.388124] kasan_save_track+0x18/0x40 [ 15.388328] kasan_save_alloc_info+0x3b/0x50 [ 15.388636] __kasan_kmalloc+0xb7/0xc0 [ 15.388815] __kmalloc_cache_noprof+0x189/0x420 [ 15.389035] kasan_atomics+0x95/0x310 [ 15.389215] kunit_try_run_case+0x1a5/0x480 [ 15.389415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389928] kthread+0x337/0x6f0 [ 15.390094] ret_from_fork+0x116/0x1d0 [ 15.390236] ret_from_fork_asm+0x1a/0x30 [ 15.390657] [ 15.390821] The buggy address belongs to the object at ffff888103a28200 [ 15.390821] which belongs to the cache kmalloc-64 of size 64 [ 15.391466] The buggy address is located 0 bytes to the right of [ 15.391466] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.391991] [ 15.392083] The buggy address belongs to the physical page: [ 15.392337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.392931] flags: 0x200000000000000(node=0|zone=2) [ 15.393278] page_type: f5(slab) [ 15.393474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.393916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.394299] page dumped because: kasan: bad access detected [ 15.394720] [ 15.394821] Memory state around the buggy address: [ 15.395179] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.395654] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.396064] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.396472] ^ [ 15.396728] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397028] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397358] ================================================================== [ 15.699422] ================================================================== [ 15.699732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.699968] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.700210] [ 15.700297] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.700350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.700362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.700383] Call Trace: [ 15.700397] <TASK> [ 15.700410] dump_stack_lvl+0x73/0xb0 [ 15.700438] print_report+0xd1/0x610 [ 15.700460] ? __virt_addr_valid+0x1db/0x2d0 [ 15.700503] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.700526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.700549] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.700572] kasan_report+0x141/0x180 [ 15.700595] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.700622] kasan_check_range+0x10c/0x1c0 [ 15.700646] __kasan_check_write+0x18/0x20 [ 15.700666] kasan_atomics_helper+0x18b1/0x5450 [ 15.700690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.700713] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.700737] ? trace_hardirqs_on+0x37/0xe0 [ 15.700759] ? kasan_atomics+0x152/0x310 [ 15.700786] kasan_atomics+0x1dc/0x310 [ 15.700809] ? __pfx_kasan_atomics+0x10/0x10 [ 15.700832] ? __pfx_kasan_atomics+0x10/0x10 [ 15.700859] kunit_try_run_case+0x1a5/0x480 [ 15.700883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.700907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.700932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.700956] ? __kthread_parkme+0x82/0x180 [ 15.700982] ? preempt_count_sub+0x50/0x80 [ 15.701006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.701055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.701080] kthread+0x337/0x6f0 [ 15.701101] ? trace_preempt_on+0x20/0xc0 [ 15.701123] ? __pfx_kthread+0x10/0x10 [ 15.701145] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.701167] ? calculate_sigpending+0x7b/0xa0 [ 15.701191] ? __pfx_kthread+0x10/0x10 [ 15.701213] ret_from_fork+0x116/0x1d0 [ 15.701233] ? __pfx_kthread+0x10/0x10 [ 15.701254] ret_from_fork_asm+0x1a/0x30 [ 15.701285] </TASK> [ 15.701296] [ 15.708874] Allocated by task 284: [ 15.709051] kasan_save_stack+0x45/0x70 [ 15.709254] kasan_save_track+0x18/0x40 [ 15.709403] kasan_save_alloc_info+0x3b/0x50 [ 15.709579] __kasan_kmalloc+0xb7/0xc0 [ 15.709714] __kmalloc_cache_noprof+0x189/0x420 [ 15.709871] kasan_atomics+0x95/0x310 [ 15.710004] kunit_try_run_case+0x1a5/0x480 [ 15.710212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.710495] kthread+0x337/0x6f0 [ 15.710662] ret_from_fork+0x116/0x1d0 [ 15.710847] ret_from_fork_asm+0x1a/0x30 [ 15.711040] [ 15.711133] The buggy address belongs to the object at ffff888103a28200 [ 15.711133] which belongs to the cache kmalloc-64 of size 64 [ 15.711690] The buggy address is located 0 bytes to the right of [ 15.711690] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.712170] [ 15.712244] The buggy address belongs to the physical page: [ 15.712426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.712815] flags: 0x200000000000000(node=0|zone=2) [ 15.713062] page_type: f5(slab) [ 15.713229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.713609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.713903] page dumped because: kasan: bad access detected [ 15.714142] [ 15.714223] Memory state around the buggy address: [ 15.714435] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.714753] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.715033] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.715304] ^ [ 15.715544] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.715812] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.716097] ================================================================== [ 14.949612] ================================================================== [ 14.950115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.950520] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.950877] [ 14.950988] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.951033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.951045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.951152] Call Trace: [ 14.951183] <TASK> [ 14.951199] dump_stack_lvl+0x73/0xb0 [ 14.951231] print_report+0xd1/0x610 [ 14.951284] ? __virt_addr_valid+0x1db/0x2d0 [ 14.951326] ? kasan_atomics_helper+0x860/0x5450 [ 14.951349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.951374] ? kasan_atomics_helper+0x860/0x5450 [ 14.951397] kasan_report+0x141/0x180 [ 14.951447] ? kasan_atomics_helper+0x860/0x5450 [ 14.951475] kasan_check_range+0x10c/0x1c0 [ 14.951511] __kasan_check_write+0x18/0x20 [ 14.951545] kasan_atomics_helper+0x860/0x5450 [ 14.951568] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.951609] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.951642] ? trace_hardirqs_on+0x37/0xe0 [ 14.951666] ? kasan_atomics+0x152/0x310 [ 14.951704] kasan_atomics+0x1dc/0x310 [ 14.951727] ? __pfx_kasan_atomics+0x10/0x10 [ 14.951752] ? __pfx_kasan_atomics+0x10/0x10 [ 14.951779] kunit_try_run_case+0x1a5/0x480 [ 14.951830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.951853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.951879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.951914] ? __kthread_parkme+0x82/0x180 [ 14.951935] ? preempt_count_sub+0x50/0x80 [ 14.951976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.952071] kthread+0x337/0x6f0 [ 14.952091] ? trace_preempt_on+0x20/0xc0 [ 14.952113] ? __pfx_kthread+0x10/0x10 [ 14.952134] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.952275] ? calculate_sigpending+0x7b/0xa0 [ 14.952301] ? __pfx_kthread+0x10/0x10 [ 14.952333] ret_from_fork+0x116/0x1d0 [ 14.952356] ? __pfx_kthread+0x10/0x10 [ 14.952377] ret_from_fork_asm+0x1a/0x30 [ 14.952430] </TASK> [ 14.952449] [ 14.962680] Allocated by task 284: [ 14.962887] kasan_save_stack+0x45/0x70 [ 14.963127] kasan_save_track+0x18/0x40 [ 14.963422] kasan_save_alloc_info+0x3b/0x50 [ 14.963703] __kasan_kmalloc+0xb7/0xc0 [ 14.963895] __kmalloc_cache_noprof+0x189/0x420 [ 14.964104] kasan_atomics+0x95/0x310 [ 14.964421] kunit_try_run_case+0x1a5/0x480 [ 14.964589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.965006] kthread+0x337/0x6f0 [ 14.965739] ret_from_fork+0x116/0x1d0 [ 14.966866] ret_from_fork_asm+0x1a/0x30 [ 14.967323] [ 14.967409] The buggy address belongs to the object at ffff888103a28200 [ 14.967409] which belongs to the cache kmalloc-64 of size 64 [ 14.968457] The buggy address is located 0 bytes to the right of [ 14.968457] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.969002] [ 14.969089] The buggy address belongs to the physical page: [ 14.969356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.970285] flags: 0x200000000000000(node=0|zone=2) [ 14.970661] page_type: f5(slab) [ 14.970943] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.971519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.971968] page dumped because: kasan: bad access detected [ 14.972373] [ 14.972480] Memory state around the buggy address: [ 14.972905] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.973564] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.974006] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.974429] ^ [ 14.974869] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.975506] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.975947] ================================================================== [ 16.015451] ================================================================== [ 16.015948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.016340] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 16.016733] [ 16.016861] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.016908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.016950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.016977] Call Trace: [ 16.016993] <TASK> [ 16.017019] dump_stack_lvl+0x73/0xb0 [ 16.017048] print_report+0xd1/0x610 [ 16.017070] ? __virt_addr_valid+0x1db/0x2d0 [ 16.017093] ? kasan_atomics_helper+0x2006/0x5450 [ 16.017115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.017139] ? kasan_atomics_helper+0x2006/0x5450 [ 16.017191] kasan_report+0x141/0x180 [ 16.017214] ? kasan_atomics_helper+0x2006/0x5450 [ 16.017263] kasan_check_range+0x10c/0x1c0 [ 16.017313] __kasan_check_write+0x18/0x20 [ 16.017342] kasan_atomics_helper+0x2006/0x5450 [ 16.017366] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.017399] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.017424] ? trace_hardirqs_on+0x37/0xe0 [ 16.017446] ? kasan_atomics+0x152/0x310 [ 16.017473] kasan_atomics+0x1dc/0x310 [ 16.017516] ? __pfx_kasan_atomics+0x10/0x10 [ 16.017539] ? __pfx_kasan_atomics+0x10/0x10 [ 16.017596] kunit_try_run_case+0x1a5/0x480 [ 16.017621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.017654] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.017680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.017705] ? __kthread_parkme+0x82/0x180 [ 16.017726] ? preempt_count_sub+0x50/0x80 [ 16.017750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.017774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.017798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.017823] kthread+0x337/0x6f0 [ 16.017842] ? trace_preempt_on+0x20/0xc0 [ 16.017864] ? __pfx_kthread+0x10/0x10 [ 16.017885] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.017907] ? calculate_sigpending+0x7b/0xa0 [ 16.017932] ? __pfx_kthread+0x10/0x10 [ 16.017953] ret_from_fork+0x116/0x1d0 [ 16.017971] ? __pfx_kthread+0x10/0x10 [ 16.017992] ret_from_fork_asm+0x1a/0x30 [ 16.018022] </TASK> [ 16.018033] [ 16.025930] Allocated by task 284: [ 16.026060] kasan_save_stack+0x45/0x70 [ 16.026213] kasan_save_track+0x18/0x40 [ 16.026416] kasan_save_alloc_info+0x3b/0x50 [ 16.026732] __kasan_kmalloc+0xb7/0xc0 [ 16.026938] __kmalloc_cache_noprof+0x189/0x420 [ 16.027166] kasan_atomics+0x95/0x310 [ 16.027337] kunit_try_run_case+0x1a5/0x480 [ 16.027544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.027784] kthread+0x337/0x6f0 [ 16.027932] ret_from_fork+0x116/0x1d0 [ 16.028104] ret_from_fork_asm+0x1a/0x30 [ 16.028292] [ 16.028467] The buggy address belongs to the object at ffff888103a28200 [ 16.028467] which belongs to the cache kmalloc-64 of size 64 [ 16.028939] The buggy address is located 0 bytes to the right of [ 16.028939] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.029402] [ 16.029570] The buggy address belongs to the physical page: [ 16.029833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.030287] flags: 0x200000000000000(node=0|zone=2) [ 16.030605] page_type: f5(slab) [ 16.030745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.031072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.031312] page dumped because: kasan: bad access detected [ 16.031641] [ 16.031736] Memory state around the buggy address: [ 16.031966] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.032413] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.032806] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.033145] ^ [ 16.033377] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.033623] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.033940] ================================================================== [ 15.734452] ================================================================== [ 15.734775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.735040] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.735267] [ 15.735364] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.735407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.735418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.735440] Call Trace: [ 15.735454] <TASK> [ 15.735469] dump_stack_lvl+0x73/0xb0 [ 15.735518] print_report+0xd1/0x610 [ 15.735540] ? __virt_addr_valid+0x1db/0x2d0 [ 15.735563] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.735585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.735609] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.735632] kasan_report+0x141/0x180 [ 15.735654] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.735681] kasan_check_range+0x10c/0x1c0 [ 15.735706] __kasan_check_write+0x18/0x20 [ 15.735725] kasan_atomics_helper+0x19e3/0x5450 [ 15.735749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.735772] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.735796] ? trace_hardirqs_on+0x37/0xe0 [ 15.735818] ? kasan_atomics+0x152/0x310 [ 15.735846] kasan_atomics+0x1dc/0x310 [ 15.735869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.735893] ? __pfx_kasan_atomics+0x10/0x10 [ 15.735921] kunit_try_run_case+0x1a5/0x480 [ 15.735944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.735968] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.735992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.736016] ? __kthread_parkme+0x82/0x180 [ 15.736036] ? preempt_count_sub+0x50/0x80 [ 15.736061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.736086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.736110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.736135] kthread+0x337/0x6f0 [ 15.736156] ? trace_preempt_on+0x20/0xc0 [ 15.736178] ? __pfx_kthread+0x10/0x10 [ 15.736199] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.736222] ? calculate_sigpending+0x7b/0xa0 [ 15.736246] ? __pfx_kthread+0x10/0x10 [ 15.736268] ret_from_fork+0x116/0x1d0 [ 15.736287] ? __pfx_kthread+0x10/0x10 [ 15.736308] ret_from_fork_asm+0x1a/0x30 [ 15.736348] </TASK> [ 15.736358] [ 15.743694] Allocated by task 284: [ 15.743826] kasan_save_stack+0x45/0x70 [ 15.744022] kasan_save_track+0x18/0x40 [ 15.744215] kasan_save_alloc_info+0x3b/0x50 [ 15.744443] __kasan_kmalloc+0xb7/0xc0 [ 15.744653] __kmalloc_cache_noprof+0x189/0x420 [ 15.744879] kasan_atomics+0x95/0x310 [ 15.745075] kunit_try_run_case+0x1a5/0x480 [ 15.745284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.745571] kthread+0x337/0x6f0 [ 15.745747] ret_from_fork+0x116/0x1d0 [ 15.745938] ret_from_fork_asm+0x1a/0x30 [ 15.746139] [ 15.746231] The buggy address belongs to the object at ffff888103a28200 [ 15.746231] which belongs to the cache kmalloc-64 of size 64 [ 15.746621] The buggy address is located 0 bytes to the right of [ 15.746621] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.746994] [ 15.747065] The buggy address belongs to the physical page: [ 15.747240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.747609] flags: 0x200000000000000(node=0|zone=2) [ 15.747843] page_type: f5(slab) [ 15.748009] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.748367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.748706] page dumped because: kasan: bad access detected [ 15.748954] [ 15.749053] Memory state around the buggy address: [ 15.749273] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.751554] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.751869] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.752087] ^ [ 15.752244] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.752544] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.752854] ================================================================== [ 14.757286] ================================================================== [ 14.757735] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.758155] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.758501] [ 14.758703] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.758748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.758761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.758781] Call Trace: [ 14.758796] <TASK> [ 14.758811] dump_stack_lvl+0x73/0xb0 [ 14.758840] print_report+0xd1/0x610 [ 14.758928] ? __virt_addr_valid+0x1db/0x2d0 [ 14.758969] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.758991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.759091] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.759115] kasan_report+0x141/0x180 [ 14.759138] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.759234] __asan_report_load4_noabort+0x18/0x20 [ 14.759279] kasan_atomics_helper+0x4b54/0x5450 [ 14.759314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.759337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.759363] ? trace_hardirqs_on+0x37/0xe0 [ 14.759384] ? kasan_atomics+0x152/0x310 [ 14.759412] kasan_atomics+0x1dc/0x310 [ 14.759435] ? __pfx_kasan_atomics+0x10/0x10 [ 14.759458] ? __pfx_kasan_atomics+0x10/0x10 [ 14.759485] kunit_try_run_case+0x1a5/0x480 [ 14.759510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.759551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.759576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.759600] ? __kthread_parkme+0x82/0x180 [ 14.759620] ? preempt_count_sub+0x50/0x80 [ 14.759645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.759669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.759694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.759719] kthread+0x337/0x6f0 [ 14.759738] ? trace_preempt_on+0x20/0xc0 [ 14.759760] ? __pfx_kthread+0x10/0x10 [ 14.759782] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.759804] ? calculate_sigpending+0x7b/0xa0 [ 14.759828] ? __pfx_kthread+0x10/0x10 [ 14.759850] ret_from_fork+0x116/0x1d0 [ 14.759869] ? __pfx_kthread+0x10/0x10 [ 14.759890] ret_from_fork_asm+0x1a/0x30 [ 14.759921] </TASK> [ 14.759932] [ 14.770984] Allocated by task 284: [ 14.771220] kasan_save_stack+0x45/0x70 [ 14.771445] kasan_save_track+0x18/0x40 [ 14.771826] kasan_save_alloc_info+0x3b/0x50 [ 14.772473] __kasan_kmalloc+0xb7/0xc0 [ 14.772924] __kmalloc_cache_noprof+0x189/0x420 [ 14.773358] kasan_atomics+0x95/0x310 [ 14.773600] kunit_try_run_case+0x1a5/0x480 [ 14.773947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.774337] kthread+0x337/0x6f0 [ 14.774693] ret_from_fork+0x116/0x1d0 [ 14.775065] ret_from_fork_asm+0x1a/0x30 [ 14.775259] [ 14.775443] The buggy address belongs to the object at ffff888103a28200 [ 14.775443] which belongs to the cache kmalloc-64 of size 64 [ 14.775920] The buggy address is located 0 bytes to the right of [ 14.775920] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.776679] [ 14.776865] The buggy address belongs to the physical page: [ 14.777826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.778253] flags: 0x200000000000000(node=0|zone=2) [ 14.778611] page_type: f5(slab) [ 14.778748] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.779237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.779708] page dumped because: kasan: bad access detected [ 14.779981] [ 14.780189] Memory state around the buggy address: [ 14.780367] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.780893] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.781174] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.781754] ^ [ 14.782093] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.782390] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.782850] ================================================================== [ 15.565436] ================================================================== [ 15.566192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.566871] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.567563] [ 15.567735] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.567801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.567813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.567834] Call Trace: [ 15.567849] <TASK> [ 15.567864] dump_stack_lvl+0x73/0xb0 [ 15.567893] print_report+0xd1/0x610 [ 15.567915] ? __virt_addr_valid+0x1db/0x2d0 [ 15.567939] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.567961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.567985] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.568008] kasan_report+0x141/0x180 [ 15.568030] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.568057] __asan_report_store8_noabort+0x1b/0x30 [ 15.568083] kasan_atomics_helper+0x50d4/0x5450 [ 15.568107] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.568129] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.568154] ? trace_hardirqs_on+0x37/0xe0 [ 15.568177] ? kasan_atomics+0x152/0x310 [ 15.568205] kasan_atomics+0x1dc/0x310 [ 15.568227] ? __pfx_kasan_atomics+0x10/0x10 [ 15.568251] ? __pfx_kasan_atomics+0x10/0x10 [ 15.568278] kunit_try_run_case+0x1a5/0x480 [ 15.568303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.568338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.568362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.568387] ? __kthread_parkme+0x82/0x180 [ 15.568407] ? preempt_count_sub+0x50/0x80 [ 15.568431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.568456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.568487] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.568512] kthread+0x337/0x6f0 [ 15.568532] ? trace_preempt_on+0x20/0xc0 [ 15.568555] ? __pfx_kthread+0x10/0x10 [ 15.568576] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.568598] ? calculate_sigpending+0x7b/0xa0 [ 15.568622] ? __pfx_kthread+0x10/0x10 [ 15.568644] ret_from_fork+0x116/0x1d0 [ 15.568663] ? __pfx_kthread+0x10/0x10 [ 15.568685] ret_from_fork_asm+0x1a/0x30 [ 15.568716] </TASK> [ 15.568727] [ 15.579510] Allocated by task 284: [ 15.579816] kasan_save_stack+0x45/0x70 [ 15.580160] kasan_save_track+0x18/0x40 [ 15.580530] kasan_save_alloc_info+0x3b/0x50 [ 15.580914] __kasan_kmalloc+0xb7/0xc0 [ 15.581255] __kmalloc_cache_noprof+0x189/0x420 [ 15.581678] kasan_atomics+0x95/0x310 [ 15.582022] kunit_try_run_case+0x1a5/0x480 [ 15.582417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582904] kthread+0x337/0x6f0 [ 15.583213] ret_from_fork+0x116/0x1d0 [ 15.583584] ret_from_fork_asm+0x1a/0x30 [ 15.583932] [ 15.584087] The buggy address belongs to the object at ffff888103a28200 [ 15.584087] which belongs to the cache kmalloc-64 of size 64 [ 15.584772] The buggy address is located 0 bytes to the right of [ 15.584772] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.585146] [ 15.585217] The buggy address belongs to the physical page: [ 15.585556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.586203] flags: 0x200000000000000(node=0|zone=2) [ 15.586670] page_type: f5(slab) [ 15.586956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.587626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.588261] page dumped because: kasan: bad access detected [ 15.588751] [ 15.588907] Memory state around the buggy address: [ 15.589273] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589576] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.590178] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.590804] ^ [ 15.590964] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591182] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591472] ================================================================== [ 15.967182] ================================================================== [ 15.968669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.969680] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.970896] [ 15.971092] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.971139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971173] Call Trace: [ 15.971190] <TASK> [ 15.971205] dump_stack_lvl+0x73/0xb0 [ 15.971235] print_report+0xd1/0x610 [ 15.971257] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971280] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.971302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971339] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.971362] kasan_report+0x141/0x180 [ 15.971386] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.971414] kasan_check_range+0x10c/0x1c0 [ 15.971440] __kasan_check_write+0x18/0x20 [ 15.971460] kasan_atomics_helper+0x1f43/0x5450 [ 15.971646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971682] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971747] ? trace_hardirqs_on+0x37/0xe0 [ 15.971773] ? kasan_atomics+0x152/0x310 [ 15.971801] kasan_atomics+0x1dc/0x310 [ 15.971824] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971848] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971875] kunit_try_run_case+0x1a5/0x480 [ 15.971899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.971922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.971947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.971971] ? __kthread_parkme+0x82/0x180 [ 15.971991] ? preempt_count_sub+0x50/0x80 [ 15.972015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972090] kthread+0x337/0x6f0 [ 15.972109] ? trace_preempt_on+0x20/0xc0 [ 15.972132] ? __pfx_kthread+0x10/0x10 [ 15.972153] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972175] ? calculate_sigpending+0x7b/0xa0 [ 15.972200] ? __pfx_kthread+0x10/0x10 [ 15.972221] ret_from_fork+0x116/0x1d0 [ 15.972240] ? __pfx_kthread+0x10/0x10 [ 15.972260] ret_from_fork_asm+0x1a/0x30 [ 15.972291] </TASK> [ 15.972301] [ 15.987239] Allocated by task 284: [ 15.987534] kasan_save_stack+0x45/0x70 [ 15.987954] kasan_save_track+0x18/0x40 [ 15.988352] kasan_save_alloc_info+0x3b/0x50 [ 15.988792] __kasan_kmalloc+0xb7/0xc0 [ 15.989178] __kmalloc_cache_noprof+0x189/0x420 [ 15.989630] kasan_atomics+0x95/0x310 [ 15.989824] kunit_try_run_case+0x1a5/0x480 [ 15.989973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.990153] kthread+0x337/0x6f0 [ 15.990274] ret_from_fork+0x116/0x1d0 [ 15.990425] ret_from_fork_asm+0x1a/0x30 [ 15.990638] [ 15.990715] The buggy address belongs to the object at ffff888103a28200 [ 15.990715] which belongs to the cache kmalloc-64 of size 64 [ 15.991223] The buggy address is located 0 bytes to the right of [ 15.991223] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.991735] [ 15.991810] The buggy address belongs to the physical page: [ 15.992063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.992464] flags: 0x200000000000000(node=0|zone=2) [ 15.992723] page_type: f5(slab) [ 15.992862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.993275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.993642] page dumped because: kasan: bad access detected [ 15.993846] [ 15.993917] Memory state around the buggy address: [ 15.994100] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.994447] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.994806] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.995131] ^ [ 15.995340] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.995691] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.995940] ================================================================== [ 15.254654] ================================================================== [ 15.254986] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.255675] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.255931] [ 15.256227] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.256274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.256286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.256307] Call Trace: [ 15.256337] <TASK> [ 15.256352] dump_stack_lvl+0x73/0xb0 [ 15.256382] print_report+0xd1/0x610 [ 15.256407] ? __virt_addr_valid+0x1db/0x2d0 [ 15.256432] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.256455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.256479] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.256578] kasan_report+0x141/0x180 [ 15.256602] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.256629] kasan_check_range+0x10c/0x1c0 [ 15.256653] __kasan_check_write+0x18/0x20 [ 15.256674] kasan_atomics_helper+0xfa9/0x5450 [ 15.256698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.256721] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.256746] ? trace_hardirqs_on+0x37/0xe0 [ 15.256768] ? kasan_atomics+0x152/0x310 [ 15.256796] kasan_atomics+0x1dc/0x310 [ 15.256819] ? __pfx_kasan_atomics+0x10/0x10 [ 15.256843] ? __pfx_kasan_atomics+0x10/0x10 [ 15.256870] kunit_try_run_case+0x1a5/0x480 [ 15.256895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.256918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.256942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.256974] ? __kthread_parkme+0x82/0x180 [ 15.256995] ? preempt_count_sub+0x50/0x80 [ 15.257019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.257094] kthread+0x337/0x6f0 [ 15.257114] ? trace_preempt_on+0x20/0xc0 [ 15.257135] ? __pfx_kthread+0x10/0x10 [ 15.257157] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.257179] ? calculate_sigpending+0x7b/0xa0 [ 15.257203] ? __pfx_kthread+0x10/0x10 [ 15.257225] ret_from_fork+0x116/0x1d0 [ 15.257244] ? __pfx_kthread+0x10/0x10 [ 15.257265] ret_from_fork_asm+0x1a/0x30 [ 15.257296] </TASK> [ 15.257307] [ 15.267196] Allocated by task 284: [ 15.267566] kasan_save_stack+0x45/0x70 [ 15.267877] kasan_save_track+0x18/0x40 [ 15.268116] kasan_save_alloc_info+0x3b/0x50 [ 15.268290] __kasan_kmalloc+0xb7/0xc0 [ 15.268618] __kmalloc_cache_noprof+0x189/0x420 [ 15.268861] kasan_atomics+0x95/0x310 [ 15.269046] kunit_try_run_case+0x1a5/0x480 [ 15.269242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.269481] kthread+0x337/0x6f0 [ 15.269868] ret_from_fork+0x116/0x1d0 [ 15.270116] ret_from_fork_asm+0x1a/0x30 [ 15.270280] [ 15.270393] The buggy address belongs to the object at ffff888103a28200 [ 15.270393] which belongs to the cache kmalloc-64 of size 64 [ 15.271085] The buggy address is located 0 bytes to the right of [ 15.271085] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.271949] [ 15.272106] The buggy address belongs to the physical page: [ 15.272348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.272883] flags: 0x200000000000000(node=0|zone=2) [ 15.273112] page_type: f5(slab) [ 15.273260] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.273766] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.274128] page dumped because: kasan: bad access detected [ 15.274344] [ 15.274574] Memory state around the buggy address: [ 15.274862] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.275135] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.275552] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.275929] ^ [ 15.276141] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.276449] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.277174] ================================================================== [ 15.231825] ================================================================== [ 15.232167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.232787] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.233108] [ 15.233219] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.233262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.233274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.233295] Call Trace: [ 15.233320] <TASK> [ 15.233335] dump_stack_lvl+0x73/0xb0 [ 15.233363] print_report+0xd1/0x610 [ 15.233385] ? __virt_addr_valid+0x1db/0x2d0 [ 15.233408] ? kasan_atomics_helper+0xf10/0x5450 [ 15.233429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.233453] ? kasan_atomics_helper+0xf10/0x5450 [ 15.233476] kasan_report+0x141/0x180 [ 15.233801] ? kasan_atomics_helper+0xf10/0x5450 [ 15.233830] kasan_check_range+0x10c/0x1c0 [ 15.233855] __kasan_check_write+0x18/0x20 [ 15.233875] kasan_atomics_helper+0xf10/0x5450 [ 15.233899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.233922] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.233946] ? trace_hardirqs_on+0x37/0xe0 [ 15.233970] ? kasan_atomics+0x152/0x310 [ 15.233997] kasan_atomics+0x1dc/0x310 [ 15.234021] ? __pfx_kasan_atomics+0x10/0x10 [ 15.234045] ? __pfx_kasan_atomics+0x10/0x10 [ 15.234072] kunit_try_run_case+0x1a5/0x480 [ 15.234097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.234120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.234144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.234169] ? __kthread_parkme+0x82/0x180 [ 15.234189] ? preempt_count_sub+0x50/0x80 [ 15.234214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.234239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.234263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.234289] kthread+0x337/0x6f0 [ 15.234320] ? trace_preempt_on+0x20/0xc0 [ 15.234343] ? __pfx_kthread+0x10/0x10 [ 15.234364] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.234387] ? calculate_sigpending+0x7b/0xa0 [ 15.234411] ? __pfx_kthread+0x10/0x10 [ 15.234433] ret_from_fork+0x116/0x1d0 [ 15.234452] ? __pfx_kthread+0x10/0x10 [ 15.234473] ret_from_fork_asm+0x1a/0x30 [ 15.234515] </TASK> [ 15.234526] [ 15.244398] Allocated by task 284: [ 15.244787] kasan_save_stack+0x45/0x70 [ 15.245056] kasan_save_track+0x18/0x40 [ 15.245219] kasan_save_alloc_info+0x3b/0x50 [ 15.245450] __kasan_kmalloc+0xb7/0xc0 [ 15.245662] __kmalloc_cache_noprof+0x189/0x420 [ 15.246121] kasan_atomics+0x95/0x310 [ 15.246304] kunit_try_run_case+0x1a5/0x480 [ 15.246667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.246968] kthread+0x337/0x6f0 [ 15.247105] ret_from_fork+0x116/0x1d0 [ 15.247298] ret_from_fork_asm+0x1a/0x30 [ 15.247632] [ 15.247778] The buggy address belongs to the object at ffff888103a28200 [ 15.247778] which belongs to the cache kmalloc-64 of size 64 [ 15.248356] The buggy address is located 0 bytes to the right of [ 15.248356] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.248981] [ 15.249196] The buggy address belongs to the physical page: [ 15.249408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.249945] flags: 0x200000000000000(node=0|zone=2) [ 15.250128] page_type: f5(slab) [ 15.250385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.250879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.251250] page dumped because: kasan: bad access detected [ 15.251578] [ 15.251691] Memory state around the buggy address: [ 15.251859] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.252172] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.252727] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.253021] ^ [ 15.253236] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253652] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254016] ================================================================== [ 14.709354] ================================================================== [ 14.709765] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.710283] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.710582] [ 14.710723] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.710768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710812] Call Trace: [ 14.710828] <TASK> [ 14.710843] dump_stack_lvl+0x73/0xb0 [ 14.710871] print_report+0xd1/0x610 [ 14.710893] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710915] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.710937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.710961] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.710984] kasan_report+0x141/0x180 [ 14.711111] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.711142] __asan_report_store4_noabort+0x1b/0x30 [ 14.711169] kasan_atomics_helper+0x4b6e/0x5450 [ 14.711202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.711225] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.711250] ? trace_hardirqs_on+0x37/0xe0 [ 14.711273] ? kasan_atomics+0x152/0x310 [ 14.711339] kasan_atomics+0x1dc/0x310 [ 14.711363] ? __pfx_kasan_atomics+0x10/0x10 [ 14.711399] ? __pfx_kasan_atomics+0x10/0x10 [ 14.711426] kunit_try_run_case+0x1a5/0x480 [ 14.711451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.711499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.711524] ? __kthread_parkme+0x82/0x180 [ 14.711545] ? preempt_count_sub+0x50/0x80 [ 14.711570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711686] kthread+0x337/0x6f0 [ 14.711707] ? trace_preempt_on+0x20/0xc0 [ 14.711730] ? __pfx_kthread+0x10/0x10 [ 14.711751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711774] ? calculate_sigpending+0x7b/0xa0 [ 14.711827] ? __pfx_kthread+0x10/0x10 [ 14.711848] ret_from_fork+0x116/0x1d0 [ 14.711867] ? __pfx_kthread+0x10/0x10 [ 14.711899] ret_from_fork_asm+0x1a/0x30 [ 14.711930] </TASK> [ 14.711941] [ 14.722488] Allocated by task 284: [ 14.722621] kasan_save_stack+0x45/0x70 [ 14.722828] kasan_save_track+0x18/0x40 [ 14.723059] kasan_save_alloc_info+0x3b/0x50 [ 14.723397] __kasan_kmalloc+0xb7/0xc0 [ 14.723676] __kmalloc_cache_noprof+0x189/0x420 [ 14.723918] kasan_atomics+0x95/0x310 [ 14.724071] kunit_try_run_case+0x1a5/0x480 [ 14.724451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.724789] kthread+0x337/0x6f0 [ 14.725025] ret_from_fork+0x116/0x1d0 [ 14.725180] ret_from_fork_asm+0x1a/0x30 [ 14.725449] [ 14.725526] The buggy address belongs to the object at ffff888103a28200 [ 14.725526] which belongs to the cache kmalloc-64 of size 64 [ 14.726208] The buggy address is located 0 bytes to the right of [ 14.726208] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.726998] [ 14.727112] The buggy address belongs to the physical page: [ 14.727377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.727804] flags: 0x200000000000000(node=0|zone=2) [ 14.728090] page_type: f5(slab) [ 14.729912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.730182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.730441] page dumped because: kasan: bad access detected [ 14.730617] [ 14.730688] Memory state around the buggy address: [ 14.730847] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.731069] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.731287] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.731513] ^ [ 14.731678] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732643] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.733004] ================================================================== [ 15.946146] ================================================================== [ 15.946838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.947560] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.948168] [ 15.948349] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.948394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.948407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.948428] Call Trace: [ 15.948445] <TASK> [ 15.948460] dump_stack_lvl+0x73/0xb0 [ 15.948510] print_report+0xd1/0x610 [ 15.948533] ? __virt_addr_valid+0x1db/0x2d0 [ 15.948556] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.948578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.948602] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.948624] kasan_report+0x141/0x180 [ 15.948647] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.948674] kasan_check_range+0x10c/0x1c0 [ 15.948698] __kasan_check_write+0x18/0x20 [ 15.948719] kasan_atomics_helper+0x1eaa/0x5450 [ 15.948744] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.948767] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.948791] ? trace_hardirqs_on+0x37/0xe0 [ 15.948812] ? kasan_atomics+0x152/0x310 [ 15.948839] kasan_atomics+0x1dc/0x310 [ 15.948862] ? __pfx_kasan_atomics+0x10/0x10 [ 15.948885] ? __pfx_kasan_atomics+0x10/0x10 [ 15.948913] kunit_try_run_case+0x1a5/0x480 [ 15.948937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.948960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.948993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.949017] ? __kthread_parkme+0x82/0x180 [ 15.949038] ? preempt_count_sub+0x50/0x80 [ 15.949062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.949086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.949111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.949139] kthread+0x337/0x6f0 [ 15.949159] ? trace_preempt_on+0x20/0xc0 [ 15.949182] ? __pfx_kthread+0x10/0x10 [ 15.949203] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.949226] ? calculate_sigpending+0x7b/0xa0 [ 15.949251] ? __pfx_kthread+0x10/0x10 [ 15.949272] ret_from_fork+0x116/0x1d0 [ 15.949292] ? __pfx_kthread+0x10/0x10 [ 15.949313] ret_from_fork_asm+0x1a/0x30 [ 15.949353] </TASK> [ 15.949364] [ 15.959005] Allocated by task 284: [ 15.959203] kasan_save_stack+0x45/0x70 [ 15.959403] kasan_save_track+0x18/0x40 [ 15.959708] kasan_save_alloc_info+0x3b/0x50 [ 15.959886] __kasan_kmalloc+0xb7/0xc0 [ 15.960078] __kmalloc_cache_noprof+0x189/0x420 [ 15.960258] kasan_atomics+0x95/0x310 [ 15.960403] kunit_try_run_case+0x1a5/0x480 [ 15.960756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.961008] kthread+0x337/0x6f0 [ 15.961158] ret_from_fork+0x116/0x1d0 [ 15.961291] ret_from_fork_asm+0x1a/0x30 [ 15.961440] [ 15.961512] The buggy address belongs to the object at ffff888103a28200 [ 15.961512] which belongs to the cache kmalloc-64 of size 64 [ 15.961938] The buggy address is located 0 bytes to the right of [ 15.961938] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.962497] [ 15.962594] The buggy address belongs to the physical page: [ 15.962842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.963166] flags: 0x200000000000000(node=0|zone=2) [ 15.963339] page_type: f5(slab) [ 15.963460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.964211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.964512] page dumped because: kasan: bad access detected [ 15.964730] [ 15.964825] Memory state around the buggy address: [ 15.965026] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.965331] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.965671] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.965924] ^ [ 15.966142] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.966430] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.966753] ================================================================== [ 15.894805] ================================================================== [ 15.895218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.895904] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.896231] [ 15.896347] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.896392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.896405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.896427] Call Trace: [ 15.896442] <TASK> [ 15.896456] dump_stack_lvl+0x73/0xb0 [ 15.896486] print_report+0xd1/0x610 [ 15.896805] ? __virt_addr_valid+0x1db/0x2d0 [ 15.896833] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.896855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.896879] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.896902] kasan_report+0x141/0x180 [ 15.896925] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.896951] kasan_check_range+0x10c/0x1c0 [ 15.896983] __kasan_check_write+0x18/0x20 [ 15.897002] kasan_atomics_helper+0x1d7a/0x5450 [ 15.897026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.897049] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.897073] ? trace_hardirqs_on+0x37/0xe0 [ 15.897096] ? kasan_atomics+0x152/0x310 [ 15.897123] kasan_atomics+0x1dc/0x310 [ 15.897146] ? __pfx_kasan_atomics+0x10/0x10 [ 15.897170] ? __pfx_kasan_atomics+0x10/0x10 [ 15.897198] kunit_try_run_case+0x1a5/0x480 [ 15.897222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.897245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.897270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.897297] ? __kthread_parkme+0x82/0x180 [ 15.897330] ? preempt_count_sub+0x50/0x80 [ 15.897356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.897380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.897431] kthread+0x337/0x6f0 [ 15.897451] ? trace_preempt_on+0x20/0xc0 [ 15.897473] ? __pfx_kthread+0x10/0x10 [ 15.897494] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.897518] ? calculate_sigpending+0x7b/0xa0 [ 15.897542] ? __pfx_kthread+0x10/0x10 [ 15.897564] ret_from_fork+0x116/0x1d0 [ 15.897583] ? __pfx_kthread+0x10/0x10 [ 15.897604] ret_from_fork_asm+0x1a/0x30 [ 15.897634] </TASK> [ 15.897645] [ 15.908783] Allocated by task 284: [ 15.909156] kasan_save_stack+0x45/0x70 [ 15.909482] kasan_save_track+0x18/0x40 [ 15.909683] kasan_save_alloc_info+0x3b/0x50 [ 15.909886] __kasan_kmalloc+0xb7/0xc0 [ 15.910084] __kmalloc_cache_noprof+0x189/0x420 [ 15.910296] kasan_atomics+0x95/0x310 [ 15.910491] kunit_try_run_case+0x1a5/0x480 [ 15.911041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.911376] kthread+0x337/0x6f0 [ 15.911520] ret_from_fork+0x116/0x1d0 [ 15.911794] ret_from_fork_asm+0x1a/0x30 [ 15.912216] [ 15.912331] The buggy address belongs to the object at ffff888103a28200 [ 15.912331] which belongs to the cache kmalloc-64 of size 64 [ 15.912874] The buggy address is located 0 bytes to the right of [ 15.912874] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.913866] [ 15.913950] The buggy address belongs to the physical page: [ 15.914423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.914889] flags: 0x200000000000000(node=0|zone=2) [ 15.915207] page_type: f5(slab) [ 15.915349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.915739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.916059] page dumped because: kasan: bad access detected [ 15.916302] [ 15.916730] Memory state around the buggy address: [ 15.916934] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.917452] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.917993] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.918412] ^ [ 15.918779] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919182] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919530] ================================================================== [ 15.781977] ================================================================== [ 15.782660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.782925] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.783145] [ 15.783232] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.783278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.783312] Call Trace: [ 15.783341] <TASK> [ 15.783356] dump_stack_lvl+0x73/0xb0 [ 15.783385] print_report+0xd1/0x610 [ 15.783409] ? __virt_addr_valid+0x1db/0x2d0 [ 15.783432] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.783454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.783478] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.783500] kasan_report+0x141/0x180 [ 15.783523] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.783561] kasan_check_range+0x10c/0x1c0 [ 15.783585] __kasan_check_write+0x18/0x20 [ 15.783606] kasan_atomics_helper+0x1b22/0x5450 [ 15.783629] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.783652] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.783677] ? trace_hardirqs_on+0x37/0xe0 [ 15.783700] ? kasan_atomics+0x152/0x310 [ 15.783727] kasan_atomics+0x1dc/0x310 [ 15.783751] ? __pfx_kasan_atomics+0x10/0x10 [ 15.783774] ? __pfx_kasan_atomics+0x10/0x10 [ 15.783802] kunit_try_run_case+0x1a5/0x480 [ 15.783826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.783875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.783899] ? __kthread_parkme+0x82/0x180 [ 15.783919] ? preempt_count_sub+0x50/0x80 [ 15.783944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.784018] kthread+0x337/0x6f0 [ 15.784039] ? trace_preempt_on+0x20/0xc0 [ 15.784061] ? __pfx_kthread+0x10/0x10 [ 15.784082] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.784104] ? calculate_sigpending+0x7b/0xa0 [ 15.784130] ? __pfx_kthread+0x10/0x10 [ 15.784151] ret_from_fork+0x116/0x1d0 [ 15.784171] ? __pfx_kthread+0x10/0x10 [ 15.784193] ret_from_fork_asm+0x1a/0x30 [ 15.784223] </TASK> [ 15.784235] [ 15.793655] Allocated by task 284: [ 15.793852] kasan_save_stack+0x45/0x70 [ 15.794048] kasan_save_track+0x18/0x40 [ 15.794235] kasan_save_alloc_info+0x3b/0x50 [ 15.794451] __kasan_kmalloc+0xb7/0xc0 [ 15.794706] __kmalloc_cache_noprof+0x189/0x420 [ 15.794860] kasan_atomics+0x95/0x310 [ 15.794996] kunit_try_run_case+0x1a5/0x480 [ 15.795205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.795473] kthread+0x337/0x6f0 [ 15.795637] ret_from_fork+0x116/0x1d0 [ 15.795799] ret_from_fork_asm+0x1a/0x30 [ 15.795980] [ 15.796067] The buggy address belongs to the object at ffff888103a28200 [ 15.796067] which belongs to the cache kmalloc-64 of size 64 [ 15.796576] The buggy address is located 0 bytes to the right of [ 15.796576] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.797050] [ 15.797144] The buggy address belongs to the physical page: [ 15.797362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.797712] flags: 0x200000000000000(node=0|zone=2) [ 15.797924] page_type: f5(slab) [ 15.798088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.798386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.798668] page dumped because: kasan: bad access detected [ 15.798872] [ 15.798960] Memory state around the buggy address: [ 15.799176] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.799451] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.799857] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.800065] ^ [ 15.800217] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.800712] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802094] ================================================================== [ 15.470905] ================================================================== [ 15.471548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.471969] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.472294] [ 15.472399] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.472444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.472457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.472478] Call Trace: [ 15.472495] <TASK> [ 15.472511] dump_stack_lvl+0x73/0xb0 [ 15.472539] print_report+0xd1/0x610 [ 15.472562] ? __virt_addr_valid+0x1db/0x2d0 [ 15.472585] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.472606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.472632] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.472654] kasan_report+0x141/0x180 [ 15.472677] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.472705] __asan_report_load4_noabort+0x18/0x20 [ 15.472730] kasan_atomics_helper+0x49ce/0x5450 [ 15.472754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.472777] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.472802] ? trace_hardirqs_on+0x37/0xe0 [ 15.472826] ? kasan_atomics+0x152/0x310 [ 15.472852] kasan_atomics+0x1dc/0x310 [ 15.472876] ? __pfx_kasan_atomics+0x10/0x10 [ 15.472900] ? __pfx_kasan_atomics+0x10/0x10 [ 15.472927] kunit_try_run_case+0x1a5/0x480 [ 15.472952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.472980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.473004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.473029] ? __kthread_parkme+0x82/0x180 [ 15.473050] ? preempt_count_sub+0x50/0x80 [ 15.473073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.473123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.473148] kthread+0x337/0x6f0 [ 15.473168] ? trace_preempt_on+0x20/0xc0 [ 15.473190] ? __pfx_kthread+0x10/0x10 [ 15.473212] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.473234] ? calculate_sigpending+0x7b/0xa0 [ 15.473258] ? __pfx_kthread+0x10/0x10 [ 15.473280] ret_from_fork+0x116/0x1d0 [ 15.473300] ? __pfx_kthread+0x10/0x10 [ 15.473617] ret_from_fork_asm+0x1a/0x30 [ 15.473654] </TASK> [ 15.473665] [ 15.483940] Allocated by task 284: [ 15.484258] kasan_save_stack+0x45/0x70 [ 15.484582] kasan_save_track+0x18/0x40 [ 15.484857] kasan_save_alloc_info+0x3b/0x50 [ 15.485164] __kasan_kmalloc+0xb7/0xc0 [ 15.485361] __kmalloc_cache_noprof+0x189/0x420 [ 15.485736] kasan_atomics+0x95/0x310 [ 15.485935] kunit_try_run_case+0x1a5/0x480 [ 15.486265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.486632] kthread+0x337/0x6f0 [ 15.486888] ret_from_fork+0x116/0x1d0 [ 15.487041] ret_from_fork_asm+0x1a/0x30 [ 15.487267] [ 15.487377] The buggy address belongs to the object at ffff888103a28200 [ 15.487377] which belongs to the cache kmalloc-64 of size 64 [ 15.488145] The buggy address is located 0 bytes to the right of [ 15.488145] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.488778] [ 15.488940] The buggy address belongs to the physical page: [ 15.489194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.489721] flags: 0x200000000000000(node=0|zone=2) [ 15.490014] page_type: f5(slab) [ 15.490153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.490511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.491034] page dumped because: kasan: bad access detected [ 15.491357] [ 15.491458] Memory state around the buggy address: [ 15.491852] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.492234] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.492663] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.492956] ^ [ 15.493184] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.493494] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494040] ================================================================== [ 15.494912] ================================================================== [ 15.495932] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.496336] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.496764] [ 15.497162] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.497212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.497225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.497246] Call Trace: [ 15.497261] <TASK> [ 15.497275] dump_stack_lvl+0x73/0xb0 [ 15.497304] print_report+0xd1/0x610 [ 15.497341] ? __virt_addr_valid+0x1db/0x2d0 [ 15.497364] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.497386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.497410] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.497432] kasan_report+0x141/0x180 [ 15.497455] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.497482] kasan_check_range+0x10c/0x1c0 [ 15.497596] __kasan_check_read+0x15/0x20 [ 15.497620] kasan_atomics_helper+0x13b5/0x5450 [ 15.497643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.497666] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.497691] ? trace_hardirqs_on+0x37/0xe0 [ 15.497713] ? kasan_atomics+0x152/0x310 [ 15.497741] kasan_atomics+0x1dc/0x310 [ 15.497764] ? __pfx_kasan_atomics+0x10/0x10 [ 15.497787] ? __pfx_kasan_atomics+0x10/0x10 [ 15.497815] kunit_try_run_case+0x1a5/0x480 [ 15.497839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.497863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.497887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.497911] ? __kthread_parkme+0x82/0x180 [ 15.497931] ? preempt_count_sub+0x50/0x80 [ 15.497956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.497980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.498004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.498029] kthread+0x337/0x6f0 [ 15.498048] ? trace_preempt_on+0x20/0xc0 [ 15.498070] ? __pfx_kthread+0x10/0x10 [ 15.498091] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.498113] ? calculate_sigpending+0x7b/0xa0 [ 15.498137] ? __pfx_kthread+0x10/0x10 [ 15.498158] ret_from_fork+0x116/0x1d0 [ 15.498177] ? __pfx_kthread+0x10/0x10 [ 15.498198] ret_from_fork_asm+0x1a/0x30 [ 15.498228] </TASK> [ 15.498238] [ 15.509094] Allocated by task 284: [ 15.509262] kasan_save_stack+0x45/0x70 [ 15.509483] kasan_save_track+0x18/0x40 [ 15.509905] kasan_save_alloc_info+0x3b/0x50 [ 15.510192] __kasan_kmalloc+0xb7/0xc0 [ 15.510385] __kmalloc_cache_noprof+0x189/0x420 [ 15.510792] kasan_atomics+0x95/0x310 [ 15.511065] kunit_try_run_case+0x1a5/0x480 [ 15.511352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.511669] kthread+0x337/0x6f0 [ 15.511920] ret_from_fork+0x116/0x1d0 [ 15.512096] ret_from_fork_asm+0x1a/0x30 [ 15.512292] [ 15.512398] The buggy address belongs to the object at ffff888103a28200 [ 15.512398] which belongs to the cache kmalloc-64 of size 64 [ 15.513172] The buggy address is located 0 bytes to the right of [ 15.513172] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.513945] [ 15.514035] The buggy address belongs to the physical page: [ 15.514399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.514859] flags: 0x200000000000000(node=0|zone=2) [ 15.515205] page_type: f5(slab) [ 15.515395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.515933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.516346] page dumped because: kasan: bad access detected [ 15.516726] [ 15.516828] Memory state around the buggy address: [ 15.517136] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.517440] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.517949] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.518539] ^ [ 15.518727] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519046] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519365] ================================================================== [ 15.803451] ================================================================== [ 15.804716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.805610] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.806104] [ 15.806196] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.806241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.806254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.806275] Call Trace: [ 15.806291] <TASK> [ 15.806307] dump_stack_lvl+0x73/0xb0 [ 15.806351] print_report+0xd1/0x610 [ 15.806373] ? __virt_addr_valid+0x1db/0x2d0 [ 15.806395] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.806418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.806442] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.806464] kasan_report+0x141/0x180 [ 15.806493] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.806520] kasan_check_range+0x10c/0x1c0 [ 15.806544] __kasan_check_write+0x18/0x20 [ 15.806565] kasan_atomics_helper+0x1c18/0x5450 [ 15.806588] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.806611] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.806636] ? trace_hardirqs_on+0x37/0xe0 [ 15.806658] ? kasan_atomics+0x152/0x310 [ 15.806686] kasan_atomics+0x1dc/0x310 [ 15.806709] ? __pfx_kasan_atomics+0x10/0x10 [ 15.806733] ? __pfx_kasan_atomics+0x10/0x10 [ 15.806760] kunit_try_run_case+0x1a5/0x480 [ 15.806784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.806832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.806856] ? __kthread_parkme+0x82/0x180 [ 15.806876] ? preempt_count_sub+0x50/0x80 [ 15.806901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.806974] kthread+0x337/0x6f0 [ 15.806993] ? trace_preempt_on+0x20/0xc0 [ 15.807016] ? __pfx_kthread+0x10/0x10 [ 15.807037] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.807059] ? calculate_sigpending+0x7b/0xa0 [ 15.807083] ? __pfx_kthread+0x10/0x10 [ 15.807105] ret_from_fork+0x116/0x1d0 [ 15.807123] ? __pfx_kthread+0x10/0x10 [ 15.807144] ret_from_fork_asm+0x1a/0x30 [ 15.807174] </TASK> [ 15.807184] [ 15.823851] Allocated by task 284: [ 15.824204] kasan_save_stack+0x45/0x70 [ 15.824613] kasan_save_track+0x18/0x40 [ 15.824984] kasan_save_alloc_info+0x3b/0x50 [ 15.825394] __kasan_kmalloc+0xb7/0xc0 [ 15.825793] __kmalloc_cache_noprof+0x189/0x420 [ 15.826079] kasan_atomics+0x95/0x310 [ 15.826218] kunit_try_run_case+0x1a5/0x480 [ 15.826377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.826688] kthread+0x337/0x6f0 [ 15.827014] ret_from_fork+0x116/0x1d0 [ 15.827384] ret_from_fork_asm+0x1a/0x30 [ 15.827766] [ 15.827945] The buggy address belongs to the object at ffff888103a28200 [ 15.827945] which belongs to the cache kmalloc-64 of size 64 [ 15.829142] The buggy address is located 0 bytes to the right of [ 15.829142] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.829775] [ 15.829855] The buggy address belongs to the physical page: [ 15.830028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.830268] flags: 0x200000000000000(node=0|zone=2) [ 15.830441] page_type: f5(slab) [ 15.830812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.831749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.832497] page dumped because: kasan: bad access detected [ 15.833066] [ 15.833230] Memory state around the buggy address: [ 15.833838] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.834574] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.835292] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.835999] ^ [ 15.836331] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.836576] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837332] ================================================================== [ 15.920385] ================================================================== [ 15.921137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.921602] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.921853] [ 15.922178] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.922357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922395] Call Trace: [ 15.922409] <TASK> [ 15.922424] dump_stack_lvl+0x73/0xb0 [ 15.922455] print_report+0xd1/0x610 [ 15.922478] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922511] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.922533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922557] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.922580] kasan_report+0x141/0x180 [ 15.922604] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.922632] kasan_check_range+0x10c/0x1c0 [ 15.922660] __kasan_check_write+0x18/0x20 [ 15.922681] kasan_atomics_helper+0x1e12/0x5450 [ 15.922704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.922727] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.922751] ? trace_hardirqs_on+0x37/0xe0 [ 15.922775] ? kasan_atomics+0x152/0x310 [ 15.922802] kasan_atomics+0x1dc/0x310 [ 15.922825] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922849] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922876] kunit_try_run_case+0x1a5/0x480 [ 15.922902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.922951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.922975] ? __kthread_parkme+0x82/0x180 [ 15.922996] ? preempt_count_sub+0x50/0x80 [ 15.923021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.923096] kthread+0x337/0x6f0 [ 15.923115] ? trace_preempt_on+0x20/0xc0 [ 15.923138] ? __pfx_kthread+0x10/0x10 [ 15.923159] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.923181] ? calculate_sigpending+0x7b/0xa0 [ 15.923205] ? __pfx_kthread+0x10/0x10 [ 15.923227] ret_from_fork+0x116/0x1d0 [ 15.923246] ? __pfx_kthread+0x10/0x10 [ 15.923267] ret_from_fork_asm+0x1a/0x30 [ 15.923297] </TASK> [ 15.923308] [ 15.934444] Allocated by task 284: [ 15.934602] kasan_save_stack+0x45/0x70 [ 15.935066] kasan_save_track+0x18/0x40 [ 15.935380] kasan_save_alloc_info+0x3b/0x50 [ 15.935781] __kasan_kmalloc+0xb7/0xc0 [ 15.936113] __kmalloc_cache_noprof+0x189/0x420 [ 15.936453] kasan_atomics+0x95/0x310 [ 15.936620] kunit_try_run_case+0x1a5/0x480 [ 15.936771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.936951] kthread+0x337/0x6f0 [ 15.937086] ret_from_fork+0x116/0x1d0 [ 15.937221] ret_from_fork_asm+0x1a/0x30 [ 15.937421] [ 15.937556] The buggy address belongs to the object at ffff888103a28200 [ 15.937556] which belongs to the cache kmalloc-64 of size 64 [ 15.938170] The buggy address is located 0 bytes to the right of [ 15.938170] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.939074] [ 15.939234] The buggy address belongs to the physical page: [ 15.939761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.940211] flags: 0x200000000000000(node=0|zone=2) [ 15.940388] page_type: f5(slab) [ 15.940559] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.941247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.941921] page dumped because: kasan: bad access detected [ 15.942408] [ 15.942551] Memory state around the buggy address: [ 15.942709] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.942930] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943148] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.943447] ^ [ 15.943878] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944508] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945117] ================================================================== [ 15.447224] ================================================================== [ 15.447789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.448246] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.448493] [ 15.448774] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.448824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.448957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.448988] Call Trace: [ 15.449004] <TASK> [ 15.449018] dump_stack_lvl+0x73/0xb0 [ 15.449048] print_report+0xd1/0x610 [ 15.449070] ? __virt_addr_valid+0x1db/0x2d0 [ 15.449093] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.449114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.449138] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.449162] kasan_report+0x141/0x180 [ 15.449185] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.449211] kasan_check_range+0x10c/0x1c0 [ 15.449236] __kasan_check_write+0x18/0x20 [ 15.449255] kasan_atomics_helper+0x12e6/0x5450 [ 15.449279] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.449301] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.449337] ? trace_hardirqs_on+0x37/0xe0 [ 15.449360] ? kasan_atomics+0x152/0x310 [ 15.449388] kasan_atomics+0x1dc/0x310 [ 15.449411] ? __pfx_kasan_atomics+0x10/0x10 [ 15.449434] ? __pfx_kasan_atomics+0x10/0x10 [ 15.449461] kunit_try_run_case+0x1a5/0x480 [ 15.449486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.449510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.449536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.449561] ? __kthread_parkme+0x82/0x180 [ 15.449581] ? preempt_count_sub+0x50/0x80 [ 15.449606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.449629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.449654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.449679] kthread+0x337/0x6f0 [ 15.449698] ? trace_preempt_on+0x20/0xc0 [ 15.449721] ? __pfx_kthread+0x10/0x10 [ 15.449743] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.449765] ? calculate_sigpending+0x7b/0xa0 [ 15.449790] ? __pfx_kthread+0x10/0x10 [ 15.449812] ret_from_fork+0x116/0x1d0 [ 15.449832] ? __pfx_kthread+0x10/0x10 [ 15.449853] ret_from_fork_asm+0x1a/0x30 [ 15.449884] </TASK> [ 15.449895] [ 15.460192] Allocated by task 284: [ 15.460375] kasan_save_stack+0x45/0x70 [ 15.460628] kasan_save_track+0x18/0x40 [ 15.461084] kasan_save_alloc_info+0x3b/0x50 [ 15.461408] __kasan_kmalloc+0xb7/0xc0 [ 15.461592] __kmalloc_cache_noprof+0x189/0x420 [ 15.461890] kasan_atomics+0x95/0x310 [ 15.462126] kunit_try_run_case+0x1a5/0x480 [ 15.462324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.462710] kthread+0x337/0x6f0 [ 15.462880] ret_from_fork+0x116/0x1d0 [ 15.463201] ret_from_fork_asm+0x1a/0x30 [ 15.463514] [ 15.463613] The buggy address belongs to the object at ffff888103a28200 [ 15.463613] which belongs to the cache kmalloc-64 of size 64 [ 15.464221] The buggy address is located 0 bytes to the right of [ 15.464221] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.464945] [ 15.465058] The buggy address belongs to the physical page: [ 15.465450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.465879] flags: 0x200000000000000(node=0|zone=2) [ 15.466194] page_type: f5(slab) [ 15.466334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.466904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.467302] page dumped because: kasan: bad access detected [ 15.467624] [ 15.467726] Memory state around the buggy address: [ 15.468016] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.468329] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.468624] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.468901] ^ [ 15.469103] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469794] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.470148] ================================================================== [ 15.540478] ================================================================== [ 15.540836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.541627] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.541952] [ 15.542062] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.542105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.542118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.542163] Call Trace: [ 15.542179] <TASK> [ 15.542194] dump_stack_lvl+0x73/0xb0 [ 15.542223] print_report+0xd1/0x610 [ 15.542244] ? __virt_addr_valid+0x1db/0x2d0 [ 15.542267] ? kasan_atomics_helper+0x1467/0x5450 [ 15.542291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.542325] ? kasan_atomics_helper+0x1467/0x5450 [ 15.542347] kasan_report+0x141/0x180 [ 15.542370] ? kasan_atomics_helper+0x1467/0x5450 [ 15.542397] kasan_check_range+0x10c/0x1c0 [ 15.542421] __kasan_check_write+0x18/0x20 [ 15.542441] kasan_atomics_helper+0x1467/0x5450 [ 15.542465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.542488] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.542526] ? trace_hardirqs_on+0x37/0xe0 [ 15.542549] ? kasan_atomics+0x152/0x310 [ 15.542593] kasan_atomics+0x1dc/0x310 [ 15.542618] ? __pfx_kasan_atomics+0x10/0x10 [ 15.542656] ? __pfx_kasan_atomics+0x10/0x10 [ 15.542683] kunit_try_run_case+0x1a5/0x480 [ 15.542721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.542795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.542819] ? __kthread_parkme+0x82/0x180 [ 15.542853] ? preempt_count_sub+0x50/0x80 [ 15.542878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.542927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.542952] kthread+0x337/0x6f0 [ 15.542972] ? trace_preempt_on+0x20/0xc0 [ 15.542994] ? __pfx_kthread+0x10/0x10 [ 15.543015] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.543037] ? calculate_sigpending+0x7b/0xa0 [ 15.543062] ? __pfx_kthread+0x10/0x10 [ 15.543084] ret_from_fork+0x116/0x1d0 [ 15.543103] ? __pfx_kthread+0x10/0x10 [ 15.543123] ret_from_fork_asm+0x1a/0x30 [ 15.543154] </TASK> [ 15.543165] [ 15.551079] Allocated by task 284: [ 15.551207] kasan_save_stack+0x45/0x70 [ 15.552250] kasan_save_track+0x18/0x40 [ 15.552891] kasan_save_alloc_info+0x3b/0x50 [ 15.553467] __kasan_kmalloc+0xb7/0xc0 [ 15.554005] __kmalloc_cache_noprof+0x189/0x420 [ 15.554621] kasan_atomics+0x95/0x310 [ 15.555243] kunit_try_run_case+0x1a5/0x480 [ 15.555626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.556033] kthread+0x337/0x6f0 [ 15.556167] ret_from_fork+0x116/0x1d0 [ 15.556306] ret_from_fork_asm+0x1a/0x30 [ 15.556749] [ 15.556927] The buggy address belongs to the object at ffff888103a28200 [ 15.556927] which belongs to the cache kmalloc-64 of size 64 [ 15.557994] The buggy address is located 0 bytes to the right of [ 15.557994] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.558630] [ 15.558810] The buggy address belongs to the physical page: [ 15.559293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.559733] flags: 0x200000000000000(node=0|zone=2) [ 15.559904] page_type: f5(slab) [ 15.560028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.560262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.560559] page dumped because: kasan: bad access detected [ 15.561109] [ 15.561277] Memory state around the buggy address: [ 15.561734] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.562359] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.562996] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.563634] ^ [ 15.564063] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.564706] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.565013] ================================================================== [ 15.119214] ================================================================== [ 15.119969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.120338] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.121011] [ 15.121141] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.121189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.121215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.121236] Call Trace: [ 15.121253] <TASK> [ 15.121269] dump_stack_lvl+0x73/0xb0 [ 15.121299] print_report+0xd1/0x610 [ 15.121529] ? __virt_addr_valid+0x1db/0x2d0 [ 15.121578] ? kasan_atomics_helper+0xc70/0x5450 [ 15.121601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.121625] ? kasan_atomics_helper+0xc70/0x5450 [ 15.121647] kasan_report+0x141/0x180 [ 15.121670] ? kasan_atomics_helper+0xc70/0x5450 [ 15.121697] kasan_check_range+0x10c/0x1c0 [ 15.121722] __kasan_check_write+0x18/0x20 [ 15.121742] kasan_atomics_helper+0xc70/0x5450 [ 15.121766] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.121789] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.121814] ? trace_hardirqs_on+0x37/0xe0 [ 15.121836] ? kasan_atomics+0x152/0x310 [ 15.121863] kasan_atomics+0x1dc/0x310 [ 15.121886] ? __pfx_kasan_atomics+0x10/0x10 [ 15.121910] ? __pfx_kasan_atomics+0x10/0x10 [ 15.121938] kunit_try_run_case+0x1a5/0x480 [ 15.121962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.121985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.122011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.122035] ? __kthread_parkme+0x82/0x180 [ 15.122055] ? preempt_count_sub+0x50/0x80 [ 15.122080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.122104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.122129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.122154] kthread+0x337/0x6f0 [ 15.122174] ? trace_preempt_on+0x20/0xc0 [ 15.122196] ? __pfx_kthread+0x10/0x10 [ 15.122216] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.122239] ? calculate_sigpending+0x7b/0xa0 [ 15.122263] ? __pfx_kthread+0x10/0x10 [ 15.122285] ret_from_fork+0x116/0x1d0 [ 15.122305] ? __pfx_kthread+0x10/0x10 [ 15.122336] ret_from_fork_asm+0x1a/0x30 [ 15.122367] </TASK> [ 15.122377] [ 15.130322] Allocated by task 284: [ 15.130510] kasan_save_stack+0x45/0x70 [ 15.130732] kasan_save_track+0x18/0x40 [ 15.130923] kasan_save_alloc_info+0x3b/0x50 [ 15.131150] __kasan_kmalloc+0xb7/0xc0 [ 15.131336] __kmalloc_cache_noprof+0x189/0x420 [ 15.131530] kasan_atomics+0x95/0x310 [ 15.131715] kunit_try_run_case+0x1a5/0x480 [ 15.131930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.132178] kthread+0x337/0x6f0 [ 15.132365] ret_from_fork+0x116/0x1d0 [ 15.132515] ret_from_fork_asm+0x1a/0x30 [ 15.132706] [ 15.132793] The buggy address belongs to the object at ffff888103a28200 [ 15.132793] which belongs to the cache kmalloc-64 of size 64 [ 15.133330] The buggy address is located 0 bytes to the right of [ 15.133330] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.133897] [ 15.133992] The buggy address belongs to the physical page: [ 15.134247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.134601] flags: 0x200000000000000(node=0|zone=2) [ 15.134832] page_type: f5(slab) [ 15.134976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.135207] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.135438] page dumped because: kasan: bad access detected [ 15.136002] [ 15.136098] Memory state around the buggy address: [ 15.136357] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.136727] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.137043] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.137365] ^ [ 15.137601] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.137908] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.138200] ================================================================== [ 14.641439] ================================================================== [ 14.642330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.642665] Read of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.643516] [ 14.643650] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.643697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.643710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.643732] Call Trace: [ 14.643743] <TASK> [ 14.643759] dump_stack_lvl+0x73/0xb0 [ 14.643790] print_report+0xd1/0x610 [ 14.643812] ? __virt_addr_valid+0x1db/0x2d0 [ 14.643835] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.643857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.643879] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.643900] kasan_report+0x141/0x180 [ 14.643921] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.643947] __asan_report_load4_noabort+0x18/0x20 [ 14.643971] kasan_atomics_helper+0x4bbc/0x5450 [ 14.643992] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.644014] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.644039] ? trace_hardirqs_on+0x37/0xe0 [ 14.644060] ? kasan_atomics+0x152/0x310 [ 14.644086] kasan_atomics+0x1dc/0x310 [ 14.644108] ? __pfx_kasan_atomics+0x10/0x10 [ 14.644132] ? __pfx_kasan_atomics+0x10/0x10 [ 14.644157] kunit_try_run_case+0x1a5/0x480 [ 14.644182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.644204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.644228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.644251] ? __kthread_parkme+0x82/0x180 [ 14.644272] ? preempt_count_sub+0x50/0x80 [ 14.644297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.644332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.644356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.644379] kthread+0x337/0x6f0 [ 14.644399] ? trace_preempt_on+0x20/0xc0 [ 14.644420] ? __pfx_kthread+0x10/0x10 [ 14.644440] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.644461] ? calculate_sigpending+0x7b/0xa0 [ 14.644485] ? __pfx_kthread+0x10/0x10 [ 14.644505] ret_from_fork+0x116/0x1d0 [ 14.644525] ? __pfx_kthread+0x10/0x10 [ 14.644545] ret_from_fork_asm+0x1a/0x30 [ 14.644575] </TASK> [ 14.644585] [ 14.654680] Allocated by task 284: [ 14.654817] kasan_save_stack+0x45/0x70 [ 14.655159] kasan_save_track+0x18/0x40 [ 14.655446] kasan_save_alloc_info+0x3b/0x50 [ 14.655941] __kasan_kmalloc+0xb7/0xc0 [ 14.656215] __kmalloc_cache_noprof+0x189/0x420 [ 14.656435] kasan_atomics+0x95/0x310 [ 14.656681] kunit_try_run_case+0x1a5/0x480 [ 14.656880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.657297] kthread+0x337/0x6f0 [ 14.657427] ret_from_fork+0x116/0x1d0 [ 14.657665] ret_from_fork_asm+0x1a/0x30 [ 14.657983] [ 14.658099] The buggy address belongs to the object at ffff888103a28200 [ 14.658099] which belongs to the cache kmalloc-64 of size 64 [ 14.658960] The buggy address is located 0 bytes to the right of [ 14.658960] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.659622] [ 14.659808] The buggy address belongs to the physical page: [ 14.660120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.660450] flags: 0x200000000000000(node=0|zone=2) [ 14.660821] page_type: f5(slab) [ 14.660981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.661361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.661874] page dumped because: kasan: bad access detected [ 14.662176] [ 14.662331] Memory state around the buggy address: [ 14.662875] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.663221] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.663616] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.663971] ^ [ 14.664408] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.664797] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.665173] ================================================================== [ 15.665197] ================================================================== [ 15.665643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.665952] Write of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.666265] [ 15.666381] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.666426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.666439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.666458] Call Trace: [ 15.666472] <TASK> [ 15.666506] dump_stack_lvl+0x73/0xb0 [ 15.666534] print_report+0xd1/0x610 [ 15.666556] ? __virt_addr_valid+0x1db/0x2d0 [ 15.666579] ? kasan_atomics_helper+0x177f/0x5450 [ 15.666600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.666624] ? kasan_atomics_helper+0x177f/0x5450 [ 15.666647] kasan_report+0x141/0x180 [ 15.666669] ? kasan_atomics_helper+0x177f/0x5450 [ 15.666696] kasan_check_range+0x10c/0x1c0 [ 15.666720] __kasan_check_write+0x18/0x20 [ 15.666741] kasan_atomics_helper+0x177f/0x5450 [ 15.666764] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.666787] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.666812] ? trace_hardirqs_on+0x37/0xe0 [ 15.666834] ? kasan_atomics+0x152/0x310 [ 15.666860] kasan_atomics+0x1dc/0x310 [ 15.666884] ? __pfx_kasan_atomics+0x10/0x10 [ 15.666909] ? __pfx_kasan_atomics+0x10/0x10 [ 15.666936] kunit_try_run_case+0x1a5/0x480 [ 15.666961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.666984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.667009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.667033] ? __kthread_parkme+0x82/0x180 [ 15.667054] ? preempt_count_sub+0x50/0x80 [ 15.667079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.667103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.667129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.667154] kthread+0x337/0x6f0 [ 15.667174] ? trace_preempt_on+0x20/0xc0 [ 15.667197] ? __pfx_kthread+0x10/0x10 [ 15.667218] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.667240] ? calculate_sigpending+0x7b/0xa0 [ 15.667264] ? __pfx_kthread+0x10/0x10 [ 15.667286] ret_from_fork+0x116/0x1d0 [ 15.667306] ? __pfx_kthread+0x10/0x10 [ 15.667336] ret_from_fork_asm+0x1a/0x30 [ 15.667367] </TASK> [ 15.667378] [ 15.674724] Allocated by task 284: [ 15.674891] kasan_save_stack+0x45/0x70 [ 15.675096] kasan_save_track+0x18/0x40 [ 15.675258] kasan_save_alloc_info+0x3b/0x50 [ 15.675506] __kasan_kmalloc+0xb7/0xc0 [ 15.675660] __kmalloc_cache_noprof+0x189/0x420 [ 15.675878] kasan_atomics+0x95/0x310 [ 15.676054] kunit_try_run_case+0x1a5/0x480 [ 15.676205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.676472] kthread+0x337/0x6f0 [ 15.676649] ret_from_fork+0x116/0x1d0 [ 15.676836] ret_from_fork_asm+0x1a/0x30 [ 15.677004] [ 15.677099] The buggy address belongs to the object at ffff888103a28200 [ 15.677099] which belongs to the cache kmalloc-64 of size 64 [ 15.677524] The buggy address is located 0 bytes to the right of [ 15.677524] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.677893] [ 15.677965] The buggy address belongs to the physical page: [ 15.678139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.678423] flags: 0x200000000000000(node=0|zone=2) [ 15.678685] page_type: f5(slab) [ 15.678848] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.679186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.679554] page dumped because: kasan: bad access detected [ 15.679800] [ 15.679890] Memory state around the buggy address: [ 15.680116] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.680400] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.680644] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.680861] ^ [ 15.681088] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681420] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681767] ================================================================== [ 14.830970] ================================================================== [ 14.831407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.831810] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.832406] [ 14.832633] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.832679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.832692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.832713] Call Trace: [ 14.832729] <TASK> [ 14.832762] dump_stack_lvl+0x73/0xb0 [ 14.832794] print_report+0xd1/0x610 [ 14.832816] ? __virt_addr_valid+0x1db/0x2d0 [ 14.832839] ? kasan_atomics_helper+0x565/0x5450 [ 14.832861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.832885] ? kasan_atomics_helper+0x565/0x5450 [ 14.832908] kasan_report+0x141/0x180 [ 14.832931] ? kasan_atomics_helper+0x565/0x5450 [ 14.832965] kasan_check_range+0x10c/0x1c0 [ 14.832990] __kasan_check_write+0x18/0x20 [ 14.833010] kasan_atomics_helper+0x565/0x5450 [ 14.833035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.833058] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.833084] ? trace_hardirqs_on+0x37/0xe0 [ 14.833106] ? kasan_atomics+0x152/0x310 [ 14.833133] kasan_atomics+0x1dc/0x310 [ 14.833156] ? __pfx_kasan_atomics+0x10/0x10 [ 14.833180] ? __pfx_kasan_atomics+0x10/0x10 [ 14.833207] kunit_try_run_case+0x1a5/0x480 [ 14.833232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.833255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.833279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.833303] ? __kthread_parkme+0x82/0x180 [ 14.833497] ? preempt_count_sub+0x50/0x80 [ 14.833534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.833560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.833586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.833620] kthread+0x337/0x6f0 [ 14.833639] ? trace_preempt_on+0x20/0xc0 [ 14.833662] ? __pfx_kthread+0x10/0x10 [ 14.833684] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.833705] ? calculate_sigpending+0x7b/0xa0 [ 14.833730] ? __pfx_kthread+0x10/0x10 [ 14.833751] ret_from_fork+0x116/0x1d0 [ 14.833770] ? __pfx_kthread+0x10/0x10 [ 14.833791] ret_from_fork_asm+0x1a/0x30 [ 14.833822] </TASK> [ 14.833833] [ 14.844386] Allocated by task 284: [ 14.844887] kasan_save_stack+0x45/0x70 [ 14.845405] kasan_save_track+0x18/0x40 [ 14.845715] kasan_save_alloc_info+0x3b/0x50 [ 14.845913] __kasan_kmalloc+0xb7/0xc0 [ 14.846807] __kmalloc_cache_noprof+0x189/0x420 [ 14.847266] kasan_atomics+0x95/0x310 [ 14.847639] kunit_try_run_case+0x1a5/0x480 [ 14.847840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.848483] kthread+0x337/0x6f0 [ 14.848739] ret_from_fork+0x116/0x1d0 [ 14.849234] ret_from_fork_asm+0x1a/0x30 [ 14.849452] [ 14.849766] The buggy address belongs to the object at ffff888103a28200 [ 14.849766] which belongs to the cache kmalloc-64 of size 64 [ 14.851249] The buggy address is located 0 bytes to the right of [ 14.851249] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.852337] [ 14.852518] The buggy address belongs to the physical page: [ 14.852755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.853416] flags: 0x200000000000000(node=0|zone=2) [ 14.853815] page_type: f5(slab) [ 14.853976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.854926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.855383] page dumped because: kasan: bad access detected [ 14.855775] [ 14.855863] Memory state around the buggy address: [ 14.856379] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.856875] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.857645] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.858351] ^ [ 14.858736] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859031] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859295] ================================================================== [ 14.807484] ================================================================== [ 14.807825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.808459] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.808888] [ 14.809020] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.809064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.809077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.809098] Call Trace: [ 14.809113] <TASK> [ 14.809128] dump_stack_lvl+0x73/0xb0 [ 14.809156] print_report+0xd1/0x610 [ 14.809178] ? __virt_addr_valid+0x1db/0x2d0 [ 14.809201] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.809223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.809248] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.809272] kasan_report+0x141/0x180 [ 14.809295] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.809332] __asan_report_store4_noabort+0x1b/0x30 [ 14.809358] kasan_atomics_helper+0x4b3a/0x5450 [ 14.809381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.809403] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.809428] ? trace_hardirqs_on+0x37/0xe0 [ 14.809450] ? kasan_atomics+0x152/0x310 [ 14.809478] kasan_atomics+0x1dc/0x310 [ 14.809600] ? __pfx_kasan_atomics+0x10/0x10 [ 14.809625] ? __pfx_kasan_atomics+0x10/0x10 [ 14.809665] kunit_try_run_case+0x1a5/0x480 [ 14.809689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.809713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.809737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.809761] ? __kthread_parkme+0x82/0x180 [ 14.809781] ? preempt_count_sub+0x50/0x80 [ 14.809805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.809830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.809855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.809879] kthread+0x337/0x6f0 [ 14.809899] ? trace_preempt_on+0x20/0xc0 [ 14.809921] ? __pfx_kthread+0x10/0x10 [ 14.809941] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.809963] ? calculate_sigpending+0x7b/0xa0 [ 14.809987] ? __pfx_kthread+0x10/0x10 [ 14.810009] ret_from_fork+0x116/0x1d0 [ 14.810073] ? __pfx_kthread+0x10/0x10 [ 14.810095] ret_from_fork_asm+0x1a/0x30 [ 14.810125] </TASK> [ 14.810136] [ 14.820417] Allocated by task 284: [ 14.820746] kasan_save_stack+0x45/0x70 [ 14.820981] kasan_save_track+0x18/0x40 [ 14.821178] kasan_save_alloc_info+0x3b/0x50 [ 14.821611] __kasan_kmalloc+0xb7/0xc0 [ 14.821873] __kmalloc_cache_noprof+0x189/0x420 [ 14.822095] kasan_atomics+0x95/0x310 [ 14.822295] kunit_try_run_case+0x1a5/0x480 [ 14.822636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.822893] kthread+0x337/0x6f0 [ 14.823142] ret_from_fork+0x116/0x1d0 [ 14.823332] ret_from_fork_asm+0x1a/0x30 [ 14.823478] [ 14.823702] The buggy address belongs to the object at ffff888103a28200 [ 14.823702] which belongs to the cache kmalloc-64 of size 64 [ 14.824214] The buggy address is located 0 bytes to the right of [ 14.824214] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.825226] [ 14.825383] The buggy address belongs to the physical page: [ 14.825814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.826342] flags: 0x200000000000000(node=0|zone=2) [ 14.826591] page_type: f5(slab) [ 14.826750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.827158] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.827541] page dumped because: kasan: bad access detected [ 14.827827] [ 14.827919] Memory state around the buggy address: [ 14.828287] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.828609] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.828980] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.829286] ^ [ 14.829700] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.830008] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.830456] ================================================================== [ 15.092266] ================================================================== [ 15.092697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.093386] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.094045] [ 15.094164] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.094210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.094223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.094244] Call Trace: [ 15.094262] <TASK> [ 15.094276] dump_stack_lvl+0x73/0xb0 [ 15.094319] print_report+0xd1/0x610 [ 15.094342] ? __virt_addr_valid+0x1db/0x2d0 [ 15.094365] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.094387] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.094410] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.094432] kasan_report+0x141/0x180 [ 15.094456] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.094482] kasan_check_range+0x10c/0x1c0 [ 15.094507] __kasan_check_write+0x18/0x20 [ 15.094526] kasan_atomics_helper+0xb6a/0x5450 [ 15.094549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.094572] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.094598] ? trace_hardirqs_on+0x37/0xe0 [ 15.094620] ? kasan_atomics+0x152/0x310 [ 15.094647] kasan_atomics+0x1dc/0x310 [ 15.094670] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094693] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094720] kunit_try_run_case+0x1a5/0x480 [ 15.094745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.094793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.094816] ? __kthread_parkme+0x82/0x180 [ 15.094837] ? preempt_count_sub+0x50/0x80 [ 15.094861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.094885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.094910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.094935] kthread+0x337/0x6f0 [ 15.094955] ? trace_preempt_on+0x20/0xc0 [ 15.094976] ? __pfx_kthread+0x10/0x10 [ 15.094997] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.095228] ? calculate_sigpending+0x7b/0xa0 [ 15.095339] ? __pfx_kthread+0x10/0x10 [ 15.095365] ret_from_fork+0x116/0x1d0 [ 15.095385] ? __pfx_kthread+0x10/0x10 [ 15.095407] ret_from_fork_asm+0x1a/0x30 [ 15.095438] </TASK> [ 15.095449] [ 15.106920] Allocated by task 284: [ 15.107188] kasan_save_stack+0x45/0x70 [ 15.107679] kasan_save_track+0x18/0x40 [ 15.107883] kasan_save_alloc_info+0x3b/0x50 [ 15.108244] __kasan_kmalloc+0xb7/0xc0 [ 15.108404] __kmalloc_cache_noprof+0x189/0x420 [ 15.108682] kasan_atomics+0x95/0x310 [ 15.108976] kunit_try_run_case+0x1a5/0x480 [ 15.109476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.109764] kthread+0x337/0x6f0 [ 15.110053] ret_from_fork+0x116/0x1d0 [ 15.110323] ret_from_fork_asm+0x1a/0x30 [ 15.110591] [ 15.110713] The buggy address belongs to the object at ffff888103a28200 [ 15.110713] which belongs to the cache kmalloc-64 of size 64 [ 15.111608] The buggy address is located 0 bytes to the right of [ 15.111608] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.112273] [ 15.112393] The buggy address belongs to the physical page: [ 15.112651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.113288] flags: 0x200000000000000(node=0|zone=2) [ 15.113682] page_type: f5(slab) [ 15.113850] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.114151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.114807] page dumped because: kasan: bad access detected [ 15.115106] [ 15.115424] Memory state around the buggy address: [ 15.115828] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.116365] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.116644] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.117076] ^ [ 15.117428] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.117960] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118493] ================================================================== [ 14.665891] ================================================================== [ 14.666387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.666878] Write of size 4 at addr ffff888103a28230 by task kunit_try_catch/284 [ 14.667227] [ 14.667463] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.667524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.667537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.667557] Call Trace: [ 14.667568] <TASK> [ 14.667582] dump_stack_lvl+0x73/0xb0 [ 14.667611] print_report+0xd1/0x610 [ 14.667632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.667654] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.667675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.667698] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.667720] kasan_report+0x141/0x180 [ 14.667741] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.667769] __asan_report_store4_noabort+0x1b/0x30 [ 14.667794] kasan_atomics_helper+0x4ba2/0x5450 [ 14.667816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.667879] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.667904] ? trace_hardirqs_on+0x37/0xe0 [ 14.667925] ? kasan_atomics+0x152/0x310 [ 14.667962] kasan_atomics+0x1dc/0x310 [ 14.667984] ? __pfx_kasan_atomics+0x10/0x10 [ 14.668006] ? __pfx_kasan_atomics+0x10/0x10 [ 14.668082] kunit_try_run_case+0x1a5/0x480 [ 14.668108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.668131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.668156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.668179] ? __kthread_parkme+0x82/0x180 [ 14.668200] ? preempt_count_sub+0x50/0x80 [ 14.668257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.668280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.668320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.668344] kthread+0x337/0x6f0 [ 14.668364] ? trace_preempt_on+0x20/0xc0 [ 14.668385] ? __pfx_kthread+0x10/0x10 [ 14.668405] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.668426] ? calculate_sigpending+0x7b/0xa0 [ 14.668450] ? __pfx_kthread+0x10/0x10 [ 14.668470] ret_from_fork+0x116/0x1d0 [ 14.668489] ? __pfx_kthread+0x10/0x10 [ 14.668509] ret_from_fork_asm+0x1a/0x30 [ 14.668538] </TASK> [ 14.668548] [ 14.677991] Allocated by task 284: [ 14.678327] kasan_save_stack+0x45/0x70 [ 14.678525] kasan_save_track+0x18/0x40 [ 14.678661] kasan_save_alloc_info+0x3b/0x50 [ 14.678810] __kasan_kmalloc+0xb7/0xc0 [ 14.678943] __kmalloc_cache_noprof+0x189/0x420 [ 14.679435] kasan_atomics+0x95/0x310 [ 14.679744] kunit_try_run_case+0x1a5/0x480 [ 14.679971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680189] kthread+0x337/0x6f0 [ 14.680317] ret_from_fork+0x116/0x1d0 [ 14.680557] ret_from_fork_asm+0x1a/0x30 [ 14.680802] [ 14.681012] The buggy address belongs to the object at ffff888103a28200 [ 14.681012] which belongs to the cache kmalloc-64 of size 64 [ 14.681758] The buggy address is located 0 bytes to the right of [ 14.681758] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 14.682452] [ 14.682572] The buggy address belongs to the physical page: [ 14.682869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 14.683112] flags: 0x200000000000000(node=0|zone=2) [ 14.683278] page_type: f5(slab) [ 14.683408] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.683959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.684337] page dumped because: kasan: bad access detected [ 14.684593] [ 14.684685] Memory state around the buggy address: [ 14.684840] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.685174] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.685472] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.685757] ^ [ 14.685937] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686231] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686782] ================================================================== [ 15.838258] ================================================================== [ 15.838927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.839901] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.840338] [ 15.840436] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.840483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.840496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.840520] Call Trace: [ 15.840536] <TASK> [ 15.840552] dump_stack_lvl+0x73/0xb0 [ 15.840581] print_report+0xd1/0x610 [ 15.840603] ? __virt_addr_valid+0x1db/0x2d0 [ 15.840628] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.840652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.840676] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.840699] kasan_report+0x141/0x180 [ 15.840721] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.840749] __asan_report_load8_noabort+0x18/0x20 [ 15.840775] kasan_atomics_helper+0x4f30/0x5450 [ 15.840800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.840822] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.840849] ? trace_hardirqs_on+0x37/0xe0 [ 15.840872] ? kasan_atomics+0x152/0x310 [ 15.840899] kasan_atomics+0x1dc/0x310 [ 15.840923] ? __pfx_kasan_atomics+0x10/0x10 [ 15.840947] ? __pfx_kasan_atomics+0x10/0x10 [ 15.840980] kunit_try_run_case+0x1a5/0x480 [ 15.841005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.841052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.841076] ? __kthread_parkme+0x82/0x180 [ 15.841098] ? preempt_count_sub+0x50/0x80 [ 15.841122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.841173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.841197] kthread+0x337/0x6f0 [ 15.841217] ? trace_preempt_on+0x20/0xc0 [ 15.841239] ? __pfx_kthread+0x10/0x10 [ 15.841259] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.841281] ? calculate_sigpending+0x7b/0xa0 [ 15.841306] ? __pfx_kthread+0x10/0x10 [ 15.841338] ret_from_fork+0x116/0x1d0 [ 15.841357] ? __pfx_kthread+0x10/0x10 [ 15.841377] ret_from_fork_asm+0x1a/0x30 [ 15.841408] </TASK> [ 15.841419] [ 15.855196] Allocated by task 284: [ 15.855686] kasan_save_stack+0x45/0x70 [ 15.855899] kasan_save_track+0x18/0x40 [ 15.856083] kasan_save_alloc_info+0x3b/0x50 [ 15.856285] __kasan_kmalloc+0xb7/0xc0 [ 15.856481] __kmalloc_cache_noprof+0x189/0x420 [ 15.857027] kasan_atomics+0x95/0x310 [ 15.857340] kunit_try_run_case+0x1a5/0x480 [ 15.857737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.858089] kthread+0x337/0x6f0 [ 15.858270] ret_from_fork+0x116/0x1d0 [ 15.858455] ret_from_fork_asm+0x1a/0x30 [ 15.858886] [ 15.858979] The buggy address belongs to the object at ffff888103a28200 [ 15.858979] which belongs to the cache kmalloc-64 of size 64 [ 15.859499] The buggy address is located 0 bytes to the right of [ 15.859499] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 15.860359] [ 15.860465] The buggy address belongs to the physical page: [ 15.860896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 15.861384] flags: 0x200000000000000(node=0|zone=2) [ 15.861803] page_type: f5(slab) [ 15.861980] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.862550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.863331] page dumped because: kasan: bad access detected [ 15.863918] [ 15.864085] Memory state around the buggy address: [ 15.864583] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.864916] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.865145] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.865377] ^ [ 15.865931] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.866714] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.867464] ================================================================== [ 15.996658] ================================================================== [ 15.997029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.997358] Read of size 8 at addr ffff888103a28230 by task kunit_try_catch/284 [ 15.997730] [ 15.997841] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.997884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.997896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.997950] Call Trace: [ 15.997966] <TASK> [ 15.997980] dump_stack_lvl+0x73/0xb0 [ 15.998033] print_report+0xd1/0x610 [ 15.998056] ? __virt_addr_valid+0x1db/0x2d0 [ 15.998089] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.998111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.998135] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.998157] kasan_report+0x141/0x180 [ 15.998181] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.998208] __asan_report_load8_noabort+0x18/0x20 [ 15.998263] kasan_atomics_helper+0x4f71/0x5450 [ 15.998298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.998340] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.998365] ? trace_hardirqs_on+0x37/0xe0 [ 15.998387] ? kasan_atomics+0x152/0x310 [ 15.998414] kasan_atomics+0x1dc/0x310 [ 15.998437] ? __pfx_kasan_atomics+0x10/0x10 [ 15.998461] ? __pfx_kasan_atomics+0x10/0x10 [ 15.998509] kunit_try_run_case+0x1a5/0x480 [ 15.998533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.998556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.998580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.998604] ? __kthread_parkme+0x82/0x180 [ 15.998624] ? preempt_count_sub+0x50/0x80 [ 15.998650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.998674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.998724] kthread+0x337/0x6f0 [ 15.998744] ? trace_preempt_on+0x20/0xc0 [ 15.998766] ? __pfx_kthread+0x10/0x10 [ 15.998786] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.998808] ? calculate_sigpending+0x7b/0xa0 [ 15.998832] ? __pfx_kthread+0x10/0x10 [ 15.998854] ret_from_fork+0x116/0x1d0 [ 15.998873] ? __pfx_kthread+0x10/0x10 [ 15.998894] ret_from_fork_asm+0x1a/0x30 [ 15.998925] </TASK> [ 15.998935] [ 16.006600] Allocated by task 284: [ 16.006733] kasan_save_stack+0x45/0x70 [ 16.006902] kasan_save_track+0x18/0x40 [ 16.007143] kasan_save_alloc_info+0x3b/0x50 [ 16.007397] __kasan_kmalloc+0xb7/0xc0 [ 16.007639] __kmalloc_cache_noprof+0x189/0x420 [ 16.007866] kasan_atomics+0x95/0x310 [ 16.008117] kunit_try_run_case+0x1a5/0x480 [ 16.008355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.008582] kthread+0x337/0x6f0 [ 16.008728] ret_from_fork+0x116/0x1d0 [ 16.009012] ret_from_fork_asm+0x1a/0x30 [ 16.009280] [ 16.009405] The buggy address belongs to the object at ffff888103a28200 [ 16.009405] which belongs to the cache kmalloc-64 of size 64 [ 16.009958] The buggy address is located 0 bytes to the right of [ 16.009958] allocated 48-byte region [ffff888103a28200, ffff888103a28230) [ 16.010504] [ 16.010648] The buggy address belongs to the physical page: [ 16.010860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a28 [ 16.011103] flags: 0x200000000000000(node=0|zone=2) [ 16.011383] page_type: f5(slab) [ 16.011575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.011923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.012218] page dumped because: kasan: bad access detected [ 16.012401] [ 16.012547] Memory state around the buggy address: [ 16.012787] ffff888103a28100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.013206] ffff888103a28180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.013543] >ffff888103a28200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.013775] ^ [ 16.014003] ffff888103a28280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.014409] ffff888103a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.014867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.431201] ================================================================== [ 14.431657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.432004] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.432292] [ 14.432434] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.432478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.432489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.432508] Call Trace: [ 14.432524] <TASK> [ 14.432537] dump_stack_lvl+0x73/0xb0 [ 14.432564] print_report+0xd1/0x610 [ 14.432584] ? __virt_addr_valid+0x1db/0x2d0 [ 14.432606] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.432672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.432694] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.432722] kasan_report+0x141/0x180 [ 14.432744] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.432777] kasan_check_range+0x10c/0x1c0 [ 14.432800] __kasan_check_write+0x18/0x20 [ 14.432818] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.432846] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.432876] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.432898] ? trace_hardirqs_on+0x37/0xe0 [ 14.432920] ? kasan_bitops_generic+0x92/0x1c0 [ 14.432947] kasan_bitops_generic+0x121/0x1c0 [ 14.432978] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.433003] ? __pfx_read_tsc+0x10/0x10 [ 14.433071] ? ktime_get_ts64+0x86/0x230 [ 14.433094] kunit_try_run_case+0x1a5/0x480 [ 14.433118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.433140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.433165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.433188] ? __kthread_parkme+0x82/0x180 [ 14.433208] ? preempt_count_sub+0x50/0x80 [ 14.433231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.433255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.433314] kthread+0x337/0x6f0 [ 14.433333] ? trace_preempt_on+0x20/0xc0 [ 14.433355] ? __pfx_kthread+0x10/0x10 [ 14.433375] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.433396] ? calculate_sigpending+0x7b/0xa0 [ 14.433419] ? __pfx_kthread+0x10/0x10 [ 14.433440] ret_from_fork+0x116/0x1d0 [ 14.433458] ? __pfx_kthread+0x10/0x10 [ 14.433478] ret_from_fork_asm+0x1a/0x30 [ 14.433507] </TASK> [ 14.433517] [ 14.443484] Allocated by task 280: [ 14.443696] kasan_save_stack+0x45/0x70 [ 14.443903] kasan_save_track+0x18/0x40 [ 14.444206] kasan_save_alloc_info+0x3b/0x50 [ 14.444433] __kasan_kmalloc+0xb7/0xc0 [ 14.444569] __kmalloc_cache_noprof+0x189/0x420 [ 14.444725] kasan_bitops_generic+0x92/0x1c0 [ 14.444874] kunit_try_run_case+0x1a5/0x480 [ 14.445055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.445317] kthread+0x337/0x6f0 [ 14.445483] ret_from_fork+0x116/0x1d0 [ 14.445670] ret_from_fork_asm+0x1a/0x30 [ 14.445864] [ 14.445960] The buggy address belongs to the object at ffff8881025c7500 [ 14.445960] which belongs to the cache kmalloc-16 of size 16 [ 14.446618] The buggy address is located 8 bytes inside of [ 14.446618] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.446982] [ 14.447179] The buggy address belongs to the physical page: [ 14.447538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.447906] flags: 0x200000000000000(node=0|zone=2) [ 14.448560] page_type: f5(slab) [ 14.448831] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.449291] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.449668] page dumped because: kasan: bad access detected [ 14.449843] [ 14.449913] Memory state around the buggy address: [ 14.450068] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.450404] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.450789] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451395] ^ [ 14.451712] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451978] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.452333] ================================================================== [ 14.408398] ================================================================== [ 14.408790] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.409346] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.409688] [ 14.409793] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.409833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.409845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.409897] Call Trace: [ 14.409909] <TASK> [ 14.409922] dump_stack_lvl+0x73/0xb0 [ 14.409950] print_report+0xd1/0x610 [ 14.409971] ? __virt_addr_valid+0x1db/0x2d0 [ 14.409993] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.410100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.410126] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.410155] kasan_report+0x141/0x180 [ 14.410177] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.410246] kasan_check_range+0x10c/0x1c0 [ 14.410270] __kasan_check_write+0x18/0x20 [ 14.410289] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.410329] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.410358] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.410382] ? trace_hardirqs_on+0x37/0xe0 [ 14.410403] ? kasan_bitops_generic+0x92/0x1c0 [ 14.410430] kasan_bitops_generic+0x121/0x1c0 [ 14.410453] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.410478] ? __pfx_read_tsc+0x10/0x10 [ 14.410497] ? ktime_get_ts64+0x86/0x230 [ 14.410520] kunit_try_run_case+0x1a5/0x480 [ 14.410575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.410621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.410645] ? __kthread_parkme+0x82/0x180 [ 14.410665] ? preempt_count_sub+0x50/0x80 [ 14.410714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.410832] kthread+0x337/0x6f0 [ 14.410850] ? trace_preempt_on+0x20/0xc0 [ 14.410897] ? __pfx_kthread+0x10/0x10 [ 14.410934] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.410955] ? calculate_sigpending+0x7b/0xa0 [ 14.410979] ? __pfx_kthread+0x10/0x10 [ 14.411000] ret_from_fork+0x116/0x1d0 [ 14.411018] ? __pfx_kthread+0x10/0x10 [ 14.411084] ret_from_fork_asm+0x1a/0x30 [ 14.411113] </TASK> [ 14.411124] [ 14.421366] Allocated by task 280: [ 14.421631] kasan_save_stack+0x45/0x70 [ 14.421855] kasan_save_track+0x18/0x40 [ 14.422120] kasan_save_alloc_info+0x3b/0x50 [ 14.422279] __kasan_kmalloc+0xb7/0xc0 [ 14.422479] __kmalloc_cache_noprof+0x189/0x420 [ 14.422783] kasan_bitops_generic+0x92/0x1c0 [ 14.423242] kunit_try_run_case+0x1a5/0x480 [ 14.423437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.423675] kthread+0x337/0x6f0 [ 14.423845] ret_from_fork+0x116/0x1d0 [ 14.424084] ret_from_fork_asm+0x1a/0x30 [ 14.424279] [ 14.424386] The buggy address belongs to the object at ffff8881025c7500 [ 14.424386] which belongs to the cache kmalloc-16 of size 16 [ 14.425037] The buggy address is located 8 bytes inside of [ 14.425037] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.425780] [ 14.425913] The buggy address belongs to the physical page: [ 14.426199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.426647] flags: 0x200000000000000(node=0|zone=2) [ 14.426863] page_type: f5(slab) [ 14.427082] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.427469] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.427796] page dumped because: kasan: bad access detected [ 14.428045] [ 14.428338] Memory state around the buggy address: [ 14.428575] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.428851] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.429128] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429575] ^ [ 14.429874] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430313] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430658] ================================================================== [ 14.499831] ================================================================== [ 14.500462] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.500986] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.501369] [ 14.501458] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.501501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.501513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.501533] Call Trace: [ 14.501548] <TASK> [ 14.501562] dump_stack_lvl+0x73/0xb0 [ 14.501630] print_report+0xd1/0x610 [ 14.501677] ? __virt_addr_valid+0x1db/0x2d0 [ 14.501700] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.501729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501752] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.501779] kasan_report+0x141/0x180 [ 14.501801] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.501835] kasan_check_range+0x10c/0x1c0 [ 14.501858] __kasan_check_write+0x18/0x20 [ 14.501877] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.501906] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.501967] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.502014] ? trace_hardirqs_on+0x37/0xe0 [ 14.502051] ? kasan_bitops_generic+0x92/0x1c0 [ 14.502079] kasan_bitops_generic+0x121/0x1c0 [ 14.502101] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.502126] ? __pfx_read_tsc+0x10/0x10 [ 14.502145] ? ktime_get_ts64+0x86/0x230 [ 14.502168] kunit_try_run_case+0x1a5/0x480 [ 14.502192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.502237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.502261] ? __kthread_parkme+0x82/0x180 [ 14.502281] ? preempt_count_sub+0x50/0x80 [ 14.502315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.502361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.502385] kthread+0x337/0x6f0 [ 14.502406] ? trace_preempt_on+0x20/0xc0 [ 14.502427] ? __pfx_kthread+0x10/0x10 [ 14.502447] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.502468] ? calculate_sigpending+0x7b/0xa0 [ 14.502574] ? __pfx_kthread+0x10/0x10 [ 14.502596] ret_from_fork+0x116/0x1d0 [ 14.502615] ? __pfx_kthread+0x10/0x10 [ 14.502635] ret_from_fork_asm+0x1a/0x30 [ 14.502666] </TASK> [ 14.502676] [ 14.512935] Allocated by task 280: [ 14.513194] kasan_save_stack+0x45/0x70 [ 14.513496] kasan_save_track+0x18/0x40 [ 14.513777] kasan_save_alloc_info+0x3b/0x50 [ 14.514015] __kasan_kmalloc+0xb7/0xc0 [ 14.514345] __kmalloc_cache_noprof+0x189/0x420 [ 14.514609] kasan_bitops_generic+0x92/0x1c0 [ 14.514817] kunit_try_run_case+0x1a5/0x480 [ 14.515015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.515296] kthread+0x337/0x6f0 [ 14.515450] ret_from_fork+0x116/0x1d0 [ 14.515856] ret_from_fork_asm+0x1a/0x30 [ 14.516080] [ 14.516173] The buggy address belongs to the object at ffff8881025c7500 [ 14.516173] which belongs to the cache kmalloc-16 of size 16 [ 14.516738] The buggy address is located 8 bytes inside of [ 14.516738] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.517340] [ 14.517410] The buggy address belongs to the physical page: [ 14.517793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.518419] flags: 0x200000000000000(node=0|zone=2) [ 14.518692] page_type: f5(slab) [ 14.518888] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.519325] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.519659] page dumped because: kasan: bad access detected [ 14.519900] [ 14.519991] Memory state around the buggy address: [ 14.520235] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.520702] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.521160] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.521509] ^ [ 14.521700] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.521989] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.522366] ================================================================== [ 14.452853] ================================================================== [ 14.453335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.453937] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.454384] [ 14.454529] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.454572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.454584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.454604] Call Trace: [ 14.454620] <TASK> [ 14.454635] dump_stack_lvl+0x73/0xb0 [ 14.454662] print_report+0xd1/0x610 [ 14.454720] ? __virt_addr_valid+0x1db/0x2d0 [ 14.454741] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.454770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.454792] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.454850] kasan_report+0x141/0x180 [ 14.454871] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.454904] kasan_check_range+0x10c/0x1c0 [ 14.454928] __kasan_check_write+0x18/0x20 [ 14.454947] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.455004] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.455034] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.455057] ? trace_hardirqs_on+0x37/0xe0 [ 14.455131] ? kasan_bitops_generic+0x92/0x1c0 [ 14.455197] kasan_bitops_generic+0x121/0x1c0 [ 14.455220] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.455244] ? __pfx_read_tsc+0x10/0x10 [ 14.455265] ? ktime_get_ts64+0x86/0x230 [ 14.455288] kunit_try_run_case+0x1a5/0x480 [ 14.455356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.455402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.455425] ? __kthread_parkme+0x82/0x180 [ 14.455444] ? preempt_count_sub+0x50/0x80 [ 14.455501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.455547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.455581] kthread+0x337/0x6f0 [ 14.455600] ? trace_preempt_on+0x20/0xc0 [ 14.455650] ? __pfx_kthread+0x10/0x10 [ 14.455670] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.455691] ? calculate_sigpending+0x7b/0xa0 [ 14.455715] ? __pfx_kthread+0x10/0x10 [ 14.455736] ret_from_fork+0x116/0x1d0 [ 14.455754] ? __pfx_kthread+0x10/0x10 [ 14.455774] ret_from_fork_asm+0x1a/0x30 [ 14.455804] </TASK> [ 14.455813] [ 14.466323] Allocated by task 280: [ 14.466577] kasan_save_stack+0x45/0x70 [ 14.466790] kasan_save_track+0x18/0x40 [ 14.466979] kasan_save_alloc_info+0x3b/0x50 [ 14.467205] __kasan_kmalloc+0xb7/0xc0 [ 14.467448] __kmalloc_cache_noprof+0x189/0x420 [ 14.467804] kasan_bitops_generic+0x92/0x1c0 [ 14.468106] kunit_try_run_case+0x1a5/0x480 [ 14.468339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.468603] kthread+0x337/0x6f0 [ 14.468813] ret_from_fork+0x116/0x1d0 [ 14.469005] ret_from_fork_asm+0x1a/0x30 [ 14.469389] [ 14.469465] The buggy address belongs to the object at ffff8881025c7500 [ 14.469465] which belongs to the cache kmalloc-16 of size 16 [ 14.469826] The buggy address is located 8 bytes inside of [ 14.469826] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.470207] [ 14.470401] The buggy address belongs to the physical page: [ 14.470890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.471351] flags: 0x200000000000000(node=0|zone=2) [ 14.471519] page_type: f5(slab) [ 14.471639] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.471870] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.472434] page dumped because: kasan: bad access detected [ 14.472759] [ 14.472911] Memory state around the buggy address: [ 14.473264] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.473927] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.474184] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.474587] ^ [ 14.474769] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.475245] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.475632] ================================================================== [ 14.610137] ================================================================== [ 14.610465] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.611298] Read of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.611945] [ 14.612065] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.612111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.612122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.612143] Call Trace: [ 14.612158] <TASK> [ 14.612174] dump_stack_lvl+0x73/0xb0 [ 14.612203] print_report+0xd1/0x610 [ 14.612225] ? __virt_addr_valid+0x1db/0x2d0 [ 14.612246] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.612274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.612297] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.612338] kasan_report+0x141/0x180 [ 14.612359] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.612391] __asan_report_load8_noabort+0x18/0x20 [ 14.612415] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.612444] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.612473] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.612497] ? trace_hardirqs_on+0x37/0xe0 [ 14.612518] ? kasan_bitops_generic+0x92/0x1c0 [ 14.612545] kasan_bitops_generic+0x121/0x1c0 [ 14.612569] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.612593] ? __pfx_read_tsc+0x10/0x10 [ 14.612614] ? ktime_get_ts64+0x86/0x230 [ 14.612636] kunit_try_run_case+0x1a5/0x480 [ 14.612660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.612681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.612706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.612728] ? __kthread_parkme+0x82/0x180 [ 14.612748] ? preempt_count_sub+0x50/0x80 [ 14.612772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.612795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.612843] kthread+0x337/0x6f0 [ 14.612862] ? trace_preempt_on+0x20/0xc0 [ 14.612883] ? __pfx_kthread+0x10/0x10 [ 14.612903] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.612924] ? calculate_sigpending+0x7b/0xa0 [ 14.612948] ? __pfx_kthread+0x10/0x10 [ 14.612976] ret_from_fork+0x116/0x1d0 [ 14.612994] ? __pfx_kthread+0x10/0x10 [ 14.613013] ret_from_fork_asm+0x1a/0x30 [ 14.613043] </TASK> [ 14.613053] [ 14.624821] Allocated by task 280: [ 14.625173] kasan_save_stack+0x45/0x70 [ 14.625394] kasan_save_track+0x18/0x40 [ 14.625763] kasan_save_alloc_info+0x3b/0x50 [ 14.626072] __kasan_kmalloc+0xb7/0xc0 [ 14.626362] __kmalloc_cache_noprof+0x189/0x420 [ 14.626740] kasan_bitops_generic+0x92/0x1c0 [ 14.627030] kunit_try_run_case+0x1a5/0x480 [ 14.627320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627513] kthread+0x337/0x6f0 [ 14.627918] ret_from_fork+0x116/0x1d0 [ 14.628098] ret_from_fork_asm+0x1a/0x30 [ 14.628387] [ 14.628663] The buggy address belongs to the object at ffff8881025c7500 [ 14.628663] which belongs to the cache kmalloc-16 of size 16 [ 14.629152] The buggy address is located 8 bytes inside of [ 14.629152] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.629987] [ 14.630084] The buggy address belongs to the physical page: [ 14.630292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.630814] flags: 0x200000000000000(node=0|zone=2) [ 14.631148] page_type: f5(slab) [ 14.631427] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.631951] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.632384] page dumped because: kasan: bad access detected [ 14.632743] [ 14.632942] Memory state around the buggy address: [ 14.633144] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.633483] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.634022] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634419] ^ [ 14.634783] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.635135] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.635560] ================================================================== [ 14.583939] ================================================================== [ 14.584267] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.584802] Read of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.585390] [ 14.585655] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.585804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.585818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.585839] Call Trace: [ 14.585855] <TASK> [ 14.585869] dump_stack_lvl+0x73/0xb0 [ 14.585900] print_report+0xd1/0x610 [ 14.585922] ? __virt_addr_valid+0x1db/0x2d0 [ 14.585944] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.585971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.585993] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.586022] kasan_report+0x141/0x180 [ 14.586043] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.586076] kasan_check_range+0x10c/0x1c0 [ 14.586098] __kasan_check_read+0x15/0x20 [ 14.586117] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.586144] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.586173] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.586197] ? trace_hardirqs_on+0x37/0xe0 [ 14.586217] ? kasan_bitops_generic+0x92/0x1c0 [ 14.586244] kasan_bitops_generic+0x121/0x1c0 [ 14.586267] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.586291] ? __pfx_read_tsc+0x10/0x10 [ 14.586324] ? ktime_get_ts64+0x86/0x230 [ 14.586346] kunit_try_run_case+0x1a5/0x480 [ 14.586369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.586414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.586438] ? __kthread_parkme+0x82/0x180 [ 14.586457] ? preempt_count_sub+0x50/0x80 [ 14.586481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.586527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.586551] kthread+0x337/0x6f0 [ 14.586570] ? trace_preempt_on+0x20/0xc0 [ 14.586591] ? __pfx_kthread+0x10/0x10 [ 14.586611] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.586632] ? calculate_sigpending+0x7b/0xa0 [ 14.586656] ? __pfx_kthread+0x10/0x10 [ 14.586678] ret_from_fork+0x116/0x1d0 [ 14.586696] ? __pfx_kthread+0x10/0x10 [ 14.586716] ret_from_fork_asm+0x1a/0x30 [ 14.586746] </TASK> [ 14.586755] [ 14.598342] Allocated by task 280: [ 14.598645] kasan_save_stack+0x45/0x70 [ 14.598910] kasan_save_track+0x18/0x40 [ 14.599074] kasan_save_alloc_info+0x3b/0x50 [ 14.599281] __kasan_kmalloc+0xb7/0xc0 [ 14.599463] __kmalloc_cache_noprof+0x189/0x420 [ 14.599656] kasan_bitops_generic+0x92/0x1c0 [ 14.599847] kunit_try_run_case+0x1a5/0x480 [ 14.600037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.600274] kthread+0x337/0x6f0 [ 14.600871] ret_from_fork+0x116/0x1d0 [ 14.601027] ret_from_fork_asm+0x1a/0x30 [ 14.601406] [ 14.601505] The buggy address belongs to the object at ffff8881025c7500 [ 14.601505] which belongs to the cache kmalloc-16 of size 16 [ 14.602262] The buggy address is located 8 bytes inside of [ 14.602262] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.603000] [ 14.603103] The buggy address belongs to the physical page: [ 14.603380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.603962] flags: 0x200000000000000(node=0|zone=2) [ 14.604271] page_type: f5(slab) [ 14.604453] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.604960] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.605390] page dumped because: kasan: bad access detected [ 14.605731] [ 14.605982] Memory state around the buggy address: [ 14.606191] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.606609] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.607022] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.607433] ^ [ 14.607742] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.608058] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.608376] ================================================================== [ 14.557089] ================================================================== [ 14.557366] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.558583] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.559200] [ 14.559317] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.559365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.559376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.559397] Call Trace: [ 14.559409] <TASK> [ 14.559424] dump_stack_lvl+0x73/0xb0 [ 14.559454] print_report+0xd1/0x610 [ 14.559482] ? __virt_addr_valid+0x1db/0x2d0 [ 14.559504] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.559531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559554] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.559582] kasan_report+0x141/0x180 [ 14.559603] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.559635] kasan_check_range+0x10c/0x1c0 [ 14.559658] __kasan_check_write+0x18/0x20 [ 14.559677] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.559706] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.559735] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559757] ? trace_hardirqs_on+0x37/0xe0 [ 14.559778] ? kasan_bitops_generic+0x92/0x1c0 [ 14.559805] kasan_bitops_generic+0x121/0x1c0 [ 14.559829] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.559853] ? __pfx_read_tsc+0x10/0x10 [ 14.559873] ? ktime_get_ts64+0x86/0x230 [ 14.559896] kunit_try_run_case+0x1a5/0x480 [ 14.559918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559987] ? __kthread_parkme+0x82/0x180 [ 14.560005] ? preempt_count_sub+0x50/0x80 [ 14.560029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.560099] kthread+0x337/0x6f0 [ 14.560117] ? trace_preempt_on+0x20/0xc0 [ 14.560139] ? __pfx_kthread+0x10/0x10 [ 14.560158] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.560179] ? calculate_sigpending+0x7b/0xa0 [ 14.560201] ? __pfx_kthread+0x10/0x10 [ 14.560222] ret_from_fork+0x116/0x1d0 [ 14.560241] ? __pfx_kthread+0x10/0x10 [ 14.560261] ret_from_fork_asm+0x1a/0x30 [ 14.560290] </TASK> [ 14.560515] [ 14.572441] Allocated by task 280: [ 14.572773] kasan_save_stack+0x45/0x70 [ 14.573073] kasan_save_track+0x18/0x40 [ 14.573381] kasan_save_alloc_info+0x3b/0x50 [ 14.573875] __kasan_kmalloc+0xb7/0xc0 [ 14.574060] __kmalloc_cache_noprof+0x189/0x420 [ 14.574292] kasan_bitops_generic+0x92/0x1c0 [ 14.574483] kunit_try_run_case+0x1a5/0x480 [ 14.574682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.574949] kthread+0x337/0x6f0 [ 14.575110] ret_from_fork+0x116/0x1d0 [ 14.575286] ret_from_fork_asm+0x1a/0x30 [ 14.575479] [ 14.575557] The buggy address belongs to the object at ffff8881025c7500 [ 14.575557] which belongs to the cache kmalloc-16 of size 16 [ 14.576064] The buggy address is located 8 bytes inside of [ 14.576064] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.577223] [ 14.577524] The buggy address belongs to the physical page: [ 14.577774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.578195] flags: 0x200000000000000(node=0|zone=2) [ 14.578526] page_type: f5(slab) [ 14.578700] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.579022] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.579352] page dumped because: kasan: bad access detected [ 14.579849] [ 14.579945] Memory state around the buggy address: [ 14.580281] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.580759] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.581184] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.581673] ^ [ 14.581857] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.582334] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.582888] ================================================================== [ 14.523182] ================================================================== [ 14.523516] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.524130] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.524900] [ 14.525531] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.525580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.525593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.525614] Call Trace: [ 14.525628] <TASK> [ 14.525643] dump_stack_lvl+0x73/0xb0 [ 14.525673] print_report+0xd1/0x610 [ 14.525695] ? __virt_addr_valid+0x1db/0x2d0 [ 14.525717] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.525744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.525767] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.525795] kasan_report+0x141/0x180 [ 14.525816] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.525849] kasan_check_range+0x10c/0x1c0 [ 14.525873] __kasan_check_write+0x18/0x20 [ 14.525891] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.525920] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.525948] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.525971] ? trace_hardirqs_on+0x37/0xe0 [ 14.525992] ? kasan_bitops_generic+0x92/0x1c0 [ 14.526020] kasan_bitops_generic+0x121/0x1c0 [ 14.526042] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.526066] ? __pfx_read_tsc+0x10/0x10 [ 14.526087] ? ktime_get_ts64+0x86/0x230 [ 14.526109] kunit_try_run_case+0x1a5/0x480 [ 14.526133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.526179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.526202] ? __kthread_parkme+0x82/0x180 [ 14.526221] ? preempt_count_sub+0x50/0x80 [ 14.526244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.526327] kthread+0x337/0x6f0 [ 14.526346] ? trace_preempt_on+0x20/0xc0 [ 14.526367] ? __pfx_kthread+0x10/0x10 [ 14.526387] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.526407] ? calculate_sigpending+0x7b/0xa0 [ 14.526431] ? __pfx_kthread+0x10/0x10 [ 14.526452] ret_from_fork+0x116/0x1d0 [ 14.526469] ? __pfx_kthread+0x10/0x10 [ 14.526787] ret_from_fork_asm+0x1a/0x30 [ 14.526819] </TASK> [ 14.526830] [ 14.543030] Allocated by task 280: [ 14.543403] kasan_save_stack+0x45/0x70 [ 14.543869] kasan_save_track+0x18/0x40 [ 14.544344] kasan_save_alloc_info+0x3b/0x50 [ 14.544817] __kasan_kmalloc+0xb7/0xc0 [ 14.544949] __kmalloc_cache_noprof+0x189/0x420 [ 14.545341] kasan_bitops_generic+0x92/0x1c0 [ 14.545794] kunit_try_run_case+0x1a5/0x480 [ 14.546268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.546938] kthread+0x337/0x6f0 [ 14.547256] ret_from_fork+0x116/0x1d0 [ 14.547675] ret_from_fork_asm+0x1a/0x30 [ 14.547839] [ 14.548008] The buggy address belongs to the object at ffff8881025c7500 [ 14.548008] which belongs to the cache kmalloc-16 of size 16 [ 14.548960] The buggy address is located 8 bytes inside of [ 14.548960] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.550243] [ 14.550473] The buggy address belongs to the physical page: [ 14.550814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.551697] flags: 0x200000000000000(node=0|zone=2) [ 14.551871] page_type: f5(slab) [ 14.551994] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.552227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.552908] page dumped because: kasan: bad access detected [ 14.553389] [ 14.553503] Memory state around the buggy address: [ 14.553879] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.554348] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.554894] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555317] ^ [ 14.555491] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556038] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556504] ================================================================== [ 14.476593] ================================================================== [ 14.477229] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.477795] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.478259] [ 14.478385] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.478430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.478441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.478461] Call Trace: [ 14.478473] <TASK> [ 14.478487] dump_stack_lvl+0x73/0xb0 [ 14.478514] print_report+0xd1/0x610 [ 14.478535] ? __virt_addr_valid+0x1db/0x2d0 [ 14.478595] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.478648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.478671] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.478699] kasan_report+0x141/0x180 [ 14.478721] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.478754] kasan_check_range+0x10c/0x1c0 [ 14.478777] __kasan_check_write+0x18/0x20 [ 14.478795] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.478824] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.478853] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.478876] ? trace_hardirqs_on+0x37/0xe0 [ 14.478897] ? kasan_bitops_generic+0x92/0x1c0 [ 14.478924] kasan_bitops_generic+0x121/0x1c0 [ 14.478947] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.478971] ? __pfx_read_tsc+0x10/0x10 [ 14.478991] ? ktime_get_ts64+0x86/0x230 [ 14.479014] kunit_try_run_case+0x1a5/0x480 [ 14.479038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.479157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.479181] ? __kthread_parkme+0x82/0x180 [ 14.479200] ? preempt_count_sub+0x50/0x80 [ 14.479224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.479272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.479296] kthread+0x337/0x6f0 [ 14.479326] ? trace_preempt_on+0x20/0xc0 [ 14.479384] ? __pfx_kthread+0x10/0x10 [ 14.479404] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.479425] ? calculate_sigpending+0x7b/0xa0 [ 14.479448] ? __pfx_kthread+0x10/0x10 [ 14.479469] ret_from_fork+0x116/0x1d0 [ 14.479497] ? __pfx_kthread+0x10/0x10 [ 14.479517] ret_from_fork_asm+0x1a/0x30 [ 14.479579] </TASK> [ 14.479589] [ 14.489757] Allocated by task 280: [ 14.489962] kasan_save_stack+0x45/0x70 [ 14.490228] kasan_save_track+0x18/0x40 [ 14.490437] kasan_save_alloc_info+0x3b/0x50 [ 14.490750] __kasan_kmalloc+0xb7/0xc0 [ 14.490920] __kmalloc_cache_noprof+0x189/0x420 [ 14.491337] kasan_bitops_generic+0x92/0x1c0 [ 14.491573] kunit_try_run_case+0x1a5/0x480 [ 14.491721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491897] kthread+0x337/0x6f0 [ 14.492064] ret_from_fork+0x116/0x1d0 [ 14.492247] ret_from_fork_asm+0x1a/0x30 [ 14.492522] [ 14.492621] The buggy address belongs to the object at ffff8881025c7500 [ 14.492621] which belongs to the cache kmalloc-16 of size 16 [ 14.493233] The buggy address is located 8 bytes inside of [ 14.493233] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.493885] [ 14.494004] The buggy address belongs to the physical page: [ 14.494194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.494449] flags: 0x200000000000000(node=0|zone=2) [ 14.495089] page_type: f5(slab) [ 14.495428] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.495806] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.496348] page dumped because: kasan: bad access detected [ 14.496678] [ 14.496775] Memory state around the buggy address: [ 14.496961] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.497230] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.497800] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498206] ^ [ 14.498486] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498900] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.499221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.385153] ================================================================== [ 14.385541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.385915] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.386665] [ 14.386782] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.386825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.386836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.386857] Call Trace: [ 14.386870] <TASK> [ 14.386883] dump_stack_lvl+0x73/0xb0 [ 14.386911] print_report+0xd1/0x610 [ 14.386932] ? __virt_addr_valid+0x1db/0x2d0 [ 14.386991] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.387041] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387327] kasan_report+0x141/0x180 [ 14.387356] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387388] kasan_check_range+0x10c/0x1c0 [ 14.387411] __kasan_check_write+0x18/0x20 [ 14.387430] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387457] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.387484] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.387508] ? trace_hardirqs_on+0x37/0xe0 [ 14.387529] ? kasan_bitops_generic+0x92/0x1c0 [ 14.387557] kasan_bitops_generic+0x116/0x1c0 [ 14.387580] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.387606] ? __pfx_read_tsc+0x10/0x10 [ 14.387626] ? ktime_get_ts64+0x86/0x230 [ 14.387648] kunit_try_run_case+0x1a5/0x480 [ 14.387672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.387717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.387741] ? __kthread_parkme+0x82/0x180 [ 14.387760] ? preempt_count_sub+0x50/0x80 [ 14.387783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.387854] kthread+0x337/0x6f0 [ 14.387873] ? trace_preempt_on+0x20/0xc0 [ 14.387894] ? __pfx_kthread+0x10/0x10 [ 14.387913] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.387935] ? calculate_sigpending+0x7b/0xa0 [ 14.387958] ? __pfx_kthread+0x10/0x10 [ 14.387979] ret_from_fork+0x116/0x1d0 [ 14.387997] ? __pfx_kthread+0x10/0x10 [ 14.388100] ret_from_fork_asm+0x1a/0x30 [ 14.388133] </TASK> [ 14.388143] [ 14.397814] Allocated by task 280: [ 14.397999] kasan_save_stack+0x45/0x70 [ 14.398284] kasan_save_track+0x18/0x40 [ 14.398570] kasan_save_alloc_info+0x3b/0x50 [ 14.398804] __kasan_kmalloc+0xb7/0xc0 [ 14.399007] __kmalloc_cache_noprof+0x189/0x420 [ 14.399215] kasan_bitops_generic+0x92/0x1c0 [ 14.399646] kunit_try_run_case+0x1a5/0x480 [ 14.399854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.400221] kthread+0x337/0x6f0 [ 14.400435] ret_from_fork+0x116/0x1d0 [ 14.400674] ret_from_fork_asm+0x1a/0x30 [ 14.400869] [ 14.400947] The buggy address belongs to the object at ffff8881025c7500 [ 14.400947] which belongs to the cache kmalloc-16 of size 16 [ 14.401816] The buggy address is located 8 bytes inside of [ 14.401816] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.402202] [ 14.402274] The buggy address belongs to the physical page: [ 14.402676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.403068] flags: 0x200000000000000(node=0|zone=2) [ 14.403354] page_type: f5(slab) [ 14.403523] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.403882] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.404209] page dumped because: kasan: bad access detected [ 14.404469] [ 14.404576] Memory state around the buggy address: [ 14.404860] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.405282] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.405690] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406570] ^ [ 14.406784] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.407217] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.407675] ================================================================== [ 14.317922] ================================================================== [ 14.318657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319164] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.319557] [ 14.319684] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.319727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.319739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.319760] Call Trace: [ 14.319774] <TASK> [ 14.319786] dump_stack_lvl+0x73/0xb0 [ 14.319814] print_report+0xd1/0x610 [ 14.319835] ? __virt_addr_valid+0x1db/0x2d0 [ 14.319858] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.319906] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319932] kasan_report+0x141/0x180 [ 14.319954] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319985] kasan_check_range+0x10c/0x1c0 [ 14.320008] __kasan_check_write+0x18/0x20 [ 14.320100] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.320127] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.320154] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.320177] ? trace_hardirqs_on+0x37/0xe0 [ 14.320199] ? kasan_bitops_generic+0x92/0x1c0 [ 14.320226] kasan_bitops_generic+0x116/0x1c0 [ 14.320250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.320346] ? __pfx_read_tsc+0x10/0x10 [ 14.320367] ? ktime_get_ts64+0x86/0x230 [ 14.320414] kunit_try_run_case+0x1a5/0x480 [ 14.320461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.320484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.320531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.320577] ? __kthread_parkme+0x82/0x180 [ 14.320598] ? preempt_count_sub+0x50/0x80 [ 14.320622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.320645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.320669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.320695] kthread+0x337/0x6f0 [ 14.320713] ? trace_preempt_on+0x20/0xc0 [ 14.320735] ? __pfx_kthread+0x10/0x10 [ 14.320754] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.320775] ? calculate_sigpending+0x7b/0xa0 [ 14.320798] ? __pfx_kthread+0x10/0x10 [ 14.320819] ret_from_fork+0x116/0x1d0 [ 14.320837] ? __pfx_kthread+0x10/0x10 [ 14.320857] ret_from_fork_asm+0x1a/0x30 [ 14.320886] </TASK> [ 14.320896] [ 14.330467] Allocated by task 280: [ 14.330673] kasan_save_stack+0x45/0x70 [ 14.330875] kasan_save_track+0x18/0x40 [ 14.331099] kasan_save_alloc_info+0x3b/0x50 [ 14.331387] __kasan_kmalloc+0xb7/0xc0 [ 14.331603] __kmalloc_cache_noprof+0x189/0x420 [ 14.331841] kasan_bitops_generic+0x92/0x1c0 [ 14.332124] kunit_try_run_case+0x1a5/0x480 [ 14.332356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332613] kthread+0x337/0x6f0 [ 14.332814] ret_from_fork+0x116/0x1d0 [ 14.333037] ret_from_fork_asm+0x1a/0x30 [ 14.333489] [ 14.333568] The buggy address belongs to the object at ffff8881025c7500 [ 14.333568] which belongs to the cache kmalloc-16 of size 16 [ 14.334392] The buggy address is located 8 bytes inside of [ 14.334392] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.334740] [ 14.334809] The buggy address belongs to the physical page: [ 14.334998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.335427] flags: 0x200000000000000(node=0|zone=2) [ 14.335920] page_type: f5(slab) [ 14.336192] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.336546] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.336765] page dumped because: kasan: bad access detected [ 14.336930] [ 14.337012] Memory state around the buggy address: [ 14.337329] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.338001] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.338602] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.338816] ^ [ 14.338992] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.339385] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.339598] ================================================================== [ 14.208378] ================================================================== [ 14.208966] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.209981] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.210841] [ 14.211089] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.211148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.211160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.211181] Call Trace: [ 14.211194] <TASK> [ 14.211210] dump_stack_lvl+0x73/0xb0 [ 14.211240] print_report+0xd1/0x610 [ 14.211262] ? __virt_addr_valid+0x1db/0x2d0 [ 14.211284] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.211343] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211369] kasan_report+0x141/0x180 [ 14.211390] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211420] kasan_check_range+0x10c/0x1c0 [ 14.211444] __kasan_check_write+0x18/0x20 [ 14.211515] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211544] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.211571] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.211607] ? trace_hardirqs_on+0x37/0xe0 [ 14.211630] ? kasan_bitops_generic+0x92/0x1c0 [ 14.211657] kasan_bitops_generic+0x116/0x1c0 [ 14.211680] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.211705] ? __pfx_read_tsc+0x10/0x10 [ 14.211726] ? ktime_get_ts64+0x86/0x230 [ 14.211750] kunit_try_run_case+0x1a5/0x480 [ 14.211776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.211822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.211846] ? __kthread_parkme+0x82/0x180 [ 14.211867] ? preempt_count_sub+0x50/0x80 [ 14.211890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.211961] kthread+0x337/0x6f0 [ 14.211980] ? trace_preempt_on+0x20/0xc0 [ 14.212018] ? __pfx_kthread+0x10/0x10 [ 14.212038] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212059] ? calculate_sigpending+0x7b/0xa0 [ 14.212082] ? __pfx_kthread+0x10/0x10 [ 14.212102] ret_from_fork+0x116/0x1d0 [ 14.212121] ? __pfx_kthread+0x10/0x10 [ 14.212140] ret_from_fork_asm+0x1a/0x30 [ 14.212170] </TASK> [ 14.212180] [ 14.227693] Allocated by task 280: [ 14.228164] kasan_save_stack+0x45/0x70 [ 14.228528] kasan_save_track+0x18/0x40 [ 14.228766] kasan_save_alloc_info+0x3b/0x50 [ 14.229174] __kasan_kmalloc+0xb7/0xc0 [ 14.229332] __kmalloc_cache_noprof+0x189/0x420 [ 14.229500] kasan_bitops_generic+0x92/0x1c0 [ 14.229938] kunit_try_run_case+0x1a5/0x480 [ 14.230440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.231074] kthread+0x337/0x6f0 [ 14.231607] ret_from_fork+0x116/0x1d0 [ 14.231810] ret_from_fork_asm+0x1a/0x30 [ 14.231953] [ 14.232091] The buggy address belongs to the object at ffff8881025c7500 [ 14.232091] which belongs to the cache kmalloc-16 of size 16 [ 14.233306] The buggy address is located 8 bytes inside of [ 14.233306] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.233975] [ 14.234104] The buggy address belongs to the physical page: [ 14.234700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.235493] flags: 0x200000000000000(node=0|zone=2) [ 14.235860] page_type: f5(slab) [ 14.235988] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.236937] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.237602] page dumped because: kasan: bad access detected [ 14.237781] [ 14.237851] Memory state around the buggy address: [ 14.238009] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.238227] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.238507] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.238847] ^ [ 14.239130] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.239488] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.239751] ================================================================== [ 14.340155] ================================================================== [ 14.340683] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.341190] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.341615] [ 14.341752] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.341795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.341806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.341826] Call Trace: [ 14.341841] <TASK> [ 14.341855] dump_stack_lvl+0x73/0xb0 [ 14.341920] print_report+0xd1/0x610 [ 14.341942] ? __virt_addr_valid+0x1db/0x2d0 [ 14.341964] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.341990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.342013] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342040] kasan_report+0x141/0x180 [ 14.342135] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342169] kasan_check_range+0x10c/0x1c0 [ 14.342193] __kasan_check_write+0x18/0x20 [ 14.342248] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342275] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.342315] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.342340] ? trace_hardirqs_on+0x37/0xe0 [ 14.342361] ? kasan_bitops_generic+0x92/0x1c0 [ 14.342423] kasan_bitops_generic+0x116/0x1c0 [ 14.342447] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.342472] ? __pfx_read_tsc+0x10/0x10 [ 14.342492] ? ktime_get_ts64+0x86/0x230 [ 14.342515] kunit_try_run_case+0x1a5/0x480 [ 14.342539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342584] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.342608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.342631] ? __kthread_parkme+0x82/0x180 [ 14.342662] ? preempt_count_sub+0x50/0x80 [ 14.342684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.342764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.342789] kthread+0x337/0x6f0 [ 14.342808] ? trace_preempt_on+0x20/0xc0 [ 14.342830] ? __pfx_kthread+0x10/0x10 [ 14.342850] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.342896] ? calculate_sigpending+0x7b/0xa0 [ 14.342920] ? __pfx_kthread+0x10/0x10 [ 14.342940] ret_from_fork+0x116/0x1d0 [ 14.342959] ? __pfx_kthread+0x10/0x10 [ 14.342978] ret_from_fork_asm+0x1a/0x30 [ 14.343007] </TASK> [ 14.343017] [ 14.353005] Allocated by task 280: [ 14.353167] kasan_save_stack+0x45/0x70 [ 14.353324] kasan_save_track+0x18/0x40 [ 14.353570] kasan_save_alloc_info+0x3b/0x50 [ 14.353735] __kasan_kmalloc+0xb7/0xc0 [ 14.353891] __kmalloc_cache_noprof+0x189/0x420 [ 14.354182] kasan_bitops_generic+0x92/0x1c0 [ 14.354498] kunit_try_run_case+0x1a5/0x480 [ 14.354680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.354856] kthread+0x337/0x6f0 [ 14.354977] ret_from_fork+0x116/0x1d0 [ 14.355262] ret_from_fork_asm+0x1a/0x30 [ 14.355479] [ 14.355573] The buggy address belongs to the object at ffff8881025c7500 [ 14.355573] which belongs to the cache kmalloc-16 of size 16 [ 14.356408] The buggy address is located 8 bytes inside of [ 14.356408] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.356821] [ 14.356893] The buggy address belongs to the physical page: [ 14.357066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.357716] flags: 0x200000000000000(node=0|zone=2) [ 14.358016] page_type: f5(slab) [ 14.358349] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.358770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.359008] page dumped because: kasan: bad access detected [ 14.359294] [ 14.359398] Memory state around the buggy address: [ 14.359853] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.360350] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.360718] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361182] ^ [ 14.361534] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361865] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362343] ================================================================== [ 14.240885] ================================================================== [ 14.241234] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.241894] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.242424] [ 14.242587] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.242665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.242678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.242698] Call Trace: [ 14.242710] <TASK> [ 14.242724] dump_stack_lvl+0x73/0xb0 [ 14.242753] print_report+0xd1/0x610 [ 14.242774] ? __virt_addr_valid+0x1db/0x2d0 [ 14.242826] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.242876] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242903] kasan_report+0x141/0x180 [ 14.242924] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242955] kasan_check_range+0x10c/0x1c0 [ 14.242978] __kasan_check_write+0x18/0x20 [ 14.242997] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.243076] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.243105] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.243130] ? trace_hardirqs_on+0x37/0xe0 [ 14.243151] ? kasan_bitops_generic+0x92/0x1c0 [ 14.243178] kasan_bitops_generic+0x116/0x1c0 [ 14.243201] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.243226] ? __pfx_read_tsc+0x10/0x10 [ 14.243247] ? ktime_get_ts64+0x86/0x230 [ 14.243270] kunit_try_run_case+0x1a5/0x480 [ 14.243294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.243354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.243378] ? __kthread_parkme+0x82/0x180 [ 14.243398] ? preempt_count_sub+0x50/0x80 [ 14.243423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.243470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.243509] kthread+0x337/0x6f0 [ 14.243528] ? trace_preempt_on+0x20/0xc0 [ 14.243550] ? __pfx_kthread+0x10/0x10 [ 14.243570] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.243592] ? calculate_sigpending+0x7b/0xa0 [ 14.243618] ? __pfx_kthread+0x10/0x10 [ 14.243639] ret_from_fork+0x116/0x1d0 [ 14.243658] ? __pfx_kthread+0x10/0x10 [ 14.243678] ret_from_fork_asm+0x1a/0x30 [ 14.243707] </TASK> [ 14.243717] [ 14.258750] Allocated by task 280: [ 14.259027] kasan_save_stack+0x45/0x70 [ 14.259289] kasan_save_track+0x18/0x40 [ 14.259780] kasan_save_alloc_info+0x3b/0x50 [ 14.260038] __kasan_kmalloc+0xb7/0xc0 [ 14.260648] __kmalloc_cache_noprof+0x189/0x420 [ 14.261003] kasan_bitops_generic+0x92/0x1c0 [ 14.261379] kunit_try_run_case+0x1a5/0x480 [ 14.261680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262278] kthread+0x337/0x6f0 [ 14.262497] ret_from_fork+0x116/0x1d0 [ 14.262718] ret_from_fork_asm+0x1a/0x30 [ 14.263010] [ 14.263170] The buggy address belongs to the object at ffff8881025c7500 [ 14.263170] which belongs to the cache kmalloc-16 of size 16 [ 14.263897] The buggy address is located 8 bytes inside of [ 14.263897] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.264922] [ 14.265119] The buggy address belongs to the physical page: [ 14.265858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.266328] flags: 0x200000000000000(node=0|zone=2) [ 14.266533] page_type: f5(slab) [ 14.266881] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.267691] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.268209] page dumped because: kasan: bad access detected [ 14.268405] [ 14.268498] Memory state around the buggy address: [ 14.268811] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.269143] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.269486] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269805] ^ [ 14.269952] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270257] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270683] ================================================================== [ 14.362857] ================================================================== [ 14.363287] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.363707] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.363968] [ 14.364078] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.364121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.364153] Call Trace: [ 14.364168] <TASK> [ 14.364183] dump_stack_lvl+0x73/0xb0 [ 14.364210] print_report+0xd1/0x610 [ 14.364231] ? __virt_addr_valid+0x1db/0x2d0 [ 14.364253] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.364317] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364344] kasan_report+0x141/0x180 [ 14.364366] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364398] kasan_check_range+0x10c/0x1c0 [ 14.364422] __kasan_check_write+0x18/0x20 [ 14.364441] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364466] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.364588] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.364612] ? trace_hardirqs_on+0x37/0xe0 [ 14.364635] ? kasan_bitops_generic+0x92/0x1c0 [ 14.364663] kasan_bitops_generic+0x116/0x1c0 [ 14.364686] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.364711] ? __pfx_read_tsc+0x10/0x10 [ 14.364731] ? ktime_get_ts64+0x86/0x230 [ 14.364754] kunit_try_run_case+0x1a5/0x480 [ 14.364778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364847] ? __kthread_parkme+0x82/0x180 [ 14.364867] ? preempt_count_sub+0x50/0x80 [ 14.364891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.364960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.364984] kthread+0x337/0x6f0 [ 14.365003] ? trace_preempt_on+0x20/0xc0 [ 14.365055] ? __pfx_kthread+0x10/0x10 [ 14.365113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365160] ? calculate_sigpending+0x7b/0xa0 [ 14.365207] ? __pfx_kthread+0x10/0x10 [ 14.365251] ret_from_fork+0x116/0x1d0 [ 14.365271] ? __pfx_kthread+0x10/0x10 [ 14.365290] ret_from_fork_asm+0x1a/0x30 [ 14.365358] </TASK> [ 14.365391] [ 14.375371] Allocated by task 280: [ 14.375499] kasan_save_stack+0x45/0x70 [ 14.375642] kasan_save_track+0x18/0x40 [ 14.375837] kasan_save_alloc_info+0x3b/0x50 [ 14.376119] __kasan_kmalloc+0xb7/0xc0 [ 14.376399] __kmalloc_cache_noprof+0x189/0x420 [ 14.376708] kasan_bitops_generic+0x92/0x1c0 [ 14.376919] kunit_try_run_case+0x1a5/0x480 [ 14.377248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377535] kthread+0x337/0x6f0 [ 14.377716] ret_from_fork+0x116/0x1d0 [ 14.377928] ret_from_fork_asm+0x1a/0x30 [ 14.378230] [ 14.378345] The buggy address belongs to the object at ffff8881025c7500 [ 14.378345] which belongs to the cache kmalloc-16 of size 16 [ 14.379016] The buggy address is located 8 bytes inside of [ 14.379016] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.379786] [ 14.379923] The buggy address belongs to the physical page: [ 14.380236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.380602] flags: 0x200000000000000(node=0|zone=2) [ 14.380881] page_type: f5(slab) [ 14.381099] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.381489] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.381814] page dumped because: kasan: bad access detected [ 14.382157] [ 14.382240] Memory state around the buggy address: [ 14.382490] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.382737] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.382952] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.383813] ^ [ 14.384022] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.384291] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.384513] ================================================================== [ 14.271705] ================================================================== [ 14.272056] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.272567] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.272905] [ 14.273109] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.273156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.273193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.273236] Call Trace: [ 14.273274] <TASK> [ 14.273289] dump_stack_lvl+0x73/0xb0 [ 14.273333] print_report+0xd1/0x610 [ 14.273355] ? __virt_addr_valid+0x1db/0x2d0 [ 14.273377] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.273426] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273453] kasan_report+0x141/0x180 [ 14.273474] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273505] kasan_check_range+0x10c/0x1c0 [ 14.273528] __kasan_check_write+0x18/0x20 [ 14.273547] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273585] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.273612] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.273637] ? trace_hardirqs_on+0x37/0xe0 [ 14.273658] ? kasan_bitops_generic+0x92/0x1c0 [ 14.273685] kasan_bitops_generic+0x116/0x1c0 [ 14.273708] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.273733] ? __pfx_read_tsc+0x10/0x10 [ 14.273754] ? ktime_get_ts64+0x86/0x230 [ 14.273778] kunit_try_run_case+0x1a5/0x480 [ 14.273802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273824] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.273848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.273872] ? __kthread_parkme+0x82/0x180 [ 14.273892] ? preempt_count_sub+0x50/0x80 [ 14.273916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.273963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.273988] kthread+0x337/0x6f0 [ 14.274007] ? trace_preempt_on+0x20/0xc0 [ 14.274046] ? __pfx_kthread+0x10/0x10 [ 14.274066] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.274087] ? calculate_sigpending+0x7b/0xa0 [ 14.274111] ? __pfx_kthread+0x10/0x10 [ 14.274132] ret_from_fork+0x116/0x1d0 [ 14.274151] ? __pfx_kthread+0x10/0x10 [ 14.274171] ret_from_fork_asm+0x1a/0x30 [ 14.274201] </TASK> [ 14.274211] [ 14.284484] Allocated by task 280: [ 14.284727] kasan_save_stack+0x45/0x70 [ 14.284935] kasan_save_track+0x18/0x40 [ 14.285361] kasan_save_alloc_info+0x3b/0x50 [ 14.285580] __kasan_kmalloc+0xb7/0xc0 [ 14.285880] __kmalloc_cache_noprof+0x189/0x420 [ 14.286099] kasan_bitops_generic+0x92/0x1c0 [ 14.286356] kunit_try_run_case+0x1a5/0x480 [ 14.286505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287090] kthread+0x337/0x6f0 [ 14.287533] ret_from_fork+0x116/0x1d0 [ 14.287733] ret_from_fork_asm+0x1a/0x30 [ 14.287904] [ 14.287976] The buggy address belongs to the object at ffff8881025c7500 [ 14.287976] which belongs to the cache kmalloc-16 of size 16 [ 14.288466] The buggy address is located 8 bytes inside of [ 14.288466] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.289334] [ 14.289420] The buggy address belongs to the physical page: [ 14.289748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.290112] flags: 0x200000000000000(node=0|zone=2) [ 14.290422] page_type: f5(slab) [ 14.290706] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.291042] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.291480] page dumped because: kasan: bad access detected [ 14.291750] [ 14.291835] Memory state around the buggy address: [ 14.292271] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.292636] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.292893] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293429] ^ [ 14.293602] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293948] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.294490] ================================================================== [ 14.294949] ================================================================== [ 14.295400] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.295792] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.296276] [ 14.296404] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.296446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.296457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.296477] Call Trace: [ 14.296493] <TASK> [ 14.296507] dump_stack_lvl+0x73/0xb0 [ 14.296571] print_report+0xd1/0x610 [ 14.296592] ? __virt_addr_valid+0x1db/0x2d0 [ 14.296613] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.296662] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296718] kasan_report+0x141/0x180 [ 14.296741] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296771] kasan_check_range+0x10c/0x1c0 [ 14.296795] __kasan_check_write+0x18/0x20 [ 14.296814] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296840] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.296894] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.296918] ? trace_hardirqs_on+0x37/0xe0 [ 14.296939] ? kasan_bitops_generic+0x92/0x1c0 [ 14.296974] kasan_bitops_generic+0x116/0x1c0 [ 14.296997] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.297069] ? __pfx_read_tsc+0x10/0x10 [ 14.297090] ? ktime_get_ts64+0x86/0x230 [ 14.297114] kunit_try_run_case+0x1a5/0x480 [ 14.297138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.297241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.297289] ? __kthread_parkme+0x82/0x180 [ 14.297343] ? preempt_count_sub+0x50/0x80 [ 14.297368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.297441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.297488] kthread+0x337/0x6f0 [ 14.297507] ? trace_preempt_on+0x20/0xc0 [ 14.297528] ? __pfx_kthread+0x10/0x10 [ 14.297549] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.297570] ? calculate_sigpending+0x7b/0xa0 [ 14.297603] ? __pfx_kthread+0x10/0x10 [ 14.297625] ret_from_fork+0x116/0x1d0 [ 14.297643] ? __pfx_kthread+0x10/0x10 [ 14.297663] ret_from_fork_asm+0x1a/0x30 [ 14.297693] </TASK> [ 14.297702] [ 14.308103] Allocated by task 280: [ 14.308319] kasan_save_stack+0x45/0x70 [ 14.308607] kasan_save_track+0x18/0x40 [ 14.308800] kasan_save_alloc_info+0x3b/0x50 [ 14.309066] __kasan_kmalloc+0xb7/0xc0 [ 14.309315] __kmalloc_cache_noprof+0x189/0x420 [ 14.309676] kasan_bitops_generic+0x92/0x1c0 [ 14.309868] kunit_try_run_case+0x1a5/0x480 [ 14.310017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310193] kthread+0x337/0x6f0 [ 14.310356] ret_from_fork+0x116/0x1d0 [ 14.310544] ret_from_fork_asm+0x1a/0x30 [ 14.310837] [ 14.310931] The buggy address belongs to the object at ffff8881025c7500 [ 14.310931] which belongs to the cache kmalloc-16 of size 16 [ 14.311772] The buggy address is located 8 bytes inside of [ 14.311772] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.312431] [ 14.312510] The buggy address belongs to the physical page: [ 14.312753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.313237] flags: 0x200000000000000(node=0|zone=2) [ 14.313569] page_type: f5(slab) [ 14.313850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.314242] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.314599] page dumped because: kasan: bad access detected [ 14.314887] [ 14.314963] Memory state around the buggy address: [ 14.315203] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.315655] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.315875] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.316363] ^ [ 14.316620] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.316931] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.317274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.178666] ================================================================== [ 14.179276] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.179637] Read of size 1 at addr ffff888103a23e10 by task kunit_try_catch/278 [ 14.180129] [ 14.180234] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.180280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.180291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.180324] Call Trace: [ 14.180339] <TASK> [ 14.180353] dump_stack_lvl+0x73/0xb0 [ 14.180380] print_report+0xd1/0x610 [ 14.180403] ? __virt_addr_valid+0x1db/0x2d0 [ 14.180425] ? strnlen+0x73/0x80 [ 14.180442] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.180692] ? strnlen+0x73/0x80 [ 14.180712] kasan_report+0x141/0x180 [ 14.180734] ? strnlen+0x73/0x80 [ 14.180756] __asan_report_load1_noabort+0x18/0x20 [ 14.180780] strnlen+0x73/0x80 [ 14.180799] kasan_strings+0x615/0xe80 [ 14.180819] ? trace_hardirqs_on+0x37/0xe0 [ 14.180842] ? __pfx_kasan_strings+0x10/0x10 [ 14.180862] ? finish_task_switch.isra.0+0x153/0x700 [ 14.180939] ? __switch_to+0x47/0xf50 [ 14.181028] ? __schedule+0x10cc/0x2b60 [ 14.181054] ? __pfx_read_tsc+0x10/0x10 [ 14.181075] ? ktime_get_ts64+0x86/0x230 [ 14.181098] kunit_try_run_case+0x1a5/0x480 [ 14.181123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.181145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.181169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.181193] ? __kthread_parkme+0x82/0x180 [ 14.181213] ? preempt_count_sub+0x50/0x80 [ 14.181236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.181260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.181284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.181318] kthread+0x337/0x6f0 [ 14.181337] ? trace_preempt_on+0x20/0xc0 [ 14.181359] ? __pfx_kthread+0x10/0x10 [ 14.181379] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.181400] ? calculate_sigpending+0x7b/0xa0 [ 14.181423] ? __pfx_kthread+0x10/0x10 [ 14.181444] ret_from_fork+0x116/0x1d0 [ 14.181462] ? __pfx_kthread+0x10/0x10 [ 14.181481] ret_from_fork_asm+0x1a/0x30 [ 14.181512] </TASK> [ 14.181521] [ 14.191824] Allocated by task 278: [ 14.192238] kasan_save_stack+0x45/0x70 [ 14.192699] kasan_save_track+0x18/0x40 [ 14.192861] kasan_save_alloc_info+0x3b/0x50 [ 14.193255] __kasan_kmalloc+0xb7/0xc0 [ 14.193448] __kmalloc_cache_noprof+0x189/0x420 [ 14.193645] kasan_strings+0xc0/0xe80 [ 14.193821] kunit_try_run_case+0x1a5/0x480 [ 14.194001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.194508] kthread+0x337/0x6f0 [ 14.194668] ret_from_fork+0x116/0x1d0 [ 14.194864] ret_from_fork_asm+0x1a/0x30 [ 14.195211] [ 14.195373] Freed by task 278: [ 14.195613] kasan_save_stack+0x45/0x70 [ 14.195856] kasan_save_track+0x18/0x40 [ 14.196175] kasan_save_free_info+0x3f/0x60 [ 14.196421] __kasan_slab_free+0x56/0x70 [ 14.196609] kfree+0x222/0x3f0 [ 14.196804] kasan_strings+0x2aa/0xe80 [ 14.197106] kunit_try_run_case+0x1a5/0x480 [ 14.197409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.197847] kthread+0x337/0x6f0 [ 14.197984] ret_from_fork+0x116/0x1d0 [ 14.198233] ret_from_fork_asm+0x1a/0x30 [ 14.198469] [ 14.198548] The buggy address belongs to the object at ffff888103a23e00 [ 14.198548] which belongs to the cache kmalloc-32 of size 32 [ 14.199314] The buggy address is located 16 bytes inside of [ 14.199314] freed 32-byte region [ffff888103a23e00, ffff888103a23e20) [ 14.199875] [ 14.199982] The buggy address belongs to the physical page: [ 14.200204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a23 [ 14.200822] flags: 0x200000000000000(node=0|zone=2) [ 14.201047] page_type: f5(slab) [ 14.201328] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.201687] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.202069] page dumped because: kasan: bad access detected [ 14.202291] [ 14.202398] Memory state around the buggy address: [ 14.202597] ffff888103a23d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.202930] ffff888103a23d80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.203482] >ffff888103a23e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.203905] ^ [ 14.204074] ffff888103a23e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.204563] ffff888103a23f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.204946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.151891] ================================================================== [ 14.152537] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.152955] Read of size 1 at addr ffff888103a23e10 by task kunit_try_catch/278 [ 14.153409] [ 14.153547] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.153593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.153606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.153627] Call Trace: [ 14.153642] <TASK> [ 14.153656] dump_stack_lvl+0x73/0xb0 [ 14.153684] print_report+0xd1/0x610 [ 14.153705] ? __virt_addr_valid+0x1db/0x2d0 [ 14.153924] ? strlen+0x8f/0xb0 [ 14.153945] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.153968] ? strlen+0x8f/0xb0 [ 14.153985] kasan_report+0x141/0x180 [ 14.154031] ? strlen+0x8f/0xb0 [ 14.154052] __asan_report_load1_noabort+0x18/0x20 [ 14.154077] strlen+0x8f/0xb0 [ 14.154094] kasan_strings+0x57b/0xe80 [ 14.154113] ? trace_hardirqs_on+0x37/0xe0 [ 14.154137] ? __pfx_kasan_strings+0x10/0x10 [ 14.154157] ? finish_task_switch.isra.0+0x153/0x700 [ 14.154180] ? __switch_to+0x47/0xf50 [ 14.154206] ? __schedule+0x10cc/0x2b60 [ 14.154227] ? __pfx_read_tsc+0x10/0x10 [ 14.154248] ? ktime_get_ts64+0x86/0x230 [ 14.154271] kunit_try_run_case+0x1a5/0x480 [ 14.154305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.154328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.154352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.154375] ? __kthread_parkme+0x82/0x180 [ 14.154395] ? preempt_count_sub+0x50/0x80 [ 14.154417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.154441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.154485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.154509] kthread+0x337/0x6f0 [ 14.154528] ? trace_preempt_on+0x20/0xc0 [ 14.154550] ? __pfx_kthread+0x10/0x10 [ 14.154570] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.154591] ? calculate_sigpending+0x7b/0xa0 [ 14.154614] ? __pfx_kthread+0x10/0x10 [ 14.154634] ret_from_fork+0x116/0x1d0 [ 14.154653] ? __pfx_kthread+0x10/0x10 [ 14.154672] ret_from_fork_asm+0x1a/0x30 [ 14.154702] </TASK> [ 14.154712] [ 14.164970] Allocated by task 278: [ 14.165218] kasan_save_stack+0x45/0x70 [ 14.165439] kasan_save_track+0x18/0x40 [ 14.165804] kasan_save_alloc_info+0x3b/0x50 [ 14.166030] __kasan_kmalloc+0xb7/0xc0 [ 14.166234] __kmalloc_cache_noprof+0x189/0x420 [ 14.166428] kasan_strings+0xc0/0xe80 [ 14.166883] kunit_try_run_case+0x1a5/0x480 [ 14.167107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.167663] kthread+0x337/0x6f0 [ 14.167810] ret_from_fork+0x116/0x1d0 [ 14.168184] ret_from_fork_asm+0x1a/0x30 [ 14.168401] [ 14.168604] Freed by task 278: [ 14.168736] kasan_save_stack+0x45/0x70 [ 14.168938] kasan_save_track+0x18/0x40 [ 14.169109] kasan_save_free_info+0x3f/0x60 [ 14.169322] __kasan_slab_free+0x56/0x70 [ 14.169501] kfree+0x222/0x3f0 [ 14.169636] kasan_strings+0x2aa/0xe80 [ 14.169810] kunit_try_run_case+0x1a5/0x480 [ 14.170022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170234] kthread+0x337/0x6f0 [ 14.170970] ret_from_fork+0x116/0x1d0 [ 14.171137] ret_from_fork_asm+0x1a/0x30 [ 14.171415] [ 14.171492] The buggy address belongs to the object at ffff888103a23e00 [ 14.171492] which belongs to the cache kmalloc-32 of size 32 [ 14.172288] The buggy address is located 16 bytes inside of [ 14.172288] freed 32-byte region [ffff888103a23e00, ffff888103a23e20) [ 14.172974] [ 14.173104] The buggy address belongs to the physical page: [ 14.173443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a23 [ 14.173960] flags: 0x200000000000000(node=0|zone=2) [ 14.174254] page_type: f5(slab) [ 14.174389] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.174883] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.175380] page dumped because: kasan: bad access detected [ 14.175712] [ 14.175793] Memory state around the buggy address: [ 14.176075] ffff888103a23d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.176464] ffff888103a23d80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.176887] >ffff888103a23e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.177171] ^ [ 14.177468] ffff888103a23e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.177874] ffff888103a23f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.178143] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.126128] ================================================================== [ 14.126485] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.126788] Read of size 1 at addr ffff888103a23e10 by task kunit_try_catch/278 [ 14.127085] [ 14.127257] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.127311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.127322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.127341] Call Trace: [ 14.127357] <TASK> [ 14.127372] dump_stack_lvl+0x73/0xb0 [ 14.127399] print_report+0xd1/0x610 [ 14.127419] ? __virt_addr_valid+0x1db/0x2d0 [ 14.127441] ? kasan_strings+0xcbc/0xe80 [ 14.127460] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.127483] ? kasan_strings+0xcbc/0xe80 [ 14.127503] kasan_report+0x141/0x180 [ 14.127524] ? kasan_strings+0xcbc/0xe80 [ 14.127549] __asan_report_load1_noabort+0x18/0x20 [ 14.127573] kasan_strings+0xcbc/0xe80 [ 14.127592] ? trace_hardirqs_on+0x37/0xe0 [ 14.127615] ? __pfx_kasan_strings+0x10/0x10 [ 14.127635] ? finish_task_switch.isra.0+0x153/0x700 [ 14.127657] ? __switch_to+0x47/0xf50 [ 14.127682] ? __schedule+0x10cc/0x2b60 [ 14.127703] ? __pfx_read_tsc+0x10/0x10 [ 14.127724] ? ktime_get_ts64+0x86/0x230 [ 14.127746] kunit_try_run_case+0x1a5/0x480 [ 14.127770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.127816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.127839] ? __kthread_parkme+0x82/0x180 [ 14.127858] ? preempt_count_sub+0x50/0x80 [ 14.127881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.127929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.127953] kthread+0x337/0x6f0 [ 14.127973] ? trace_preempt_on+0x20/0xc0 [ 14.127995] ? __pfx_kthread+0x10/0x10 [ 14.128015] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.128036] ? calculate_sigpending+0x7b/0xa0 [ 14.128059] ? __pfx_kthread+0x10/0x10 [ 14.128079] ret_from_fork+0x116/0x1d0 [ 14.128098] ? __pfx_kthread+0x10/0x10 [ 14.128117] ret_from_fork_asm+0x1a/0x30 [ 14.128148] </TASK> [ 14.128157] [ 14.136345] Allocated by task 278: [ 14.136505] kasan_save_stack+0x45/0x70 [ 14.136644] kasan_save_track+0x18/0x40 [ 14.136779] kasan_save_alloc_info+0x3b/0x50 [ 14.136927] __kasan_kmalloc+0xb7/0xc0 [ 14.137064] __kmalloc_cache_noprof+0x189/0x420 [ 14.137219] kasan_strings+0xc0/0xe80 [ 14.138342] kunit_try_run_case+0x1a5/0x480 [ 14.138603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.138879] kthread+0x337/0x6f0 [ 14.140202] ret_from_fork+0x116/0x1d0 [ 14.140432] ret_from_fork_asm+0x1a/0x30 [ 14.140653] [ 14.140751] Freed by task 278: [ 14.140908] kasan_save_stack+0x45/0x70 [ 14.141691] kasan_save_track+0x18/0x40 [ 14.141869] kasan_save_free_info+0x3f/0x60 [ 14.142281] __kasan_slab_free+0x56/0x70 [ 14.142501] kfree+0x222/0x3f0 [ 14.142621] kasan_strings+0x2aa/0xe80 [ 14.142811] kunit_try_run_case+0x1a5/0x480 [ 14.143147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.143623] kthread+0x337/0x6f0 [ 14.143860] ret_from_fork+0x116/0x1d0 [ 14.144207] ret_from_fork_asm+0x1a/0x30 [ 14.144425] [ 14.144665] The buggy address belongs to the object at ffff888103a23e00 [ 14.144665] which belongs to the cache kmalloc-32 of size 32 [ 14.145364] The buggy address is located 16 bytes inside of [ 14.145364] freed 32-byte region [ffff888103a23e00, ffff888103a23e20) [ 14.146574] [ 14.146761] The buggy address belongs to the physical page: [ 14.147220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a23 [ 14.147488] flags: 0x200000000000000(node=0|zone=2) [ 14.147657] page_type: f5(slab) [ 14.147780] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.148011] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.148240] page dumped because: kasan: bad access detected [ 14.148430] [ 14.148526] Memory state around the buggy address: [ 14.148749] ffff888103a23d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.149033] ffff888103a23d80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.149264] >ffff888103a23e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.150152] ^ [ 14.150336] ffff888103a23e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.150758] ffff888103a23f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.151285] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.098976] ================================================================== [ 14.100930] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.101588] Read of size 1 at addr ffff888103a23e10 by task kunit_try_catch/278 [ 14.102863] [ 14.103051] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.103101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.103417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.103444] Call Trace: [ 14.103480] <TASK> [ 14.103498] dump_stack_lvl+0x73/0xb0 [ 14.103531] print_report+0xd1/0x610 [ 14.103555] ? __virt_addr_valid+0x1db/0x2d0 [ 14.103578] ? strcmp+0xb0/0xc0 [ 14.103595] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.103619] ? strcmp+0xb0/0xc0 [ 14.103635] kasan_report+0x141/0x180 [ 14.103657] ? strcmp+0xb0/0xc0 [ 14.103678] __asan_report_load1_noabort+0x18/0x20 [ 14.103703] strcmp+0xb0/0xc0 [ 14.103721] kasan_strings+0x431/0xe80 [ 14.103741] ? trace_hardirqs_on+0x37/0xe0 [ 14.103764] ? __pfx_kasan_strings+0x10/0x10 [ 14.103784] ? finish_task_switch.isra.0+0x153/0x700 [ 14.103806] ? __switch_to+0x47/0xf50 [ 14.103832] ? __schedule+0x10cc/0x2b60 [ 14.103855] ? __pfx_read_tsc+0x10/0x10 [ 14.103876] ? ktime_get_ts64+0x86/0x230 [ 14.103900] kunit_try_run_case+0x1a5/0x480 [ 14.103926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.104016] ? __kthread_parkme+0x82/0x180 [ 14.104037] ? preempt_count_sub+0x50/0x80 [ 14.104060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.104133] kthread+0x337/0x6f0 [ 14.104152] ? trace_preempt_on+0x20/0xc0 [ 14.104173] ? __pfx_kthread+0x10/0x10 [ 14.104192] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.104214] ? calculate_sigpending+0x7b/0xa0 [ 14.104238] ? __pfx_kthread+0x10/0x10 [ 14.104258] ret_from_fork+0x116/0x1d0 [ 14.104278] ? __pfx_kthread+0x10/0x10 [ 14.104309] ret_from_fork_asm+0x1a/0x30 [ 14.104338] </TASK> [ 14.104348] [ 14.116052] Allocated by task 278: [ 14.116197] kasan_save_stack+0x45/0x70 [ 14.116356] kasan_save_track+0x18/0x40 [ 14.116523] kasan_save_alloc_info+0x3b/0x50 [ 14.116672] __kasan_kmalloc+0xb7/0xc0 [ 14.116899] __kmalloc_cache_noprof+0x189/0x420 [ 14.117131] kasan_strings+0xc0/0xe80 [ 14.117325] kunit_try_run_case+0x1a5/0x480 [ 14.117626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.117853] kthread+0x337/0x6f0 [ 14.118042] ret_from_fork+0x116/0x1d0 [ 14.118212] ret_from_fork_asm+0x1a/0x30 [ 14.118388] [ 14.118517] Freed by task 278: [ 14.118667] kasan_save_stack+0x45/0x70 [ 14.118923] kasan_save_track+0x18/0x40 [ 14.119127] kasan_save_free_info+0x3f/0x60 [ 14.119335] __kasan_slab_free+0x56/0x70 [ 14.119515] kfree+0x222/0x3f0 [ 14.119670] kasan_strings+0x2aa/0xe80 [ 14.119814] kunit_try_run_case+0x1a5/0x480 [ 14.120033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120239] kthread+0x337/0x6f0 [ 14.120368] ret_from_fork+0x116/0x1d0 [ 14.120499] ret_from_fork_asm+0x1a/0x30 [ 14.120636] [ 14.120708] The buggy address belongs to the object at ffff888103a23e00 [ 14.120708] which belongs to the cache kmalloc-32 of size 32 [ 14.121255] The buggy address is located 16 bytes inside of [ 14.121255] freed 32-byte region [ffff888103a23e00, ffff888103a23e20) [ 14.121736] [ 14.121806] The buggy address belongs to the physical page: [ 14.121977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a23 [ 14.122217] flags: 0x200000000000000(node=0|zone=2) [ 14.122569] page_type: f5(slab) [ 14.122746] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.123091] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.123441] page dumped because: kasan: bad access detected [ 14.123808] [ 14.123896] Memory state around the buggy address: [ 14.124110] ffff888103a23d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.124401] ffff888103a23d80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.124760] >ffff888103a23e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.124982] ^ [ 14.125111] ffff888103a23e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.125336] ffff888103a23f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.125650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.059548] ================================================================== [ 14.060851] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.061702] Read of size 1 at addr ffff8881030f6c98 by task kunit_try_catch/276 [ 14.062425] [ 14.062707] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.062763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.062775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.062798] Call Trace: [ 14.062812] <TASK> [ 14.062829] dump_stack_lvl+0x73/0xb0 [ 14.062861] print_report+0xd1/0x610 [ 14.062886] ? __virt_addr_valid+0x1db/0x2d0 [ 14.062911] ? memcmp+0x1b4/0x1d0 [ 14.062928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.062952] ? memcmp+0x1b4/0x1d0 [ 14.062971] kasan_report+0x141/0x180 [ 14.062992] ? memcmp+0x1b4/0x1d0 [ 14.063014] __asan_report_load1_noabort+0x18/0x20 [ 14.063170] memcmp+0x1b4/0x1d0 [ 14.063192] kasan_memcmp+0x18f/0x390 [ 14.063225] ? trace_hardirqs_on+0x37/0xe0 [ 14.063251] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.063309] ? finish_task_switch.isra.0+0x153/0x700 [ 14.063336] ? __switch_to+0x47/0xf50 [ 14.063367] ? __pfx_read_tsc+0x10/0x10 [ 14.063388] ? ktime_get_ts64+0x86/0x230 [ 14.063413] kunit_try_run_case+0x1a5/0x480 [ 14.063439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.063462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.063498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.063522] ? __kthread_parkme+0x82/0x180 [ 14.063544] ? preempt_count_sub+0x50/0x80 [ 14.063568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.063593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.063618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.063643] kthread+0x337/0x6f0 [ 14.063663] ? trace_preempt_on+0x20/0xc0 [ 14.063686] ? __pfx_kthread+0x10/0x10 [ 14.063707] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.063729] ? calculate_sigpending+0x7b/0xa0 [ 14.063753] ? __pfx_kthread+0x10/0x10 [ 14.063775] ret_from_fork+0x116/0x1d0 [ 14.063794] ? __pfx_kthread+0x10/0x10 [ 14.063815] ret_from_fork_asm+0x1a/0x30 [ 14.063846] </TASK> [ 14.063857] [ 14.078705] Allocated by task 276: [ 14.079072] kasan_save_stack+0x45/0x70 [ 14.079559] kasan_save_track+0x18/0x40 [ 14.080154] kasan_save_alloc_info+0x3b/0x50 [ 14.080619] __kasan_kmalloc+0xb7/0xc0 [ 14.080979] __kmalloc_cache_noprof+0x189/0x420 [ 14.081384] kasan_memcmp+0xb7/0x390 [ 14.081586] kunit_try_run_case+0x1a5/0x480 [ 14.082004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082480] kthread+0x337/0x6f0 [ 14.082830] ret_from_fork+0x116/0x1d0 [ 14.083175] ret_from_fork_asm+0x1a/0x30 [ 14.083386] [ 14.083546] The buggy address belongs to the object at ffff8881030f6c80 [ 14.083546] which belongs to the cache kmalloc-32 of size 32 [ 14.084621] The buggy address is located 0 bytes to the right of [ 14.084621] allocated 24-byte region [ffff8881030f6c80, ffff8881030f6c98) [ 14.085890] [ 14.085983] The buggy address belongs to the physical page: [ 14.086547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030f6 [ 14.087023] flags: 0x200000000000000(node=0|zone=2) [ 14.087215] page_type: f5(slab) [ 14.087553] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.088086] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.088571] page dumped because: kasan: bad access detected [ 14.089043] [ 14.089117] Memory state around the buggy address: [ 14.089463] ffff8881030f6b80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.090078] ffff8881030f6c00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.090714] >ffff8881030f6c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.091333] ^ [ 14.091669] ffff8881030f6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.092157] ffff8881030f6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.092390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.704428] ================================================================== [ 12.704749] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.705299] Read of size 1 at addr ffff8881029ce400 by task kunit_try_catch/215 [ 12.705665] [ 12.705775] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.705815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.705825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.705844] Call Trace: [ 12.705855] <TASK> [ 12.705867] dump_stack_lvl+0x73/0xb0 [ 12.705895] print_report+0xd1/0x610 [ 12.705916] ? __virt_addr_valid+0x1db/0x2d0 [ 12.705937] ? ksize_uaf+0x5fe/0x6c0 [ 12.705957] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.705979] ? ksize_uaf+0x5fe/0x6c0 [ 12.705999] kasan_report+0x141/0x180 [ 12.706020] ? ksize_uaf+0x5fe/0x6c0 [ 12.706044] __asan_report_load1_noabort+0x18/0x20 [ 12.706068] ksize_uaf+0x5fe/0x6c0 [ 12.706087] ? __pfx_ksize_uaf+0x10/0x10 [ 12.706108] ? __schedule+0x10cc/0x2b60 [ 12.706129] ? __pfx_read_tsc+0x10/0x10 [ 12.706149] ? ktime_get_ts64+0x86/0x230 [ 12.706172] kunit_try_run_case+0x1a5/0x480 [ 12.706195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.706218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.706240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.706263] ? __kthread_parkme+0x82/0x180 [ 12.706293] ? preempt_count_sub+0x50/0x80 [ 12.706317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.706340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.706363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.706386] kthread+0x337/0x6f0 [ 12.706404] ? trace_preempt_on+0x20/0xc0 [ 12.706426] ? __pfx_kthread+0x10/0x10 [ 12.706445] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.706465] ? calculate_sigpending+0x7b/0xa0 [ 12.706487] ? __pfx_kthread+0x10/0x10 [ 12.706507] ret_from_fork+0x116/0x1d0 [ 12.706525] ? __pfx_kthread+0x10/0x10 [ 12.706544] ret_from_fork_asm+0x1a/0x30 [ 12.706573] </TASK> [ 12.706582] [ 12.713148] Allocated by task 215: [ 12.713291] kasan_save_stack+0x45/0x70 [ 12.713430] kasan_save_track+0x18/0x40 [ 12.713624] kasan_save_alloc_info+0x3b/0x50 [ 12.713829] __kasan_kmalloc+0xb7/0xc0 [ 12.714014] __kmalloc_cache_noprof+0x189/0x420 [ 12.714186] ksize_uaf+0xaa/0x6c0 [ 12.714319] kunit_try_run_case+0x1a5/0x480 [ 12.714478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.714736] kthread+0x337/0x6f0 [ 12.714901] ret_from_fork+0x116/0x1d0 [ 12.715092] ret_from_fork_asm+0x1a/0x30 [ 12.715296] [ 12.715392] Freed by task 215: [ 12.715591] kasan_save_stack+0x45/0x70 [ 12.715775] kasan_save_track+0x18/0x40 [ 12.715941] kasan_save_free_info+0x3f/0x60 [ 12.716117] __kasan_slab_free+0x56/0x70 [ 12.716320] kfree+0x222/0x3f0 [ 12.716441] ksize_uaf+0x12c/0x6c0 [ 12.716625] kunit_try_run_case+0x1a5/0x480 [ 12.716800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.717010] kthread+0x337/0x6f0 [ 12.717129] ret_from_fork+0x116/0x1d0 [ 12.717260] ret_from_fork_asm+0x1a/0x30 [ 12.717409] [ 12.717478] The buggy address belongs to the object at ffff8881029ce400 [ 12.717478] which belongs to the cache kmalloc-128 of size 128 [ 12.717830] The buggy address is located 0 bytes inside of [ 12.717830] freed 128-byte region [ffff8881029ce400, ffff8881029ce480) [ 12.718174] [ 12.718244] The buggy address belongs to the physical page: [ 12.718493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.719037] flags: 0x200000000000000(node=0|zone=2) [ 12.719273] page_type: f5(slab) [ 12.719453] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.720022] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.720357] page dumped because: kasan: bad access detected [ 12.720600] [ 12.720689] Memory state around the buggy address: [ 12.720874] ffff8881029ce300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.721095] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721318] >ffff8881029ce400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.721532] ^ [ 12.721644] ffff8881029ce480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721856] ffff8881029ce500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.722169] ================================================================== [ 12.723495] ================================================================== [ 12.723851] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.724456] Read of size 1 at addr ffff8881029ce478 by task kunit_try_catch/215 [ 12.724812] [ 12.724924] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.724970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.724981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.724999] Call Trace: [ 12.725013] <TASK> [ 12.725026] dump_stack_lvl+0x73/0xb0 [ 12.725052] print_report+0xd1/0x610 [ 12.725072] ? __virt_addr_valid+0x1db/0x2d0 [ 12.725093] ? ksize_uaf+0x5e4/0x6c0 [ 12.725112] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.725135] ? ksize_uaf+0x5e4/0x6c0 [ 12.725155] kasan_report+0x141/0x180 [ 12.725176] ? ksize_uaf+0x5e4/0x6c0 [ 12.725200] __asan_report_load1_noabort+0x18/0x20 [ 12.725224] ksize_uaf+0x5e4/0x6c0 [ 12.725244] ? __pfx_ksize_uaf+0x10/0x10 [ 12.725265] ? __schedule+0x10cc/0x2b60 [ 12.725298] ? __pfx_read_tsc+0x10/0x10 [ 12.725317] ? ktime_get_ts64+0x86/0x230 [ 12.725340] kunit_try_run_case+0x1a5/0x480 [ 12.725363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.725384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.725407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.725429] ? __kthread_parkme+0x82/0x180 [ 12.725448] ? preempt_count_sub+0x50/0x80 [ 12.725470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.725493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.725516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.725539] kthread+0x337/0x6f0 [ 12.725558] ? trace_preempt_on+0x20/0xc0 [ 12.725579] ? __pfx_kthread+0x10/0x10 [ 12.725598] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.725619] ? calculate_sigpending+0x7b/0xa0 [ 12.725641] ? __pfx_kthread+0x10/0x10 [ 12.725661] ret_from_fork+0x116/0x1d0 [ 12.725678] ? __pfx_kthread+0x10/0x10 [ 12.725697] ret_from_fork_asm+0x1a/0x30 [ 12.725726] </TASK> [ 12.725735] [ 12.732716] Allocated by task 215: [ 12.732972] kasan_save_stack+0x45/0x70 [ 12.733152] kasan_save_track+0x18/0x40 [ 12.733341] kasan_save_alloc_info+0x3b/0x50 [ 12.733572] __kasan_kmalloc+0xb7/0xc0 [ 12.733709] __kmalloc_cache_noprof+0x189/0x420 [ 12.733931] ksize_uaf+0xaa/0x6c0 [ 12.734072] kunit_try_run_case+0x1a5/0x480 [ 12.734216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.734401] kthread+0x337/0x6f0 [ 12.734695] ret_from_fork+0x116/0x1d0 [ 12.734887] ret_from_fork_asm+0x1a/0x30 [ 12.735089] [ 12.735182] Freed by task 215: [ 12.735347] kasan_save_stack+0x45/0x70 [ 12.735550] kasan_save_track+0x18/0x40 [ 12.735706] kasan_save_free_info+0x3f/0x60 [ 12.735915] __kasan_slab_free+0x56/0x70 [ 12.736116] kfree+0x222/0x3f0 [ 12.736274] ksize_uaf+0x12c/0x6c0 [ 12.736406] kunit_try_run_case+0x1a5/0x480 [ 12.736702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737015] kthread+0x337/0x6f0 [ 12.737138] ret_from_fork+0x116/0x1d0 [ 12.737335] ret_from_fork_asm+0x1a/0x30 [ 12.737532] [ 12.737599] The buggy address belongs to the object at ffff8881029ce400 [ 12.737599] which belongs to the cache kmalloc-128 of size 128 [ 12.737941] The buggy address is located 120 bytes inside of [ 12.737941] freed 128-byte region [ffff8881029ce400, ffff8881029ce480) [ 12.738292] [ 12.738414] The buggy address belongs to the physical page: [ 12.738925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.739266] flags: 0x200000000000000(node=0|zone=2) [ 12.739551] page_type: f5(slab) [ 12.739712] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.740035] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.740256] page dumped because: kasan: bad access detected [ 12.740428] [ 12.740596] Memory state around the buggy address: [ 12.740820] ffff8881029ce300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.741149] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.741453] >ffff8881029ce400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.741696] ^ [ 12.741932] ffff8881029ce480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.742232] ffff8881029ce500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.742597] ================================================================== [ 12.683171] ================================================================== [ 12.683957] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.684206] Read of size 1 at addr ffff8881029ce400 by task kunit_try_catch/215 [ 12.684973] [ 12.685158] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.685203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.685214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.685235] Call Trace: [ 12.685246] <TASK> [ 12.685262] dump_stack_lvl+0x73/0xb0 [ 12.685308] print_report+0xd1/0x610 [ 12.685331] ? __virt_addr_valid+0x1db/0x2d0 [ 12.685354] ? ksize_uaf+0x19d/0x6c0 [ 12.685373] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.685395] ? ksize_uaf+0x19d/0x6c0 [ 12.685415] kasan_report+0x141/0x180 [ 12.685437] ? ksize_uaf+0x19d/0x6c0 [ 12.685469] ? ksize_uaf+0x19d/0x6c0 [ 12.685490] __kasan_check_byte+0x3d/0x50 [ 12.685512] ksize+0x20/0x60 [ 12.685532] ksize_uaf+0x19d/0x6c0 [ 12.685551] ? __pfx_ksize_uaf+0x10/0x10 [ 12.685572] ? __schedule+0x10cc/0x2b60 [ 12.685594] ? __pfx_read_tsc+0x10/0x10 [ 12.685614] ? ktime_get_ts64+0x86/0x230 [ 12.685639] kunit_try_run_case+0x1a5/0x480 [ 12.685663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.685708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685730] ? __kthread_parkme+0x82/0x180 [ 12.685750] ? preempt_count_sub+0x50/0x80 [ 12.685774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.685843] kthread+0x337/0x6f0 [ 12.685861] ? trace_preempt_on+0x20/0xc0 [ 12.685883] ? __pfx_kthread+0x10/0x10 [ 12.685902] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.685923] ? calculate_sigpending+0x7b/0xa0 [ 12.685948] ? __pfx_kthread+0x10/0x10 [ 12.685968] ret_from_fork+0x116/0x1d0 [ 12.685986] ? __pfx_kthread+0x10/0x10 [ 12.686005] ret_from_fork_asm+0x1a/0x30 [ 12.686035] </TASK> [ 12.686044] [ 12.694511] Allocated by task 215: [ 12.694692] kasan_save_stack+0x45/0x70 [ 12.694895] kasan_save_track+0x18/0x40 [ 12.695083] kasan_save_alloc_info+0x3b/0x50 [ 12.695275] __kasan_kmalloc+0xb7/0xc0 [ 12.695448] __kmalloc_cache_noprof+0x189/0x420 [ 12.695652] ksize_uaf+0xaa/0x6c0 [ 12.695773] kunit_try_run_case+0x1a5/0x480 [ 12.695918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.696093] kthread+0x337/0x6f0 [ 12.696212] ret_from_fork+0x116/0x1d0 [ 12.696404] ret_from_fork_asm+0x1a/0x30 [ 12.696608] [ 12.696699] Freed by task 215: [ 12.696852] kasan_save_stack+0x45/0x70 [ 12.697046] kasan_save_track+0x18/0x40 [ 12.697232] kasan_save_free_info+0x3f/0x60 [ 12.697445] __kasan_slab_free+0x56/0x70 [ 12.697642] kfree+0x222/0x3f0 [ 12.697757] ksize_uaf+0x12c/0x6c0 [ 12.697881] kunit_try_run_case+0x1a5/0x480 [ 12.698051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698313] kthread+0x337/0x6f0 [ 12.698490] ret_from_fork+0x116/0x1d0 [ 12.698673] ret_from_fork_asm+0x1a/0x30 [ 12.698865] [ 12.698959] The buggy address belongs to the object at ffff8881029ce400 [ 12.698959] which belongs to the cache kmalloc-128 of size 128 [ 12.699436] The buggy address is located 0 bytes inside of [ 12.699436] freed 128-byte region [ffff8881029ce400, ffff8881029ce480) [ 12.699894] [ 12.699968] The buggy address belongs to the physical page: [ 12.700200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.700528] flags: 0x200000000000000(node=0|zone=2) [ 12.700741] page_type: f5(slab) [ 12.700905] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.701199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.701436] page dumped because: kasan: bad access detected [ 12.701695] [ 12.701787] Memory state around the buggy address: [ 12.702005] ffff8881029ce300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.702261] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.702682] >ffff8881029ce400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.702961] ^ [ 12.703103] ffff8881029ce480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.703373] ffff8881029ce500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.703732] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.579870] ================================================================== [ 12.581424] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.581912] Read of size 1 at addr ffff8881029ce373 by task kunit_try_catch/213 [ 12.582388] [ 12.582481] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.582525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.582536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.582555] Call Trace: [ 12.582567] <TASK> [ 12.582581] dump_stack_lvl+0x73/0xb0 [ 12.582611] print_report+0xd1/0x610 [ 12.582632] ? __virt_addr_valid+0x1db/0x2d0 [ 12.582654] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.582677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.582698] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.582721] kasan_report+0x141/0x180 [ 12.582742] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.582770] __asan_report_load1_noabort+0x18/0x20 [ 12.582794] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.582817] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.582839] ? finish_task_switch.isra.0+0x153/0x700 [ 12.582861] ? __switch_to+0x47/0xf50 [ 12.582886] ? __schedule+0x10cc/0x2b60 [ 12.582908] ? __pfx_read_tsc+0x10/0x10 [ 12.582927] ? ktime_get_ts64+0x86/0x230 [ 12.582950] kunit_try_run_case+0x1a5/0x480 [ 12.582974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.582996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.583031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.583055] ? __kthread_parkme+0x82/0x180 [ 12.583076] ? preempt_count_sub+0x50/0x80 [ 12.583099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.583121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.583144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.583168] kthread+0x337/0x6f0 [ 12.583187] ? trace_preempt_on+0x20/0xc0 [ 12.583210] ? __pfx_kthread+0x10/0x10 [ 12.583229] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.583250] ? calculate_sigpending+0x7b/0xa0 [ 12.583273] ? __pfx_kthread+0x10/0x10 [ 12.583308] ret_from_fork+0x116/0x1d0 [ 12.583326] ? __pfx_kthread+0x10/0x10 [ 12.583345] ret_from_fork_asm+0x1a/0x30 [ 12.583375] </TASK> [ 12.583385] [ 12.598582] Allocated by task 213: [ 12.598725] kasan_save_stack+0x45/0x70 [ 12.598880] kasan_save_track+0x18/0x40 [ 12.599077] kasan_save_alloc_info+0x3b/0x50 [ 12.599471] __kasan_kmalloc+0xb7/0xc0 [ 12.599860] __kmalloc_cache_noprof+0x189/0x420 [ 12.600365] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.600821] kunit_try_run_case+0x1a5/0x480 [ 12.601273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.601785] kthread+0x337/0x6f0 [ 12.602079] ret_from_fork+0x116/0x1d0 [ 12.602345] ret_from_fork_asm+0x1a/0x30 [ 12.602720] [ 12.603089] The buggy address belongs to the object at ffff8881029ce300 [ 12.603089] which belongs to the cache kmalloc-128 of size 128 [ 12.604310] The buggy address is located 0 bytes to the right of [ 12.604310] allocated 115-byte region [ffff8881029ce300, ffff8881029ce373) [ 12.605088] [ 12.605252] The buggy address belongs to the physical page: [ 12.605747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.606628] flags: 0x200000000000000(node=0|zone=2) [ 12.606805] page_type: f5(slab) [ 12.606928] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.607535] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.608242] page dumped because: kasan: bad access detected [ 12.608781] [ 12.609010] Memory state around the buggy address: [ 12.609554] ffff8881029ce200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.609988] ffff8881029ce280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610793] >ffff8881029ce300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.611334] ^ [ 12.611657] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612302] ffff8881029ce400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612913] ================================================================== [ 12.613590] ================================================================== [ 12.614459] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615138] Read of size 1 at addr ffff8881029ce378 by task kunit_try_catch/213 [ 12.615608] [ 12.615789] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.615831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.615842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.615861] Call Trace: [ 12.615872] <TASK> [ 12.615886] dump_stack_lvl+0x73/0xb0 [ 12.615915] print_report+0xd1/0x610 [ 12.615936] ? __virt_addr_valid+0x1db/0x2d0 [ 12.615957] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.616002] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.616025] kasan_report+0x141/0x180 [ 12.616046] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.616074] __asan_report_load1_noabort+0x18/0x20 [ 12.616098] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.616121] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.616143] ? finish_task_switch.isra.0+0x153/0x700 [ 12.616186] ? __switch_to+0x47/0xf50 [ 12.616211] ? __schedule+0x10cc/0x2b60 [ 12.616241] ? __pfx_read_tsc+0x10/0x10 [ 12.616260] ? ktime_get_ts64+0x86/0x230 [ 12.616293] kunit_try_run_case+0x1a5/0x480 [ 12.616317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.616338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.616362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.616385] ? __kthread_parkme+0x82/0x180 [ 12.616405] ? preempt_count_sub+0x50/0x80 [ 12.616427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.616450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.616475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.616498] kthread+0x337/0x6f0 [ 12.616517] ? trace_preempt_on+0x20/0xc0 [ 12.616540] ? __pfx_kthread+0x10/0x10 [ 12.616559] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.616580] ? calculate_sigpending+0x7b/0xa0 [ 12.616604] ? __pfx_kthread+0x10/0x10 [ 12.616633] ret_from_fork+0x116/0x1d0 [ 12.616650] ? __pfx_kthread+0x10/0x10 [ 12.616670] ret_from_fork_asm+0x1a/0x30 [ 12.616700] </TASK> [ 12.616709] [ 12.631267] Allocated by task 213: [ 12.631412] kasan_save_stack+0x45/0x70 [ 12.631595] kasan_save_track+0x18/0x40 [ 12.631969] kasan_save_alloc_info+0x3b/0x50 [ 12.632524] __kasan_kmalloc+0xb7/0xc0 [ 12.632883] __kmalloc_cache_noprof+0x189/0x420 [ 12.633389] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.633585] kunit_try_run_case+0x1a5/0x480 [ 12.633991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.634560] kthread+0x337/0x6f0 [ 12.634852] ret_from_fork+0x116/0x1d0 [ 12.635271] ret_from_fork_asm+0x1a/0x30 [ 12.635603] [ 12.635770] The buggy address belongs to the object at ffff8881029ce300 [ 12.635770] which belongs to the cache kmalloc-128 of size 128 [ 12.636787] The buggy address is located 5 bytes to the right of [ 12.636787] allocated 115-byte region [ffff8881029ce300, ffff8881029ce373) [ 12.637779] [ 12.637856] The buggy address belongs to the physical page: [ 12.638081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.638930] flags: 0x200000000000000(node=0|zone=2) [ 12.639476] page_type: f5(slab) [ 12.639792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.640404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.641044] page dumped because: kasan: bad access detected [ 12.641533] [ 12.641719] Memory state around the buggy address: [ 12.642010] ffff8881029ce200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.642231] ffff8881029ce280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.642639] >ffff8881029ce300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.643343] ^ [ 12.643843] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.644119] ffff8881029ce400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.644815] ================================================================== [ 12.645976] ================================================================== [ 12.646535] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.646775] Read of size 1 at addr ffff8881029ce37f by task kunit_try_catch/213 [ 12.646998] [ 12.647270] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.647325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647365] Call Trace: [ 12.647378] <TASK> [ 12.647391] dump_stack_lvl+0x73/0xb0 [ 12.647431] print_report+0xd1/0x610 [ 12.647452] ? __virt_addr_valid+0x1db/0x2d0 [ 12.647474] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.647496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.647518] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.647541] kasan_report+0x141/0x180 [ 12.647562] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.647591] __asan_report_load1_noabort+0x18/0x20 [ 12.647615] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.647638] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.647660] ? finish_task_switch.isra.0+0x153/0x700 [ 12.647682] ? __switch_to+0x47/0xf50 [ 12.647706] ? __schedule+0x10cc/0x2b60 [ 12.647727] ? __pfx_read_tsc+0x10/0x10 [ 12.647746] ? ktime_get_ts64+0x86/0x230 [ 12.647769] kunit_try_run_case+0x1a5/0x480 [ 12.647792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.647813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.647836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.647858] ? __kthread_parkme+0x82/0x180 [ 12.647878] ? preempt_count_sub+0x50/0x80 [ 12.647900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.647923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.647946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.647969] kthread+0x337/0x6f0 [ 12.647989] ? trace_preempt_on+0x20/0xc0 [ 12.648010] ? __pfx_kthread+0x10/0x10 [ 12.648078] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648113] ? calculate_sigpending+0x7b/0xa0 [ 12.648136] ? __pfx_kthread+0x10/0x10 [ 12.648156] ret_from_fork+0x116/0x1d0 [ 12.648174] ? __pfx_kthread+0x10/0x10 [ 12.648194] ret_from_fork_asm+0x1a/0x30 [ 12.648223] </TASK> [ 12.648232] [ 12.663901] Allocated by task 213: [ 12.664054] kasan_save_stack+0x45/0x70 [ 12.664204] kasan_save_track+0x18/0x40 [ 12.664481] kasan_save_alloc_info+0x3b/0x50 [ 12.664862] __kasan_kmalloc+0xb7/0xc0 [ 12.665454] __kmalloc_cache_noprof+0x189/0x420 [ 12.665895] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.666407] kunit_try_run_case+0x1a5/0x480 [ 12.666814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.667329] kthread+0x337/0x6f0 [ 12.667679] ret_from_fork+0x116/0x1d0 [ 12.668034] ret_from_fork_asm+0x1a/0x30 [ 12.668467] [ 12.668665] The buggy address belongs to the object at ffff8881029ce300 [ 12.668665] which belongs to the cache kmalloc-128 of size 128 [ 12.669196] The buggy address is located 12 bytes to the right of [ 12.669196] allocated 115-byte region [ffff8881029ce300, ffff8881029ce373) [ 12.670468] [ 12.670634] The buggy address belongs to the physical page: [ 12.671181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 12.671691] flags: 0x200000000000000(node=0|zone=2) [ 12.671857] page_type: f5(slab) [ 12.671976] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.672721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.673613] page dumped because: kasan: bad access detected [ 12.674000] [ 12.674169] Memory state around the buggy address: [ 12.674551] ffff8881029ce200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.674775] ffff8881029ce280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.674990] >ffff8881029ce300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.675812] ^ [ 12.676483] ffff8881029ce380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.677296] ffff8881029ce400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.677930] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.540796] ================================================================== [ 12.541340] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.542002] Free of addr ffff8881025c74e0 by task kunit_try_catch/211 [ 12.542783] [ 12.542921] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.542963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.542973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.542993] Call Trace: [ 12.543004] <TASK> [ 12.543017] dump_stack_lvl+0x73/0xb0 [ 12.543045] print_report+0xd1/0x610 [ 12.543066] ? __virt_addr_valid+0x1db/0x2d0 [ 12.543088] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.543110] ? kfree_sensitive+0x2e/0x90 [ 12.543187] kasan_report_invalid_free+0x10a/0x130 [ 12.543227] ? kfree_sensitive+0x2e/0x90 [ 12.543248] ? kfree_sensitive+0x2e/0x90 [ 12.543268] check_slab_allocation+0x101/0x130 [ 12.543300] __kasan_slab_pre_free+0x28/0x40 [ 12.543320] kfree+0xf0/0x3f0 [ 12.543341] ? kfree_sensitive+0x2e/0x90 [ 12.543362] kfree_sensitive+0x2e/0x90 [ 12.543381] kmalloc_double_kzfree+0x19c/0x350 [ 12.543405] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.543428] ? __schedule+0x10cc/0x2b60 [ 12.543450] ? __pfx_read_tsc+0x10/0x10 [ 12.543476] ? ktime_get_ts64+0x86/0x230 [ 12.543499] kunit_try_run_case+0x1a5/0x480 [ 12.543522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.543544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.543576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.543599] ? __kthread_parkme+0x82/0x180 [ 12.543619] ? preempt_count_sub+0x50/0x80 [ 12.543652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.543675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.543698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.543722] kthread+0x337/0x6f0 [ 12.543741] ? trace_preempt_on+0x20/0xc0 [ 12.543764] ? __pfx_kthread+0x10/0x10 [ 12.543783] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.543804] ? calculate_sigpending+0x7b/0xa0 [ 12.543827] ? __pfx_kthread+0x10/0x10 [ 12.543847] ret_from_fork+0x116/0x1d0 [ 12.543865] ? __pfx_kthread+0x10/0x10 [ 12.543893] ret_from_fork_asm+0x1a/0x30 [ 12.543923] </TASK> [ 12.543932] [ 12.554178] Allocated by task 211: [ 12.554712] kasan_save_stack+0x45/0x70 [ 12.555354] kasan_save_track+0x18/0x40 [ 12.555929] kasan_save_alloc_info+0x3b/0x50 [ 12.556623] __kasan_kmalloc+0xb7/0xc0 [ 12.556875] __kmalloc_cache_noprof+0x189/0x420 [ 12.557577] kmalloc_double_kzfree+0xa9/0x350 [ 12.558337] kunit_try_run_case+0x1a5/0x480 [ 12.558728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.558915] kthread+0x337/0x6f0 [ 12.559585] ret_from_fork+0x116/0x1d0 [ 12.559964] ret_from_fork_asm+0x1a/0x30 [ 12.560582] [ 12.560914] Freed by task 211: [ 12.561526] kasan_save_stack+0x45/0x70 [ 12.561675] kasan_save_track+0x18/0x40 [ 12.561812] kasan_save_free_info+0x3f/0x60 [ 12.561958] __kasan_slab_free+0x56/0x70 [ 12.562098] kfree+0x222/0x3f0 [ 12.562215] kfree_sensitive+0x67/0x90 [ 12.562359] kmalloc_double_kzfree+0x12b/0x350 [ 12.562511] kunit_try_run_case+0x1a5/0x480 [ 12.562656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.562830] kthread+0x337/0x6f0 [ 12.562949] ret_from_fork+0x116/0x1d0 [ 12.563079] ret_from_fork_asm+0x1a/0x30 [ 12.563217] [ 12.563307] The buggy address belongs to the object at ffff8881025c74e0 [ 12.563307] which belongs to the cache kmalloc-16 of size 16 [ 12.564481] The buggy address is located 0 bytes inside of [ 12.564481] 16-byte region [ffff8881025c74e0, ffff8881025c74f0) [ 12.565783] [ 12.565955] The buggy address belongs to the physical page: [ 12.566556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 12.567350] flags: 0x200000000000000(node=0|zone=2) [ 12.567910] page_type: f5(slab) [ 12.568313] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.569172] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.570086] page dumped because: kasan: bad access detected [ 12.570749] [ 12.571012] Memory state around the buggy address: [ 12.571478] ffff8881025c7380: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 12.572185] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 12.572559] >ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.573345] ^ [ 12.573769] ffff8881025c7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.573993] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.574803] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.517675] ================================================================== [ 12.518362] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.518865] Read of size 1 at addr ffff8881025c74e0 by task kunit_try_catch/211 [ 12.519320] [ 12.519431] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.519479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.519490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.519511] Call Trace: [ 12.519524] <TASK> [ 12.519552] dump_stack_lvl+0x73/0xb0 [ 12.519583] print_report+0xd1/0x610 [ 12.519605] ? __virt_addr_valid+0x1db/0x2d0 [ 12.519642] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.519665] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.519687] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.519710] kasan_report+0x141/0x180 [ 12.519741] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.519766] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.519789] __kasan_check_byte+0x3d/0x50 [ 12.519822] kfree_sensitive+0x22/0x90 [ 12.519844] kmalloc_double_kzfree+0x19c/0x350 [ 12.519867] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.519891] ? __schedule+0x10cc/0x2b60 [ 12.519914] ? __pfx_read_tsc+0x10/0x10 [ 12.519935] ? ktime_get_ts64+0x86/0x230 [ 12.519968] kunit_try_run_case+0x1a5/0x480 [ 12.519993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.520015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.520049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.520072] ? __kthread_parkme+0x82/0x180 [ 12.520246] ? preempt_count_sub+0x50/0x80 [ 12.520274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.520312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.520337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.520361] kthread+0x337/0x6f0 [ 12.520379] ? trace_preempt_on+0x20/0xc0 [ 12.520402] ? __pfx_kthread+0x10/0x10 [ 12.520422] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.520443] ? calculate_sigpending+0x7b/0xa0 [ 12.520482] ? __pfx_kthread+0x10/0x10 [ 12.520503] ret_from_fork+0x116/0x1d0 [ 12.520521] ? __pfx_kthread+0x10/0x10 [ 12.520541] ret_from_fork_asm+0x1a/0x30 [ 12.520571] </TASK> [ 12.520581] [ 12.529046] Allocated by task 211: [ 12.529241] kasan_save_stack+0x45/0x70 [ 12.529402] kasan_save_track+0x18/0x40 [ 12.529539] kasan_save_alloc_info+0x3b/0x50 [ 12.529777] __kasan_kmalloc+0xb7/0xc0 [ 12.529961] __kmalloc_cache_noprof+0x189/0x420 [ 12.530181] kmalloc_double_kzfree+0xa9/0x350 [ 12.530555] kunit_try_run_case+0x1a5/0x480 [ 12.530728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.530980] kthread+0x337/0x6f0 [ 12.531275] ret_from_fork+0x116/0x1d0 [ 12.531489] ret_from_fork_asm+0x1a/0x30 [ 12.531681] [ 12.531754] Freed by task 211: [ 12.531866] kasan_save_stack+0x45/0x70 [ 12.532001] kasan_save_track+0x18/0x40 [ 12.532211] kasan_save_free_info+0x3f/0x60 [ 12.532426] __kasan_slab_free+0x56/0x70 [ 12.532784] kfree+0x222/0x3f0 [ 12.533114] kfree_sensitive+0x67/0x90 [ 12.533321] kmalloc_double_kzfree+0x12b/0x350 [ 12.533560] kunit_try_run_case+0x1a5/0x480 [ 12.533716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533997] kthread+0x337/0x6f0 [ 12.534236] ret_from_fork+0x116/0x1d0 [ 12.534447] ret_from_fork_asm+0x1a/0x30 [ 12.534647] [ 12.534758] The buggy address belongs to the object at ffff8881025c74e0 [ 12.534758] which belongs to the cache kmalloc-16 of size 16 [ 12.535360] The buggy address is located 0 bytes inside of [ 12.535360] freed 16-byte region [ffff8881025c74e0, ffff8881025c74f0) [ 12.535880] [ 12.535987] The buggy address belongs to the physical page: [ 12.536311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 12.536592] flags: 0x200000000000000(node=0|zone=2) [ 12.536840] page_type: f5(slab) [ 12.537087] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.537537] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.537788] page dumped because: kasan: bad access detected [ 12.537969] [ 12.538073] Memory state around the buggy address: [ 12.538468] ffff8881025c7380: 00 06 fc fc 00 06 fc fc 00 04 fc fc 00 04 fc fc [ 12.538768] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 12.539157] >ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.539470] ^ [ 12.539667] ffff8881025c7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.539978] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.540298] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.480894] ================================================================== [ 12.481517] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.481785] Read of size 1 at addr ffff8881029d4828 by task kunit_try_catch/207 [ 12.482083] [ 12.482190] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.482243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.482254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.482274] Call Trace: [ 12.482343] <TASK> [ 12.482358] dump_stack_lvl+0x73/0xb0 [ 12.482388] print_report+0xd1/0x610 [ 12.482410] ? __virt_addr_valid+0x1db/0x2d0 [ 12.482432] ? kmalloc_uaf2+0x4a8/0x520 [ 12.482451] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.482483] ? kmalloc_uaf2+0x4a8/0x520 [ 12.482503] kasan_report+0x141/0x180 [ 12.482524] ? kmalloc_uaf2+0x4a8/0x520 [ 12.482558] __asan_report_load1_noabort+0x18/0x20 [ 12.482582] kmalloc_uaf2+0x4a8/0x520 [ 12.482601] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.482631] ? finish_task_switch.isra.0+0x153/0x700 [ 12.482653] ? __switch_to+0x47/0xf50 [ 12.482679] ? __schedule+0x10cc/0x2b60 [ 12.482701] ? __pfx_read_tsc+0x10/0x10 [ 12.482720] ? ktime_get_ts64+0x86/0x230 [ 12.482743] kunit_try_run_case+0x1a5/0x480 [ 12.482766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.482788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.482811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.482833] ? __kthread_parkme+0x82/0x180 [ 12.482863] ? preempt_count_sub+0x50/0x80 [ 12.482885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.482908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.482942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.482966] kthread+0x337/0x6f0 [ 12.482984] ? trace_preempt_on+0x20/0xc0 [ 12.483006] ? __pfx_kthread+0x10/0x10 [ 12.483063] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.483085] ? calculate_sigpending+0x7b/0xa0 [ 12.483108] ? __pfx_kthread+0x10/0x10 [ 12.483129] ret_from_fork+0x116/0x1d0 [ 12.483147] ? __pfx_kthread+0x10/0x10 [ 12.483167] ret_from_fork_asm+0x1a/0x30 [ 12.483207] </TASK> [ 12.483218] [ 12.492140] Allocated by task 207: [ 12.492340] kasan_save_stack+0x45/0x70 [ 12.492835] kasan_save_track+0x18/0x40 [ 12.493182] kasan_save_alloc_info+0x3b/0x50 [ 12.493434] __kasan_kmalloc+0xb7/0xc0 [ 12.493613] __kmalloc_cache_noprof+0x189/0x420 [ 12.493821] kmalloc_uaf2+0xc6/0x520 [ 12.493990] kunit_try_run_case+0x1a5/0x480 [ 12.494175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.494418] kthread+0x337/0x6f0 [ 12.495257] ret_from_fork+0x116/0x1d0 [ 12.495753] ret_from_fork_asm+0x1a/0x30 [ 12.496017] [ 12.496377] Freed by task 207: [ 12.496714] kasan_save_stack+0x45/0x70 [ 12.496904] kasan_save_track+0x18/0x40 [ 12.497525] kasan_save_free_info+0x3f/0x60 [ 12.497813] __kasan_slab_free+0x56/0x70 [ 12.498194] kfree+0x222/0x3f0 [ 12.498371] kmalloc_uaf2+0x14c/0x520 [ 12.498979] kunit_try_run_case+0x1a5/0x480 [ 12.499268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.499582] kthread+0x337/0x6f0 [ 12.499740] ret_from_fork+0x116/0x1d0 [ 12.499908] ret_from_fork_asm+0x1a/0x30 [ 12.500529] [ 12.500742] The buggy address belongs to the object at ffff8881029d4800 [ 12.500742] which belongs to the cache kmalloc-64 of size 64 [ 12.501706] The buggy address is located 40 bytes inside of [ 12.501706] freed 64-byte region [ffff8881029d4800, ffff8881029d4840) [ 12.502422] [ 12.502737] The buggy address belongs to the physical page: [ 12.503356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 12.504048] flags: 0x200000000000000(node=0|zone=2) [ 12.504743] page_type: f5(slab) [ 12.505002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.505862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.506552] page dumped because: kasan: bad access detected [ 12.506802] [ 12.506891] Memory state around the buggy address: [ 12.507384] ffff8881029d4700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.507847] ffff8881029d4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.508550] >ffff8881029d4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.508853] ^ [ 12.509421] ffff8881029d4880: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.509902] ffff8881029d4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.510256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.457171] ================================================================== [ 12.457788] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.458097] Write of size 33 at addr ffff8881029d4700 by task kunit_try_catch/205 [ 12.458433] [ 12.458641] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.458683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.458694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.458725] Call Trace: [ 12.458738] <TASK> [ 12.458752] dump_stack_lvl+0x73/0xb0 [ 12.458780] print_report+0xd1/0x610 [ 12.458801] ? __virt_addr_valid+0x1db/0x2d0 [ 12.458834] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.458854] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.458876] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.458907] kasan_report+0x141/0x180 [ 12.458929] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.458954] kasan_check_range+0x10c/0x1c0 [ 12.458976] __asan_memset+0x27/0x50 [ 12.458995] kmalloc_uaf_memset+0x1a3/0x360 [ 12.459015] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.459046] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.459071] ? __pfx_read_tsc+0x10/0x10 [ 12.459091] ? ktime_get_ts64+0x86/0x230 [ 12.459124] kunit_try_run_case+0x1a5/0x480 [ 12.459148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.459169] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.459200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.459223] ? __kthread_parkme+0x82/0x180 [ 12.459242] ? preempt_count_sub+0x50/0x80 [ 12.459264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.459307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.459330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.459354] kthread+0x337/0x6f0 [ 12.459372] ? trace_preempt_on+0x20/0xc0 [ 12.459404] ? __pfx_kthread+0x10/0x10 [ 12.459423] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.459443] ? calculate_sigpending+0x7b/0xa0 [ 12.459477] ? __pfx_kthread+0x10/0x10 [ 12.459497] ret_from_fork+0x116/0x1d0 [ 12.459515] ? __pfx_kthread+0x10/0x10 [ 12.459534] ret_from_fork_asm+0x1a/0x30 [ 12.459564] </TASK> [ 12.459574] [ 12.466760] Allocated by task 205: [ 12.466885] kasan_save_stack+0x45/0x70 [ 12.467024] kasan_save_track+0x18/0x40 [ 12.467158] kasan_save_alloc_info+0x3b/0x50 [ 12.467345] __kasan_kmalloc+0xb7/0xc0 [ 12.467545] __kmalloc_cache_noprof+0x189/0x420 [ 12.467765] kmalloc_uaf_memset+0xa9/0x360 [ 12.467963] kunit_try_run_case+0x1a5/0x480 [ 12.468163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.468420] kthread+0x337/0x6f0 [ 12.468741] ret_from_fork+0x116/0x1d0 [ 12.468924] ret_from_fork_asm+0x1a/0x30 [ 12.469122] [ 12.469194] Freed by task 205: [ 12.469328] kasan_save_stack+0x45/0x70 [ 12.469580] kasan_save_track+0x18/0x40 [ 12.469755] kasan_save_free_info+0x3f/0x60 [ 12.469904] __kasan_slab_free+0x56/0x70 [ 12.470040] kfree+0x222/0x3f0 [ 12.470156] kmalloc_uaf_memset+0x12b/0x360 [ 12.470308] kunit_try_run_case+0x1a5/0x480 [ 12.470454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.470706] kthread+0x337/0x6f0 [ 12.470870] ret_from_fork+0x116/0x1d0 [ 12.471051] ret_from_fork_asm+0x1a/0x30 [ 12.471317] [ 12.471432] The buggy address belongs to the object at ffff8881029d4700 [ 12.471432] which belongs to the cache kmalloc-64 of size 64 [ 12.472058] The buggy address is located 0 bytes inside of [ 12.472058] freed 64-byte region [ffff8881029d4700, ffff8881029d4740) [ 12.472490] [ 12.472584] The buggy address belongs to the physical page: [ 12.472864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 12.473246] flags: 0x200000000000000(node=0|zone=2) [ 12.473576] page_type: f5(slab) [ 12.473743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.474052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.474288] page dumped because: kasan: bad access detected [ 12.474549] [ 12.474641] Memory state around the buggy address: [ 12.474891] ffff8881029d4600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.475237] ffff8881029d4680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.475562] >ffff8881029d4700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.475875] ^ [ 12.476035] ffff8881029d4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.476346] ffff8881029d4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.476676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.427766] ================================================================== [ 12.428821] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.429311] Read of size 1 at addr ffff88810216cb48 by task kunit_try_catch/203 [ 12.429979] [ 12.430301] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.430354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.430366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.430387] Call Trace: [ 12.430400] <TASK> [ 12.430417] dump_stack_lvl+0x73/0xb0 [ 12.430449] print_report+0xd1/0x610 [ 12.430472] ? __virt_addr_valid+0x1db/0x2d0 [ 12.430495] ? kmalloc_uaf+0x320/0x380 [ 12.430514] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.430536] ? kmalloc_uaf+0x320/0x380 [ 12.430555] kasan_report+0x141/0x180 [ 12.430578] ? kmalloc_uaf+0x320/0x380 [ 12.430602] __asan_report_load1_noabort+0x18/0x20 [ 12.430625] kmalloc_uaf+0x320/0x380 [ 12.430644] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.430665] ? __schedule+0x10cc/0x2b60 [ 12.430688] ? __pfx_read_tsc+0x10/0x10 [ 12.430708] ? ktime_get_ts64+0x86/0x230 [ 12.430733] kunit_try_run_case+0x1a5/0x480 [ 12.430757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.430802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.430825] ? __kthread_parkme+0x82/0x180 [ 12.430847] ? preempt_count_sub+0x50/0x80 [ 12.430872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.430921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.430944] kthread+0x337/0x6f0 [ 12.430962] ? trace_preempt_on+0x20/0xc0 [ 12.430986] ? __pfx_kthread+0x10/0x10 [ 12.431006] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.431026] ? calculate_sigpending+0x7b/0xa0 [ 12.431050] ? __pfx_kthread+0x10/0x10 [ 12.431070] ret_from_fork+0x116/0x1d0 [ 12.431089] ? __pfx_kthread+0x10/0x10 [ 12.431110] ret_from_fork_asm+0x1a/0x30 [ 12.431140] </TASK> [ 12.431150] [ 12.444105] Allocated by task 203: [ 12.444477] kasan_save_stack+0x45/0x70 [ 12.444848] kasan_save_track+0x18/0x40 [ 12.445216] kasan_save_alloc_info+0x3b/0x50 [ 12.445573] __kasan_kmalloc+0xb7/0xc0 [ 12.445845] __kmalloc_cache_noprof+0x189/0x420 [ 12.446006] kmalloc_uaf+0xaa/0x380 [ 12.446132] kunit_try_run_case+0x1a5/0x480 [ 12.446286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.446521] kthread+0x337/0x6f0 [ 12.446663] ret_from_fork+0x116/0x1d0 [ 12.446795] ret_from_fork_asm+0x1a/0x30 [ 12.446988] [ 12.447092] Freed by task 203: [ 12.447223] kasan_save_stack+0x45/0x70 [ 12.447412] kasan_save_track+0x18/0x40 [ 12.447658] kasan_save_free_info+0x3f/0x60 [ 12.447870] __kasan_slab_free+0x56/0x70 [ 12.448049] kfree+0x222/0x3f0 [ 12.448221] kmalloc_uaf+0x12c/0x380 [ 12.448361] kunit_try_run_case+0x1a5/0x480 [ 12.448507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.448827] kthread+0x337/0x6f0 [ 12.449000] ret_from_fork+0x116/0x1d0 [ 12.449185] ret_from_fork_asm+0x1a/0x30 [ 12.449386] [ 12.449488] The buggy address belongs to the object at ffff88810216cb40 [ 12.449488] which belongs to the cache kmalloc-16 of size 16 [ 12.449903] The buggy address is located 8 bytes inside of [ 12.449903] freed 16-byte region [ffff88810216cb40, ffff88810216cb50) [ 12.450442] [ 12.450542] The buggy address belongs to the physical page: [ 12.450761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10216c [ 12.451100] flags: 0x200000000000000(node=0|zone=2) [ 12.451322] page_type: f5(slab) [ 12.451502] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.451809] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.452052] page dumped because: kasan: bad access detected [ 12.452223] [ 12.452300] Memory state around the buggy address: [ 12.452485] ffff88810216ca00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.452821] ffff88810216ca80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.453143] >ffff88810216cb00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.453390] ^ [ 12.453562] ffff88810216cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.453874] ffff88810216cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.454217] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.029750] ================================================================== [ 14.030515] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.031059] Read of size 1 at addr ffff888103af7c4a by task kunit_try_catch/272 [ 14.031502] [ 14.031624] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.031672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.031685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.031707] Call Trace: [ 14.031836] <TASK> [ 14.031854] dump_stack_lvl+0x73/0xb0 [ 14.031888] print_report+0xd1/0x610 [ 14.031911] ? __virt_addr_valid+0x1db/0x2d0 [ 14.031934] ? kasan_alloca_oob_right+0x329/0x390 [ 14.031958] ? kasan_addr_to_slab+0x11/0xa0 [ 14.031980] ? kasan_alloca_oob_right+0x329/0x390 [ 14.032093] kasan_report+0x141/0x180 [ 14.032121] ? kasan_alloca_oob_right+0x329/0x390 [ 14.032150] __asan_report_load1_noabort+0x18/0x20 [ 14.032176] kasan_alloca_oob_right+0x329/0x390 [ 14.032200] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.032223] ? finish_task_switch.isra.0+0x153/0x700 [ 14.032247] ? __schedule+0x100e/0x2b60 [ 14.032270] ? trace_hardirqs_on+0x37/0xe0 [ 14.032307] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.032334] ? __schedule+0x10cc/0x2b60 [ 14.032355] ? __pfx_read_tsc+0x10/0x10 [ 14.032380] ? ktime_get_ts64+0x86/0x230 [ 14.032404] kunit_try_run_case+0x1a5/0x480 [ 14.032430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.032453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.032501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.032527] ? __kthread_parkme+0x82/0x180 [ 14.032548] ? preempt_count_sub+0x50/0x80 [ 14.032573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.032597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.032622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.032647] kthread+0x337/0x6f0 [ 14.032667] ? trace_preempt_on+0x20/0xc0 [ 14.032690] ? __pfx_kthread+0x10/0x10 [ 14.032710] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.032732] ? calculate_sigpending+0x7b/0xa0 [ 14.032758] ? __pfx_kthread+0x10/0x10 [ 14.032780] ret_from_fork+0x116/0x1d0 [ 14.032801] ? __pfx_kthread+0x10/0x10 [ 14.032821] ret_from_fork_asm+0x1a/0x30 [ 14.032853] </TASK> [ 14.032864] [ 14.044925] The buggy address belongs to stack of task kunit_try_catch/272 [ 14.045249] [ 14.045890] The buggy address belongs to the physical page: [ 14.046177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af7 [ 14.046718] flags: 0x200000000000000(node=0|zone=2) [ 14.047112] raw: 0200000000000000 ffffea00040ebdc8 ffffea00040ebdc8 0000000000000000 [ 14.047605] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.048035] page dumped because: kasan: bad access detected [ 14.048528] [ 14.048608] Memory state around the buggy address: [ 14.048972] ffff888103af7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.049421] ffff888103af7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.049869] >ffff888103af7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.050446] ^ [ 14.050838] ffff888103af7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.051245] ffff888103af7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.051737] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.006216] ================================================================== [ 14.006849] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.007337] Read of size 1 at addr ffff888103ae7c3f by task kunit_try_catch/270 [ 14.007896] [ 14.008187] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.008359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.008374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.008394] Call Trace: [ 14.008406] <TASK> [ 14.008419] dump_stack_lvl+0x73/0xb0 [ 14.008451] print_report+0xd1/0x610 [ 14.008564] ? __virt_addr_valid+0x1db/0x2d0 [ 14.008590] ? kasan_alloca_oob_left+0x320/0x380 [ 14.008612] ? kasan_addr_to_slab+0x11/0xa0 [ 14.008632] ? kasan_alloca_oob_left+0x320/0x380 [ 14.008655] kasan_report+0x141/0x180 [ 14.008677] ? kasan_alloca_oob_left+0x320/0x380 [ 14.008704] __asan_report_load1_noabort+0x18/0x20 [ 14.008728] kasan_alloca_oob_left+0x320/0x380 [ 14.008751] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.008773] ? finish_task_switch.isra.0+0x153/0x700 [ 14.008796] ? __schedule+0x100e/0x2b60 [ 14.008816] ? trace_hardirqs_on+0x37/0xe0 [ 14.008839] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.008865] ? __schedule+0x10cc/0x2b60 [ 14.008886] ? __pfx_read_tsc+0x10/0x10 [ 14.008907] ? ktime_get_ts64+0x86/0x230 [ 14.008931] kunit_try_run_case+0x1a5/0x480 [ 14.008962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.008984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.009042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.009066] ? __kthread_parkme+0x82/0x180 [ 14.009088] ? preempt_count_sub+0x50/0x80 [ 14.009110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.009135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.009158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.009182] kthread+0x337/0x6f0 [ 14.009202] ? trace_preempt_on+0x20/0xc0 [ 14.009223] ? __pfx_kthread+0x10/0x10 [ 14.009242] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.009264] ? calculate_sigpending+0x7b/0xa0 [ 14.009288] ? __pfx_kthread+0x10/0x10 [ 14.009321] ret_from_fork+0x116/0x1d0 [ 14.009340] ? __pfx_kthread+0x10/0x10 [ 14.009360] ret_from_fork_asm+0x1a/0x30 [ 14.009390] </TASK> [ 14.009401] [ 14.020848] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.021333] [ 14.021413] The buggy address belongs to the physical page: [ 14.021857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ae7 [ 14.022385] flags: 0x200000000000000(node=0|zone=2) [ 14.022644] raw: 0200000000000000 ffffea00040eb9c8 ffffea00040eb9c8 0000000000000000 [ 14.023231] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.023698] page dumped because: kasan: bad access detected [ 14.024079] [ 14.024185] Memory state around the buggy address: [ 14.024599] ffff888103ae7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.025021] ffff888103ae7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.025489] >ffff888103ae7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.025899] ^ [ 14.026258] ffff888103ae7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.026619] ffff888103ae7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.027099] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.980276] ================================================================== [ 13.980965] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.981596] Read of size 1 at addr ffff88810392fd02 by task kunit_try_catch/268 [ 13.982595] [ 13.982741] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.982787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.982823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.982844] Call Trace: [ 13.982870] <TASK> [ 13.982886] dump_stack_lvl+0x73/0xb0 [ 13.982916] print_report+0xd1/0x610 [ 13.982938] ? __virt_addr_valid+0x1db/0x2d0 [ 13.982962] ? kasan_stack_oob+0x2b5/0x300 [ 13.982981] ? kasan_addr_to_slab+0x11/0xa0 [ 13.983001] ? kasan_stack_oob+0x2b5/0x300 [ 13.983020] kasan_report+0x141/0x180 [ 13.983042] ? kasan_stack_oob+0x2b5/0x300 [ 13.983066] __asan_report_load1_noabort+0x18/0x20 [ 13.983092] kasan_stack_oob+0x2b5/0x300 [ 13.983111] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.983130] ? finish_task_switch.isra.0+0x153/0x700 [ 13.983153] ? __switch_to+0x47/0xf50 [ 13.983179] ? __schedule+0x10cc/0x2b60 [ 13.983201] ? __pfx_read_tsc+0x10/0x10 [ 13.983222] ? ktime_get_ts64+0x86/0x230 [ 13.983247] kunit_try_run_case+0x1a5/0x480 [ 13.983271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.983309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.983332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.983356] ? __kthread_parkme+0x82/0x180 [ 13.983376] ? preempt_count_sub+0x50/0x80 [ 13.983400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.983423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.983447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.983477] kthread+0x337/0x6f0 [ 13.983496] ? trace_preempt_on+0x20/0xc0 [ 13.983520] ? __pfx_kthread+0x10/0x10 [ 13.983540] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.983562] ? calculate_sigpending+0x7b/0xa0 [ 13.983586] ? __pfx_kthread+0x10/0x10 [ 13.983606] ret_from_fork+0x116/0x1d0 [ 13.983626] ? __pfx_kthread+0x10/0x10 [ 13.983645] ret_from_fork_asm+0x1a/0x30 [ 13.983677] </TASK> [ 13.983688] [ 13.994520] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.995136] and is located at offset 138 in frame: [ 13.995371] kasan_stack_oob+0x0/0x300 [ 13.995969] [ 13.996182] This frame has 4 objects: [ 13.996431] [48, 49) '__assertion' [ 13.996501] [64, 72) 'array' [ 13.996816] [96, 112) '__assertion' [ 13.996987] [128, 138) 'stack_array' [ 13.997263] [ 13.997720] The buggy address belongs to the physical page: [ 13.998214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10392f [ 13.998702] flags: 0x200000000000000(node=0|zone=2) [ 13.998961] raw: 0200000000000000 ffffea00040e4bc8 ffffea00040e4bc8 0000000000000000 [ 13.999623] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.999950] page dumped because: kasan: bad access detected [ 14.000212] [ 14.000303] Memory state around the buggy address: [ 14.000519] ffff88810392fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.000820] ffff88810392fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.001127] >ffff88810392fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.001955] ^ [ 14.002110] ffff88810392fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.002824] ffff88810392fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.003158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.949361] ================================================================== [ 13.949989] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.951619] Read of size 1 at addr ffffffff88263e8d by task kunit_try_catch/264 [ 13.952672] [ 13.952804] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.952852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.952865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.952887] Call Trace: [ 13.952900] <TASK> [ 13.952915] dump_stack_lvl+0x73/0xb0 [ 13.952953] print_report+0xd1/0x610 [ 13.952976] ? __virt_addr_valid+0x1db/0x2d0 [ 13.952999] ? kasan_global_oob_right+0x286/0x2d0 [ 13.953021] ? kasan_addr_to_slab+0x11/0xa0 [ 13.953386] ? kasan_global_oob_right+0x286/0x2d0 [ 13.953413] kasan_report+0x141/0x180 [ 13.953436] ? kasan_global_oob_right+0x286/0x2d0 [ 13.953463] __asan_report_load1_noabort+0x18/0x20 [ 13.953594] kasan_global_oob_right+0x286/0x2d0 [ 13.953617] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.953642] ? __schedule+0x10cc/0x2b60 [ 13.953665] ? __pfx_read_tsc+0x10/0x10 [ 13.953686] ? ktime_get_ts64+0x86/0x230 [ 13.953710] kunit_try_run_case+0x1a5/0x480 [ 13.953735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.953782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.953805] ? __kthread_parkme+0x82/0x180 [ 13.953825] ? preempt_count_sub+0x50/0x80 [ 13.953848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.953895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.953920] kthread+0x337/0x6f0 [ 13.953939] ? trace_preempt_on+0x20/0xc0 [ 13.953962] ? __pfx_kthread+0x10/0x10 [ 13.953982] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.954003] ? calculate_sigpending+0x7b/0xa0 [ 13.954041] ? __pfx_kthread+0x10/0x10 [ 13.954062] ret_from_fork+0x116/0x1d0 [ 13.954081] ? __pfx_kthread+0x10/0x10 [ 13.954101] ret_from_fork_asm+0x1a/0x30 [ 13.954131] </TASK> [ 13.954141] [ 13.967321] The buggy address belongs to the variable: [ 13.967899] global_array+0xd/0x40 [ 13.968247] [ 13.968542] The buggy address belongs to the physical page: [ 13.968881] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55663 [ 13.969316] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.969866] raw: 0100000000002000 ffffea00015598c8 ffffea00015598c8 0000000000000000 [ 13.970370] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.970864] page dumped because: kasan: bad access detected [ 13.971270] [ 13.971382] Memory state around the buggy address: [ 13.971932] ffffffff88263d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.972383] ffffffff88263e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.973007] >ffffffff88263e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.973360] ^ [ 13.973559] ffffffff88263f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.973983] ffffffff88263f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.974362] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.915669] ================================================================== [ 13.916353] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.916626] Free of addr ffff888103a6c001 by task kunit_try_catch/262 [ 13.916826] [ 13.916914] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.916965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.916977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.916997] Call Trace: [ 13.917010] <TASK> [ 13.917025] dump_stack_lvl+0x73/0xb0 [ 13.917056] print_report+0xd1/0x610 [ 13.917077] ? __virt_addr_valid+0x1db/0x2d0 [ 13.917102] ? kasan_addr_to_slab+0x11/0xa0 [ 13.917122] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.917149] kasan_report_invalid_free+0x10a/0x130 [ 13.917174] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.917202] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.917228] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.917252] mempool_free+0x2ec/0x380 [ 13.917278] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.918339] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.918378] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.918404] ? finish_task_switch.isra.0+0x153/0x700 [ 13.918430] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.918475] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.918504] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.918527] ? __pfx_mempool_kfree+0x10/0x10 [ 13.918552] ? __pfx_read_tsc+0x10/0x10 [ 13.918573] ? ktime_get_ts64+0x86/0x230 [ 13.918598] kunit_try_run_case+0x1a5/0x480 [ 13.918623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.918672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.918696] ? __kthread_parkme+0x82/0x180 [ 13.918718] ? preempt_count_sub+0x50/0x80 [ 13.918741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.918788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.918812] kthread+0x337/0x6f0 [ 13.918831] ? trace_preempt_on+0x20/0xc0 [ 13.918855] ? __pfx_kthread+0x10/0x10 [ 13.918875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.918896] ? calculate_sigpending+0x7b/0xa0 [ 13.918920] ? __pfx_kthread+0x10/0x10 [ 13.918940] ret_from_fork+0x116/0x1d0 [ 13.918958] ? __pfx_kthread+0x10/0x10 [ 13.918978] ret_from_fork_asm+0x1a/0x30 [ 13.919028] </TASK> [ 13.919038] [ 13.939645] The buggy address belongs to the physical page: [ 13.939896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 13.940328] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.940703] flags: 0x200000000000040(head|node=0|zone=2) [ 13.940986] page_type: f8(unknown) [ 13.941264] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.941546] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.941830] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.942260] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.942584] head: 0200000000000002 ffffea00040e9b01 00000000ffffffff 00000000ffffffff [ 13.942937] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.943390] page dumped because: kasan: bad access detected [ 13.943666] [ 13.943759] Memory state around the buggy address: [ 13.943984] ffff888103a6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.944395] ffff888103a6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.944750] >ffff888103a6c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.945132] ^ [ 13.945310] ffff888103a6c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.945675] ffff888103a6c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.945930] ================================================================== [ 13.879652] ================================================================== [ 13.880440] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.880791] Free of addr ffff8881039ee101 by task kunit_try_catch/260 [ 13.881087] [ 13.881415] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.881464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.881476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.881497] Call Trace: [ 13.881509] <TASK> [ 13.881522] dump_stack_lvl+0x73/0xb0 [ 13.881550] print_report+0xd1/0x610 [ 13.881593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.881616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.881650] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.881677] kasan_report_invalid_free+0x10a/0x130 [ 13.881701] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.881729] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.881754] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.881779] check_slab_allocation+0x11f/0x130 [ 13.881810] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.881834] mempool_free+0x2ec/0x380 [ 13.881860] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.881897] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.881923] ? update_load_avg+0x1be/0x21b0 [ 13.881949] ? finish_task_switch.isra.0+0x153/0x700 [ 13.881984] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.882008] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.882034] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.882067] ? __pfx_mempool_kfree+0x10/0x10 [ 13.882091] ? __pfx_read_tsc+0x10/0x10 [ 13.882216] ? ktime_get_ts64+0x86/0x230 [ 13.882244] kunit_try_run_case+0x1a5/0x480 [ 13.882268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.882327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.882350] ? __kthread_parkme+0x82/0x180 [ 13.882371] ? preempt_count_sub+0x50/0x80 [ 13.882394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.882442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.882466] kthread+0x337/0x6f0 [ 13.882495] ? trace_preempt_on+0x20/0xc0 [ 13.882518] ? __pfx_kthread+0x10/0x10 [ 13.882538] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.882559] ? calculate_sigpending+0x7b/0xa0 [ 13.882583] ? __pfx_kthread+0x10/0x10 [ 13.882604] ret_from_fork+0x116/0x1d0 [ 13.882622] ? __pfx_kthread+0x10/0x10 [ 13.882642] ret_from_fork_asm+0x1a/0x30 [ 13.882671] </TASK> [ 13.882682] [ 13.899167] Allocated by task 260: [ 13.899613] kasan_save_stack+0x45/0x70 [ 13.899919] kasan_save_track+0x18/0x40 [ 13.900191] kasan_save_alloc_info+0x3b/0x50 [ 13.900696] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.901280] remove_element+0x11e/0x190 [ 13.901548] mempool_alloc_preallocated+0x4d/0x90 [ 13.901887] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.902234] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.902832] kunit_try_run_case+0x1a5/0x480 [ 13.903323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.903782] kthread+0x337/0x6f0 [ 13.903966] ret_from_fork+0x116/0x1d0 [ 13.904354] ret_from_fork_asm+0x1a/0x30 [ 13.904519] [ 13.904697] The buggy address belongs to the object at ffff8881039ee100 [ 13.904697] which belongs to the cache kmalloc-128 of size 128 [ 13.905955] The buggy address is located 1 bytes inside of [ 13.905955] 128-byte region [ffff8881039ee100, ffff8881039ee180) [ 13.906901] [ 13.907094] The buggy address belongs to the physical page: [ 13.907459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 13.908187] flags: 0x200000000000000(node=0|zone=2) [ 13.908367] page_type: f5(slab) [ 13.908489] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.908724] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.908961] page dumped because: kasan: bad access detected [ 13.909148] [ 13.909215] Memory state around the buggy address: [ 13.909507] ffff8881039ee000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.909898] ffff8881039ee080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.910349] >ffff8881039ee100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.910883] ^ [ 13.911001] ffff8881039ee180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.911346] ffff8881039ee200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.911756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.836636] ================================================================== [ 13.837226] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.837701] Free of addr ffff888103aa0000 by task kunit_try_catch/256 [ 13.838163] [ 13.838346] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.838405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.838416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.838448] Call Trace: [ 13.838459] <TASK> [ 13.838474] dump_stack_lvl+0x73/0xb0 [ 13.838525] print_report+0xd1/0x610 [ 13.838548] ? __virt_addr_valid+0x1db/0x2d0 [ 13.838572] ? kasan_addr_to_slab+0x11/0xa0 [ 13.838592] ? mempool_double_free_helper+0x184/0x370 [ 13.838617] kasan_report_invalid_free+0x10a/0x130 [ 13.838641] ? mempool_double_free_helper+0x184/0x370 [ 13.838668] ? mempool_double_free_helper+0x184/0x370 [ 13.838691] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.838716] mempool_free+0x2ec/0x380 [ 13.838744] mempool_double_free_helper+0x184/0x370 [ 13.838768] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.838796] ? finish_task_switch.isra.0+0x153/0x700 [ 13.838832] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.838857] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.838893] ? __kasan_check_write+0x18/0x20 [ 13.838914] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.838936] ? __pfx_mempool_kfree+0x10/0x10 [ 13.838961] ? __pfx_read_tsc+0x10/0x10 [ 13.838982] ? ktime_get_ts64+0x86/0x230 [ 13.839003] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.839073] kunit_try_run_case+0x1a5/0x480 [ 13.839100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.839125] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.839151] ? __kthread_parkme+0x82/0x180 [ 13.839172] ? preempt_count_sub+0x50/0x80 [ 13.839195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.839219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.839243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.839266] kthread+0x337/0x6f0 [ 13.839285] ? trace_preempt_on+0x20/0xc0 [ 13.839320] ? __pfx_kthread+0x10/0x10 [ 13.839339] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.839361] ? calculate_sigpending+0x7b/0xa0 [ 13.839386] ? __pfx_kthread+0x10/0x10 [ 13.839406] ret_from_fork+0x116/0x1d0 [ 13.839424] ? __pfx_kthread+0x10/0x10 [ 13.839444] ret_from_fork_asm+0x1a/0x30 [ 13.839475] </TASK> [ 13.839486] [ 13.848895] The buggy address belongs to the physical page: [ 13.849242] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aa0 [ 13.849503] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.849804] flags: 0x200000000000040(head|node=0|zone=2) [ 13.850083] page_type: f8(unknown) [ 13.850259] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.850675] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.850999] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.851366] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.851719] head: 0200000000000002 ffffea00040ea801 00000000ffffffff 00000000ffffffff [ 13.852100] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.852448] page dumped because: kasan: bad access detected [ 13.852668] [ 13.852784] Memory state around the buggy address: [ 13.852989] ffff888103a9ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.853573] ffff888103a9ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.853904] >ffff888103aa0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.854118] ^ [ 13.854236] ffff888103aa0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.854585] ffff888103aa0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.855010] ================================================================== [ 13.805875] ================================================================== [ 13.806491] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.806938] Free of addr ffff8881029ceb00 by task kunit_try_catch/254 [ 13.807199] [ 13.807331] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.807375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.807387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.807409] Call Trace: [ 13.807422] <TASK> [ 13.807436] dump_stack_lvl+0x73/0xb0 [ 13.807465] print_report+0xd1/0x610 [ 13.807684] ? __virt_addr_valid+0x1db/0x2d0 [ 13.807711] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.807733] ? mempool_double_free_helper+0x184/0x370 [ 13.807769] kasan_report_invalid_free+0x10a/0x130 [ 13.807794] ? mempool_double_free_helper+0x184/0x370 [ 13.807820] ? mempool_double_free_helper+0x184/0x370 [ 13.807855] ? mempool_double_free_helper+0x184/0x370 [ 13.807878] check_slab_allocation+0x101/0x130 [ 13.807899] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.807924] mempool_free+0x2ec/0x380 [ 13.807959] mempool_double_free_helper+0x184/0x370 [ 13.807983] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.808016] ? update_load_avg+0x1be/0x21b0 [ 13.808094] ? update_load_avg+0x1be/0x21b0 [ 13.808115] ? update_curr+0x80/0x810 [ 13.808147] ? irqentry_exit+0x2a/0x60 [ 13.808168] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.808195] mempool_kmalloc_double_free+0xed/0x140 [ 13.808231] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.808257] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.808280] ? __pfx_mempool_kfree+0x10/0x10 [ 13.808314] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.808340] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.808366] kunit_try_run_case+0x1a5/0x480 [ 13.808391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.808437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.808461] ? __kthread_parkme+0x82/0x180 [ 13.808494] ? preempt_count_sub+0x50/0x80 [ 13.808517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.808589] kthread+0x337/0x6f0 [ 13.808609] ? trace_preempt_on+0x20/0xc0 [ 13.808632] ? __pfx_kthread+0x10/0x10 [ 13.808653] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.808675] ? calculate_sigpending+0x7b/0xa0 [ 13.808699] ? __pfx_kthread+0x10/0x10 [ 13.808720] ret_from_fork+0x116/0x1d0 [ 13.808739] ? __pfx_kthread+0x10/0x10 [ 13.808759] ret_from_fork_asm+0x1a/0x30 [ 13.808790] </TASK> [ 13.808800] [ 13.819722] Allocated by task 254: [ 13.819894] kasan_save_stack+0x45/0x70 [ 13.820115] kasan_save_track+0x18/0x40 [ 13.820359] kasan_save_alloc_info+0x3b/0x50 [ 13.820562] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.820829] remove_element+0x11e/0x190 [ 13.821017] mempool_alloc_preallocated+0x4d/0x90 [ 13.821432] mempool_double_free_helper+0x8a/0x370 [ 13.821689] mempool_kmalloc_double_free+0xed/0x140 [ 13.821855] kunit_try_run_case+0x1a5/0x480 [ 13.822002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822176] kthread+0x337/0x6f0 [ 13.822307] ret_from_fork+0x116/0x1d0 [ 13.822470] ret_from_fork_asm+0x1a/0x30 [ 13.822662] [ 13.822919] Freed by task 254: [ 13.823305] kasan_save_stack+0x45/0x70 [ 13.823499] kasan_save_track+0x18/0x40 [ 13.823852] kasan_save_free_info+0x3f/0x60 [ 13.824109] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.824359] mempool_free+0x2ec/0x380 [ 13.824505] mempool_double_free_helper+0x109/0x370 [ 13.824669] mempool_kmalloc_double_free+0xed/0x140 [ 13.824831] kunit_try_run_case+0x1a5/0x480 [ 13.824981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.825156] kthread+0x337/0x6f0 [ 13.825278] ret_from_fork+0x116/0x1d0 [ 13.825422] ret_from_fork_asm+0x1a/0x30 [ 13.825566] [ 13.825639] The buggy address belongs to the object at ffff8881029ceb00 [ 13.825639] which belongs to the cache kmalloc-128 of size 128 [ 13.826089] The buggy address is located 0 bytes inside of [ 13.826089] 128-byte region [ffff8881029ceb00, ffff8881029ceb80) [ 13.826684] [ 13.826763] The buggy address belongs to the physical page: [ 13.826935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 13.827518] flags: 0x200000000000000(node=0|zone=2) [ 13.827775] page_type: f5(slab) [ 13.827940] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.828349] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.828743] page dumped because: kasan: bad access detected [ 13.829014] [ 13.829146] Memory state around the buggy address: [ 13.829382] ffff8881029cea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.829713] ffff8881029cea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.830025] >ffff8881029ceb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.830464] ^ [ 13.830731] ffff8881029ceb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.831099] ffff8881029cec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.831415] ================================================================== [ 13.859171] ================================================================== [ 13.859776] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.860570] Free of addr ffff888103a6c000 by task kunit_try_catch/258 [ 13.860856] [ 13.860996] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.861042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.861054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.861074] Call Trace: [ 13.861087] <TASK> [ 13.861102] dump_stack_lvl+0x73/0xb0 [ 13.861133] print_report+0xd1/0x610 [ 13.861155] ? __virt_addr_valid+0x1db/0x2d0 [ 13.861179] ? kasan_addr_to_slab+0x11/0xa0 [ 13.861199] ? mempool_double_free_helper+0x184/0x370 [ 13.861225] kasan_report_invalid_free+0x10a/0x130 [ 13.861260] ? mempool_double_free_helper+0x184/0x370 [ 13.861499] ? mempool_double_free_helper+0x184/0x370 [ 13.861526] __kasan_mempool_poison_pages+0x115/0x130 [ 13.861552] mempool_free+0x290/0x380 [ 13.861579] mempool_double_free_helper+0x184/0x370 [ 13.861603] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.861629] ? __kasan_check_write+0x18/0x20 [ 13.861649] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.861672] ? finish_task_switch.isra.0+0x153/0x700 [ 13.861697] mempool_page_alloc_double_free+0xe8/0x140 [ 13.861724] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.861750] ? __kasan_check_write+0x18/0x20 [ 13.861771] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.861794] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.861820] ? __pfx_read_tsc+0x10/0x10 [ 13.861842] ? ktime_get_ts64+0x86/0x230 [ 13.861864] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.861891] kunit_try_run_case+0x1a5/0x480 [ 13.861916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.861941] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.861966] ? __kthread_parkme+0x82/0x180 [ 13.861987] ? preempt_count_sub+0x50/0x80 [ 13.862010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.862041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.862066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.862090] kthread+0x337/0x6f0 [ 13.862110] ? trace_preempt_on+0x20/0xc0 [ 13.862133] ? __pfx_kthread+0x10/0x10 [ 13.862153] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.862173] ? calculate_sigpending+0x7b/0xa0 [ 13.862197] ? __pfx_kthread+0x10/0x10 [ 13.862217] ret_from_fork+0x116/0x1d0 [ 13.862237] ? __pfx_kthread+0x10/0x10 [ 13.862256] ret_from_fork_asm+0x1a/0x30 [ 13.862287] </TASK> [ 13.862309] [ 13.872467] The buggy address belongs to the physical page: [ 13.872757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 13.873136] flags: 0x200000000000000(node=0|zone=2) [ 13.873321] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.873553] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.873944] page dumped because: kasan: bad access detected [ 13.874289] [ 13.874393] Memory state around the buggy address: [ 13.874753] ffff888103a6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.875179] ffff888103a6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.875416] >ffff888103a6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.876136] ^ [ 13.876331] ffff888103a6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.876654] ffff888103a6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.876979] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.770772] ================================================================== [ 13.771223] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.771517] Read of size 1 at addr ffff888103a6c000 by task kunit_try_catch/252 [ 13.771771] [ 13.771869] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.771917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.771930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.771952] Call Trace: [ 13.771963] <TASK> [ 13.771979] dump_stack_lvl+0x73/0xb0 [ 13.772008] print_report+0xd1/0x610 [ 13.772030] ? __virt_addr_valid+0x1db/0x2d0 [ 13.772052] ? mempool_uaf_helper+0x392/0x400 [ 13.772073] ? kasan_addr_to_slab+0x11/0xa0 [ 13.772092] ? mempool_uaf_helper+0x392/0x400 [ 13.772113] kasan_report+0x141/0x180 [ 13.772134] ? mempool_uaf_helper+0x392/0x400 [ 13.772160] __asan_report_load1_noabort+0x18/0x20 [ 13.772183] mempool_uaf_helper+0x392/0x400 [ 13.772205] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.772227] ? __kasan_check_write+0x18/0x20 [ 13.772246] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.772268] ? finish_task_switch.isra.0+0x153/0x700 [ 13.772318] mempool_page_alloc_uaf+0xed/0x140 [ 13.772700] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.772731] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.772758] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.772785] ? __pfx_read_tsc+0x10/0x10 [ 13.772817] ? ktime_get_ts64+0x86/0x230 [ 13.772841] kunit_try_run_case+0x1a5/0x480 [ 13.772867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.772890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.772915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.772940] ? __kthread_parkme+0x82/0x180 [ 13.772967] ? preempt_count_sub+0x50/0x80 [ 13.772990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.773014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.773038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.773065] kthread+0x337/0x6f0 [ 13.773083] ? trace_preempt_on+0x20/0xc0 [ 13.773108] ? __pfx_kthread+0x10/0x10 [ 13.773127] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.773149] ? calculate_sigpending+0x7b/0xa0 [ 13.773173] ? __pfx_kthread+0x10/0x10 [ 13.773194] ret_from_fork+0x116/0x1d0 [ 13.773213] ? __pfx_kthread+0x10/0x10 [ 13.773233] ret_from_fork_asm+0x1a/0x30 [ 13.773264] </TASK> [ 13.773276] [ 13.795990] The buggy address belongs to the physical page: [ 13.796713] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 13.797408] flags: 0x200000000000000(node=0|zone=2) [ 13.797949] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.798471] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.799257] page dumped because: kasan: bad access detected [ 13.799726] [ 13.799799] Memory state around the buggy address: [ 13.799957] ffff888103a6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.800189] ffff888103a6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.800428] >ffff888103a6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.800756] ^ [ 13.800960] ffff888103a6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.801250] ffff888103a6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.801651] ================================================================== [ 13.698404] ================================================================== [ 13.698970] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.699579] Read of size 1 at addr ffff888103a6c000 by task kunit_try_catch/248 [ 13.700244] [ 13.700403] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.700452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.700593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.700616] Call Trace: [ 13.700629] <TASK> [ 13.700645] dump_stack_lvl+0x73/0xb0 [ 13.700676] print_report+0xd1/0x610 [ 13.700699] ? __virt_addr_valid+0x1db/0x2d0 [ 13.700721] ? mempool_uaf_helper+0x392/0x400 [ 13.700744] ? kasan_addr_to_slab+0x11/0xa0 [ 13.700764] ? mempool_uaf_helper+0x392/0x400 [ 13.700786] kasan_report+0x141/0x180 [ 13.700808] ? mempool_uaf_helper+0x392/0x400 [ 13.700835] __asan_report_load1_noabort+0x18/0x20 [ 13.700861] mempool_uaf_helper+0x392/0x400 [ 13.700885] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.700910] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.700933] ? finish_task_switch.isra.0+0x153/0x700 [ 13.700968] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.700992] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.701165] ? __kasan_check_write+0x18/0x20 [ 13.701189] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.701213] ? __pfx_mempool_kfree+0x10/0x10 [ 13.701237] ? __pfx_read_tsc+0x10/0x10 [ 13.701259] ? ktime_get_ts64+0x86/0x230 [ 13.701281] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.701323] kunit_try_run_case+0x1a5/0x480 [ 13.701348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.701372] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.701398] ? __kthread_parkme+0x82/0x180 [ 13.701418] ? preempt_count_sub+0x50/0x80 [ 13.701441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.701465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.701489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.701513] kthread+0x337/0x6f0 [ 13.701533] ? trace_preempt_on+0x20/0xc0 [ 13.701555] ? __pfx_kthread+0x10/0x10 [ 13.701575] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.701597] ? calculate_sigpending+0x7b/0xa0 [ 13.701621] ? __pfx_kthread+0x10/0x10 [ 13.701643] ret_from_fork+0x116/0x1d0 [ 13.701662] ? __pfx_kthread+0x10/0x10 [ 13.701682] ret_from_fork_asm+0x1a/0x30 [ 13.701713] </TASK> [ 13.701725] [ 13.714606] The buggy address belongs to the physical page: [ 13.715176] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 13.715753] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.716071] flags: 0x200000000000040(head|node=0|zone=2) [ 13.716350] page_type: f8(unknown) [ 13.716531] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.717324] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.717787] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.718289] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.718747] head: 0200000000000002 ffffea00040e9b01 00000000ffffffff 00000000ffffffff [ 13.719241] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.719798] page dumped because: kasan: bad access detected [ 13.720190] [ 13.720275] Memory state around the buggy address: [ 13.720499] ffff888103a6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.721225] ffff888103a6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.721593] >ffff888103a6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.722063] ^ [ 13.722328] ffff888103a6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.722776] ffff888103a6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.723428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.727284] ================================================================== [ 13.727942] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.728265] Read of size 1 at addr ffff8881039eb180 by task kunit_try_catch/250 [ 13.729103] [ 13.729312] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.729356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.729367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.729389] Call Trace: [ 13.729402] <TASK> [ 13.729417] dump_stack_lvl+0x73/0xb0 [ 13.729447] print_report+0xd1/0x610 [ 13.729469] ? __virt_addr_valid+0x1db/0x2d0 [ 13.729493] ? mempool_uaf_helper+0x392/0x400 [ 13.729514] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.729536] ? mempool_uaf_helper+0x392/0x400 [ 13.729558] kasan_report+0x141/0x180 [ 13.729611] ? mempool_uaf_helper+0x392/0x400 [ 13.729638] __asan_report_load1_noabort+0x18/0x20 [ 13.729661] mempool_uaf_helper+0x392/0x400 [ 13.729691] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.729715] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.729737] ? finish_task_switch.isra.0+0x153/0x700 [ 13.729764] mempool_slab_uaf+0xea/0x140 [ 13.729786] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.729811] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.729835] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.729860] ? __pfx_read_tsc+0x10/0x10 [ 13.729880] ? ktime_get_ts64+0x86/0x230 [ 13.729904] kunit_try_run_case+0x1a5/0x480 [ 13.729929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.729951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.729975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.729998] ? __kthread_parkme+0x82/0x180 [ 13.730018] ? preempt_count_sub+0x50/0x80 [ 13.730051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.730074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.730098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.730122] kthread+0x337/0x6f0 [ 13.730141] ? trace_preempt_on+0x20/0xc0 [ 13.730163] ? __pfx_kthread+0x10/0x10 [ 13.730183] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.730204] ? calculate_sigpending+0x7b/0xa0 [ 13.730227] ? __pfx_kthread+0x10/0x10 [ 13.730248] ret_from_fork+0x116/0x1d0 [ 13.730266] ? __pfx_kthread+0x10/0x10 [ 13.730285] ret_from_fork_asm+0x1a/0x30 [ 13.730325] </TASK> [ 13.730335] [ 13.745065] Allocated by task 250: [ 13.745525] kasan_save_stack+0x45/0x70 [ 13.746047] kasan_save_track+0x18/0x40 [ 13.746218] kasan_save_alloc_info+0x3b/0x50 [ 13.746687] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.747024] remove_element+0x11e/0x190 [ 13.747195] mempool_alloc_preallocated+0x4d/0x90 [ 13.747685] mempool_uaf_helper+0x96/0x400 [ 13.748121] mempool_slab_uaf+0xea/0x140 [ 13.748514] kunit_try_run_case+0x1a5/0x480 [ 13.748776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.748956] kthread+0x337/0x6f0 [ 13.749122] ret_from_fork+0x116/0x1d0 [ 13.749561] ret_from_fork_asm+0x1a/0x30 [ 13.749968] [ 13.750167] Freed by task 250: [ 13.750531] kasan_save_stack+0x45/0x70 [ 13.751000] kasan_save_track+0x18/0x40 [ 13.751419] kasan_save_free_info+0x3f/0x60 [ 13.751764] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.751942] mempool_free+0x2ec/0x380 [ 13.752229] mempool_uaf_helper+0x11a/0x400 [ 13.752671] mempool_slab_uaf+0xea/0x140 [ 13.753178] kunit_try_run_case+0x1a5/0x480 [ 13.753684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.754233] kthread+0x337/0x6f0 [ 13.754413] ret_from_fork+0x116/0x1d0 [ 13.754799] ret_from_fork_asm+0x1a/0x30 [ 13.755099] [ 13.755284] The buggy address belongs to the object at ffff8881039eb180 [ 13.755284] which belongs to the cache test_cache of size 123 [ 13.755845] The buggy address is located 0 bytes inside of [ 13.755845] freed 123-byte region [ffff8881039eb180, ffff8881039eb1fb) [ 13.756625] [ 13.756800] The buggy address belongs to the physical page: [ 13.757381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039eb [ 13.758331] flags: 0x200000000000000(node=0|zone=2) [ 13.758801] page_type: f5(slab) [ 13.758926] raw: 0200000000000000 ffff888101093dc0 dead000000000122 0000000000000000 [ 13.759561] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.760263] page dumped because: kasan: bad access detected [ 13.760520] [ 13.760695] Memory state around the buggy address: [ 13.761190] ffff8881039eb080: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.761424] ffff8881039eb100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.761970] >ffff8881039eb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.762720] ^ [ 13.763027] ffff8881039eb200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.763570] ffff8881039eb280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.763790] ================================================================== [ 13.657761] ================================================================== [ 13.658166] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.658711] Read of size 1 at addr ffff8881029ce700 by task kunit_try_catch/246 [ 13.660272] [ 13.660777] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.660832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.660847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.660870] Call Trace: [ 13.660886] <TASK> [ 13.660926] dump_stack_lvl+0x73/0xb0 [ 13.660967] print_report+0xd1/0x610 [ 13.660991] ? __virt_addr_valid+0x1db/0x2d0 [ 13.661014] ? mempool_uaf_helper+0x392/0x400 [ 13.661037] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.661060] ? mempool_uaf_helper+0x392/0x400 [ 13.661083] kasan_report+0x141/0x180 [ 13.661106] ? mempool_uaf_helper+0x392/0x400 [ 13.661133] __asan_report_load1_noabort+0x18/0x20 [ 13.661159] mempool_uaf_helper+0x392/0x400 [ 13.661181] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.661205] ? __kasan_check_write+0x18/0x20 [ 13.661224] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.661247] ? finish_task_switch.isra.0+0x153/0x700 [ 13.661272] mempool_kmalloc_uaf+0xef/0x140 [ 13.661307] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.661332] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.661355] ? __pfx_mempool_kfree+0x10/0x10 [ 13.661379] ? __pfx_read_tsc+0x10/0x10 [ 13.661400] ? ktime_get_ts64+0x86/0x230 [ 13.661424] kunit_try_run_case+0x1a5/0x480 [ 13.661448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.661655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.661680] ? __kthread_parkme+0x82/0x180 [ 13.661701] ? preempt_count_sub+0x50/0x80 [ 13.661725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.661774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.661799] kthread+0x337/0x6f0 [ 13.661818] ? trace_preempt_on+0x20/0xc0 [ 13.661840] ? __pfx_kthread+0x10/0x10 [ 13.661861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.661882] ? calculate_sigpending+0x7b/0xa0 [ 13.661906] ? __pfx_kthread+0x10/0x10 [ 13.661926] ret_from_fork+0x116/0x1d0 [ 13.661945] ? __pfx_kthread+0x10/0x10 [ 13.661965] ret_from_fork_asm+0x1a/0x30 [ 13.661995] </TASK> [ 13.662006] [ 13.673585] Allocated by task 246: [ 13.673934] kasan_save_stack+0x45/0x70 [ 13.674351] kasan_save_track+0x18/0x40 [ 13.674700] kasan_save_alloc_info+0x3b/0x50 [ 13.675000] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.675226] remove_element+0x11e/0x190 [ 13.675427] mempool_alloc_preallocated+0x4d/0x90 [ 13.676008] mempool_uaf_helper+0x96/0x400 [ 13.676262] mempool_kmalloc_uaf+0xef/0x140 [ 13.676521] kunit_try_run_case+0x1a5/0x480 [ 13.676794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.677226] kthread+0x337/0x6f0 [ 13.677378] ret_from_fork+0x116/0x1d0 [ 13.677835] ret_from_fork_asm+0x1a/0x30 [ 13.678234] [ 13.678354] Freed by task 246: [ 13.678534] kasan_save_stack+0x45/0x70 [ 13.678684] kasan_save_track+0x18/0x40 [ 13.678874] kasan_save_free_info+0x3f/0x60 [ 13.679078] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.679683] mempool_free+0x2ec/0x380 [ 13.679837] mempool_uaf_helper+0x11a/0x400 [ 13.680253] mempool_kmalloc_uaf+0xef/0x140 [ 13.680803] kunit_try_run_case+0x1a5/0x480 [ 13.681423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682009] kthread+0x337/0x6f0 [ 13.682491] ret_from_fork+0x116/0x1d0 [ 13.683092] ret_from_fork_asm+0x1a/0x30 [ 13.683623] [ 13.683941] The buggy address belongs to the object at ffff8881029ce700 [ 13.683941] which belongs to the cache kmalloc-128 of size 128 [ 13.684895] The buggy address is located 0 bytes inside of [ 13.684895] freed 128-byte region [ffff8881029ce700, ffff8881029ce780) [ 13.686109] [ 13.686407] The buggy address belongs to the physical page: [ 13.687092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ce [ 13.687928] flags: 0x200000000000000(node=0|zone=2) [ 13.688592] page_type: f5(slab) [ 13.688977] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.689756] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.689997] page dumped because: kasan: bad access detected [ 13.690172] [ 13.690243] Memory state around the buggy address: [ 13.690418] ffff8881029ce600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.691284] ffff8881029ce680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.691599] >ffff8881029ce700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.691989] ^ [ 13.692217] ffff8881029ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.692794] ffff8881029ce800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.693381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.571573] ================================================================== [ 13.572186] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.572691] Read of size 1 at addr ffff8881030d9d73 by task kunit_try_catch/240 [ 13.572968] [ 13.573092] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.573143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.573155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.573179] Call Trace: [ 13.573191] <TASK> [ 13.573210] dump_stack_lvl+0x73/0xb0 [ 13.573242] print_report+0xd1/0x610 [ 13.573265] ? __virt_addr_valid+0x1db/0x2d0 [ 13.573302] ? mempool_oob_right_helper+0x318/0x380 [ 13.573326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.573349] ? mempool_oob_right_helper+0x318/0x380 [ 13.573372] kasan_report+0x141/0x180 [ 13.573394] ? mempool_oob_right_helper+0x318/0x380 [ 13.573422] __asan_report_load1_noabort+0x18/0x20 [ 13.573446] mempool_oob_right_helper+0x318/0x380 [ 13.573770] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.573812] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.573838] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.573864] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.573891] ? __pfx_mempool_kfree+0x10/0x10 [ 13.573916] ? __pfx_read_tsc+0x10/0x10 [ 13.573938] ? ktime_get_ts64+0x86/0x230 [ 13.573963] kunit_try_run_case+0x1a5/0x480 [ 13.573990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.574012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.574039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.574063] ? __kthread_parkme+0x82/0x180 [ 13.574084] ? preempt_count_sub+0x50/0x80 [ 13.574108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.574132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.574156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.574180] kthread+0x337/0x6f0 [ 13.574199] ? trace_preempt_on+0x20/0xc0 [ 13.574222] ? __pfx_kthread+0x10/0x10 [ 13.574242] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.574263] ? calculate_sigpending+0x7b/0xa0 [ 13.574287] ? __pfx_kthread+0x10/0x10 [ 13.574320] ret_from_fork+0x116/0x1d0 [ 13.574339] ? __pfx_kthread+0x10/0x10 [ 13.574359] ret_from_fork_asm+0x1a/0x30 [ 13.574390] </TASK> [ 13.574400] [ 13.584130] Allocated by task 240: [ 13.584339] kasan_save_stack+0x45/0x70 [ 13.584515] kasan_save_track+0x18/0x40 [ 13.585008] kasan_save_alloc_info+0x3b/0x50 [ 13.585199] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.585605] remove_element+0x11e/0x190 [ 13.585862] mempool_alloc_preallocated+0x4d/0x90 [ 13.586131] mempool_oob_right_helper+0x8a/0x380 [ 13.586433] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.586632] kunit_try_run_case+0x1a5/0x480 [ 13.586959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.587213] kthread+0x337/0x6f0 [ 13.587374] ret_from_fork+0x116/0x1d0 [ 13.587541] ret_from_fork_asm+0x1a/0x30 [ 13.587918] [ 13.588004] The buggy address belongs to the object at ffff8881030d9d00 [ 13.588004] which belongs to the cache kmalloc-128 of size 128 [ 13.588693] The buggy address is located 0 bytes to the right of [ 13.588693] allocated 115-byte region [ffff8881030d9d00, ffff8881030d9d73) [ 13.589171] [ 13.589271] The buggy address belongs to the physical page: [ 13.589514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030d9 [ 13.590146] flags: 0x200000000000000(node=0|zone=2) [ 13.590456] page_type: f5(slab) [ 13.590604] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.591044] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.591431] page dumped because: kasan: bad access detected [ 13.591783] [ 13.591871] Memory state around the buggy address: [ 13.592062] ffff8881030d9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.592553] ffff8881030d9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.592856] >ffff8881030d9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.593152] ^ [ 13.593442] ffff8881030d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.593940] ffff8881030d9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.594312] ================================================================== [ 13.622523] ================================================================== [ 13.623084] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.623524] Read of size 1 at addr ffff8881039e82bb by task kunit_try_catch/244 [ 13.624077] [ 13.624253] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.624309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.624321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.624341] Call Trace: [ 13.624353] <TASK> [ 13.624367] dump_stack_lvl+0x73/0xb0 [ 13.624395] print_report+0xd1/0x610 [ 13.624416] ? __virt_addr_valid+0x1db/0x2d0 [ 13.624437] ? mempool_oob_right_helper+0x318/0x380 [ 13.624460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.624483] ? mempool_oob_right_helper+0x318/0x380 [ 13.624506] kasan_report+0x141/0x180 [ 13.624527] ? mempool_oob_right_helper+0x318/0x380 [ 13.624556] __asan_report_load1_noabort+0x18/0x20 [ 13.624580] mempool_oob_right_helper+0x318/0x380 [ 13.624604] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.624627] ? update_load_avg+0x1be/0x21b0 [ 13.624665] ? finish_task_switch.isra.0+0x153/0x700 [ 13.624690] mempool_slab_oob_right+0xed/0x140 [ 13.624714] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.624740] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.624764] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.624789] ? __pfx_read_tsc+0x10/0x10 [ 13.624808] ? ktime_get_ts64+0x86/0x230 [ 13.624832] kunit_try_run_case+0x1a5/0x480 [ 13.624856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.624901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.624924] ? __kthread_parkme+0x82/0x180 [ 13.624950] ? preempt_count_sub+0x50/0x80 [ 13.624973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.625062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.625088] kthread+0x337/0x6f0 [ 13.625106] ? trace_preempt_on+0x20/0xc0 [ 13.625129] ? __pfx_kthread+0x10/0x10 [ 13.625149] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.625171] ? calculate_sigpending+0x7b/0xa0 [ 13.625194] ? __pfx_kthread+0x10/0x10 [ 13.625216] ret_from_fork+0x116/0x1d0 [ 13.625233] ? __pfx_kthread+0x10/0x10 [ 13.625253] ret_from_fork_asm+0x1a/0x30 [ 13.625283] </TASK> [ 13.625304] [ 13.639434] Allocated by task 244: [ 13.639758] kasan_save_stack+0x45/0x70 [ 13.640148] kasan_save_track+0x18/0x40 [ 13.640505] kasan_save_alloc_info+0x3b/0x50 [ 13.640892] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.641254] remove_element+0x11e/0x190 [ 13.641408] mempool_alloc_preallocated+0x4d/0x90 [ 13.641607] mempool_oob_right_helper+0x8a/0x380 [ 13.642012] mempool_slab_oob_right+0xed/0x140 [ 13.642583] kunit_try_run_case+0x1a5/0x480 [ 13.642973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.643496] kthread+0x337/0x6f0 [ 13.643881] ret_from_fork+0x116/0x1d0 [ 13.644250] ret_from_fork_asm+0x1a/0x30 [ 13.644445] [ 13.644564] The buggy address belongs to the object at ffff8881039e8240 [ 13.644564] which belongs to the cache test_cache of size 123 [ 13.644923] The buggy address is located 0 bytes to the right of [ 13.644923] allocated 123-byte region [ffff8881039e8240, ffff8881039e82bb) [ 13.645459] [ 13.645549] The buggy address belongs to the physical page: [ 13.645795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e8 [ 13.646250] flags: 0x200000000000000(node=0|zone=2) [ 13.646462] page_type: f5(slab) [ 13.646659] raw: 0200000000000000 ffff888101093c80 dead000000000122 0000000000000000 [ 13.646955] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.647459] page dumped because: kasan: bad access detected [ 13.647673] [ 13.647779] Memory state around the buggy address: [ 13.648006] ffff8881039e8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.648225] ffff8881039e8200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.648762] >ffff8881039e8280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.649008] ^ [ 13.649230] ffff8881039e8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.649662] ffff8881039e8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.649936] ================================================================== [ 13.597424] ================================================================== [ 13.597829] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.598432] Read of size 1 at addr ffff888103a6e001 by task kunit_try_catch/242 [ 13.599412] [ 13.599658] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.599706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.599719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.599741] Call Trace: [ 13.599752] <TASK> [ 13.599768] dump_stack_lvl+0x73/0xb0 [ 13.599799] print_report+0xd1/0x610 [ 13.599821] ? __virt_addr_valid+0x1db/0x2d0 [ 13.599844] ? mempool_oob_right_helper+0x318/0x380 [ 13.599868] ? kasan_addr_to_slab+0x11/0xa0 [ 13.599889] ? mempool_oob_right_helper+0x318/0x380 [ 13.599912] kasan_report+0x141/0x180 [ 13.599933] ? mempool_oob_right_helper+0x318/0x380 [ 13.599962] __asan_report_load1_noabort+0x18/0x20 [ 13.599986] mempool_oob_right_helper+0x318/0x380 [ 13.600010] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.600046] ? update_load_avg+0x1be/0x21b0 [ 13.600070] ? dequeue_entities+0x27e/0x1740 [ 13.600094] ? finish_task_switch.isra.0+0x153/0x700 [ 13.600119] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.600144] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.600172] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.600196] ? __pfx_mempool_kfree+0x10/0x10 [ 13.600220] ? __pfx_read_tsc+0x10/0x10 [ 13.600241] ? ktime_get_ts64+0x86/0x230 [ 13.600265] kunit_try_run_case+0x1a5/0x480 [ 13.600302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.600350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.600373] ? __kthread_parkme+0x82/0x180 [ 13.600394] ? preempt_count_sub+0x50/0x80 [ 13.600417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.600464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.600565] kthread+0x337/0x6f0 [ 13.600585] ? trace_preempt_on+0x20/0xc0 [ 13.600608] ? __pfx_kthread+0x10/0x10 [ 13.600628] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.600651] ? calculate_sigpending+0x7b/0xa0 [ 13.600675] ? __pfx_kthread+0x10/0x10 [ 13.600695] ret_from_fork+0x116/0x1d0 [ 13.600715] ? __pfx_kthread+0x10/0x10 [ 13.600735] ret_from_fork_asm+0x1a/0x30 [ 13.600766] </TASK> [ 13.600775] [ 13.609882] The buggy address belongs to the physical page: [ 13.610183] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 13.610504] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.610847] flags: 0x200000000000040(head|node=0|zone=2) [ 13.611152] page_type: f8(unknown) [ 13.611284] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.611795] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.612160] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.612507] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.612820] head: 0200000000000002 ffffea00040e9b01 00000000ffffffff 00000000ffffffff [ 13.613358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.613707] page dumped because: kasan: bad access detected [ 13.613881] [ 13.613950] Memory state around the buggy address: [ 13.614106] ffff888103a6df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.614393] ffff888103a6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.614858] >ffff888103a6e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.615096] ^ [ 13.615212] ffff888103a6e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.615647] ffff888103a6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.615972] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.007968] ================================================================== [ 13.008517] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.008888] Read of size 1 at addr ffff888100a743c0 by task kunit_try_catch/234 [ 13.009231] [ 13.009329] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.009373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.009385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.009405] Call Trace: [ 13.009417] <TASK> [ 13.009432] dump_stack_lvl+0x73/0xb0 [ 13.009462] print_report+0xd1/0x610 [ 13.009484] ? __virt_addr_valid+0x1db/0x2d0 [ 13.009509] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.009533] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.009587] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.009614] kasan_report+0x141/0x180 [ 13.009652] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.009691] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.009716] __kasan_check_byte+0x3d/0x50 [ 13.009738] kmem_cache_destroy+0x25/0x1d0 [ 13.009761] kmem_cache_double_destroy+0x1bf/0x380 [ 13.009786] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.009810] ? finish_task_switch.isra.0+0x153/0x700 [ 13.009833] ? __switch_to+0x47/0xf50 [ 13.009860] ? __pfx_read_tsc+0x10/0x10 [ 13.009882] ? ktime_get_ts64+0x86/0x230 [ 13.009933] kunit_try_run_case+0x1a5/0x480 [ 13.009959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.009982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.010017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.010041] ? __kthread_parkme+0x82/0x180 [ 13.010062] ? preempt_count_sub+0x50/0x80 [ 13.010110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.010134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.010158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.010192] kthread+0x337/0x6f0 [ 13.010211] ? trace_preempt_on+0x20/0xc0 [ 13.010234] ? __pfx_kthread+0x10/0x10 [ 13.010253] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.010301] ? calculate_sigpending+0x7b/0xa0 [ 13.010327] ? __pfx_kthread+0x10/0x10 [ 13.010348] ret_from_fork+0x116/0x1d0 [ 13.010367] ? __pfx_kthread+0x10/0x10 [ 13.010386] ret_from_fork_asm+0x1a/0x30 [ 13.010416] </TASK> [ 13.010426] [ 13.019018] Allocated by task 234: [ 13.019314] kasan_save_stack+0x45/0x70 [ 13.019516] kasan_save_track+0x18/0x40 [ 13.019748] kasan_save_alloc_info+0x3b/0x50 [ 13.020038] __kasan_slab_alloc+0x91/0xa0 [ 13.020380] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.020540] __kmem_cache_create_args+0x169/0x240 [ 13.020768] kmem_cache_double_destroy+0xd5/0x380 [ 13.021035] kunit_try_run_case+0x1a5/0x480 [ 13.021242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.021422] kthread+0x337/0x6f0 [ 13.021627] ret_from_fork+0x116/0x1d0 [ 13.021820] ret_from_fork_asm+0x1a/0x30 [ 13.022174] [ 13.022299] Freed by task 234: [ 13.022437] kasan_save_stack+0x45/0x70 [ 13.022660] kasan_save_track+0x18/0x40 [ 13.022879] kasan_save_free_info+0x3f/0x60 [ 13.023134] __kasan_slab_free+0x56/0x70 [ 13.023366] kmem_cache_free+0x249/0x420 [ 13.023643] slab_kmem_cache_release+0x2e/0x40 [ 13.023868] kmem_cache_release+0x16/0x20 [ 13.024049] kobject_put+0x181/0x450 [ 13.024275] sysfs_slab_release+0x16/0x20 [ 13.024510] kmem_cache_destroy+0xf0/0x1d0 [ 13.024726] kmem_cache_double_destroy+0x14e/0x380 [ 13.024979] kunit_try_run_case+0x1a5/0x480 [ 13.025206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.025479] kthread+0x337/0x6f0 [ 13.025625] ret_from_fork+0x116/0x1d0 [ 13.025933] ret_from_fork_asm+0x1a/0x30 [ 13.026176] [ 13.026262] The buggy address belongs to the object at ffff888100a743c0 [ 13.026262] which belongs to the cache kmem_cache of size 208 [ 13.026870] The buggy address is located 0 bytes inside of [ 13.026870] freed 208-byte region [ffff888100a743c0, ffff888100a74490) [ 13.027490] [ 13.027639] The buggy address belongs to the physical page: [ 13.027985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a74 [ 13.028360] flags: 0x200000000000000(node=0|zone=2) [ 13.028643] page_type: f5(slab) [ 13.028830] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.029169] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.029539] page dumped because: kasan: bad access detected [ 13.029880] [ 13.030091] Memory state around the buggy address: [ 13.030357] ffff888100a74280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.030566] ffff888100a74300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.030773] >ffff888100a74380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.030978] ^ [ 13.031139] ffff888100a74400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.031530] ffff888100a74480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.957193] ================================================================== [ 12.957723] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.958206] Read of size 1 at addr ffff8881029dc000 by task kunit_try_catch/232 [ 12.958602] [ 12.958712] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.958789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.958802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.958823] Call Trace: [ 12.958837] <TASK> [ 12.958886] dump_stack_lvl+0x73/0xb0 [ 12.958918] print_report+0xd1/0x610 [ 12.958940] ? __virt_addr_valid+0x1db/0x2d0 [ 12.958975] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.958998] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.959020] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.959043] kasan_report+0x141/0x180 [ 12.959064] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.959187] __asan_report_load1_noabort+0x18/0x20 [ 12.959213] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.959236] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.959258] ? finish_task_switch.isra.0+0x153/0x700 [ 12.959293] ? __switch_to+0x47/0xf50 [ 12.959321] ? __pfx_read_tsc+0x10/0x10 [ 12.959342] ? ktime_get_ts64+0x86/0x230 [ 12.959397] kunit_try_run_case+0x1a5/0x480 [ 12.959423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.959766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.959790] ? __kthread_parkme+0x82/0x180 [ 12.959811] ? preempt_count_sub+0x50/0x80 [ 12.959834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.959906] kthread+0x337/0x6f0 [ 12.959925] ? trace_preempt_on+0x20/0xc0 [ 12.959948] ? __pfx_kthread+0x10/0x10 [ 12.959968] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.959990] ? calculate_sigpending+0x7b/0xa0 [ 12.960014] ? __pfx_kthread+0x10/0x10 [ 12.960109] ret_from_fork+0x116/0x1d0 [ 12.960129] ? __pfx_kthread+0x10/0x10 [ 12.960149] ret_from_fork_asm+0x1a/0x30 [ 12.960179] </TASK> [ 12.960189] [ 12.969092] Allocated by task 232: [ 12.969257] kasan_save_stack+0x45/0x70 [ 12.969586] kasan_save_track+0x18/0x40 [ 12.969852] kasan_save_alloc_info+0x3b/0x50 [ 12.970223] __kasan_slab_alloc+0x91/0xa0 [ 12.970377] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.970766] kmem_cache_rcu_uaf+0x155/0x510 [ 12.971104] kunit_try_run_case+0x1a5/0x480 [ 12.971313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.971689] kthread+0x337/0x6f0 [ 12.971904] ret_from_fork+0x116/0x1d0 [ 12.972072] ret_from_fork_asm+0x1a/0x30 [ 12.972244] [ 12.972447] Freed by task 0: [ 12.972647] kasan_save_stack+0x45/0x70 [ 12.972840] kasan_save_track+0x18/0x40 [ 12.973047] kasan_save_free_info+0x3f/0x60 [ 12.973261] __kasan_slab_free+0x56/0x70 [ 12.973479] slab_free_after_rcu_debug+0xe4/0x310 [ 12.973810] rcu_core+0x66f/0x1c40 [ 12.973991] rcu_core_si+0x12/0x20 [ 12.974162] handle_softirqs+0x209/0x730 [ 12.974541] __irq_exit_rcu+0xc9/0x110 [ 12.974727] irq_exit_rcu+0x12/0x20 [ 12.974849] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.975110] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.975364] [ 12.975461] Last potentially related work creation: [ 12.975632] kasan_save_stack+0x45/0x70 [ 12.975764] kasan_record_aux_stack+0xb2/0xc0 [ 12.975910] kmem_cache_free+0x131/0x420 [ 12.976074] kmem_cache_rcu_uaf+0x194/0x510 [ 12.976293] kunit_try_run_case+0x1a5/0x480 [ 12.976636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.976954] kthread+0x337/0x6f0 [ 12.977323] ret_from_fork+0x116/0x1d0 [ 12.977620] ret_from_fork_asm+0x1a/0x30 [ 12.977795] [ 12.977864] The buggy address belongs to the object at ffff8881029dc000 [ 12.977864] which belongs to the cache test_cache of size 200 [ 12.978247] The buggy address is located 0 bytes inside of [ 12.978247] freed 200-byte region [ffff8881029dc000, ffff8881029dc0c8) [ 12.979010] [ 12.979146] The buggy address belongs to the physical page: [ 12.979464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029dc [ 12.980006] flags: 0x200000000000000(node=0|zone=2) [ 12.980221] page_type: f5(slab) [ 12.980505] raw: 0200000000000000 ffff888100a74280 dead000000000122 0000000000000000 [ 12.980877] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.981394] page dumped because: kasan: bad access detected [ 12.981725] [ 12.981797] Memory state around the buggy address: [ 12.981950] ffff8881029dbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.982640] ffff8881029dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.982988] >ffff8881029dc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.983489] ^ [ 12.983672] ffff8881029dc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.984024] ffff8881029dc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984433] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.900879] ================================================================== [ 12.901426] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.901791] Free of addr ffff8881030f3001 by task kunit_try_catch/230 [ 12.902230] [ 12.902362] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.902406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.902464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.902485] Call Trace: [ 12.902497] <TASK> [ 12.902523] dump_stack_lvl+0x73/0xb0 [ 12.902555] print_report+0xd1/0x610 [ 12.902577] ? __virt_addr_valid+0x1db/0x2d0 [ 12.902601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.902652] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.902679] kasan_report_invalid_free+0x10a/0x130 [ 12.902716] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.902743] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.902767] check_slab_allocation+0x11f/0x130 [ 12.902788] __kasan_slab_pre_free+0x28/0x40 [ 12.902835] kmem_cache_free+0xed/0x420 [ 12.902855] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.902875] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.902912] kmem_cache_invalid_free+0x1d8/0x460 [ 12.902937] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.902961] ? finish_task_switch.isra.0+0x153/0x700 [ 12.902983] ? __switch_to+0x47/0xf50 [ 12.903028] ? __pfx_read_tsc+0x10/0x10 [ 12.903048] ? ktime_get_ts64+0x86/0x230 [ 12.903071] kunit_try_run_case+0x1a5/0x480 [ 12.903113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.903134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.903171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.903193] ? __kthread_parkme+0x82/0x180 [ 12.903225] ? preempt_count_sub+0x50/0x80 [ 12.903248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.903278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.903311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.903346] kthread+0x337/0x6f0 [ 12.903365] ? trace_preempt_on+0x20/0xc0 [ 12.903387] ? __pfx_kthread+0x10/0x10 [ 12.903406] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.903438] ? calculate_sigpending+0x7b/0xa0 [ 12.903478] ? __pfx_kthread+0x10/0x10 [ 12.903498] ret_from_fork+0x116/0x1d0 [ 12.903516] ? __pfx_kthread+0x10/0x10 [ 12.903535] ret_from_fork_asm+0x1a/0x30 [ 12.903566] </TASK> [ 12.903575] [ 12.912522] Allocated by task 230: [ 12.912743] kasan_save_stack+0x45/0x70 [ 12.912970] kasan_save_track+0x18/0x40 [ 12.913343] kasan_save_alloc_info+0x3b/0x50 [ 12.913585] __kasan_slab_alloc+0x91/0xa0 [ 12.913796] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.914135] kmem_cache_invalid_free+0x157/0x460 [ 12.914396] kunit_try_run_case+0x1a5/0x480 [ 12.914657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.914913] kthread+0x337/0x6f0 [ 12.915186] ret_from_fork+0x116/0x1d0 [ 12.915385] ret_from_fork_asm+0x1a/0x30 [ 12.915600] [ 12.915694] The buggy address belongs to the object at ffff8881030f3000 [ 12.915694] which belongs to the cache test_cache of size 200 [ 12.916337] The buggy address is located 1 bytes inside of [ 12.916337] 200-byte region [ffff8881030f3000, ffff8881030f30c8) [ 12.916776] [ 12.916900] The buggy address belongs to the physical page: [ 12.917317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030f3 [ 12.917707] flags: 0x200000000000000(node=0|zone=2) [ 12.917948] page_type: f5(slab) [ 12.918212] raw: 0200000000000000 ffff888101093a00 dead000000000122 0000000000000000 [ 12.918651] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.919055] page dumped because: kasan: bad access detected [ 12.919381] [ 12.919510] Memory state around the buggy address: [ 12.919740] ffff8881030f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920148] ffff8881030f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920421] >ffff8881030f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.920764] ^ [ 12.920939] ffff8881030f3080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.921398] ffff8881030f3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.921716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.855687] ================================================================== [ 12.857556] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.858739] Free of addr ffff8881030f1000 by task kunit_try_catch/228 [ 12.859899] [ 12.860562] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.860611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.860622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.860642] Call Trace: [ 12.860654] <TASK> [ 12.860668] dump_stack_lvl+0x73/0xb0 [ 12.860697] print_report+0xd1/0x610 [ 12.860720] ? __virt_addr_valid+0x1db/0x2d0 [ 12.860743] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.860765] ? kmem_cache_double_free+0x1e5/0x480 [ 12.860790] kasan_report_invalid_free+0x10a/0x130 [ 12.860814] ? kmem_cache_double_free+0x1e5/0x480 [ 12.860839] ? kmem_cache_double_free+0x1e5/0x480 [ 12.860863] check_slab_allocation+0x101/0x130 [ 12.860884] __kasan_slab_pre_free+0x28/0x40 [ 12.860904] kmem_cache_free+0xed/0x420 [ 12.860923] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.860949] ? kmem_cache_double_free+0x1e5/0x480 [ 12.860976] kmem_cache_double_free+0x1e5/0x480 [ 12.860999] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.861022] ? finish_task_switch.isra.0+0x153/0x700 [ 12.861044] ? __switch_to+0x47/0xf50 [ 12.861071] ? __pfx_read_tsc+0x10/0x10 [ 12.861091] ? ktime_get_ts64+0x86/0x230 [ 12.861114] kunit_try_run_case+0x1a5/0x480 [ 12.861139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.861160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.861184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.861207] ? __kthread_parkme+0x82/0x180 [ 12.861226] ? preempt_count_sub+0x50/0x80 [ 12.861248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.861270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.861310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.861333] kthread+0x337/0x6f0 [ 12.861351] ? trace_preempt_on+0x20/0xc0 [ 12.861373] ? __pfx_kthread+0x10/0x10 [ 12.861392] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.861412] ? calculate_sigpending+0x7b/0xa0 [ 12.861436] ? __pfx_kthread+0x10/0x10 [ 12.861456] ret_from_fork+0x116/0x1d0 [ 12.861473] ? __pfx_kthread+0x10/0x10 [ 12.861492] ret_from_fork_asm+0x1a/0x30 [ 12.861521] </TASK> [ 12.861531] [ 12.875998] Allocated by task 228: [ 12.876128] kasan_save_stack+0x45/0x70 [ 12.876273] kasan_save_track+0x18/0x40 [ 12.876439] kasan_save_alloc_info+0x3b/0x50 [ 12.876750] __kasan_slab_alloc+0x91/0xa0 [ 12.876943] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.877347] kmem_cache_double_free+0x14f/0x480 [ 12.877519] kunit_try_run_case+0x1a5/0x480 [ 12.877667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.877938] kthread+0x337/0x6f0 [ 12.878114] ret_from_fork+0x116/0x1d0 [ 12.878246] ret_from_fork_asm+0x1a/0x30 [ 12.878527] [ 12.878629] Freed by task 228: [ 12.878806] kasan_save_stack+0x45/0x70 [ 12.879006] kasan_save_track+0x18/0x40 [ 12.879675] kasan_save_free_info+0x3f/0x60 [ 12.879890] __kasan_slab_free+0x56/0x70 [ 12.880506] kmem_cache_free+0x249/0x420 [ 12.880685] kmem_cache_double_free+0x16a/0x480 [ 12.880896] kunit_try_run_case+0x1a5/0x480 [ 12.881147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.881821] kthread+0x337/0x6f0 [ 12.882303] ret_from_fork+0x116/0x1d0 [ 12.882801] ret_from_fork_asm+0x1a/0x30 [ 12.883250] [ 12.883541] The buggy address belongs to the object at ffff8881030f1000 [ 12.883541] which belongs to the cache test_cache of size 200 [ 12.884926] The buggy address is located 0 bytes inside of [ 12.884926] 200-byte region [ffff8881030f1000, ffff8881030f10c8) [ 12.885877] [ 12.885959] The buggy address belongs to the physical page: [ 12.886604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030f1 [ 12.887566] flags: 0x200000000000000(node=0|zone=2) [ 12.887747] page_type: f5(slab) [ 12.887871] raw: 0200000000000000 ffff8881010938c0 dead000000000122 0000000000000000 [ 12.888552] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.889355] page dumped because: kasan: bad access detected [ 12.890092] [ 12.890254] Memory state around the buggy address: [ 12.890885] ffff8881030f0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.891596] ffff8881030f0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.891836] >ffff8881030f1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.892059] ^ [ 12.892176] ffff8881030f1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.892457] ffff8881030f1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.892771] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.822177] ================================================================== [ 12.823373] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.823728] Read of size 1 at addr ffff8881030ee0c8 by task kunit_try_catch/226 [ 12.824019] [ 12.824123] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.824165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.824244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.824268] Call Trace: [ 12.824292] <TASK> [ 12.824307] dump_stack_lvl+0x73/0xb0 [ 12.824338] print_report+0xd1/0x610 [ 12.824360] ? __virt_addr_valid+0x1db/0x2d0 [ 12.824381] ? kmem_cache_oob+0x402/0x530 [ 12.824403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.824425] ? kmem_cache_oob+0x402/0x530 [ 12.824447] kasan_report+0x141/0x180 [ 12.824468] ? kmem_cache_oob+0x402/0x530 [ 12.824495] __asan_report_load1_noabort+0x18/0x20 [ 12.824519] kmem_cache_oob+0x402/0x530 [ 12.824539] ? trace_hardirqs_on+0x37/0xe0 [ 12.824562] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.824583] ? finish_task_switch.isra.0+0x153/0x700 [ 12.824605] ? __switch_to+0x47/0xf50 [ 12.824632] ? trace_hardirqs_on+0x37/0xe0 [ 12.824652] ? __pfx_read_tsc+0x10/0x10 [ 12.824671] ? ktime_get_ts64+0x86/0x230 [ 12.824694] kunit_try_run_case+0x1a5/0x480 [ 12.824718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.824740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.824763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.824786] ? __kthread_parkme+0x82/0x180 [ 12.824806] ? preempt_count_sub+0x50/0x80 [ 12.824829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.824852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.824876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.824899] kthread+0x337/0x6f0 [ 12.824918] ? trace_preempt_on+0x20/0xc0 [ 12.824943] ? __pfx_kthread+0x10/0x10 [ 12.824963] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.824984] ? calculate_sigpending+0x7b/0xa0 [ 12.825007] ? __pfx_kthread+0x10/0x10 [ 12.825185] ret_from_fork+0x116/0x1d0 [ 12.825205] ? __pfx_kthread+0x10/0x10 [ 12.825225] ret_from_fork_asm+0x1a/0x30 [ 12.825257] </TASK> [ 12.825266] [ 12.833154] Allocated by task 226: [ 12.833325] kasan_save_stack+0x45/0x70 [ 12.833528] kasan_save_track+0x18/0x40 [ 12.833722] kasan_save_alloc_info+0x3b/0x50 [ 12.833929] __kasan_slab_alloc+0x91/0xa0 [ 12.834115] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.834271] kmem_cache_oob+0x157/0x530 [ 12.834418] kunit_try_run_case+0x1a5/0x480 [ 12.835011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.835296] kthread+0x337/0x6f0 [ 12.835454] ret_from_fork+0x116/0x1d0 [ 12.835679] ret_from_fork_asm+0x1a/0x30 [ 12.835857] [ 12.835954] The buggy address belongs to the object at ffff8881030ee000 [ 12.835954] which belongs to the cache test_cache of size 200 [ 12.836467] The buggy address is located 0 bytes to the right of [ 12.836467] allocated 200-byte region [ffff8881030ee000, ffff8881030ee0c8) [ 12.836944] [ 12.837095] The buggy address belongs to the physical page: [ 12.837363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030ee [ 12.837747] flags: 0x200000000000000(node=0|zone=2) [ 12.837961] page_type: f5(slab) [ 12.838322] raw: 0200000000000000 ffff888101093780 dead000000000122 0000000000000000 [ 12.838692] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.838983] page dumped because: kasan: bad access detected [ 12.839225] [ 12.839308] Memory state around the buggy address: [ 12.839463] ffff8881030edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839679] ffff8881030ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.839948] >ffff8881030ee080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.840256] ^ [ 12.840521] ffff8881030ee100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.841085] ffff8881030ee180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.841411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.789220] ================================================================== [ 12.789914] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.790411] Read of size 8 at addr ffff8881030e7800 by task kunit_try_catch/219 [ 12.790743] [ 12.791012] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.791058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.791069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.791090] Call Trace: [ 12.791102] <TASK> [ 12.791117] dump_stack_lvl+0x73/0xb0 [ 12.791148] print_report+0xd1/0x610 [ 12.791170] ? __virt_addr_valid+0x1db/0x2d0 [ 12.791193] ? workqueue_uaf+0x4d6/0x560 [ 12.791214] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.791236] ? workqueue_uaf+0x4d6/0x560 [ 12.791257] kasan_report+0x141/0x180 [ 12.791367] ? workqueue_uaf+0x4d6/0x560 [ 12.791393] __asan_report_load8_noabort+0x18/0x20 [ 12.791417] workqueue_uaf+0x4d6/0x560 [ 12.791438] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.791460] ? __schedule+0x10cc/0x2b60 [ 12.791482] ? __pfx_read_tsc+0x10/0x10 [ 12.791503] ? ktime_get_ts64+0x86/0x230 [ 12.791527] kunit_try_run_case+0x1a5/0x480 [ 12.791551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.791573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.791597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.791620] ? __kthread_parkme+0x82/0x180 [ 12.791640] ? preempt_count_sub+0x50/0x80 [ 12.791664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.791687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.791709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.791733] kthread+0x337/0x6f0 [ 12.791751] ? trace_preempt_on+0x20/0xc0 [ 12.791773] ? __pfx_kthread+0x10/0x10 [ 12.791793] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.791813] ? calculate_sigpending+0x7b/0xa0 [ 12.791837] ? __pfx_kthread+0x10/0x10 [ 12.791857] ret_from_fork+0x116/0x1d0 [ 12.791875] ? __pfx_kthread+0x10/0x10 [ 12.791895] ret_from_fork_asm+0x1a/0x30 [ 12.791925] </TASK> [ 12.791934] [ 12.799402] Allocated by task 219: [ 12.799571] kasan_save_stack+0x45/0x70 [ 12.799713] kasan_save_track+0x18/0x40 [ 12.799848] kasan_save_alloc_info+0x3b/0x50 [ 12.800241] __kasan_kmalloc+0xb7/0xc0 [ 12.800454] __kmalloc_cache_noprof+0x189/0x420 [ 12.800819] workqueue_uaf+0x152/0x560 [ 12.801070] kunit_try_run_case+0x1a5/0x480 [ 12.801272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.801462] kthread+0x337/0x6f0 [ 12.801632] ret_from_fork+0x116/0x1d0 [ 12.801816] ret_from_fork_asm+0x1a/0x30 [ 12.802010] [ 12.802159] Freed by task 41: [ 12.802321] kasan_save_stack+0x45/0x70 [ 12.802495] kasan_save_track+0x18/0x40 [ 12.802677] kasan_save_free_info+0x3f/0x60 [ 12.802874] __kasan_slab_free+0x56/0x70 [ 12.803121] kfree+0x222/0x3f0 [ 12.803311] workqueue_uaf_work+0x12/0x20 [ 12.803461] process_one_work+0x5ee/0xf60 [ 12.803659] worker_thread+0x758/0x1220 [ 12.803833] kthread+0x337/0x6f0 [ 12.803984] ret_from_fork+0x116/0x1d0 [ 12.804266] ret_from_fork_asm+0x1a/0x30 [ 12.804495] [ 12.804568] Last potentially related work creation: [ 12.804776] kasan_save_stack+0x45/0x70 [ 12.804974] kasan_record_aux_stack+0xb2/0xc0 [ 12.805126] __queue_work+0x626/0xeb0 [ 12.805259] queue_work_on+0xb6/0xc0 [ 12.805582] workqueue_uaf+0x26d/0x560 [ 12.805771] kunit_try_run_case+0x1a5/0x480 [ 12.805923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.806101] kthread+0x337/0x6f0 [ 12.806262] ret_from_fork+0x116/0x1d0 [ 12.806457] ret_from_fork_asm+0x1a/0x30 [ 12.806725] [ 12.806819] The buggy address belongs to the object at ffff8881030e7800 [ 12.806819] which belongs to the cache kmalloc-32 of size 32 [ 12.807352] The buggy address is located 0 bytes inside of [ 12.807352] freed 32-byte region [ffff8881030e7800, ffff8881030e7820) [ 12.807966] [ 12.808064] The buggy address belongs to the physical page: [ 12.808469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030e7 [ 12.808785] flags: 0x200000000000000(node=0|zone=2) [ 12.809023] page_type: f5(slab) [ 12.809235] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.809596] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.809893] page dumped because: kasan: bad access detected [ 12.810148] [ 12.810220] Memory state around the buggy address: [ 12.810386] ffff8881030e7700: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 12.810678] ffff8881030e7780: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 12.811009] >ffff8881030e7800: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.811443] ^ [ 12.811595] ffff8881030e7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.811857] ffff8881030e7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.812275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.758263] ================================================================== [ 12.758752] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.759041] Read of size 4 at addr ffff8881029d7680 by task swapper/0/0 [ 12.759430] [ 12.759537] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.759604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.759617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.759636] Call Trace: [ 12.759662] <IRQ> [ 12.759676] dump_stack_lvl+0x73/0xb0 [ 12.759708] print_report+0xd1/0x610 [ 12.759730] ? __virt_addr_valid+0x1db/0x2d0 [ 12.759753] ? rcu_uaf_reclaim+0x50/0x60 [ 12.759772] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.759815] ? rcu_uaf_reclaim+0x50/0x60 [ 12.759835] kasan_report+0x141/0x180 [ 12.759856] ? rcu_uaf_reclaim+0x50/0x60 [ 12.759893] __asan_report_load4_noabort+0x18/0x20 [ 12.759917] rcu_uaf_reclaim+0x50/0x60 [ 12.759937] rcu_core+0x66f/0x1c40 [ 12.759964] ? __pfx_rcu_core+0x10/0x10 [ 12.759985] ? ktime_get+0x6b/0x150 [ 12.760009] rcu_core_si+0x12/0x20 [ 12.760028] handle_softirqs+0x209/0x730 [ 12.760050] ? hrtimer_interrupt+0x2fe/0x780 [ 12.760071] ? __pfx_handle_softirqs+0x10/0x10 [ 12.760096] __irq_exit_rcu+0xc9/0x110 [ 12.760134] irq_exit_rcu+0x12/0x20 [ 12.760153] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.760179] </IRQ> [ 12.760205] <TASK> [ 12.760215] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.760316] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.760562] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.760644] RSP: 0000:ffffffff86e07dd8 EFLAGS: 00010212 [ 12.760731] RAX: ffff8881d2e72000 RBX: ffffffff86e1cac0 RCX: ffffffff85c76125 [ 12.760775] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000000592c [ 12.760819] RBP: ffffffff86e07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 12.760860] R10: ffff88815b030c53 R11: 000000000002ac00 R12: 0000000000000000 [ 12.760902] R13: fffffbfff0dc3958 R14: ffffffff879b1490 R15: 0000000000000000 [ 12.760968] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.761022] ? default_idle+0xd/0x20 [ 12.761044] arch_cpu_idle+0xd/0x20 [ 12.761065] default_idle_call+0x48/0x80 [ 12.761084] do_idle+0x379/0x4f0 [ 12.761109] ? __pfx_do_idle+0x10/0x10 [ 12.761130] ? trace_preempt_on+0x20/0xc0 [ 12.761151] ? schedule+0x86/0x2e0 [ 12.761171] ? preempt_count_sub+0x50/0x80 [ 12.761193] cpu_startup_entry+0x5c/0x70 [ 12.761212] rest_init+0x11a/0x140 [ 12.761229] ? acpi_subsystem_init+0x5d/0x150 [ 12.761254] start_kernel+0x330/0x410 [ 12.761292] x86_64_start_reservations+0x1c/0x30 [ 12.761317] x86_64_start_kernel+0x10d/0x120 [ 12.761341] common_startup_64+0x13e/0x148 [ 12.761372] </TASK> [ 12.761382] [ 12.771669] Allocated by task 217: [ 12.771817] kasan_save_stack+0x45/0x70 [ 12.771967] kasan_save_track+0x18/0x40 [ 12.772103] kasan_save_alloc_info+0x3b/0x50 [ 12.772251] __kasan_kmalloc+0xb7/0xc0 [ 12.772394] __kmalloc_cache_noprof+0x189/0x420 [ 12.772615] rcu_uaf+0xb0/0x330 [ 12.772783] kunit_try_run_case+0x1a5/0x480 [ 12.772997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.773377] kthread+0x337/0x6f0 [ 12.773599] ret_from_fork+0x116/0x1d0 [ 12.773733] ret_from_fork_asm+0x1a/0x30 [ 12.773871] [ 12.773940] Freed by task 0: [ 12.774046] kasan_save_stack+0x45/0x70 [ 12.774236] kasan_save_track+0x18/0x40 [ 12.774436] kasan_save_free_info+0x3f/0x60 [ 12.774657] __kasan_slab_free+0x56/0x70 [ 12.774850] kfree+0x222/0x3f0 [ 12.775033] rcu_uaf_reclaim+0x1f/0x60 [ 12.775217] rcu_core+0x66f/0x1c40 [ 12.775400] rcu_core_si+0x12/0x20 [ 12.775607] handle_softirqs+0x209/0x730 [ 12.775742] __irq_exit_rcu+0xc9/0x110 [ 12.775871] irq_exit_rcu+0x12/0x20 [ 12.775995] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.776153] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.776413] [ 12.776519] Last potentially related work creation: [ 12.776749] kasan_save_stack+0x45/0x70 [ 12.776950] kasan_record_aux_stack+0xb2/0xc0 [ 12.777392] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.777702] call_rcu+0x12/0x20 [ 12.777820] rcu_uaf+0x168/0x330 [ 12.777940] kunit_try_run_case+0x1a5/0x480 [ 12.778084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.778585] kthread+0x337/0x6f0 [ 12.778755] ret_from_fork+0x116/0x1d0 [ 12.778941] ret_from_fork_asm+0x1a/0x30 [ 12.779147] [ 12.779250] The buggy address belongs to the object at ffff8881029d7680 [ 12.779250] which belongs to the cache kmalloc-32 of size 32 [ 12.779701] The buggy address is located 0 bytes inside of [ 12.779701] freed 32-byte region [ffff8881029d7680, ffff8881029d76a0) [ 12.780047] [ 12.780119] The buggy address belongs to the physical page: [ 12.780408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d7 [ 12.781166] flags: 0x200000000000000(node=0|zone=2) [ 12.781342] page_type: f5(slab) [ 12.781543] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.781854] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.782144] page dumped because: kasan: bad access detected [ 12.782331] [ 12.782423] Memory state around the buggy address: [ 12.782666] ffff8881029d7580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.783062] ffff8881029d7600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.783373] >ffff8881029d7680: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.783741] ^ [ 12.783859] ffff8881029d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.784077] ffff8881029d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.784298] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.808524] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI