Date
July 19, 2025, 11:11 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.457391] ================================================================== [ 11.457856] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.458468] Read of size 1 at addr ffff888102a63000 by task kunit_try_catch/158 [ 11.458871] [ 11.459012] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.459091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.459102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.459124] Call Trace: [ 11.459136] <TASK> [ 11.459154] dump_stack_lvl+0x73/0xb0 [ 11.459195] print_report+0xd1/0x610 [ 11.459217] ? __virt_addr_valid+0x1db/0x2d0 [ 11.459239] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.459262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.459284] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.459307] kasan_report+0x141/0x180 [ 11.459343] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.459370] __asan_report_load1_noabort+0x18/0x20 [ 11.459394] kmalloc_node_oob_right+0x369/0x3c0 [ 11.459431] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.459454] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.459479] ? trace_hardirqs_on+0x37/0xe0 [ 11.459520] ? __pfx_read_tsc+0x10/0x10 [ 11.459540] ? ktime_get_ts64+0x86/0x230 [ 11.459564] kunit_try_run_case+0x1a5/0x480 [ 11.459600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.459624] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.459661] ? __kthread_parkme+0x82/0x180 [ 11.459681] ? preempt_count_sub+0x50/0x80 [ 11.459705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.459738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.459761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.459784] kthread+0x337/0x6f0 [ 11.459803] ? trace_preempt_on+0x20/0xc0 [ 11.459847] ? __pfx_kthread+0x10/0x10 [ 11.459866] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.459898] ? calculate_sigpending+0x7b/0xa0 [ 11.459922] ? __pfx_kthread+0x10/0x10 [ 11.459942] ret_from_fork+0x116/0x1d0 [ 11.459960] ? __pfx_kthread+0x10/0x10 [ 11.459979] ret_from_fork_asm+0x1a/0x30 [ 11.460009] </TASK> [ 11.460019] [ 11.467504] Allocated by task 158: [ 11.467632] kasan_save_stack+0x45/0x70 [ 11.467834] kasan_save_track+0x18/0x40 [ 11.468082] kasan_save_alloc_info+0x3b/0x50 [ 11.468312] __kasan_kmalloc+0xb7/0xc0 [ 11.468671] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.468907] kmalloc_node_oob_right+0xab/0x3c0 [ 11.469148] kunit_try_run_case+0x1a5/0x480 [ 11.469342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.469634] kthread+0x337/0x6f0 [ 11.469759] ret_from_fork+0x116/0x1d0 [ 11.469937] ret_from_fork_asm+0x1a/0x30 [ 11.470188] [ 11.470384] The buggy address belongs to the object at ffff888102a62000 [ 11.470384] which belongs to the cache kmalloc-4k of size 4096 [ 11.470988] The buggy address is located 0 bytes to the right of [ 11.470988] allocated 4096-byte region [ffff888102a62000, ffff888102a63000) [ 11.471858] [ 11.471968] The buggy address belongs to the physical page: [ 11.472215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a60 [ 11.472691] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.473061] flags: 0x200000000000040(head|node=0|zone=2) [ 11.473420] page_type: f5(slab) [ 11.473621] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.473928] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.474180] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.474548] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.474868] head: 0200000000000003 ffffea00040a9801 00000000ffffffff 00000000ffffffff [ 11.475256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.475603] page dumped because: kasan: bad access detected [ 11.475817] [ 11.475946] Memory state around the buggy address: [ 11.476270] ffff888102a62f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.476549] ffff888102a62f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.476768] >ffff888102a63000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.477045] ^ [ 11.477245] ffff888102a63080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.477632] ffff888102a63100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.477958] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.415307] ================================================================== [ 11.415817] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.416240] Read of size 1 at addr ffff8881016429bf by task kunit_try_catch/156 [ 11.416557] [ 11.416678] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.416724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.416745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.416768] Call Trace: [ 11.416780] <TASK> [ 11.416797] dump_stack_lvl+0x73/0xb0 [ 11.416842] print_report+0xd1/0x610 [ 11.416864] ? __virt_addr_valid+0x1db/0x2d0 [ 11.416887] ? kmalloc_oob_left+0x361/0x3c0 [ 11.416918] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.416940] ? kmalloc_oob_left+0x361/0x3c0 [ 11.416960] kasan_report+0x141/0x180 [ 11.416991] ? kmalloc_oob_left+0x361/0x3c0 [ 11.417016] __asan_report_load1_noabort+0x18/0x20 [ 11.417052] kmalloc_oob_left+0x361/0x3c0 [ 11.417073] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.417094] ? __schedule+0x10cc/0x2b60 [ 11.417116] ? __pfx_read_tsc+0x10/0x10 [ 11.417136] ? ktime_get_ts64+0x86/0x230 [ 11.417161] kunit_try_run_case+0x1a5/0x480 [ 11.417185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.417207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.417230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.417252] ? __kthread_parkme+0x82/0x180 [ 11.417297] ? preempt_count_sub+0x50/0x80 [ 11.417321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.417354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.417377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.417400] kthread+0x337/0x6f0 [ 11.417418] ? trace_preempt_on+0x20/0xc0 [ 11.417441] ? __pfx_kthread+0x10/0x10 [ 11.417468] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.417488] ? calculate_sigpending+0x7b/0xa0 [ 11.417527] ? __pfx_kthread+0x10/0x10 [ 11.417547] ret_from_fork+0x116/0x1d0 [ 11.417565] ? __pfx_kthread+0x10/0x10 [ 11.417584] ret_from_fork_asm+0x1a/0x30 [ 11.417614] </TASK> [ 11.417639] [ 11.429014] Allocated by task 1: [ 11.429345] kasan_save_stack+0x45/0x70 [ 11.429868] kasan_save_track+0x18/0x40 [ 11.430533] kasan_save_alloc_info+0x3b/0x50 [ 11.430732] __kasan_kmalloc+0xb7/0xc0 [ 11.430870] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.431060] kvasprintf+0xc5/0x150 [ 11.431185] __kthread_create_on_node+0x18b/0x3a0 [ 11.431341] kthread_create_on_node+0xab/0xe0 [ 11.431487] cryptomgr_notify+0x704/0x9f0 [ 11.431641] notifier_call_chain+0xcb/0x250 [ 11.431784] blocking_notifier_call_chain+0x64/0x90 [ 11.431943] crypto_alg_mod_lookup+0x21f/0x440 [ 11.432092] crypto_alloc_tfm_node+0xc5/0x1f0 [ 11.432241] crypto_alloc_sig+0x23/0x30 [ 11.432375] public_key_verify_signature+0x208/0x9f0 [ 11.432622] x509_check_for_self_signed+0x2cb/0x480 [ 11.433049] x509_cert_parse+0x59c/0x830 [ 11.433323] x509_key_preparse+0x68/0x8a0 [ 11.433469] asymmetric_key_preparse+0xb1/0x160 [ 11.433690] __key_create_or_update+0x43d/0xcc0 [ 11.434079] key_create_or_update+0x17/0x20 [ 11.434640] x509_load_certificate_list+0x174/0x200 [ 11.435395] regulatory_init_db+0xee/0x3a0 [ 11.435947] do_one_initcall+0xd8/0x370 [ 11.436235] kernel_init_freeable+0x420/0x6f0 [ 11.436683] kernel_init+0x23/0x1e0 [ 11.436814] ret_from_fork+0x116/0x1d0 [ 11.436946] ret_from_fork_asm+0x1a/0x30 [ 11.437152] [ 11.437434] Freed by task 0: [ 11.437873] kasan_save_stack+0x45/0x70 [ 11.438311] kasan_save_track+0x18/0x40 [ 11.438797] kasan_save_free_info+0x3f/0x60 [ 11.439335] __kasan_slab_free+0x56/0x70 [ 11.439951] kfree+0x222/0x3f0 [ 11.440372] free_kthread_struct+0xeb/0x150 [ 11.440536] free_task+0xf3/0x130 [ 11.440659] __put_task_struct+0x1c8/0x480 [ 11.440800] delayed_put_task_struct+0x10a/0x150 [ 11.440956] rcu_core+0x66f/0x1c40 [ 11.441163] rcu_core_si+0x12/0x20 [ 11.441380] handle_softirqs+0x209/0x730 [ 11.441528] __irq_exit_rcu+0xc9/0x110 [ 11.441904] irq_exit_rcu+0x12/0x20 [ 11.442034] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.442266] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.442691] [ 11.443076] The buggy address belongs to the object at ffff8881016429a0 [ 11.443076] which belongs to the cache kmalloc-16 of size 16 [ 11.444655] The buggy address is located 15 bytes to the right of [ 11.444655] allocated 16-byte region [ffff8881016429a0, ffff8881016429b0) [ 11.446031] [ 11.446301] The buggy address belongs to the physical page: [ 11.446989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 11.447641] flags: 0x200000000000000(node=0|zone=2) [ 11.447815] page_type: f5(slab) [ 11.447940] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.448205] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.448693] page dumped because: kasan: bad access detected [ 11.448906] [ 11.448998] Memory state around the buggy address: [ 11.449707] ffff888101642880: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 11.449974] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 11.450893] >ffff888101642980: 00 04 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 11.451149] ^ [ 11.451557] ffff888101642a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.451832] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.452234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.366679] ================================================================== [ 11.367551] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.368455] Write of size 1 at addr ffff8881027e4078 by task kunit_try_catch/154 [ 11.369161] [ 11.369360] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.369406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.369418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.369439] Call Trace: [ 11.369459] <TASK> [ 11.369478] dump_stack_lvl+0x73/0xb0 [ 11.369520] print_report+0xd1/0x610 [ 11.369542] ? __virt_addr_valid+0x1db/0x2d0 [ 11.369564] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.369744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.369771] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.369793] kasan_report+0x141/0x180 [ 11.369814] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.369877] __asan_report_store1_noabort+0x1b/0x30 [ 11.369902] kmalloc_oob_right+0x6bd/0x7f0 [ 11.369923] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.369945] ? __schedule+0x10cc/0x2b60 [ 11.369967] ? __pfx_read_tsc+0x10/0x10 [ 11.369988] ? ktime_get_ts64+0x86/0x230 [ 11.370013] kunit_try_run_case+0x1a5/0x480 [ 11.370037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.370059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.370083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.370105] ? __kthread_parkme+0x82/0x180 [ 11.370125] ? preempt_count_sub+0x50/0x80 [ 11.370148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.370171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.370198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.370221] kthread+0x337/0x6f0 [ 11.370241] ? trace_preempt_on+0x20/0xc0 [ 11.370264] ? __pfx_kthread+0x10/0x10 [ 11.370283] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.370303] ? calculate_sigpending+0x7b/0xa0 [ 11.370327] ? __pfx_kthread+0x10/0x10 [ 11.370346] ret_from_fork+0x116/0x1d0 [ 11.370364] ? __pfx_kthread+0x10/0x10 [ 11.370383] ret_from_fork_asm+0x1a/0x30 [ 11.370413] </TASK> [ 11.370423] [ 11.381969] Allocated by task 154: [ 11.382356] kasan_save_stack+0x45/0x70 [ 11.382827] kasan_save_track+0x18/0x40 [ 11.383223] kasan_save_alloc_info+0x3b/0x50 [ 11.383644] __kasan_kmalloc+0xb7/0xc0 [ 11.384000] __kmalloc_cache_noprof+0x189/0x420 [ 11.384461] kmalloc_oob_right+0xa9/0x7f0 [ 11.384902] kunit_try_run_case+0x1a5/0x480 [ 11.385363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.385700] kthread+0x337/0x6f0 [ 11.385824] ret_from_fork+0x116/0x1d0 [ 11.385958] ret_from_fork_asm+0x1a/0x30 [ 11.386101] [ 11.386175] The buggy address belongs to the object at ffff8881027e4000 [ 11.386175] which belongs to the cache kmalloc-128 of size 128 [ 11.387306] The buggy address is located 5 bytes to the right of [ 11.387306] allocated 115-byte region [ffff8881027e4000, ffff8881027e4073) [ 11.388432] [ 11.388612] The buggy address belongs to the physical page: [ 11.389090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 11.389593] flags: 0x200000000000000(node=0|zone=2) [ 11.389889] page_type: f5(slab) [ 11.390011] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.390263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.390485] page dumped because: kasan: bad access detected [ 11.390665] [ 11.390731] Memory state around the buggy address: [ 11.390882] ffff8881027e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.391090] ffff8881027e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.391386] >ffff8881027e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.391703] ^ [ 11.391996] ffff8881027e4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.392208] ffff8881027e4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.392519] ================================================================== [ 11.393330] ================================================================== [ 11.393895] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.394282] Read of size 1 at addr ffff8881027e4080 by task kunit_try_catch/154 [ 11.394613] [ 11.394713] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.394756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.394767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.394788] Call Trace: [ 11.394805] <TASK> [ 11.394821] dump_stack_lvl+0x73/0xb0 [ 11.394848] print_report+0xd1/0x610 [ 11.394870] ? __virt_addr_valid+0x1db/0x2d0 [ 11.394902] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.394923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.394944] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.394976] kasan_report+0x141/0x180 [ 11.394997] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.395022] __asan_report_load1_noabort+0x18/0x20 [ 11.395045] kmalloc_oob_right+0x68a/0x7f0 [ 11.395066] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.395088] ? __schedule+0x10cc/0x2b60 [ 11.395109] ? __pfx_read_tsc+0x10/0x10 [ 11.395129] ? ktime_get_ts64+0x86/0x230 [ 11.395166] kunit_try_run_case+0x1a5/0x480 [ 11.395200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.395222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.395256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.395278] ? __kthread_parkme+0x82/0x180 [ 11.395298] ? preempt_count_sub+0x50/0x80 [ 11.395321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.395343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.395374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.395397] kthread+0x337/0x6f0 [ 11.395416] ? trace_preempt_on+0x20/0xc0 [ 11.395448] ? __pfx_kthread+0x10/0x10 [ 11.395467] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.395487] ? calculate_sigpending+0x7b/0xa0 [ 11.395520] ? __pfx_kthread+0x10/0x10 [ 11.395540] ret_from_fork+0x116/0x1d0 [ 11.395558] ? __pfx_kthread+0x10/0x10 [ 11.395577] ret_from_fork_asm+0x1a/0x30 [ 11.395607] </TASK> [ 11.395617] [ 11.402200] Allocated by task 154: [ 11.402321] kasan_save_stack+0x45/0x70 [ 11.402457] kasan_save_track+0x18/0x40 [ 11.402852] kasan_save_alloc_info+0x3b/0x50 [ 11.403064] __kasan_kmalloc+0xb7/0xc0 [ 11.403352] __kmalloc_cache_noprof+0x189/0x420 [ 11.403611] kmalloc_oob_right+0xa9/0x7f0 [ 11.403792] kunit_try_run_case+0x1a5/0x480 [ 11.404019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.404320] kthread+0x337/0x6f0 [ 11.404468] ret_from_fork+0x116/0x1d0 [ 11.404642] ret_from_fork_asm+0x1a/0x30 [ 11.404825] [ 11.404921] The buggy address belongs to the object at ffff8881027e4000 [ 11.404921] which belongs to the cache kmalloc-128 of size 128 [ 11.405436] The buggy address is located 13 bytes to the right of [ 11.405436] allocated 115-byte region [ffff8881027e4000, ffff8881027e4073) [ 11.405965] [ 11.406051] The buggy address belongs to the physical page: [ 11.406365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 11.406686] flags: 0x200000000000000(node=0|zone=2) [ 11.406881] page_type: f5(slab) [ 11.407021] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.407370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.407639] page dumped because: kasan: bad access detected [ 11.407803] [ 11.407868] Memory state around the buggy address: [ 11.408017] ffff8881027e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.408233] ffff8881027e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.408449] >ffff8881027e4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.408788] ^ [ 11.408948] ffff8881027e4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.409373] ffff8881027e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.409687] ================================================================== [ 11.330506] ================================================================== [ 11.331576] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.332380] Write of size 1 at addr ffff8881027e4073 by task kunit_try_catch/154 [ 11.332702] [ 11.333726] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.334165] Tainted: [N]=TEST [ 11.334206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.334415] Call Trace: [ 11.334478] <TASK> [ 11.334629] dump_stack_lvl+0x73/0xb0 [ 11.334717] print_report+0xd1/0x610 [ 11.334745] ? __virt_addr_valid+0x1db/0x2d0 [ 11.334769] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.334789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.334811] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.334832] kasan_report+0x141/0x180 [ 11.334853] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.334878] __asan_report_store1_noabort+0x1b/0x30 [ 11.334902] kmalloc_oob_right+0x6f0/0x7f0 [ 11.334923] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.334945] ? __schedule+0x10cc/0x2b60 [ 11.334967] ? __pfx_read_tsc+0x10/0x10 [ 11.334987] ? ktime_get_ts64+0x86/0x230 [ 11.335013] kunit_try_run_case+0x1a5/0x480 [ 11.335065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.335088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.335112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.335135] ? __kthread_parkme+0x82/0x180 [ 11.335170] ? preempt_count_sub+0x50/0x80 [ 11.335194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.335216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.335239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.335262] kthread+0x337/0x6f0 [ 11.335281] ? trace_preempt_on+0x20/0xc0 [ 11.335304] ? __pfx_kthread+0x10/0x10 [ 11.335323] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.335344] ? calculate_sigpending+0x7b/0xa0 [ 11.335368] ? __pfx_kthread+0x10/0x10 [ 11.335388] ret_from_fork+0x116/0x1d0 [ 11.335407] ? __pfx_kthread+0x10/0x10 [ 11.335426] ret_from_fork_asm+0x1a/0x30 [ 11.335483] </TASK> [ 11.335554] [ 11.349037] Allocated by task 154: [ 11.349565] kasan_save_stack+0x45/0x70 [ 11.350124] kasan_save_track+0x18/0x40 [ 11.350520] kasan_save_alloc_info+0x3b/0x50 [ 11.350920] __kasan_kmalloc+0xb7/0xc0 [ 11.351316] __kmalloc_cache_noprof+0x189/0x420 [ 11.351619] kmalloc_oob_right+0xa9/0x7f0 [ 11.351984] kunit_try_run_case+0x1a5/0x480 [ 11.352190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.352423] kthread+0x337/0x6f0 [ 11.352768] ret_from_fork+0x116/0x1d0 [ 11.353141] ret_from_fork_asm+0x1a/0x30 [ 11.353465] [ 11.353600] The buggy address belongs to the object at ffff8881027e4000 [ 11.353600] which belongs to the cache kmalloc-128 of size 128 [ 11.354038] The buggy address is located 0 bytes to the right of [ 11.354038] allocated 115-byte region [ffff8881027e4000, ffff8881027e4073) [ 11.355075] [ 11.355359] The buggy address belongs to the physical page: [ 11.356385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 11.357386] flags: 0x200000000000000(node=0|zone=2) [ 11.358289] page_type: f5(slab) [ 11.358999] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.359769] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.360642] page dumped because: kasan: bad access detected [ 11.361220] [ 11.361395] Memory state around the buggy address: [ 11.361909] ffff8881027e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362352] ffff8881027e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362604] >ffff8881027e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.362837] ^ [ 11.363421] ffff8881027e4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.363671] ffff8881027e4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.363930] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 142.686675] WARNING: CPU: 0 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.687361] Modules linked in: [ 142.687665] CPU: 0 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.688029] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.688364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.688737] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.688989] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.690209] RSP: 0000:ffff888103b07c78 EFLAGS: 00010286 [ 142.690513] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.690809] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbaa33bfc [ 142.691104] RBP: ffff888103b07ca0 R08: 0000000000000000 R09: ffffed102092ea00 [ 142.691514] R10: ffff888104975007 R11: 0000000000000000 R12: ffffffffbaa33be8 [ 142.691982] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103b07d38 [ 142.692395] FS: 0000000000000000(0000) GS:ffff88819e672000(0000) knlGS:0000000000000000 [ 142.692790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.693140] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 142.693513] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52442 [ 142.693835] DR3: ffffffffbca52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.694097] Call Trace: [ 142.694234] <TASK> [ 142.694459] drm_test_rect_calc_vscale+0x108/0x270 [ 142.694699] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.695225] ? __schedule+0x10cc/0x2b60 [ 142.695499] ? __pfx_read_tsc+0x10/0x10 [ 142.695815] ? ktime_get_ts64+0x86/0x230 [ 142.696017] kunit_try_run_case+0x1a5/0x480 [ 142.696198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.696661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.696842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.697238] ? __kthread_parkme+0x82/0x180 [ 142.697468] ? preempt_count_sub+0x50/0x80 [ 142.697667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.697876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.698280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.698505] kthread+0x337/0x6f0 [ 142.698689] ? trace_preempt_on+0x20/0xc0 [ 142.698899] ? __pfx_kthread+0x10/0x10 [ 142.699177] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.699425] ? calculate_sigpending+0x7b/0xa0 [ 142.699652] ? __pfx_kthread+0x10/0x10 [ 142.699844] ret_from_fork+0x116/0x1d0 [ 142.700035] ? __pfx_kthread+0x10/0x10 [ 142.700407] ret_from_fork_asm+0x1a/0x30 [ 142.700626] </TASK> [ 142.700754] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.705615] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.706155] Modules linked in: [ 142.706633] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.707196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.707495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.707875] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.708102] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.709011] RSP: 0000:ffff88810aa3fc78 EFLAGS: 00010286 [ 142.709346] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.709728] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbaa33c34 [ 142.710527] RBP: ffff88810aa3fca0 R08: 0000000000000000 R09: ffffed102073fe40 [ 142.710841] R10: ffff8881039ff207 R11: 0000000000000000 R12: ffffffffbaa33c20 [ 142.711167] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810aa3fd38 [ 142.711654] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 142.712029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.712318] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 142.712645] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 142.712945] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.713254] Call Trace: [ 142.713501] <TASK> [ 142.713647] drm_test_rect_calc_vscale+0x108/0x270 [ 142.713984] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.714564] ? __schedule+0x10cc/0x2b60 [ 142.714803] ? __pfx_read_tsc+0x10/0x10 [ 142.715012] ? ktime_get_ts64+0x86/0x230 [ 142.715244] kunit_try_run_case+0x1a5/0x480 [ 142.715582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.715843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.716173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.716493] ? __kthread_parkme+0x82/0x180 [ 142.716697] ? preempt_count_sub+0x50/0x80 [ 142.716885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.717291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.717611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.717810] kthread+0x337/0x6f0 [ 142.717984] ? trace_preempt_on+0x20/0xc0 [ 142.718500] ? __pfx_kthread+0x10/0x10 [ 142.718729] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.718947] ? calculate_sigpending+0x7b/0xa0 [ 142.719218] ? __pfx_kthread+0x10/0x10 [ 142.719415] ret_from_fork+0x116/0x1d0 [ 142.719604] ? __pfx_kthread+0x10/0x10 [ 142.719800] ret_from_fork_asm+0x1a/0x30 [ 142.719999] </TASK> [ 142.720460] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 142.629073] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.629511] Modules linked in: [ 142.629902] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.631369] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.632377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.632980] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.634027] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e3 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.635837] RSP: 0000:ffff888102857c78 EFLAGS: 00010286 [ 142.636439] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.636973] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbaa33c00 [ 142.637703] RBP: ffff888102857ca0 R08: 0000000000000000 R09: ffffed10203c0be0 [ 142.638636] R10: ffff888101e05f07 R11: 0000000000000000 R12: ffffffffbaa33be8 [ 142.638860] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102857d38 [ 142.639079] FS: 0000000000000000(0000) GS:ffff88819e672000(0000) knlGS:0000000000000000 [ 142.639314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.639491] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 142.639711] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52442 [ 142.639921] DR3: ffffffffbca52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.640131] Call Trace: [ 142.640230] <TASK> [ 142.640333] drm_test_rect_calc_hscale+0x108/0x270 [ 142.640514] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.641702] ? __schedule+0x10cc/0x2b60 [ 142.642331] ? __pfx_read_tsc+0x10/0x10 [ 142.642847] ? ktime_get_ts64+0x86/0x230 [ 142.643475] kunit_try_run_case+0x1a5/0x480 [ 142.643924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.644488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.644956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.645537] ? __kthread_parkme+0x82/0x180 [ 142.646200] ? preempt_count_sub+0x50/0x80 [ 142.646657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.647177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.647722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.648356] kthread+0x337/0x6f0 [ 142.648706] ? trace_preempt_on+0x20/0xc0 [ 142.649085] ? __pfx_kthread+0x10/0x10 [ 142.649609] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.650026] ? calculate_sigpending+0x7b/0xa0 [ 142.650657] ? __pfx_kthread+0x10/0x10 [ 142.651022] ret_from_fork+0x116/0x1d0 [ 142.651486] ? __pfx_kthread+0x10/0x10 [ 142.651869] ret_from_fork_asm+0x1a/0x30 [ 142.652165] </TASK> [ 142.652392] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.657875] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.658785] Modules linked in: [ 142.659438] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.660214] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.660394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.660668] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.660949] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e3 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.661630] RSP: 0000:ffff888103a8fc78 EFLAGS: 00010286 [ 142.662225] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.662524] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbaa33c38 [ 142.662832] RBP: ffff888103a8fca0 R08: 0000000000000000 R09: ffffed102092ea20 [ 142.663320] R10: ffff888104975107 R11: 0000000000000000 R12: ffffffffbaa33c20 [ 142.663585] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103a8fd38 [ 142.663847] FS: 0000000000000000(0000) GS:ffff88819e672000(0000) knlGS:0000000000000000 [ 142.664259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.664453] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 142.664913] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52442 [ 142.665331] DR3: ffffffffbca52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.665744] Call Trace: [ 142.665895] <TASK> [ 142.666033] drm_test_rect_calc_hscale+0x108/0x270 [ 142.666335] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.666544] ? __schedule+0x10cc/0x2b60 [ 142.666753] ? __pfx_read_tsc+0x10/0x10 [ 142.666897] ? ktime_get_ts64+0x86/0x230 [ 142.667093] kunit_try_run_case+0x1a5/0x480 [ 142.668296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.668519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.668722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.668953] ? __kthread_parkme+0x82/0x180 [ 142.669283] ? preempt_count_sub+0x50/0x80 [ 142.669480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.669683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.669924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.670145] kthread+0x337/0x6f0 [ 142.670325] ? trace_preempt_on+0x20/0xc0 [ 142.670781] ? __pfx_kthread+0x10/0x10 [ 142.670992] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.671303] ? calculate_sigpending+0x7b/0xa0 [ 142.671508] ? __pfx_kthread+0x10/0x10 [ 142.671698] ret_from_fork+0x116/0x1d0 [ 142.671839] ? __pfx_kthread+0x10/0x10 [ 142.672035] ret_from_fork_asm+0x1a/0x30 [ 142.672360] </TASK> [ 142.672486] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.782161] ================================================================== [ 49.782644] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.782644] [ 49.782992] Use-after-free read at 0x(____ptrval____) (in kfence-#140): [ 49.783372] test_krealloc+0x6fc/0xbe0 [ 49.783579] kunit_try_run_case+0x1a5/0x480 [ 49.783733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.783989] kthread+0x337/0x6f0 [ 49.784145] ret_from_fork+0x116/0x1d0 [ 49.784342] ret_from_fork_asm+0x1a/0x30 [ 49.784513] [ 49.784596] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.784596] [ 49.784917] allocated by task 355 on cpu 0 at 49.781425s (0.003489s ago): [ 49.785234] test_alloc+0x364/0x10f0 [ 49.785416] test_krealloc+0xad/0xbe0 [ 49.785608] kunit_try_run_case+0x1a5/0x480 [ 49.785757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.785987] kthread+0x337/0x6f0 [ 49.786163] ret_from_fork+0x116/0x1d0 [ 49.786379] ret_from_fork_asm+0x1a/0x30 [ 49.786531] [ 49.786603] freed by task 355 on cpu 0 at 49.781682s (0.004919s ago): [ 49.786815] krealloc_noprof+0x108/0x340 [ 49.787006] test_krealloc+0x226/0xbe0 [ 49.787204] kunit_try_run_case+0x1a5/0x480 [ 49.787411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.787635] kthread+0x337/0x6f0 [ 49.787757] ret_from_fork+0x116/0x1d0 [ 49.787889] ret_from_fork_asm+0x1a/0x30 [ 49.788088] [ 49.788214] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.788701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.788872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.789237] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.687475] ================================================================== [ 49.687862] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.687862] [ 49.688206] Use-after-free read at 0x(____ptrval____) (in kfence-#139): [ 49.688418] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.688608] kunit_try_run_case+0x1a5/0x480 [ 49.688759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.688934] kthread+0x337/0x6f0 [ 49.689060] ret_from_fork+0x116/0x1d0 [ 49.689194] ret_from_fork_asm+0x1a/0x30 [ 49.689336] [ 49.689410] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.689410] [ 49.690070] allocated by task 353 on cpu 1 at 49.678386s (0.011681s ago): [ 49.691251] test_alloc+0x2a6/0x10f0 [ 49.691459] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.692120] kunit_try_run_case+0x1a5/0x480 [ 49.692424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.692695] kthread+0x337/0x6f0 [ 49.692872] ret_from_fork+0x116/0x1d0 [ 49.693071] ret_from_fork_asm+0x1a/0x30 [ 49.693273] [ 49.693375] freed by task 353 on cpu 1 at 49.678496s (0.014875s ago): [ 49.693816] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.694058] kunit_try_run_case+0x1a5/0x480 [ 49.694286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.694477] kthread+0x337/0x6f0 [ 49.694656] ret_from_fork+0x116/0x1d0 [ 49.694835] ret_from_fork_asm+0x1a/0x30 [ 49.694975] [ 49.695078] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.695524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.695803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.696130] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.416261] ================================================================== [ 24.416844] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.416844] [ 24.417999] Invalid read at 0x(____ptrval____): [ 24.418623] test_invalid_access+0xf0/0x210 [ 24.418823] kunit_try_run_case+0x1a5/0x480 [ 24.419194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.419464] kthread+0x337/0x6f0 [ 24.419773] ret_from_fork+0x116/0x1d0 [ 24.420060] ret_from_fork_asm+0x1a/0x30 [ 24.420296] [ 24.420408] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.421272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.421456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.421854] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.197651] ================================================================== [ 24.198079] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.198079] [ 24.198443] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#135): [ 24.199565] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.199813] kunit_try_run_case+0x1a5/0x480 [ 24.200007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.200428] kthread+0x337/0x6f0 [ 24.200612] ret_from_fork+0x116/0x1d0 [ 24.200801] ret_from_fork_asm+0x1a/0x30 [ 24.200985] [ 24.201071] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.201071] [ 24.201864] allocated by task 343 on cpu 0 at 24.197376s (0.004486s ago): [ 24.202186] test_alloc+0x364/0x10f0 [ 24.202364] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.202760] kunit_try_run_case+0x1a5/0x480 [ 24.202956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.203324] kthread+0x337/0x6f0 [ 24.203574] ret_from_fork+0x116/0x1d0 [ 24.203729] ret_from_fork_asm+0x1a/0x30 [ 24.204007] [ 24.204184] freed by task 343 on cpu 0 at 24.197513s (0.006659s ago): [ 24.204538] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.204934] kunit_try_run_case+0x1a5/0x480 [ 24.205145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.205522] kthread+0x337/0x6f0 [ 24.205683] ret_from_fork+0x116/0x1d0 [ 24.205848] ret_from_fork_asm+0x1a/0x30 [ 24.206029] [ 24.206174] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.206643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.206818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.207573] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.989692] ================================================================== [ 23.990115] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.990115] [ 23.990535] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#133): [ 23.990889] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.991102] kunit_try_run_case+0x1a5/0x480 [ 23.991322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.991636] kthread+0x337/0x6f0 [ 23.991782] ret_from_fork+0x116/0x1d0 [ 23.991978] ret_from_fork_asm+0x1a/0x30 [ 23.992184] [ 23.992273] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.992273] [ 23.992621] allocated by task 341 on cpu 1 at 23.989438s (0.003181s ago): [ 23.992885] test_alloc+0x364/0x10f0 [ 23.993069] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.993315] kunit_try_run_case+0x1a5/0x480 [ 23.993558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.993773] kthread+0x337/0x6f0 [ 23.993896] ret_from_fork+0x116/0x1d0 [ 23.994087] ret_from_fork_asm+0x1a/0x30 [ 23.994449] [ 23.994589] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.995014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.995206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.995586] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.165666] ================================================================== [ 18.166158] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.166158] [ 18.166565] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#77): [ 18.167369] test_corruption+0x2d2/0x3e0 [ 18.167615] kunit_try_run_case+0x1a5/0x480 [ 18.167803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.168055] kthread+0x337/0x6f0 [ 18.168265] ret_from_fork+0x116/0x1d0 [ 18.168455] ret_from_fork_asm+0x1a/0x30 [ 18.168645] [ 18.168749] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.168749] [ 18.169154] allocated by task 329 on cpu 1 at 18.165404s (0.003748s ago): [ 18.169484] test_alloc+0x364/0x10f0 [ 18.169676] test_corruption+0xe6/0x3e0 [ 18.169870] kunit_try_run_case+0x1a5/0x480 [ 18.170042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.170418] kthread+0x337/0x6f0 [ 18.170607] ret_from_fork+0x116/0x1d0 [ 18.170800] ret_from_fork_asm+0x1a/0x30 [ 18.170977] [ 18.171058] freed by task 329 on cpu 1 at 18.165495s (0.005560s ago): [ 18.171464] test_corruption+0x2d2/0x3e0 [ 18.171651] kunit_try_run_case+0x1a5/0x480 [ 18.171852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.172097] kthread+0x337/0x6f0 [ 18.172326] ret_from_fork+0x116/0x1d0 [ 18.172534] ret_from_fork_asm+0x1a/0x30 [ 18.172690] [ 18.172810] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.173331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.173539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.173888] ================================================================== [ 18.789510] ================================================================== [ 18.789913] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.789913] [ 18.790371] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#83): [ 18.790983] test_corruption+0x131/0x3e0 [ 18.791204] kunit_try_run_case+0x1a5/0x480 [ 18.791368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.791633] kthread+0x337/0x6f0 [ 18.791811] ret_from_fork+0x116/0x1d0 [ 18.791966] ret_from_fork_asm+0x1a/0x30 [ 18.792150] [ 18.792260] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.792260] [ 18.792575] allocated by task 331 on cpu 1 at 18.789362s (0.003211s ago): [ 18.792869] test_alloc+0x2a6/0x10f0 [ 18.792999] test_corruption+0xe6/0x3e0 [ 18.793165] kunit_try_run_case+0x1a5/0x480 [ 18.793543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.793771] kthread+0x337/0x6f0 [ 18.793893] ret_from_fork+0x116/0x1d0 [ 18.794041] ret_from_fork_asm+0x1a/0x30 [ 18.794345] [ 18.794444] freed by task 331 on cpu 1 at 18.789421s (0.005020s ago): [ 18.794761] test_corruption+0x131/0x3e0 [ 18.794941] kunit_try_run_case+0x1a5/0x480 [ 18.795088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.795354] kthread+0x337/0x6f0 [ 18.795531] ret_from_fork+0x116/0x1d0 [ 18.795717] ret_from_fork_asm+0x1a/0x30 [ 18.795896] [ 18.795992] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.796523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.796727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.797128] ================================================================== [ 19.101568] ================================================================== [ 19.101958] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.101958] [ 19.102368] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 19.102756] test_corruption+0x216/0x3e0 [ 19.102966] kunit_try_run_case+0x1a5/0x480 [ 19.103150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.103405] kthread+0x337/0x6f0 [ 19.103543] ret_from_fork+0x116/0x1d0 [ 19.103720] ret_from_fork_asm+0x1a/0x30 [ 19.103936] [ 19.104030] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.104030] [ 19.104425] allocated by task 331 on cpu 1 at 19.101423s (0.003000s ago): [ 19.104737] test_alloc+0x2a6/0x10f0 [ 19.104922] test_corruption+0x1cb/0x3e0 [ 19.105108] kunit_try_run_case+0x1a5/0x480 [ 19.105379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.105646] kthread+0x337/0x6f0 [ 19.105809] ret_from_fork+0x116/0x1d0 [ 19.105990] ret_from_fork_asm+0x1a/0x30 [ 19.106155] [ 19.106248] freed by task 331 on cpu 1 at 19.101479s (0.004766s ago): [ 19.106470] test_corruption+0x216/0x3e0 [ 19.106663] kunit_try_run_case+0x1a5/0x480 [ 19.106892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.107143] kthread+0x337/0x6f0 [ 19.107323] ret_from_fork+0x116/0x1d0 [ 19.107459] ret_from_fork_asm+0x1a/0x30 [ 19.107609] [ 19.107704] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.108196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.108396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.108800] ================================================================== [ 18.581628] ================================================================== [ 18.582020] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.582020] [ 18.582471] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 18.582950] test_corruption+0x2df/0x3e0 [ 18.583148] kunit_try_run_case+0x1a5/0x480 [ 18.583349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.583536] kthread+0x337/0x6f0 [ 18.583707] ret_from_fork+0x116/0x1d0 [ 18.583923] ret_from_fork_asm+0x1a/0x30 [ 18.584143] [ 18.584260] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.584260] [ 18.584678] allocated by task 329 on cpu 1 at 18.581373s (0.003303s ago): [ 18.584969] test_alloc+0x364/0x10f0 [ 18.585167] test_corruption+0x1cb/0x3e0 [ 18.585408] kunit_try_run_case+0x1a5/0x480 [ 18.585647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.585833] kthread+0x337/0x6f0 [ 18.586026] ret_from_fork+0x116/0x1d0 [ 18.586275] ret_from_fork_asm+0x1a/0x30 [ 18.586457] [ 18.586565] freed by task 329 on cpu 1 at 18.581452s (0.005110s ago): [ 18.586826] test_corruption+0x2df/0x3e0 [ 18.587040] kunit_try_run_case+0x1a5/0x480 [ 18.587288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.587567] kthread+0x337/0x6f0 [ 18.587742] ret_from_fork+0x116/0x1d0 [ 18.587914] ret_from_fork_asm+0x1a/0x30 [ 18.588116] [ 18.588249] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.588669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.588914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.589455] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.061593] ================================================================== [ 18.062029] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.062029] [ 18.062418] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.063266] test_invalid_addr_free+0xfb/0x260 [ 18.063629] kunit_try_run_case+0x1a5/0x480 [ 18.063906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.064138] kthread+0x337/0x6f0 [ 18.064365] ret_from_fork+0x116/0x1d0 [ 18.064582] ret_from_fork_asm+0x1a/0x30 [ 18.064782] [ 18.064890] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.064890] [ 18.065188] allocated by task 327 on cpu 0 at 18.061396s (0.003790s ago): [ 18.065678] test_alloc+0x2a6/0x10f0 [ 18.065862] test_invalid_addr_free+0xdb/0x260 [ 18.066072] kunit_try_run_case+0x1a5/0x480 [ 18.066297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.066543] kthread+0x337/0x6f0 [ 18.066739] ret_from_fork+0x116/0x1d0 [ 18.066928] ret_from_fork_asm+0x1a/0x30 [ 18.067083] [ 18.067181] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.067675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.067820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.068206] ================================================================== [ 17.957540] ================================================================== [ 17.957934] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.957934] [ 17.958365] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.958652] test_invalid_addr_free+0x1e1/0x260 [ 17.958828] kunit_try_run_case+0x1a5/0x480 [ 17.959022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.959388] kthread+0x337/0x6f0 [ 17.959555] ret_from_fork+0x116/0x1d0 [ 17.959729] ret_from_fork_asm+0x1a/0x30 [ 17.959911] [ 17.959995] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.959995] [ 17.960432] allocated by task 325 on cpu 1 at 17.957398s (0.003032s ago): [ 17.960705] test_alloc+0x364/0x10f0 [ 17.960888] test_invalid_addr_free+0xdb/0x260 [ 17.961081] kunit_try_run_case+0x1a5/0x480 [ 17.961230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961406] kthread+0x337/0x6f0 [ 17.961539] ret_from_fork+0x116/0x1d0 [ 17.961743] ret_from_fork_asm+0x1a/0x30 [ 17.961945] [ 17.962062] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.962618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.962760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.963042] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.749680] ================================================================== [ 17.750111] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.750111] [ 17.750459] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 17.750793] test_double_free+0x1d3/0x260 [ 17.750965] kunit_try_run_case+0x1a5/0x480 [ 17.751152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.751409] kthread+0x337/0x6f0 [ 17.751546] ret_from_fork+0x116/0x1d0 [ 17.751783] ret_from_fork_asm+0x1a/0x30 [ 17.751984] [ 17.752082] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.752082] [ 17.752485] allocated by task 321 on cpu 1 at 17.749408s (0.003076s ago): [ 17.752808] test_alloc+0x364/0x10f0 [ 17.752999] test_double_free+0xdb/0x260 [ 17.753193] kunit_try_run_case+0x1a5/0x480 [ 17.753380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.753605] kthread+0x337/0x6f0 [ 17.753769] ret_from_fork+0x116/0x1d0 [ 17.753957] ret_from_fork_asm+0x1a/0x30 [ 17.754148] [ 17.754252] freed by task 321 on cpu 1 at 17.749480s (0.004769s ago): [ 17.754542] test_double_free+0x1e0/0x260 [ 17.754711] kunit_try_run_case+0x1a5/0x480 [ 17.754920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.755137] kthread+0x337/0x6f0 [ 17.755290] ret_from_fork+0x116/0x1d0 [ 17.755474] ret_from_fork_asm+0x1a/0x30 [ 17.755654] [ 17.755775] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.756197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.756376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.756733] ================================================================== [ 17.853589] ================================================================== [ 17.853995] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.853995] [ 17.854380] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 17.854967] test_double_free+0x112/0x260 [ 17.855475] kunit_try_run_case+0x1a5/0x480 [ 17.855717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.855964] kthread+0x337/0x6f0 [ 17.856134] ret_from_fork+0x116/0x1d0 [ 17.856458] ret_from_fork_asm+0x1a/0x30 [ 17.856834] [ 17.856924] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.856924] [ 17.857472] allocated by task 323 on cpu 0 at 17.853391s (0.004078s ago): [ 17.857953] test_alloc+0x2a6/0x10f0 [ 17.858155] test_double_free+0xdb/0x260 [ 17.858541] kunit_try_run_case+0x1a5/0x480 [ 17.858834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.859165] kthread+0x337/0x6f0 [ 17.859359] ret_from_fork+0x116/0x1d0 [ 17.859667] ret_from_fork_asm+0x1a/0x30 [ 17.859887] [ 17.860128] freed by task 323 on cpu 0 at 17.853453s (0.006670s ago): [ 17.860560] test_double_free+0xfa/0x260 [ 17.860771] kunit_try_run_case+0x1a5/0x480 [ 17.861076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.861417] kthread+0x337/0x6f0 [ 17.861620] ret_from_fork+0x116/0x1d0 [ 17.861918] ret_from_fork_asm+0x1a/0x30 [ 17.862134] [ 17.862369] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.862834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.863021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.863660] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.333686] ================================================================== [ 17.334133] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.334133] [ 17.335072] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.335712] test_use_after_free_read+0x129/0x270 [ 17.335969] kunit_try_run_case+0x1a5/0x480 [ 17.336380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.336668] kthread+0x337/0x6f0 [ 17.336982] ret_from_fork+0x116/0x1d0 [ 17.337296] ret_from_fork_asm+0x1a/0x30 [ 17.337599] [ 17.337720] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.337720] [ 17.338257] allocated by task 313 on cpu 1 at 17.333418s (0.004837s ago): [ 17.338734] test_alloc+0x364/0x10f0 [ 17.338997] test_use_after_free_read+0xdc/0x270 [ 17.339330] kunit_try_run_case+0x1a5/0x480 [ 17.339518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.339934] kthread+0x337/0x6f0 [ 17.340189] ret_from_fork+0x116/0x1d0 [ 17.340389] ret_from_fork_asm+0x1a/0x30 [ 17.340827] [ 17.341080] freed by task 313 on cpu 1 at 17.333493s (0.007497s ago): [ 17.341594] test_use_after_free_read+0x1e7/0x270 [ 17.341843] kunit_try_run_case+0x1a5/0x480 [ 17.342189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.342547] kthread+0x337/0x6f0 [ 17.342838] ret_from_fork+0x116/0x1d0 [ 17.343016] ret_from_fork_asm+0x1a/0x30 [ 17.343457] [ 17.343688] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.344148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.344637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.345033] ================================================================== [ 17.437584] ================================================================== [ 17.437979] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.437979] [ 17.438914] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 17.439217] test_use_after_free_read+0x129/0x270 [ 17.439535] kunit_try_run_case+0x1a5/0x480 [ 17.439691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.439868] kthread+0x337/0x6f0 [ 17.439993] ret_from_fork+0x116/0x1d0 [ 17.440128] ret_from_fork_asm+0x1a/0x30 [ 17.440494] [ 17.440666] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.440666] [ 17.441409] allocated by task 315 on cpu 0 at 17.437459s (0.003948s ago): [ 17.442113] test_alloc+0x2a6/0x10f0 [ 17.442454] test_use_after_free_read+0xdc/0x270 [ 17.442710] kunit_try_run_case+0x1a5/0x480 [ 17.442859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.443034] kthread+0x337/0x6f0 [ 17.443154] ret_from_fork+0x116/0x1d0 [ 17.443513] ret_from_fork_asm+0x1a/0x30 [ 17.443864] [ 17.444021] freed by task 315 on cpu 0 at 17.437494s (0.006524s ago): [ 17.444623] test_use_after_free_read+0xfb/0x270 [ 17.444797] kunit_try_run_case+0x1a5/0x480 [ 17.444946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.445213] kthread+0x337/0x6f0 [ 17.445381] ret_from_fork+0x116/0x1d0 [ 17.445548] ret_from_fork_asm+0x1a/0x30 [ 17.445716] [ 17.445812] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.446298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.446436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.446991] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.917464] ================================================================== [ 16.917874] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.917874] [ 16.918366] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#65): [ 16.918705] test_out_of_bounds_write+0x10d/0x260 [ 16.918891] kunit_try_run_case+0x1a5/0x480 [ 16.919118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.919410] kthread+0x337/0x6f0 [ 16.919553] ret_from_fork+0x116/0x1d0 [ 16.919694] ret_from_fork_asm+0x1a/0x30 [ 16.919901] [ 16.920004] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.920004] [ 16.920653] allocated by task 309 on cpu 0 at 16.917371s (0.003280s ago): [ 16.920943] test_alloc+0x364/0x10f0 [ 16.921138] test_out_of_bounds_write+0xd4/0x260 [ 16.921353] kunit_try_run_case+0x1a5/0x480 [ 16.921545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.921725] kthread+0x337/0x6f0 [ 16.921850] ret_from_fork+0x116/0x1d0 [ 16.922037] ret_from_fork_asm+0x1a/0x30 [ 16.922238] [ 16.922378] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.922886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.923039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.923399] ================================================================== [ 17.229436] ================================================================== [ 17.229859] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.229859] [ 17.230282] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 17.230939] test_out_of_bounds_write+0x10d/0x260 [ 17.231122] kunit_try_run_case+0x1a5/0x480 [ 17.231696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.231964] kthread+0x337/0x6f0 [ 17.232311] ret_from_fork+0x116/0x1d0 [ 17.232636] ret_from_fork_asm+0x1a/0x30 [ 17.232827] [ 17.232929] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.232929] [ 17.233525] allocated by task 311 on cpu 1 at 17.229370s (0.004153s ago): [ 17.234025] test_alloc+0x2a6/0x10f0 [ 17.234333] test_out_of_bounds_write+0xd4/0x260 [ 17.234549] kunit_try_run_case+0x1a5/0x480 [ 17.234860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.235122] kthread+0x337/0x6f0 [ 17.235253] ret_from_fork+0x116/0x1d0 [ 17.235634] ret_from_fork_asm+0x1a/0x30 [ 17.235913] [ 17.236061] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.236679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.236894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.237400] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.813492] ================================================================== [ 16.813891] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.813891] [ 16.814356] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 16.814767] test_out_of_bounds_read+0x216/0x4e0 [ 16.814996] kunit_try_run_case+0x1a5/0x480 [ 16.815310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.815515] kthread+0x337/0x6f0 [ 16.815643] ret_from_fork+0x116/0x1d0 [ 16.815838] ret_from_fork_asm+0x1a/0x30 [ 16.816064] [ 16.816161] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.816161] [ 16.816593] allocated by task 307 on cpu 0 at 16.813441s (0.003151s ago): [ 16.816901] test_alloc+0x2a6/0x10f0 [ 16.817052] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.817325] kunit_try_run_case+0x1a5/0x480 [ 16.817548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.817797] kthread+0x337/0x6f0 [ 16.817919] ret_from_fork+0x116/0x1d0 [ 16.818077] ret_from_fork_asm+0x1a/0x30 [ 16.818465] [ 16.818597] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.819098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.819285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.819728] ================================================================== [ 16.502552] ================================================================== [ 16.503023] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.503023] [ 16.503612] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 16.503996] test_out_of_bounds_read+0x126/0x4e0 [ 16.504551] kunit_try_run_case+0x1a5/0x480 [ 16.504790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.505029] kthread+0x337/0x6f0 [ 16.505612] ret_from_fork+0x116/0x1d0 [ 16.505823] ret_from_fork_asm+0x1a/0x30 [ 16.506034] [ 16.506299] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.506299] [ 16.506821] allocated by task 305 on cpu 0 at 16.501516s (0.005247s ago): [ 16.507802] test_alloc+0x364/0x10f0 [ 16.508182] test_out_of_bounds_read+0xed/0x4e0 [ 16.508464] kunit_try_run_case+0x1a5/0x480 [ 16.508831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.509045] kthread+0x337/0x6f0 [ 16.509216] ret_from_fork+0x116/0x1d0 [ 16.509407] ret_from_fork_asm+0x1a/0x30 [ 16.509751] [ 16.509932] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.510453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.510614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.511050] ================================================================== [ 16.709355] ================================================================== [ 16.709757] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.709757] [ 16.710126] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 16.710496] test_out_of_bounds_read+0x126/0x4e0 [ 16.710747] kunit_try_run_case+0x1a5/0x480 [ 16.710956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.711194] kthread+0x337/0x6f0 [ 16.711352] ret_from_fork+0x116/0x1d0 [ 16.711520] ret_from_fork_asm+0x1a/0x30 [ 16.711747] [ 16.711847] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.711847] [ 16.712206] allocated by task 307 on cpu 0 at 16.709300s (0.002904s ago): [ 16.712636] test_alloc+0x2a6/0x10f0 [ 16.712846] test_out_of_bounds_read+0xed/0x4e0 [ 16.713079] kunit_try_run_case+0x1a5/0x480 [ 16.713279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.713519] kthread+0x337/0x6f0 [ 16.713636] ret_from_fork+0x116/0x1d0 [ 16.713913] ret_from_fork_asm+0x1a/0x30 [ 16.714119] [ 16.714322] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.714768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.714991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.715434] ================================================================== [ 16.605612] ================================================================== [ 16.605991] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.605991] [ 16.606571] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 16.606948] test_out_of_bounds_read+0x216/0x4e0 [ 16.607137] kunit_try_run_case+0x1a5/0x480 [ 16.607366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607554] kthread+0x337/0x6f0 [ 16.607754] ret_from_fork+0x116/0x1d0 [ 16.607944] ret_from_fork_asm+0x1a/0x30 [ 16.608141] [ 16.608254] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.608254] [ 16.608632] allocated by task 305 on cpu 0 at 16.605413s (0.003217s ago): [ 16.608907] test_alloc+0x364/0x10f0 [ 16.609112] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.609340] kunit_try_run_case+0x1a5/0x480 [ 16.609559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.609729] kthread+0x337/0x6f0 [ 16.609846] ret_from_fork+0x116/0x1d0 [ 16.609974] ret_from_fork_asm+0x1a/0x30 [ 16.610188] [ 16.610318] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.610827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.611005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.611354] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.241197] ================================================================== [ 16.241628] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.241871] Write of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.242253] [ 16.242367] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.242412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.242424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.242446] Call Trace: [ 16.242465] <TASK> [ 16.242483] dump_stack_lvl+0x73/0xb0 [ 16.242521] print_report+0xd1/0x610 [ 16.242544] ? __virt_addr_valid+0x1db/0x2d0 [ 16.242567] ? strncpy_from_user+0x2e/0x1d0 [ 16.242591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.242615] ? strncpy_from_user+0x2e/0x1d0 [ 16.242640] kasan_report+0x141/0x180 [ 16.242662] ? strncpy_from_user+0x2e/0x1d0 [ 16.242691] kasan_check_range+0x10c/0x1c0 [ 16.242714] __kasan_check_write+0x18/0x20 [ 16.242735] strncpy_from_user+0x2e/0x1d0 [ 16.242758] ? __kasan_check_read+0x15/0x20 [ 16.242779] copy_user_test_oob+0x760/0x10f0 [ 16.242807] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.242830] ? finish_task_switch.isra.0+0x153/0x700 [ 16.242854] ? __switch_to+0x47/0xf50 [ 16.242880] ? __schedule+0x10cc/0x2b60 [ 16.242903] ? __pfx_read_tsc+0x10/0x10 [ 16.242926] ? ktime_get_ts64+0x86/0x230 [ 16.242950] kunit_try_run_case+0x1a5/0x480 [ 16.242976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.243000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.243025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.243050] ? __kthread_parkme+0x82/0x180 [ 16.243071] ? preempt_count_sub+0x50/0x80 [ 16.243094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.243119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.243143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.243177] kthread+0x337/0x6f0 [ 16.243197] ? trace_preempt_on+0x20/0xc0 [ 16.243221] ? __pfx_kthread+0x10/0x10 [ 16.243242] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.243264] ? calculate_sigpending+0x7b/0xa0 [ 16.243289] ? __pfx_kthread+0x10/0x10 [ 16.243310] ret_from_fork+0x116/0x1d0 [ 16.243330] ? __pfx_kthread+0x10/0x10 [ 16.243351] ret_from_fork_asm+0x1a/0x30 [ 16.243384] </TASK> [ 16.243394] [ 16.251046] Allocated by task 303: [ 16.251251] kasan_save_stack+0x45/0x70 [ 16.251398] kasan_save_track+0x18/0x40 [ 16.251546] kasan_save_alloc_info+0x3b/0x50 [ 16.251698] __kasan_kmalloc+0xb7/0xc0 [ 16.251898] __kmalloc_noprof+0x1c9/0x500 [ 16.252106] kunit_kmalloc_array+0x25/0x60 [ 16.252508] copy_user_test_oob+0xab/0x10f0 [ 16.252665] kunit_try_run_case+0x1a5/0x480 [ 16.252813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.252994] kthread+0x337/0x6f0 [ 16.253174] ret_from_fork+0x116/0x1d0 [ 16.253364] ret_from_fork_asm+0x1a/0x30 [ 16.253576] [ 16.253672] The buggy address belongs to the object at ffff888102f59b00 [ 16.253672] which belongs to the cache kmalloc-128 of size 128 [ 16.254258] The buggy address is located 0 bytes inside of [ 16.254258] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.254747] [ 16.254847] The buggy address belongs to the physical page: [ 16.255074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.255416] flags: 0x200000000000000(node=0|zone=2) [ 16.255641] page_type: f5(slab) [ 16.255809] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.256100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.256549] page dumped because: kasan: bad access detected [ 16.256782] [ 16.256862] Memory state around the buggy address: [ 16.257087] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.257406] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.257708] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.258001] ^ [ 16.258351] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.258651] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.258930] ================================================================== [ 16.259485] ================================================================== [ 16.259820] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.260176] Write of size 1 at addr ffff888102f59b78 by task kunit_try_catch/303 [ 16.260471] [ 16.260569] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.260613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.260625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.260647] Call Trace: [ 16.260665] <TASK> [ 16.260681] dump_stack_lvl+0x73/0xb0 [ 16.260709] print_report+0xd1/0x610 [ 16.260732] ? __virt_addr_valid+0x1db/0x2d0 [ 16.260756] ? strncpy_from_user+0x1a5/0x1d0 [ 16.260778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.260802] ? strncpy_from_user+0x1a5/0x1d0 [ 16.260826] kasan_report+0x141/0x180 [ 16.260848] ? strncpy_from_user+0x1a5/0x1d0 [ 16.260876] __asan_report_store1_noabort+0x1b/0x30 [ 16.260902] strncpy_from_user+0x1a5/0x1d0 [ 16.260929] copy_user_test_oob+0x760/0x10f0 [ 16.260956] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.260979] ? finish_task_switch.isra.0+0x153/0x700 [ 16.261004] ? __switch_to+0x47/0xf50 [ 16.261030] ? __schedule+0x10cc/0x2b60 [ 16.261052] ? __pfx_read_tsc+0x10/0x10 [ 16.261074] ? ktime_get_ts64+0x86/0x230 [ 16.261099] kunit_try_run_case+0x1a5/0x480 [ 16.261124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.261147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.261172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.261197] ? __kthread_parkme+0x82/0x180 [ 16.261219] ? preempt_count_sub+0x50/0x80 [ 16.261243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.261268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.261293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.261318] kthread+0x337/0x6f0 [ 16.261338] ? trace_preempt_on+0x20/0xc0 [ 16.261362] ? __pfx_kthread+0x10/0x10 [ 16.261383] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.261405] ? calculate_sigpending+0x7b/0xa0 [ 16.261431] ? __pfx_kthread+0x10/0x10 [ 16.261453] ret_from_fork+0x116/0x1d0 [ 16.261485] ? __pfx_kthread+0x10/0x10 [ 16.261517] ret_from_fork_asm+0x1a/0x30 [ 16.261549] </TASK> [ 16.261560] [ 16.268683] Allocated by task 303: [ 16.268843] kasan_save_stack+0x45/0x70 [ 16.269011] kasan_save_track+0x18/0x40 [ 16.269147] kasan_save_alloc_info+0x3b/0x50 [ 16.269365] __kasan_kmalloc+0xb7/0xc0 [ 16.269569] __kmalloc_noprof+0x1c9/0x500 [ 16.269735] kunit_kmalloc_array+0x25/0x60 [ 16.269926] copy_user_test_oob+0xab/0x10f0 [ 16.270133] kunit_try_run_case+0x1a5/0x480 [ 16.270327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.270571] kthread+0x337/0x6f0 [ 16.270730] ret_from_fork+0x116/0x1d0 [ 16.270915] ret_from_fork_asm+0x1a/0x30 [ 16.271063] [ 16.271135] The buggy address belongs to the object at ffff888102f59b00 [ 16.271135] which belongs to the cache kmalloc-128 of size 128 [ 16.271656] The buggy address is located 0 bytes to the right of [ 16.271656] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.272114] [ 16.272187] The buggy address belongs to the physical page: [ 16.272360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.273273] flags: 0x200000000000000(node=0|zone=2) [ 16.273455] page_type: f5(slab) [ 16.273599] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.273864] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.274236] page dumped because: kasan: bad access detected [ 16.274487] [ 16.274591] Memory state around the buggy address: [ 16.274813] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.275075] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275319] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.275544] ^ [ 16.275759] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.276052] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.276394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.165295] ================================================================== [ 16.165839] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.166137] Write of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.166875] [ 16.167077] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.167125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.167137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.167159] Call Trace: [ 16.167173] <TASK> [ 16.167190] dump_stack_lvl+0x73/0xb0 [ 16.167219] print_report+0xd1/0x610 [ 16.167253] ? __virt_addr_valid+0x1db/0x2d0 [ 16.167278] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.167302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.167326] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.167349] kasan_report+0x141/0x180 [ 16.167372] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.167401] kasan_check_range+0x10c/0x1c0 [ 16.167426] __kasan_check_write+0x18/0x20 [ 16.167445] copy_user_test_oob+0x3fd/0x10f0 [ 16.167471] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.167495] ? finish_task_switch.isra.0+0x153/0x700 [ 16.167530] ? __switch_to+0x47/0xf50 [ 16.167555] ? __schedule+0x10cc/0x2b60 [ 16.167578] ? __pfx_read_tsc+0x10/0x10 [ 16.167600] ? ktime_get_ts64+0x86/0x230 [ 16.167625] kunit_try_run_case+0x1a5/0x480 [ 16.167650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.167673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.167698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.167723] ? __kthread_parkme+0x82/0x180 [ 16.167745] ? preempt_count_sub+0x50/0x80 [ 16.167769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.167793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.167848] kthread+0x337/0x6f0 [ 16.167870] ? trace_preempt_on+0x20/0xc0 [ 16.167894] ? __pfx_kthread+0x10/0x10 [ 16.167914] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.167936] ? calculate_sigpending+0x7b/0xa0 [ 16.167962] ? __pfx_kthread+0x10/0x10 [ 16.167984] ret_from_fork+0x116/0x1d0 [ 16.168003] ? __pfx_kthread+0x10/0x10 [ 16.168024] ret_from_fork_asm+0x1a/0x30 [ 16.168055] </TASK> [ 16.168066] [ 16.179003] Allocated by task 303: [ 16.179208] kasan_save_stack+0x45/0x70 [ 16.179415] kasan_save_track+0x18/0x40 [ 16.179619] kasan_save_alloc_info+0x3b/0x50 [ 16.179809] __kasan_kmalloc+0xb7/0xc0 [ 16.179943] __kmalloc_noprof+0x1c9/0x500 [ 16.180109] kunit_kmalloc_array+0x25/0x60 [ 16.180307] copy_user_test_oob+0xab/0x10f0 [ 16.180508] kunit_try_run_case+0x1a5/0x480 [ 16.180713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.180890] kthread+0x337/0x6f0 [ 16.181060] ret_from_fork+0x116/0x1d0 [ 16.181360] ret_from_fork_asm+0x1a/0x30 [ 16.181573] [ 16.181647] The buggy address belongs to the object at ffff888102f59b00 [ 16.181647] which belongs to the cache kmalloc-128 of size 128 [ 16.182118] The buggy address is located 0 bytes inside of [ 16.182118] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.182639] [ 16.182713] The buggy address belongs to the physical page: [ 16.182889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.183174] flags: 0x200000000000000(node=0|zone=2) [ 16.183418] page_type: f5(slab) [ 16.183597] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.183939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.184211] page dumped because: kasan: bad access detected [ 16.184382] [ 16.184468] Memory state around the buggy address: [ 16.184705] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.185033] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.185423] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.185729] ^ [ 16.185999] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.186238] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.186621] ================================================================== [ 16.205304] ================================================================== [ 16.205625] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.205919] Write of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.206293] [ 16.206388] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.206434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.206446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.206469] Call Trace: [ 16.206488] <TASK> [ 16.206517] dump_stack_lvl+0x73/0xb0 [ 16.206546] print_report+0xd1/0x610 [ 16.206568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.206593] ? copy_user_test_oob+0x557/0x10f0 [ 16.206616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.206639] ? copy_user_test_oob+0x557/0x10f0 [ 16.206664] kasan_report+0x141/0x180 [ 16.206685] ? copy_user_test_oob+0x557/0x10f0 [ 16.206713] kasan_check_range+0x10c/0x1c0 [ 16.206738] __kasan_check_write+0x18/0x20 [ 16.206759] copy_user_test_oob+0x557/0x10f0 [ 16.206785] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.206808] ? finish_task_switch.isra.0+0x153/0x700 [ 16.206832] ? __switch_to+0x47/0xf50 [ 16.206859] ? __schedule+0x10cc/0x2b60 [ 16.206882] ? __pfx_read_tsc+0x10/0x10 [ 16.206904] ? ktime_get_ts64+0x86/0x230 [ 16.206929] kunit_try_run_case+0x1a5/0x480 [ 16.206955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.206978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.207003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.207027] ? __kthread_parkme+0x82/0x180 [ 16.207049] ? preempt_count_sub+0x50/0x80 [ 16.207073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.207123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.207148] kthread+0x337/0x6f0 [ 16.207182] ? trace_preempt_on+0x20/0xc0 [ 16.207206] ? __pfx_kthread+0x10/0x10 [ 16.207227] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.207249] ? calculate_sigpending+0x7b/0xa0 [ 16.207274] ? __pfx_kthread+0x10/0x10 [ 16.207297] ret_from_fork+0x116/0x1d0 [ 16.207317] ? __pfx_kthread+0x10/0x10 [ 16.207337] ret_from_fork_asm+0x1a/0x30 [ 16.207369] </TASK> [ 16.207380] [ 16.214435] Allocated by task 303: [ 16.214624] kasan_save_stack+0x45/0x70 [ 16.214785] kasan_save_track+0x18/0x40 [ 16.214978] kasan_save_alloc_info+0x3b/0x50 [ 16.215155] __kasan_kmalloc+0xb7/0xc0 [ 16.215336] __kmalloc_noprof+0x1c9/0x500 [ 16.215547] kunit_kmalloc_array+0x25/0x60 [ 16.215727] copy_user_test_oob+0xab/0x10f0 [ 16.215900] kunit_try_run_case+0x1a5/0x480 [ 16.216118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216339] kthread+0x337/0x6f0 [ 16.216514] ret_from_fork+0x116/0x1d0 [ 16.216682] ret_from_fork_asm+0x1a/0x30 [ 16.216870] [ 16.216941] The buggy address belongs to the object at ffff888102f59b00 [ 16.216941] which belongs to the cache kmalloc-128 of size 128 [ 16.217453] The buggy address is located 0 bytes inside of [ 16.217453] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.217949] [ 16.218023] The buggy address belongs to the physical page: [ 16.218393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.218712] flags: 0x200000000000000(node=0|zone=2) [ 16.218922] page_type: f5(slab) [ 16.219088] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.219458] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.219762] page dumped because: kasan: bad access detected [ 16.220000] [ 16.220085] Memory state around the buggy address: [ 16.220341] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.220609] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.220831] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.221046] ^ [ 16.221313] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.221819] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.222097] ================================================================== [ 16.222589] ================================================================== [ 16.223105] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.223729] Read of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.224066] [ 16.224171] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.224216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.224228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.224250] Call Trace: [ 16.224271] <TASK> [ 16.224287] dump_stack_lvl+0x73/0xb0 [ 16.224316] print_report+0xd1/0x610 [ 16.224340] ? __virt_addr_valid+0x1db/0x2d0 [ 16.224365] ? copy_user_test_oob+0x604/0x10f0 [ 16.224390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.224413] ? copy_user_test_oob+0x604/0x10f0 [ 16.224437] kasan_report+0x141/0x180 [ 16.224459] ? copy_user_test_oob+0x604/0x10f0 [ 16.224487] kasan_check_range+0x10c/0x1c0 [ 16.224522] __kasan_check_read+0x15/0x20 [ 16.224542] copy_user_test_oob+0x604/0x10f0 [ 16.224567] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.224591] ? finish_task_switch.isra.0+0x153/0x700 [ 16.224615] ? __switch_to+0x47/0xf50 [ 16.224642] ? __schedule+0x10cc/0x2b60 [ 16.224665] ? __pfx_read_tsc+0x10/0x10 [ 16.224687] ? ktime_get_ts64+0x86/0x230 [ 16.224712] kunit_try_run_case+0x1a5/0x480 [ 16.224737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.224760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.224785] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.224810] ? __kthread_parkme+0x82/0x180 [ 16.224831] ? preempt_count_sub+0x50/0x80 [ 16.224855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.224880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.224904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.224929] kthread+0x337/0x6f0 [ 16.224950] ? trace_preempt_on+0x20/0xc0 [ 16.224974] ? __pfx_kthread+0x10/0x10 [ 16.224995] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.225016] ? calculate_sigpending+0x7b/0xa0 [ 16.225042] ? __pfx_kthread+0x10/0x10 [ 16.225063] ret_from_fork+0x116/0x1d0 [ 16.225083] ? __pfx_kthread+0x10/0x10 [ 16.225104] ret_from_fork_asm+0x1a/0x30 [ 16.225136] </TASK> [ 16.225146] [ 16.232119] Allocated by task 303: [ 16.232489] kasan_save_stack+0x45/0x70 [ 16.232703] kasan_save_track+0x18/0x40 [ 16.232899] kasan_save_alloc_info+0x3b/0x50 [ 16.233112] __kasan_kmalloc+0xb7/0xc0 [ 16.233387] __kmalloc_noprof+0x1c9/0x500 [ 16.233560] kunit_kmalloc_array+0x25/0x60 [ 16.233732] copy_user_test_oob+0xab/0x10f0 [ 16.233943] kunit_try_run_case+0x1a5/0x480 [ 16.234122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.234463] kthread+0x337/0x6f0 [ 16.234622] ret_from_fork+0x116/0x1d0 [ 16.234797] ret_from_fork_asm+0x1a/0x30 [ 16.234993] [ 16.235071] The buggy address belongs to the object at ffff888102f59b00 [ 16.235071] which belongs to the cache kmalloc-128 of size 128 [ 16.235625] The buggy address is located 0 bytes inside of [ 16.235625] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.235985] [ 16.236059] The buggy address belongs to the physical page: [ 16.236234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.236477] flags: 0x200000000000000(node=0|zone=2) [ 16.236651] page_type: f5(slab) [ 16.236775] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.237109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.237857] page dumped because: kasan: bad access detected [ 16.238102] [ 16.238199] Memory state around the buggy address: [ 16.238419] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.238741] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.239052] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.239362] ^ [ 16.239763] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.240019] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.240425] ================================================================== [ 16.187382] ================================================================== [ 16.187734] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.187971] Read of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.188198] [ 16.188286] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.188330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.188342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.188364] Call Trace: [ 16.188384] <TASK> [ 16.188402] dump_stack_lvl+0x73/0xb0 [ 16.188429] print_report+0xd1/0x610 [ 16.188451] ? __virt_addr_valid+0x1db/0x2d0 [ 16.188473] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.188496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.188529] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.188552] kasan_report+0x141/0x180 [ 16.188573] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.188602] kasan_check_range+0x10c/0x1c0 [ 16.188626] __kasan_check_read+0x15/0x20 [ 16.188645] copy_user_test_oob+0x4aa/0x10f0 [ 16.188670] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.188693] ? finish_task_switch.isra.0+0x153/0x700 [ 16.188716] ? __switch_to+0x47/0xf50 [ 16.188741] ? __schedule+0x10cc/0x2b60 [ 16.188783] ? __pfx_read_tsc+0x10/0x10 [ 16.188805] ? ktime_get_ts64+0x86/0x230 [ 16.188830] kunit_try_run_case+0x1a5/0x480 [ 16.188855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.188904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.188928] ? __kthread_parkme+0x82/0x180 [ 16.188950] ? preempt_count_sub+0x50/0x80 [ 16.188974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.189023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.189048] kthread+0x337/0x6f0 [ 16.189068] ? trace_preempt_on+0x20/0xc0 [ 16.189092] ? __pfx_kthread+0x10/0x10 [ 16.189113] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.189135] ? calculate_sigpending+0x7b/0xa0 [ 16.189161] ? __pfx_kthread+0x10/0x10 [ 16.189182] ret_from_fork+0x116/0x1d0 [ 16.189202] ? __pfx_kthread+0x10/0x10 [ 16.189223] ret_from_fork_asm+0x1a/0x30 [ 16.189255] </TASK> [ 16.189266] [ 16.196955] Allocated by task 303: [ 16.197094] kasan_save_stack+0x45/0x70 [ 16.197354] kasan_save_track+0x18/0x40 [ 16.197573] kasan_save_alloc_info+0x3b/0x50 [ 16.197791] __kasan_kmalloc+0xb7/0xc0 [ 16.197976] __kmalloc_noprof+0x1c9/0x500 [ 16.198151] kunit_kmalloc_array+0x25/0x60 [ 16.198355] copy_user_test_oob+0xab/0x10f0 [ 16.198539] kunit_try_run_case+0x1a5/0x480 [ 16.198739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.198972] kthread+0x337/0x6f0 [ 16.199096] ret_from_fork+0x116/0x1d0 [ 16.199398] ret_from_fork_asm+0x1a/0x30 [ 16.199604] [ 16.199691] The buggy address belongs to the object at ffff888102f59b00 [ 16.199691] which belongs to the cache kmalloc-128 of size 128 [ 16.200158] The buggy address is located 0 bytes inside of [ 16.200158] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.200568] [ 16.200642] The buggy address belongs to the physical page: [ 16.200816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.201059] flags: 0x200000000000000(node=0|zone=2) [ 16.201263] page_type: f5(slab) [ 16.201517] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.201855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.202231] page dumped because: kasan: bad access detected [ 16.202482] [ 16.202582] Memory state around the buggy address: [ 16.202931] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.203214] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203520] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.203763] ^ [ 16.204081] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204410] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204697] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.134669] ================================================================== [ 16.135416] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.135679] Read of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.135911] [ 16.136003] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.136051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.136063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.136086] Call Trace: [ 16.136106] <TASK> [ 16.136127] dump_stack_lvl+0x73/0xb0 [ 16.136168] print_report+0xd1/0x610 [ 16.136193] ? __virt_addr_valid+0x1db/0x2d0 [ 16.136217] ? _copy_to_user+0x3c/0x70 [ 16.136236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.136259] ? _copy_to_user+0x3c/0x70 [ 16.136279] kasan_report+0x141/0x180 [ 16.136301] ? _copy_to_user+0x3c/0x70 [ 16.136326] kasan_check_range+0x10c/0x1c0 [ 16.136350] __kasan_check_read+0x15/0x20 [ 16.136370] _copy_to_user+0x3c/0x70 [ 16.136390] copy_user_test_oob+0x364/0x10f0 [ 16.136417] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.136440] ? finish_task_switch.isra.0+0x153/0x700 [ 16.136465] ? __switch_to+0x47/0xf50 [ 16.136491] ? __schedule+0x10cc/0x2b60 [ 16.136523] ? __pfx_read_tsc+0x10/0x10 [ 16.136544] ? ktime_get_ts64+0x86/0x230 [ 16.136569] kunit_try_run_case+0x1a5/0x480 [ 16.136594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.136643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.136669] ? __kthread_parkme+0x82/0x180 [ 16.136691] ? preempt_count_sub+0x50/0x80 [ 16.136715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.136792] kthread+0x337/0x6f0 [ 16.136812] ? trace_preempt_on+0x20/0xc0 [ 16.136836] ? __pfx_kthread+0x10/0x10 [ 16.136857] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.136879] ? calculate_sigpending+0x7b/0xa0 [ 16.136904] ? __pfx_kthread+0x10/0x10 [ 16.136926] ret_from_fork+0x116/0x1d0 [ 16.136945] ? __pfx_kthread+0x10/0x10 [ 16.136966] ret_from_fork_asm+0x1a/0x30 [ 16.136997] </TASK> [ 16.137008] [ 16.148635] Allocated by task 303: [ 16.148804] kasan_save_stack+0x45/0x70 [ 16.148948] kasan_save_track+0x18/0x40 [ 16.149079] kasan_save_alloc_info+0x3b/0x50 [ 16.149285] __kasan_kmalloc+0xb7/0xc0 [ 16.149469] __kmalloc_noprof+0x1c9/0x500 [ 16.149854] kunit_kmalloc_array+0x25/0x60 [ 16.150119] copy_user_test_oob+0xab/0x10f0 [ 16.150445] kunit_try_run_case+0x1a5/0x480 [ 16.150838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.151091] kthread+0x337/0x6f0 [ 16.151905] ret_from_fork+0x116/0x1d0 [ 16.152062] ret_from_fork_asm+0x1a/0x30 [ 16.152218] [ 16.152293] The buggy address belongs to the object at ffff888102f59b00 [ 16.152293] which belongs to the cache kmalloc-128 of size 128 [ 16.153179] The buggy address is located 0 bytes inside of [ 16.153179] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.153800] [ 16.153884] The buggy address belongs to the physical page: [ 16.154061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.154887] flags: 0x200000000000000(node=0|zone=2) [ 16.155345] page_type: f5(slab) [ 16.155774] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.156531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.157126] page dumped because: kasan: bad access detected [ 16.157475] [ 16.157555] Memory state around the buggy address: [ 16.157715] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.157936] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.158177] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.158766] ^ [ 16.159391] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.159986] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160615] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.092454] ================================================================== [ 16.093908] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.094881] Write of size 121 at addr ffff888102f59b00 by task kunit_try_catch/303 [ 16.095654] [ 16.095766] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.095820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.095833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.095857] Call Trace: [ 16.095871] <TASK> [ 16.095893] dump_stack_lvl+0x73/0xb0 [ 16.095930] print_report+0xd1/0x610 [ 16.095956] ? __virt_addr_valid+0x1db/0x2d0 [ 16.095982] ? _copy_from_user+0x32/0x90 [ 16.096002] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.096025] ? _copy_from_user+0x32/0x90 [ 16.096045] kasan_report+0x141/0x180 [ 16.096067] ? _copy_from_user+0x32/0x90 [ 16.096093] kasan_check_range+0x10c/0x1c0 [ 16.096117] __kasan_check_write+0x18/0x20 [ 16.096137] _copy_from_user+0x32/0x90 [ 16.096364] copy_user_test_oob+0x2be/0x10f0 [ 16.096396] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.096421] ? finish_task_switch.isra.0+0x153/0x700 [ 16.096448] ? __switch_to+0x47/0xf50 [ 16.096530] ? __schedule+0x10cc/0x2b60 [ 16.096555] ? __pfx_read_tsc+0x10/0x10 [ 16.096578] ? ktime_get_ts64+0x86/0x230 [ 16.096604] kunit_try_run_case+0x1a5/0x480 [ 16.096629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.096652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.096678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.096702] ? __kthread_parkme+0x82/0x180 [ 16.096725] ? preempt_count_sub+0x50/0x80 [ 16.096749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.096774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.096800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.096825] kthread+0x337/0x6f0 [ 16.096845] ? trace_preempt_on+0x20/0xc0 [ 16.096871] ? __pfx_kthread+0x10/0x10 [ 16.096891] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.096913] ? calculate_sigpending+0x7b/0xa0 [ 16.096939] ? __pfx_kthread+0x10/0x10 [ 16.096962] ret_from_fork+0x116/0x1d0 [ 16.096981] ? __pfx_kthread+0x10/0x10 [ 16.097002] ret_from_fork_asm+0x1a/0x30 [ 16.097034] </TASK> [ 16.097047] [ 16.113222] Allocated by task 303: [ 16.113720] kasan_save_stack+0x45/0x70 [ 16.114287] kasan_save_track+0x18/0x40 [ 16.114650] kasan_save_alloc_info+0x3b/0x50 [ 16.114815] __kasan_kmalloc+0xb7/0xc0 [ 16.114951] __kmalloc_noprof+0x1c9/0x500 [ 16.115095] kunit_kmalloc_array+0x25/0x60 [ 16.115250] copy_user_test_oob+0xab/0x10f0 [ 16.115401] kunit_try_run_case+0x1a5/0x480 [ 16.116125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.116786] kthread+0x337/0x6f0 [ 16.117260] ret_from_fork+0x116/0x1d0 [ 16.117796] ret_from_fork_asm+0x1a/0x30 [ 16.118329] [ 16.118643] The buggy address belongs to the object at ffff888102f59b00 [ 16.118643] which belongs to the cache kmalloc-128 of size 128 [ 16.120054] The buggy address is located 0 bytes inside of [ 16.120054] allocated 120-byte region [ffff888102f59b00, ffff888102f59b78) [ 16.121246] [ 16.121557] The buggy address belongs to the physical page: [ 16.121950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 16.122546] flags: 0x200000000000000(node=0|zone=2) [ 16.123126] page_type: f5(slab) [ 16.123601] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.124313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.124858] page dumped because: kasan: bad access detected [ 16.125050] [ 16.125126] Memory state around the buggy address: [ 16.126045] ffff888102f59a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.126924] ffff888102f59a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127611] >ffff888102f59b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.127837] ^ [ 16.128057] ffff888102f59b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129056] ffff888102f59c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129889] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.010853] ================================================================== [ 16.012797] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.013555] Read of size 8 at addr ffff8881027f9678 by task kunit_try_catch/299 [ 16.014430] [ 16.014966] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.015036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.015050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.015075] Call Trace: [ 16.015090] <TASK> [ 16.015110] dump_stack_lvl+0x73/0xb0 [ 16.015145] print_report+0xd1/0x610 [ 16.015183] ? __virt_addr_valid+0x1db/0x2d0 [ 16.015208] ? copy_to_kernel_nofault+0x225/0x260 [ 16.015233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.015256] ? copy_to_kernel_nofault+0x225/0x260 [ 16.015281] kasan_report+0x141/0x180 [ 16.015303] ? copy_to_kernel_nofault+0x225/0x260 [ 16.015331] __asan_report_load8_noabort+0x18/0x20 [ 16.015357] copy_to_kernel_nofault+0x225/0x260 [ 16.015382] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.015408] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.015433] ? finish_task_switch.isra.0+0x153/0x700 [ 16.015458] ? __schedule+0x10cc/0x2b60 [ 16.015480] ? trace_hardirqs_on+0x37/0xe0 [ 16.015521] ? __pfx_read_tsc+0x10/0x10 [ 16.015544] ? ktime_get_ts64+0x86/0x230 [ 16.015570] kunit_try_run_case+0x1a5/0x480 [ 16.015598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.015621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.015646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.015670] ? __kthread_parkme+0x82/0x180 [ 16.015692] ? preempt_count_sub+0x50/0x80 [ 16.015715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.015739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.015764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.015791] kthread+0x337/0x6f0 [ 16.015812] ? trace_preempt_on+0x20/0xc0 [ 16.015835] ? __pfx_kthread+0x10/0x10 [ 16.015856] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.015878] ? calculate_sigpending+0x7b/0xa0 [ 16.015904] ? __pfx_kthread+0x10/0x10 [ 16.015925] ret_from_fork+0x116/0x1d0 [ 16.015945] ? __pfx_kthread+0x10/0x10 [ 16.015965] ret_from_fork_asm+0x1a/0x30 [ 16.015999] </TASK> [ 16.016011] [ 16.031044] Allocated by task 299: [ 16.031456] kasan_save_stack+0x45/0x70 [ 16.031890] kasan_save_track+0x18/0x40 [ 16.032278] kasan_save_alloc_info+0x3b/0x50 [ 16.032597] __kasan_kmalloc+0xb7/0xc0 [ 16.032918] __kmalloc_cache_noprof+0x189/0x420 [ 16.033395] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.033923] kunit_try_run_case+0x1a5/0x480 [ 16.034075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.034490] kthread+0x337/0x6f0 [ 16.035006] ret_from_fork+0x116/0x1d0 [ 16.035442] ret_from_fork_asm+0x1a/0x30 [ 16.035879] [ 16.036044] The buggy address belongs to the object at ffff8881027f9600 [ 16.036044] which belongs to the cache kmalloc-128 of size 128 [ 16.036980] The buggy address is located 0 bytes to the right of [ 16.036980] allocated 120-byte region [ffff8881027f9600, ffff8881027f9678) [ 16.037687] [ 16.037762] The buggy address belongs to the physical page: [ 16.037935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f9 [ 16.038175] flags: 0x200000000000000(node=0|zone=2) [ 16.038421] page_type: f5(slab) [ 16.038561] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.039043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.039332] page dumped because: kasan: bad access detected [ 16.039545] [ 16.039719] Memory state around the buggy address: [ 16.040155] ffff8881027f9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.040915] ffff8881027f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.041851] >ffff8881027f9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.042531] ^ [ 16.043217] ffff8881027f9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043996] ffff8881027f9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.044707] ================================================================== [ 16.046181] ================================================================== [ 16.046820] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.047566] Write of size 8 at addr ffff8881027f9678 by task kunit_try_catch/299 [ 16.048334] [ 16.048425] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.048472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.048484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.048515] Call Trace: [ 16.048529] <TASK> [ 16.048546] dump_stack_lvl+0x73/0xb0 [ 16.048575] print_report+0xd1/0x610 [ 16.048598] ? __virt_addr_valid+0x1db/0x2d0 [ 16.048621] ? copy_to_kernel_nofault+0x99/0x260 [ 16.048645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.048668] ? copy_to_kernel_nofault+0x99/0x260 [ 16.048692] kasan_report+0x141/0x180 [ 16.048714] ? copy_to_kernel_nofault+0x99/0x260 [ 16.048742] kasan_check_range+0x10c/0x1c0 [ 16.048766] __kasan_check_write+0x18/0x20 [ 16.048786] copy_to_kernel_nofault+0x99/0x260 [ 16.048812] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.048837] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.048861] ? finish_task_switch.isra.0+0x153/0x700 [ 16.048884] ? __schedule+0x10cc/0x2b60 [ 16.048907] ? trace_hardirqs_on+0x37/0xe0 [ 16.048938] ? __pfx_read_tsc+0x10/0x10 [ 16.048959] ? ktime_get_ts64+0x86/0x230 [ 16.048984] kunit_try_run_case+0x1a5/0x480 [ 16.049009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.049074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.049099] ? __kthread_parkme+0x82/0x180 [ 16.049121] ? preempt_count_sub+0x50/0x80 [ 16.049144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.049218] kthread+0x337/0x6f0 [ 16.049238] ? trace_preempt_on+0x20/0xc0 [ 16.049261] ? __pfx_kthread+0x10/0x10 [ 16.049282] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.049304] ? calculate_sigpending+0x7b/0xa0 [ 16.049329] ? __pfx_kthread+0x10/0x10 [ 16.049362] ret_from_fork+0x116/0x1d0 [ 16.049381] ? __pfx_kthread+0x10/0x10 [ 16.049401] ret_from_fork_asm+0x1a/0x30 [ 16.049444] </TASK> [ 16.049455] [ 16.065209] Allocated by task 299: [ 16.065570] kasan_save_stack+0x45/0x70 [ 16.065842] kasan_save_track+0x18/0x40 [ 16.065978] kasan_save_alloc_info+0x3b/0x50 [ 16.066438] __kasan_kmalloc+0xb7/0xc0 [ 16.066582] __kmalloc_cache_noprof+0x189/0x420 [ 16.066739] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.066903] kunit_try_run_case+0x1a5/0x480 [ 16.067048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067686] kthread+0x337/0x6f0 [ 16.068057] ret_from_fork+0x116/0x1d0 [ 16.068418] ret_from_fork_asm+0x1a/0x30 [ 16.068797] [ 16.068951] The buggy address belongs to the object at ffff8881027f9600 [ 16.068951] which belongs to the cache kmalloc-128 of size 128 [ 16.070180] The buggy address is located 0 bytes to the right of [ 16.070180] allocated 120-byte region [ffff8881027f9600, ffff8881027f9678) [ 16.071406] [ 16.071589] The buggy address belongs to the physical page: [ 16.072100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f9 [ 16.072971] flags: 0x200000000000000(node=0|zone=2) [ 16.073509] page_type: f5(slab) [ 16.073920] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.074182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.074864] page dumped because: kasan: bad access detected [ 16.075101] [ 16.075279] Memory state around the buggy address: [ 16.075763] ffff8881027f9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.076424] ffff8881027f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.076978] >ffff8881027f9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.077665] ^ [ 16.078211] ffff8881027f9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078724] ffff8881027f9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.776304] ================================================================== [ 15.776654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.776956] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.777287] [ 15.777402] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.777448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.777460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.777482] Call Trace: [ 15.777512] <TASK> [ 15.777530] dump_stack_lvl+0x73/0xb0 [ 15.777558] print_report+0xd1/0x610 [ 15.777582] ? __virt_addr_valid+0x1db/0x2d0 [ 15.777605] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.777627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.777650] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.777672] kasan_report+0x141/0x180 [ 15.777695] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.777723] kasan_check_range+0x10c/0x1c0 [ 15.777747] __kasan_check_write+0x18/0x20 [ 15.777767] kasan_atomics_helper+0x1f43/0x5450 [ 15.777791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.777814] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.777840] ? kasan_atomics+0x152/0x310 [ 15.777866] kasan_atomics+0x1dc/0x310 [ 15.777889] ? __pfx_kasan_atomics+0x10/0x10 [ 15.777912] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.777940] ? __pfx_read_tsc+0x10/0x10 [ 15.777961] ? ktime_get_ts64+0x86/0x230 [ 15.777988] kunit_try_run_case+0x1a5/0x480 [ 15.778013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778036] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.778060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.778084] ? __kthread_parkme+0x82/0x180 [ 15.778106] ? preempt_count_sub+0x50/0x80 [ 15.778131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.778222] kthread+0x337/0x6f0 [ 15.778242] ? trace_preempt_on+0x20/0xc0 [ 15.778268] ? __pfx_kthread+0x10/0x10 [ 15.778289] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.778312] ? calculate_sigpending+0x7b/0xa0 [ 15.778337] ? __pfx_kthread+0x10/0x10 [ 15.778359] ret_from_fork+0x116/0x1d0 [ 15.778379] ? __pfx_kthread+0x10/0x10 [ 15.778399] ret_from_fork_asm+0x1a/0x30 [ 15.778430] </TASK> [ 15.778441] [ 15.786144] Allocated by task 283: [ 15.786290] kasan_save_stack+0x45/0x70 [ 15.786492] kasan_save_track+0x18/0x40 [ 15.786663] kasan_save_alloc_info+0x3b/0x50 [ 15.786855] __kasan_kmalloc+0xb7/0xc0 [ 15.787035] __kmalloc_cache_noprof+0x189/0x420 [ 15.787294] kasan_atomics+0x95/0x310 [ 15.787474] kunit_try_run_case+0x1a5/0x480 [ 15.787667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.787884] kthread+0x337/0x6f0 [ 15.788039] ret_from_fork+0x116/0x1d0 [ 15.788261] ret_from_fork_asm+0x1a/0x30 [ 15.788430] [ 15.788535] The buggy address belongs to the object at ffff8881039f9d00 [ 15.788535] which belongs to the cache kmalloc-64 of size 64 [ 15.788994] The buggy address is located 0 bytes to the right of [ 15.788994] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.789467] [ 15.789557] The buggy address belongs to the physical page: [ 15.789734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.789990] flags: 0x200000000000000(node=0|zone=2) [ 15.790176] page_type: f5(slab) [ 15.790360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.790708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.791046] page dumped because: kasan: bad access detected [ 15.791440] [ 15.791544] Memory state around the buggy address: [ 15.791771] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792087] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792644] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.792862] ^ [ 15.793020] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793512] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793835] ================================================================== [ 14.847039] ================================================================== [ 14.847813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.848596] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.849278] [ 14.849526] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.849588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.849601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.849624] Call Trace: [ 14.849638] <TASK> [ 14.849657] dump_stack_lvl+0x73/0xb0 [ 14.849688] print_report+0xd1/0x610 [ 14.849711] ? __virt_addr_valid+0x1db/0x2d0 [ 14.849735] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.849757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.849780] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.849803] kasan_report+0x141/0x180 [ 14.849826] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.849852] kasan_check_range+0x10c/0x1c0 [ 14.849877] __kasan_check_write+0x18/0x20 [ 14.849897] kasan_atomics_helper+0xa2b/0x5450 [ 14.849920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.849943] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.849970] ? kasan_atomics+0x152/0x310 [ 14.849997] kasan_atomics+0x1dc/0x310 [ 14.850020] ? __pfx_kasan_atomics+0x10/0x10 [ 14.850043] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.850071] ? __pfx_read_tsc+0x10/0x10 [ 14.850093] ? ktime_get_ts64+0x86/0x230 [ 14.850119] kunit_try_run_case+0x1a5/0x480 [ 14.850145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.850181] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.850212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.850236] ? __kthread_parkme+0x82/0x180 [ 14.850258] ? preempt_count_sub+0x50/0x80 [ 14.850283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.850308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.850333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.850359] kthread+0x337/0x6f0 [ 14.850378] ? trace_preempt_on+0x20/0xc0 [ 14.850404] ? __pfx_kthread+0x10/0x10 [ 14.850425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.850447] ? calculate_sigpending+0x7b/0xa0 [ 14.850474] ? __pfx_kthread+0x10/0x10 [ 14.850506] ret_from_fork+0x116/0x1d0 [ 14.850527] ? __pfx_kthread+0x10/0x10 [ 14.850549] ret_from_fork_asm+0x1a/0x30 [ 14.850580] </TASK> [ 14.850592] [ 14.861198] Allocated by task 283: [ 14.861327] kasan_save_stack+0x45/0x70 [ 14.861469] kasan_save_track+0x18/0x40 [ 14.861613] kasan_save_alloc_info+0x3b/0x50 [ 14.861820] __kasan_kmalloc+0xb7/0xc0 [ 14.862010] __kmalloc_cache_noprof+0x189/0x420 [ 14.862254] kasan_atomics+0x95/0x310 [ 14.862593] kunit_try_run_case+0x1a5/0x480 [ 14.862806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.863028] kthread+0x337/0x6f0 [ 14.863149] ret_from_fork+0x116/0x1d0 [ 14.863283] ret_from_fork_asm+0x1a/0x30 [ 14.863420] [ 14.863491] The buggy address belongs to the object at ffff8881039f9d00 [ 14.863491] which belongs to the cache kmalloc-64 of size 64 [ 14.863850] The buggy address is located 0 bytes to the right of [ 14.863850] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.864203] [ 14.864276] The buggy address belongs to the physical page: [ 14.864446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.864749] flags: 0x200000000000000(node=0|zone=2) [ 14.864955] page_type: f5(slab) [ 14.865087] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.865683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.865988] page dumped because: kasan: bad access detected [ 14.866269] [ 14.866384] Memory state around the buggy address: [ 14.867286] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.867630] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.867892] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.868100] ^ [ 14.868251] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868601] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868942] ================================================================== [ 15.478811] ================================================================== [ 15.479373] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.479706] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.480005] [ 15.480116] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.480164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.480176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.480199] Call Trace: [ 15.480218] <TASK> [ 15.480236] dump_stack_lvl+0x73/0xb0 [ 15.480264] print_report+0xd1/0x610 [ 15.480287] ? __virt_addr_valid+0x1db/0x2d0 [ 15.480312] ? kasan_atomics_helper+0x1818/0x5450 [ 15.480334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.480358] ? kasan_atomics_helper+0x1818/0x5450 [ 15.480381] kasan_report+0x141/0x180 [ 15.480403] ? kasan_atomics_helper+0x1818/0x5450 [ 15.480431] kasan_check_range+0x10c/0x1c0 [ 15.480455] __kasan_check_write+0x18/0x20 [ 15.480476] kasan_atomics_helper+0x1818/0x5450 [ 15.480508] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.480532] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.480558] ? kasan_atomics+0x152/0x310 [ 15.480585] kasan_atomics+0x1dc/0x310 [ 15.480608] ? __pfx_kasan_atomics+0x10/0x10 [ 15.480631] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.480659] ? __pfx_read_tsc+0x10/0x10 [ 15.480681] ? ktime_get_ts64+0x86/0x230 [ 15.480706] kunit_try_run_case+0x1a5/0x480 [ 15.480732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480756] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.480782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.480807] ? __kthread_parkme+0x82/0x180 [ 15.480828] ? preempt_count_sub+0x50/0x80 [ 15.480854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.480878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.480928] kthread+0x337/0x6f0 [ 15.480949] ? trace_preempt_on+0x20/0xc0 [ 15.480973] ? __pfx_kthread+0x10/0x10 [ 15.480994] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.481017] ? calculate_sigpending+0x7b/0xa0 [ 15.481042] ? __pfx_kthread+0x10/0x10 [ 15.481063] ret_from_fork+0x116/0x1d0 [ 15.481083] ? __pfx_kthread+0x10/0x10 [ 15.481104] ret_from_fork_asm+0x1a/0x30 [ 15.481135] </TASK> [ 15.481146] [ 15.488519] Allocated by task 283: [ 15.488699] kasan_save_stack+0x45/0x70 [ 15.488903] kasan_save_track+0x18/0x40 [ 15.489095] kasan_save_alloc_info+0x3b/0x50 [ 15.489296] __kasan_kmalloc+0xb7/0xc0 [ 15.489461] __kmalloc_cache_noprof+0x189/0x420 [ 15.489670] kasan_atomics+0x95/0x310 [ 15.489806] kunit_try_run_case+0x1a5/0x480 [ 15.489954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.490152] kthread+0x337/0x6f0 [ 15.490335] ret_from_fork+0x116/0x1d0 [ 15.490536] ret_from_fork_asm+0x1a/0x30 [ 15.490736] [ 15.490832] The buggy address belongs to the object at ffff8881039f9d00 [ 15.490832] which belongs to the cache kmalloc-64 of size 64 [ 15.491466] The buggy address is located 0 bytes to the right of [ 15.491466] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.491958] [ 15.492032] The buggy address belongs to the physical page: [ 15.492345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.492694] flags: 0x200000000000000(node=0|zone=2) [ 15.492903] page_type: f5(slab) [ 15.493081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.493363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.493647] page dumped because: kasan: bad access detected [ 15.493897] [ 15.493996] Memory state around the buggy address: [ 15.494273] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.494507] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.494817] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.495131] ^ [ 15.495360] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.495630] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.495897] ================================================================== [ 15.609695] ================================================================== [ 15.610228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.610779] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.611414] [ 15.611559] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.611607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.611620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.611643] Call Trace: [ 15.611662] <TASK> [ 15.611679] dump_stack_lvl+0x73/0xb0 [ 15.611711] print_report+0xd1/0x610 [ 15.611734] ? __virt_addr_valid+0x1db/0x2d0 [ 15.611758] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.611780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.611804] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.611826] kasan_report+0x141/0x180 [ 15.611849] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.611875] kasan_check_range+0x10c/0x1c0 [ 15.611900] __kasan_check_write+0x18/0x20 [ 15.611920] kasan_atomics_helper+0x1b22/0x5450 [ 15.611944] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.611966] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.611992] ? kasan_atomics+0x152/0x310 [ 15.612021] kasan_atomics+0x1dc/0x310 [ 15.612044] ? __pfx_kasan_atomics+0x10/0x10 [ 15.612067] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.612095] ? __pfx_read_tsc+0x10/0x10 [ 15.612116] ? ktime_get_ts64+0x86/0x230 [ 15.612142] kunit_try_run_case+0x1a5/0x480 [ 15.612338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.612366] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.612390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.612415] ? __kthread_parkme+0x82/0x180 [ 15.612437] ? preempt_count_sub+0x50/0x80 [ 15.612505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.612533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.612559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.612584] kthread+0x337/0x6f0 [ 15.612605] ? trace_preempt_on+0x20/0xc0 [ 15.612630] ? __pfx_kthread+0x10/0x10 [ 15.612651] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.612675] ? calculate_sigpending+0x7b/0xa0 [ 15.612700] ? __pfx_kthread+0x10/0x10 [ 15.612722] ret_from_fork+0x116/0x1d0 [ 15.612741] ? __pfx_kthread+0x10/0x10 [ 15.612762] ret_from_fork_asm+0x1a/0x30 [ 15.612794] </TASK> [ 15.612806] [ 15.624939] Allocated by task 283: [ 15.625130] kasan_save_stack+0x45/0x70 [ 15.625494] kasan_save_track+0x18/0x40 [ 15.625693] kasan_save_alloc_info+0x3b/0x50 [ 15.625876] __kasan_kmalloc+0xb7/0xc0 [ 15.626050] __kmalloc_cache_noprof+0x189/0x420 [ 15.626631] kasan_atomics+0x95/0x310 [ 15.626937] kunit_try_run_case+0x1a5/0x480 [ 15.627388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.627820] kthread+0x337/0x6f0 [ 15.628058] ret_from_fork+0x116/0x1d0 [ 15.628362] ret_from_fork_asm+0x1a/0x30 [ 15.628572] [ 15.628666] The buggy address belongs to the object at ffff8881039f9d00 [ 15.628666] which belongs to the cache kmalloc-64 of size 64 [ 15.629136] The buggy address is located 0 bytes to the right of [ 15.629136] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.630090] [ 15.630223] The buggy address belongs to the physical page: [ 15.630679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.631273] flags: 0x200000000000000(node=0|zone=2) [ 15.631637] page_type: f5(slab) [ 15.631927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.632537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.632960] page dumped because: kasan: bad access detected [ 15.633469] [ 15.633584] Memory state around the buggy address: [ 15.633802] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.634085] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.634787] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.635432] ^ [ 15.635908] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636368] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636650] ================================================================== [ 15.036307] ================================================================== [ 15.036622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.036969] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.037370] [ 15.037520] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.037567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.037579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.037602] Call Trace: [ 15.037631] <TASK> [ 15.037649] dump_stack_lvl+0x73/0xb0 [ 15.037678] print_report+0xd1/0x610 [ 15.037713] ? __virt_addr_valid+0x1db/0x2d0 [ 15.037737] ? kasan_atomics_helper+0xf10/0x5450 [ 15.037759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.037783] ? kasan_atomics_helper+0xf10/0x5450 [ 15.037806] kasan_report+0x141/0x180 [ 15.037828] ? kasan_atomics_helper+0xf10/0x5450 [ 15.037855] kasan_check_range+0x10c/0x1c0 [ 15.037879] __kasan_check_write+0x18/0x20 [ 15.037898] kasan_atomics_helper+0xf10/0x5450 [ 15.037922] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.037945] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.037971] ? kasan_atomics+0x152/0x310 [ 15.037998] kasan_atomics+0x1dc/0x310 [ 15.038021] ? __pfx_kasan_atomics+0x10/0x10 [ 15.038044] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.038071] ? __pfx_read_tsc+0x10/0x10 [ 15.038093] ? ktime_get_ts64+0x86/0x230 [ 15.038120] kunit_try_run_case+0x1a5/0x480 [ 15.038165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038189] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.038217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.038241] ? __kthread_parkme+0x82/0x180 [ 15.038262] ? preempt_count_sub+0x50/0x80 [ 15.038295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.038344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.038383] kthread+0x337/0x6f0 [ 15.038403] ? trace_preempt_on+0x20/0xc0 [ 15.038427] ? __pfx_kthread+0x10/0x10 [ 15.038459] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.038481] ? calculate_sigpending+0x7b/0xa0 [ 15.038515] ? __pfx_kthread+0x10/0x10 [ 15.038537] ret_from_fork+0x116/0x1d0 [ 15.038557] ? __pfx_kthread+0x10/0x10 [ 15.038578] ret_from_fork_asm+0x1a/0x30 [ 15.038609] </TASK> [ 15.038620] [ 15.046389] Allocated by task 283: [ 15.046578] kasan_save_stack+0x45/0x70 [ 15.046796] kasan_save_track+0x18/0x40 [ 15.046971] kasan_save_alloc_info+0x3b/0x50 [ 15.047196] __kasan_kmalloc+0xb7/0xc0 [ 15.047390] __kmalloc_cache_noprof+0x189/0x420 [ 15.047614] kasan_atomics+0x95/0x310 [ 15.047823] kunit_try_run_case+0x1a5/0x480 [ 15.048009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.048299] kthread+0x337/0x6f0 [ 15.048444] ret_from_fork+0x116/0x1d0 [ 15.048671] ret_from_fork_asm+0x1a/0x30 [ 15.048873] [ 15.048964] The buggy address belongs to the object at ffff8881039f9d00 [ 15.048964] which belongs to the cache kmalloc-64 of size 64 [ 15.049463] The buggy address is located 0 bytes to the right of [ 15.049463] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.049989] [ 15.050067] The buggy address belongs to the physical page: [ 15.050391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.050773] flags: 0x200000000000000(node=0|zone=2) [ 15.050996] page_type: f5(slab) [ 15.051211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.051821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.052524] page dumped because: kasan: bad access detected [ 15.052713] [ 15.052787] Memory state around the buggy address: [ 15.052947] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.054057] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.054856] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.055493] ^ [ 15.055933] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056584] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057210] ================================================================== [ 15.524565] ================================================================== [ 15.525474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.526634] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.527426] [ 15.527744] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.527798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.527812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.527835] Call Trace: [ 15.527856] <TASK> [ 15.527876] dump_stack_lvl+0x73/0xb0 [ 15.527908] print_report+0xd1/0x610 [ 15.527931] ? __virt_addr_valid+0x1db/0x2d0 [ 15.527956] ? kasan_atomics_helper+0x194a/0x5450 [ 15.527978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.528002] ? kasan_atomics_helper+0x194a/0x5450 [ 15.528024] kasan_report+0x141/0x180 [ 15.528047] ? kasan_atomics_helper+0x194a/0x5450 [ 15.528074] kasan_check_range+0x10c/0x1c0 [ 15.528099] __kasan_check_write+0x18/0x20 [ 15.528119] kasan_atomics_helper+0x194a/0x5450 [ 15.528143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.528276] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.528306] ? kasan_atomics+0x152/0x310 [ 15.528334] kasan_atomics+0x1dc/0x310 [ 15.528358] ? __pfx_kasan_atomics+0x10/0x10 [ 15.528381] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.528441] ? __pfx_read_tsc+0x10/0x10 [ 15.528465] ? ktime_get_ts64+0x86/0x230 [ 15.528491] kunit_try_run_case+0x1a5/0x480 [ 15.528525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528548] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.528572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.528597] ? __kthread_parkme+0x82/0x180 [ 15.528619] ? preempt_count_sub+0x50/0x80 [ 15.528644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.528719] kthread+0x337/0x6f0 [ 15.528739] ? trace_preempt_on+0x20/0xc0 [ 15.528763] ? __pfx_kthread+0x10/0x10 [ 15.528785] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.528807] ? calculate_sigpending+0x7b/0xa0 [ 15.528833] ? __pfx_kthread+0x10/0x10 [ 15.528855] ret_from_fork+0x116/0x1d0 [ 15.528875] ? __pfx_kthread+0x10/0x10 [ 15.528896] ret_from_fork_asm+0x1a/0x30 [ 15.528928] </TASK> [ 15.528939] [ 15.541549] Allocated by task 283: [ 15.541853] kasan_save_stack+0x45/0x70 [ 15.542046] kasan_save_track+0x18/0x40 [ 15.542528] kasan_save_alloc_info+0x3b/0x50 [ 15.542792] __kasan_kmalloc+0xb7/0xc0 [ 15.543087] __kmalloc_cache_noprof+0x189/0x420 [ 15.543453] kasan_atomics+0x95/0x310 [ 15.543639] kunit_try_run_case+0x1a5/0x480 [ 15.543831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.544047] kthread+0x337/0x6f0 [ 15.544535] ret_from_fork+0x116/0x1d0 [ 15.544781] ret_from_fork_asm+0x1a/0x30 [ 15.545088] [ 15.545339] The buggy address belongs to the object at ffff8881039f9d00 [ 15.545339] which belongs to the cache kmalloc-64 of size 64 [ 15.546107] The buggy address is located 0 bytes to the right of [ 15.546107] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.546764] [ 15.546863] The buggy address belongs to the physical page: [ 15.547093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.547857] flags: 0x200000000000000(node=0|zone=2) [ 15.548515] page_type: f5(slab) [ 15.548744] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.549402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.549918] page dumped because: kasan: bad access detected [ 15.550427] [ 15.550550] Memory state around the buggy address: [ 15.550773] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.551036] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.551611] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.552103] ^ [ 15.552469] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552784] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553063] ================================================================== [ 15.950641] ================================================================== [ 15.951078] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.951304] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.951527] [ 15.951611] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.951671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.951695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.951717] Call Trace: [ 15.951736] <TASK> [ 15.951753] dump_stack_lvl+0x73/0xb0 [ 15.951797] print_report+0xd1/0x610 [ 15.951820] ? __virt_addr_valid+0x1db/0x2d0 [ 15.951843] ? kasan_atomics_helper+0x224c/0x5450 [ 15.951865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.951888] ? kasan_atomics_helper+0x224c/0x5450 [ 15.951911] kasan_report+0x141/0x180 [ 15.951933] ? kasan_atomics_helper+0x224c/0x5450 [ 15.951960] kasan_check_range+0x10c/0x1c0 [ 15.951984] __kasan_check_write+0x18/0x20 [ 15.952003] kasan_atomics_helper+0x224c/0x5450 [ 15.952027] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.952050] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.952075] ? kasan_atomics+0x152/0x310 [ 15.952102] kasan_atomics+0x1dc/0x310 [ 15.952125] ? __pfx_kasan_atomics+0x10/0x10 [ 15.952147] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.952174] ? __pfx_read_tsc+0x10/0x10 [ 15.952195] ? ktime_get_ts64+0x86/0x230 [ 15.952220] kunit_try_run_case+0x1a5/0x480 [ 15.952244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952268] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.952291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.952315] ? __kthread_parkme+0x82/0x180 [ 15.952336] ? preempt_count_sub+0x50/0x80 [ 15.952362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.952436] kthread+0x337/0x6f0 [ 15.952456] ? trace_preempt_on+0x20/0xc0 [ 15.952480] ? __pfx_kthread+0x10/0x10 [ 15.952511] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.952534] ? calculate_sigpending+0x7b/0xa0 [ 15.952559] ? __pfx_kthread+0x10/0x10 [ 15.952580] ret_from_fork+0x116/0x1d0 [ 15.952599] ? __pfx_kthread+0x10/0x10 [ 15.952620] ret_from_fork_asm+0x1a/0x30 [ 15.952652] </TASK> [ 15.952663] [ 15.960581] Allocated by task 283: [ 15.960719] kasan_save_stack+0x45/0x70 [ 15.960938] kasan_save_track+0x18/0x40 [ 15.961134] kasan_save_alloc_info+0x3b/0x50 [ 15.961309] __kasan_kmalloc+0xb7/0xc0 [ 15.961458] __kmalloc_cache_noprof+0x189/0x420 [ 15.961697] kasan_atomics+0x95/0x310 [ 15.961879] kunit_try_run_case+0x1a5/0x480 [ 15.962089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.962350] kthread+0x337/0x6f0 [ 15.962527] ret_from_fork+0x116/0x1d0 [ 15.962715] ret_from_fork_asm+0x1a/0x30 [ 15.962894] [ 15.962993] The buggy address belongs to the object at ffff8881039f9d00 [ 15.962993] which belongs to the cache kmalloc-64 of size 64 [ 15.963538] The buggy address is located 0 bytes to the right of [ 15.963538] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.964034] [ 15.964132] The buggy address belongs to the physical page: [ 15.964368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.964626] flags: 0x200000000000000(node=0|zone=2) [ 15.964796] page_type: f5(slab) [ 15.964920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.965155] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.965897] page dumped because: kasan: bad access detected [ 15.966144] [ 15.966276] Memory state around the buggy address: [ 15.966735] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.967316] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.967537] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.967750] ^ [ 15.967904] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.968118] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.968459] ================================================================== [ 15.887369] ================================================================== [ 15.887649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.887913] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.888672] [ 15.888852] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.888911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.888924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.888946] Call Trace: [ 15.888978] <TASK> [ 15.888997] dump_stack_lvl+0x73/0xb0 [ 15.889028] print_report+0xd1/0x610 [ 15.889060] ? __virt_addr_valid+0x1db/0x2d0 [ 15.889084] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.889105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.889139] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.889162] kasan_report+0x141/0x180 [ 15.889195] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.889222] __asan_report_load8_noabort+0x18/0x20 [ 15.889247] kasan_atomics_helper+0x4fb2/0x5450 [ 15.889270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.889293] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.889318] ? kasan_atomics+0x152/0x310 [ 15.889346] kasan_atomics+0x1dc/0x310 [ 15.889368] ? __pfx_kasan_atomics+0x10/0x10 [ 15.889391] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.889418] ? __pfx_read_tsc+0x10/0x10 [ 15.889439] ? ktime_get_ts64+0x86/0x230 [ 15.889465] kunit_try_run_case+0x1a5/0x480 [ 15.889490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.889523] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.889555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.889580] ? __kthread_parkme+0x82/0x180 [ 15.889600] ? preempt_count_sub+0x50/0x80 [ 15.889635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.889660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.889685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.889711] kthread+0x337/0x6f0 [ 15.889732] ? trace_preempt_on+0x20/0xc0 [ 15.889759] ? __pfx_kthread+0x10/0x10 [ 15.889782] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.889804] ? calculate_sigpending+0x7b/0xa0 [ 15.889830] ? __pfx_kthread+0x10/0x10 [ 15.889851] ret_from_fork+0x116/0x1d0 [ 15.889871] ? __pfx_kthread+0x10/0x10 [ 15.889891] ret_from_fork_asm+0x1a/0x30 [ 15.889923] </TASK> [ 15.889934] [ 15.902977] Allocated by task 283: [ 15.903410] kasan_save_stack+0x45/0x70 [ 15.903818] kasan_save_track+0x18/0x40 [ 15.904216] kasan_save_alloc_info+0x3b/0x50 [ 15.904629] __kasan_kmalloc+0xb7/0xc0 [ 15.904985] __kmalloc_cache_noprof+0x189/0x420 [ 15.905388] kasan_atomics+0x95/0x310 [ 15.905560] kunit_try_run_case+0x1a5/0x480 [ 15.905709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.905884] kthread+0x337/0x6f0 [ 15.906005] ret_from_fork+0x116/0x1d0 [ 15.906139] ret_from_fork_asm+0x1a/0x30 [ 15.906597] [ 15.906776] The buggy address belongs to the object at ffff8881039f9d00 [ 15.906776] which belongs to the cache kmalloc-64 of size 64 [ 15.907860] The buggy address is located 0 bytes to the right of [ 15.907860] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.908973] [ 15.909176] The buggy address belongs to the physical page: [ 15.909685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.910373] flags: 0x200000000000000(node=0|zone=2) [ 15.910559] page_type: f5(slab) [ 15.910685] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.910917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.911146] page dumped because: kasan: bad access detected [ 15.911322] [ 15.911391] Memory state around the buggy address: [ 15.911669] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.912024] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.912388] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.912617] ^ [ 15.912840] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913185] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913642] ================================================================== [ 14.999334] ================================================================== [ 14.999908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.000283] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.000634] [ 15.000748] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.000796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.000819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.000842] Call Trace: [ 15.000862] <TASK> [ 15.000880] dump_stack_lvl+0x73/0xb0 [ 15.000910] print_report+0xd1/0x610 [ 15.000943] ? __virt_addr_valid+0x1db/0x2d0 [ 15.000968] ? kasan_atomics_helper+0xde0/0x5450 [ 15.000990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.001027] ? kasan_atomics_helper+0xde0/0x5450 [ 15.001050] kasan_report+0x141/0x180 [ 15.001073] ? kasan_atomics_helper+0xde0/0x5450 [ 15.001106] kasan_check_range+0x10c/0x1c0 [ 15.001131] __kasan_check_write+0x18/0x20 [ 15.001175] kasan_atomics_helper+0xde0/0x5450 [ 15.001199] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.001223] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.001249] ? kasan_atomics+0x152/0x310 [ 15.001277] kasan_atomics+0x1dc/0x310 [ 15.001301] ? __pfx_kasan_atomics+0x10/0x10 [ 15.001323] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.001351] ? __pfx_read_tsc+0x10/0x10 [ 15.001373] ? ktime_get_ts64+0x86/0x230 [ 15.001399] kunit_try_run_case+0x1a5/0x480 [ 15.001424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.001448] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.001472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.001504] ? __kthread_parkme+0x82/0x180 [ 15.001536] ? preempt_count_sub+0x50/0x80 [ 15.001561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.001586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.001647] kthread+0x337/0x6f0 [ 15.001666] ? trace_preempt_on+0x20/0xc0 [ 15.001690] ? __pfx_kthread+0x10/0x10 [ 15.001711] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.001733] ? calculate_sigpending+0x7b/0xa0 [ 15.001759] ? __pfx_kthread+0x10/0x10 [ 15.001781] ret_from_fork+0x116/0x1d0 [ 15.001800] ? __pfx_kthread+0x10/0x10 [ 15.001821] ret_from_fork_asm+0x1a/0x30 [ 15.001853] </TASK> [ 15.001865] [ 15.009785] Allocated by task 283: [ 15.009971] kasan_save_stack+0x45/0x70 [ 15.010173] kasan_save_track+0x18/0x40 [ 15.010384] kasan_save_alloc_info+0x3b/0x50 [ 15.010581] __kasan_kmalloc+0xb7/0xc0 [ 15.010785] __kmalloc_cache_noprof+0x189/0x420 [ 15.010988] kasan_atomics+0x95/0x310 [ 15.011222] kunit_try_run_case+0x1a5/0x480 [ 15.011371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011597] kthread+0x337/0x6f0 [ 15.011775] ret_from_fork+0x116/0x1d0 [ 15.011961] ret_from_fork_asm+0x1a/0x30 [ 15.012179] [ 15.012276] The buggy address belongs to the object at ffff8881039f9d00 [ 15.012276] which belongs to the cache kmalloc-64 of size 64 [ 15.012788] The buggy address is located 0 bytes to the right of [ 15.012788] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.013215] [ 15.013289] The buggy address belongs to the physical page: [ 15.013464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.013827] flags: 0x200000000000000(node=0|zone=2) [ 15.014062] page_type: f5(slab) [ 15.014276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.014625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.014894] page dumped because: kasan: bad access detected [ 15.015071] [ 15.015161] Memory state around the buggy address: [ 15.015423] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.015754] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.016095] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.016436] ^ [ 15.016660] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016980] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017313] ================================================================== [ 14.646841] ================================================================== [ 14.647370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.647808] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.648242] [ 14.648349] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.648396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.648409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.648431] Call Trace: [ 14.648451] <TASK> [ 14.648489] dump_stack_lvl+0x73/0xb0 [ 14.648535] print_report+0xd1/0x610 [ 14.648558] ? __virt_addr_valid+0x1db/0x2d0 [ 14.648583] ? kasan_atomics_helper+0x565/0x5450 [ 14.648604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.648628] ? kasan_atomics_helper+0x565/0x5450 [ 14.648669] kasan_report+0x141/0x180 [ 14.648691] ? kasan_atomics_helper+0x565/0x5450 [ 14.648718] kasan_check_range+0x10c/0x1c0 [ 14.648742] __kasan_check_write+0x18/0x20 [ 14.648763] kasan_atomics_helper+0x565/0x5450 [ 14.648787] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.648826] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.648853] ? kasan_atomics+0x152/0x310 [ 14.648880] kasan_atomics+0x1dc/0x310 [ 14.648903] ? __pfx_kasan_atomics+0x10/0x10 [ 14.648925] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.648953] ? __pfx_read_tsc+0x10/0x10 [ 14.648975] ? ktime_get_ts64+0x86/0x230 [ 14.649001] kunit_try_run_case+0x1a5/0x480 [ 14.649026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649061] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.649085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.649109] ? __kthread_parkme+0x82/0x180 [ 14.649131] ? preempt_count_sub+0x50/0x80 [ 14.649246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.649299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.649345] kthread+0x337/0x6f0 [ 14.649366] ? trace_preempt_on+0x20/0xc0 [ 14.649405] ? __pfx_kthread+0x10/0x10 [ 14.649439] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.649462] ? calculate_sigpending+0x7b/0xa0 [ 14.649511] ? __pfx_kthread+0x10/0x10 [ 14.649547] ret_from_fork+0x116/0x1d0 [ 14.649580] ? __pfx_kthread+0x10/0x10 [ 14.649602] ret_from_fork_asm+0x1a/0x30 [ 14.649661] </TASK> [ 14.649672] [ 14.659306] Allocated by task 283: [ 14.659520] kasan_save_stack+0x45/0x70 [ 14.659735] kasan_save_track+0x18/0x40 [ 14.659953] kasan_save_alloc_info+0x3b/0x50 [ 14.660238] __kasan_kmalloc+0xb7/0xc0 [ 14.660387] __kmalloc_cache_noprof+0x189/0x420 [ 14.660564] kasan_atomics+0x95/0x310 [ 14.660782] kunit_try_run_case+0x1a5/0x480 [ 14.661003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661489] kthread+0x337/0x6f0 [ 14.661692] ret_from_fork+0x116/0x1d0 [ 14.661883] ret_from_fork_asm+0x1a/0x30 [ 14.662052] [ 14.662150] The buggy address belongs to the object at ffff8881039f9d00 [ 14.662150] which belongs to the cache kmalloc-64 of size 64 [ 14.662683] The buggy address is located 0 bytes to the right of [ 14.662683] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.663275] [ 14.663370] The buggy address belongs to the physical page: [ 14.663935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.664348] flags: 0x200000000000000(node=0|zone=2) [ 14.664605] page_type: f5(slab) [ 14.664763] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.665116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.665454] page dumped because: kasan: bad access detected [ 14.665786] [ 14.665883] Memory state around the buggy address: [ 14.666634] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.666944] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.667827] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.668304] ^ [ 14.668758] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.669354] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.669766] ================================================================== [ 15.739143] ================================================================== [ 15.739715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.740375] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.740704] [ 15.740851] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.740898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.740910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.740932] Call Trace: [ 15.740950] <TASK> [ 15.740967] dump_stack_lvl+0x73/0xb0 [ 15.740995] print_report+0xd1/0x610 [ 15.741018] ? __virt_addr_valid+0x1db/0x2d0 [ 15.741042] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.741063] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.741087] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.741109] kasan_report+0x141/0x180 [ 15.741132] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.741159] kasan_check_range+0x10c/0x1c0 [ 15.741184] __kasan_check_write+0x18/0x20 [ 15.741204] kasan_atomics_helper+0x1e12/0x5450 [ 15.741227] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.741250] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.741276] ? kasan_atomics+0x152/0x310 [ 15.741303] kasan_atomics+0x1dc/0x310 [ 15.741326] ? __pfx_kasan_atomics+0x10/0x10 [ 15.741348] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.741375] ? __pfx_read_tsc+0x10/0x10 [ 15.741397] ? ktime_get_ts64+0x86/0x230 [ 15.741422] kunit_try_run_case+0x1a5/0x480 [ 15.741447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.741471] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.741494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.741531] ? __kthread_parkme+0x82/0x180 [ 15.741552] ? preempt_count_sub+0x50/0x80 [ 15.741577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.741602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.741627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.741652] kthread+0x337/0x6f0 [ 15.741672] ? trace_preempt_on+0x20/0xc0 [ 15.741697] ? __pfx_kthread+0x10/0x10 [ 15.741717] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.741740] ? calculate_sigpending+0x7b/0xa0 [ 15.741765] ? __pfx_kthread+0x10/0x10 [ 15.741787] ret_from_fork+0x116/0x1d0 [ 15.741807] ? __pfx_kthread+0x10/0x10 [ 15.741827] ret_from_fork_asm+0x1a/0x30 [ 15.741858] </TASK> [ 15.741869] [ 15.749871] Allocated by task 283: [ 15.750069] kasan_save_stack+0x45/0x70 [ 15.750310] kasan_save_track+0x18/0x40 [ 15.750456] kasan_save_alloc_info+0x3b/0x50 [ 15.750619] __kasan_kmalloc+0xb7/0xc0 [ 15.750768] __kmalloc_cache_noprof+0x189/0x420 [ 15.750940] kasan_atomics+0x95/0x310 [ 15.751082] kunit_try_run_case+0x1a5/0x480 [ 15.751406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.751729] kthread+0x337/0x6f0 [ 15.752002] ret_from_fork+0x116/0x1d0 [ 15.752412] ret_from_fork_asm+0x1a/0x30 [ 15.752852] [ 15.752950] The buggy address belongs to the object at ffff8881039f9d00 [ 15.752950] which belongs to the cache kmalloc-64 of size 64 [ 15.753394] The buggy address is located 0 bytes to the right of [ 15.753394] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.753769] [ 15.753842] The buggy address belongs to the physical page: [ 15.754016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.754270] flags: 0x200000000000000(node=0|zone=2) [ 15.754438] page_type: f5(slab) [ 15.754575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.754989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.755460] page dumped because: kasan: bad access detected [ 15.755896] [ 15.755989] Memory state around the buggy address: [ 15.756210] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.756530] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.756789] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.757004] ^ [ 15.757158] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.757372] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.757593] ================================================================== [ 15.309919] ================================================================== [ 15.310275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.310779] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.311016] [ 15.311131] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.311199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.311212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.311235] Call Trace: [ 15.311254] <TASK> [ 15.311274] dump_stack_lvl+0x73/0xb0 [ 15.311303] print_report+0xd1/0x610 [ 15.311325] ? __virt_addr_valid+0x1db/0x2d0 [ 15.311349] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.311371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.311411] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.311434] kasan_report+0x141/0x180 [ 15.311456] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.311483] __asan_report_load8_noabort+0x18/0x20 [ 15.311518] kasan_atomics_helper+0x4eae/0x5450 [ 15.311567] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.311591] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.311618] ? kasan_atomics+0x152/0x310 [ 15.311645] kasan_atomics+0x1dc/0x310 [ 15.311668] ? __pfx_kasan_atomics+0x10/0x10 [ 15.311691] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.311719] ? __pfx_read_tsc+0x10/0x10 [ 15.311741] ? ktime_get_ts64+0x86/0x230 [ 15.311767] kunit_try_run_case+0x1a5/0x480 [ 15.311794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.311817] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.311840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.311865] ? __kthread_parkme+0x82/0x180 [ 15.311887] ? preempt_count_sub+0x50/0x80 [ 15.311913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.311937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.311989] kthread+0x337/0x6f0 [ 15.312008] ? trace_preempt_on+0x20/0xc0 [ 15.312039] ? __pfx_kthread+0x10/0x10 [ 15.312059] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.312081] ? calculate_sigpending+0x7b/0xa0 [ 15.312106] ? __pfx_kthread+0x10/0x10 [ 15.312128] ret_from_fork+0x116/0x1d0 [ 15.312147] ? __pfx_kthread+0x10/0x10 [ 15.312168] ret_from_fork_asm+0x1a/0x30 [ 15.312200] </TASK> [ 15.312211] [ 15.319621] Allocated by task 283: [ 15.319750] kasan_save_stack+0x45/0x70 [ 15.319897] kasan_save_track+0x18/0x40 [ 15.320035] kasan_save_alloc_info+0x3b/0x50 [ 15.320226] __kasan_kmalloc+0xb7/0xc0 [ 15.320416] __kmalloc_cache_noprof+0x189/0x420 [ 15.320644] kasan_atomics+0x95/0x310 [ 15.320831] kunit_try_run_case+0x1a5/0x480 [ 15.321039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.321315] kthread+0x337/0x6f0 [ 15.321483] ret_from_fork+0x116/0x1d0 [ 15.321636] ret_from_fork_asm+0x1a/0x30 [ 15.321837] [ 15.321934] The buggy address belongs to the object at ffff8881039f9d00 [ 15.321934] which belongs to the cache kmalloc-64 of size 64 [ 15.322425] The buggy address is located 0 bytes to the right of [ 15.322425] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.322891] [ 15.322965] The buggy address belongs to the physical page: [ 15.323141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.323477] flags: 0x200000000000000(node=0|zone=2) [ 15.323729] page_type: f5(slab) [ 15.323907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.324284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.324647] page dumped because: kasan: bad access detected [ 15.324874] [ 15.324969] Memory state around the buggy address: [ 15.325131] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.325372] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.325601] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.325816] ^ [ 15.325972] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.326330] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.326655] ================================================================== [ 15.344915] ================================================================== [ 15.345310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.345605] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.345899] [ 15.346053] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.346098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.346110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.346132] Call Trace: [ 15.346171] <TASK> [ 15.346188] dump_stack_lvl+0x73/0xb0 [ 15.346222] print_report+0xd1/0x610 [ 15.346244] ? __virt_addr_valid+0x1db/0x2d0 [ 15.346268] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.346290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.346314] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.346336] kasan_report+0x141/0x180 [ 15.346358] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.346385] __asan_report_store8_noabort+0x1b/0x30 [ 15.346421] kasan_atomics_helper+0x50d4/0x5450 [ 15.346444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.346467] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.346493] ? kasan_atomics+0x152/0x310 [ 15.346529] kasan_atomics+0x1dc/0x310 [ 15.346553] ? __pfx_kasan_atomics+0x10/0x10 [ 15.346575] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.346603] ? __pfx_read_tsc+0x10/0x10 [ 15.346624] ? ktime_get_ts64+0x86/0x230 [ 15.346649] kunit_try_run_case+0x1a5/0x480 [ 15.346675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346698] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.346721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.346746] ? __kthread_parkme+0x82/0x180 [ 15.346767] ? preempt_count_sub+0x50/0x80 [ 15.346791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.346840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.346864] kthread+0x337/0x6f0 [ 15.346884] ? trace_preempt_on+0x20/0xc0 [ 15.346908] ? __pfx_kthread+0x10/0x10 [ 15.346929] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.346950] ? calculate_sigpending+0x7b/0xa0 [ 15.346976] ? __pfx_kthread+0x10/0x10 [ 15.346998] ret_from_fork+0x116/0x1d0 [ 15.347018] ? __pfx_kthread+0x10/0x10 [ 15.347039] ret_from_fork_asm+0x1a/0x30 [ 15.347070] </TASK> [ 15.347081] [ 15.354454] Allocated by task 283: [ 15.354644] kasan_save_stack+0x45/0x70 [ 15.354823] kasan_save_track+0x18/0x40 [ 15.354984] kasan_save_alloc_info+0x3b/0x50 [ 15.355136] __kasan_kmalloc+0xb7/0xc0 [ 15.355289] __kmalloc_cache_noprof+0x189/0x420 [ 15.355447] kasan_atomics+0x95/0x310 [ 15.355593] kunit_try_run_case+0x1a5/0x480 [ 15.355743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.355920] kthread+0x337/0x6f0 [ 15.356040] ret_from_fork+0x116/0x1d0 [ 15.356193] ret_from_fork_asm+0x1a/0x30 [ 15.356336] [ 15.356409] The buggy address belongs to the object at ffff8881039f9d00 [ 15.356409] which belongs to the cache kmalloc-64 of size 64 [ 15.356929] The buggy address is located 0 bytes to the right of [ 15.356929] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.357508] [ 15.357605] The buggy address belongs to the physical page: [ 15.357854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.358238] flags: 0x200000000000000(node=0|zone=2) [ 15.358474] page_type: f5(slab) [ 15.358650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.358913] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.359162] page dumped because: kasan: bad access detected [ 15.359337] [ 15.359407] Memory state around the buggy address: [ 15.359606] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.359926] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.360267] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.360590] ^ [ 15.360813] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361133] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361450] ================================================================== [ 15.664993] ================================================================== [ 15.665558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.665869] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.666459] [ 15.666848] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.667010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.667029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.667052] Call Trace: [ 15.667074] <TASK> [ 15.667094] dump_stack_lvl+0x73/0xb0 [ 15.667161] print_report+0xd1/0x610 [ 15.667186] ? __virt_addr_valid+0x1db/0x2d0 [ 15.667210] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.667232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.667256] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.667279] kasan_report+0x141/0x180 [ 15.667301] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.667330] __asan_report_load8_noabort+0x18/0x20 [ 15.667356] kasan_atomics_helper+0x4f30/0x5450 [ 15.667381] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.667405] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.667434] ? kasan_atomics+0x152/0x310 [ 15.667461] kasan_atomics+0x1dc/0x310 [ 15.667485] ? __pfx_kasan_atomics+0x10/0x10 [ 15.667518] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.667546] ? __pfx_read_tsc+0x10/0x10 [ 15.667569] ? ktime_get_ts64+0x86/0x230 [ 15.667594] kunit_try_run_case+0x1a5/0x480 [ 15.667620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.667643] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.667667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.667691] ? __kthread_parkme+0x82/0x180 [ 15.667712] ? preempt_count_sub+0x50/0x80 [ 15.667737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.667762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.667787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.667811] kthread+0x337/0x6f0 [ 15.667831] ? trace_preempt_on+0x20/0xc0 [ 15.667855] ? __pfx_kthread+0x10/0x10 [ 15.667876] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.667898] ? calculate_sigpending+0x7b/0xa0 [ 15.667924] ? __pfx_kthread+0x10/0x10 [ 15.667946] ret_from_fork+0x116/0x1d0 [ 15.667966] ? __pfx_kthread+0x10/0x10 [ 15.667986] ret_from_fork_asm+0x1a/0x30 [ 15.668018] </TASK> [ 15.668030] [ 15.679345] Allocated by task 283: [ 15.679730] kasan_save_stack+0x45/0x70 [ 15.680050] kasan_save_track+0x18/0x40 [ 15.680489] kasan_save_alloc_info+0x3b/0x50 [ 15.680754] __kasan_kmalloc+0xb7/0xc0 [ 15.681042] __kmalloc_cache_noprof+0x189/0x420 [ 15.681550] kasan_atomics+0x95/0x310 [ 15.681780] kunit_try_run_case+0x1a5/0x480 [ 15.681974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.682440] kthread+0x337/0x6f0 [ 15.682688] ret_from_fork+0x116/0x1d0 [ 15.682987] ret_from_fork_asm+0x1a/0x30 [ 15.683308] [ 15.683400] The buggy address belongs to the object at ffff8881039f9d00 [ 15.683400] which belongs to the cache kmalloc-64 of size 64 [ 15.684066] The buggy address is located 0 bytes to the right of [ 15.684066] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.685225] [ 15.685462] The buggy address belongs to the physical page: [ 15.685885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.686592] flags: 0x200000000000000(node=0|zone=2) [ 15.686899] page_type: f5(slab) [ 15.687339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.687689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.687989] page dumped because: kasan: bad access detected [ 15.688518] [ 15.688603] Memory state around the buggy address: [ 15.689004] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.689532] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.690011] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.690485] ^ [ 15.690715] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.690985] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.691702] ================================================================== [ 15.362114] ================================================================== [ 15.362516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.362824] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.363163] [ 15.363263] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.363308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.363321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.363343] Call Trace: [ 15.363361] <TASK> [ 15.363378] dump_stack_lvl+0x73/0xb0 [ 15.363408] print_report+0xd1/0x610 [ 15.363431] ? __virt_addr_valid+0x1db/0x2d0 [ 15.363454] ? kasan_atomics_helper+0x151d/0x5450 [ 15.363476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.363509] ? kasan_atomics_helper+0x151d/0x5450 [ 15.363533] kasan_report+0x141/0x180 [ 15.363555] ? kasan_atomics_helper+0x151d/0x5450 [ 15.363582] kasan_check_range+0x10c/0x1c0 [ 15.363606] __kasan_check_write+0x18/0x20 [ 15.363626] kasan_atomics_helper+0x151d/0x5450 [ 15.363649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.363673] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.363699] ? kasan_atomics+0x152/0x310 [ 15.363726] kasan_atomics+0x1dc/0x310 [ 15.363749] ? __pfx_kasan_atomics+0x10/0x10 [ 15.363771] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.363799] ? __pfx_read_tsc+0x10/0x10 [ 15.363821] ? ktime_get_ts64+0x86/0x230 [ 15.363847] kunit_try_run_case+0x1a5/0x480 [ 15.363873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363895] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.363918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.363942] ? __kthread_parkme+0x82/0x180 [ 15.363963] ? preempt_count_sub+0x50/0x80 [ 15.363987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.364036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.364061] kthread+0x337/0x6f0 [ 15.364080] ? trace_preempt_on+0x20/0xc0 [ 15.364104] ? __pfx_kthread+0x10/0x10 [ 15.364125] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.364167] ? calculate_sigpending+0x7b/0xa0 [ 15.364193] ? __pfx_kthread+0x10/0x10 [ 15.364214] ret_from_fork+0x116/0x1d0 [ 15.364235] ? __pfx_kthread+0x10/0x10 [ 15.364256] ret_from_fork_asm+0x1a/0x30 [ 15.364287] </TASK> [ 15.364297] [ 15.371759] Allocated by task 283: [ 15.371916] kasan_save_stack+0x45/0x70 [ 15.372061] kasan_save_track+0x18/0x40 [ 15.372224] kasan_save_alloc_info+0x3b/0x50 [ 15.372377] __kasan_kmalloc+0xb7/0xc0 [ 15.373523] __kmalloc_cache_noprof+0x189/0x420 [ 15.373773] kasan_atomics+0x95/0x310 [ 15.373967] kunit_try_run_case+0x1a5/0x480 [ 15.374222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.374479] kthread+0x337/0x6f0 [ 15.374660] ret_from_fork+0x116/0x1d0 [ 15.374850] ret_from_fork_asm+0x1a/0x30 [ 15.375052] [ 15.375151] The buggy address belongs to the object at ffff8881039f9d00 [ 15.375151] which belongs to the cache kmalloc-64 of size 64 [ 15.375698] The buggy address is located 0 bytes to the right of [ 15.375698] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.376073] [ 15.376143] The buggy address belongs to the physical page: [ 15.376311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.377991] flags: 0x200000000000000(node=0|zone=2) [ 15.378957] page_type: f5(slab) [ 15.379506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.380367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.381255] page dumped because: kasan: bad access detected [ 15.381786] [ 15.382144] Memory state around the buggy address: [ 15.382811] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.383690] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.384379] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.384615] ^ [ 15.384774] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.384990] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.385703] ================================================================== [ 15.264730] ================================================================== [ 15.265096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.265446] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.265719] [ 15.265827] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.265871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.265883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.265905] Call Trace: [ 15.265922] <TASK> [ 15.265939] dump_stack_lvl+0x73/0xb0 [ 15.265967] print_report+0xd1/0x610 [ 15.265989] ? __virt_addr_valid+0x1db/0x2d0 [ 15.266011] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.266034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.266058] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.266080] kasan_report+0x141/0x180 [ 15.266103] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.266129] __asan_report_load4_noabort+0x18/0x20 [ 15.266175] kasan_atomics_helper+0x49ce/0x5450 [ 15.266204] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.266227] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.266252] ? kasan_atomics+0x152/0x310 [ 15.266278] kasan_atomics+0x1dc/0x310 [ 15.266301] ? __pfx_kasan_atomics+0x10/0x10 [ 15.266324] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.266351] ? __pfx_read_tsc+0x10/0x10 [ 15.266372] ? ktime_get_ts64+0x86/0x230 [ 15.266398] kunit_try_run_case+0x1a5/0x480 [ 15.266423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.266446] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.266469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.266494] ? __kthread_parkme+0x82/0x180 [ 15.266523] ? preempt_count_sub+0x50/0x80 [ 15.266548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.266572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.266597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.266622] kthread+0x337/0x6f0 [ 15.266641] ? trace_preempt_on+0x20/0xc0 [ 15.266665] ? __pfx_kthread+0x10/0x10 [ 15.266686] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.266708] ? calculate_sigpending+0x7b/0xa0 [ 15.266734] ? __pfx_kthread+0x10/0x10 [ 15.266757] ret_from_fork+0x116/0x1d0 [ 15.266779] ? __pfx_kthread+0x10/0x10 [ 15.266802] ret_from_fork_asm+0x1a/0x30 [ 15.266835] </TASK> [ 15.266846] [ 15.274010] Allocated by task 283: [ 15.274220] kasan_save_stack+0x45/0x70 [ 15.274420] kasan_save_track+0x18/0x40 [ 15.274621] kasan_save_alloc_info+0x3b/0x50 [ 15.274818] __kasan_kmalloc+0xb7/0xc0 [ 15.274953] __kmalloc_cache_noprof+0x189/0x420 [ 15.275170] kasan_atomics+0x95/0x310 [ 15.275359] kunit_try_run_case+0x1a5/0x480 [ 15.275579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.275816] kthread+0x337/0x6f0 [ 15.275964] ret_from_fork+0x116/0x1d0 [ 15.276129] ret_from_fork_asm+0x1a/0x30 [ 15.276328] [ 15.276402] The buggy address belongs to the object at ffff8881039f9d00 [ 15.276402] which belongs to the cache kmalloc-64 of size 64 [ 15.276765] The buggy address is located 0 bytes to the right of [ 15.276765] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.277135] [ 15.277229] The buggy address belongs to the physical page: [ 15.277405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.277749] flags: 0x200000000000000(node=0|zone=2) [ 15.277985] page_type: f5(slab) [ 15.278162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.278522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.278855] page dumped because: kasan: bad access detected [ 15.279101] [ 15.279193] Memory state around the buggy address: [ 15.279412] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.280914] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.281286] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.281539] ^ [ 15.281698] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281917] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.282587] ================================================================== [ 15.693030] ================================================================== [ 15.693441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.693896] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.694378] [ 15.694738] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.694794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.694809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.694831] Call Trace: [ 15.694852] <TASK> [ 15.694903] dump_stack_lvl+0x73/0xb0 [ 15.694937] print_report+0xd1/0x610 [ 15.694959] ? __virt_addr_valid+0x1db/0x2d0 [ 15.694985] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.695008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.695031] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.695054] kasan_report+0x141/0x180 [ 15.695077] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.695104] kasan_check_range+0x10c/0x1c0 [ 15.695127] __kasan_check_write+0x18/0x20 [ 15.695147] kasan_atomics_helper+0x1ce1/0x5450 [ 15.695182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.695205] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.695232] ? kasan_atomics+0x152/0x310 [ 15.695260] kasan_atomics+0x1dc/0x310 [ 15.695283] ? __pfx_kasan_atomics+0x10/0x10 [ 15.695305] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.695333] ? __pfx_read_tsc+0x10/0x10 [ 15.695355] ? ktime_get_ts64+0x86/0x230 [ 15.695381] kunit_try_run_case+0x1a5/0x480 [ 15.695406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.695429] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.695453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.695478] ? __kthread_parkme+0x82/0x180 [ 15.695510] ? preempt_count_sub+0x50/0x80 [ 15.695535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.695559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.695583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.695608] kthread+0x337/0x6f0 [ 15.695628] ? trace_preempt_on+0x20/0xc0 [ 15.695653] ? __pfx_kthread+0x10/0x10 [ 15.695674] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.695696] ? calculate_sigpending+0x7b/0xa0 [ 15.695721] ? __pfx_kthread+0x10/0x10 [ 15.695743] ret_from_fork+0x116/0x1d0 [ 15.695763] ? __pfx_kthread+0x10/0x10 [ 15.695783] ret_from_fork_asm+0x1a/0x30 [ 15.695816] </TASK> [ 15.695828] [ 15.707408] Allocated by task 283: [ 15.707714] kasan_save_stack+0x45/0x70 [ 15.708101] kasan_save_track+0x18/0x40 [ 15.708299] kasan_save_alloc_info+0x3b/0x50 [ 15.708477] __kasan_kmalloc+0xb7/0xc0 [ 15.708657] __kmalloc_cache_noprof+0x189/0x420 [ 15.708842] kasan_atomics+0x95/0x310 [ 15.709011] kunit_try_run_case+0x1a5/0x480 [ 15.709627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709940] kthread+0x337/0x6f0 [ 15.710324] ret_from_fork+0x116/0x1d0 [ 15.710654] ret_from_fork_asm+0x1a/0x30 [ 15.711078] [ 15.711199] The buggy address belongs to the object at ffff8881039f9d00 [ 15.711199] which belongs to the cache kmalloc-64 of size 64 [ 15.711826] The buggy address is located 0 bytes to the right of [ 15.711826] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.712733] [ 15.712822] The buggy address belongs to the physical page: [ 15.713282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.713879] flags: 0x200000000000000(node=0|zone=2) [ 15.714244] page_type: f5(slab) [ 15.714623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.715077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.715734] page dumped because: kasan: bad access detected [ 15.716170] [ 15.716439] Memory state around the buggy address: [ 15.716704] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.717006] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.717720] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.718158] ^ [ 15.718642] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.719083] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.719411] ================================================================== [ 15.914422] ================================================================== [ 15.914730] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.915132] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.915490] [ 15.915650] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.915721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.915733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.915756] Call Trace: [ 15.915785] <TASK> [ 15.915803] dump_stack_lvl+0x73/0xb0 [ 15.915833] print_report+0xd1/0x610 [ 15.915855] ? __virt_addr_valid+0x1db/0x2d0 [ 15.915879] ? kasan_atomics_helper+0x218a/0x5450 [ 15.915901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.915924] ? kasan_atomics_helper+0x218a/0x5450 [ 15.915946] kasan_report+0x141/0x180 [ 15.915969] ? kasan_atomics_helper+0x218a/0x5450 [ 15.915996] kasan_check_range+0x10c/0x1c0 [ 15.916020] __kasan_check_write+0x18/0x20 [ 15.916040] kasan_atomics_helper+0x218a/0x5450 [ 15.916063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.916086] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.916113] ? kasan_atomics+0x152/0x310 [ 15.916139] kasan_atomics+0x1dc/0x310 [ 15.916164] ? __pfx_kasan_atomics+0x10/0x10 [ 15.916190] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.916218] ? __pfx_read_tsc+0x10/0x10 [ 15.916240] ? ktime_get_ts64+0x86/0x230 [ 15.916265] kunit_try_run_case+0x1a5/0x480 [ 15.916292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.916330] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.916353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.916377] ? __kthread_parkme+0x82/0x180 [ 15.916399] ? preempt_count_sub+0x50/0x80 [ 15.916425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.916450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.916475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.916510] kthread+0x337/0x6f0 [ 15.916530] ? trace_preempt_on+0x20/0xc0 [ 15.916554] ? __pfx_kthread+0x10/0x10 [ 15.916576] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.916599] ? calculate_sigpending+0x7b/0xa0 [ 15.916625] ? __pfx_kthread+0x10/0x10 [ 15.916647] ret_from_fork+0x116/0x1d0 [ 15.916667] ? __pfx_kthread+0x10/0x10 [ 15.916689] ret_from_fork_asm+0x1a/0x30 [ 15.916720] </TASK> [ 15.916732] [ 15.924560] Allocated by task 283: [ 15.924733] kasan_save_stack+0x45/0x70 [ 15.924934] kasan_save_track+0x18/0x40 [ 15.925119] kasan_save_alloc_info+0x3b/0x50 [ 15.925365] __kasan_kmalloc+0xb7/0xc0 [ 15.925560] __kmalloc_cache_noprof+0x189/0x420 [ 15.925756] kasan_atomics+0x95/0x310 [ 15.925962] kunit_try_run_case+0x1a5/0x480 [ 15.926146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.926408] kthread+0x337/0x6f0 [ 15.926589] ret_from_fork+0x116/0x1d0 [ 15.926736] ret_from_fork_asm+0x1a/0x30 [ 15.926922] [ 15.927029] The buggy address belongs to the object at ffff8881039f9d00 [ 15.927029] which belongs to the cache kmalloc-64 of size 64 [ 15.927494] The buggy address is located 0 bytes to the right of [ 15.927494] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.928162] [ 15.928303] The buggy address belongs to the physical page: [ 15.928560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.928907] flags: 0x200000000000000(node=0|zone=2) [ 15.929153] page_type: f5(slab) [ 15.929311] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.929646] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.929941] page dumped because: kasan: bad access detected [ 15.930205] [ 15.930312] Memory state around the buggy address: [ 15.930534] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.930806] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.931049] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.931252] ^ [ 15.931402] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.931618] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.931821] ================================================================== [ 15.087536] ================================================================== [ 15.088748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.089449] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.090090] [ 15.090276] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.090325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.090358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.090382] Call Trace: [ 15.090402] <TASK> [ 15.090431] dump_stack_lvl+0x73/0xb0 [ 15.090462] print_report+0xd1/0x610 [ 15.090485] ? __virt_addr_valid+0x1db/0x2d0 [ 15.090517] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.090539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.090563] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.090585] kasan_report+0x141/0x180 [ 15.090608] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.090635] __asan_report_load4_noabort+0x18/0x20 [ 15.090660] kasan_atomics_helper+0x4a36/0x5450 [ 15.090684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.090707] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.090733] ? kasan_atomics+0x152/0x310 [ 15.090760] kasan_atomics+0x1dc/0x310 [ 15.090784] ? __pfx_kasan_atomics+0x10/0x10 [ 15.090806] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.090834] ? __pfx_read_tsc+0x10/0x10 [ 15.090856] ? ktime_get_ts64+0x86/0x230 [ 15.090882] kunit_try_run_case+0x1a5/0x480 [ 15.090908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090931] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.090955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.090979] ? __kthread_parkme+0x82/0x180 [ 15.091000] ? preempt_count_sub+0x50/0x80 [ 15.091026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.091051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.091075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.091101] kthread+0x337/0x6f0 [ 15.091121] ? trace_preempt_on+0x20/0xc0 [ 15.091165] ? __pfx_kthread+0x10/0x10 [ 15.091187] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.091210] ? calculate_sigpending+0x7b/0xa0 [ 15.091235] ? __pfx_kthread+0x10/0x10 [ 15.091257] ret_from_fork+0x116/0x1d0 [ 15.091277] ? __pfx_kthread+0x10/0x10 [ 15.091297] ret_from_fork_asm+0x1a/0x30 [ 15.091330] </TASK> [ 15.091341] [ 15.102980] Allocated by task 283: [ 15.103343] kasan_save_stack+0x45/0x70 [ 15.103736] kasan_save_track+0x18/0x40 [ 15.104099] kasan_save_alloc_info+0x3b/0x50 [ 15.104526] __kasan_kmalloc+0xb7/0xc0 [ 15.104884] __kmalloc_cache_noprof+0x189/0x420 [ 15.105322] kasan_atomics+0x95/0x310 [ 15.105679] kunit_try_run_case+0x1a5/0x480 [ 15.106067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.106581] kthread+0x337/0x6f0 [ 15.106903] ret_from_fork+0x116/0x1d0 [ 15.107278] ret_from_fork_asm+0x1a/0x30 [ 15.107616] [ 15.107690] The buggy address belongs to the object at ffff8881039f9d00 [ 15.107690] which belongs to the cache kmalloc-64 of size 64 [ 15.108050] The buggy address is located 0 bytes to the right of [ 15.108050] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.109052] [ 15.109251] The buggy address belongs to the physical page: [ 15.109755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.110472] flags: 0x200000000000000(node=0|zone=2) [ 15.110927] page_type: f5(slab) [ 15.111264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.111606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.111838] page dumped because: kasan: bad access detected [ 15.112013] [ 15.112083] Memory state around the buggy address: [ 15.112444] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.113072] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.113713] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.114351] ^ [ 15.114784] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.115423] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116015] ================================================================== [ 14.473148] ================================================================== [ 14.473418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.473754] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.474031] [ 14.474457] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.474522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474555] Call Trace: [ 14.474572] <TASK> [ 14.474589] dump_stack_lvl+0x73/0xb0 [ 14.474618] print_report+0xd1/0x610 [ 14.474639] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474662] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.474683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.474705] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.474728] kasan_report+0x141/0x180 [ 14.474749] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.474775] __asan_report_store4_noabort+0x1b/0x30 [ 14.474799] kasan_atomics_helper+0x4ba2/0x5450 [ 14.474822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.474843] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.474868] ? kasan_atomics+0x152/0x310 [ 14.474894] kasan_atomics+0x1dc/0x310 [ 14.474916] ? __pfx_kasan_atomics+0x10/0x10 [ 14.474937] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.474963] ? __pfx_read_tsc+0x10/0x10 [ 14.474983] ? ktime_get_ts64+0x86/0x230 [ 14.475008] kunit_try_run_case+0x1a5/0x480 [ 14.475032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475054] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.475077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475100] ? __kthread_parkme+0x82/0x180 [ 14.475121] ? preempt_count_sub+0x50/0x80 [ 14.475144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475215] kthread+0x337/0x6f0 [ 14.475234] ? trace_preempt_on+0x20/0xc0 [ 14.475257] ? __pfx_kthread+0x10/0x10 [ 14.475276] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475297] ? calculate_sigpending+0x7b/0xa0 [ 14.475321] ? __pfx_kthread+0x10/0x10 [ 14.475342] ret_from_fork+0x116/0x1d0 [ 14.475361] ? __pfx_kthread+0x10/0x10 [ 14.475380] ret_from_fork_asm+0x1a/0x30 [ 14.475411] </TASK> [ 14.475421] [ 14.484851] Allocated by task 283: [ 14.485042] kasan_save_stack+0x45/0x70 [ 14.485391] kasan_save_track+0x18/0x40 [ 14.485549] kasan_save_alloc_info+0x3b/0x50 [ 14.485701] __kasan_kmalloc+0xb7/0xc0 [ 14.485880] __kmalloc_cache_noprof+0x189/0x420 [ 14.486174] kasan_atomics+0x95/0x310 [ 14.486423] kunit_try_run_case+0x1a5/0x480 [ 14.486702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.487187] kthread+0x337/0x6f0 [ 14.487405] ret_from_fork+0x116/0x1d0 [ 14.487629] ret_from_fork_asm+0x1a/0x30 [ 14.487796] [ 14.487912] The buggy address belongs to the object at ffff8881039f9d00 [ 14.487912] which belongs to the cache kmalloc-64 of size 64 [ 14.488517] The buggy address is located 0 bytes to the right of [ 14.488517] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.488908] [ 14.488980] The buggy address belongs to the physical page: [ 14.489154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.489679] flags: 0x200000000000000(node=0|zone=2) [ 14.489918] page_type: f5(slab) [ 14.490091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.490762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.490999] page dumped because: kasan: bad access detected [ 14.491253] [ 14.491346] Memory state around the buggy address: [ 14.491587] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492100] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.492722] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.492952] ^ [ 14.493110] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.494012] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.494331] ================================================================== [ 14.597940] ================================================================== [ 14.598536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.599090] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.599320] [ 14.599425] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.599526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.599542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.599565] Call Trace: [ 14.599657] <TASK> [ 14.599677] dump_stack_lvl+0x73/0xb0 [ 14.599710] print_report+0xd1/0x610 [ 14.599753] ? __virt_addr_valid+0x1db/0x2d0 [ 14.599777] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.599812] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.599850] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.599886] kasan_report+0x141/0x180 [ 14.599908] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.599935] kasan_check_range+0x10c/0x1c0 [ 14.599960] __kasan_check_write+0x18/0x20 [ 14.599979] kasan_atomics_helper+0x4a0/0x5450 [ 14.600004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.600027] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.600096] ? kasan_atomics+0x152/0x310 [ 14.600123] kasan_atomics+0x1dc/0x310 [ 14.600147] ? __pfx_kasan_atomics+0x10/0x10 [ 14.600178] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.600206] ? __pfx_read_tsc+0x10/0x10 [ 14.600228] ? ktime_get_ts64+0x86/0x230 [ 14.600254] kunit_try_run_case+0x1a5/0x480 [ 14.600278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.600302] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.600325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.600350] ? __kthread_parkme+0x82/0x180 [ 14.600371] ? preempt_count_sub+0x50/0x80 [ 14.600396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.600421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.600446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.600471] kthread+0x337/0x6f0 [ 14.600527] ? trace_preempt_on+0x20/0xc0 [ 14.600551] ? __pfx_kthread+0x10/0x10 [ 14.600573] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.600595] ? calculate_sigpending+0x7b/0xa0 [ 14.600638] ? __pfx_kthread+0x10/0x10 [ 14.600660] ret_from_fork+0x116/0x1d0 [ 14.600680] ? __pfx_kthread+0x10/0x10 [ 14.600719] ret_from_fork_asm+0x1a/0x30 [ 14.600752] </TASK> [ 14.600762] [ 14.610665] Allocated by task 283: [ 14.610867] kasan_save_stack+0x45/0x70 [ 14.611147] kasan_save_track+0x18/0x40 [ 14.611341] kasan_save_alloc_info+0x3b/0x50 [ 14.611565] __kasan_kmalloc+0xb7/0xc0 [ 14.611757] __kmalloc_cache_noprof+0x189/0x420 [ 14.611918] kasan_atomics+0x95/0x310 [ 14.612130] kunit_try_run_case+0x1a5/0x480 [ 14.612582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612825] kthread+0x337/0x6f0 [ 14.612945] ret_from_fork+0x116/0x1d0 [ 14.613240] ret_from_fork_asm+0x1a/0x30 [ 14.613535] [ 14.613672] The buggy address belongs to the object at ffff8881039f9d00 [ 14.613672] which belongs to the cache kmalloc-64 of size 64 [ 14.614358] The buggy address is located 0 bytes to the right of [ 14.614358] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.614909] [ 14.614991] The buggy address belongs to the physical page: [ 14.615174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.615428] flags: 0x200000000000000(node=0|zone=2) [ 14.615650] page_type: f5(slab) [ 14.615994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.616849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.617367] page dumped because: kasan: bad access detected [ 14.617792] [ 14.617897] Memory state around the buggy address: [ 14.618690] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.619003] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.619311] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.620337] ^ [ 14.620565] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.620841] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621487] ================================================================== [ 15.932321] ================================================================== [ 15.932671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.932997] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.933310] [ 15.933415] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.933458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.933471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.933493] Call Trace: [ 15.933520] <TASK> [ 15.933538] dump_stack_lvl+0x73/0xb0 [ 15.933566] print_report+0xd1/0x610 [ 15.933588] ? __virt_addr_valid+0x1db/0x2d0 [ 15.933610] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.933631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.933654] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.933676] kasan_report+0x141/0x180 [ 15.933698] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.933724] __asan_report_load8_noabort+0x18/0x20 [ 15.933748] kasan_atomics_helper+0x4fa5/0x5450 [ 15.933770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.933793] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.933817] ? kasan_atomics+0x152/0x310 [ 15.933843] kasan_atomics+0x1dc/0x310 [ 15.933865] ? __pfx_kasan_atomics+0x10/0x10 [ 15.933886] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.933913] ? __pfx_read_tsc+0x10/0x10 [ 15.933934] ? ktime_get_ts64+0x86/0x230 [ 15.933959] kunit_try_run_case+0x1a5/0x480 [ 15.933983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.934027] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.934051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.934075] ? __kthread_parkme+0x82/0x180 [ 15.934096] ? preempt_count_sub+0x50/0x80 [ 15.934121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.934146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.934171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.934214] kthread+0x337/0x6f0 [ 15.934234] ? trace_preempt_on+0x20/0xc0 [ 15.934258] ? __pfx_kthread+0x10/0x10 [ 15.934279] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.934302] ? calculate_sigpending+0x7b/0xa0 [ 15.934327] ? __pfx_kthread+0x10/0x10 [ 15.934349] ret_from_fork+0x116/0x1d0 [ 15.934368] ? __pfx_kthread+0x10/0x10 [ 15.934389] ret_from_fork_asm+0x1a/0x30 [ 15.934421] </TASK> [ 15.934431] [ 15.942129] Allocated by task 283: [ 15.942329] kasan_save_stack+0x45/0x70 [ 15.942494] kasan_save_track+0x18/0x40 [ 15.942668] kasan_save_alloc_info+0x3b/0x50 [ 15.942886] __kasan_kmalloc+0xb7/0xc0 [ 15.943061] __kmalloc_cache_noprof+0x189/0x420 [ 15.943271] kasan_atomics+0x95/0x310 [ 15.943449] kunit_try_run_case+0x1a5/0x480 [ 15.943672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.943893] kthread+0x337/0x6f0 [ 15.944075] ret_from_fork+0x116/0x1d0 [ 15.944315] ret_from_fork_asm+0x1a/0x30 [ 15.944496] [ 15.944617] The buggy address belongs to the object at ffff8881039f9d00 [ 15.944617] which belongs to the cache kmalloc-64 of size 64 [ 15.945085] The buggy address is located 0 bytes to the right of [ 15.945085] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.945759] [ 15.945860] The buggy address belongs to the physical page: [ 15.946103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.946535] flags: 0x200000000000000(node=0|zone=2) [ 15.946726] page_type: f5(slab) [ 15.946912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.947138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.947358] page dumped because: kasan: bad access detected [ 15.947547] [ 15.947638] Memory state around the buggy address: [ 15.948024] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.948482] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.948797] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.949131] ^ [ 15.949549] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.949844] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.950051] ================================================================== [ 14.451459] ================================================================== [ 14.452187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.452554] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.452839] [ 14.452952] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.453001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.453012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.453035] Call Trace: [ 14.453126] <TASK> [ 14.453150] dump_stack_lvl+0x73/0xb0 [ 14.453185] print_report+0xd1/0x610 [ 14.453209] ? __virt_addr_valid+0x1db/0x2d0 [ 14.453233] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.453254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.453276] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.453297] kasan_report+0x141/0x180 [ 14.453319] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.453345] __asan_report_load4_noabort+0x18/0x20 [ 14.453369] kasan_atomics_helper+0x4bbc/0x5450 [ 14.453391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.453414] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.453438] ? kasan_atomics+0x152/0x310 [ 14.453464] kasan_atomics+0x1dc/0x310 [ 14.453486] ? __pfx_kasan_atomics+0x10/0x10 [ 14.453520] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.453547] ? __pfx_read_tsc+0x10/0x10 [ 14.453568] ? ktime_get_ts64+0x86/0x230 [ 14.453594] kunit_try_run_case+0x1a5/0x480 [ 14.453621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453644] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.453667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.453690] ? __kthread_parkme+0x82/0x180 [ 14.453711] ? preempt_count_sub+0x50/0x80 [ 14.453736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.453782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.453806] kthread+0x337/0x6f0 [ 14.453825] ? trace_preempt_on+0x20/0xc0 [ 14.453849] ? __pfx_kthread+0x10/0x10 [ 14.453869] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.453889] ? calculate_sigpending+0x7b/0xa0 [ 14.453915] ? __pfx_kthread+0x10/0x10 [ 14.453936] ret_from_fork+0x116/0x1d0 [ 14.453954] ? __pfx_kthread+0x10/0x10 [ 14.453974] ret_from_fork_asm+0x1a/0x30 [ 14.454006] </TASK> [ 14.454016] [ 14.463941] Allocated by task 283: [ 14.464290] kasan_save_stack+0x45/0x70 [ 14.464596] kasan_save_track+0x18/0x40 [ 14.464774] kasan_save_alloc_info+0x3b/0x50 [ 14.464924] __kasan_kmalloc+0xb7/0xc0 [ 14.465056] __kmalloc_cache_noprof+0x189/0x420 [ 14.465211] kasan_atomics+0x95/0x310 [ 14.465398] kunit_try_run_case+0x1a5/0x480 [ 14.465740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.465966] kthread+0x337/0x6f0 [ 14.466086] ret_from_fork+0x116/0x1d0 [ 14.466224] ret_from_fork_asm+0x1a/0x30 [ 14.466370] [ 14.466467] The buggy address belongs to the object at ffff8881039f9d00 [ 14.466467] which belongs to the cache kmalloc-64 of size 64 [ 14.467016] The buggy address is located 0 bytes to the right of [ 14.467016] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.467711] [ 14.467792] The buggy address belongs to the physical page: [ 14.468003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.468306] flags: 0x200000000000000(node=0|zone=2) [ 14.468581] page_type: f5(slab) [ 14.468751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.469011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.469635] page dumped because: kasan: bad access detected [ 14.469920] [ 14.470018] Memory state around the buggy address: [ 14.470355] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.470719] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.470996] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.471630] ^ [ 14.471973] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472405] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472636] ================================================================== [ 14.624723] ================================================================== [ 14.625476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.625858] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.626308] [ 14.626431] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.626479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626581] Call Trace: [ 14.626602] <TASK> [ 14.626622] dump_stack_lvl+0x73/0xb0 [ 14.626653] print_report+0xd1/0x610 [ 14.626676] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626701] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.626724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.626747] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.626770] kasan_report+0x141/0x180 [ 14.626815] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.626843] __asan_report_store4_noabort+0x1b/0x30 [ 14.626870] kasan_atomics_helper+0x4b3a/0x5450 [ 14.626894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.626917] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.626944] ? kasan_atomics+0x152/0x310 [ 14.626971] kasan_atomics+0x1dc/0x310 [ 14.627011] ? __pfx_kasan_atomics+0x10/0x10 [ 14.627034] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.627139] ? __pfx_read_tsc+0x10/0x10 [ 14.627172] ? ktime_get_ts64+0x86/0x230 [ 14.627198] kunit_try_run_case+0x1a5/0x480 [ 14.627225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627247] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.627294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627319] ? __kthread_parkme+0x82/0x180 [ 14.627340] ? preempt_count_sub+0x50/0x80 [ 14.627381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627457] kthread+0x337/0x6f0 [ 14.627477] ? trace_preempt_on+0x20/0xc0 [ 14.627514] ? __pfx_kthread+0x10/0x10 [ 14.627534] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627557] ? calculate_sigpending+0x7b/0xa0 [ 14.627584] ? __pfx_kthread+0x10/0x10 [ 14.627606] ret_from_fork+0x116/0x1d0 [ 14.627625] ? __pfx_kthread+0x10/0x10 [ 14.627646] ret_from_fork_asm+0x1a/0x30 [ 14.627679] </TASK> [ 14.627690] [ 14.637246] Allocated by task 283: [ 14.637476] kasan_save_stack+0x45/0x70 [ 14.637708] kasan_save_track+0x18/0x40 [ 14.637929] kasan_save_alloc_info+0x3b/0x50 [ 14.638249] __kasan_kmalloc+0xb7/0xc0 [ 14.638402] __kmalloc_cache_noprof+0x189/0x420 [ 14.638573] kasan_atomics+0x95/0x310 [ 14.638765] kunit_try_run_case+0x1a5/0x480 [ 14.638963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639323] kthread+0x337/0x6f0 [ 14.639509] ret_from_fork+0x116/0x1d0 [ 14.639704] ret_from_fork_asm+0x1a/0x30 [ 14.639864] [ 14.639961] The buggy address belongs to the object at ffff8881039f9d00 [ 14.639961] which belongs to the cache kmalloc-64 of size 64 [ 14.640900] The buggy address is located 0 bytes to the right of [ 14.640900] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.641547] [ 14.641674] The buggy address belongs to the physical page: [ 14.641920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.642345] flags: 0x200000000000000(node=0|zone=2) [ 14.642635] page_type: f5(slab) [ 14.642803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.643134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.643521] page dumped because: kasan: bad access detected [ 14.643778] [ 14.643892] Memory state around the buggy address: [ 14.644130] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.644444] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.644781] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.645091] ^ [ 14.645243] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.645452] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.645895] ================================================================== [ 15.167299] ================================================================== [ 15.167665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.167925] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.168332] [ 15.168484] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.168541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.168554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.168576] Call Trace: [ 15.168596] <TASK> [ 15.168614] dump_stack_lvl+0x73/0xb0 [ 15.168645] print_report+0xd1/0x610 [ 15.168668] ? __virt_addr_valid+0x1db/0x2d0 [ 15.168692] ? kasan_atomics_helper+0x1148/0x5450 [ 15.168715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.168738] ? kasan_atomics_helper+0x1148/0x5450 [ 15.168761] kasan_report+0x141/0x180 [ 15.168784] ? kasan_atomics_helper+0x1148/0x5450 [ 15.168815] kasan_check_range+0x10c/0x1c0 [ 15.168840] __kasan_check_write+0x18/0x20 [ 15.168860] kasan_atomics_helper+0x1148/0x5450 [ 15.168883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.168907] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.168933] ? kasan_atomics+0x152/0x310 [ 15.168961] kasan_atomics+0x1dc/0x310 [ 15.168984] ? __pfx_kasan_atomics+0x10/0x10 [ 15.169007] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.169035] ? __pfx_read_tsc+0x10/0x10 [ 15.169057] ? ktime_get_ts64+0x86/0x230 [ 15.169083] kunit_try_run_case+0x1a5/0x480 [ 15.169109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.169132] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.169156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.169180] ? __kthread_parkme+0x82/0x180 [ 15.169212] ? preempt_count_sub+0x50/0x80 [ 15.169238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.169263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.169288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.169313] kthread+0x337/0x6f0 [ 15.169333] ? trace_preempt_on+0x20/0xc0 [ 15.169356] ? __pfx_kthread+0x10/0x10 [ 15.169377] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.169399] ? calculate_sigpending+0x7b/0xa0 [ 15.169425] ? __pfx_kthread+0x10/0x10 [ 15.169446] ret_from_fork+0x116/0x1d0 [ 15.169466] ? __pfx_kthread+0x10/0x10 [ 15.169486] ret_from_fork_asm+0x1a/0x30 [ 15.169528] </TASK> [ 15.169539] [ 15.177145] Allocated by task 283: [ 15.177320] kasan_save_stack+0x45/0x70 [ 15.177529] kasan_save_track+0x18/0x40 [ 15.177669] kasan_save_alloc_info+0x3b/0x50 [ 15.177819] __kasan_kmalloc+0xb7/0xc0 [ 15.177953] __kmalloc_cache_noprof+0x189/0x420 [ 15.178163] kasan_atomics+0x95/0x310 [ 15.178357] kunit_try_run_case+0x1a5/0x480 [ 15.178577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178835] kthread+0x337/0x6f0 [ 15.179001] ret_from_fork+0x116/0x1d0 [ 15.179188] ret_from_fork_asm+0x1a/0x30 [ 15.179358] [ 15.179452] The buggy address belongs to the object at ffff8881039f9d00 [ 15.179452] which belongs to the cache kmalloc-64 of size 64 [ 15.179921] The buggy address is located 0 bytes to the right of [ 15.179921] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.180468] [ 15.180569] The buggy address belongs to the physical page: [ 15.180805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.181115] flags: 0x200000000000000(node=0|zone=2) [ 15.181317] page_type: f5(slab) [ 15.181441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.181685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.181916] page dumped because: kasan: bad access detected [ 15.182090] [ 15.182160] Memory state around the buggy address: [ 15.182380] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.182853] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.183193] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.183514] ^ [ 15.183732] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184048] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184370] ================================================================== [ 15.223746] ================================================================== [ 15.224223] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.224700] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.225302] [ 15.225617] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.225671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.225683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.225706] Call Trace: [ 15.225725] <TASK> [ 15.225774] dump_stack_lvl+0x73/0xb0 [ 15.225806] print_report+0xd1/0x610 [ 15.225829] ? __virt_addr_valid+0x1db/0x2d0 [ 15.225853] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.225874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.225898] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.225921] kasan_report+0x141/0x180 [ 15.225944] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.225971] __asan_report_load4_noabort+0x18/0x20 [ 15.225996] kasan_atomics_helper+0x49e8/0x5450 [ 15.226019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.226042] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.226067] ? kasan_atomics+0x152/0x310 [ 15.226094] kasan_atomics+0x1dc/0x310 [ 15.226118] ? __pfx_kasan_atomics+0x10/0x10 [ 15.226140] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.226191] ? __pfx_read_tsc+0x10/0x10 [ 15.226219] ? ktime_get_ts64+0x86/0x230 [ 15.226244] kunit_try_run_case+0x1a5/0x480 [ 15.226269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.226292] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.226316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.226340] ? __kthread_parkme+0x82/0x180 [ 15.226362] ? preempt_count_sub+0x50/0x80 [ 15.226388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.226412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.226437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.226462] kthread+0x337/0x6f0 [ 15.226482] ? trace_preempt_on+0x20/0xc0 [ 15.226515] ? __pfx_kthread+0x10/0x10 [ 15.226536] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.226558] ? calculate_sigpending+0x7b/0xa0 [ 15.226583] ? __pfx_kthread+0x10/0x10 [ 15.226605] ret_from_fork+0x116/0x1d0 [ 15.226625] ? __pfx_kthread+0x10/0x10 [ 15.226645] ret_from_fork_asm+0x1a/0x30 [ 15.226676] </TASK> [ 15.226688] [ 15.237836] Allocated by task 283: [ 15.238283] kasan_save_stack+0x45/0x70 [ 15.238569] kasan_save_track+0x18/0x40 [ 15.238868] kasan_save_alloc_info+0x3b/0x50 [ 15.239286] __kasan_kmalloc+0xb7/0xc0 [ 15.239476] __kmalloc_cache_noprof+0x189/0x420 [ 15.239694] kasan_atomics+0x95/0x310 [ 15.239869] kunit_try_run_case+0x1a5/0x480 [ 15.240059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.240688] kthread+0x337/0x6f0 [ 15.240986] ret_from_fork+0x116/0x1d0 [ 15.241307] ret_from_fork_asm+0x1a/0x30 [ 15.241700] [ 15.241968] The buggy address belongs to the object at ffff8881039f9d00 [ 15.241968] which belongs to the cache kmalloc-64 of size 64 [ 15.242475] The buggy address is located 0 bytes to the right of [ 15.242475] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.242939] [ 15.243040] The buggy address belongs to the physical page: [ 15.243284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.243639] flags: 0x200000000000000(node=0|zone=2) [ 15.243835] page_type: f5(slab) [ 15.244007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.244363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.244688] page dumped because: kasan: bad access detected [ 15.244901] [ 15.244995] Memory state around the buggy address: [ 15.245224] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.245535] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.245802] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.246082] ^ [ 15.246303] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.246529] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.246837] ================================================================== [ 15.283936] ================================================================== [ 15.284446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.284799] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.285075] [ 15.285392] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.285445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.285458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.285743] Call Trace: [ 15.285765] <TASK> [ 15.285783] dump_stack_lvl+0x73/0xb0 [ 15.285815] print_report+0xd1/0x610 [ 15.285839] ? __virt_addr_valid+0x1db/0x2d0 [ 15.285902] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.285925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.285950] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.285974] kasan_report+0x141/0x180 [ 15.285996] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.286023] kasan_check_range+0x10c/0x1c0 [ 15.286049] __kasan_check_read+0x15/0x20 [ 15.286068] kasan_atomics_helper+0x13b5/0x5450 [ 15.286093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.286116] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.286169] ? kasan_atomics+0x152/0x310 [ 15.286205] kasan_atomics+0x1dc/0x310 [ 15.286229] ? __pfx_kasan_atomics+0x10/0x10 [ 15.286252] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.286280] ? __pfx_read_tsc+0x10/0x10 [ 15.286301] ? ktime_get_ts64+0x86/0x230 [ 15.286327] kunit_try_run_case+0x1a5/0x480 [ 15.286352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.286375] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.286399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.286424] ? __kthread_parkme+0x82/0x180 [ 15.286446] ? preempt_count_sub+0x50/0x80 [ 15.286471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.286505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.286530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.286555] kthread+0x337/0x6f0 [ 15.286575] ? trace_preempt_on+0x20/0xc0 [ 15.286600] ? __pfx_kthread+0x10/0x10 [ 15.286621] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.286643] ? calculate_sigpending+0x7b/0xa0 [ 15.286668] ? __pfx_kthread+0x10/0x10 [ 15.286690] ret_from_fork+0x116/0x1d0 [ 15.286711] ? __pfx_kthread+0x10/0x10 [ 15.286732] ret_from_fork_asm+0x1a/0x30 [ 15.286764] </TASK> [ 15.286775] [ 15.298312] Allocated by task 283: [ 15.298689] kasan_save_stack+0x45/0x70 [ 15.298887] kasan_save_track+0x18/0x40 [ 15.299064] kasan_save_alloc_info+0x3b/0x50 [ 15.299471] __kasan_kmalloc+0xb7/0xc0 [ 15.299839] __kmalloc_cache_noprof+0x189/0x420 [ 15.300196] kasan_atomics+0x95/0x310 [ 15.300388] kunit_try_run_case+0x1a5/0x480 [ 15.300777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.301272] kthread+0x337/0x6f0 [ 15.301449] ret_from_fork+0x116/0x1d0 [ 15.301635] ret_from_fork_asm+0x1a/0x30 [ 15.301808] [ 15.301901] The buggy address belongs to the object at ffff8881039f9d00 [ 15.301901] which belongs to the cache kmalloc-64 of size 64 [ 15.302890] The buggy address is located 0 bytes to the right of [ 15.302890] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.303654] [ 15.303762] The buggy address belongs to the physical page: [ 15.303992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.304591] flags: 0x200000000000000(node=0|zone=2) [ 15.304942] page_type: f5(slab) [ 15.305269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.305728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.306252] page dumped because: kasan: bad access detected [ 15.306627] [ 15.306729] Memory state around the buggy address: [ 15.306941] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.307486] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.308131] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.308446] ^ [ 15.308662] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.308949] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.309245] ================================================================== [ 14.909700] ================================================================== [ 14.909997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.910598] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.910953] [ 14.912006] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.912073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.912087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.912110] Call Trace: [ 14.912132] <TASK> [ 14.912677] dump_stack_lvl+0x73/0xb0 [ 14.912726] print_report+0xd1/0x610 [ 14.912752] ? __virt_addr_valid+0x1db/0x2d0 [ 14.912776] ? kasan_atomics_helper+0xc70/0x5450 [ 14.912815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.912841] ? kasan_atomics_helper+0xc70/0x5450 [ 14.912863] kasan_report+0x141/0x180 [ 14.912887] ? kasan_atomics_helper+0xc70/0x5450 [ 14.912913] kasan_check_range+0x10c/0x1c0 [ 14.912938] __kasan_check_write+0x18/0x20 [ 14.912957] kasan_atomics_helper+0xc70/0x5450 [ 14.912981] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.913004] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.913030] ? kasan_atomics+0x152/0x310 [ 14.913057] kasan_atomics+0x1dc/0x310 [ 14.913080] ? __pfx_kasan_atomics+0x10/0x10 [ 14.913102] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.913130] ? __pfx_read_tsc+0x10/0x10 [ 14.914067] ? ktime_get_ts64+0x86/0x230 [ 14.914100] kunit_try_run_case+0x1a5/0x480 [ 14.914129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914162] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.914186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.914219] ? __kthread_parkme+0x82/0x180 [ 14.914241] ? preempt_count_sub+0x50/0x80 [ 14.914266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.914341] kthread+0x337/0x6f0 [ 14.914361] ? trace_preempt_on+0x20/0xc0 [ 14.914386] ? __pfx_kthread+0x10/0x10 [ 14.914406] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.914428] ? calculate_sigpending+0x7b/0xa0 [ 14.914454] ? __pfx_kthread+0x10/0x10 [ 14.914476] ret_from_fork+0x116/0x1d0 [ 14.914504] ? __pfx_kthread+0x10/0x10 [ 14.914525] ret_from_fork_asm+0x1a/0x30 [ 14.914558] </TASK> [ 14.914570] [ 14.928346] Allocated by task 283: [ 14.928729] kasan_save_stack+0x45/0x70 [ 14.928888] kasan_save_track+0x18/0x40 [ 14.929022] kasan_save_alloc_info+0x3b/0x50 [ 14.929192] __kasan_kmalloc+0xb7/0xc0 [ 14.929793] __kmalloc_cache_noprof+0x189/0x420 [ 14.930334] kasan_atomics+0x95/0x310 [ 14.930786] kunit_try_run_case+0x1a5/0x480 [ 14.931311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931901] kthread+0x337/0x6f0 [ 14.932051] ret_from_fork+0x116/0x1d0 [ 14.932671] ret_from_fork_asm+0x1a/0x30 [ 14.932996] [ 14.933076] The buggy address belongs to the object at ffff8881039f9d00 [ 14.933076] which belongs to the cache kmalloc-64 of size 64 [ 14.933953] The buggy address is located 0 bytes to the right of [ 14.933953] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.935378] [ 14.935535] The buggy address belongs to the physical page: [ 14.936057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.936572] flags: 0x200000000000000(node=0|zone=2) [ 14.936750] page_type: f5(slab) [ 14.936877] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.937107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.937944] page dumped because: kasan: bad access detected [ 14.938492] [ 14.938663] Memory state around the buggy address: [ 14.939325] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.940064] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.940908] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.941385] ^ [ 14.941914] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942133] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942911] ================================================================== [ 15.758035] ================================================================== [ 15.758608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.758954] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.759430] [ 15.759549] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.759595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.759607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.759630] Call Trace: [ 15.759648] <TASK> [ 15.759665] dump_stack_lvl+0x73/0xb0 [ 15.759693] print_report+0xd1/0x610 [ 15.759717] ? __virt_addr_valid+0x1db/0x2d0 [ 15.759740] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.759761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.759785] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.759808] kasan_report+0x141/0x180 [ 15.759831] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.759858] kasan_check_range+0x10c/0x1c0 [ 15.759882] __kasan_check_write+0x18/0x20 [ 15.759901] kasan_atomics_helper+0x1eaa/0x5450 [ 15.759925] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.759948] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.759973] ? kasan_atomics+0x152/0x310 [ 15.760001] kasan_atomics+0x1dc/0x310 [ 15.760023] ? __pfx_kasan_atomics+0x10/0x10 [ 15.760045] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.760073] ? __pfx_read_tsc+0x10/0x10 [ 15.760095] ? ktime_get_ts64+0x86/0x230 [ 15.760120] kunit_try_run_case+0x1a5/0x480 [ 15.760145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.760179] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.760203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.760227] ? __kthread_parkme+0x82/0x180 [ 15.760249] ? preempt_count_sub+0x50/0x80 [ 15.760274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.760299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.760324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.760348] kthread+0x337/0x6f0 [ 15.760368] ? trace_preempt_on+0x20/0xc0 [ 15.760393] ? __pfx_kthread+0x10/0x10 [ 15.760414] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.760436] ? calculate_sigpending+0x7b/0xa0 [ 15.760461] ? __pfx_kthread+0x10/0x10 [ 15.760482] ret_from_fork+0x116/0x1d0 [ 15.760512] ? __pfx_kthread+0x10/0x10 [ 15.760533] ret_from_fork_asm+0x1a/0x30 [ 15.760565] </TASK> [ 15.760576] [ 15.768139] Allocated by task 283: [ 15.768330] kasan_save_stack+0x45/0x70 [ 15.768539] kasan_save_track+0x18/0x40 [ 15.768728] kasan_save_alloc_info+0x3b/0x50 [ 15.768942] __kasan_kmalloc+0xb7/0xc0 [ 15.769127] __kmalloc_cache_noprof+0x189/0x420 [ 15.769355] kasan_atomics+0x95/0x310 [ 15.769554] kunit_try_run_case+0x1a5/0x480 [ 15.769764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.769961] kthread+0x337/0x6f0 [ 15.770085] ret_from_fork+0x116/0x1d0 [ 15.770390] ret_from_fork_asm+0x1a/0x30 [ 15.770602] [ 15.770706] The buggy address belongs to the object at ffff8881039f9d00 [ 15.770706] which belongs to the cache kmalloc-64 of size 64 [ 15.771193] The buggy address is located 0 bytes to the right of [ 15.771193] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.771620] [ 15.771703] The buggy address belongs to the physical page: [ 15.771961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.772390] flags: 0x200000000000000(node=0|zone=2) [ 15.772615] page_type: f5(slab) [ 15.772764] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.773071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.773442] page dumped because: kasan: bad access detected [ 15.773673] [ 15.773761] Memory state around the buggy address: [ 15.773964] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.774314] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.774587] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.774878] ^ [ 15.775077] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775396] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775700] ================================================================== [ 15.581946] ================================================================== [ 15.582653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.582973] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.583634] [ 15.583746] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.584020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.584036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.584059] Call Trace: [ 15.584078] <TASK> [ 15.584098] dump_stack_lvl+0x73/0xb0 [ 15.584181] print_report+0xd1/0x610 [ 15.584205] ? __virt_addr_valid+0x1db/0x2d0 [ 15.584229] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.584251] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.584274] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.584297] kasan_report+0x141/0x180 [ 15.584320] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.584347] kasan_check_range+0x10c/0x1c0 [ 15.584372] __kasan_check_write+0x18/0x20 [ 15.584391] kasan_atomics_helper+0x1a7f/0x5450 [ 15.584414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.584438] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.584464] ? kasan_atomics+0x152/0x310 [ 15.584491] kasan_atomics+0x1dc/0x310 [ 15.584525] ? __pfx_kasan_atomics+0x10/0x10 [ 15.584547] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.584575] ? __pfx_read_tsc+0x10/0x10 [ 15.584597] ? ktime_get_ts64+0x86/0x230 [ 15.584622] kunit_try_run_case+0x1a5/0x480 [ 15.584647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584671] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.584695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.584720] ? __kthread_parkme+0x82/0x180 [ 15.584741] ? preempt_count_sub+0x50/0x80 [ 15.584766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.584816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.584841] kthread+0x337/0x6f0 [ 15.584861] ? trace_preempt_on+0x20/0xc0 [ 15.584885] ? __pfx_kthread+0x10/0x10 [ 15.584906] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.584929] ? calculate_sigpending+0x7b/0xa0 [ 15.584955] ? __pfx_kthread+0x10/0x10 [ 15.584976] ret_from_fork+0x116/0x1d0 [ 15.584996] ? __pfx_kthread+0x10/0x10 [ 15.585016] ret_from_fork_asm+0x1a/0x30 [ 15.585048] </TASK> [ 15.585059] [ 15.596753] Allocated by task 283: [ 15.597038] kasan_save_stack+0x45/0x70 [ 15.597488] kasan_save_track+0x18/0x40 [ 15.597718] kasan_save_alloc_info+0x3b/0x50 [ 15.598051] __kasan_kmalloc+0xb7/0xc0 [ 15.598366] __kmalloc_cache_noprof+0x189/0x420 [ 15.598598] kasan_atomics+0x95/0x310 [ 15.598771] kunit_try_run_case+0x1a5/0x480 [ 15.598951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.599474] kthread+0x337/0x6f0 [ 15.599684] ret_from_fork+0x116/0x1d0 [ 15.599988] ret_from_fork_asm+0x1a/0x30 [ 15.600435] [ 15.600564] The buggy address belongs to the object at ffff8881039f9d00 [ 15.600564] which belongs to the cache kmalloc-64 of size 64 [ 15.601338] The buggy address is located 0 bytes to the right of [ 15.601338] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.602036] [ 15.602137] The buggy address belongs to the physical page: [ 15.602551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.602890] flags: 0x200000000000000(node=0|zone=2) [ 15.603114] page_type: f5(slab) [ 15.603634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.604072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.604631] page dumped because: kasan: bad access detected [ 15.605012] [ 15.605105] Memory state around the buggy address: [ 15.605775] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.606227] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.606734] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.607295] ^ [ 15.607520] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.607808] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608091] ================================================================== [ 14.750009] ================================================================== [ 14.750355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.750713] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.751223] [ 14.751620] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.751672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.751685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.751708] Call Trace: [ 14.751727] <TASK> [ 14.751746] dump_stack_lvl+0x73/0xb0 [ 14.751776] print_report+0xd1/0x610 [ 14.751799] ? __virt_addr_valid+0x1db/0x2d0 [ 14.751823] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.751845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.751868] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.751891] kasan_report+0x141/0x180 [ 14.751913] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.751967] kasan_check_range+0x10c/0x1c0 [ 14.751991] __kasan_check_write+0x18/0x20 [ 14.752011] kasan_atomics_helper+0x7c7/0x5450 [ 14.752034] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.752102] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.752130] ? kasan_atomics+0x152/0x310 [ 14.752209] kasan_atomics+0x1dc/0x310 [ 14.752235] ? __pfx_kasan_atomics+0x10/0x10 [ 14.752257] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.752285] ? __pfx_read_tsc+0x10/0x10 [ 14.752308] ? ktime_get_ts64+0x86/0x230 [ 14.752334] kunit_try_run_case+0x1a5/0x480 [ 14.752377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752400] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.752424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.752448] ? __kthread_parkme+0x82/0x180 [ 14.752470] ? preempt_count_sub+0x50/0x80 [ 14.752506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.752580] kthread+0x337/0x6f0 [ 14.752601] ? trace_preempt_on+0x20/0xc0 [ 14.752625] ? __pfx_kthread+0x10/0x10 [ 14.752646] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.752668] ? calculate_sigpending+0x7b/0xa0 [ 14.752712] ? __pfx_kthread+0x10/0x10 [ 14.752734] ret_from_fork+0x116/0x1d0 [ 14.752754] ? __pfx_kthread+0x10/0x10 [ 14.752774] ret_from_fork_asm+0x1a/0x30 [ 14.752806] </TASK> [ 14.752817] [ 14.762355] Allocated by task 283: [ 14.762555] kasan_save_stack+0x45/0x70 [ 14.762752] kasan_save_track+0x18/0x40 [ 14.762943] kasan_save_alloc_info+0x3b/0x50 [ 14.763274] __kasan_kmalloc+0xb7/0xc0 [ 14.763616] __kmalloc_cache_noprof+0x189/0x420 [ 14.763840] kasan_atomics+0x95/0x310 [ 14.764048] kunit_try_run_case+0x1a5/0x480 [ 14.764316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.764595] kthread+0x337/0x6f0 [ 14.764743] ret_from_fork+0x116/0x1d0 [ 14.764930] ret_from_fork_asm+0x1a/0x30 [ 14.765239] [ 14.765367] The buggy address belongs to the object at ffff8881039f9d00 [ 14.765367] which belongs to the cache kmalloc-64 of size 64 [ 14.765873] The buggy address is located 0 bytes to the right of [ 14.765873] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.766380] [ 14.766552] The buggy address belongs to the physical page: [ 14.766833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.767208] flags: 0x200000000000000(node=0|zone=2) [ 14.767549] page_type: f5(slab) [ 14.767840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.768284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.768640] page dumped because: kasan: bad access detected [ 14.768867] [ 14.768937] Memory state around the buggy address: [ 14.769156] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.769485] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.769805] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.770097] ^ [ 14.770254] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.770587] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.770936] ================================================================== [ 15.184807] ================================================================== [ 15.185277] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.185642] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.186031] [ 15.186145] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.186207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.186220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.186242] Call Trace: [ 15.186261] <TASK> [ 15.186277] dump_stack_lvl+0x73/0xb0 [ 15.186306] print_report+0xd1/0x610 [ 15.186329] ? __virt_addr_valid+0x1db/0x2d0 [ 15.186351] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.186374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.186397] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.186419] kasan_report+0x141/0x180 [ 15.186442] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.186469] __asan_report_load4_noabort+0x18/0x20 [ 15.186494] kasan_atomics_helper+0x4a02/0x5450 [ 15.186530] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.186553] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.186579] ? kasan_atomics+0x152/0x310 [ 15.186606] kasan_atomics+0x1dc/0x310 [ 15.186629] ? __pfx_kasan_atomics+0x10/0x10 [ 15.186652] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.186679] ? __pfx_read_tsc+0x10/0x10 [ 15.186700] ? ktime_get_ts64+0x86/0x230 [ 15.186726] kunit_try_run_case+0x1a5/0x480 [ 15.186751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.186774] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.186798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.186822] ? __kthread_parkme+0x82/0x180 [ 15.186843] ? preempt_count_sub+0x50/0x80 [ 15.186868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.186893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.186943] kthread+0x337/0x6f0 [ 15.186962] ? trace_preempt_on+0x20/0xc0 [ 15.186987] ? __pfx_kthread+0x10/0x10 [ 15.187008] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.187031] ? calculate_sigpending+0x7b/0xa0 [ 15.187056] ? __pfx_kthread+0x10/0x10 [ 15.187078] ret_from_fork+0x116/0x1d0 [ 15.187098] ? __pfx_kthread+0x10/0x10 [ 15.187120] ret_from_fork_asm+0x1a/0x30 [ 15.187151] </TASK> [ 15.187161] [ 15.194706] Allocated by task 283: [ 15.194875] kasan_save_stack+0x45/0x70 [ 15.195019] kasan_save_track+0x18/0x40 [ 15.195155] kasan_save_alloc_info+0x3b/0x50 [ 15.195306] __kasan_kmalloc+0xb7/0xc0 [ 15.195440] __kmalloc_cache_noprof+0x189/0x420 [ 15.195657] kasan_atomics+0x95/0x310 [ 15.195843] kunit_try_run_case+0x1a5/0x480 [ 15.196068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196447] kthread+0x337/0x6f0 [ 15.196580] ret_from_fork+0x116/0x1d0 [ 15.196714] ret_from_fork_asm+0x1a/0x30 [ 15.196886] [ 15.196981] The buggy address belongs to the object at ffff8881039f9d00 [ 15.196981] which belongs to the cache kmalloc-64 of size 64 [ 15.197611] The buggy address is located 0 bytes to the right of [ 15.197611] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.198105] [ 15.198224] The buggy address belongs to the physical page: [ 15.198400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.198760] flags: 0x200000000000000(node=0|zone=2) [ 15.198999] page_type: f5(slab) [ 15.199174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.199474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.199728] page dumped because: kasan: bad access detected [ 15.199903] [ 15.199973] Memory state around the buggy address: [ 15.200129] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.200444] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.200766] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.201089] ^ [ 15.201458] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201793] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202071] ================================================================== [ 14.889872] ================================================================== [ 14.890563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.890937] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.891348] [ 14.891438] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.891484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.891509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.891532] Call Trace: [ 14.891546] <TASK> [ 14.891563] dump_stack_lvl+0x73/0xb0 [ 14.891613] print_report+0xd1/0x610 [ 14.891635] ? __virt_addr_valid+0x1db/0x2d0 [ 14.891673] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.891707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.891732] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.891767] kasan_report+0x141/0x180 [ 14.891802] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.891830] kasan_check_range+0x10c/0x1c0 [ 14.891853] __kasan_check_write+0x18/0x20 [ 14.891872] kasan_atomics_helper+0xb6a/0x5450 [ 14.891896] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.891919] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.891945] ? kasan_atomics+0x152/0x310 [ 14.891972] kasan_atomics+0x1dc/0x310 [ 14.891996] ? __pfx_kasan_atomics+0x10/0x10 [ 14.892018] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.892046] ? __pfx_read_tsc+0x10/0x10 [ 14.892069] ? ktime_get_ts64+0x86/0x230 [ 14.892094] kunit_try_run_case+0x1a5/0x480 [ 14.892120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892143] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.892175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.892199] ? __kthread_parkme+0x82/0x180 [ 14.892220] ? preempt_count_sub+0x50/0x80 [ 14.892245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.892337] kthread+0x337/0x6f0 [ 14.892357] ? trace_preempt_on+0x20/0xc0 [ 14.892396] ? __pfx_kthread+0x10/0x10 [ 14.892417] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.892452] ? calculate_sigpending+0x7b/0xa0 [ 14.892491] ? __pfx_kthread+0x10/0x10 [ 14.892524] ret_from_fork+0x116/0x1d0 [ 14.892544] ? __pfx_kthread+0x10/0x10 [ 14.892565] ret_from_fork_asm+0x1a/0x30 [ 14.892610] </TASK> [ 14.892622] [ 14.900581] Allocated by task 283: [ 14.900770] kasan_save_stack+0x45/0x70 [ 14.901009] kasan_save_track+0x18/0x40 [ 14.901235] kasan_save_alloc_info+0x3b/0x50 [ 14.901456] __kasan_kmalloc+0xb7/0xc0 [ 14.901666] __kmalloc_cache_noprof+0x189/0x420 [ 14.901884] kasan_atomics+0x95/0x310 [ 14.902072] kunit_try_run_case+0x1a5/0x480 [ 14.902270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.902607] kthread+0x337/0x6f0 [ 14.902797] ret_from_fork+0x116/0x1d0 [ 14.902984] ret_from_fork_asm+0x1a/0x30 [ 14.903201] [ 14.903288] The buggy address belongs to the object at ffff8881039f9d00 [ 14.903288] which belongs to the cache kmalloc-64 of size 64 [ 14.903741] The buggy address is located 0 bytes to the right of [ 14.903741] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.904312] [ 14.904394] The buggy address belongs to the physical page: [ 14.904662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.904999] flags: 0x200000000000000(node=0|zone=2) [ 14.905255] page_type: f5(slab) [ 14.905442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.905905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.906268] page dumped because: kasan: bad access detected [ 14.906487] [ 14.906596] Memory state around the buggy address: [ 14.906838] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.907175] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.907560] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.907869] ^ [ 14.908084] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908392] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908730] ================================================================== [ 15.412297] ================================================================== [ 15.412980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.413707] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.414101] [ 15.414255] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.414305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.414319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.414343] Call Trace: [ 15.414364] <TASK> [ 15.414381] dump_stack_lvl+0x73/0xb0 [ 15.414413] print_report+0xd1/0x610 [ 15.414437] ? __virt_addr_valid+0x1db/0x2d0 [ 15.414487] ? kasan_atomics_helper+0x164f/0x5450 [ 15.414520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.414544] ? kasan_atomics_helper+0x164f/0x5450 [ 15.414567] kasan_report+0x141/0x180 [ 15.414591] ? kasan_atomics_helper+0x164f/0x5450 [ 15.414619] kasan_check_range+0x10c/0x1c0 [ 15.414643] __kasan_check_write+0x18/0x20 [ 15.414663] kasan_atomics_helper+0x164f/0x5450 [ 15.414686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.414730] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.414756] ? kasan_atomics+0x152/0x310 [ 15.414784] kasan_atomics+0x1dc/0x310 [ 15.414807] ? __pfx_kasan_atomics+0x10/0x10 [ 15.414830] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.414858] ? __pfx_read_tsc+0x10/0x10 [ 15.414879] ? ktime_get_ts64+0x86/0x230 [ 15.414924] kunit_try_run_case+0x1a5/0x480 [ 15.414950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.414972] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.414996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.415021] ? __kthread_parkme+0x82/0x180 [ 15.415048] ? preempt_count_sub+0x50/0x80 [ 15.415074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.415102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.415156] kthread+0x337/0x6f0 [ 15.415179] ? trace_preempt_on+0x20/0xc0 [ 15.415204] ? __pfx_kthread+0x10/0x10 [ 15.415225] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.415281] ? calculate_sigpending+0x7b/0xa0 [ 15.415309] ? __pfx_kthread+0x10/0x10 [ 15.415332] ret_from_fork+0x116/0x1d0 [ 15.415355] ? __pfx_kthread+0x10/0x10 [ 15.415376] ret_from_fork_asm+0x1a/0x30 [ 15.415407] </TASK> [ 15.415418] [ 15.430079] Allocated by task 283: [ 15.430567] kasan_save_stack+0x45/0x70 [ 15.431015] kasan_save_track+0x18/0x40 [ 15.431192] kasan_save_alloc_info+0x3b/0x50 [ 15.431718] __kasan_kmalloc+0xb7/0xc0 [ 15.432178] __kmalloc_cache_noprof+0x189/0x420 [ 15.432397] kasan_atomics+0x95/0x310 [ 15.432889] kunit_try_run_case+0x1a5/0x480 [ 15.433128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433341] kthread+0x337/0x6f0 [ 15.433626] ret_from_fork+0x116/0x1d0 [ 15.433979] ret_from_fork_asm+0x1a/0x30 [ 15.434215] [ 15.434382] The buggy address belongs to the object at ffff8881039f9d00 [ 15.434382] which belongs to the cache kmalloc-64 of size 64 [ 15.435058] The buggy address is located 0 bytes to the right of [ 15.435058] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.435763] [ 15.435947] The buggy address belongs to the physical page: [ 15.436302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.436568] flags: 0x200000000000000(node=0|zone=2) [ 15.436741] page_type: f5(slab) [ 15.436869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.437104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.437400] page dumped because: kasan: bad access detected [ 15.438034] [ 15.438131] Memory state around the buggy address: [ 15.438379] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.438881] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.439095] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.439687] ^ [ 15.440134] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440952] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.441550] ================================================================== [ 15.442272] ================================================================== [ 15.442733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.443279] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.443761] [ 15.443876] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.443924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.443937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.443960] Call Trace: [ 15.443980] <TASK> [ 15.443999] dump_stack_lvl+0x73/0xb0 [ 15.444029] print_report+0xd1/0x610 [ 15.444053] ? __virt_addr_valid+0x1db/0x2d0 [ 15.444077] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.444099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.444123] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.444146] kasan_report+0x141/0x180 [ 15.444169] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.444195] kasan_check_range+0x10c/0x1c0 [ 15.444220] __kasan_check_write+0x18/0x20 [ 15.444240] kasan_atomics_helper+0x16e7/0x5450 [ 15.444264] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.444287] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.444314] ? kasan_atomics+0x152/0x310 [ 15.444342] kasan_atomics+0x1dc/0x310 [ 15.444365] ? __pfx_kasan_atomics+0x10/0x10 [ 15.444387] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.444415] ? __pfx_read_tsc+0x10/0x10 [ 15.444437] ? ktime_get_ts64+0x86/0x230 [ 15.444462] kunit_try_run_case+0x1a5/0x480 [ 15.444488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.444522] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.444546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.444571] ? __kthread_parkme+0x82/0x180 [ 15.444592] ? preempt_count_sub+0x50/0x80 [ 15.444617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.444641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.444665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.444691] kthread+0x337/0x6f0 [ 15.444711] ? trace_preempt_on+0x20/0xc0 [ 15.444735] ? __pfx_kthread+0x10/0x10 [ 15.444756] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.444778] ? calculate_sigpending+0x7b/0xa0 [ 15.444803] ? __pfx_kthread+0x10/0x10 [ 15.444825] ret_from_fork+0x116/0x1d0 [ 15.444844] ? __pfx_kthread+0x10/0x10 [ 15.444865] ret_from_fork_asm+0x1a/0x30 [ 15.444896] </TASK> [ 15.444908] [ 15.452566] Allocated by task 283: [ 15.452700] kasan_save_stack+0x45/0x70 [ 15.453003] kasan_save_track+0x18/0x40 [ 15.453220] kasan_save_alloc_info+0x3b/0x50 [ 15.453439] __kasan_kmalloc+0xb7/0xc0 [ 15.453647] __kmalloc_cache_noprof+0x189/0x420 [ 15.453878] kasan_atomics+0x95/0x310 [ 15.454052] kunit_try_run_case+0x1a5/0x480 [ 15.454208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.454386] kthread+0x337/0x6f0 [ 15.454519] ret_from_fork+0x116/0x1d0 [ 15.454654] ret_from_fork_asm+0x1a/0x30 [ 15.454846] [ 15.454941] The buggy address belongs to the object at ffff8881039f9d00 [ 15.454941] which belongs to the cache kmalloc-64 of size 64 [ 15.455550] The buggy address is located 0 bytes to the right of [ 15.455550] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.455970] [ 15.456047] The buggy address belongs to the physical page: [ 15.456377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.456748] flags: 0x200000000000000(node=0|zone=2) [ 15.456997] page_type: f5(slab) [ 15.457169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.457519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.457835] page dumped because: kasan: bad access detected [ 15.458039] [ 15.458134] Memory state around the buggy address: [ 15.458409] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.458679] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.458970] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.459299] ^ [ 15.459495] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459789] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.460073] ================================================================== [ 14.816267] ================================================================== [ 14.817023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.817740] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.818386] [ 14.818552] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.818621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.818634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.818657] Call Trace: [ 14.818672] <TASK> [ 14.818689] dump_stack_lvl+0x73/0xb0 [ 14.818739] print_report+0xd1/0x610 [ 14.818761] ? __virt_addr_valid+0x1db/0x2d0 [ 14.818785] ? kasan_atomics_helper+0x992/0x5450 [ 14.818806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.818830] ? kasan_atomics_helper+0x992/0x5450 [ 14.818853] kasan_report+0x141/0x180 [ 14.818876] ? kasan_atomics_helper+0x992/0x5450 [ 14.818903] kasan_check_range+0x10c/0x1c0 [ 14.818927] __kasan_check_write+0x18/0x20 [ 14.818947] kasan_atomics_helper+0x992/0x5450 [ 14.818971] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.818994] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.819021] ? kasan_atomics+0x152/0x310 [ 14.819061] kasan_atomics+0x1dc/0x310 [ 14.819085] ? __pfx_kasan_atomics+0x10/0x10 [ 14.819107] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.819135] ? __pfx_read_tsc+0x10/0x10 [ 14.819157] ? ktime_get_ts64+0x86/0x230 [ 14.819209] kunit_try_run_case+0x1a5/0x480 [ 14.819235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819259] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.819283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.819308] ? __kthread_parkme+0x82/0x180 [ 14.819330] ? preempt_count_sub+0x50/0x80 [ 14.819371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.819434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.819459] kthread+0x337/0x6f0 [ 14.819493] ? trace_preempt_on+0x20/0xc0 [ 14.819529] ? __pfx_kthread+0x10/0x10 [ 14.819550] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.819587] ? calculate_sigpending+0x7b/0xa0 [ 14.819613] ? __pfx_kthread+0x10/0x10 [ 14.819648] ret_from_fork+0x116/0x1d0 [ 14.819668] ? __pfx_kthread+0x10/0x10 [ 14.819689] ret_from_fork_asm+0x1a/0x30 [ 14.819721] </TASK> [ 14.819733] [ 14.833309] Allocated by task 283: [ 14.833631] kasan_save_stack+0x45/0x70 [ 14.834025] kasan_save_track+0x18/0x40 [ 14.834431] kasan_save_alloc_info+0x3b/0x50 [ 14.834853] __kasan_kmalloc+0xb7/0xc0 [ 14.835033] __kmalloc_cache_noprof+0x189/0x420 [ 14.835214] kasan_atomics+0x95/0x310 [ 14.835618] kunit_try_run_case+0x1a5/0x480 [ 14.836010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.836617] kthread+0x337/0x6f0 [ 14.836932] ret_from_fork+0x116/0x1d0 [ 14.837308] ret_from_fork_asm+0x1a/0x30 [ 14.837454] [ 14.837538] The buggy address belongs to the object at ffff8881039f9d00 [ 14.837538] which belongs to the cache kmalloc-64 of size 64 [ 14.837900] The buggy address is located 0 bytes to the right of [ 14.837900] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.838552] [ 14.838767] The buggy address belongs to the physical page: [ 14.839249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.840160] flags: 0x200000000000000(node=0|zone=2) [ 14.840745] page_type: f5(slab) [ 14.841058] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.841730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.842425] page dumped because: kasan: bad access detected [ 14.842927] [ 14.843083] Memory state around the buggy address: [ 14.843551] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.844177] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.844529] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.844748] ^ [ 14.844905] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845125] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845794] ================================================================== [ 15.143245] ================================================================== [ 15.143969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.144859] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.145423] [ 15.145676] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.145728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.145848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.145872] Call Trace: [ 15.145894] <TASK> [ 15.145914] dump_stack_lvl+0x73/0xb0 [ 15.145947] print_report+0xd1/0x610 [ 15.145971] ? __virt_addr_valid+0x1db/0x2d0 [ 15.146038] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.146061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.146085] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.146107] kasan_report+0x141/0x180 [ 15.146130] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.146158] __asan_report_load4_noabort+0x18/0x20 [ 15.146184] kasan_atomics_helper+0x4a1c/0x5450 [ 15.146215] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.146238] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.146265] ? kasan_atomics+0x152/0x310 [ 15.146291] kasan_atomics+0x1dc/0x310 [ 15.146314] ? __pfx_kasan_atomics+0x10/0x10 [ 15.146337] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.146365] ? __pfx_read_tsc+0x10/0x10 [ 15.146386] ? ktime_get_ts64+0x86/0x230 [ 15.146412] kunit_try_run_case+0x1a5/0x480 [ 15.146438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.146461] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.146484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.146520] ? __kthread_parkme+0x82/0x180 [ 15.146542] ? preempt_count_sub+0x50/0x80 [ 15.146567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.146591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.146616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.146640] kthread+0x337/0x6f0 [ 15.146661] ? trace_preempt_on+0x20/0xc0 [ 15.146685] ? __pfx_kthread+0x10/0x10 [ 15.146706] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.146729] ? calculate_sigpending+0x7b/0xa0 [ 15.146754] ? __pfx_kthread+0x10/0x10 [ 15.146775] ret_from_fork+0x116/0x1d0 [ 15.146795] ? __pfx_kthread+0x10/0x10 [ 15.146815] ret_from_fork_asm+0x1a/0x30 [ 15.146847] </TASK> [ 15.146859] [ 15.158460] Allocated by task 283: [ 15.158781] kasan_save_stack+0x45/0x70 [ 15.158979] kasan_save_track+0x18/0x40 [ 15.159364] kasan_save_alloc_info+0x3b/0x50 [ 15.159634] __kasan_kmalloc+0xb7/0xc0 [ 15.159930] __kmalloc_cache_noprof+0x189/0x420 [ 15.160160] kasan_atomics+0x95/0x310 [ 15.160337] kunit_try_run_case+0x1a5/0x480 [ 15.160535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.160767] kthread+0x337/0x6f0 [ 15.160919] ret_from_fork+0x116/0x1d0 [ 15.161086] ret_from_fork_asm+0x1a/0x30 [ 15.161402] [ 15.161511] The buggy address belongs to the object at ffff8881039f9d00 [ 15.161511] which belongs to the cache kmalloc-64 of size 64 [ 15.161877] The buggy address is located 0 bytes to the right of [ 15.161877] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.162379] [ 15.162557] The buggy address belongs to the physical page: [ 15.162771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.163097] flags: 0x200000000000000(node=0|zone=2) [ 15.163269] page_type: f5(slab) [ 15.163398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.163949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.164271] page dumped because: kasan: bad access detected [ 15.164448] [ 15.164526] Memory state around the buggy address: [ 15.164822] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.165136] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.165552] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.165766] ^ [ 15.165989] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166386] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166665] ================================================================== [ 14.670478] ================================================================== [ 14.670818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.671584] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.672438] [ 14.672573] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.672624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.672637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.672660] Call Trace: [ 14.672682] <TASK> [ 14.672702] dump_stack_lvl+0x73/0xb0 [ 14.672735] print_report+0xd1/0x610 [ 14.672759] ? __virt_addr_valid+0x1db/0x2d0 [ 14.672783] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.672804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.672828] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.672850] kasan_report+0x141/0x180 [ 14.672873] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.672901] kasan_check_range+0x10c/0x1c0 [ 14.672925] __kasan_check_write+0x18/0x20 [ 14.672945] kasan_atomics_helper+0x5fe/0x5450 [ 14.672968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.672991] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.673018] ? kasan_atomics+0x152/0x310 [ 14.673105] kasan_atomics+0x1dc/0x310 [ 14.673130] ? __pfx_kasan_atomics+0x10/0x10 [ 14.673154] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.673205] ? __pfx_read_tsc+0x10/0x10 [ 14.673229] ? ktime_get_ts64+0x86/0x230 [ 14.673256] kunit_try_run_case+0x1a5/0x480 [ 14.673296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673319] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.673356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.673380] ? __kthread_parkme+0x82/0x180 [ 14.673416] ? preempt_count_sub+0x50/0x80 [ 14.673441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.673575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.673601] kthread+0x337/0x6f0 [ 14.673622] ? trace_preempt_on+0x20/0xc0 [ 14.673647] ? __pfx_kthread+0x10/0x10 [ 14.673667] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.673689] ? calculate_sigpending+0x7b/0xa0 [ 14.673714] ? __pfx_kthread+0x10/0x10 [ 14.673736] ret_from_fork+0x116/0x1d0 [ 14.673755] ? __pfx_kthread+0x10/0x10 [ 14.673777] ret_from_fork_asm+0x1a/0x30 [ 14.673809] </TASK> [ 14.673821] [ 14.683292] Allocated by task 283: [ 14.683669] kasan_save_stack+0x45/0x70 [ 14.684082] kasan_save_track+0x18/0x40 [ 14.684359] kasan_save_alloc_info+0x3b/0x50 [ 14.684600] __kasan_kmalloc+0xb7/0xc0 [ 14.684791] __kmalloc_cache_noprof+0x189/0x420 [ 14.684950] kasan_atomics+0x95/0x310 [ 14.685110] kunit_try_run_case+0x1a5/0x480 [ 14.685355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.685805] kthread+0x337/0x6f0 [ 14.685985] ret_from_fork+0x116/0x1d0 [ 14.686382] ret_from_fork_asm+0x1a/0x30 [ 14.686633] [ 14.686711] The buggy address belongs to the object at ffff8881039f9d00 [ 14.686711] which belongs to the cache kmalloc-64 of size 64 [ 14.687086] The buggy address is located 0 bytes to the right of [ 14.687086] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.687745] [ 14.687997] The buggy address belongs to the physical page: [ 14.688414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.688738] flags: 0x200000000000000(node=0|zone=2) [ 14.688978] page_type: f5(slab) [ 14.689155] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.689389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.689738] page dumped because: kasan: bad access detected [ 14.690006] [ 14.690081] Memory state around the buggy address: [ 14.690252] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.690901] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.691425] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.691764] ^ [ 14.691995] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.692224] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.692443] ================================================================== [ 15.720039] ================================================================== [ 15.721002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.721691] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.722111] [ 15.722656] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.722710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.722723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.722746] Call Trace: [ 15.722776] <TASK> [ 15.722795] dump_stack_lvl+0x73/0xb0 [ 15.722827] print_report+0xd1/0x610 [ 15.722851] ? __virt_addr_valid+0x1db/0x2d0 [ 15.722876] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.722898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.722922] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.722944] kasan_report+0x141/0x180 [ 15.722966] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.722994] kasan_check_range+0x10c/0x1c0 [ 15.723018] __kasan_check_write+0x18/0x20 [ 15.723038] kasan_atomics_helper+0x1d7a/0x5450 [ 15.723062] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.723085] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.723110] ? kasan_atomics+0x152/0x310 [ 15.723137] kasan_atomics+0x1dc/0x310 [ 15.723160] ? __pfx_kasan_atomics+0x10/0x10 [ 15.723183] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.723211] ? __pfx_read_tsc+0x10/0x10 [ 15.723233] ? ktime_get_ts64+0x86/0x230 [ 15.723259] kunit_try_run_case+0x1a5/0x480 [ 15.723285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723308] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.723331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.723356] ? __kthread_parkme+0x82/0x180 [ 15.723377] ? preempt_count_sub+0x50/0x80 [ 15.723402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.723452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.723477] kthread+0x337/0x6f0 [ 15.723506] ? trace_preempt_on+0x20/0xc0 [ 15.723531] ? __pfx_kthread+0x10/0x10 [ 15.723552] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.723575] ? calculate_sigpending+0x7b/0xa0 [ 15.723601] ? __pfx_kthread+0x10/0x10 [ 15.723622] ret_from_fork+0x116/0x1d0 [ 15.723643] ? __pfx_kthread+0x10/0x10 [ 15.723664] ret_from_fork_asm+0x1a/0x30 [ 15.723697] </TASK> [ 15.723708] [ 15.731370] Allocated by task 283: [ 15.731562] kasan_save_stack+0x45/0x70 [ 15.731725] kasan_save_track+0x18/0x40 [ 15.731917] kasan_save_alloc_info+0x3b/0x50 [ 15.732109] __kasan_kmalloc+0xb7/0xc0 [ 15.732384] __kmalloc_cache_noprof+0x189/0x420 [ 15.732595] kasan_atomics+0x95/0x310 [ 15.732781] kunit_try_run_case+0x1a5/0x480 [ 15.732973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.733152] kthread+0x337/0x6f0 [ 15.733389] ret_from_fork+0x116/0x1d0 [ 15.733562] ret_from_fork_asm+0x1a/0x30 [ 15.733728] [ 15.733828] The buggy address belongs to the object at ffff8881039f9d00 [ 15.733828] which belongs to the cache kmalloc-64 of size 64 [ 15.734314] The buggy address is located 0 bytes to the right of [ 15.734314] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.734814] [ 15.734911] The buggy address belongs to the physical page: [ 15.735145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.735407] flags: 0x200000000000000(node=0|zone=2) [ 15.735587] page_type: f5(slab) [ 15.735715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.735951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.736191] page dumped because: kasan: bad access detected [ 15.736439] [ 15.736596] Memory state around the buggy address: [ 15.736817] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.737131] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.737443] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.737762] ^ [ 15.738086] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738306] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738527] ================================================================== [ 15.460685] ================================================================== [ 15.461219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.461579] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.461895] [ 15.461981] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.462027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.462040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.462063] Call Trace: [ 15.462082] <TASK> [ 15.462099] dump_stack_lvl+0x73/0xb0 [ 15.462129] print_report+0xd1/0x610 [ 15.462151] ? __virt_addr_valid+0x1db/0x2d0 [ 15.462184] ? kasan_atomics_helper+0x177f/0x5450 [ 15.462212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.462236] ? kasan_atomics_helper+0x177f/0x5450 [ 15.462260] kasan_report+0x141/0x180 [ 15.462283] ? kasan_atomics_helper+0x177f/0x5450 [ 15.462310] kasan_check_range+0x10c/0x1c0 [ 15.462335] __kasan_check_write+0x18/0x20 [ 15.462355] kasan_atomics_helper+0x177f/0x5450 [ 15.462379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.462402] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.462428] ? kasan_atomics+0x152/0x310 [ 15.462456] kasan_atomics+0x1dc/0x310 [ 15.462479] ? __pfx_kasan_atomics+0x10/0x10 [ 15.462512] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.462540] ? __pfx_read_tsc+0x10/0x10 [ 15.462562] ? ktime_get_ts64+0x86/0x230 [ 15.462587] kunit_try_run_case+0x1a5/0x480 [ 15.462613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.462636] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.462660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.462684] ? __kthread_parkme+0x82/0x180 [ 15.462707] ? preempt_count_sub+0x50/0x80 [ 15.462732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.462757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.462781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.462807] kthread+0x337/0x6f0 [ 15.462827] ? trace_preempt_on+0x20/0xc0 [ 15.462852] ? __pfx_kthread+0x10/0x10 [ 15.462872] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.462894] ? calculate_sigpending+0x7b/0xa0 [ 15.462919] ? __pfx_kthread+0x10/0x10 [ 15.462941] ret_from_fork+0x116/0x1d0 [ 15.462961] ? __pfx_kthread+0x10/0x10 [ 15.462982] ret_from_fork_asm+0x1a/0x30 [ 15.463014] </TASK> [ 15.463025] [ 15.470980] Allocated by task 283: [ 15.471141] kasan_save_stack+0x45/0x70 [ 15.471315] kasan_save_track+0x18/0x40 [ 15.471523] kasan_save_alloc_info+0x3b/0x50 [ 15.471710] __kasan_kmalloc+0xb7/0xc0 [ 15.471896] __kmalloc_cache_noprof+0x189/0x420 [ 15.472086] kasan_atomics+0x95/0x310 [ 15.472256] kunit_try_run_case+0x1a5/0x480 [ 15.472446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.472656] kthread+0x337/0x6f0 [ 15.472811] ret_from_fork+0x116/0x1d0 [ 15.472999] ret_from_fork_asm+0x1a/0x30 [ 15.473191] [ 15.473282] The buggy address belongs to the object at ffff8881039f9d00 [ 15.473282] which belongs to the cache kmalloc-64 of size 64 [ 15.473660] The buggy address is located 0 bytes to the right of [ 15.473660] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.474030] [ 15.474103] The buggy address belongs to the physical page: [ 15.474288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.474544] flags: 0x200000000000000(node=0|zone=2) [ 15.474715] page_type: f5(slab) [ 15.474839] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.475140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.475801] page dumped because: kasan: bad access detected [ 15.476053] [ 15.476146] Memory state around the buggy address: [ 15.476628] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.476911] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.477132] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.477454] ^ [ 15.477683] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477952] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.478181] ================================================================== [ 15.859430] ================================================================== [ 15.859779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.860122] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.860414] [ 15.860525] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.860571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.860583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.860606] Call Trace: [ 15.860624] <TASK> [ 15.860642] dump_stack_lvl+0x73/0xb0 [ 15.860671] print_report+0xd1/0x610 [ 15.860693] ? __virt_addr_valid+0x1db/0x2d0 [ 15.860717] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.860740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.860763] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.860786] kasan_report+0x141/0x180 [ 15.860808] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.861551] kasan_check_range+0x10c/0x1c0 [ 15.861588] __kasan_check_write+0x18/0x20 [ 15.861608] kasan_atomics_helper+0x20c8/0x5450 [ 15.861632] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.861655] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.861680] ? kasan_atomics+0x152/0x310 [ 15.861708] kasan_atomics+0x1dc/0x310 [ 15.861730] ? __pfx_kasan_atomics+0x10/0x10 [ 15.861753] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.861781] ? __pfx_read_tsc+0x10/0x10 [ 15.861803] ? ktime_get_ts64+0x86/0x230 [ 15.861828] kunit_try_run_case+0x1a5/0x480 [ 15.861854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.861878] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.861902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.861927] ? __kthread_parkme+0x82/0x180 [ 15.861948] ? preempt_count_sub+0x50/0x80 [ 15.861974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.861998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.862023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.862048] kthread+0x337/0x6f0 [ 15.862067] ? trace_preempt_on+0x20/0xc0 [ 15.862091] ? __pfx_kthread+0x10/0x10 [ 15.862112] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.862134] ? calculate_sigpending+0x7b/0xa0 [ 15.862160] ? __pfx_kthread+0x10/0x10 [ 15.862255] ret_from_fork+0x116/0x1d0 [ 15.862278] ? __pfx_kthread+0x10/0x10 [ 15.862299] ret_from_fork_asm+0x1a/0x30 [ 15.862331] </TASK> [ 15.862343] [ 15.875969] Allocated by task 283: [ 15.876209] kasan_save_stack+0x45/0x70 [ 15.876598] kasan_save_track+0x18/0x40 [ 15.876904] kasan_save_alloc_info+0x3b/0x50 [ 15.877209] __kasan_kmalloc+0xb7/0xc0 [ 15.877347] __kmalloc_cache_noprof+0x189/0x420 [ 15.877519] kasan_atomics+0x95/0x310 [ 15.877656] kunit_try_run_case+0x1a5/0x480 [ 15.877805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.877980] kthread+0x337/0x6f0 [ 15.878101] ret_from_fork+0x116/0x1d0 [ 15.878257] ret_from_fork_asm+0x1a/0x30 [ 15.878397] [ 15.878470] The buggy address belongs to the object at ffff8881039f9d00 [ 15.878470] which belongs to the cache kmalloc-64 of size 64 [ 15.878946] The buggy address is located 0 bytes to the right of [ 15.878946] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.879975] [ 15.880134] The buggy address belongs to the physical page: [ 15.880762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.881608] flags: 0x200000000000000(node=0|zone=2) [ 15.882173] page_type: f5(slab) [ 15.882489] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.882948] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.883192] page dumped because: kasan: bad access detected [ 15.883576] [ 15.883740] Memory state around the buggy address: [ 15.884121] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.884394] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.885009] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.885244] ^ [ 15.885685] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886165] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.886425] ================================================================== [ 14.771713] ================================================================== [ 14.772360] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.772703] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.773115] [ 14.773234] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.773305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.773318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.773355] Call Trace: [ 14.773375] <TASK> [ 14.773405] dump_stack_lvl+0x73/0xb0 [ 14.773449] print_report+0xd1/0x610 [ 14.773485] ? __virt_addr_valid+0x1db/0x2d0 [ 14.773535] ? kasan_atomics_helper+0x860/0x5450 [ 14.773557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.773594] ? kasan_atomics_helper+0x860/0x5450 [ 14.773630] kasan_report+0x141/0x180 [ 14.773666] ? kasan_atomics_helper+0x860/0x5450 [ 14.773706] kasan_check_range+0x10c/0x1c0 [ 14.773731] __kasan_check_write+0x18/0x20 [ 14.773751] kasan_atomics_helper+0x860/0x5450 [ 14.773775] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.773798] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.773824] ? kasan_atomics+0x152/0x310 [ 14.773852] kasan_atomics+0x1dc/0x310 [ 14.773874] ? __pfx_kasan_atomics+0x10/0x10 [ 14.773897] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.773925] ? __pfx_read_tsc+0x10/0x10 [ 14.773947] ? ktime_get_ts64+0x86/0x230 [ 14.773972] kunit_try_run_case+0x1a5/0x480 [ 14.773997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774020] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.774044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.774067] ? __kthread_parkme+0x82/0x180 [ 14.774089] ? preempt_count_sub+0x50/0x80 [ 14.774114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.774163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.774188] kthread+0x337/0x6f0 [ 14.774212] ? trace_preempt_on+0x20/0xc0 [ 14.774236] ? __pfx_kthread+0x10/0x10 [ 14.774257] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.774278] ? calculate_sigpending+0x7b/0xa0 [ 14.774304] ? __pfx_kthread+0x10/0x10 [ 14.774325] ret_from_fork+0x116/0x1d0 [ 14.774365] ? __pfx_kthread+0x10/0x10 [ 14.774385] ret_from_fork_asm+0x1a/0x30 [ 14.774418] </TASK> [ 14.774429] [ 14.783614] Allocated by task 283: [ 14.783805] kasan_save_stack+0x45/0x70 [ 14.784012] kasan_save_track+0x18/0x40 [ 14.784201] kasan_save_alloc_info+0x3b/0x50 [ 14.784593] __kasan_kmalloc+0xb7/0xc0 [ 14.784747] __kmalloc_cache_noprof+0x189/0x420 [ 14.784906] kasan_atomics+0x95/0x310 [ 14.785100] kunit_try_run_case+0x1a5/0x480 [ 14.785677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785948] kthread+0x337/0x6f0 [ 14.786339] ret_from_fork+0x116/0x1d0 [ 14.786564] ret_from_fork_asm+0x1a/0x30 [ 14.786749] [ 14.786850] The buggy address belongs to the object at ffff8881039f9d00 [ 14.786850] which belongs to the cache kmalloc-64 of size 64 [ 14.787465] The buggy address is located 0 bytes to the right of [ 14.787465] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.787987] [ 14.788102] The buggy address belongs to the physical page: [ 14.788451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.788829] flags: 0x200000000000000(node=0|zone=2) [ 14.789057] page_type: f5(slab) [ 14.789434] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.789795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.790158] page dumped because: kasan: bad access detected [ 14.790394] [ 14.790490] Memory state around the buggy address: [ 14.790689] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.790907] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.791125] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.791748] ^ [ 14.792004] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792483] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792738] ================================================================== [ 14.978265] ================================================================== [ 14.978553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.979187] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.979540] [ 14.980277] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.980331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.980345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.980369] Call Trace: [ 14.980391] <TASK> [ 14.980445] dump_stack_lvl+0x73/0xb0 [ 14.980479] print_report+0xd1/0x610 [ 14.980522] ? __virt_addr_valid+0x1db/0x2d0 [ 14.980549] ? kasan_atomics_helper+0xd47/0x5450 [ 14.980572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.980624] ? kasan_atomics_helper+0xd47/0x5450 [ 14.980647] kasan_report+0x141/0x180 [ 14.980681] ? kasan_atomics_helper+0xd47/0x5450 [ 14.980708] kasan_check_range+0x10c/0x1c0 [ 14.980733] __kasan_check_write+0x18/0x20 [ 14.980784] kasan_atomics_helper+0xd47/0x5450 [ 14.980808] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.980831] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.980868] ? kasan_atomics+0x152/0x310 [ 14.980896] kasan_atomics+0x1dc/0x310 [ 14.980918] ? __pfx_kasan_atomics+0x10/0x10 [ 14.980941] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.980968] ? __pfx_read_tsc+0x10/0x10 [ 14.980990] ? ktime_get_ts64+0x86/0x230 [ 14.981016] kunit_try_run_case+0x1a5/0x480 [ 14.981042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.981065] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.981089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.981112] ? __kthread_parkme+0x82/0x180 [ 14.981134] ? preempt_count_sub+0x50/0x80 [ 14.981180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.981205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.981241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.981266] kthread+0x337/0x6f0 [ 14.981286] ? trace_preempt_on+0x20/0xc0 [ 14.981322] ? __pfx_kthread+0x10/0x10 [ 14.981343] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.981365] ? calculate_sigpending+0x7b/0xa0 [ 14.981402] ? __pfx_kthread+0x10/0x10 [ 14.981423] ret_from_fork+0x116/0x1d0 [ 14.981443] ? __pfx_kthread+0x10/0x10 [ 14.981473] ret_from_fork_asm+0x1a/0x30 [ 14.981522] </TASK> [ 14.981534] [ 14.990163] Allocated by task 283: [ 14.990356] kasan_save_stack+0x45/0x70 [ 14.990594] kasan_save_track+0x18/0x40 [ 14.990827] kasan_save_alloc_info+0x3b/0x50 [ 14.991024] __kasan_kmalloc+0xb7/0xc0 [ 14.991252] __kmalloc_cache_noprof+0x189/0x420 [ 14.991516] kasan_atomics+0x95/0x310 [ 14.991743] kunit_try_run_case+0x1a5/0x480 [ 14.991947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992250] kthread+0x337/0x6f0 [ 14.992447] ret_from_fork+0x116/0x1d0 [ 14.992673] ret_from_fork_asm+0x1a/0x30 [ 14.992908] [ 14.992984] The buggy address belongs to the object at ffff8881039f9d00 [ 14.992984] which belongs to the cache kmalloc-64 of size 64 [ 14.993576] The buggy address is located 0 bytes to the right of [ 14.993576] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.993956] [ 14.994037] The buggy address belongs to the physical page: [ 14.994329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.994763] flags: 0x200000000000000(node=0|zone=2) [ 14.995009] page_type: f5(slab) [ 14.995251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.995646] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.996011] page dumped because: kasan: bad access detected [ 14.996351] [ 14.996427] Memory state around the buggy address: [ 14.996598] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.996820] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.997039] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.997439] ^ [ 14.997756] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998212] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998617] ================================================================== [ 15.058419] ================================================================== [ 15.058960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.059491] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.060173] [ 15.060303] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.060363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.060376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.060400] Call Trace: [ 15.060430] <TASK> [ 15.060449] dump_stack_lvl+0x73/0xb0 [ 15.060479] print_report+0xd1/0x610 [ 15.060510] ? __virt_addr_valid+0x1db/0x2d0 [ 15.060543] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.060565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.060589] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.060622] kasan_report+0x141/0x180 [ 15.060645] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.060672] kasan_check_range+0x10c/0x1c0 [ 15.060696] __kasan_check_write+0x18/0x20 [ 15.060716] kasan_atomics_helper+0xfa9/0x5450 [ 15.060740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.060763] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.060790] ? kasan_atomics+0x152/0x310 [ 15.060818] kasan_atomics+0x1dc/0x310 [ 15.060841] ? __pfx_kasan_atomics+0x10/0x10 [ 15.060864] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.060891] ? __pfx_read_tsc+0x10/0x10 [ 15.060913] ? ktime_get_ts64+0x86/0x230 [ 15.060938] kunit_try_run_case+0x1a5/0x480 [ 15.060964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.060987] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.061011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.061036] ? __kthread_parkme+0x82/0x180 [ 15.061057] ? preempt_count_sub+0x50/0x80 [ 15.061083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.061107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.061132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.061176] kthread+0x337/0x6f0 [ 15.061197] ? trace_preempt_on+0x20/0xc0 [ 15.061220] ? __pfx_kthread+0x10/0x10 [ 15.061241] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.061264] ? calculate_sigpending+0x7b/0xa0 [ 15.061289] ? __pfx_kthread+0x10/0x10 [ 15.061312] ret_from_fork+0x116/0x1d0 [ 15.061333] ? __pfx_kthread+0x10/0x10 [ 15.061355] ret_from_fork_asm+0x1a/0x30 [ 15.061387] </TASK> [ 15.061398] [ 15.074626] Allocated by task 283: [ 15.074900] kasan_save_stack+0x45/0x70 [ 15.075312] kasan_save_track+0x18/0x40 [ 15.075466] kasan_save_alloc_info+0x3b/0x50 [ 15.075965] __kasan_kmalloc+0xb7/0xc0 [ 15.076173] __kmalloc_cache_noprof+0x189/0x420 [ 15.076620] kasan_atomics+0x95/0x310 [ 15.076762] kunit_try_run_case+0x1a5/0x480 [ 15.076999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.077536] kthread+0x337/0x6f0 [ 15.077858] ret_from_fork+0x116/0x1d0 [ 15.078169] ret_from_fork_asm+0x1a/0x30 [ 15.078504] [ 15.078672] The buggy address belongs to the object at ffff8881039f9d00 [ 15.078672] which belongs to the cache kmalloc-64 of size 64 [ 15.079457] The buggy address is located 0 bytes to the right of [ 15.079457] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.080110] [ 15.080305] The buggy address belongs to the physical page: [ 15.080806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.081529] flags: 0x200000000000000(node=0|zone=2) [ 15.081873] page_type: f5(slab) [ 15.082067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.082754] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.082987] page dumped because: kasan: bad access detected [ 15.083191] [ 15.083366] Memory state around the buggy address: [ 15.083818] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.084450] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.085081] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.085650] ^ [ 15.085810] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086027] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086472] ================================================================== [ 15.969186] ================================================================== [ 15.969961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.970337] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.970572] [ 15.970660] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.970705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.970718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.970740] Call Trace: [ 15.970759] <TASK> [ 15.970777] dump_stack_lvl+0x73/0xb0 [ 15.970806] print_report+0xd1/0x610 [ 15.970827] ? __virt_addr_valid+0x1db/0x2d0 [ 15.970851] ? kasan_atomics_helper+0x5115/0x5450 [ 15.970873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.970897] ? kasan_atomics_helper+0x5115/0x5450 [ 15.970919] kasan_report+0x141/0x180 [ 15.970942] ? kasan_atomics_helper+0x5115/0x5450 [ 15.970969] __asan_report_load8_noabort+0x18/0x20 [ 15.970993] kasan_atomics_helper+0x5115/0x5450 [ 15.971037] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971061] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971086] ? kasan_atomics+0x152/0x310 [ 15.971113] kasan_atomics+0x1dc/0x310 [ 15.971137] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971160] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.971187] ? __pfx_read_tsc+0x10/0x10 [ 15.971209] ? ktime_get_ts64+0x86/0x230 [ 15.971234] kunit_try_run_case+0x1a5/0x480 [ 15.971258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.971282] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.971305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.971329] ? __kthread_parkme+0x82/0x180 [ 15.971351] ? preempt_count_sub+0x50/0x80 [ 15.971388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.971423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.971459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.971484] kthread+0x337/0x6f0 [ 15.971513] ? trace_preempt_on+0x20/0xc0 [ 15.971537] ? __pfx_kthread+0x10/0x10 [ 15.971558] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.971581] ? calculate_sigpending+0x7b/0xa0 [ 15.971606] ? __pfx_kthread+0x10/0x10 [ 15.971636] ret_from_fork+0x116/0x1d0 [ 15.971666] ? __pfx_kthread+0x10/0x10 [ 15.971687] ret_from_fork_asm+0x1a/0x30 [ 15.971729] </TASK> [ 15.971740] [ 15.979179] Allocated by task 283: [ 15.979329] kasan_save_stack+0x45/0x70 [ 15.979531] kasan_save_track+0x18/0x40 [ 15.979709] kasan_save_alloc_info+0x3b/0x50 [ 15.979906] __kasan_kmalloc+0xb7/0xc0 [ 15.980081] __kmalloc_cache_noprof+0x189/0x420 [ 15.980364] kasan_atomics+0x95/0x310 [ 15.980564] kunit_try_run_case+0x1a5/0x480 [ 15.980738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.980991] kthread+0x337/0x6f0 [ 15.981157] ret_from_fork+0x116/0x1d0 [ 15.981382] ret_from_fork_asm+0x1a/0x30 [ 15.981601] [ 15.981711] The buggy address belongs to the object at ffff8881039f9d00 [ 15.981711] which belongs to the cache kmalloc-64 of size 64 [ 15.982226] The buggy address is located 0 bytes to the right of [ 15.982226] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.982790] [ 15.982883] The buggy address belongs to the physical page: [ 15.983120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.983490] flags: 0x200000000000000(node=0|zone=2) [ 15.983760] page_type: f5(slab) [ 15.983887] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.984125] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.984876] page dumped because: kasan: bad access detected [ 15.985118] [ 15.985236] Memory state around the buggy address: [ 15.985435] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.985663] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.986002] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.986416] ^ [ 15.986665] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.987422] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.987722] ================================================================== [ 15.202773] ================================================================== [ 15.203124] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.203461] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.203962] [ 15.204052] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.204097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.204109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.204132] Call Trace: [ 15.204149] <TASK> [ 15.204165] dump_stack_lvl+0x73/0xb0 [ 15.204193] print_report+0xd1/0x610 [ 15.204215] ? __virt_addr_valid+0x1db/0x2d0 [ 15.204239] ? kasan_atomics_helper+0x1217/0x5450 [ 15.204260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.204282] ? kasan_atomics_helper+0x1217/0x5450 [ 15.204304] kasan_report+0x141/0x180 [ 15.204326] ? kasan_atomics_helper+0x1217/0x5450 [ 15.204352] kasan_check_range+0x10c/0x1c0 [ 15.204375] __kasan_check_write+0x18/0x20 [ 15.204395] kasan_atomics_helper+0x1217/0x5450 [ 15.204418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.204441] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.204465] ? kasan_atomics+0x152/0x310 [ 15.204492] kasan_atomics+0x1dc/0x310 [ 15.204525] ? __pfx_kasan_atomics+0x10/0x10 [ 15.204547] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.204587] ? __pfx_read_tsc+0x10/0x10 [ 15.204609] ? ktime_get_ts64+0x86/0x230 [ 15.204634] kunit_try_run_case+0x1a5/0x480 [ 15.204660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.204683] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.204706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.204730] ? __kthread_parkme+0x82/0x180 [ 15.204751] ? preempt_count_sub+0x50/0x80 [ 15.204775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.204800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.204825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.204850] kthread+0x337/0x6f0 [ 15.204870] ? trace_preempt_on+0x20/0xc0 [ 15.204894] ? __pfx_kthread+0x10/0x10 [ 15.204915] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.204937] ? calculate_sigpending+0x7b/0xa0 [ 15.204962] ? __pfx_kthread+0x10/0x10 [ 15.204984] ret_from_fork+0x116/0x1d0 [ 15.205003] ? __pfx_kthread+0x10/0x10 [ 15.205024] ret_from_fork_asm+0x1a/0x30 [ 15.205056] </TASK> [ 15.205068] [ 15.213064] Allocated by task 283: [ 15.213306] kasan_save_stack+0x45/0x70 [ 15.213485] kasan_save_track+0x18/0x40 [ 15.213663] kasan_save_alloc_info+0x3b/0x50 [ 15.213813] __kasan_kmalloc+0xb7/0xc0 [ 15.213947] __kmalloc_cache_noprof+0x189/0x420 [ 15.214106] kasan_atomics+0x95/0x310 [ 15.214247] kunit_try_run_case+0x1a5/0x480 [ 15.214396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.214582] kthread+0x337/0x6f0 [ 15.214705] ret_from_fork+0x116/0x1d0 [ 15.214839] ret_from_fork_asm+0x1a/0x30 [ 15.214980] [ 15.215053] The buggy address belongs to the object at ffff8881039f9d00 [ 15.215053] which belongs to the cache kmalloc-64 of size 64 [ 15.215410] The buggy address is located 0 bytes to the right of [ 15.215410] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.215968] [ 15.216065] The buggy address belongs to the physical page: [ 15.216318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.216694] flags: 0x200000000000000(node=0|zone=2) [ 15.216929] page_type: f5(slab) [ 15.217099] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.217434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.219033] page dumped because: kasan: bad access detected [ 15.219333] [ 15.219430] Memory state around the buggy address: [ 15.219662] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.219977] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.220663] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.220988] ^ [ 15.221439] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.222127] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.222493] ================================================================== [ 15.637364] ================================================================== [ 15.638120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.638612] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.639332] [ 15.639619] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.639674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.639688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.639710] Call Trace: [ 15.639730] <TASK> [ 15.639749] dump_stack_lvl+0x73/0xb0 [ 15.639822] print_report+0xd1/0x610 [ 15.639845] ? __virt_addr_valid+0x1db/0x2d0 [ 15.639869] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.639891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.639915] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.639938] kasan_report+0x141/0x180 [ 15.639961] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.639987] kasan_check_range+0x10c/0x1c0 [ 15.640012] __kasan_check_write+0x18/0x20 [ 15.640032] kasan_atomics_helper+0x1c18/0x5450 [ 15.640056] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.640079] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.640106] ? kasan_atomics+0x152/0x310 [ 15.640132] kasan_atomics+0x1dc/0x310 [ 15.640155] ? __pfx_kasan_atomics+0x10/0x10 [ 15.640187] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.640214] ? __pfx_read_tsc+0x10/0x10 [ 15.640236] ? ktime_get_ts64+0x86/0x230 [ 15.640261] kunit_try_run_case+0x1a5/0x480 [ 15.640286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.640309] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.640333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.640357] ? __kthread_parkme+0x82/0x180 [ 15.640378] ? preempt_count_sub+0x50/0x80 [ 15.640404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.640428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.640452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.640477] kthread+0x337/0x6f0 [ 15.640509] ? trace_preempt_on+0x20/0xc0 [ 15.640533] ? __pfx_kthread+0x10/0x10 [ 15.640555] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.640577] ? calculate_sigpending+0x7b/0xa0 [ 15.640602] ? __pfx_kthread+0x10/0x10 [ 15.640623] ret_from_fork+0x116/0x1d0 [ 15.640643] ? __pfx_kthread+0x10/0x10 [ 15.640664] ret_from_fork_asm+0x1a/0x30 [ 15.640696] </TASK> [ 15.640706] [ 15.652234] Allocated by task 283: [ 15.652535] kasan_save_stack+0x45/0x70 [ 15.652933] kasan_save_track+0x18/0x40 [ 15.653127] kasan_save_alloc_info+0x3b/0x50 [ 15.653491] __kasan_kmalloc+0xb7/0xc0 [ 15.653682] __kmalloc_cache_noprof+0x189/0x420 [ 15.653885] kasan_atomics+0x95/0x310 [ 15.654054] kunit_try_run_case+0x1a5/0x480 [ 15.654647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.654924] kthread+0x337/0x6f0 [ 15.655209] ret_from_fork+0x116/0x1d0 [ 15.655600] ret_from_fork_asm+0x1a/0x30 [ 15.655914] [ 15.656143] The buggy address belongs to the object at ffff8881039f9d00 [ 15.656143] which belongs to the cache kmalloc-64 of size 64 [ 15.656650] The buggy address is located 0 bytes to the right of [ 15.656650] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.657127] [ 15.657618] The buggy address belongs to the physical page: [ 15.657922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.658520] flags: 0x200000000000000(node=0|zone=2) [ 15.658888] page_type: f5(slab) [ 15.659355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.659805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.660097] page dumped because: kasan: bad access detected [ 15.660735] [ 15.660822] Memory state around the buggy address: [ 15.661267] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.661695] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.662135] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.662587] ^ [ 15.662790] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.663059] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.663638] ================================================================== [ 14.870139] ================================================================== [ 14.870508] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.870750] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.870969] [ 14.871059] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.871106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.871118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.871141] Call Trace: [ 14.871160] <TASK> [ 14.871179] dump_stack_lvl+0x73/0xb0 [ 14.871207] print_report+0xd1/0x610 [ 14.871230] ? __virt_addr_valid+0x1db/0x2d0 [ 14.871253] ? kasan_atomics_helper+0xac7/0x5450 [ 14.871273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.871295] ? kasan_atomics_helper+0xac7/0x5450 [ 14.871316] kasan_report+0x141/0x180 [ 14.871338] ? kasan_atomics_helper+0xac7/0x5450 [ 14.871363] kasan_check_range+0x10c/0x1c0 [ 14.871386] __kasan_check_write+0x18/0x20 [ 14.871405] kasan_atomics_helper+0xac7/0x5450 [ 14.871427] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.871450] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.871475] ? kasan_atomics+0x152/0x310 [ 14.871872] kasan_atomics+0x1dc/0x310 [ 14.871927] ? __pfx_kasan_atomics+0x10/0x10 [ 14.871951] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.871980] ? __pfx_read_tsc+0x10/0x10 [ 14.872002] ? ktime_get_ts64+0x86/0x230 [ 14.872027] kunit_try_run_case+0x1a5/0x480 [ 14.872053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872076] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.872099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.872124] ? __kthread_parkme+0x82/0x180 [ 14.872145] ? preempt_count_sub+0x50/0x80 [ 14.872179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.872270] kthread+0x337/0x6f0 [ 14.872289] ? trace_preempt_on+0x20/0xc0 [ 14.872327] ? __pfx_kthread+0x10/0x10 [ 14.872348] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.872370] ? calculate_sigpending+0x7b/0xa0 [ 14.872396] ? __pfx_kthread+0x10/0x10 [ 14.872418] ret_from_fork+0x116/0x1d0 [ 14.872437] ? __pfx_kthread+0x10/0x10 [ 14.872458] ret_from_fork_asm+0x1a/0x30 [ 14.872489] </TASK> [ 14.872513] [ 14.880940] Allocated by task 283: [ 14.881123] kasan_save_stack+0x45/0x70 [ 14.881348] kasan_save_track+0x18/0x40 [ 14.881730] kasan_save_alloc_info+0x3b/0x50 [ 14.881952] __kasan_kmalloc+0xb7/0xc0 [ 14.882111] __kmalloc_cache_noprof+0x189/0x420 [ 14.882410] kasan_atomics+0x95/0x310 [ 14.882575] kunit_try_run_case+0x1a5/0x480 [ 14.882719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882890] kthread+0x337/0x6f0 [ 14.883009] ret_from_fork+0x116/0x1d0 [ 14.883142] ret_from_fork_asm+0x1a/0x30 [ 14.883346] [ 14.883466] The buggy address belongs to the object at ffff8881039f9d00 [ 14.883466] which belongs to the cache kmalloc-64 of size 64 [ 14.884006] The buggy address is located 0 bytes to the right of [ 14.884006] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.884612] [ 14.884727] The buggy address belongs to the physical page: [ 14.884991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.885388] flags: 0x200000000000000(node=0|zone=2) [ 14.885680] page_type: f5(slab) [ 14.885861] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.886220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.886558] page dumped because: kasan: bad access detected [ 14.886803] [ 14.886894] Memory state around the buggy address: [ 14.887111] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.887806] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.888099] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.888409] ^ [ 14.888571] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888782] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888990] ================================================================== [ 15.387871] ================================================================== [ 15.388635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.389361] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.390110] [ 15.390373] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.390425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.390438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.390462] Call Trace: [ 15.390483] <TASK> [ 15.390512] dump_stack_lvl+0x73/0xb0 [ 15.390545] print_report+0xd1/0x610 [ 15.390570] ? __virt_addr_valid+0x1db/0x2d0 [ 15.390595] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.390617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.390641] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.390664] kasan_report+0x141/0x180 [ 15.390686] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.390715] kasan_check_range+0x10c/0x1c0 [ 15.390740] __kasan_check_write+0x18/0x20 [ 15.390761] kasan_atomics_helper+0x15b6/0x5450 [ 15.390785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.390808] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.390833] ? kasan_atomics+0x152/0x310 [ 15.390861] kasan_atomics+0x1dc/0x310 [ 15.390884] ? __pfx_kasan_atomics+0x10/0x10 [ 15.390906] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.390933] ? __pfx_read_tsc+0x10/0x10 [ 15.390955] ? ktime_get_ts64+0x86/0x230 [ 15.390981] kunit_try_run_case+0x1a5/0x480 [ 15.391006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.391029] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.391052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.391077] ? __kthread_parkme+0x82/0x180 [ 15.391098] ? preempt_count_sub+0x50/0x80 [ 15.391124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.391149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.391207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.391231] kthread+0x337/0x6f0 [ 15.391251] ? trace_preempt_on+0x20/0xc0 [ 15.391285] ? __pfx_kthread+0x10/0x10 [ 15.391307] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.391330] ? calculate_sigpending+0x7b/0xa0 [ 15.391355] ? __pfx_kthread+0x10/0x10 [ 15.391377] ret_from_fork+0x116/0x1d0 [ 15.391397] ? __pfx_kthread+0x10/0x10 [ 15.391418] ret_from_fork_asm+0x1a/0x30 [ 15.391450] </TASK> [ 15.391462] [ 15.401281] Allocated by task 283: [ 15.401450] kasan_save_stack+0x45/0x70 [ 15.401695] kasan_save_track+0x18/0x40 [ 15.401898] kasan_save_alloc_info+0x3b/0x50 [ 15.402102] __kasan_kmalloc+0xb7/0xc0 [ 15.402475] __kmalloc_cache_noprof+0x189/0x420 [ 15.402663] kasan_atomics+0x95/0x310 [ 15.402893] kunit_try_run_case+0x1a5/0x480 [ 15.403106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.403487] kthread+0x337/0x6f0 [ 15.403709] ret_from_fork+0x116/0x1d0 [ 15.403892] ret_from_fork_asm+0x1a/0x30 [ 15.404117] [ 15.404245] The buggy address belongs to the object at ffff8881039f9d00 [ 15.404245] which belongs to the cache kmalloc-64 of size 64 [ 15.404795] The buggy address is located 0 bytes to the right of [ 15.404795] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.405352] [ 15.405507] The buggy address belongs to the physical page: [ 15.405738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.406156] flags: 0x200000000000000(node=0|zone=2) [ 15.406403] page_type: f5(slab) [ 15.406583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.406855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.407235] page dumped because: kasan: bad access detected [ 15.407440] [ 15.407519] Memory state around the buggy address: [ 15.407677] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.407891] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.408107] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.408583] ^ [ 15.408809] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409131] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410964] ================================================================== [ 15.496492] ================================================================== [ 15.496794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.497172] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.497453] [ 15.497551] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.497596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.497608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.497630] Call Trace: [ 15.497647] <TASK> [ 15.497662] dump_stack_lvl+0x73/0xb0 [ 15.497691] print_report+0xd1/0x610 [ 15.497714] ? __virt_addr_valid+0x1db/0x2d0 [ 15.497737] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.497761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.497784] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.497807] kasan_report+0x141/0x180 [ 15.497830] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.497857] kasan_check_range+0x10c/0x1c0 [ 15.497881] __kasan_check_write+0x18/0x20 [ 15.497901] kasan_atomics_helper+0x18b1/0x5450 [ 15.497925] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.497948] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.497974] ? kasan_atomics+0x152/0x310 [ 15.498001] kasan_atomics+0x1dc/0x310 [ 15.498025] ? __pfx_kasan_atomics+0x10/0x10 [ 15.498047] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.498075] ? __pfx_read_tsc+0x10/0x10 [ 15.498096] ? ktime_get_ts64+0x86/0x230 [ 15.498122] kunit_try_run_case+0x1a5/0x480 [ 15.498147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498182] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.498212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.498237] ? __kthread_parkme+0x82/0x180 [ 15.498258] ? preempt_count_sub+0x50/0x80 [ 15.498283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.498333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.498358] kthread+0x337/0x6f0 [ 15.498378] ? trace_preempt_on+0x20/0xc0 [ 15.498401] ? __pfx_kthread+0x10/0x10 [ 15.498422] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.498445] ? calculate_sigpending+0x7b/0xa0 [ 15.498470] ? __pfx_kthread+0x10/0x10 [ 15.498493] ret_from_fork+0x116/0x1d0 [ 15.498521] ? __pfx_kthread+0x10/0x10 [ 15.498542] ret_from_fork_asm+0x1a/0x30 [ 15.498573] </TASK> [ 15.498583] [ 15.510717] Allocated by task 283: [ 15.511103] kasan_save_stack+0x45/0x70 [ 15.511406] kasan_save_track+0x18/0x40 [ 15.511558] kasan_save_alloc_info+0x3b/0x50 [ 15.511705] __kasan_kmalloc+0xb7/0xc0 [ 15.511835] __kmalloc_cache_noprof+0x189/0x420 [ 15.511989] kasan_atomics+0x95/0x310 [ 15.512120] kunit_try_run_case+0x1a5/0x480 [ 15.512702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.513238] kthread+0x337/0x6f0 [ 15.513593] ret_from_fork+0x116/0x1d0 [ 15.513989] ret_from_fork_asm+0x1a/0x30 [ 15.514423] [ 15.514652] The buggy address belongs to the object at ffff8881039f9d00 [ 15.514652] which belongs to the cache kmalloc-64 of size 64 [ 15.515776] The buggy address is located 0 bytes to the right of [ 15.515776] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.516729] [ 15.516807] The buggy address belongs to the physical page: [ 15.516976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.517462] flags: 0x200000000000000(node=0|zone=2) [ 15.517953] page_type: f5(slab) [ 15.518324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.519038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.519755] page dumped because: kasan: bad access detected [ 15.520031] [ 15.520105] Memory state around the buggy address: [ 15.520596] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521256] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521643] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.522136] ^ [ 15.522640] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.522865] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523073] ================================================================== [ 14.693307] ================================================================== [ 14.693615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.693945] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.694378] [ 14.694468] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.694523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.694536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.694560] Call Trace: [ 14.694578] <TASK> [ 14.694733] dump_stack_lvl+0x73/0xb0 [ 14.694775] print_report+0xd1/0x610 [ 14.694800] ? __virt_addr_valid+0x1db/0x2d0 [ 14.694824] ? kasan_atomics_helper+0x697/0x5450 [ 14.694846] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.694869] ? kasan_atomics_helper+0x697/0x5450 [ 14.694891] kasan_report+0x141/0x180 [ 14.694914] ? kasan_atomics_helper+0x697/0x5450 [ 14.694941] kasan_check_range+0x10c/0x1c0 [ 14.694965] __kasan_check_write+0x18/0x20 [ 14.694985] kasan_atomics_helper+0x697/0x5450 [ 14.695008] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.695032] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.695138] ? kasan_atomics+0x152/0x310 [ 14.695166] kasan_atomics+0x1dc/0x310 [ 14.695189] ? __pfx_kasan_atomics+0x10/0x10 [ 14.695212] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.695240] ? __pfx_read_tsc+0x10/0x10 [ 14.695261] ? ktime_get_ts64+0x86/0x230 [ 14.695287] kunit_try_run_case+0x1a5/0x480 [ 14.695312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.695551] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.695585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.695610] ? __kthread_parkme+0x82/0x180 [ 14.695633] ? preempt_count_sub+0x50/0x80 [ 14.695658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.695727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.695752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.695777] kthread+0x337/0x6f0 [ 14.695797] ? trace_preempt_on+0x20/0xc0 [ 14.695822] ? __pfx_kthread+0x10/0x10 [ 14.695843] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.695865] ? calculate_sigpending+0x7b/0xa0 [ 14.695891] ? __pfx_kthread+0x10/0x10 [ 14.695912] ret_from_fork+0x116/0x1d0 [ 14.695933] ? __pfx_kthread+0x10/0x10 [ 14.695954] ret_from_fork_asm+0x1a/0x30 [ 14.695985] </TASK> [ 14.695996] [ 14.708701] Allocated by task 283: [ 14.708883] kasan_save_stack+0x45/0x70 [ 14.709614] kasan_save_track+0x18/0x40 [ 14.709809] kasan_save_alloc_info+0x3b/0x50 [ 14.709993] __kasan_kmalloc+0xb7/0xc0 [ 14.710432] __kmalloc_cache_noprof+0x189/0x420 [ 14.710669] kasan_atomics+0x95/0x310 [ 14.710844] kunit_try_run_case+0x1a5/0x480 [ 14.711036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.712040] kthread+0x337/0x6f0 [ 14.712619] ret_from_fork+0x116/0x1d0 [ 14.712829] ret_from_fork_asm+0x1a/0x30 [ 14.713019] [ 14.713115] The buggy address belongs to the object at ffff8881039f9d00 [ 14.713115] which belongs to the cache kmalloc-64 of size 64 [ 14.713639] The buggy address is located 0 bytes to the right of [ 14.713639] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.714143] [ 14.714892] The buggy address belongs to the physical page: [ 14.715742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.716652] flags: 0x200000000000000(node=0|zone=2) [ 14.716905] page_type: f5(slab) [ 14.717382] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.717725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.718028] page dumped because: kasan: bad access detected [ 14.718664] [ 14.718771] Memory state around the buggy address: [ 14.718977] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.719604] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.719908] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.720660] ^ [ 14.720847] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.721178] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.721910] ================================================================== [ 15.817999] ================================================================== [ 15.818572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.818953] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.819559] [ 15.819744] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.819796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.819916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.819942] Call Trace: [ 15.820016] <TASK> [ 15.820037] dump_stack_lvl+0x73/0xb0 [ 15.820069] print_report+0xd1/0x610 [ 15.820092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.820117] ? kasan_atomics_helper+0x2006/0x5450 [ 15.820139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.820171] ? kasan_atomics_helper+0x2006/0x5450 [ 15.820194] kasan_report+0x141/0x180 [ 15.820216] ? kasan_atomics_helper+0x2006/0x5450 [ 15.820244] kasan_check_range+0x10c/0x1c0 [ 15.820268] __kasan_check_write+0x18/0x20 [ 15.820288] kasan_atomics_helper+0x2006/0x5450 [ 15.820311] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.820333] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.820359] ? kasan_atomics+0x152/0x310 [ 15.820388] kasan_atomics+0x1dc/0x310 [ 15.820411] ? __pfx_kasan_atomics+0x10/0x10 [ 15.820433] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.820461] ? __pfx_read_tsc+0x10/0x10 [ 15.820482] ? ktime_get_ts64+0x86/0x230 [ 15.820521] kunit_try_run_case+0x1a5/0x480 [ 15.820548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.820570] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.820595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.820620] ? __kthread_parkme+0x82/0x180 [ 15.820641] ? preempt_count_sub+0x50/0x80 [ 15.820666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.820691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.820716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.820741] kthread+0x337/0x6f0 [ 15.820761] ? trace_preempt_on+0x20/0xc0 [ 15.820785] ? __pfx_kthread+0x10/0x10 [ 15.820806] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.820829] ? calculate_sigpending+0x7b/0xa0 [ 15.820854] ? __pfx_kthread+0x10/0x10 [ 15.820876] ret_from_fork+0x116/0x1d0 [ 15.820896] ? __pfx_kthread+0x10/0x10 [ 15.820917] ret_from_fork_asm+0x1a/0x30 [ 15.820949] </TASK> [ 15.820960] [ 15.830820] Allocated by task 283: [ 15.831079] kasan_save_stack+0x45/0x70 [ 15.831519] kasan_save_track+0x18/0x40 [ 15.831807] kasan_save_alloc_info+0x3b/0x50 [ 15.832066] __kasan_kmalloc+0xb7/0xc0 [ 15.832299] __kmalloc_cache_noprof+0x189/0x420 [ 15.832608] kasan_atomics+0x95/0x310 [ 15.832792] kunit_try_run_case+0x1a5/0x480 [ 15.832989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833414] kthread+0x337/0x6f0 [ 15.833600] ret_from_fork+0x116/0x1d0 [ 15.833916] ret_from_fork_asm+0x1a/0x30 [ 15.834086] [ 15.834282] The buggy address belongs to the object at ffff8881039f9d00 [ 15.834282] which belongs to the cache kmalloc-64 of size 64 [ 15.834887] The buggy address is located 0 bytes to the right of [ 15.834887] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.835583] [ 15.835689] The buggy address belongs to the physical page: [ 15.835922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.836297] flags: 0x200000000000000(node=0|zone=2) [ 15.836817] page_type: f5(slab) [ 15.836966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.837407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.837847] page dumped because: kasan: bad access detected [ 15.838152] [ 15.838235] Memory state around the buggy address: [ 15.838455] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.838953] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839310] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.839686] ^ [ 15.840005] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840433] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840708] ================================================================== [ 14.520800] ================================================================== [ 14.521379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.521723] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.522028] [ 14.522140] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.522190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.522207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.522231] Call Trace: [ 14.522245] <TASK> [ 14.522263] dump_stack_lvl+0x73/0xb0 [ 14.522292] print_report+0xd1/0x610 [ 14.522317] ? __virt_addr_valid+0x1db/0x2d0 [ 14.522342] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.522365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.522389] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.522411] kasan_report+0x141/0x180 [ 14.522434] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.522462] __asan_report_store4_noabort+0x1b/0x30 [ 14.522488] kasan_atomics_helper+0x4b6e/0x5450 [ 14.522522] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.522546] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.522573] ? kasan_atomics+0x152/0x310 [ 14.522600] kasan_atomics+0x1dc/0x310 [ 14.522623] ? __pfx_kasan_atomics+0x10/0x10 [ 14.522646] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.522673] ? __pfx_read_tsc+0x10/0x10 [ 14.522695] ? ktime_get_ts64+0x86/0x230 [ 14.522720] kunit_try_run_case+0x1a5/0x480 [ 14.522746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.522770] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.522793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.522818] ? __kthread_parkme+0x82/0x180 [ 14.522839] ? preempt_count_sub+0x50/0x80 [ 14.522971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.523028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.523054] kthread+0x337/0x6f0 [ 14.523075] ? trace_preempt_on+0x20/0xc0 [ 14.523099] ? __pfx_kthread+0x10/0x10 [ 14.523120] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.523143] ? calculate_sigpending+0x7b/0xa0 [ 14.523168] ? __pfx_kthread+0x10/0x10 [ 14.523191] ret_from_fork+0x116/0x1d0 [ 14.523211] ? __pfx_kthread+0x10/0x10 [ 14.523232] ret_from_fork_asm+0x1a/0x30 [ 14.523318] </TASK> [ 14.523331] [ 14.533453] Allocated by task 283: [ 14.533787] kasan_save_stack+0x45/0x70 [ 14.533978] kasan_save_track+0x18/0x40 [ 14.534559] kasan_save_alloc_info+0x3b/0x50 [ 14.534772] __kasan_kmalloc+0xb7/0xc0 [ 14.535071] __kmalloc_cache_noprof+0x189/0x420 [ 14.535631] kasan_atomics+0x95/0x310 [ 14.535834] kunit_try_run_case+0x1a5/0x480 [ 14.536041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.536729] kthread+0x337/0x6f0 [ 14.536904] ret_from_fork+0x116/0x1d0 [ 14.537057] ret_from_fork_asm+0x1a/0x30 [ 14.537545] [ 14.537827] The buggy address belongs to the object at ffff8881039f9d00 [ 14.537827] which belongs to the cache kmalloc-64 of size 64 [ 14.538631] The buggy address is located 0 bytes to the right of [ 14.538631] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.539309] [ 14.539537] The buggy address belongs to the physical page: [ 14.539878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.540442] flags: 0x200000000000000(node=0|zone=2) [ 14.540957] page_type: f5(slab) [ 14.541312] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.541772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.542343] page dumped because: kasan: bad access detected [ 14.542610] [ 14.542685] Memory state around the buggy address: [ 14.543268] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.543611] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.544016] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.544596] ^ [ 14.544934] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.545391] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.545833] ================================================================== [ 14.722921] ================================================================== [ 14.723710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.723959] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.724718] [ 14.724930] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.724979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.724992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.725014] Call Trace: [ 14.725034] <TASK> [ 14.725052] dump_stack_lvl+0x73/0xb0 [ 14.725083] print_report+0xd1/0x610 [ 14.725106] ? __virt_addr_valid+0x1db/0x2d0 [ 14.725129] ? kasan_atomics_helper+0x72f/0x5450 [ 14.725151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.725244] ? kasan_atomics_helper+0x72f/0x5450 [ 14.725268] kasan_report+0x141/0x180 [ 14.725291] ? kasan_atomics_helper+0x72f/0x5450 [ 14.725318] kasan_check_range+0x10c/0x1c0 [ 14.725342] __kasan_check_write+0x18/0x20 [ 14.725362] kasan_atomics_helper+0x72f/0x5450 [ 14.725385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.725408] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.725434] ? kasan_atomics+0x152/0x310 [ 14.725461] kasan_atomics+0x1dc/0x310 [ 14.725483] ? __pfx_kasan_atomics+0x10/0x10 [ 14.725520] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.725547] ? __pfx_read_tsc+0x10/0x10 [ 14.725569] ? ktime_get_ts64+0x86/0x230 [ 14.725594] kunit_try_run_case+0x1a5/0x480 [ 14.725620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.725642] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.725666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.725690] ? __kthread_parkme+0x82/0x180 [ 14.725711] ? preempt_count_sub+0x50/0x80 [ 14.725736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.725761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.725785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.725812] kthread+0x337/0x6f0 [ 14.725832] ? trace_preempt_on+0x20/0xc0 [ 14.725856] ? __pfx_kthread+0x10/0x10 [ 14.725876] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.725898] ? calculate_sigpending+0x7b/0xa0 [ 14.725923] ? __pfx_kthread+0x10/0x10 [ 14.725945] ret_from_fork+0x116/0x1d0 [ 14.725964] ? __pfx_kthread+0x10/0x10 [ 14.725985] ret_from_fork_asm+0x1a/0x30 [ 14.726016] </TASK> [ 14.726027] [ 14.739381] Allocated by task 283: [ 14.739593] kasan_save_stack+0x45/0x70 [ 14.739795] kasan_save_track+0x18/0x40 [ 14.739974] kasan_save_alloc_info+0x3b/0x50 [ 14.740434] __kasan_kmalloc+0xb7/0xc0 [ 14.740624] __kmalloc_cache_noprof+0x189/0x420 [ 14.740865] kasan_atomics+0x95/0x310 [ 14.741043] kunit_try_run_case+0x1a5/0x480 [ 14.741554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.741828] kthread+0x337/0x6f0 [ 14.742001] ret_from_fork+0x116/0x1d0 [ 14.742324] ret_from_fork_asm+0x1a/0x30 [ 14.742553] [ 14.742655] The buggy address belongs to the object at ffff8881039f9d00 [ 14.742655] which belongs to the cache kmalloc-64 of size 64 [ 14.743301] The buggy address is located 0 bytes to the right of [ 14.743301] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.744124] [ 14.744262] The buggy address belongs to the physical page: [ 14.744742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.745103] flags: 0x200000000000000(node=0|zone=2) [ 14.745609] page_type: f5(slab) [ 14.745805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.746094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.746494] page dumped because: kasan: bad access detected [ 14.746898] [ 14.746998] Memory state around the buggy address: [ 14.747439] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.747773] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.748057] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.748411] ^ [ 14.748650] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.748884] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749161] ================================================================== [ 15.841540] ================================================================== [ 15.841894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.842548] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.842888] [ 15.843006] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.843054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.843067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.843090] Call Trace: [ 15.843110] <TASK> [ 15.843128] dump_stack_lvl+0x73/0xb0 [ 15.843158] print_report+0xd1/0x610 [ 15.843195] ? __virt_addr_valid+0x1db/0x2d0 [ 15.843220] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.843242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.843266] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.843288] kasan_report+0x141/0x180 [ 15.843310] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.843337] __asan_report_load8_noabort+0x18/0x20 [ 15.843362] kasan_atomics_helper+0x4f98/0x5450 [ 15.843385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.843408] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.843434] ? kasan_atomics+0x152/0x310 [ 15.843462] kasan_atomics+0x1dc/0x310 [ 15.843485] ? __pfx_kasan_atomics+0x10/0x10 [ 15.843517] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.843545] ? __pfx_read_tsc+0x10/0x10 [ 15.843567] ? ktime_get_ts64+0x86/0x230 [ 15.843594] kunit_try_run_case+0x1a5/0x480 [ 15.843622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.843645] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.843668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.843692] ? __kthread_parkme+0x82/0x180 [ 15.843714] ? preempt_count_sub+0x50/0x80 [ 15.843739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.843764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.843788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.843813] kthread+0x337/0x6f0 [ 15.843832] ? trace_preempt_on+0x20/0xc0 [ 15.843856] ? __pfx_kthread+0x10/0x10 [ 15.843877] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.843899] ? calculate_sigpending+0x7b/0xa0 [ 15.843924] ? __pfx_kthread+0x10/0x10 [ 15.843946] ret_from_fork+0x116/0x1d0 [ 15.843966] ? __pfx_kthread+0x10/0x10 [ 15.843986] ret_from_fork_asm+0x1a/0x30 [ 15.844018] </TASK> [ 15.844029] [ 15.851168] Allocated by task 283: [ 15.851297] kasan_save_stack+0x45/0x70 [ 15.851439] kasan_save_track+0x18/0x40 [ 15.851611] kasan_save_alloc_info+0x3b/0x50 [ 15.851814] __kasan_kmalloc+0xb7/0xc0 [ 15.851996] __kmalloc_cache_noprof+0x189/0x420 [ 15.852212] kasan_atomics+0x95/0x310 [ 15.852392] kunit_try_run_case+0x1a5/0x480 [ 15.852602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852832] kthread+0x337/0x6f0 [ 15.852951] ret_from_fork+0x116/0x1d0 [ 15.853080] ret_from_fork_asm+0x1a/0x30 [ 15.853381] [ 15.853478] The buggy address belongs to the object at ffff8881039f9d00 [ 15.853478] which belongs to the cache kmalloc-64 of size 64 [ 15.853998] The buggy address is located 0 bytes to the right of [ 15.853998] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.854426] [ 15.854507] The buggy address belongs to the physical page: [ 15.854682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.854926] flags: 0x200000000000000(node=0|zone=2) [ 15.855110] page_type: f5(slab) [ 15.855335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.855678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.856002] page dumped because: kasan: bad access detected [ 15.856358] [ 15.856515] Memory state around the buggy address: [ 15.856779] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.857115] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.857566] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.857774] ^ [ 15.857949] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.858381] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.858702] ================================================================== [ 14.944102] ================================================================== [ 14.944374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.944965] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.946056] [ 14.946297] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.946350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.946362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.946561] Call Trace: [ 14.946587] <TASK> [ 14.946607] dump_stack_lvl+0x73/0xb0 [ 14.946641] print_report+0xd1/0x610 [ 14.946665] ? __virt_addr_valid+0x1db/0x2d0 [ 14.946689] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.946710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.946733] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.946756] kasan_report+0x141/0x180 [ 14.946778] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.946806] __asan_report_load4_noabort+0x18/0x20 [ 14.946831] kasan_atomics_helper+0x4a84/0x5450 [ 14.946854] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.946877] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.946903] ? kasan_atomics+0x152/0x310 [ 14.946930] kasan_atomics+0x1dc/0x310 [ 14.946954] ? __pfx_kasan_atomics+0x10/0x10 [ 14.946976] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.947004] ? __pfx_read_tsc+0x10/0x10 [ 14.947026] ? ktime_get_ts64+0x86/0x230 [ 14.947051] kunit_try_run_case+0x1a5/0x480 [ 14.947077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.947100] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.947124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.947148] ? __kthread_parkme+0x82/0x180 [ 14.947187] ? preempt_count_sub+0x50/0x80 [ 14.947212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.947237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.947287] kthread+0x337/0x6f0 [ 14.947307] ? trace_preempt_on+0x20/0xc0 [ 14.947331] ? __pfx_kthread+0x10/0x10 [ 14.947352] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.947375] ? calculate_sigpending+0x7b/0xa0 [ 14.947400] ? __pfx_kthread+0x10/0x10 [ 14.947422] ret_from_fork+0x116/0x1d0 [ 14.947442] ? __pfx_kthread+0x10/0x10 [ 14.947463] ret_from_fork_asm+0x1a/0x30 [ 14.947494] </TASK> [ 14.947517] [ 14.960261] Allocated by task 283: [ 14.960456] kasan_save_stack+0x45/0x70 [ 14.960676] kasan_save_track+0x18/0x40 [ 14.960845] kasan_save_alloc_info+0x3b/0x50 [ 14.961031] __kasan_kmalloc+0xb7/0xc0 [ 14.961196] __kmalloc_cache_noprof+0x189/0x420 [ 14.961386] kasan_atomics+0x95/0x310 [ 14.962267] kunit_try_run_case+0x1a5/0x480 [ 14.962925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.963686] kthread+0x337/0x6f0 [ 14.964194] ret_from_fork+0x116/0x1d0 [ 14.964743] ret_from_fork_asm+0x1a/0x30 [ 14.965316] [ 14.965675] The buggy address belongs to the object at ffff8881039f9d00 [ 14.965675] which belongs to the cache kmalloc-64 of size 64 [ 14.966536] The buggy address is located 0 bytes to the right of [ 14.966536] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.966918] [ 14.966998] The buggy address belongs to the physical page: [ 14.967671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.968857] flags: 0x200000000000000(node=0|zone=2) [ 14.969490] page_type: f5(slab) [ 14.970226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.971097] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.971804] page dumped because: kasan: bad access detected [ 14.971990] [ 14.972064] Memory state around the buggy address: [ 14.972789] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.973786] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.974680] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.974917] ^ [ 14.975079] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976203] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.977061] ================================================================== [ 15.794387] ================================================================== [ 15.794767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.795073] Read of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.795418] [ 15.795528] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.795574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.795587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.795609] Call Trace: [ 15.795629] <TASK> [ 15.795646] dump_stack_lvl+0x73/0xb0 [ 15.795675] print_report+0xd1/0x610 [ 15.795697] ? __virt_addr_valid+0x1db/0x2d0 [ 15.795721] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.795743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.795767] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.795789] kasan_report+0x141/0x180 [ 15.795812] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.795839] __asan_report_load8_noabort+0x18/0x20 [ 15.795863] kasan_atomics_helper+0x4f71/0x5450 [ 15.795888] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.795911] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.795937] ? kasan_atomics+0x152/0x310 [ 15.795964] kasan_atomics+0x1dc/0x310 [ 15.795987] ? __pfx_kasan_atomics+0x10/0x10 [ 15.796010] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.796037] ? __pfx_read_tsc+0x10/0x10 [ 15.796059] ? ktime_get_ts64+0x86/0x230 [ 15.796085] kunit_try_run_case+0x1a5/0x480 [ 15.796110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.796133] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.796157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.796193] ? __kthread_parkme+0x82/0x180 [ 15.796215] ? preempt_count_sub+0x50/0x80 [ 15.796240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.796264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.796316] kthread+0x337/0x6f0 [ 15.796336] ? trace_preempt_on+0x20/0xc0 [ 15.796360] ? __pfx_kthread+0x10/0x10 [ 15.796381] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.796404] ? calculate_sigpending+0x7b/0xa0 [ 15.796430] ? __pfx_kthread+0x10/0x10 [ 15.796451] ret_from_fork+0x116/0x1d0 [ 15.796471] ? __pfx_kthread+0x10/0x10 [ 15.796492] ret_from_fork_asm+0x1a/0x30 [ 15.796533] </TASK> [ 15.796543] [ 15.804116] Allocated by task 283: [ 15.804437] kasan_save_stack+0x45/0x70 [ 15.804652] kasan_save_track+0x18/0x40 [ 15.804969] kasan_save_alloc_info+0x3b/0x50 [ 15.805195] __kasan_kmalloc+0xb7/0xc0 [ 15.805339] __kmalloc_cache_noprof+0x189/0x420 [ 15.805506] kasan_atomics+0x95/0x310 [ 15.805642] kunit_try_run_case+0x1a5/0x480 [ 15.805849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806115] kthread+0x337/0x6f0 [ 15.806395] ret_from_fork+0x116/0x1d0 [ 15.806716] ret_from_fork_asm+0x1a/0x30 [ 15.807083] [ 15.807160] The buggy address belongs to the object at ffff8881039f9d00 [ 15.807160] which belongs to the cache kmalloc-64 of size 64 [ 15.808807] The buggy address is located 0 bytes to the right of [ 15.808807] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.809469] [ 15.809592] The buggy address belongs to the physical page: [ 15.809820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.810075] flags: 0x200000000000000(node=0|zone=2) [ 15.810256] page_type: f5(slab) [ 15.810405] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.810756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.811100] page dumped because: kasan: bad access detected [ 15.811367] [ 15.812548] Memory state around the buggy address: [ 15.813924] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.815078] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.815415] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.815718] ^ [ 15.815917] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.816586] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.817347] ================================================================== [ 14.575648] ================================================================== [ 14.575908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.577099] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.577450] [ 14.577587] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.577806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.577822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.577844] Call Trace: [ 14.577866] <TASK> [ 14.577885] dump_stack_lvl+0x73/0xb0 [ 14.577917] print_report+0xd1/0x610 [ 14.577940] ? __virt_addr_valid+0x1db/0x2d0 [ 14.577964] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.577986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.578010] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.578032] kasan_report+0x141/0x180 [ 14.578158] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.578187] __asan_report_load4_noabort+0x18/0x20 [ 14.578218] kasan_atomics_helper+0x4b54/0x5450 [ 14.578242] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.578265] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.578292] ? kasan_atomics+0x152/0x310 [ 14.578320] kasan_atomics+0x1dc/0x310 [ 14.578344] ? __pfx_kasan_atomics+0x10/0x10 [ 14.578367] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.578395] ? __pfx_read_tsc+0x10/0x10 [ 14.578418] ? ktime_get_ts64+0x86/0x230 [ 14.578444] kunit_try_run_case+0x1a5/0x480 [ 14.578470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578494] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.578532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.578557] ? __kthread_parkme+0x82/0x180 [ 14.578579] ? preempt_count_sub+0x50/0x80 [ 14.578605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.578680] kthread+0x337/0x6f0 [ 14.578700] ? trace_preempt_on+0x20/0xc0 [ 14.578725] ? __pfx_kthread+0x10/0x10 [ 14.578746] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.578769] ? calculate_sigpending+0x7b/0xa0 [ 14.578795] ? __pfx_kthread+0x10/0x10 [ 14.578817] ret_from_fork+0x116/0x1d0 [ 14.578837] ? __pfx_kthread+0x10/0x10 [ 14.578858] ret_from_fork_asm+0x1a/0x30 [ 14.578890] </TASK> [ 14.578901] [ 14.588390] Allocated by task 283: [ 14.588612] kasan_save_stack+0x45/0x70 [ 14.588911] kasan_save_track+0x18/0x40 [ 14.589196] kasan_save_alloc_info+0x3b/0x50 [ 14.589409] __kasan_kmalloc+0xb7/0xc0 [ 14.589608] __kmalloc_cache_noprof+0x189/0x420 [ 14.589832] kasan_atomics+0x95/0x310 [ 14.590023] kunit_try_run_case+0x1a5/0x480 [ 14.590449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590728] kthread+0x337/0x6f0 [ 14.590859] ret_from_fork+0x116/0x1d0 [ 14.590995] ret_from_fork_asm+0x1a/0x30 [ 14.591465] [ 14.591584] The buggy address belongs to the object at ffff8881039f9d00 [ 14.591584] which belongs to the cache kmalloc-64 of size 64 [ 14.592204] The buggy address is located 0 bytes to the right of [ 14.592204] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.592686] [ 14.592807] The buggy address belongs to the physical page: [ 14.593133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.593448] flags: 0x200000000000000(node=0|zone=2) [ 14.593697] page_type: f5(slab) [ 14.593893] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.594311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.594804] page dumped because: kasan: bad access detected [ 14.595143] [ 14.595251] Memory state around the buggy address: [ 14.595481] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.595849] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.596132] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.596434] ^ [ 14.596706] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597053] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597412] ================================================================== [ 15.327249] ================================================================== [ 15.327744] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.328291] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.328606] [ 15.328700] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.328745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.328779] Call Trace: [ 15.328796] <TASK> [ 15.328811] dump_stack_lvl+0x73/0xb0 [ 15.328839] print_report+0xd1/0x610 [ 15.328863] ? __virt_addr_valid+0x1db/0x2d0 [ 15.328887] ? kasan_atomics_helper+0x1467/0x5450 [ 15.328909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.328934] ? kasan_atomics_helper+0x1467/0x5450 [ 15.328959] kasan_report+0x141/0x180 [ 15.328985] ? kasan_atomics_helper+0x1467/0x5450 [ 15.329015] kasan_check_range+0x10c/0x1c0 [ 15.329039] __kasan_check_write+0x18/0x20 [ 15.329059] kasan_atomics_helper+0x1467/0x5450 [ 15.329082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.329105] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.329132] ? kasan_atomics+0x152/0x310 [ 15.329181] kasan_atomics+0x1dc/0x310 [ 15.329205] ? __pfx_kasan_atomics+0x10/0x10 [ 15.329227] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.329255] ? __pfx_read_tsc+0x10/0x10 [ 15.329276] ? ktime_get_ts64+0x86/0x230 [ 15.329302] kunit_try_run_case+0x1a5/0x480 [ 15.329328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.329351] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.329375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.329401] ? __kthread_parkme+0x82/0x180 [ 15.329423] ? preempt_count_sub+0x50/0x80 [ 15.329447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.329474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.329507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.329534] kthread+0x337/0x6f0 [ 15.329554] ? trace_preempt_on+0x20/0xc0 [ 15.329578] ? __pfx_kthread+0x10/0x10 [ 15.329599] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.329622] ? calculate_sigpending+0x7b/0xa0 [ 15.329647] ? __pfx_kthread+0x10/0x10 [ 15.329668] ret_from_fork+0x116/0x1d0 [ 15.329688] ? __pfx_kthread+0x10/0x10 [ 15.329709] ret_from_fork_asm+0x1a/0x30 [ 15.329740] </TASK> [ 15.329752] [ 15.337246] Allocated by task 283: [ 15.337443] kasan_save_stack+0x45/0x70 [ 15.337636] kasan_save_track+0x18/0x40 [ 15.337773] kasan_save_alloc_info+0x3b/0x50 [ 15.337983] __kasan_kmalloc+0xb7/0xc0 [ 15.338205] __kmalloc_cache_noprof+0x189/0x420 [ 15.338403] kasan_atomics+0x95/0x310 [ 15.338548] kunit_try_run_case+0x1a5/0x480 [ 15.338697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338874] kthread+0x337/0x6f0 [ 15.338997] ret_from_fork+0x116/0x1d0 [ 15.339131] ret_from_fork_asm+0x1a/0x30 [ 15.339291] [ 15.339364] The buggy address belongs to the object at ffff8881039f9d00 [ 15.339364] which belongs to the cache kmalloc-64 of size 64 [ 15.339846] The buggy address is located 0 bytes to the right of [ 15.339846] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.340408] [ 15.340513] The buggy address belongs to the physical page: [ 15.340766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.341123] flags: 0x200000000000000(node=0|zone=2) [ 15.341377] page_type: f5(slab) [ 15.341558] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.341866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.342097] page dumped because: kasan: bad access detected [ 15.342299] [ 15.342370] Memory state around the buggy address: [ 15.342571] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342884] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.343229] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.343548] ^ [ 15.343772] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.344085] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.344385] ================================================================== [ 14.495294] ================================================================== [ 14.495580] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.495926] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.496488] [ 14.496597] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.496644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.496654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.496676] Call Trace: [ 14.496688] <TASK> [ 14.496706] dump_stack_lvl+0x73/0xb0 [ 14.496738] print_report+0xd1/0x610 [ 14.496759] ? __virt_addr_valid+0x1db/0x2d0 [ 14.496782] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.496803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.496826] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.496847] kasan_report+0x141/0x180 [ 14.496869] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.496895] __asan_report_load4_noabort+0x18/0x20 [ 14.496959] kasan_atomics_helper+0x4b88/0x5450 [ 14.496982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.497004] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.497030] ? kasan_atomics+0x152/0x310 [ 14.497056] kasan_atomics+0x1dc/0x310 [ 14.497327] ? __pfx_kasan_atomics+0x10/0x10 [ 14.497353] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.497400] ? __pfx_read_tsc+0x10/0x10 [ 14.497423] ? ktime_get_ts64+0x86/0x230 [ 14.497448] kunit_try_run_case+0x1a5/0x480 [ 14.497474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497512] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.497536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.497561] ? __kthread_parkme+0x82/0x180 [ 14.497582] ? preempt_count_sub+0x50/0x80 [ 14.497608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.497657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.497682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.497708] kthread+0x337/0x6f0 [ 14.497730] ? trace_preempt_on+0x20/0xc0 [ 14.497754] ? __pfx_kthread+0x10/0x10 [ 14.497776] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.497816] ? calculate_sigpending+0x7b/0xa0 [ 14.497842] ? __pfx_kthread+0x10/0x10 [ 14.497864] ret_from_fork+0x116/0x1d0 [ 14.497885] ? __pfx_kthread+0x10/0x10 [ 14.497907] ret_from_fork_asm+0x1a/0x30 [ 14.497939] </TASK> [ 14.497951] [ 14.507101] Allocated by task 283: [ 14.507348] kasan_save_stack+0x45/0x70 [ 14.507509] kasan_save_track+0x18/0x40 [ 14.507647] kasan_save_alloc_info+0x3b/0x50 [ 14.507796] __kasan_kmalloc+0xb7/0xc0 [ 14.508155] __kmalloc_cache_noprof+0x189/0x420 [ 14.508536] kasan_atomics+0x95/0x310 [ 14.508945] kunit_try_run_case+0x1a5/0x480 [ 14.509466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.509799] kthread+0x337/0x6f0 [ 14.509975] ret_from_fork+0x116/0x1d0 [ 14.510147] ret_from_fork_asm+0x1a/0x30 [ 14.510487] [ 14.510592] The buggy address belongs to the object at ffff8881039f9d00 [ 14.510592] which belongs to the cache kmalloc-64 of size 64 [ 14.510952] The buggy address is located 0 bytes to the right of [ 14.510952] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.512230] [ 14.512329] The buggy address belongs to the physical page: [ 14.512563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.512878] flags: 0x200000000000000(node=0|zone=2) [ 14.513812] page_type: f5(slab) [ 14.513995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.514728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.515033] page dumped because: kasan: bad access detected [ 14.515657] [ 14.515911] Memory state around the buggy address: [ 14.516578] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.516897] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517356] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.517662] ^ [ 14.517871] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518717] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.519444] ================================================================== [ 15.017936] ================================================================== [ 15.018519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.018890] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.019205] [ 15.019293] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.019339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.019351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.019373] Call Trace: [ 15.019392] <TASK> [ 15.019409] dump_stack_lvl+0x73/0xb0 [ 15.019447] print_report+0xd1/0x610 [ 15.019469] ? __virt_addr_valid+0x1db/0x2d0 [ 15.019492] ? kasan_atomics_helper+0xe78/0x5450 [ 15.019531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.019555] ? kasan_atomics_helper+0xe78/0x5450 [ 15.019577] kasan_report+0x141/0x180 [ 15.019600] ? kasan_atomics_helper+0xe78/0x5450 [ 15.019626] kasan_check_range+0x10c/0x1c0 [ 15.019650] __kasan_check_write+0x18/0x20 [ 15.019670] kasan_atomics_helper+0xe78/0x5450 [ 15.019694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.019717] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.019744] ? kasan_atomics+0x152/0x310 [ 15.019771] kasan_atomics+0x1dc/0x310 [ 15.019795] ? __pfx_kasan_atomics+0x10/0x10 [ 15.019817] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.019844] ? __pfx_read_tsc+0x10/0x10 [ 15.019866] ? ktime_get_ts64+0x86/0x230 [ 15.019891] kunit_try_run_case+0x1a5/0x480 [ 15.019916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019939] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.019963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.019987] ? __kthread_parkme+0x82/0x180 [ 15.020008] ? preempt_count_sub+0x50/0x80 [ 15.020033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.020058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.020082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.020106] kthread+0x337/0x6f0 [ 15.020126] ? trace_preempt_on+0x20/0xc0 [ 15.020168] ? __pfx_kthread+0x10/0x10 [ 15.020190] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.020212] ? calculate_sigpending+0x7b/0xa0 [ 15.020237] ? __pfx_kthread+0x10/0x10 [ 15.020259] ret_from_fork+0x116/0x1d0 [ 15.020280] ? __pfx_kthread+0x10/0x10 [ 15.020301] ret_from_fork_asm+0x1a/0x30 [ 15.020332] </TASK> [ 15.020343] [ 15.027849] Allocated by task 283: [ 15.027979] kasan_save_stack+0x45/0x70 [ 15.028213] kasan_save_track+0x18/0x40 [ 15.028431] kasan_save_alloc_info+0x3b/0x50 [ 15.028655] __kasan_kmalloc+0xb7/0xc0 [ 15.028847] __kmalloc_cache_noprof+0x189/0x420 [ 15.029089] kasan_atomics+0x95/0x310 [ 15.029309] kunit_try_run_case+0x1a5/0x480 [ 15.029550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029807] kthread+0x337/0x6f0 [ 15.029996] ret_from_fork+0x116/0x1d0 [ 15.030215] ret_from_fork_asm+0x1a/0x30 [ 15.030446] [ 15.030551] The buggy address belongs to the object at ffff8881039f9d00 [ 15.030551] which belongs to the cache kmalloc-64 of size 64 [ 15.031014] The buggy address is located 0 bytes to the right of [ 15.031014] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.031546] [ 15.031644] The buggy address belongs to the physical page: [ 15.031886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.032276] flags: 0x200000000000000(node=0|zone=2) [ 15.032458] page_type: f5(slab) [ 15.032594] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.032828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.033056] page dumped because: kasan: bad access detected [ 15.033255] [ 15.033325] Memory state around the buggy address: [ 15.033579] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.033903] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.034251] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.034587] ^ [ 15.034809] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035132] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035457] ================================================================== [ 15.554602] ================================================================== [ 15.554987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.555665] Write of size 8 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.555982] [ 15.556084] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.556130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.556143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.556165] Call Trace: [ 15.556184] <TASK> [ 15.556202] dump_stack_lvl+0x73/0xb0 [ 15.556232] print_report+0xd1/0x610 [ 15.556254] ? __virt_addr_valid+0x1db/0x2d0 [ 15.556277] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.556300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.556323] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.556346] kasan_report+0x141/0x180 [ 15.556369] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.556397] kasan_check_range+0x10c/0x1c0 [ 15.556421] __kasan_check_write+0x18/0x20 [ 15.556441] kasan_atomics_helper+0x19e3/0x5450 [ 15.556465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.556488] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.556524] ? kasan_atomics+0x152/0x310 [ 15.556551] kasan_atomics+0x1dc/0x310 [ 15.556575] ? __pfx_kasan_atomics+0x10/0x10 [ 15.556597] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.556624] ? __pfx_read_tsc+0x10/0x10 [ 15.556645] ? ktime_get_ts64+0x86/0x230 [ 15.556670] kunit_try_run_case+0x1a5/0x480 [ 15.556695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.556719] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.556744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.556769] ? __kthread_parkme+0x82/0x180 [ 15.556790] ? preempt_count_sub+0x50/0x80 [ 15.556815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.556841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.556865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.556891] kthread+0x337/0x6f0 [ 15.556911] ? trace_preempt_on+0x20/0xc0 [ 15.556936] ? __pfx_kthread+0x10/0x10 [ 15.556957] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.556979] ? calculate_sigpending+0x7b/0xa0 [ 15.557004] ? __pfx_kthread+0x10/0x10 [ 15.557026] ret_from_fork+0x116/0x1d0 [ 15.557045] ? __pfx_kthread+0x10/0x10 [ 15.557066] ret_from_fork_asm+0x1a/0x30 [ 15.557098] </TASK> [ 15.557110] [ 15.568894] Allocated by task 283: [ 15.569072] kasan_save_stack+0x45/0x70 [ 15.569778] kasan_save_track+0x18/0x40 [ 15.570026] kasan_save_alloc_info+0x3b/0x50 [ 15.570368] __kasan_kmalloc+0xb7/0xc0 [ 15.570749] __kmalloc_cache_noprof+0x189/0x420 [ 15.571087] kasan_atomics+0x95/0x310 [ 15.571410] kunit_try_run_case+0x1a5/0x480 [ 15.571623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.571844] kthread+0x337/0x6f0 [ 15.571997] ret_from_fork+0x116/0x1d0 [ 15.572167] ret_from_fork_asm+0x1a/0x30 [ 15.572345] [ 15.572434] The buggy address belongs to the object at ffff8881039f9d00 [ 15.572434] which belongs to the cache kmalloc-64 of size 64 [ 15.573440] The buggy address is located 0 bytes to the right of [ 15.573440] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.574186] [ 15.574430] The buggy address belongs to the physical page: [ 15.574902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.575465] flags: 0x200000000000000(node=0|zone=2) [ 15.575828] page_type: f5(slab) [ 15.576008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.576716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.577140] page dumped because: kasan: bad access detected [ 15.577484] [ 15.577725] Memory state around the buggy address: [ 15.578078] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.578725] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579246] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.579695] ^ [ 15.579905] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580461] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580917] ================================================================== [ 14.793132] ================================================================== [ 14.793636] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.794005] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.794680] [ 14.795040] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.795091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.795104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.795127] Call Trace: [ 14.795237] <TASK> [ 14.795259] dump_stack_lvl+0x73/0xb0 [ 14.795292] print_report+0xd1/0x610 [ 14.795315] ? __virt_addr_valid+0x1db/0x2d0 [ 14.795359] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.795382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.795419] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.795455] kasan_report+0x141/0x180 [ 14.795491] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.795545] kasan_check_range+0x10c/0x1c0 [ 14.795584] __kasan_check_write+0x18/0x20 [ 14.795604] kasan_atomics_helper+0x8f9/0x5450 [ 14.795641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.795678] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.795718] ? kasan_atomics+0x152/0x310 [ 14.795758] kasan_atomics+0x1dc/0x310 [ 14.795782] ? __pfx_kasan_atomics+0x10/0x10 [ 14.795804] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.795831] ? __pfx_read_tsc+0x10/0x10 [ 14.795852] ? ktime_get_ts64+0x86/0x230 [ 14.795877] kunit_try_run_case+0x1a5/0x480 [ 14.795903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.795926] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.795950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.795976] ? __kthread_parkme+0x82/0x180 [ 14.795998] ? preempt_count_sub+0x50/0x80 [ 14.796023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.796072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.796097] kthread+0x337/0x6f0 [ 14.796117] ? trace_preempt_on+0x20/0xc0 [ 14.796141] ? __pfx_kthread+0x10/0x10 [ 14.796162] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.796184] ? calculate_sigpending+0x7b/0xa0 [ 14.796209] ? __pfx_kthread+0x10/0x10 [ 14.796230] ret_from_fork+0x116/0x1d0 [ 14.796250] ? __pfx_kthread+0x10/0x10 [ 14.796271] ret_from_fork_asm+0x1a/0x30 [ 14.796303] </TASK> [ 14.796314] [ 14.805661] Allocated by task 283: [ 14.805859] kasan_save_stack+0x45/0x70 [ 14.806090] kasan_save_track+0x18/0x40 [ 14.806392] kasan_save_alloc_info+0x3b/0x50 [ 14.806646] __kasan_kmalloc+0xb7/0xc0 [ 14.806858] __kmalloc_cache_noprof+0x189/0x420 [ 14.807262] kasan_atomics+0x95/0x310 [ 14.807635] kunit_try_run_case+0x1a5/0x480 [ 14.807783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.808040] kthread+0x337/0x6f0 [ 14.808353] ret_from_fork+0x116/0x1d0 [ 14.808539] ret_from_fork_asm+0x1a/0x30 [ 14.808742] [ 14.808841] The buggy address belongs to the object at ffff8881039f9d00 [ 14.808841] which belongs to the cache kmalloc-64 of size 64 [ 14.809445] The buggy address is located 0 bytes to the right of [ 14.809445] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.809990] [ 14.810220] The buggy address belongs to the physical page: [ 14.810446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.810828] flags: 0x200000000000000(node=0|zone=2) [ 14.811213] page_type: f5(slab) [ 14.811409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.811748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.812083] page dumped because: kasan: bad access detected [ 14.812353] [ 14.812464] Memory state around the buggy address: [ 14.812694] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.813192] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.813521] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.813828] ^ [ 14.814045] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.814464] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.814690] ================================================================== [ 15.116797] ================================================================== [ 15.117526] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.118161] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.118562] [ 15.118762] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.118810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.118823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.118846] Call Trace: [ 15.118866] <TASK> [ 15.118885] dump_stack_lvl+0x73/0xb0 [ 15.118914] print_report+0xd1/0x610 [ 15.118938] ? __virt_addr_valid+0x1db/0x2d0 [ 15.118963] ? kasan_atomics_helper+0x1079/0x5450 [ 15.118985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.119009] ? kasan_atomics_helper+0x1079/0x5450 [ 15.119031] kasan_report+0x141/0x180 [ 15.119054] ? kasan_atomics_helper+0x1079/0x5450 [ 15.119081] kasan_check_range+0x10c/0x1c0 [ 15.119105] __kasan_check_write+0x18/0x20 [ 15.119126] kasan_atomics_helper+0x1079/0x5450 [ 15.119156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.119179] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.119205] ? kasan_atomics+0x152/0x310 [ 15.119233] kasan_atomics+0x1dc/0x310 [ 15.119256] ? __pfx_kasan_atomics+0x10/0x10 [ 15.119278] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.119306] ? __pfx_read_tsc+0x10/0x10 [ 15.119328] ? ktime_get_ts64+0x86/0x230 [ 15.119353] kunit_try_run_case+0x1a5/0x480 [ 15.119379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.119402] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.119426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.119451] ? __kthread_parkme+0x82/0x180 [ 15.119472] ? preempt_count_sub+0x50/0x80 [ 15.119506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.119530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.119595] kthread+0x337/0x6f0 [ 15.119615] ? trace_preempt_on+0x20/0xc0 [ 15.119639] ? __pfx_kthread+0x10/0x10 [ 15.119660] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.119682] ? calculate_sigpending+0x7b/0xa0 [ 15.119708] ? __pfx_kthread+0x10/0x10 [ 15.119730] ret_from_fork+0x116/0x1d0 [ 15.119750] ? __pfx_kthread+0x10/0x10 [ 15.119771] ret_from_fork_asm+0x1a/0x30 [ 15.119803] </TASK> [ 15.119814] [ 15.130940] Allocated by task 283: [ 15.131374] kasan_save_stack+0x45/0x70 [ 15.131592] kasan_save_track+0x18/0x40 [ 15.131764] kasan_save_alloc_info+0x3b/0x50 [ 15.131948] __kasan_kmalloc+0xb7/0xc0 [ 15.132118] __kmalloc_cache_noprof+0x189/0x420 [ 15.132818] kasan_atomics+0x95/0x310 [ 15.133062] kunit_try_run_case+0x1a5/0x480 [ 15.133542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.133854] kthread+0x337/0x6f0 [ 15.134259] ret_from_fork+0x116/0x1d0 [ 15.134493] ret_from_fork_asm+0x1a/0x30 [ 15.134820] [ 15.134930] The buggy address belongs to the object at ffff8881039f9d00 [ 15.134930] which belongs to the cache kmalloc-64 of size 64 [ 15.135656] The buggy address is located 0 bytes to the right of [ 15.135656] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.136155] [ 15.136250] The buggy address belongs to the physical page: [ 15.136477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.136806] flags: 0x200000000000000(node=0|zone=2) [ 15.137016] page_type: f5(slab) [ 15.137166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.137447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.138403] page dumped because: kasan: bad access detected [ 15.138911] [ 15.139147] Memory state around the buggy address: [ 15.139646] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.140080] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.140587] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.141078] ^ [ 15.141418] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.141872] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.142142] ================================================================== [ 14.546662] ================================================================== [ 14.546988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.548010] Read of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 14.548516] [ 14.548864] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.548917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.548929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.548952] Call Trace: [ 14.548972] <TASK> [ 14.548990] dump_stack_lvl+0x73/0xb0 [ 14.549022] print_report+0xd1/0x610 [ 14.549045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.549251] ? kasan_atomics_helper+0x3df/0x5450 [ 14.549273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.549298] ? kasan_atomics_helper+0x3df/0x5450 [ 14.549321] kasan_report+0x141/0x180 [ 14.549343] ? kasan_atomics_helper+0x3df/0x5450 [ 14.549371] kasan_check_range+0x10c/0x1c0 [ 14.549396] __kasan_check_read+0x15/0x20 [ 14.549416] kasan_atomics_helper+0x3df/0x5450 [ 14.549439] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.549462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.549488] ? kasan_atomics+0x152/0x310 [ 14.549530] kasan_atomics+0x1dc/0x310 [ 14.549554] ? __pfx_kasan_atomics+0x10/0x10 [ 14.549577] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.549604] ? __pfx_read_tsc+0x10/0x10 [ 14.549626] ? ktime_get_ts64+0x86/0x230 [ 14.549651] kunit_try_run_case+0x1a5/0x480 [ 14.549676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.549700] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.549724] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.549748] ? __kthread_parkme+0x82/0x180 [ 14.549770] ? preempt_count_sub+0x50/0x80 [ 14.549795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.549820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.549844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.549869] kthread+0x337/0x6f0 [ 14.549889] ? trace_preempt_on+0x20/0xc0 [ 14.549913] ? __pfx_kthread+0x10/0x10 [ 14.549934] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.549956] ? calculate_sigpending+0x7b/0xa0 [ 14.549983] ? __pfx_kthread+0x10/0x10 [ 14.550005] ret_from_fork+0x116/0x1d0 [ 14.550025] ? __pfx_kthread+0x10/0x10 [ 14.550115] ret_from_fork_asm+0x1a/0x30 [ 14.550151] </TASK> [ 14.550163] [ 14.562848] Allocated by task 283: [ 14.563051] kasan_save_stack+0x45/0x70 [ 14.563600] kasan_save_track+0x18/0x40 [ 14.563895] kasan_save_alloc_info+0x3b/0x50 [ 14.564277] __kasan_kmalloc+0xb7/0xc0 [ 14.564755] __kmalloc_cache_noprof+0x189/0x420 [ 14.564965] kasan_atomics+0x95/0x310 [ 14.565122] kunit_try_run_case+0x1a5/0x480 [ 14.565645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.565897] kthread+0x337/0x6f0 [ 14.566266] ret_from_fork+0x116/0x1d0 [ 14.566558] ret_from_fork_asm+0x1a/0x30 [ 14.566758] [ 14.566850] The buggy address belongs to the object at ffff8881039f9d00 [ 14.566850] which belongs to the cache kmalloc-64 of size 64 [ 14.567752] The buggy address is located 0 bytes to the right of [ 14.567752] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 14.568626] [ 14.568918] The buggy address belongs to the physical page: [ 14.569394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 14.569889] flags: 0x200000000000000(node=0|zone=2) [ 14.570332] page_type: f5(slab) [ 14.570519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.570951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.571404] page dumped because: kasan: bad access detected [ 14.571729] [ 14.571831] Memory state around the buggy address: [ 14.572421] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.572765] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.573313] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.573808] ^ [ 14.574139] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.574672] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575168] ================================================================== [ 15.247596] ================================================================== [ 15.247914] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.248286] Write of size 4 at addr ffff8881039f9d30 by task kunit_try_catch/283 [ 15.248601] [ 15.248718] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.248764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.248776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.248798] Call Trace: [ 15.248818] <TASK> [ 15.248836] dump_stack_lvl+0x73/0xb0 [ 15.248864] print_report+0xd1/0x610 [ 15.248887] ? __virt_addr_valid+0x1db/0x2d0 [ 15.248911] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.248933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.248956] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.248978] kasan_report+0x141/0x180 [ 15.249001] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.249029] kasan_check_range+0x10c/0x1c0 [ 15.249053] __kasan_check_write+0x18/0x20 [ 15.249072] kasan_atomics_helper+0x12e6/0x5450 [ 15.249095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.249118] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.249165] ? kasan_atomics+0x152/0x310 [ 15.249193] kasan_atomics+0x1dc/0x310 [ 15.249216] ? __pfx_kasan_atomics+0x10/0x10 [ 15.249239] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 15.249266] ? __pfx_read_tsc+0x10/0x10 [ 15.249288] ? ktime_get_ts64+0x86/0x230 [ 15.249313] kunit_try_run_case+0x1a5/0x480 [ 15.249339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249362] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.249386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.249411] ? __kthread_parkme+0x82/0x180 [ 15.249432] ? preempt_count_sub+0x50/0x80 [ 15.249457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.249539] kthread+0x337/0x6f0 [ 15.249559] ? trace_preempt_on+0x20/0xc0 [ 15.249584] ? __pfx_kthread+0x10/0x10 [ 15.249606] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.249628] ? calculate_sigpending+0x7b/0xa0 [ 15.249653] ? __pfx_kthread+0x10/0x10 [ 15.249675] ret_from_fork+0x116/0x1d0 [ 15.249695] ? __pfx_kthread+0x10/0x10 [ 15.249716] ret_from_fork_asm+0x1a/0x30 [ 15.249747] </TASK> [ 15.249758] [ 15.256955] Allocated by task 283: [ 15.257133] kasan_save_stack+0x45/0x70 [ 15.257350] kasan_save_track+0x18/0x40 [ 15.257551] kasan_save_alloc_info+0x3b/0x50 [ 15.257764] __kasan_kmalloc+0xb7/0xc0 [ 15.257948] __kmalloc_cache_noprof+0x189/0x420 [ 15.258190] kasan_atomics+0x95/0x310 [ 15.258383] kunit_try_run_case+0x1a5/0x480 [ 15.258596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.258811] kthread+0x337/0x6f0 [ 15.258932] ret_from_fork+0x116/0x1d0 [ 15.259104] ret_from_fork_asm+0x1a/0x30 [ 15.259321] [ 15.259418] The buggy address belongs to the object at ffff8881039f9d00 [ 15.259418] which belongs to the cache kmalloc-64 of size 64 [ 15.259928] The buggy address is located 0 bytes to the right of [ 15.259928] allocated 48-byte region [ffff8881039f9d00, ffff8881039f9d30) [ 15.260411] [ 15.260514] The buggy address belongs to the physical page: [ 15.260698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f9 [ 15.260948] flags: 0x200000000000000(node=0|zone=2) [ 15.261116] page_type: f5(slab) [ 15.261265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.261534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.261867] page dumped because: kasan: bad access detected [ 15.262115] [ 15.262240] Memory state around the buggy address: [ 15.262460] ffff8881039f9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.262781] ffff8881039f9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263094] >ffff8881039f9d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.263426] ^ [ 15.263589] ffff8881039f9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263807] ffff8881039f9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.331197] ================================================================== [ 14.331511] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.331843] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.332402] [ 14.332527] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.332571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.332582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.332603] Call Trace: [ 14.332620] <TASK> [ 14.332634] dump_stack_lvl+0x73/0xb0 [ 14.332662] print_report+0xd1/0x610 [ 14.332683] ? __virt_addr_valid+0x1db/0x2d0 [ 14.332704] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.332732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.332755] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.332783] kasan_report+0x141/0x180 [ 14.332803] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.332836] kasan_check_range+0x10c/0x1c0 [ 14.332859] __kasan_check_write+0x18/0x20 [ 14.332878] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.332906] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.332934] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.332957] ? trace_hardirqs_on+0x37/0xe0 [ 14.332979] ? kasan_bitops_generic+0x92/0x1c0 [ 14.333006] kasan_bitops_generic+0x121/0x1c0 [ 14.333029] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.333053] ? __pfx_read_tsc+0x10/0x10 [ 14.333074] ? ktime_get_ts64+0x86/0x230 [ 14.333097] kunit_try_run_case+0x1a5/0x480 [ 14.333466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.333508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.333533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.333557] ? __kthread_parkme+0x82/0x180 [ 14.333577] ? preempt_count_sub+0x50/0x80 [ 14.333601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.333625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.333649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.333673] kthread+0x337/0x6f0 [ 14.333691] ? trace_preempt_on+0x20/0xc0 [ 14.333713] ? __pfx_kthread+0x10/0x10 [ 14.333733] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.333754] ? calculate_sigpending+0x7b/0xa0 [ 14.333778] ? __pfx_kthread+0x10/0x10 [ 14.333798] ret_from_fork+0x116/0x1d0 [ 14.333817] ? __pfx_kthread+0x10/0x10 [ 14.333837] ret_from_fork_asm+0x1a/0x30 [ 14.333867] </TASK> [ 14.333877] [ 14.345593] Allocated by task 279: [ 14.345969] kasan_save_stack+0x45/0x70 [ 14.346325] kasan_save_track+0x18/0x40 [ 14.346670] kasan_save_alloc_info+0x3b/0x50 [ 14.346868] __kasan_kmalloc+0xb7/0xc0 [ 14.347036] __kmalloc_cache_noprof+0x189/0x420 [ 14.347457] kasan_bitops_generic+0x92/0x1c0 [ 14.347867] kunit_try_run_case+0x1a5/0x480 [ 14.348196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348601] kthread+0x337/0x6f0 [ 14.348761] ret_from_fork+0x116/0x1d0 [ 14.348927] ret_from_fork_asm+0x1a/0x30 [ 14.349095] [ 14.349483] The buggy address belongs to the object at ffff888101642a40 [ 14.349483] which belongs to the cache kmalloc-16 of size 16 [ 14.350239] The buggy address is located 8 bytes inside of [ 14.350239] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.350906] [ 14.351002] The buggy address belongs to the physical page: [ 14.351542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.351955] flags: 0x200000000000000(node=0|zone=2) [ 14.352323] page_type: f5(slab) [ 14.352662] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.352955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.353435] page dumped because: kasan: bad access detected [ 14.353872] [ 14.354132] Memory state around the buggy address: [ 14.354450] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.354755] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.355020] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.355718] ^ [ 14.356006] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.356607] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.357102] ================================================================== [ 14.377584] ================================================================== [ 14.377930] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.378386] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.378668] [ 14.378755] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.378799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.378811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.378832] Call Trace: [ 14.378844] <TASK> [ 14.378860] dump_stack_lvl+0x73/0xb0 [ 14.378888] print_report+0xd1/0x610 [ 14.378909] ? __virt_addr_valid+0x1db/0x2d0 [ 14.378931] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.378958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.378981] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.379008] kasan_report+0x141/0x180 [ 14.379029] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.379063] kasan_check_range+0x10c/0x1c0 [ 14.379086] __kasan_check_write+0x18/0x20 [ 14.379104] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.379132] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.379161] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.379184] ? trace_hardirqs_on+0x37/0xe0 [ 14.379206] ? kasan_bitops_generic+0x92/0x1c0 [ 14.379232] kasan_bitops_generic+0x121/0x1c0 [ 14.379255] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.379279] ? __pfx_read_tsc+0x10/0x10 [ 14.379299] ? ktime_get_ts64+0x86/0x230 [ 14.379322] kunit_try_run_case+0x1a5/0x480 [ 14.379346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.379368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.379391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.379414] ? __kthread_parkme+0x82/0x180 [ 14.379434] ? preempt_count_sub+0x50/0x80 [ 14.379458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.379481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.379516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.379540] kthread+0x337/0x6f0 [ 14.379559] ? trace_preempt_on+0x20/0xc0 [ 14.379580] ? __pfx_kthread+0x10/0x10 [ 14.379599] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.379620] ? calculate_sigpending+0x7b/0xa0 [ 14.379645] ? __pfx_kthread+0x10/0x10 [ 14.379665] ret_from_fork+0x116/0x1d0 [ 14.379684] ? __pfx_kthread+0x10/0x10 [ 14.379703] ret_from_fork_asm+0x1a/0x30 [ 14.379733] </TASK> [ 14.379743] [ 14.387914] Allocated by task 279: [ 14.388079] kasan_save_stack+0x45/0x70 [ 14.388343] kasan_save_track+0x18/0x40 [ 14.388542] kasan_save_alloc_info+0x3b/0x50 [ 14.388709] __kasan_kmalloc+0xb7/0xc0 [ 14.388895] __kmalloc_cache_noprof+0x189/0x420 [ 14.389090] kasan_bitops_generic+0x92/0x1c0 [ 14.389244] kunit_try_run_case+0x1a5/0x480 [ 14.389390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.389576] kthread+0x337/0x6f0 [ 14.389697] ret_from_fork+0x116/0x1d0 [ 14.389828] ret_from_fork_asm+0x1a/0x30 [ 14.389967] [ 14.390037] The buggy address belongs to the object at ffff888101642a40 [ 14.390037] which belongs to the cache kmalloc-16 of size 16 [ 14.390400] The buggy address is located 8 bytes inside of [ 14.390400] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.390928] [ 14.391127] The buggy address belongs to the physical page: [ 14.391594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.391947] flags: 0x200000000000000(node=0|zone=2) [ 14.392175] page_type: f5(slab) [ 14.392318] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.392560] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.392788] page dumped because: kasan: bad access detected [ 14.392959] [ 14.393026] Memory state around the buggy address: [ 14.393180] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.393397] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.393978] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.394467] ^ [ 14.394730] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.395045] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.395649] ================================================================== [ 14.264962] ================================================================== [ 14.265385] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.265773] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.266255] [ 14.266372] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.266418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.266429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.266451] Call Trace: [ 14.266471] <TASK> [ 14.266490] dump_stack_lvl+0x73/0xb0 [ 14.266534] print_report+0xd1/0x610 [ 14.266555] ? __virt_addr_valid+0x1db/0x2d0 [ 14.266578] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.266606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.266629] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.266657] kasan_report+0x141/0x180 [ 14.266678] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.266711] kasan_check_range+0x10c/0x1c0 [ 14.266734] __kasan_check_write+0x18/0x20 [ 14.266753] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.266781] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.266810] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.266834] ? trace_hardirqs_on+0x37/0xe0 [ 14.266857] ? kasan_bitops_generic+0x92/0x1c0 [ 14.266884] kasan_bitops_generic+0x121/0x1c0 [ 14.266907] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.266932] ? __pfx_read_tsc+0x10/0x10 [ 14.266952] ? ktime_get_ts64+0x86/0x230 [ 14.266976] kunit_try_run_case+0x1a5/0x480 [ 14.267000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.267110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.267135] ? __kthread_parkme+0x82/0x180 [ 14.267156] ? preempt_count_sub+0x50/0x80 [ 14.267179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.267251] kthread+0x337/0x6f0 [ 14.267270] ? trace_preempt_on+0x20/0xc0 [ 14.267291] ? __pfx_kthread+0x10/0x10 [ 14.267311] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.267332] ? calculate_sigpending+0x7b/0xa0 [ 14.267356] ? __pfx_kthread+0x10/0x10 [ 14.267376] ret_from_fork+0x116/0x1d0 [ 14.267395] ? __pfx_kthread+0x10/0x10 [ 14.267415] ret_from_fork_asm+0x1a/0x30 [ 14.267446] </TASK> [ 14.267456] [ 14.275567] Allocated by task 279: [ 14.275749] kasan_save_stack+0x45/0x70 [ 14.275953] kasan_save_track+0x18/0x40 [ 14.276142] kasan_save_alloc_info+0x3b/0x50 [ 14.276350] __kasan_kmalloc+0xb7/0xc0 [ 14.276549] __kmalloc_cache_noprof+0x189/0x420 [ 14.277164] kasan_bitops_generic+0x92/0x1c0 [ 14.277599] kunit_try_run_case+0x1a5/0x480 [ 14.277808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.278072] kthread+0x337/0x6f0 [ 14.278302] ret_from_fork+0x116/0x1d0 [ 14.278575] ret_from_fork_asm+0x1a/0x30 [ 14.278775] [ 14.278872] The buggy address belongs to the object at ffff888101642a40 [ 14.278872] which belongs to the cache kmalloc-16 of size 16 [ 14.279486] The buggy address is located 8 bytes inside of [ 14.279486] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.279928] [ 14.280027] The buggy address belongs to the physical page: [ 14.280701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.281177] flags: 0x200000000000000(node=0|zone=2) [ 14.281352] page_type: f5(slab) [ 14.281474] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.281716] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.281936] page dumped because: kasan: bad access detected [ 14.282101] [ 14.282168] Memory state around the buggy address: [ 14.283856] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.284525] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.285413] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.285828] ^ [ 14.286265] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.286693] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.287185] ================================================================== [ 14.401443] ================================================================== [ 14.401787] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.402153] Read of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.402489] [ 14.402615] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.402661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.402672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.402694] Call Trace: [ 14.402707] <TASK> [ 14.402724] dump_stack_lvl+0x73/0xb0 [ 14.402751] print_report+0xd1/0x610 [ 14.402772] ? __virt_addr_valid+0x1db/0x2d0 [ 14.402796] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.402824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.402846] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.402874] kasan_report+0x141/0x180 [ 14.402894] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.402927] kasan_check_range+0x10c/0x1c0 [ 14.402949] __kasan_check_read+0x15/0x20 [ 14.402968] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.402995] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.403024] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.403047] ? trace_hardirqs_on+0x37/0xe0 [ 14.403069] ? kasan_bitops_generic+0x92/0x1c0 [ 14.403096] kasan_bitops_generic+0x121/0x1c0 [ 14.403118] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.403144] ? __pfx_read_tsc+0x10/0x10 [ 14.403164] ? ktime_get_ts64+0x86/0x230 [ 14.403188] kunit_try_run_case+0x1a5/0x480 [ 14.403211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.403233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.403257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.403291] ? __kthread_parkme+0x82/0x180 [ 14.403311] ? preempt_count_sub+0x50/0x80 [ 14.403335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.403359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.403383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.403407] kthread+0x337/0x6f0 [ 14.403425] ? trace_preempt_on+0x20/0xc0 [ 14.403447] ? __pfx_kthread+0x10/0x10 [ 14.403467] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.403488] ? calculate_sigpending+0x7b/0xa0 [ 14.403524] ? __pfx_kthread+0x10/0x10 [ 14.403544] ret_from_fork+0x116/0x1d0 [ 14.403563] ? __pfx_kthread+0x10/0x10 [ 14.403582] ret_from_fork_asm+0x1a/0x30 [ 14.403612] </TASK> [ 14.403623] [ 14.413478] Allocated by task 279: [ 14.413737] kasan_save_stack+0x45/0x70 [ 14.414165] kasan_save_track+0x18/0x40 [ 14.414393] kasan_save_alloc_info+0x3b/0x50 [ 14.414604] __kasan_kmalloc+0xb7/0xc0 [ 14.414778] __kmalloc_cache_noprof+0x189/0x420 [ 14.414973] kasan_bitops_generic+0x92/0x1c0 [ 14.415156] kunit_try_run_case+0x1a5/0x480 [ 14.415338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.415896] kthread+0x337/0x6f0 [ 14.416216] ret_from_fork+0x116/0x1d0 [ 14.416572] ret_from_fork_asm+0x1a/0x30 [ 14.416904] [ 14.417132] The buggy address belongs to the object at ffff888101642a40 [ 14.417132] which belongs to the cache kmalloc-16 of size 16 [ 14.417901] The buggy address is located 8 bytes inside of [ 14.417901] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.418880] [ 14.419112] The buggy address belongs to the physical page: [ 14.419703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.420142] flags: 0x200000000000000(node=0|zone=2) [ 14.420514] page_type: f5(slab) [ 14.420682] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.420987] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.421686] page dumped because: kasan: bad access detected [ 14.421986] [ 14.422228] Memory state around the buggy address: [ 14.422696] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.423175] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.423468] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.423709] ^ [ 14.423969] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.424216] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.424580] ================================================================== [ 14.288312] ================================================================== [ 14.288663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.289431] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.289746] [ 14.289863] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.289909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.289921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.289942] Call Trace: [ 14.289961] <TASK> [ 14.289979] dump_stack_lvl+0x73/0xb0 [ 14.290010] print_report+0xd1/0x610 [ 14.290033] ? __virt_addr_valid+0x1db/0x2d0 [ 14.290055] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.290083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.290105] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.290134] kasan_report+0x141/0x180 [ 14.290154] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.290187] kasan_check_range+0x10c/0x1c0 [ 14.290216] __kasan_check_write+0x18/0x20 [ 14.290235] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.290263] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.290291] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.290316] ? trace_hardirqs_on+0x37/0xe0 [ 14.290338] ? kasan_bitops_generic+0x92/0x1c0 [ 14.290365] kasan_bitops_generic+0x121/0x1c0 [ 14.290388] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.290413] ? __pfx_read_tsc+0x10/0x10 [ 14.290433] ? ktime_get_ts64+0x86/0x230 [ 14.290457] kunit_try_run_case+0x1a5/0x480 [ 14.290480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.290513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.290538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.290562] ? __kthread_parkme+0x82/0x180 [ 14.290583] ? preempt_count_sub+0x50/0x80 [ 14.290608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.290631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.290656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.290682] kthread+0x337/0x6f0 [ 14.290702] ? trace_preempt_on+0x20/0xc0 [ 14.290724] ? __pfx_kthread+0x10/0x10 [ 14.290744] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.290764] ? calculate_sigpending+0x7b/0xa0 [ 14.290789] ? __pfx_kthread+0x10/0x10 [ 14.290811] ret_from_fork+0x116/0x1d0 [ 14.290829] ? __pfx_kthread+0x10/0x10 [ 14.290849] ret_from_fork_asm+0x1a/0x30 [ 14.290879] </TASK> [ 14.290889] [ 14.302866] Allocated by task 279: [ 14.303021] kasan_save_stack+0x45/0x70 [ 14.303250] kasan_save_track+0x18/0x40 [ 14.303533] kasan_save_alloc_info+0x3b/0x50 [ 14.303681] __kasan_kmalloc+0xb7/0xc0 [ 14.303888] __kmalloc_cache_noprof+0x189/0x420 [ 14.304151] kasan_bitops_generic+0x92/0x1c0 [ 14.304369] kunit_try_run_case+0x1a5/0x480 [ 14.304595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.304855] kthread+0x337/0x6f0 [ 14.305003] ret_from_fork+0x116/0x1d0 [ 14.305168] ret_from_fork_asm+0x1a/0x30 [ 14.305311] [ 14.305382] The buggy address belongs to the object at ffff888101642a40 [ 14.305382] which belongs to the cache kmalloc-16 of size 16 [ 14.305880] The buggy address is located 8 bytes inside of [ 14.305880] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.306585] [ 14.306693] The buggy address belongs to the physical page: [ 14.306952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.307490] flags: 0x200000000000000(node=0|zone=2) [ 14.307690] page_type: f5(slab) [ 14.307814] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.308073] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.308477] page dumped because: kasan: bad access detected [ 14.308784] [ 14.308877] Memory state around the buggy address: [ 14.309319] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.309619] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.309891] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.310395] ^ [ 14.310607] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.310929] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.311357] ================================================================== [ 14.311829] ================================================================== [ 14.312199] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.312568] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.312815] [ 14.312928] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.312973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.312983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.313005] Call Trace: [ 14.313026] <TASK> [ 14.313043] dump_stack_lvl+0x73/0xb0 [ 14.313071] print_report+0xd1/0x610 [ 14.313092] ? __virt_addr_valid+0x1db/0x2d0 [ 14.313114] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.313142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.313164] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.313191] kasan_report+0x141/0x180 [ 14.313213] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.313247] kasan_check_range+0x10c/0x1c0 [ 14.313270] __kasan_check_write+0x18/0x20 [ 14.313288] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.313317] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.313345] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.313369] ? trace_hardirqs_on+0x37/0xe0 [ 14.313392] ? kasan_bitops_generic+0x92/0x1c0 [ 14.313418] kasan_bitops_generic+0x121/0x1c0 [ 14.313441] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.313466] ? __pfx_read_tsc+0x10/0x10 [ 14.313487] ? ktime_get_ts64+0x86/0x230 [ 14.313520] kunit_try_run_case+0x1a5/0x480 [ 14.313544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.313565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.313590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.313612] ? __kthread_parkme+0x82/0x180 [ 14.313632] ? preempt_count_sub+0x50/0x80 [ 14.313656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.313679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.313704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.313726] kthread+0x337/0x6f0 [ 14.313745] ? trace_preempt_on+0x20/0xc0 [ 14.313766] ? __pfx_kthread+0x10/0x10 [ 14.313785] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.313806] ? calculate_sigpending+0x7b/0xa0 [ 14.313830] ? __pfx_kthread+0x10/0x10 [ 14.313851] ret_from_fork+0x116/0x1d0 [ 14.313870] ? __pfx_kthread+0x10/0x10 [ 14.313889] ret_from_fork_asm+0x1a/0x30 [ 14.313920] </TASK> [ 14.313929] [ 14.322764] Allocated by task 279: [ 14.322923] kasan_save_stack+0x45/0x70 [ 14.323225] kasan_save_track+0x18/0x40 [ 14.323388] kasan_save_alloc_info+0x3b/0x50 [ 14.323550] __kasan_kmalloc+0xb7/0xc0 [ 14.323705] __kmalloc_cache_noprof+0x189/0x420 [ 14.323924] kasan_bitops_generic+0x92/0x1c0 [ 14.324139] kunit_try_run_case+0x1a5/0x480 [ 14.324359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.324605] kthread+0x337/0x6f0 [ 14.324771] ret_from_fork+0x116/0x1d0 [ 14.324963] ret_from_fork_asm+0x1a/0x30 [ 14.325123] [ 14.325298] The buggy address belongs to the object at ffff888101642a40 [ 14.325298] which belongs to the cache kmalloc-16 of size 16 [ 14.325695] The buggy address is located 8 bytes inside of [ 14.325695] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.326050] [ 14.326143] The buggy address belongs to the physical page: [ 14.326398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.326974] flags: 0x200000000000000(node=0|zone=2) [ 14.327464] page_type: f5(slab) [ 14.327647] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.327984] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.328211] page dumped because: kasan: bad access detected [ 14.328537] [ 14.328631] Memory state around the buggy address: [ 14.328853] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.329231] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.329524] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.329829] ^ [ 14.330034] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.330396] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.330683] ================================================================== [ 14.358143] ================================================================== [ 14.358473] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.359189] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.359539] [ 14.359657] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.359703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.359715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.359736] Call Trace: [ 14.359755] <TASK> [ 14.359772] dump_stack_lvl+0x73/0xb0 [ 14.359801] print_report+0xd1/0x610 [ 14.359822] ? __virt_addr_valid+0x1db/0x2d0 [ 14.359844] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.359871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.359894] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.359922] kasan_report+0x141/0x180 [ 14.359943] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.359976] kasan_check_range+0x10c/0x1c0 [ 14.359998] __kasan_check_write+0x18/0x20 [ 14.360016] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.360044] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.360073] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.360096] ? trace_hardirqs_on+0x37/0xe0 [ 14.360119] ? kasan_bitops_generic+0x92/0x1c0 [ 14.360146] kasan_bitops_generic+0x121/0x1c0 [ 14.360183] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.360207] ? __pfx_read_tsc+0x10/0x10 [ 14.360228] ? ktime_get_ts64+0x86/0x230 [ 14.360251] kunit_try_run_case+0x1a5/0x480 [ 14.360274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.360298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.360321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.360346] ? __kthread_parkme+0x82/0x180 [ 14.360365] ? preempt_count_sub+0x50/0x80 [ 14.360388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.360412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.360435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.360459] kthread+0x337/0x6f0 [ 14.360478] ? trace_preempt_on+0x20/0xc0 [ 14.360509] ? __pfx_kthread+0x10/0x10 [ 14.360529] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.360550] ? calculate_sigpending+0x7b/0xa0 [ 14.360575] ? __pfx_kthread+0x10/0x10 [ 14.360595] ret_from_fork+0x116/0x1d0 [ 14.360613] ? __pfx_kthread+0x10/0x10 [ 14.360633] ret_from_fork_asm+0x1a/0x30 [ 14.360663] </TASK> [ 14.360673] [ 14.368800] Allocated by task 279: [ 14.368937] kasan_save_stack+0x45/0x70 [ 14.369135] kasan_save_track+0x18/0x40 [ 14.369329] kasan_save_alloc_info+0x3b/0x50 [ 14.369662] __kasan_kmalloc+0xb7/0xc0 [ 14.369850] __kmalloc_cache_noprof+0x189/0x420 [ 14.370014] kasan_bitops_generic+0x92/0x1c0 [ 14.370163] kunit_try_run_case+0x1a5/0x480 [ 14.370312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.370629] kthread+0x337/0x6f0 [ 14.370798] ret_from_fork+0x116/0x1d0 [ 14.370988] ret_from_fork_asm+0x1a/0x30 [ 14.371186] [ 14.371283] The buggy address belongs to the object at ffff888101642a40 [ 14.371283] which belongs to the cache kmalloc-16 of size 16 [ 14.371811] The buggy address is located 8 bytes inside of [ 14.371811] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.372301] [ 14.372371] The buggy address belongs to the physical page: [ 14.372551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.372789] flags: 0x200000000000000(node=0|zone=2) [ 14.372951] page_type: f5(slab) [ 14.373072] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.373742] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.374070] page dumped because: kasan: bad access detected [ 14.374548] [ 14.374645] Memory state around the buggy address: [ 14.374866] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.375185] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.375459] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.375682] ^ [ 14.375855] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.376089] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.376718] ================================================================== [ 14.243786] ================================================================== [ 14.244072] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.244974] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.245574] [ 14.245687] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.245733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.245744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.245765] Call Trace: [ 14.245784] <TASK> [ 14.245802] dump_stack_lvl+0x73/0xb0 [ 14.245831] print_report+0xd1/0x610 [ 14.245853] ? __virt_addr_valid+0x1db/0x2d0 [ 14.245875] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.245903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.245925] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.245955] kasan_report+0x141/0x180 [ 14.245976] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.246009] kasan_check_range+0x10c/0x1c0 [ 14.246032] __kasan_check_write+0x18/0x20 [ 14.246122] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.246152] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.246203] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.246229] ? trace_hardirqs_on+0x37/0xe0 [ 14.246251] ? kasan_bitops_generic+0x92/0x1c0 [ 14.246277] kasan_bitops_generic+0x121/0x1c0 [ 14.246300] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.246325] ? __pfx_read_tsc+0x10/0x10 [ 14.246345] ? ktime_get_ts64+0x86/0x230 [ 14.246371] kunit_try_run_case+0x1a5/0x480 [ 14.246396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.246418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.246443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.246466] ? __kthread_parkme+0x82/0x180 [ 14.246486] ? preempt_count_sub+0x50/0x80 [ 14.246521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.246545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.246568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.246592] kthread+0x337/0x6f0 [ 14.246611] ? trace_preempt_on+0x20/0xc0 [ 14.246632] ? __pfx_kthread+0x10/0x10 [ 14.246652] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.246673] ? calculate_sigpending+0x7b/0xa0 [ 14.246697] ? __pfx_kthread+0x10/0x10 [ 14.246718] ret_from_fork+0x116/0x1d0 [ 14.246737] ? __pfx_kthread+0x10/0x10 [ 14.246756] ret_from_fork_asm+0x1a/0x30 [ 14.246787] </TASK> [ 14.246797] [ 14.255438] Allocated by task 279: [ 14.255636] kasan_save_stack+0x45/0x70 [ 14.255791] kasan_save_track+0x18/0x40 [ 14.255926] kasan_save_alloc_info+0x3b/0x50 [ 14.256075] __kasan_kmalloc+0xb7/0xc0 [ 14.256206] __kmalloc_cache_noprof+0x189/0x420 [ 14.256361] kasan_bitops_generic+0x92/0x1c0 [ 14.256520] kunit_try_run_case+0x1a5/0x480 [ 14.256666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.256840] kthread+0x337/0x6f0 [ 14.256960] ret_from_fork+0x116/0x1d0 [ 14.257092] ret_from_fork_asm+0x1a/0x30 [ 14.257233] [ 14.257303] The buggy address belongs to the object at ffff888101642a40 [ 14.257303] which belongs to the cache kmalloc-16 of size 16 [ 14.257850] The buggy address is located 8 bytes inside of [ 14.257850] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.258986] [ 14.259224] The buggy address belongs to the physical page: [ 14.259482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.259850] flags: 0x200000000000000(node=0|zone=2) [ 14.260137] page_type: f5(slab) [ 14.260323] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.260569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.260801] page dumped because: kasan: bad access detected [ 14.260972] [ 14.261040] Memory state around the buggy address: [ 14.262205] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.262565] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.262882] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.263455] ^ [ 14.263736] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264060] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264550] ================================================================== [ 14.427408] ================================================================== [ 14.427763] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.428178] Read of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.428760] [ 14.428858] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.428909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.428920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.428942] Call Trace: [ 14.428960] <TASK> [ 14.428977] dump_stack_lvl+0x73/0xb0 [ 14.429009] print_report+0xd1/0x610 [ 14.429030] ? __virt_addr_valid+0x1db/0x2d0 [ 14.429052] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.429080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.429103] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.429131] kasan_report+0x141/0x180 [ 14.429151] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.429184] __asan_report_load8_noabort+0x18/0x20 [ 14.429207] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.429235] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.429281] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.429305] ? trace_hardirqs_on+0x37/0xe0 [ 14.429328] ? kasan_bitops_generic+0x92/0x1c0 [ 14.429354] kasan_bitops_generic+0x121/0x1c0 [ 14.429377] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.429402] ? __pfx_read_tsc+0x10/0x10 [ 14.429422] ? ktime_get_ts64+0x86/0x230 [ 14.429446] kunit_try_run_case+0x1a5/0x480 [ 14.429470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.429528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.429551] ? __kthread_parkme+0x82/0x180 [ 14.429571] ? preempt_count_sub+0x50/0x80 [ 14.429595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.429642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.429665] kthread+0x337/0x6f0 [ 14.429683] ? trace_preempt_on+0x20/0xc0 [ 14.429705] ? __pfx_kthread+0x10/0x10 [ 14.429724] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.429745] ? calculate_sigpending+0x7b/0xa0 [ 14.429769] ? __pfx_kthread+0x10/0x10 [ 14.429789] ret_from_fork+0x116/0x1d0 [ 14.429807] ? __pfx_kthread+0x10/0x10 [ 14.429827] ret_from_fork_asm+0x1a/0x30 [ 14.429858] </TASK> [ 14.429867] [ 14.437870] Allocated by task 279: [ 14.438000] kasan_save_stack+0x45/0x70 [ 14.438254] kasan_save_track+0x18/0x40 [ 14.438447] kasan_save_alloc_info+0x3b/0x50 [ 14.438666] __kasan_kmalloc+0xb7/0xc0 [ 14.438853] __kmalloc_cache_noprof+0x189/0x420 [ 14.439037] kasan_bitops_generic+0x92/0x1c0 [ 14.439246] kunit_try_run_case+0x1a5/0x480 [ 14.439452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.439723] kthread+0x337/0x6f0 [ 14.439857] ret_from_fork+0x116/0x1d0 [ 14.439995] ret_from_fork_asm+0x1a/0x30 [ 14.440188] [ 14.440357] The buggy address belongs to the object at ffff888101642a40 [ 14.440357] which belongs to the cache kmalloc-16 of size 16 [ 14.440729] The buggy address is located 8 bytes inside of [ 14.440729] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.441080] [ 14.441164] The buggy address belongs to the physical page: [ 14.441419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.441775] flags: 0x200000000000000(node=0|zone=2) [ 14.442007] page_type: f5(slab) [ 14.442170] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.442656] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.442952] page dumped because: kasan: bad access detected [ 14.443122] [ 14.443188] Memory state around the buggy address: [ 14.443342] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.443995] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.444513] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.444778] ^ [ 14.445014] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445313] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445569] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.047550] ================================================================== [ 14.048007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.048396] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.048707] [ 14.048811] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.048860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.048871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.048894] Call Trace: [ 14.048906] <TASK> [ 14.048924] dump_stack_lvl+0x73/0xb0 [ 14.048953] print_report+0xd1/0x610 [ 14.048976] ? __virt_addr_valid+0x1db/0x2d0 [ 14.049000] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.049048] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049074] kasan_report+0x141/0x180 [ 14.049095] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049125] kasan_check_range+0x10c/0x1c0 [ 14.049148] __kasan_check_write+0x18/0x20 [ 14.049167] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049193] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.049221] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.049246] ? trace_hardirqs_on+0x37/0xe0 [ 14.049268] ? kasan_bitops_generic+0x92/0x1c0 [ 14.049296] kasan_bitops_generic+0x116/0x1c0 [ 14.049319] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.049345] ? __pfx_read_tsc+0x10/0x10 [ 14.049366] ? ktime_get_ts64+0x86/0x230 [ 14.049390] kunit_try_run_case+0x1a5/0x480 [ 14.049415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.049481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.049514] ? __kthread_parkme+0x82/0x180 [ 14.049536] ? preempt_count_sub+0x50/0x80 [ 14.049561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.049609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.049632] kthread+0x337/0x6f0 [ 14.049652] ? trace_preempt_on+0x20/0xc0 [ 14.049673] ? __pfx_kthread+0x10/0x10 [ 14.049692] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.049714] ? calculate_sigpending+0x7b/0xa0 [ 14.049739] ? __pfx_kthread+0x10/0x10 [ 14.049760] ret_from_fork+0x116/0x1d0 [ 14.049780] ? __pfx_kthread+0x10/0x10 [ 14.049800] ret_from_fork_asm+0x1a/0x30 [ 14.049831] </TASK> [ 14.049841] [ 14.060142] Allocated by task 279: [ 14.060411] kasan_save_stack+0x45/0x70 [ 14.061119] kasan_save_track+0x18/0x40 [ 14.061434] kasan_save_alloc_info+0x3b/0x50 [ 14.061667] __kasan_kmalloc+0xb7/0xc0 [ 14.062014] __kmalloc_cache_noprof+0x189/0x420 [ 14.062480] kasan_bitops_generic+0x92/0x1c0 [ 14.062779] kunit_try_run_case+0x1a5/0x480 [ 14.062941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.063215] kthread+0x337/0x6f0 [ 14.063646] ret_from_fork+0x116/0x1d0 [ 14.063832] ret_from_fork_asm+0x1a/0x30 [ 14.064000] [ 14.064095] The buggy address belongs to the object at ffff888101642a40 [ 14.064095] which belongs to the cache kmalloc-16 of size 16 [ 14.064981] The buggy address is located 8 bytes inside of [ 14.064981] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.065736] [ 14.065999] The buggy address belongs to the physical page: [ 14.066510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.066861] flags: 0x200000000000000(node=0|zone=2) [ 14.067359] page_type: f5(slab) [ 14.067545] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.067924] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.068390] page dumped because: kasan: bad access detected [ 14.068737] [ 14.068839] Memory state around the buggy address: [ 14.069028] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.069399] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.069740] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.069969] ^ [ 14.070509] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.070841] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.071414] ================================================================== [ 14.160173] ================================================================== [ 14.160639] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.161521] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.161844] [ 14.161950] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.161998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.162009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.162031] Call Trace: [ 14.162044] <TASK> [ 14.162064] dump_stack_lvl+0x73/0xb0 [ 14.162095] print_report+0xd1/0x610 [ 14.162118] ? __virt_addr_valid+0x1db/0x2d0 [ 14.162141] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.162199] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162225] kasan_report+0x141/0x180 [ 14.162248] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162278] kasan_check_range+0x10c/0x1c0 [ 14.162303] __kasan_check_write+0x18/0x20 [ 14.162323] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162349] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.162376] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.162401] ? trace_hardirqs_on+0x37/0xe0 [ 14.162699] ? kasan_bitops_generic+0x92/0x1c0 [ 14.162728] kasan_bitops_generic+0x116/0x1c0 [ 14.162752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.162778] ? __pfx_read_tsc+0x10/0x10 [ 14.162798] ? ktime_get_ts64+0x86/0x230 [ 14.162822] kunit_try_run_case+0x1a5/0x480 [ 14.162846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.162894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.162918] ? __kthread_parkme+0x82/0x180 [ 14.162939] ? preempt_count_sub+0x50/0x80 [ 14.162963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.163009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.163033] kthread+0x337/0x6f0 [ 14.163138] ? trace_preempt_on+0x20/0xc0 [ 14.163161] ? __pfx_kthread+0x10/0x10 [ 14.163181] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.163202] ? calculate_sigpending+0x7b/0xa0 [ 14.163226] ? __pfx_kthread+0x10/0x10 [ 14.163247] ret_from_fork+0x116/0x1d0 [ 14.163265] ? __pfx_kthread+0x10/0x10 [ 14.163285] ret_from_fork_asm+0x1a/0x30 [ 14.163315] </TASK> [ 14.163326] [ 14.172005] Allocated by task 279: [ 14.172346] kasan_save_stack+0x45/0x70 [ 14.172575] kasan_save_track+0x18/0x40 [ 14.172772] kasan_save_alloc_info+0x3b/0x50 [ 14.172961] __kasan_kmalloc+0xb7/0xc0 [ 14.173218] __kmalloc_cache_noprof+0x189/0x420 [ 14.173380] kasan_bitops_generic+0x92/0x1c0 [ 14.173543] kunit_try_run_case+0x1a5/0x480 [ 14.173691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.173896] kthread+0x337/0x6f0 [ 14.174060] ret_from_fork+0x116/0x1d0 [ 14.174253] ret_from_fork_asm+0x1a/0x30 [ 14.174447] [ 14.174549] The buggy address belongs to the object at ffff888101642a40 [ 14.174549] which belongs to the cache kmalloc-16 of size 16 [ 14.175554] The buggy address is located 8 bytes inside of [ 14.175554] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.176034] [ 14.176109] The buggy address belongs to the physical page: [ 14.176516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.176804] flags: 0x200000000000000(node=0|zone=2) [ 14.177042] page_type: f5(slab) [ 14.177375] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.177718] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.177978] page dumped because: kasan: bad access detected [ 14.178279] [ 14.178513] Memory state around the buggy address: [ 14.178725] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.178993] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.179617] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.179908] ^ [ 14.180121] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180341] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180677] ================================================================== [ 14.100972] ================================================================== [ 14.101442] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.102284] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.102827] [ 14.102942] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.102987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.102998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.103019] Call Trace: [ 14.103034] <TASK> [ 14.103047] dump_stack_lvl+0x73/0xb0 [ 14.103077] print_report+0xd1/0x610 [ 14.103099] ? __virt_addr_valid+0x1db/0x2d0 [ 14.103120] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.103465] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103493] kasan_report+0x141/0x180 [ 14.103532] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103563] kasan_check_range+0x10c/0x1c0 [ 14.103586] __kasan_check_write+0x18/0x20 [ 14.103604] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103630] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.103657] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.103680] ? trace_hardirqs_on+0x37/0xe0 [ 14.103703] ? kasan_bitops_generic+0x92/0x1c0 [ 14.103730] kasan_bitops_generic+0x116/0x1c0 [ 14.103752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.103777] ? __pfx_read_tsc+0x10/0x10 [ 14.103797] ? ktime_get_ts64+0x86/0x230 [ 14.103820] kunit_try_run_case+0x1a5/0x480 [ 14.103844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.103913] ? __kthread_parkme+0x82/0x180 [ 14.103932] ? preempt_count_sub+0x50/0x80 [ 14.103955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.104027] kthread+0x337/0x6f0 [ 14.104084] ? trace_preempt_on+0x20/0xc0 [ 14.104106] ? __pfx_kthread+0x10/0x10 [ 14.104126] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.104147] ? calculate_sigpending+0x7b/0xa0 [ 14.104171] ? __pfx_kthread+0x10/0x10 [ 14.104192] ret_from_fork+0x116/0x1d0 [ 14.104210] ? __pfx_kthread+0x10/0x10 [ 14.104230] ret_from_fork_asm+0x1a/0x30 [ 14.104260] </TASK> [ 14.104270] [ 14.117677] Allocated by task 279: [ 14.117858] kasan_save_stack+0x45/0x70 [ 14.118441] kasan_save_track+0x18/0x40 [ 14.118752] kasan_save_alloc_info+0x3b/0x50 [ 14.119235] __kasan_kmalloc+0xb7/0xc0 [ 14.119422] __kmalloc_cache_noprof+0x189/0x420 [ 14.119611] kasan_bitops_generic+0x92/0x1c0 [ 14.119836] kunit_try_run_case+0x1a5/0x480 [ 14.120043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120603] kthread+0x337/0x6f0 [ 14.120862] ret_from_fork+0x116/0x1d0 [ 14.121178] ret_from_fork_asm+0x1a/0x30 [ 14.121517] [ 14.121860] The buggy address belongs to the object at ffff888101642a40 [ 14.121860] which belongs to the cache kmalloc-16 of size 16 [ 14.122870] The buggy address is located 8 bytes inside of [ 14.122870] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.123768] [ 14.123974] The buggy address belongs to the physical page: [ 14.124343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.124828] flags: 0x200000000000000(node=0|zone=2) [ 14.125079] page_type: f5(slab) [ 14.125487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.125940] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.126648] page dumped because: kasan: bad access detected [ 14.126894] [ 14.126973] Memory state around the buggy address: [ 14.127547] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.127910] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.128366] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.128829] ^ [ 14.129081] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.129733] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.130386] ================================================================== [ 14.181401] ================================================================== [ 14.182136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.182574] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.182827] [ 14.182919] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.182965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.182977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.182999] Call Trace: [ 14.183012] <TASK> [ 14.183029] dump_stack_lvl+0x73/0xb0 [ 14.183058] print_report+0xd1/0x610 [ 14.183079] ? __virt_addr_valid+0x1db/0x2d0 [ 14.183102] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.183199] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183225] kasan_report+0x141/0x180 [ 14.183247] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183278] kasan_check_range+0x10c/0x1c0 [ 14.183302] __kasan_check_write+0x18/0x20 [ 14.183321] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183346] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.183374] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.183399] ? trace_hardirqs_on+0x37/0xe0 [ 14.183421] ? kasan_bitops_generic+0x92/0x1c0 [ 14.183447] kasan_bitops_generic+0x116/0x1c0 [ 14.183471] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.183507] ? __pfx_read_tsc+0x10/0x10 [ 14.183528] ? ktime_get_ts64+0x86/0x230 [ 14.183552] kunit_try_run_case+0x1a5/0x480 [ 14.183577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.183598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.183622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.183646] ? __kthread_parkme+0x82/0x180 [ 14.183665] ? preempt_count_sub+0x50/0x80 [ 14.183689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.183712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.183735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.183759] kthread+0x337/0x6f0 [ 14.183777] ? trace_preempt_on+0x20/0xc0 [ 14.183798] ? __pfx_kthread+0x10/0x10 [ 14.183817] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.183838] ? calculate_sigpending+0x7b/0xa0 [ 14.183863] ? __pfx_kthread+0x10/0x10 [ 14.183882] ret_from_fork+0x116/0x1d0 [ 14.183901] ? __pfx_kthread+0x10/0x10 [ 14.183921] ret_from_fork_asm+0x1a/0x30 [ 14.183952] </TASK> [ 14.183962] [ 14.192834] Allocated by task 279: [ 14.193019] kasan_save_stack+0x45/0x70 [ 14.193353] kasan_save_track+0x18/0x40 [ 14.193651] kasan_save_alloc_info+0x3b/0x50 [ 14.193916] __kasan_kmalloc+0xb7/0xc0 [ 14.194061] __kmalloc_cache_noprof+0x189/0x420 [ 14.194222] kasan_bitops_generic+0x92/0x1c0 [ 14.194370] kunit_try_run_case+0x1a5/0x480 [ 14.194634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.194895] kthread+0x337/0x6f0 [ 14.195101] ret_from_fork+0x116/0x1d0 [ 14.195725] ret_from_fork_asm+0x1a/0x30 [ 14.195943] [ 14.196040] The buggy address belongs to the object at ffff888101642a40 [ 14.196040] which belongs to the cache kmalloc-16 of size 16 [ 14.196651] The buggy address is located 8 bytes inside of [ 14.196651] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.197185] [ 14.197276] The buggy address belongs to the physical page: [ 14.197492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.197824] flags: 0x200000000000000(node=0|zone=2) [ 14.198094] page_type: f5(slab) [ 14.198260] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.198504] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.198836] page dumped because: kasan: bad access detected [ 14.199290] [ 14.199392] Memory state around the buggy address: [ 14.199605] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.199869] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.200330] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.200639] ^ [ 14.200853] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.201233] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.201528] ================================================================== [ 14.201948] ================================================================== [ 14.202575] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.202836] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.203059] [ 14.203143] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.203186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.203197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.203218] Call Trace: [ 14.203236] <TASK> [ 14.203250] dump_stack_lvl+0x73/0xb0 [ 14.203277] print_report+0xd1/0x610 [ 14.203299] ? __virt_addr_valid+0x1db/0x2d0 [ 14.203323] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.203371] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203396] kasan_report+0x141/0x180 [ 14.203418] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203449] kasan_check_range+0x10c/0x1c0 [ 14.203471] __kasan_check_write+0x18/0x20 [ 14.203490] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203528] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.203555] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.203578] ? trace_hardirqs_on+0x37/0xe0 [ 14.203600] ? kasan_bitops_generic+0x92/0x1c0 [ 14.203639] kasan_bitops_generic+0x116/0x1c0 [ 14.203662] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.203687] ? __pfx_read_tsc+0x10/0x10 [ 14.203707] ? ktime_get_ts64+0x86/0x230 [ 14.203731] kunit_try_run_case+0x1a5/0x480 [ 14.203756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.203802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.203825] ? __kthread_parkme+0x82/0x180 [ 14.203844] ? preempt_count_sub+0x50/0x80 [ 14.203868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.203914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.203938] kthread+0x337/0x6f0 [ 14.203957] ? trace_preempt_on+0x20/0xc0 [ 14.203978] ? __pfx_kthread+0x10/0x10 [ 14.203997] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.204018] ? calculate_sigpending+0x7b/0xa0 [ 14.204041] ? __pfx_kthread+0x10/0x10 [ 14.204062] ret_from_fork+0x116/0x1d0 [ 14.204080] ? __pfx_kthread+0x10/0x10 [ 14.204100] ret_from_fork_asm+0x1a/0x30 [ 14.204129] </TASK> [ 14.204138] [ 14.213320] Allocated by task 279: [ 14.213459] kasan_save_stack+0x45/0x70 [ 14.213672] kasan_save_track+0x18/0x40 [ 14.213989] kasan_save_alloc_info+0x3b/0x50 [ 14.214609] __kasan_kmalloc+0xb7/0xc0 [ 14.215015] __kmalloc_cache_noprof+0x189/0x420 [ 14.215428] kasan_bitops_generic+0x92/0x1c0 [ 14.215660] kunit_try_run_case+0x1a5/0x480 [ 14.215868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216259] kthread+0x337/0x6f0 [ 14.216393] ret_from_fork+0x116/0x1d0 [ 14.216540] ret_from_fork_asm+0x1a/0x30 [ 14.216681] [ 14.216756] The buggy address belongs to the object at ffff888101642a40 [ 14.216756] which belongs to the cache kmalloc-16 of size 16 [ 14.217632] The buggy address is located 8 bytes inside of [ 14.217632] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.218090] [ 14.218419] The buggy address belongs to the physical page: [ 14.218683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.218971] flags: 0x200000000000000(node=0|zone=2) [ 14.219312] page_type: f5(slab) [ 14.219487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.219802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.220144] page dumped because: kasan: bad access detected [ 14.220381] [ 14.220449] Memory state around the buggy address: [ 14.220684] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.220967] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.221347] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.221640] ^ [ 14.221815] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222030] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222250] ================================================================== [ 14.222685] ================================================================== [ 14.223033] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.223726] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.224521] [ 14.224643] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.224689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.224701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.224722] Call Trace: [ 14.224741] <TASK> [ 14.224758] dump_stack_lvl+0x73/0xb0 [ 14.224788] print_report+0xd1/0x610 [ 14.224809] ? __virt_addr_valid+0x1db/0x2d0 [ 14.224832] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.224879] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224905] kasan_report+0x141/0x180 [ 14.224926] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224956] kasan_check_range+0x10c/0x1c0 [ 14.224980] __kasan_check_write+0x18/0x20 [ 14.224998] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.225024] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.225062] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.225086] ? trace_hardirqs_on+0x37/0xe0 [ 14.225109] ? kasan_bitops_generic+0x92/0x1c0 [ 14.225136] kasan_bitops_generic+0x116/0x1c0 [ 14.225159] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.225184] ? __pfx_read_tsc+0x10/0x10 [ 14.225253] ? ktime_get_ts64+0x86/0x230 [ 14.225278] kunit_try_run_case+0x1a5/0x480 [ 14.225303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.225349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.225372] ? __kthread_parkme+0x82/0x180 [ 14.225393] ? preempt_count_sub+0x50/0x80 [ 14.225416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.225486] kthread+0x337/0x6f0 [ 14.225516] ? trace_preempt_on+0x20/0xc0 [ 14.225537] ? __pfx_kthread+0x10/0x10 [ 14.225557] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.225578] ? calculate_sigpending+0x7b/0xa0 [ 14.225602] ? __pfx_kthread+0x10/0x10 [ 14.225623] ret_from_fork+0x116/0x1d0 [ 14.225642] ? __pfx_kthread+0x10/0x10 [ 14.225661] ret_from_fork_asm+0x1a/0x30 [ 14.225692] </TASK> [ 14.225702] [ 14.234015] Allocated by task 279: [ 14.234146] kasan_save_stack+0x45/0x70 [ 14.234377] kasan_save_track+0x18/0x40 [ 14.234579] kasan_save_alloc_info+0x3b/0x50 [ 14.234793] __kasan_kmalloc+0xb7/0xc0 [ 14.234986] __kmalloc_cache_noprof+0x189/0x420 [ 14.235203] kasan_bitops_generic+0x92/0x1c0 [ 14.235465] kunit_try_run_case+0x1a5/0x480 [ 14.235635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.235826] kthread+0x337/0x6f0 [ 14.235993] ret_from_fork+0x116/0x1d0 [ 14.236179] ret_from_fork_asm+0x1a/0x30 [ 14.236377] [ 14.236462] The buggy address belongs to the object at ffff888101642a40 [ 14.236462] which belongs to the cache kmalloc-16 of size 16 [ 14.236829] The buggy address is located 8 bytes inside of [ 14.236829] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.237181] [ 14.237253] The buggy address belongs to the physical page: [ 14.237429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.238008] flags: 0x200000000000000(node=0|zone=2) [ 14.238613] page_type: f5(slab) [ 14.238809] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.239337] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.239941] page dumped because: kasan: bad access detected [ 14.240189] [ 14.240297] Memory state around the buggy address: [ 14.240525] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.240850] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.241655] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.241883] ^ [ 14.242101] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.242839] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.243298] ================================================================== [ 14.071934] ================================================================== [ 14.072425] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.072832] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.073149] [ 14.073265] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.073323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.073335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.073355] Call Trace: [ 14.073370] <TASK> [ 14.073385] dump_stack_lvl+0x73/0xb0 [ 14.073412] print_report+0xd1/0x610 [ 14.073434] ? __virt_addr_valid+0x1db/0x2d0 [ 14.073458] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.073520] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073548] kasan_report+0x141/0x180 [ 14.073571] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073604] kasan_check_range+0x10c/0x1c0 [ 14.073628] __kasan_check_write+0x18/0x20 [ 14.073648] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073673] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.073700] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.073727] ? trace_hardirqs_on+0x37/0xe0 [ 14.073749] ? kasan_bitops_generic+0x92/0x1c0 [ 14.073776] kasan_bitops_generic+0x116/0x1c0 [ 14.073800] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.073824] ? __pfx_read_tsc+0x10/0x10 [ 14.073844] ? ktime_get_ts64+0x86/0x230 [ 14.073868] kunit_try_run_case+0x1a5/0x480 [ 14.073893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.073915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.073939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.073963] ? __kthread_parkme+0x82/0x180 [ 14.073983] ? preempt_count_sub+0x50/0x80 [ 14.074007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.074031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.074054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.074078] kthread+0x337/0x6f0 [ 14.074096] ? trace_preempt_on+0x20/0xc0 [ 14.074119] ? __pfx_kthread+0x10/0x10 [ 14.074139] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.074250] ? calculate_sigpending+0x7b/0xa0 [ 14.074277] ? __pfx_kthread+0x10/0x10 [ 14.074297] ret_from_fork+0x116/0x1d0 [ 14.074317] ? __pfx_kthread+0x10/0x10 [ 14.074337] ret_from_fork_asm+0x1a/0x30 [ 14.074366] </TASK> [ 14.074376] [ 14.087165] Allocated by task 279: [ 14.087647] kasan_save_stack+0x45/0x70 [ 14.087964] kasan_save_track+0x18/0x40 [ 14.088369] kasan_save_alloc_info+0x3b/0x50 [ 14.088608] __kasan_kmalloc+0xb7/0xc0 [ 14.088788] __kmalloc_cache_noprof+0x189/0x420 [ 14.089005] kasan_bitops_generic+0x92/0x1c0 [ 14.089685] kunit_try_run_case+0x1a5/0x480 [ 14.089894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.090355] kthread+0x337/0x6f0 [ 14.090662] ret_from_fork+0x116/0x1d0 [ 14.090960] ret_from_fork_asm+0x1a/0x30 [ 14.091332] [ 14.091632] The buggy address belongs to the object at ffff888101642a40 [ 14.091632] which belongs to the cache kmalloc-16 of size 16 [ 14.092173] The buggy address is located 8 bytes inside of [ 14.092173] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.093006] [ 14.093111] The buggy address belongs to the physical page: [ 14.094053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.094645] flags: 0x200000000000000(node=0|zone=2) [ 14.094917] page_type: f5(slab) [ 14.095093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.095754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.096296] page dumped because: kasan: bad access detected [ 14.096638] [ 14.096715] Memory state around the buggy address: [ 14.097267] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.097586] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.097860] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.098577] ^ [ 14.098824] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.099334] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.099781] ================================================================== [ 14.130942] ================================================================== [ 14.131837] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.132583] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.132969] [ 14.133535] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.133589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.133601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.133624] Call Trace: [ 14.133646] <TASK> [ 14.133666] dump_stack_lvl+0x73/0xb0 [ 14.133699] print_report+0xd1/0x610 [ 14.133722] ? __virt_addr_valid+0x1db/0x2d0 [ 14.133745] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.133793] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133820] kasan_report+0x141/0x180 [ 14.133841] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133871] kasan_check_range+0x10c/0x1c0 [ 14.133894] __kasan_check_write+0x18/0x20 [ 14.133913] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133939] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.133965] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.133990] ? trace_hardirqs_on+0x37/0xe0 [ 14.134013] ? kasan_bitops_generic+0x92/0x1c0 [ 14.134040] kasan_bitops_generic+0x116/0x1c0 [ 14.134063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.134087] ? __pfx_read_tsc+0x10/0x10 [ 14.134107] ? ktime_get_ts64+0x86/0x230 [ 14.134131] kunit_try_run_case+0x1a5/0x480 [ 14.134155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.134177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.134208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.134243] ? __kthread_parkme+0x82/0x180 [ 14.134265] ? preempt_count_sub+0x50/0x80 [ 14.134293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.134318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.134341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.134366] kthread+0x337/0x6f0 [ 14.134384] ? trace_preempt_on+0x20/0xc0 [ 14.134405] ? __pfx_kthread+0x10/0x10 [ 14.134425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.134446] ? calculate_sigpending+0x7b/0xa0 [ 14.134470] ? __pfx_kthread+0x10/0x10 [ 14.134491] ret_from_fork+0x116/0x1d0 [ 14.134520] ? __pfx_kthread+0x10/0x10 [ 14.134540] ret_from_fork_asm+0x1a/0x30 [ 14.134570] </TASK> [ 14.134580] [ 14.146815] Allocated by task 279: [ 14.147315] kasan_save_stack+0x45/0x70 [ 14.147636] kasan_save_track+0x18/0x40 [ 14.147815] kasan_save_alloc_info+0x3b/0x50 [ 14.148026] __kasan_kmalloc+0xb7/0xc0 [ 14.148669] __kmalloc_cache_noprof+0x189/0x420 [ 14.148892] kasan_bitops_generic+0x92/0x1c0 [ 14.149062] kunit_try_run_case+0x1a5/0x480 [ 14.149534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.149935] kthread+0x337/0x6f0 [ 14.150321] ret_from_fork+0x116/0x1d0 [ 14.150593] ret_from_fork_asm+0x1a/0x30 [ 14.150786] [ 14.150872] The buggy address belongs to the object at ffff888101642a40 [ 14.150872] which belongs to the cache kmalloc-16 of size 16 [ 14.151663] The buggy address is located 8 bytes inside of [ 14.151663] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.152743] [ 14.152854] The buggy address belongs to the physical page: [ 14.153143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.153646] flags: 0x200000000000000(node=0|zone=2) [ 14.153888] page_type: f5(slab) [ 14.154036] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.154713] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.155162] page dumped because: kasan: bad access detected [ 14.155414] [ 14.155486] Memory state around the buggy address: [ 14.155713] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.156016] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.156832] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.157350] ^ [ 14.157618] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.157862] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.158212] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.022426] ================================================================== [ 14.022792] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.023007] Read of size 1 at addr ffff8881039fe2d0 by task kunit_try_catch/277 [ 14.023464] [ 14.023561] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.023605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.023617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.023638] Call Trace: [ 14.023650] <TASK> [ 14.023662] dump_stack_lvl+0x73/0xb0 [ 14.023689] print_report+0xd1/0x610 [ 14.023710] ? __virt_addr_valid+0x1db/0x2d0 [ 14.023732] ? strnlen+0x73/0x80 [ 14.023748] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.023771] ? strnlen+0x73/0x80 [ 14.023788] kasan_report+0x141/0x180 [ 14.023810] ? strnlen+0x73/0x80 [ 14.023831] __asan_report_load1_noabort+0x18/0x20 [ 14.023855] strnlen+0x73/0x80 [ 14.023874] kasan_strings+0x615/0xe80 [ 14.023892] ? trace_hardirqs_on+0x37/0xe0 [ 14.023915] ? __pfx_kasan_strings+0x10/0x10 [ 14.023935] ? finish_task_switch.isra.0+0x153/0x700 [ 14.023957] ? __switch_to+0x47/0xf50 [ 14.023981] ? __schedule+0x10cc/0x2b60 [ 14.024002] ? __pfx_read_tsc+0x10/0x10 [ 14.024023] ? ktime_get_ts64+0x86/0x230 [ 14.024046] kunit_try_run_case+0x1a5/0x480 [ 14.024069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.024115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.024138] ? __kthread_parkme+0x82/0x180 [ 14.024158] ? preempt_count_sub+0x50/0x80 [ 14.024182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.024254] kthread+0x337/0x6f0 [ 14.024272] ? trace_preempt_on+0x20/0xc0 [ 14.024294] ? __pfx_kthread+0x10/0x10 [ 14.024314] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.024335] ? calculate_sigpending+0x7b/0xa0 [ 14.024359] ? __pfx_kthread+0x10/0x10 [ 14.024379] ret_from_fork+0x116/0x1d0 [ 14.024397] ? __pfx_kthread+0x10/0x10 [ 14.024417] ret_from_fork_asm+0x1a/0x30 [ 14.024446] </TASK> [ 14.024455] [ 14.031811] Allocated by task 277: [ 14.031974] kasan_save_stack+0x45/0x70 [ 14.032161] kasan_save_track+0x18/0x40 [ 14.032337] kasan_save_alloc_info+0x3b/0x50 [ 14.032486] __kasan_kmalloc+0xb7/0xc0 [ 14.032630] __kmalloc_cache_noprof+0x189/0x420 [ 14.032786] kasan_strings+0xc0/0xe80 [ 14.032916] kunit_try_run_case+0x1a5/0x480 [ 14.033062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.033239] kthread+0x337/0x6f0 [ 14.033358] ret_from_fork+0x116/0x1d0 [ 14.033491] ret_from_fork_asm+0x1a/0x30 [ 14.033694] [ 14.033789] Freed by task 277: [ 14.033944] kasan_save_stack+0x45/0x70 [ 14.034142] kasan_save_track+0x18/0x40 [ 14.034554] kasan_save_free_info+0x3f/0x60 [ 14.034761] __kasan_slab_free+0x56/0x70 [ 14.034953] kfree+0x222/0x3f0 [ 14.035117] kasan_strings+0x2aa/0xe80 [ 14.035419] kunit_try_run_case+0x1a5/0x480 [ 14.035575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.035749] kthread+0x337/0x6f0 [ 14.035866] ret_from_fork+0x116/0x1d0 [ 14.035997] ret_from_fork_asm+0x1a/0x30 [ 14.036133] [ 14.036203] The buggy address belongs to the object at ffff8881039fe2c0 [ 14.036203] which belongs to the cache kmalloc-32 of size 32 [ 14.036961] The buggy address is located 16 bytes inside of [ 14.036961] freed 32-byte region [ffff8881039fe2c0, ffff8881039fe2e0) [ 14.037924] [ 14.038020] The buggy address belongs to the physical page: [ 14.038415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039fe [ 14.038736] flags: 0x200000000000000(node=0|zone=2) [ 14.038901] page_type: f5(slab) [ 14.039026] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.039263] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.039491] page dumped because: kasan: bad access detected [ 14.039913] [ 14.040002] Memory state around the buggy address: [ 14.040222] ffff8881039fe180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.040547] ffff8881039fe200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.041135] >ffff8881039fe280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.041374] ^ [ 14.041564] ffff8881039fe300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.041782] ffff8881039fe380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.042101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.002139] ================================================================== [ 14.002452] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.002666] Read of size 1 at addr ffff8881039fe2d0 by task kunit_try_catch/277 [ 14.002988] [ 14.003304] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.003352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.003364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.003384] Call Trace: [ 14.003399] <TASK> [ 14.003414] dump_stack_lvl+0x73/0xb0 [ 14.003440] print_report+0xd1/0x610 [ 14.003461] ? __virt_addr_valid+0x1db/0x2d0 [ 14.003482] ? strlen+0x8f/0xb0 [ 14.003512] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.003534] ? strlen+0x8f/0xb0 [ 14.003552] kasan_report+0x141/0x180 [ 14.003573] ? strlen+0x8f/0xb0 [ 14.003594] __asan_report_load1_noabort+0x18/0x20 [ 14.003618] strlen+0x8f/0xb0 [ 14.003636] kasan_strings+0x57b/0xe80 [ 14.003655] ? trace_hardirqs_on+0x37/0xe0 [ 14.003677] ? __pfx_kasan_strings+0x10/0x10 [ 14.003696] ? finish_task_switch.isra.0+0x153/0x700 [ 14.003719] ? __switch_to+0x47/0xf50 [ 14.003744] ? __schedule+0x10cc/0x2b60 [ 14.003766] ? __pfx_read_tsc+0x10/0x10 [ 14.003788] ? ktime_get_ts64+0x86/0x230 [ 14.003812] kunit_try_run_case+0x1a5/0x480 [ 14.003836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.003858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.003881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.003905] ? __kthread_parkme+0x82/0x180 [ 14.003924] ? preempt_count_sub+0x50/0x80 [ 14.003947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.003970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.003994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.004018] kthread+0x337/0x6f0 [ 14.004036] ? trace_preempt_on+0x20/0xc0 [ 14.004217] ? __pfx_kthread+0x10/0x10 [ 14.004238] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.004259] ? calculate_sigpending+0x7b/0xa0 [ 14.004283] ? __pfx_kthread+0x10/0x10 [ 14.004304] ret_from_fork+0x116/0x1d0 [ 14.004322] ? __pfx_kthread+0x10/0x10 [ 14.004342] ret_from_fork_asm+0x1a/0x30 [ 14.004371] </TASK> [ 14.004380] [ 14.011754] Allocated by task 277: [ 14.011885] kasan_save_stack+0x45/0x70 [ 14.012031] kasan_save_track+0x18/0x40 [ 14.012168] kasan_save_alloc_info+0x3b/0x50 [ 14.012316] __kasan_kmalloc+0xb7/0xc0 [ 14.012449] __kmalloc_cache_noprof+0x189/0x420 [ 14.012670] kasan_strings+0xc0/0xe80 [ 14.012853] kunit_try_run_case+0x1a5/0x480 [ 14.013298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013556] kthread+0x337/0x6f0 [ 14.013720] ret_from_fork+0x116/0x1d0 [ 14.013904] ret_from_fork_asm+0x1a/0x30 [ 14.014095] [ 14.014181] Freed by task 277: [ 14.014345] kasan_save_stack+0x45/0x70 [ 14.014548] kasan_save_track+0x18/0x40 [ 14.014840] kasan_save_free_info+0x3f/0x60 [ 14.014987] __kasan_slab_free+0x56/0x70 [ 14.015137] kfree+0x222/0x3f0 [ 14.015299] kasan_strings+0x2aa/0xe80 [ 14.015491] kunit_try_run_case+0x1a5/0x480 [ 14.015705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.015959] kthread+0x337/0x6f0 [ 14.016132] ret_from_fork+0x116/0x1d0 [ 14.016309] ret_from_fork_asm+0x1a/0x30 [ 14.016515] [ 14.016602] The buggy address belongs to the object at ffff8881039fe2c0 [ 14.016602] which belongs to the cache kmalloc-32 of size 32 [ 14.017049] The buggy address is located 16 bytes inside of [ 14.017049] freed 32-byte region [ffff8881039fe2c0, ffff8881039fe2e0) [ 14.017546] [ 14.017643] The buggy address belongs to the physical page: [ 14.017864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039fe [ 14.018179] flags: 0x200000000000000(node=0|zone=2) [ 14.018380] page_type: f5(slab) [ 14.018551] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.018843] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.019143] page dumped because: kasan: bad access detected [ 14.019373] [ 14.019445] Memory state around the buggy address: [ 14.019646] ffff8881039fe180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.019865] ffff8881039fe200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.020082] >ffff8881039fe280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.020606] ^ [ 14.020868] ffff8881039fe300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.021180] ffff8881039fe380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.021504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.979826] ================================================================== [ 13.980075] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.980454] Read of size 1 at addr ffff8881039fe2d0 by task kunit_try_catch/277 [ 13.980716] [ 13.980831] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.980878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.980889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.980911] Call Trace: [ 13.980930] <TASK> [ 13.980947] dump_stack_lvl+0x73/0xb0 [ 13.980976] print_report+0xd1/0x610 [ 13.980999] ? __virt_addr_valid+0x1db/0x2d0 [ 13.981024] ? kasan_strings+0xcbc/0xe80 [ 13.981045] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.981068] ? kasan_strings+0xcbc/0xe80 [ 13.981088] kasan_report+0x141/0x180 [ 13.981110] ? kasan_strings+0xcbc/0xe80 [ 13.981135] __asan_report_load1_noabort+0x18/0x20 [ 13.981158] kasan_strings+0xcbc/0xe80 [ 13.981178] ? trace_hardirqs_on+0x37/0xe0 [ 13.981201] ? __pfx_kasan_strings+0x10/0x10 [ 13.981293] ? finish_task_switch.isra.0+0x153/0x700 [ 13.981317] ? __switch_to+0x47/0xf50 [ 13.981345] ? __schedule+0x10cc/0x2b60 [ 13.981368] ? __pfx_read_tsc+0x10/0x10 [ 13.981389] ? ktime_get_ts64+0x86/0x230 [ 13.981413] kunit_try_run_case+0x1a5/0x480 [ 13.981438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.981460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.981484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.981520] ? __kthread_parkme+0x82/0x180 [ 13.981541] ? preempt_count_sub+0x50/0x80 [ 13.981563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.981587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.981610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.981634] kthread+0x337/0x6f0 [ 13.981653] ? trace_preempt_on+0x20/0xc0 [ 13.981674] ? __pfx_kthread+0x10/0x10 [ 13.981694] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.981715] ? calculate_sigpending+0x7b/0xa0 [ 13.981739] ? __pfx_kthread+0x10/0x10 [ 13.981759] ret_from_fork+0x116/0x1d0 [ 13.981778] ? __pfx_kthread+0x10/0x10 [ 13.981797] ret_from_fork_asm+0x1a/0x30 [ 13.981827] </TASK> [ 13.981836] [ 13.990313] Allocated by task 277: [ 13.990504] kasan_save_stack+0x45/0x70 [ 13.990668] kasan_save_track+0x18/0x40 [ 13.990860] kasan_save_alloc_info+0x3b/0x50 [ 13.991037] __kasan_kmalloc+0xb7/0xc0 [ 13.991393] __kmalloc_cache_noprof+0x189/0x420 [ 13.991616] kasan_strings+0xc0/0xe80 [ 13.991804] kunit_try_run_case+0x1a5/0x480 [ 13.991981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.992271] kthread+0x337/0x6f0 [ 13.992446] ret_from_fork+0x116/0x1d0 [ 13.992615] ret_from_fork_asm+0x1a/0x30 [ 13.992782] [ 13.992874] Freed by task 277: [ 13.993033] kasan_save_stack+0x45/0x70 [ 13.993345] kasan_save_track+0x18/0x40 [ 13.993493] kasan_save_free_info+0x3f/0x60 [ 13.993654] __kasan_slab_free+0x56/0x70 [ 13.993792] kfree+0x222/0x3f0 [ 13.993915] kasan_strings+0x2aa/0xe80 [ 13.994047] kunit_try_run_case+0x1a5/0x480 [ 13.994190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994434] kthread+0x337/0x6f0 [ 13.994613] ret_from_fork+0x116/0x1d0 [ 13.995198] ret_from_fork_asm+0x1a/0x30 [ 13.995644] [ 13.995739] The buggy address belongs to the object at ffff8881039fe2c0 [ 13.995739] which belongs to the cache kmalloc-32 of size 32 [ 13.996096] The buggy address is located 16 bytes inside of [ 13.996096] freed 32-byte region [ffff8881039fe2c0, ffff8881039fe2e0) [ 13.996762] [ 13.996861] The buggy address belongs to the physical page: [ 13.997118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039fe [ 13.997477] flags: 0x200000000000000(node=0|zone=2) [ 13.997822] page_type: f5(slab) [ 13.997942] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.998175] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.998404] page dumped because: kasan: bad access detected [ 13.998885] [ 13.998981] Memory state around the buggy address: [ 13.999285] ffff8881039fe180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.999791] ffff8881039fe200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.000226] >ffff8881039fe280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.000445] ^ [ 14.000677] ffff8881039fe300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.001000] ffff8881039fe380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.001606] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.942094] ================================================================== [ 13.943167] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.943563] Read of size 1 at addr ffff8881039fe2d0 by task kunit_try_catch/277 [ 13.943913] [ 13.944041] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.944092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.944104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.944126] Call Trace: [ 13.944139] <TASK> [ 13.944157] dump_stack_lvl+0x73/0xb0 [ 13.944186] print_report+0xd1/0x610 [ 13.944211] ? __virt_addr_valid+0x1db/0x2d0 [ 13.944235] ? strcmp+0xb0/0xc0 [ 13.944251] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.944274] ? strcmp+0xb0/0xc0 [ 13.944291] kasan_report+0x141/0x180 [ 13.944312] ? strcmp+0xb0/0xc0 [ 13.944334] __asan_report_load1_noabort+0x18/0x20 [ 13.944358] strcmp+0xb0/0xc0 [ 13.944377] kasan_strings+0x431/0xe80 [ 13.944396] ? trace_hardirqs_on+0x37/0xe0 [ 13.944420] ? __pfx_kasan_strings+0x10/0x10 [ 13.944441] ? finish_task_switch.isra.0+0x153/0x700 [ 13.944464] ? __switch_to+0x47/0xf50 [ 13.944490] ? __schedule+0x10cc/0x2b60 [ 13.944526] ? __pfx_read_tsc+0x10/0x10 [ 13.944548] ? ktime_get_ts64+0x86/0x230 [ 13.944572] kunit_try_run_case+0x1a5/0x480 [ 13.944598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.944620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.944645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.944668] ? __kthread_parkme+0x82/0x180 [ 13.944689] ? preempt_count_sub+0x50/0x80 [ 13.944711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.944735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.944759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.944783] kthread+0x337/0x6f0 [ 13.944801] ? trace_preempt_on+0x20/0xc0 [ 13.944822] ? __pfx_kthread+0x10/0x10 [ 13.944841] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.944862] ? calculate_sigpending+0x7b/0xa0 [ 13.944886] ? __pfx_kthread+0x10/0x10 [ 13.944906] ret_from_fork+0x116/0x1d0 [ 13.944925] ? __pfx_kthread+0x10/0x10 [ 13.944944] ret_from_fork_asm+0x1a/0x30 [ 13.944975] </TASK> [ 13.944985] [ 13.958716] Allocated by task 277: [ 13.959276] kasan_save_stack+0x45/0x70 [ 13.959448] kasan_save_track+0x18/0x40 [ 13.959602] kasan_save_alloc_info+0x3b/0x50 [ 13.959754] __kasan_kmalloc+0xb7/0xc0 [ 13.959885] __kmalloc_cache_noprof+0x189/0x420 [ 13.960096] kasan_strings+0xc0/0xe80 [ 13.960457] kunit_try_run_case+0x1a5/0x480 [ 13.960838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961349] kthread+0x337/0x6f0 [ 13.961655] ret_from_fork+0x116/0x1d0 [ 13.961986] ret_from_fork_asm+0x1a/0x30 [ 13.962483] [ 13.962655] Freed by task 277: [ 13.962928] kasan_save_stack+0x45/0x70 [ 13.963444] kasan_save_track+0x18/0x40 [ 13.963814] kasan_save_free_info+0x3f/0x60 [ 13.964313] __kasan_slab_free+0x56/0x70 [ 13.964572] kfree+0x222/0x3f0 [ 13.964691] kasan_strings+0x2aa/0xe80 [ 13.964831] kunit_try_run_case+0x1a5/0x480 [ 13.964978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965462] kthread+0x337/0x6f0 [ 13.965790] ret_from_fork+0x116/0x1d0 [ 13.966316] ret_from_fork_asm+0x1a/0x30 [ 13.966906] [ 13.967430] The buggy address belongs to the object at ffff8881039fe2c0 [ 13.967430] which belongs to the cache kmalloc-32 of size 32 [ 13.968479] The buggy address is located 16 bytes inside of [ 13.968479] freed 32-byte region [ffff8881039fe2c0, ffff8881039fe2e0) [ 13.968852] [ 13.968929] The buggy address belongs to the physical page: [ 13.969108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039fe [ 13.970356] flags: 0x200000000000000(node=0|zone=2) [ 13.971089] page_type: f5(slab) [ 13.971556] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.972585] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.973545] page dumped because: kasan: bad access detected [ 13.974221] [ 13.974299] Memory state around the buggy address: [ 13.974461] ffff8881039fe180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.975179] ffff8881039fe200: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.976170] >ffff8881039fe280: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.977001] ^ [ 13.977828] ffff8881039fe300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.978317] ffff8881039fe380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.979134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.913264] ================================================================== [ 13.913757] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.914057] Read of size 1 at addr ffff8881039f8818 by task kunit_try_catch/275 [ 13.914438] [ 13.914579] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.914639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.914653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.914682] Call Trace: [ 13.914697] <TASK> [ 13.914717] dump_stack_lvl+0x73/0xb0 [ 13.914751] print_report+0xd1/0x610 [ 13.914779] ? __virt_addr_valid+0x1db/0x2d0 [ 13.914807] ? memcmp+0x1b4/0x1d0 [ 13.914827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.914856] ? memcmp+0x1b4/0x1d0 [ 13.914878] kasan_report+0x141/0x180 [ 13.914903] ? memcmp+0x1b4/0x1d0 [ 13.914931] __asan_report_load1_noabort+0x18/0x20 [ 13.914961] memcmp+0x1b4/0x1d0 [ 13.914985] kasan_memcmp+0x18f/0x390 [ 13.915009] ? trace_hardirqs_on+0x37/0xe0 [ 13.915038] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.915062] ? finish_task_switch.isra.0+0x153/0x700 [ 13.915091] ? __switch_to+0x47/0xf50 [ 13.915126] ? __pfx_read_tsc+0x10/0x10 [ 13.915151] ? ktime_get_ts64+0x86/0x230 [ 13.915200] kunit_try_run_case+0x1a5/0x480 [ 13.915231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.915258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.915288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.915317] ? __kthread_parkme+0x82/0x180 [ 13.915344] ? preempt_count_sub+0x50/0x80 [ 13.915374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.915403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.915432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.915463] kthread+0x337/0x6f0 [ 13.915485] ? trace_preempt_on+0x20/0xc0 [ 13.915522] ? __pfx_kthread+0x10/0x10 [ 13.915547] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.915572] ? calculate_sigpending+0x7b/0xa0 [ 13.915601] ? __pfx_kthread+0x10/0x10 [ 13.915627] ret_from_fork+0x116/0x1d0 [ 13.915651] ? __pfx_kthread+0x10/0x10 [ 13.915675] ret_from_fork_asm+0x1a/0x30 [ 13.915714] </TASK> [ 13.915727] [ 13.923517] Allocated by task 275: [ 13.923660] kasan_save_stack+0x45/0x70 [ 13.923832] kasan_save_track+0x18/0x40 [ 13.924034] kasan_save_alloc_info+0x3b/0x50 [ 13.924258] __kasan_kmalloc+0xb7/0xc0 [ 13.924459] __kmalloc_cache_noprof+0x189/0x420 [ 13.925152] kasan_memcmp+0xb7/0x390 [ 13.925312] kunit_try_run_case+0x1a5/0x480 [ 13.925639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.925918] kthread+0x337/0x6f0 [ 13.926207] ret_from_fork+0x116/0x1d0 [ 13.926390] ret_from_fork_asm+0x1a/0x30 [ 13.926556] [ 13.926637] The buggy address belongs to the object at ffff8881039f8800 [ 13.926637] which belongs to the cache kmalloc-32 of size 32 [ 13.927032] The buggy address is located 0 bytes to the right of [ 13.927032] allocated 24-byte region [ffff8881039f8800, ffff8881039f8818) [ 13.927948] [ 13.928070] The buggy address belongs to the physical page: [ 13.928647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.928921] flags: 0x200000000000000(node=0|zone=2) [ 13.929377] page_type: f5(slab) [ 13.929587] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.929941] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.930353] page dumped because: kasan: bad access detected [ 13.930584] [ 13.930685] Memory state around the buggy address: [ 13.930933] ffff8881039f8700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.931343] ffff8881039f8780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.931597] >ffff8881039f8800: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.931829] ^ [ 13.931984] ffff8881039f8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.932467] ffff8881039f8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.932836] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.883896] ================================================================== [ 13.884975] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.885605] Read of size 1 at addr ffff8881039dfc4a by task kunit_try_catch/271 [ 13.885928] [ 13.886036] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.886096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.886110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.886141] Call Trace: [ 13.886156] <TASK> [ 13.886176] dump_stack_lvl+0x73/0xb0 [ 13.886218] print_report+0xd1/0x610 [ 13.886245] ? __virt_addr_valid+0x1db/0x2d0 [ 13.886276] ? kasan_alloca_oob_right+0x329/0x390 [ 13.886302] ? kasan_addr_to_slab+0x11/0xa0 [ 13.886327] ? kasan_alloca_oob_right+0x329/0x390 [ 13.886356] kasan_report+0x141/0x180 [ 13.886382] ? kasan_alloca_oob_right+0x329/0x390 [ 13.886416] __asan_report_load1_noabort+0x18/0x20 [ 13.886447] kasan_alloca_oob_right+0x329/0x390 [ 13.886477] ? finish_task_switch.isra.0+0x153/0x700 [ 13.886517] ? __schedule+0x100e/0x2b60 [ 13.886543] ? trace_hardirqs_on+0x37/0xe0 [ 13.886575] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.886607] ? __schedule+0x10cc/0x2b60 [ 13.886633] ? __pfx_read_tsc+0x10/0x10 [ 13.886658] ? ktime_get_ts64+0x86/0x230 [ 13.886688] kunit_try_run_case+0x1a5/0x480 [ 13.886720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.886776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.886806] ? __kthread_parkme+0x82/0x180 [ 13.886832] ? preempt_count_sub+0x50/0x80 [ 13.886861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.886949] kthread+0x337/0x6f0 [ 13.886972] ? trace_preempt_on+0x20/0xc0 [ 13.886998] ? __pfx_kthread+0x10/0x10 [ 13.887022] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.887048] ? calculate_sigpending+0x7b/0xa0 [ 13.887077] ? __pfx_kthread+0x10/0x10 [ 13.887102] ret_from_fork+0x116/0x1d0 [ 13.887126] ? __pfx_kthread+0x10/0x10 [ 13.887150] ret_from_fork_asm+0x1a/0x30 [ 13.887386] </TASK> [ 13.887400] [ 13.895292] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.895654] [ 13.895760] The buggy address belongs to the physical page: [ 13.896030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039df [ 13.896792] flags: 0x200000000000000(node=0|zone=2) [ 13.897022] raw: 0200000000000000 ffffea00040e77c8 ffffea00040e77c8 0000000000000000 [ 13.897492] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.897900] page dumped because: kasan: bad access detected [ 13.898124] [ 13.898208] Memory state around the buggy address: [ 13.898381] ffff8881039dfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.898852] ffff8881039dfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.899233] >ffff8881039dfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.899577] ^ [ 13.899834] ffff8881039dfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.900335] ffff8881039dfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.900667] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.858356] ================================================================== [ 13.858871] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.859355] Read of size 1 at addr ffff888103a7fc3f by task kunit_try_catch/269 [ 13.860149] [ 13.860379] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.860433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.860444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.860467] Call Trace: [ 13.860480] <TASK> [ 13.860506] dump_stack_lvl+0x73/0xb0 [ 13.860539] print_report+0xd1/0x610 [ 13.860560] ? __virt_addr_valid+0x1db/0x2d0 [ 13.860584] ? kasan_alloca_oob_left+0x320/0x380 [ 13.860606] ? kasan_addr_to_slab+0x11/0xa0 [ 13.860627] ? kasan_alloca_oob_left+0x320/0x380 [ 13.860650] kasan_report+0x141/0x180 [ 13.860672] ? kasan_alloca_oob_left+0x320/0x380 [ 13.860698] __asan_report_load1_noabort+0x18/0x20 [ 13.860723] kasan_alloca_oob_left+0x320/0x380 [ 13.860747] ? finish_task_switch.isra.0+0x153/0x700 [ 13.860770] ? __schedule+0x100e/0x2b60 [ 13.860791] ? trace_hardirqs_on+0x37/0xe0 [ 13.860816] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.860841] ? __schedule+0x10cc/0x2b60 [ 13.860862] ? __pfx_read_tsc+0x10/0x10 [ 13.860882] ? ktime_get_ts64+0x86/0x230 [ 13.860906] kunit_try_run_case+0x1a5/0x480 [ 13.860931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.860954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.860978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.861002] ? __kthread_parkme+0x82/0x180 [ 13.861021] ? preempt_count_sub+0x50/0x80 [ 13.861182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.861212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.861237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.861261] kthread+0x337/0x6f0 [ 13.861280] ? trace_preempt_on+0x20/0xc0 [ 13.861301] ? __pfx_kthread+0x10/0x10 [ 13.861321] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.861342] ? calculate_sigpending+0x7b/0xa0 [ 13.861366] ? __pfx_kthread+0x10/0x10 [ 13.861387] ret_from_fork+0x116/0x1d0 [ 13.861406] ? __pfx_kthread+0x10/0x10 [ 13.861425] ret_from_fork_asm+0x1a/0x30 [ 13.861456] </TASK> [ 13.861467] [ 13.873084] The buggy address belongs to stack of task kunit_try_catch/269 [ 13.873687] [ 13.873812] The buggy address belongs to the physical page: [ 13.874302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a7f [ 13.874661] flags: 0x200000000000000(node=0|zone=2) [ 13.875002] raw: 0200000000000000 ffffea00040e9fc8 ffffea00040e9fc8 0000000000000000 [ 13.875676] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.876015] page dumped because: kasan: bad access detected [ 13.876744] [ 13.876844] Memory state around the buggy address: [ 13.877052] ffff888103a7fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.877649] ffff888103a7fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.877973] >ffff888103a7fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.878440] ^ [ 13.878694] ffff888103a7fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.879174] ffff888103a7fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.879578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.830279] ================================================================== [ 13.831412] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.831827] Read of size 1 at addr ffff8881039c7d02 by task kunit_try_catch/267 [ 13.832374] [ 13.832826] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.832879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.832891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.832914] Call Trace: [ 13.832927] <TASK> [ 13.832943] dump_stack_lvl+0x73/0xb0 [ 13.832973] print_report+0xd1/0x610 [ 13.832996] ? __virt_addr_valid+0x1db/0x2d0 [ 13.833019] ? kasan_stack_oob+0x2b5/0x300 [ 13.833038] ? kasan_addr_to_slab+0x11/0xa0 [ 13.833059] ? kasan_stack_oob+0x2b5/0x300 [ 13.833078] kasan_report+0x141/0x180 [ 13.833099] ? kasan_stack_oob+0x2b5/0x300 [ 13.833123] __asan_report_load1_noabort+0x18/0x20 [ 13.833147] kasan_stack_oob+0x2b5/0x300 [ 13.833218] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.833239] ? finish_task_switch.isra.0+0x153/0x700 [ 13.833263] ? __switch_to+0x47/0xf50 [ 13.833290] ? __schedule+0x10cc/0x2b60 [ 13.833312] ? __pfx_read_tsc+0x10/0x10 [ 13.833333] ? ktime_get_ts64+0x86/0x230 [ 13.833356] kunit_try_run_case+0x1a5/0x480 [ 13.833383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.833405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.833429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.833452] ? __kthread_parkme+0x82/0x180 [ 13.833473] ? preempt_count_sub+0x50/0x80 [ 13.833509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.833533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.833557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.833582] kthread+0x337/0x6f0 [ 13.833600] ? trace_preempt_on+0x20/0xc0 [ 13.833623] ? __pfx_kthread+0x10/0x10 [ 13.833643] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.833664] ? calculate_sigpending+0x7b/0xa0 [ 13.833689] ? __pfx_kthread+0x10/0x10 [ 13.833710] ret_from_fork+0x116/0x1d0 [ 13.833727] ? __pfx_kthread+0x10/0x10 [ 13.833747] ret_from_fork_asm+0x1a/0x30 [ 13.833777] </TASK> [ 13.833788] [ 13.845082] The buggy address belongs to stack of task kunit_try_catch/267 [ 13.845817] and is located at offset 138 in frame: [ 13.846228] kasan_stack_oob+0x0/0x300 [ 13.846847] [ 13.846971] This frame has 4 objects: [ 13.847469] [48, 49) '__assertion' [ 13.847516] [64, 72) 'array' [ 13.847688] [96, 112) '__assertion' [ 13.847831] [128, 138) 'stack_array' [ 13.848303] [ 13.848601] The buggy address belongs to the physical page: [ 13.848833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c7 [ 13.849532] flags: 0x200000000000000(node=0|zone=2) [ 13.849885] raw: 0200000000000000 ffffea00040e71c8 ffffea00040e71c8 0000000000000000 [ 13.850266] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.850853] page dumped because: kasan: bad access detected [ 13.851349] [ 13.851453] Memory state around the buggy address: [ 13.851766] ffff8881039c7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.852238] ffff8881039c7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.852565] >ffff8881039c7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.852933] ^ [ 13.853167] ffff8881039c7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.853733] ffff8881039c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.854129] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.804261] ================================================================== [ 13.805089] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.805664] Read of size 1 at addr ffffffffbca63e8d by task kunit_try_catch/263 [ 13.806185] [ 13.806702] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.806756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.806769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.806792] Call Trace: [ 13.806804] <TASK> [ 13.806821] dump_stack_lvl+0x73/0xb0 [ 13.806851] print_report+0xd1/0x610 [ 13.806873] ? __virt_addr_valid+0x1db/0x2d0 [ 13.806896] ? kasan_global_oob_right+0x286/0x2d0 [ 13.806918] ? kasan_addr_to_slab+0x11/0xa0 [ 13.806938] ? kasan_global_oob_right+0x286/0x2d0 [ 13.806960] kasan_report+0x141/0x180 [ 13.806981] ? kasan_global_oob_right+0x286/0x2d0 [ 13.807007] __asan_report_load1_noabort+0x18/0x20 [ 13.807032] kasan_global_oob_right+0x286/0x2d0 [ 13.807103] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.807130] ? __schedule+0x10cc/0x2b60 [ 13.807153] ? __pfx_read_tsc+0x10/0x10 [ 13.807173] ? ktime_get_ts64+0x86/0x230 [ 13.807198] kunit_try_run_case+0x1a5/0x480 [ 13.807222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.807245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.807268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.807291] ? __kthread_parkme+0x82/0x180 [ 13.807311] ? preempt_count_sub+0x50/0x80 [ 13.807335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.807359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.807407] kthread+0x337/0x6f0 [ 13.807426] ? trace_preempt_on+0x20/0xc0 [ 13.807449] ? __pfx_kthread+0x10/0x10 [ 13.807469] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.807490] ? calculate_sigpending+0x7b/0xa0 [ 13.807530] ? __pfx_kthread+0x10/0x10 [ 13.807550] ret_from_fork+0x116/0x1d0 [ 13.807569] ? __pfx_kthread+0x10/0x10 [ 13.807589] ret_from_fork_asm+0x1a/0x30 [ 13.807619] </TASK> [ 13.807630] [ 13.817741] The buggy address belongs to the variable: [ 13.817973] global_array+0xd/0x40 [ 13.818563] [ 13.818708] The buggy address belongs to the physical page: [ 13.818919] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x154c63 [ 13.819734] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.820164] raw: 0200000000002000 ffffea00055318c8 ffffea00055318c8 0000000000000000 [ 13.820669] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.821178] page dumped because: kasan: bad access detected [ 13.821573] [ 13.821772] Memory state around the buggy address: [ 13.821985] ffffffffbca63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.822553] ffffffffbca63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.822960] >ffffffffbca63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.823603] ^ [ 13.823797] ffffffffbca63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.824312] ffffffffbca63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.824625] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.775380] ================================================================== [ 13.776671] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.777578] Free of addr ffff888103938001 by task kunit_try_catch/261 [ 13.777935] [ 13.778039] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.778087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.778099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.778122] Call Trace: [ 13.778136] <TASK> [ 13.778153] dump_stack_lvl+0x73/0xb0 [ 13.778185] print_report+0xd1/0x610 [ 13.778214] ? __virt_addr_valid+0x1db/0x2d0 [ 13.778240] ? kasan_addr_to_slab+0x11/0xa0 [ 13.778260] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.778286] kasan_report_invalid_free+0x10a/0x130 [ 13.778310] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.778338] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.778363] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.778389] mempool_free+0x2ec/0x380 [ 13.778415] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.778441] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.778468] ? __kasan_check_write+0x18/0x20 [ 13.778488] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.778519] ? finish_task_switch.isra.0+0x153/0x700 [ 13.778545] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.778570] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.778598] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.778620] ? __pfx_mempool_kfree+0x10/0x10 [ 13.778644] ? __pfx_read_tsc+0x10/0x10 [ 13.778666] ? ktime_get_ts64+0x86/0x230 [ 13.778691] kunit_try_run_case+0x1a5/0x480 [ 13.778889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.778941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.778964] ? __kthread_parkme+0x82/0x180 [ 13.778985] ? preempt_count_sub+0x50/0x80 [ 13.779008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.779031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.779072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.779096] kthread+0x337/0x6f0 [ 13.779115] ? trace_preempt_on+0x20/0xc0 [ 13.779138] ? __pfx_kthread+0x10/0x10 [ 13.779157] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.779178] ? calculate_sigpending+0x7b/0xa0 [ 13.779202] ? __pfx_kthread+0x10/0x10 [ 13.779222] ret_from_fork+0x116/0x1d0 [ 13.779241] ? __pfx_kthread+0x10/0x10 [ 13.779261] ret_from_fork_asm+0x1a/0x30 [ 13.779292] </TASK> [ 13.779302] [ 13.791960] The buggy address belongs to the physical page: [ 13.792648] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103938 [ 13.792997] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.793590] flags: 0x200000000000040(head|node=0|zone=2) [ 13.793959] page_type: f8(unknown) [ 13.794275] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.794738] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.795266] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.795686] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.795988] head: 0200000000000002 ffffea00040e4e01 00000000ffffffff 00000000ffffffff [ 13.796623] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.797060] page dumped because: kasan: bad access detected [ 13.797571] [ 13.797648] Memory state around the buggy address: [ 13.797952] ffff888103937f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.798550] ffff888103937f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.798883] >ffff888103938000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.799465] ^ [ 13.799745] ffff888103938080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.800114] ffff888103938100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.800704] ================================================================== [ 13.737135] ================================================================== [ 13.737666] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.737936] Free of addr ffff8881027f9401 by task kunit_try_catch/259 [ 13.738601] [ 13.738853] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.738903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.738914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.738936] Call Trace: [ 13.738950] <TASK> [ 13.739006] dump_stack_lvl+0x73/0xb0 [ 13.739074] print_report+0xd1/0x610 [ 13.739098] ? __virt_addr_valid+0x1db/0x2d0 [ 13.739158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.739234] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.739260] kasan_report_invalid_free+0x10a/0x130 [ 13.739285] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.739312] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.739337] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.739361] check_slab_allocation+0x11f/0x130 [ 13.739382] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.739406] mempool_free+0x2ec/0x380 [ 13.739430] ? mempool_alloc_preallocated+0x5b/0x90 [ 13.739473] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.739508] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.739535] ? __kasan_check_write+0x18/0x20 [ 13.739554] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.739576] ? finish_task_switch.isra.0+0x153/0x700 [ 13.739602] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.739626] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.739653] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.739674] ? __pfx_mempool_kfree+0x10/0x10 [ 13.739698] ? __pfx_read_tsc+0x10/0x10 [ 13.739718] ? ktime_get_ts64+0x86/0x230 [ 13.739742] kunit_try_run_case+0x1a5/0x480 [ 13.739767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.739790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.739814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.739838] ? __kthread_parkme+0x82/0x180 [ 13.739859] ? preempt_count_sub+0x50/0x80 [ 13.739882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.739905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.739929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.739953] kthread+0x337/0x6f0 [ 13.739971] ? trace_preempt_on+0x20/0xc0 [ 13.739994] ? __pfx_kthread+0x10/0x10 [ 13.740013] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.740035] ? calculate_sigpending+0x7b/0xa0 [ 13.740058] ? __pfx_kthread+0x10/0x10 [ 13.740079] ret_from_fork+0x116/0x1d0 [ 13.740097] ? __pfx_kthread+0x10/0x10 [ 13.740116] ret_from_fork_asm+0x1a/0x30 [ 13.740147] </TASK> [ 13.740158] [ 13.756961] Allocated by task 259: [ 13.757436] kasan_save_stack+0x45/0x70 [ 13.757817] kasan_save_track+0x18/0x40 [ 13.757957] kasan_save_alloc_info+0x3b/0x50 [ 13.758382] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.758865] remove_element+0x11e/0x190 [ 13.759318] mempool_alloc_preallocated+0x4d/0x90 [ 13.759483] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.759676] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.759841] kunit_try_run_case+0x1a5/0x480 [ 13.759987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.760563] kthread+0x337/0x6f0 [ 13.760907] ret_from_fork+0x116/0x1d0 [ 13.761423] ret_from_fork_asm+0x1a/0x30 [ 13.761810] [ 13.761988] The buggy address belongs to the object at ffff8881027f9400 [ 13.761988] which belongs to the cache kmalloc-128 of size 128 [ 13.763249] The buggy address is located 1 bytes inside of [ 13.763249] 128-byte region [ffff8881027f9400, ffff8881027f9480) [ 13.764124] [ 13.764309] The buggy address belongs to the physical page: [ 13.764729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f9 [ 13.764975] flags: 0x200000000000000(node=0|zone=2) [ 13.765597] page_type: f5(slab) [ 13.765918] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.766684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.767175] page dumped because: kasan: bad access detected [ 13.767349] [ 13.767419] Memory state around the buggy address: [ 13.767828] ffff8881027f9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.768540] ffff8881027f9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.769313] >ffff8881027f9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.769758] ^ [ 13.770129] ffff8881027f9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.770648] ffff8881027f9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.770865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.659638] ================================================================== [ 13.660096] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.660516] Free of addr ffff8881027f9000 by task kunit_try_catch/253 [ 13.660802] [ 13.660960] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.661217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.661231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.661255] Call Trace: [ 13.661268] <TASK> [ 13.661286] dump_stack_lvl+0x73/0xb0 [ 13.661320] print_report+0xd1/0x610 [ 13.661343] ? __virt_addr_valid+0x1db/0x2d0 [ 13.661367] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.661389] ? mempool_double_free_helper+0x184/0x370 [ 13.661414] kasan_report_invalid_free+0x10a/0x130 [ 13.661438] ? mempool_double_free_helper+0x184/0x370 [ 13.661464] ? mempool_double_free_helper+0x184/0x370 [ 13.661487] ? mempool_double_free_helper+0x184/0x370 [ 13.661523] check_slab_allocation+0x101/0x130 [ 13.661545] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.661570] mempool_free+0x2ec/0x380 [ 13.661596] mempool_double_free_helper+0x184/0x370 [ 13.661620] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.661644] ? update_curr+0x5c1/0x810 [ 13.661672] mempool_kmalloc_double_free+0xed/0x140 [ 13.661696] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.661720] ? schedule+0x7c/0x2e0 [ 13.661743] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.661764] ? __pfx_mempool_kfree+0x10/0x10 [ 13.661788] ? __pfx_read_tsc+0x10/0x10 [ 13.661809] ? ktime_get_ts64+0x86/0x230 [ 13.661833] kunit_try_run_case+0x1a5/0x480 [ 13.661858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.661904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.661927] ? __kthread_parkme+0x82/0x180 [ 13.661948] ? preempt_count_sub+0x50/0x80 [ 13.661970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.661994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.662016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.662040] kthread+0x337/0x6f0 [ 13.662070] ? trace_preempt_on+0x20/0xc0 [ 13.662093] ? __pfx_kthread+0x10/0x10 [ 13.662113] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.662135] ? calculate_sigpending+0x7b/0xa0 [ 13.662158] ? __pfx_kthread+0x10/0x10 [ 13.662179] ret_from_fork+0x116/0x1d0 [ 13.662202] ? __pfx_kthread+0x10/0x10 [ 13.662221] ret_from_fork_asm+0x1a/0x30 [ 13.662251] </TASK> [ 13.662262] [ 13.672752] Allocated by task 253: [ 13.672914] kasan_save_stack+0x45/0x70 [ 13.673150] kasan_save_track+0x18/0x40 [ 13.673877] kasan_save_alloc_info+0x3b/0x50 [ 13.674322] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.674613] remove_element+0x11e/0x190 [ 13.674797] mempool_alloc_preallocated+0x4d/0x90 [ 13.675005] mempool_double_free_helper+0x8a/0x370 [ 13.675522] mempool_kmalloc_double_free+0xed/0x140 [ 13.675741] kunit_try_run_case+0x1a5/0x480 [ 13.675937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.676810] kthread+0x337/0x6f0 [ 13.677128] ret_from_fork+0x116/0x1d0 [ 13.677327] ret_from_fork_asm+0x1a/0x30 [ 13.677518] [ 13.677607] Freed by task 253: [ 13.677752] kasan_save_stack+0x45/0x70 [ 13.677923] kasan_save_track+0x18/0x40 [ 13.678623] kasan_save_free_info+0x3f/0x60 [ 13.679252] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.679576] mempool_free+0x2ec/0x380 [ 13.680010] mempool_double_free_helper+0x109/0x370 [ 13.680451] mempool_kmalloc_double_free+0xed/0x140 [ 13.680639] kunit_try_run_case+0x1a5/0x480 [ 13.680846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.681045] kthread+0x337/0x6f0 [ 13.681197] ret_from_fork+0x116/0x1d0 [ 13.681463] ret_from_fork_asm+0x1a/0x30 [ 13.681692] [ 13.681789] The buggy address belongs to the object at ffff8881027f9000 [ 13.681789] which belongs to the cache kmalloc-128 of size 128 [ 13.682338] The buggy address is located 0 bytes inside of [ 13.682338] 128-byte region [ffff8881027f9000, ffff8881027f9080) [ 13.682784] [ 13.682875] The buggy address belongs to the physical page: [ 13.683078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f9 [ 13.683470] flags: 0x200000000000000(node=0|zone=2) [ 13.683722] page_type: f5(slab) [ 13.683845] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.684070] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.684742] page dumped because: kasan: bad access detected [ 13.684943] [ 13.685035] Memory state around the buggy address: [ 13.685453] ffff8881027f8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.685773] ffff8881027f8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.686066] >ffff8881027f9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.686397] ^ [ 13.686525] ffff8881027f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.686822] ffff8881027f9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.687262] ================================================================== [ 13.717329] ================================================================== [ 13.717871] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.718172] Free of addr ffff888103960000 by task kunit_try_catch/257 [ 13.718666] [ 13.718791] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.718839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.718851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.718874] Call Trace: [ 13.718888] <TASK> [ 13.718904] dump_stack_lvl+0x73/0xb0 [ 13.718936] print_report+0xd1/0x610 [ 13.718959] ? __virt_addr_valid+0x1db/0x2d0 [ 13.718983] ? kasan_addr_to_slab+0x11/0xa0 [ 13.719003] ? mempool_double_free_helper+0x184/0x370 [ 13.719028] kasan_report_invalid_free+0x10a/0x130 [ 13.719115] ? mempool_double_free_helper+0x184/0x370 [ 13.719144] ? mempool_double_free_helper+0x184/0x370 [ 13.719167] __kasan_mempool_poison_pages+0x115/0x130 [ 13.719192] mempool_free+0x290/0x380 [ 13.719220] mempool_double_free_helper+0x184/0x370 [ 13.719244] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.719283] ? update_load_avg+0x1be/0x21b0 [ 13.719309] ? finish_task_switch.isra.0+0x153/0x700 [ 13.719335] mempool_page_alloc_double_free+0xe8/0x140 [ 13.719361] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.719388] ? __kasan_check_write+0x18/0x20 [ 13.719408] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.719431] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.719457] ? __pfx_read_tsc+0x10/0x10 [ 13.719478] ? ktime_get_ts64+0x86/0x230 [ 13.719511] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.719538] kunit_try_run_case+0x1a5/0x480 [ 13.719565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719590] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.719616] ? __kthread_parkme+0x82/0x180 [ 13.719638] ? preempt_count_sub+0x50/0x80 [ 13.719660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.719707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.719731] kthread+0x337/0x6f0 [ 13.719749] ? trace_preempt_on+0x20/0xc0 [ 13.719773] ? __pfx_kthread+0x10/0x10 [ 13.719793] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.719816] ? calculate_sigpending+0x7b/0xa0 [ 13.719840] ? __pfx_kthread+0x10/0x10 [ 13.719861] ret_from_fork+0x116/0x1d0 [ 13.719880] ? __pfx_kthread+0x10/0x10 [ 13.719899] ret_from_fork_asm+0x1a/0x30 [ 13.719931] </TASK> [ 13.719942] [ 13.728245] The buggy address belongs to the physical page: [ 13.728513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103960 [ 13.728875] flags: 0x200000000000000(node=0|zone=2) [ 13.729124] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.729583] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.729834] page dumped because: kasan: bad access detected [ 13.730091] [ 13.730516] Memory state around the buggy address: [ 13.730766] ffff88810395ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.731512] ffff88810395ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.731830] >ffff888103960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.732247] ^ [ 13.732414] ffff888103960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.732687] ffff888103960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.732941] ================================================================== [ 13.694243] ================================================================== [ 13.694741] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.695062] Free of addr ffff888103934000 by task kunit_try_catch/255 [ 13.695363] [ 13.695623] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.695676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.695688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.695711] Call Trace: [ 13.695725] <TASK> [ 13.695742] dump_stack_lvl+0x73/0xb0 [ 13.695775] print_report+0xd1/0x610 [ 13.695796] ? __virt_addr_valid+0x1db/0x2d0 [ 13.695821] ? kasan_addr_to_slab+0x11/0xa0 [ 13.695842] ? mempool_double_free_helper+0x184/0x370 [ 13.695867] kasan_report_invalid_free+0x10a/0x130 [ 13.695891] ? mempool_double_free_helper+0x184/0x370 [ 13.695917] ? mempool_double_free_helper+0x184/0x370 [ 13.695943] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.695969] mempool_free+0x2ec/0x380 [ 13.695996] mempool_double_free_helper+0x184/0x370 [ 13.696021] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.696348] ? update_curr+0x5c1/0x810 [ 13.696382] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.696408] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.696433] ? schedule+0x7c/0x2e0 [ 13.696455] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.696478] ? __pfx_mempool_kfree+0x10/0x10 [ 13.696517] ? __pfx_read_tsc+0x10/0x10 [ 13.696538] ? ktime_get_ts64+0x86/0x230 [ 13.696563] kunit_try_run_case+0x1a5/0x480 [ 13.696588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.696610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.696634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.696658] ? __kthread_parkme+0x82/0x180 [ 13.696678] ? preempt_count_sub+0x50/0x80 [ 13.696702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.696725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.696748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.696771] kthread+0x337/0x6f0 [ 13.696789] ? trace_preempt_on+0x20/0xc0 [ 13.696813] ? __pfx_kthread+0x10/0x10 [ 13.696832] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.696853] ? calculate_sigpending+0x7b/0xa0 [ 13.696878] ? __pfx_kthread+0x10/0x10 [ 13.696898] ret_from_fork+0x116/0x1d0 [ 13.696917] ? __pfx_kthread+0x10/0x10 [ 13.696936] ret_from_fork_asm+0x1a/0x30 [ 13.696966] </TASK> [ 13.696977] [ 13.705430] The buggy address belongs to the physical page: [ 13.705715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103934 [ 13.706078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.706644] flags: 0x200000000000040(head|node=0|zone=2) [ 13.706873] page_type: f8(unknown) [ 13.707014] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.707675] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.707989] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.708286] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.708529] head: 0200000000000002 ffffea00040e4d01 00000000ffffffff 00000000ffffffff [ 13.708767] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.709369] page dumped because: kasan: bad access detected [ 13.709628] [ 13.709719] Memory state around the buggy address: [ 13.709938] ffff888103933f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.710340] ffff888103933f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.710572] >ffff888103934000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.710843] ^ [ 13.711007] ffff888103934080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.711748] ffff888103934100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.712094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.637019] ================================================================== [ 13.637466] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.637714] Read of size 1 at addr ffff888103934000 by task kunit_try_catch/251 [ 13.637934] [ 13.638025] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.638071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.638083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.638106] Call Trace: [ 13.638118] <TASK> [ 13.638135] dump_stack_lvl+0x73/0xb0 [ 13.638165] print_report+0xd1/0x610 [ 13.638186] ? __virt_addr_valid+0x1db/0x2d0 [ 13.638215] ? mempool_uaf_helper+0x392/0x400 [ 13.638237] ? kasan_addr_to_slab+0x11/0xa0 [ 13.638258] ? mempool_uaf_helper+0x392/0x400 [ 13.638280] kasan_report+0x141/0x180 [ 13.638302] ? mempool_uaf_helper+0x392/0x400 [ 13.638329] __asan_report_load1_noabort+0x18/0x20 [ 13.638353] mempool_uaf_helper+0x392/0x400 [ 13.638375] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.638397] ? __kasan_check_write+0x18/0x20 [ 13.638416] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.638438] ? finish_task_switch.isra.0+0x153/0x700 [ 13.638465] mempool_page_alloc_uaf+0xed/0x140 [ 13.638488] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.638549] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.638573] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.638598] ? __pfx_read_tsc+0x10/0x10 [ 13.638620] ? ktime_get_ts64+0x86/0x230 [ 13.638644] kunit_try_run_case+0x1a5/0x480 [ 13.638803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.638828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.638854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.638878] ? __kthread_parkme+0x82/0x180 [ 13.638898] ? preempt_count_sub+0x50/0x80 [ 13.639068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.639150] kthread+0x337/0x6f0 [ 13.639542] ? trace_preempt_on+0x20/0xc0 [ 13.639569] ? __pfx_kthread+0x10/0x10 [ 13.639590] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.639611] ? calculate_sigpending+0x7b/0xa0 [ 13.639636] ? __pfx_kthread+0x10/0x10 [ 13.639657] ret_from_fork+0x116/0x1d0 [ 13.639676] ? __pfx_kthread+0x10/0x10 [ 13.639696] ret_from_fork_asm+0x1a/0x30 [ 13.639726] </TASK> [ 13.639736] [ 13.651410] The buggy address belongs to the physical page: [ 13.651893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103934 [ 13.652404] flags: 0x200000000000000(node=0|zone=2) [ 13.652642] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.652969] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.653605] page dumped because: kasan: bad access detected [ 13.653883] [ 13.653979] Memory state around the buggy address: [ 13.654186] ffff888103933f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.654465] ffff888103933f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.654762] >ffff888103934000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.655042] ^ [ 13.655275] ffff888103934080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.655632] ffff888103934100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.655930] ================================================================== [ 13.579249] ================================================================== [ 13.579721] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.580031] Read of size 1 at addr ffff888103934000 by task kunit_try_catch/247 [ 13.580380] [ 13.580487] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.580546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.580558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.580580] Call Trace: [ 13.580593] <TASK> [ 13.580609] dump_stack_lvl+0x73/0xb0 [ 13.580640] print_report+0xd1/0x610 [ 13.580663] ? __virt_addr_valid+0x1db/0x2d0 [ 13.580687] ? mempool_uaf_helper+0x392/0x400 [ 13.580709] ? kasan_addr_to_slab+0x11/0xa0 [ 13.580730] ? mempool_uaf_helper+0x392/0x400 [ 13.580752] kasan_report+0x141/0x180 [ 13.580774] ? mempool_uaf_helper+0x392/0x400 [ 13.580800] __asan_report_load1_noabort+0x18/0x20 [ 13.580825] mempool_uaf_helper+0x392/0x400 [ 13.580848] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.580869] ? update_load_avg+0x1be/0x21b0 [ 13.580894] ? update_load_avg+0x1be/0x21b0 [ 13.580915] ? update_curr+0x80/0x810 [ 13.580936] ? irqentry_exit+0x2a/0x60 [ 13.580958] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.580985] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.581008] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.581034] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.581059] ? __pfx_mempool_kfree+0x10/0x10 [ 13.581082] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.581108] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.581134] kunit_try_run_case+0x1a5/0x480 [ 13.581159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.581181] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.581227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.581251] ? __kthread_parkme+0x82/0x180 [ 13.581272] ? preempt_count_sub+0x50/0x80 [ 13.581296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.581320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.581343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.581367] kthread+0x337/0x6f0 [ 13.581385] ? trace_preempt_on+0x20/0xc0 [ 13.581409] ? __pfx_kthread+0x10/0x10 [ 13.581429] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.581450] ? calculate_sigpending+0x7b/0xa0 [ 13.581475] ? __pfx_kthread+0x10/0x10 [ 13.581506] ret_from_fork+0x116/0x1d0 [ 13.581527] ? __pfx_kthread+0x10/0x10 [ 13.581546] ret_from_fork_asm+0x1a/0x30 [ 13.581577] </TASK> [ 13.581587] [ 13.590444] The buggy address belongs to the physical page: [ 13.590733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103934 [ 13.591211] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.591479] flags: 0x200000000000040(head|node=0|zone=2) [ 13.591706] page_type: f8(unknown) [ 13.591884] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.592411] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.592763] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.593055] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.593437] head: 0200000000000002 ffffea00040e4d01 00000000ffffffff 00000000ffffffff [ 13.593683] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.593914] page dumped because: kasan: bad access detected [ 13.594108] [ 13.594243] Memory state around the buggy address: [ 13.594465] ffff888103933f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.594788] ffff888103933f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.595106] >ffff888103934000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.595334] ^ [ 13.595452] ffff888103934080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.596085] ffff888103934100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.596750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.550179] ================================================================== [ 13.550635] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.551017] Read of size 1 at addr ffff8881027e4c00 by task kunit_try_catch/245 [ 13.551362] [ 13.551480] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.551537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.551549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.551572] Call Trace: [ 13.551586] <TASK> [ 13.551604] dump_stack_lvl+0x73/0xb0 [ 13.551636] print_report+0xd1/0x610 [ 13.551658] ? __virt_addr_valid+0x1db/0x2d0 [ 13.551682] ? mempool_uaf_helper+0x392/0x400 [ 13.551704] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.551728] ? mempool_uaf_helper+0x392/0x400 [ 13.551750] kasan_report+0x141/0x180 [ 13.551771] ? mempool_uaf_helper+0x392/0x400 [ 13.551798] __asan_report_load1_noabort+0x18/0x20 [ 13.551823] mempool_uaf_helper+0x392/0x400 [ 13.551845] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.551869] ? __kasan_check_write+0x18/0x20 [ 13.551955] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.551979] ? finish_task_switch.isra.0+0x153/0x700 [ 13.552006] mempool_kmalloc_uaf+0xef/0x140 [ 13.552028] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.552054] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.552078] ? __pfx_mempool_kfree+0x10/0x10 [ 13.552103] ? __pfx_read_tsc+0x10/0x10 [ 13.552124] ? ktime_get_ts64+0x86/0x230 [ 13.552149] kunit_try_run_case+0x1a5/0x480 [ 13.552174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.552197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.552222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.552262] ? __kthread_parkme+0x82/0x180 [ 13.552283] ? preempt_count_sub+0x50/0x80 [ 13.552306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.552330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.552354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.552378] kthread+0x337/0x6f0 [ 13.552397] ? trace_preempt_on+0x20/0xc0 [ 13.552420] ? __pfx_kthread+0x10/0x10 [ 13.552441] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.552462] ? calculate_sigpending+0x7b/0xa0 [ 13.552487] ? __pfx_kthread+0x10/0x10 [ 13.552519] ret_from_fork+0x116/0x1d0 [ 13.552538] ? __pfx_kthread+0x10/0x10 [ 13.552558] ret_from_fork_asm+0x1a/0x30 [ 13.552589] </TASK> [ 13.552600] [ 13.560565] Allocated by task 245: [ 13.560745] kasan_save_stack+0x45/0x70 [ 13.560905] kasan_save_track+0x18/0x40 [ 13.561189] kasan_save_alloc_info+0x3b/0x50 [ 13.561368] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.561554] remove_element+0x11e/0x190 [ 13.561692] mempool_alloc_preallocated+0x4d/0x90 [ 13.561877] mempool_uaf_helper+0x96/0x400 [ 13.562080] mempool_kmalloc_uaf+0xef/0x140 [ 13.562287] kunit_try_run_case+0x1a5/0x480 [ 13.562490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.562961] kthread+0x337/0x6f0 [ 13.563121] ret_from_fork+0x116/0x1d0 [ 13.563266] ret_from_fork_asm+0x1a/0x30 [ 13.563404] [ 13.563571] Freed by task 245: [ 13.563730] kasan_save_stack+0x45/0x70 [ 13.563923] kasan_save_track+0x18/0x40 [ 13.564194] kasan_save_free_info+0x3f/0x60 [ 13.564386] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.564601] mempool_free+0x2ec/0x380 [ 13.564763] mempool_uaf_helper+0x11a/0x400 [ 13.564968] mempool_kmalloc_uaf+0xef/0x140 [ 13.565268] kunit_try_run_case+0x1a5/0x480 [ 13.565443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.565711] kthread+0x337/0x6f0 [ 13.565874] ret_from_fork+0x116/0x1d0 [ 13.566009] ret_from_fork_asm+0x1a/0x30 [ 13.566312] [ 13.566383] The buggy address belongs to the object at ffff8881027e4c00 [ 13.566383] which belongs to the cache kmalloc-128 of size 128 [ 13.566894] The buggy address is located 0 bytes inside of [ 13.566894] freed 128-byte region [ffff8881027e4c00, ffff8881027e4c80) [ 13.567430] [ 13.567518] The buggy address belongs to the physical page: [ 13.567693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 13.567943] flags: 0x200000000000000(node=0|zone=2) [ 13.568155] page_type: f5(slab) [ 13.568398] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.568740] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.569150] page dumped because: kasan: bad access detected [ 13.569394] [ 13.569527] Memory state around the buggy address: [ 13.569698] ffff8881027e4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.569929] ffff8881027e4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.570204] >ffff8881027e4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.570533] ^ [ 13.570701] ffff8881027e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.571019] ffff8881027e4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.571560] ================================================================== [ 13.607329] ================================================================== [ 13.607806] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.608157] Read of size 1 at addr ffff8881039f8240 by task kunit_try_catch/249 [ 13.608423] [ 13.608559] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.608609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.608621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.608643] Call Trace: [ 13.608656] <TASK> [ 13.608673] dump_stack_lvl+0x73/0xb0 [ 13.608704] print_report+0xd1/0x610 [ 13.608727] ? __virt_addr_valid+0x1db/0x2d0 [ 13.608751] ? mempool_uaf_helper+0x392/0x400 [ 13.608773] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.608795] ? mempool_uaf_helper+0x392/0x400 [ 13.608818] kasan_report+0x141/0x180 [ 13.608839] ? mempool_uaf_helper+0x392/0x400 [ 13.608866] __asan_report_load1_noabort+0x18/0x20 [ 13.608891] mempool_uaf_helper+0x392/0x400 [ 13.608914] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.608935] ? update_load_avg+0x1be/0x21b0 [ 13.608962] ? finish_task_switch.isra.0+0x153/0x700 [ 13.608989] mempool_slab_uaf+0xea/0x140 [ 13.609013] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.609039] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.609064] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.609089] ? __pfx_read_tsc+0x10/0x10 [ 13.609110] ? ktime_get_ts64+0x86/0x230 [ 13.609136] kunit_try_run_case+0x1a5/0x480 [ 13.609172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.609195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.609220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.609243] ? __kthread_parkme+0x82/0x180 [ 13.609264] ? preempt_count_sub+0x50/0x80 [ 13.609287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.609311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.609335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.609358] kthread+0x337/0x6f0 [ 13.609377] ? trace_preempt_on+0x20/0xc0 [ 13.609400] ? __pfx_kthread+0x10/0x10 [ 13.609419] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.609441] ? calculate_sigpending+0x7b/0xa0 [ 13.609465] ? __pfx_kthread+0x10/0x10 [ 13.609486] ret_from_fork+0x116/0x1d0 [ 13.609515] ? __pfx_kthread+0x10/0x10 [ 13.609536] ret_from_fork_asm+0x1a/0x30 [ 13.609566] </TASK> [ 13.609577] [ 13.617392] Allocated by task 249: [ 13.617571] kasan_save_stack+0x45/0x70 [ 13.617716] kasan_save_track+0x18/0x40 [ 13.617855] kasan_save_alloc_info+0x3b/0x50 [ 13.618066] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.618454] remove_element+0x11e/0x190 [ 13.618643] mempool_alloc_preallocated+0x4d/0x90 [ 13.618847] mempool_uaf_helper+0x96/0x400 [ 13.619019] mempool_slab_uaf+0xea/0x140 [ 13.619193] kunit_try_run_case+0x1a5/0x480 [ 13.619401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.619644] kthread+0x337/0x6f0 [ 13.619796] ret_from_fork+0x116/0x1d0 [ 13.619967] ret_from_fork_asm+0x1a/0x30 [ 13.620138] [ 13.620236] Freed by task 249: [ 13.620357] kasan_save_stack+0x45/0x70 [ 13.620535] kasan_save_track+0x18/0x40 [ 13.620717] kasan_save_free_info+0x3f/0x60 [ 13.620892] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.621097] mempool_free+0x2ec/0x380 [ 13.621231] mempool_uaf_helper+0x11a/0x400 [ 13.621377] mempool_slab_uaf+0xea/0x140 [ 13.621524] kunit_try_run_case+0x1a5/0x480 [ 13.621671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.621846] kthread+0x337/0x6f0 [ 13.621966] ret_from_fork+0x116/0x1d0 [ 13.622150] ret_from_fork_asm+0x1a/0x30 [ 13.622450] [ 13.622560] The buggy address belongs to the object at ffff8881039f8240 [ 13.622560] which belongs to the cache test_cache of size 123 [ 13.623079] The buggy address is located 0 bytes inside of [ 13.623079] freed 123-byte region [ffff8881039f8240, ffff8881039f82bb) [ 13.623431] [ 13.623511] The buggy address belongs to the physical page: [ 13.623686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.623934] flags: 0x200000000000000(node=0|zone=2) [ 13.624200] page_type: f5(slab) [ 13.624371] raw: 0200000000000000 ffff8881018a9c80 dead000000000122 0000000000000000 [ 13.624719] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.625072] page dumped because: kasan: bad access detected [ 13.625575] [ 13.625669] Memory state around the buggy address: [ 13.625887] ffff8881039f8100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.626175] ffff8881039f8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.626409] >ffff8881039f8200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.626737] ^ [ 13.626938] ffff8881039f8280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.627154] ffff8881039f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.627465] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.521152] ================================================================== [ 13.521665] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.521974] Read of size 1 at addr ffff8881039f62bb by task kunit_try_catch/243 [ 13.522395] [ 13.522526] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.522575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.522586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.522609] Call Trace: [ 13.522622] <TASK> [ 13.522639] dump_stack_lvl+0x73/0xb0 [ 13.522672] print_report+0xd1/0x610 [ 13.522697] ? __virt_addr_valid+0x1db/0x2d0 [ 13.522721] ? mempool_oob_right_helper+0x318/0x380 [ 13.522745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.522767] ? mempool_oob_right_helper+0x318/0x380 [ 13.522791] kasan_report+0x141/0x180 [ 13.522812] ? mempool_oob_right_helper+0x318/0x380 [ 13.522841] __asan_report_load1_noabort+0x18/0x20 [ 13.522865] mempool_oob_right_helper+0x318/0x380 [ 13.522890] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.522916] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.522938] ? finish_task_switch.isra.0+0x153/0x700 [ 13.522964] mempool_slab_oob_right+0xed/0x140 [ 13.522989] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.523016] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.523041] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.523078] ? __pfx_read_tsc+0x10/0x10 [ 13.523100] ? ktime_get_ts64+0x86/0x230 [ 13.523124] kunit_try_run_case+0x1a5/0x480 [ 13.523150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.523226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.523252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.523275] ? __kthread_parkme+0x82/0x180 [ 13.523296] ? preempt_count_sub+0x50/0x80 [ 13.523319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.523342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.523366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.523390] kthread+0x337/0x6f0 [ 13.523409] ? trace_preempt_on+0x20/0xc0 [ 13.523432] ? __pfx_kthread+0x10/0x10 [ 13.523452] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.523474] ? calculate_sigpending+0x7b/0xa0 [ 13.523509] ? __pfx_kthread+0x10/0x10 [ 13.523530] ret_from_fork+0x116/0x1d0 [ 13.523549] ? __pfx_kthread+0x10/0x10 [ 13.523569] ret_from_fork_asm+0x1a/0x30 [ 13.523601] </TASK> [ 13.523611] [ 13.532613] Allocated by task 243: [ 13.532775] kasan_save_stack+0x45/0x70 [ 13.532953] kasan_save_track+0x18/0x40 [ 13.533145] kasan_save_alloc_info+0x3b/0x50 [ 13.533685] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.533903] remove_element+0x11e/0x190 [ 13.534090] mempool_alloc_preallocated+0x4d/0x90 [ 13.534318] mempool_oob_right_helper+0x8a/0x380 [ 13.534574] mempool_slab_oob_right+0xed/0x140 [ 13.534764] kunit_try_run_case+0x1a5/0x480 [ 13.534969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.535232] kthread+0x337/0x6f0 [ 13.535392] ret_from_fork+0x116/0x1d0 [ 13.535555] ret_from_fork_asm+0x1a/0x30 [ 13.535751] [ 13.535848] The buggy address belongs to the object at ffff8881039f6240 [ 13.535848] which belongs to the cache test_cache of size 123 [ 13.536285] The buggy address is located 0 bytes to the right of [ 13.536285] allocated 123-byte region [ffff8881039f6240, ffff8881039f62bb) [ 13.536915] [ 13.536992] The buggy address belongs to the physical page: [ 13.537166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f6 [ 13.537408] flags: 0x200000000000000(node=0|zone=2) [ 13.537622] page_type: f5(slab) [ 13.537788] raw: 0200000000000000 ffff8881018a9b40 dead000000000122 0000000000000000 [ 13.538322] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.538607] page dumped because: kasan: bad access detected [ 13.538780] [ 13.538873] Memory state around the buggy address: [ 13.539214] ffff8881039f6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.539548] ffff8881039f6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.539854] >ffff8881039f6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.540177] ^ [ 13.540378] ffff8881039f6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.540689] ffff8881039f6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.540947] ================================================================== [ 13.499392] ================================================================== [ 13.499867] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.500220] Read of size 1 at addr ffff88810395e001 by task kunit_try_catch/241 [ 13.500517] [ 13.500608] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.500655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.500666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.500688] Call Trace: [ 13.500700] <TASK> [ 13.500715] dump_stack_lvl+0x73/0xb0 [ 13.500746] print_report+0xd1/0x610 [ 13.500768] ? __virt_addr_valid+0x1db/0x2d0 [ 13.500789] ? mempool_oob_right_helper+0x318/0x380 [ 13.500812] ? kasan_addr_to_slab+0x11/0xa0 [ 13.500832] ? mempool_oob_right_helper+0x318/0x380 [ 13.500856] kasan_report+0x141/0x180 [ 13.500876] ? mempool_oob_right_helper+0x318/0x380 [ 13.500905] __asan_report_load1_noabort+0x18/0x20 [ 13.500928] mempool_oob_right_helper+0x318/0x380 [ 13.500953] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.500979] ? irqentry_exit+0x2a/0x60 [ 13.501001] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.501026] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.501051] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.501078] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.501101] ? __pfx_mempool_kfree+0x10/0x10 [ 13.501124] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.501151] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.501178] kunit_try_run_case+0x1a5/0x480 [ 13.501202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.501249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.501272] ? __kthread_parkme+0x82/0x180 [ 13.501291] ? preempt_count_sub+0x50/0x80 [ 13.501384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.501432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.501455] kthread+0x337/0x6f0 [ 13.501474] ? trace_preempt_on+0x20/0xc0 [ 13.501509] ? __pfx_kthread+0x10/0x10 [ 13.501528] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.501550] ? calculate_sigpending+0x7b/0xa0 [ 13.501574] ? __pfx_kthread+0x10/0x10 [ 13.501595] ret_from_fork+0x116/0x1d0 [ 13.501615] ? __pfx_kthread+0x10/0x10 [ 13.501634] ret_from_fork_asm+0x1a/0x30 [ 13.501664] </TASK> [ 13.501675] [ 13.510132] The buggy address belongs to the physical page: [ 13.510405] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10395c [ 13.510752] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.511027] flags: 0x200000000000040(head|node=0|zone=2) [ 13.511414] page_type: f8(unknown) [ 13.511592] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.511880] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.512273] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.512561] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.512867] head: 0200000000000002 ffffea00040e5701 00000000ffffffff 00000000ffffffff [ 13.513272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.513558] page dumped because: kasan: bad access detected [ 13.513770] [ 13.513862] Memory state around the buggy address: [ 13.514068] ffff88810395df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.514372] ffff88810395df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.514642] >ffff88810395e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.514853] ^ [ 13.514968] ffff88810395e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.515188] ffff88810395e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.515504] ================================================================== [ 13.468400] ================================================================== [ 13.468857] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.469319] Read of size 1 at addr ffff8881027e4873 by task kunit_try_catch/239 [ 13.469599] [ 13.469768] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.469833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.469846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.469869] Call Trace: [ 13.469882] <TASK> [ 13.469900] dump_stack_lvl+0x73/0xb0 [ 13.469934] print_report+0xd1/0x610 [ 13.469957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.469982] ? mempool_oob_right_helper+0x318/0x380 [ 13.470037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.470060] ? mempool_oob_right_helper+0x318/0x380 [ 13.470084] kasan_report+0x141/0x180 [ 13.470139] ? mempool_oob_right_helper+0x318/0x380 [ 13.470187] __asan_report_load1_noabort+0x18/0x20 [ 13.470239] mempool_oob_right_helper+0x318/0x380 [ 13.470264] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.470288] ? __kasan_check_write+0x18/0x20 [ 13.470308] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.470330] ? finish_task_switch.isra.0+0x153/0x700 [ 13.470358] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.470390] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.470418] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.470442] ? __pfx_mempool_kfree+0x10/0x10 [ 13.470467] ? __pfx_read_tsc+0x10/0x10 [ 13.470519] ? ktime_get_ts64+0x86/0x230 [ 13.470555] kunit_try_run_case+0x1a5/0x480 [ 13.470582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.470631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.470667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.470690] ? __kthread_parkme+0x82/0x180 [ 13.470711] ? preempt_count_sub+0x50/0x80 [ 13.470744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.470768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.470792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.470815] kthread+0x337/0x6f0 [ 13.470834] ? trace_preempt_on+0x20/0xc0 [ 13.470857] ? __pfx_kthread+0x10/0x10 [ 13.470877] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.470899] ? calculate_sigpending+0x7b/0xa0 [ 13.470924] ? __pfx_kthread+0x10/0x10 [ 13.470944] ret_from_fork+0x116/0x1d0 [ 13.470962] ? __pfx_kthread+0x10/0x10 [ 13.470982] ret_from_fork_asm+0x1a/0x30 [ 13.471013] </TASK> [ 13.471024] [ 13.483491] Allocated by task 239: [ 13.483736] kasan_save_stack+0x45/0x70 [ 13.484251] kasan_save_track+0x18/0x40 [ 13.484415] kasan_save_alloc_info+0x3b/0x50 [ 13.484721] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.485242] remove_element+0x11e/0x190 [ 13.485418] mempool_alloc_preallocated+0x4d/0x90 [ 13.485802] mempool_oob_right_helper+0x8a/0x380 [ 13.486055] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.486515] kunit_try_run_case+0x1a5/0x480 [ 13.486803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487062] kthread+0x337/0x6f0 [ 13.487370] ret_from_fork+0x116/0x1d0 [ 13.487575] ret_from_fork_asm+0x1a/0x30 [ 13.487764] [ 13.487852] The buggy address belongs to the object at ffff8881027e4800 [ 13.487852] which belongs to the cache kmalloc-128 of size 128 [ 13.488744] The buggy address is located 0 bytes to the right of [ 13.488744] allocated 115-byte region [ffff8881027e4800, ffff8881027e4873) [ 13.489461] [ 13.489584] The buggy address belongs to the physical page: [ 13.490040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 13.490525] flags: 0x200000000000000(node=0|zone=2) [ 13.490906] page_type: f5(slab) [ 13.491287] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.491640] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.492275] page dumped because: kasan: bad access detected [ 13.492538] [ 13.492630] Memory state around the buggy address: [ 13.492984] ffff8881027e4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.493450] ffff8881027e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.493914] >ffff8881027e4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.494402] ^ [ 13.494871] ffff8881027e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.495432] ffff8881027e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.495947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.891782] ================================================================== [ 12.892957] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.894113] Read of size 1 at addr ffff8881018a98c0 by task kunit_try_catch/233 [ 12.895108] [ 12.895355] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.895408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.895467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.895491] Call Trace: [ 12.895649] <TASK> [ 12.895668] dump_stack_lvl+0x73/0xb0 [ 12.895703] print_report+0xd1/0x610 [ 12.895727] ? __virt_addr_valid+0x1db/0x2d0 [ 12.895752] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.895776] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.895799] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.895823] kasan_report+0x141/0x180 [ 12.895845] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.895873] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.895897] __kasan_check_byte+0x3d/0x50 [ 12.895918] kmem_cache_destroy+0x25/0x1d0 [ 12.895941] kmem_cache_double_destroy+0x1bf/0x380 [ 12.895966] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.895990] ? finish_task_switch.isra.0+0x153/0x700 [ 12.896013] ? __switch_to+0x47/0xf50 [ 12.896041] ? __pfx_read_tsc+0x10/0x10 [ 12.896063] ? ktime_get_ts64+0x86/0x230 [ 12.896088] kunit_try_run_case+0x1a5/0x480 [ 12.896114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.896135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.896170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.896193] ? __kthread_parkme+0x82/0x180 [ 12.896214] ? preempt_count_sub+0x50/0x80 [ 12.896237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.896263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.896289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.896313] kthread+0x337/0x6f0 [ 12.896332] ? trace_preempt_on+0x20/0xc0 [ 12.896356] ? __pfx_kthread+0x10/0x10 [ 12.896377] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.896398] ? calculate_sigpending+0x7b/0xa0 [ 12.896424] ? __pfx_kthread+0x10/0x10 [ 12.896444] ret_from_fork+0x116/0x1d0 [ 12.896463] ? __pfx_kthread+0x10/0x10 [ 12.896482] ret_from_fork_asm+0x1a/0x30 [ 12.896529] </TASK> [ 12.896540] [ 12.908717] Allocated by task 233: [ 12.908901] kasan_save_stack+0x45/0x70 [ 12.909751] kasan_save_track+0x18/0x40 [ 12.909929] kasan_save_alloc_info+0x3b/0x50 [ 12.910605] __kasan_slab_alloc+0x91/0xa0 [ 12.910809] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.911025] __kmem_cache_create_args+0x169/0x240 [ 12.911741] kmem_cache_double_destroy+0xd5/0x380 [ 12.912260] kunit_try_run_case+0x1a5/0x480 [ 12.912469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912801] kthread+0x337/0x6f0 [ 12.913165] ret_from_fork+0x116/0x1d0 [ 12.913351] ret_from_fork_asm+0x1a/0x30 [ 12.913535] [ 12.913630] Freed by task 233: [ 12.913772] kasan_save_stack+0x45/0x70 [ 12.913961] kasan_save_track+0x18/0x40 [ 12.914610] kasan_save_free_info+0x3f/0x60 [ 12.914777] __kasan_slab_free+0x56/0x70 [ 12.914920] kmem_cache_free+0x249/0x420 [ 12.915066] slab_kmem_cache_release+0x2e/0x40 [ 12.915219] kmem_cache_release+0x16/0x20 [ 12.915365] kobject_put+0x181/0x450 [ 12.915506] sysfs_slab_release+0x16/0x20 [ 12.915648] kmem_cache_destroy+0xf0/0x1d0 [ 12.915845] kmem_cache_double_destroy+0x14e/0x380 [ 12.916034] kunit_try_run_case+0x1a5/0x480 [ 12.916227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.916678] kthread+0x337/0x6f0 [ 12.917012] ret_from_fork+0x116/0x1d0 [ 12.917330] ret_from_fork_asm+0x1a/0x30 [ 12.917478] [ 12.917561] The buggy address belongs to the object at ffff8881018a98c0 [ 12.917561] which belongs to the cache kmem_cache of size 208 [ 12.918685] The buggy address is located 0 bytes inside of [ 12.918685] freed 208-byte region [ffff8881018a98c0, ffff8881018a9990) [ 12.919743] [ 12.919821] The buggy address belongs to the physical page: [ 12.920000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1018a9 [ 12.920824] flags: 0x200000000000000(node=0|zone=2) [ 12.921348] page_type: f5(slab) [ 12.921675] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.922305] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.922554] page dumped because: kasan: bad access detected [ 12.922727] [ 12.922796] Memory state around the buggy address: [ 12.922951] ffff8881018a9780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.923580] ffff8881018a9800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.924314] >ffff8881018a9880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.924939] ^ [ 12.925481] ffff8881018a9900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.926254] ffff8881018a9980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.926905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.830419] ================================================================== [ 12.831878] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.833081] Read of size 1 at addr ffff8881027f3000 by task kunit_try_catch/231 [ 12.833959] [ 12.834245] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.834317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.834329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.834353] Call Trace: [ 12.834373] <TASK> [ 12.834392] dump_stack_lvl+0x73/0xb0 [ 12.834430] print_report+0xd1/0x610 [ 12.834452] ? __virt_addr_valid+0x1db/0x2d0 [ 12.834477] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.834509] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.834533] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.834557] kasan_report+0x141/0x180 [ 12.834578] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.834605] __asan_report_load1_noabort+0x18/0x20 [ 12.834628] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.834652] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.834675] ? finish_task_switch.isra.0+0x153/0x700 [ 12.834699] ? __switch_to+0x47/0xf50 [ 12.834728] ? __pfx_read_tsc+0x10/0x10 [ 12.834748] ? ktime_get_ts64+0x86/0x230 [ 12.834773] kunit_try_run_case+0x1a5/0x480 [ 12.834800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.834821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.834847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.834870] ? __kthread_parkme+0x82/0x180 [ 12.834890] ? preempt_count_sub+0x50/0x80 [ 12.834913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.834936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.834980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.835004] kthread+0x337/0x6f0 [ 12.835022] ? trace_preempt_on+0x20/0xc0 [ 12.835089] ? __pfx_kthread+0x10/0x10 [ 12.835109] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.835130] ? calculate_sigpending+0x7b/0xa0 [ 12.835154] ? __pfx_kthread+0x10/0x10 [ 12.835175] ret_from_fork+0x116/0x1d0 [ 12.835194] ? __pfx_kthread+0x10/0x10 [ 12.835213] ret_from_fork_asm+0x1a/0x30 [ 12.835245] </TASK> [ 12.835256] [ 12.846099] Allocated by task 231: [ 12.846811] kasan_save_stack+0x45/0x70 [ 12.847188] kasan_save_track+0x18/0x40 [ 12.847354] kasan_save_alloc_info+0x3b/0x50 [ 12.847588] __kasan_slab_alloc+0x91/0xa0 [ 12.847760] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.847981] kmem_cache_rcu_uaf+0x155/0x510 [ 12.848200] kunit_try_run_case+0x1a5/0x480 [ 12.848363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.848974] kthread+0x337/0x6f0 [ 12.849406] ret_from_fork+0x116/0x1d0 [ 12.849609] ret_from_fork_asm+0x1a/0x30 [ 12.849792] [ 12.849866] Freed by task 0: [ 12.850020] kasan_save_stack+0x45/0x70 [ 12.850594] kasan_save_track+0x18/0x40 [ 12.850850] kasan_save_free_info+0x3f/0x60 [ 12.851217] __kasan_slab_free+0x56/0x70 [ 12.851383] slab_free_after_rcu_debug+0xe4/0x310 [ 12.851775] rcu_core+0x66f/0x1c40 [ 12.851927] rcu_core_si+0x12/0x20 [ 12.852262] handle_softirqs+0x209/0x730 [ 12.852590] __irq_exit_rcu+0xc9/0x110 [ 12.852772] irq_exit_rcu+0x12/0x20 [ 12.852936] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.853154] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.853396] [ 12.853486] Last potentially related work creation: [ 12.853721] kasan_save_stack+0x45/0x70 [ 12.853904] kasan_record_aux_stack+0xb2/0xc0 [ 12.854101] kmem_cache_free+0x131/0x420 [ 12.854557] kmem_cache_rcu_uaf+0x194/0x510 [ 12.854715] kunit_try_run_case+0x1a5/0x480 [ 12.854862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.855058] kthread+0x337/0x6f0 [ 12.855360] ret_from_fork+0x116/0x1d0 [ 12.855693] ret_from_fork_asm+0x1a/0x30 [ 12.855953] [ 12.856026] The buggy address belongs to the object at ffff8881027f3000 [ 12.856026] which belongs to the cache test_cache of size 200 [ 12.856691] The buggy address is located 0 bytes inside of [ 12.856691] freed 200-byte region [ffff8881027f3000, ffff8881027f30c8) [ 12.857233] [ 12.857331] The buggy address belongs to the physical page: [ 12.857525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f3 [ 12.857883] flags: 0x200000000000000(node=0|zone=2) [ 12.858234] page_type: f5(slab) [ 12.858408] raw: 0200000000000000 ffff888101640500 dead000000000122 0000000000000000 [ 12.858659] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.858993] page dumped because: kasan: bad access detected [ 12.859248] [ 12.859408] Memory state around the buggy address: [ 12.859614] ffff8881027f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.859846] ffff8881027f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.860341] >ffff8881027f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.860643] ^ [ 12.860807] ffff8881027f3080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.861055] ffff8881027f3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.861443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.770910] ================================================================== [ 12.771561] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.771921] Free of addr ffff888102f6e001 by task kunit_try_catch/229 [ 12.772263] [ 12.772430] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.772479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.772490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.772524] Call Trace: [ 12.772557] <TASK> [ 12.772574] dump_stack_lvl+0x73/0xb0 [ 12.772605] print_report+0xd1/0x610 [ 12.772627] ? __virt_addr_valid+0x1db/0x2d0 [ 12.772651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.772673] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.772698] kasan_report_invalid_free+0x10a/0x130 [ 12.772722] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.772747] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.772771] check_slab_allocation+0x11f/0x130 [ 12.772794] __kasan_slab_pre_free+0x28/0x40 [ 12.772814] kmem_cache_free+0xed/0x420 [ 12.772834] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.772854] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.772900] kmem_cache_invalid_free+0x1d8/0x460 [ 12.772924] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.772947] ? finish_task_switch.isra.0+0x153/0x700 [ 12.772971] ? __switch_to+0x47/0xf50 [ 12.772999] ? __pfx_read_tsc+0x10/0x10 [ 12.773020] ? ktime_get_ts64+0x86/0x230 [ 12.773139] kunit_try_run_case+0x1a5/0x480 [ 12.773164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.773188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.773213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.773237] ? __kthread_parkme+0x82/0x180 [ 12.773257] ? preempt_count_sub+0x50/0x80 [ 12.773279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.773303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.773326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.773349] kthread+0x337/0x6f0 [ 12.773367] ? trace_preempt_on+0x20/0xc0 [ 12.773390] ? __pfx_kthread+0x10/0x10 [ 12.773409] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.773430] ? calculate_sigpending+0x7b/0xa0 [ 12.773455] ? __pfx_kthread+0x10/0x10 [ 12.773475] ret_from_fork+0x116/0x1d0 [ 12.773508] ? __pfx_kthread+0x10/0x10 [ 12.773527] ret_from_fork_asm+0x1a/0x30 [ 12.773558] </TASK> [ 12.773568] [ 12.784726] Allocated by task 229: [ 12.784900] kasan_save_stack+0x45/0x70 [ 12.785199] kasan_save_track+0x18/0x40 [ 12.785386] kasan_save_alloc_info+0x3b/0x50 [ 12.785591] __kasan_slab_alloc+0x91/0xa0 [ 12.785776] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.785983] kmem_cache_invalid_free+0x157/0x460 [ 12.786429] kunit_try_run_case+0x1a5/0x480 [ 12.786642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.786871] kthread+0x337/0x6f0 [ 12.787021] ret_from_fork+0x116/0x1d0 [ 12.787264] ret_from_fork_asm+0x1a/0x30 [ 12.787446] [ 12.787548] The buggy address belongs to the object at ffff888102f6e000 [ 12.787548] which belongs to the cache test_cache of size 200 [ 12.788032] The buggy address is located 1 bytes inside of [ 12.788032] 200-byte region [ffff888102f6e000, ffff888102f6e0c8) [ 12.788727] [ 12.788818] The buggy address belongs to the physical page: [ 12.789091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f6e [ 12.789621] flags: 0x200000000000000(node=0|zone=2) [ 12.789843] page_type: f5(slab) [ 12.789994] raw: 0200000000000000 ffff8881018a9780 dead000000000122 0000000000000000 [ 12.790684] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.790998] page dumped because: kasan: bad access detected [ 12.791487] [ 12.791573] Memory state around the buggy address: [ 12.791729] ffff888102f6df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.791944] ffff888102f6df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.792164] >ffff888102f6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.792379] ^ [ 12.792501] ffff888102f6e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.792717] ffff888102f6e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.793035] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.729652] ================================================================== [ 12.730331] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.731285] Free of addr ffff888102f6d000 by task kunit_try_catch/227 [ 12.731889] [ 12.732200] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.732252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.732263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.732293] Call Trace: [ 12.732309] <TASK> [ 12.732326] dump_stack_lvl+0x73/0xb0 [ 12.732359] print_report+0xd1/0x610 [ 12.732382] ? __virt_addr_valid+0x1db/0x2d0 [ 12.732407] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.732555] ? kmem_cache_double_free+0x1e5/0x480 [ 12.732582] kasan_report_invalid_free+0x10a/0x130 [ 12.732606] ? kmem_cache_double_free+0x1e5/0x480 [ 12.732632] ? kmem_cache_double_free+0x1e5/0x480 [ 12.732655] check_slab_allocation+0x101/0x130 [ 12.732684] __kasan_slab_pre_free+0x28/0x40 [ 12.732705] kmem_cache_free+0xed/0x420 [ 12.732725] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.732745] ? kmem_cache_double_free+0x1e5/0x480 [ 12.732771] kmem_cache_double_free+0x1e5/0x480 [ 12.732795] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.732818] ? finish_task_switch.isra.0+0x153/0x700 [ 12.732842] ? __switch_to+0x47/0xf50 [ 12.732871] ? __pfx_read_tsc+0x10/0x10 [ 12.732892] ? ktime_get_ts64+0x86/0x230 [ 12.732916] kunit_try_run_case+0x1a5/0x480 [ 12.732941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.732963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.732988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.733011] ? __kthread_parkme+0x82/0x180 [ 12.733031] ? preempt_count_sub+0x50/0x80 [ 12.733088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.733111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.733136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.733159] kthread+0x337/0x6f0 [ 12.733177] ? trace_preempt_on+0x20/0xc0 [ 12.733201] ? __pfx_kthread+0x10/0x10 [ 12.733220] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.733241] ? calculate_sigpending+0x7b/0xa0 [ 12.733265] ? __pfx_kthread+0x10/0x10 [ 12.733285] ret_from_fork+0x116/0x1d0 [ 12.733304] ? __pfx_kthread+0x10/0x10 [ 12.733323] ret_from_fork_asm+0x1a/0x30 [ 12.733353] </TASK> [ 12.733364] [ 12.746864] Allocated by task 227: [ 12.747178] kasan_save_stack+0x45/0x70 [ 12.747695] kasan_save_track+0x18/0x40 [ 12.748190] kasan_save_alloc_info+0x3b/0x50 [ 12.748613] __kasan_slab_alloc+0x91/0xa0 [ 12.748980] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.749521] kmem_cache_double_free+0x14f/0x480 [ 12.750033] kunit_try_run_case+0x1a5/0x480 [ 12.750520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.750906] kthread+0x337/0x6f0 [ 12.751027] ret_from_fork+0x116/0x1d0 [ 12.751614] ret_from_fork_asm+0x1a/0x30 [ 12.751979] [ 12.752135] Freed by task 227: [ 12.752459] kasan_save_stack+0x45/0x70 [ 12.752796] kasan_save_track+0x18/0x40 [ 12.752939] kasan_save_free_info+0x3f/0x60 [ 12.753221] __kasan_slab_free+0x56/0x70 [ 12.753610] kmem_cache_free+0x249/0x420 [ 12.753996] kmem_cache_double_free+0x16a/0x480 [ 12.754487] kunit_try_run_case+0x1a5/0x480 [ 12.754867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.755172] kthread+0x337/0x6f0 [ 12.755379] ret_from_fork+0x116/0x1d0 [ 12.755725] ret_from_fork_asm+0x1a/0x30 [ 12.755924] [ 12.755995] The buggy address belongs to the object at ffff888102f6d000 [ 12.755995] which belongs to the cache test_cache of size 200 [ 12.757482] The buggy address is located 0 bytes inside of [ 12.757482] 200-byte region [ffff888102f6d000, ffff888102f6d0c8) [ 12.758061] [ 12.758271] The buggy address belongs to the physical page: [ 12.758801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f6d [ 12.759311] flags: 0x200000000000000(node=0|zone=2) [ 12.759484] page_type: f5(slab) [ 12.759621] raw: 0200000000000000 ffff8881018a9640 dead000000000122 0000000000000000 [ 12.759854] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.760093] page dumped because: kasan: bad access detected [ 12.760262] [ 12.760562] Memory state around the buggy address: [ 12.760808] ffff888102f6cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.761204] ffff888102f6cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.761477] >ffff888102f6d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.761771] ^ [ 12.761925] ffff888102f6d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.762145] ffff888102f6d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.762398] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.690736] ================================================================== [ 12.691220] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.691832] Read of size 1 at addr ffff8881027f10c8 by task kunit_try_catch/225 [ 12.692361] [ 12.692477] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.692536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.692546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.692568] Call Trace: [ 12.692581] <TASK> [ 12.692596] dump_stack_lvl+0x73/0xb0 [ 12.692667] print_report+0xd1/0x610 [ 12.692689] ? __virt_addr_valid+0x1db/0x2d0 [ 12.692737] ? kmem_cache_oob+0x402/0x530 [ 12.692759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.692781] ? kmem_cache_oob+0x402/0x530 [ 12.692803] kasan_report+0x141/0x180 [ 12.692824] ? kmem_cache_oob+0x402/0x530 [ 12.692850] __asan_report_load1_noabort+0x18/0x20 [ 12.692873] kmem_cache_oob+0x402/0x530 [ 12.692894] ? trace_hardirqs_on+0x37/0xe0 [ 12.692916] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.692939] ? finish_task_switch.isra.0+0x153/0x700 [ 12.692962] ? __switch_to+0x47/0xf50 [ 12.692989] ? __pfx_read_tsc+0x10/0x10 [ 12.693009] ? ktime_get_ts64+0x86/0x230 [ 12.693032] kunit_try_run_case+0x1a5/0x480 [ 12.693056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.693089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.693112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.693135] ? __kthread_parkme+0x82/0x180 [ 12.693189] ? preempt_count_sub+0x50/0x80 [ 12.693212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.693235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.693258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.693290] kthread+0x337/0x6f0 [ 12.693308] ? trace_preempt_on+0x20/0xc0 [ 12.693329] ? __pfx_kthread+0x10/0x10 [ 12.693348] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.693368] ? calculate_sigpending+0x7b/0xa0 [ 12.693424] ? __pfx_kthread+0x10/0x10 [ 12.693444] ret_from_fork+0x116/0x1d0 [ 12.693462] ? __pfx_kthread+0x10/0x10 [ 12.693481] ret_from_fork_asm+0x1a/0x30 [ 12.693521] </TASK> [ 12.693531] [ 12.702911] Allocated by task 225: [ 12.703095] kasan_save_stack+0x45/0x70 [ 12.703297] kasan_save_track+0x18/0x40 [ 12.703461] kasan_save_alloc_info+0x3b/0x50 [ 12.703615] __kasan_slab_alloc+0x91/0xa0 [ 12.703946] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.704280] kmem_cache_oob+0x157/0x530 [ 12.704477] kunit_try_run_case+0x1a5/0x480 [ 12.704789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.705045] kthread+0x337/0x6f0 [ 12.705365] ret_from_fork+0x116/0x1d0 [ 12.705637] ret_from_fork_asm+0x1a/0x30 [ 12.705850] [ 12.705956] The buggy address belongs to the object at ffff8881027f1000 [ 12.705956] which belongs to the cache test_cache of size 200 [ 12.706546] The buggy address is located 0 bytes to the right of [ 12.706546] allocated 200-byte region [ffff8881027f1000, ffff8881027f10c8) [ 12.707095] [ 12.707189] The buggy address belongs to the physical page: [ 12.707653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027f1 [ 12.707931] flags: 0x200000000000000(node=0|zone=2) [ 12.708300] page_type: f5(slab) [ 12.708480] raw: 0200000000000000 ffff8881016403c0 dead000000000122 0000000000000000 [ 12.708836] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.709227] page dumped because: kasan: bad access detected [ 12.709605] [ 12.709679] Memory state around the buggy address: [ 12.709830] ffff8881027f0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.710136] ffff8881027f1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.710449] >ffff8881027f1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.710889] ^ [ 12.711301] ffff8881027f1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.711529] ffff8881027f1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.711841] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.645298] ================================================================== [ 12.645756] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.645990] Read of size 8 at addr ffff8881027ec480 by task kunit_try_catch/218 [ 12.647453] [ 12.647840] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.647900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647933] Call Trace: [ 12.647948] <TASK> [ 12.647967] dump_stack_lvl+0x73/0xb0 [ 12.647998] print_report+0xd1/0x610 [ 12.648020] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648043] ? workqueue_uaf+0x4d6/0x560 [ 12.648063] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.648085] ? workqueue_uaf+0x4d6/0x560 [ 12.648105] kasan_report+0x141/0x180 [ 12.648126] ? workqueue_uaf+0x4d6/0x560 [ 12.648372] __asan_report_load8_noabort+0x18/0x20 [ 12.648403] workqueue_uaf+0x4d6/0x560 [ 12.648470] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.648502] ? __schedule+0x10cc/0x2b60 [ 12.648525] ? __pfx_read_tsc+0x10/0x10 [ 12.648545] ? ktime_get_ts64+0x86/0x230 [ 12.648570] kunit_try_run_case+0x1a5/0x480 [ 12.648595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.648640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.648662] ? __kthread_parkme+0x82/0x180 [ 12.648682] ? preempt_count_sub+0x50/0x80 [ 12.648706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648774] kthread+0x337/0x6f0 [ 12.648792] ? trace_preempt_on+0x20/0xc0 [ 12.648815] ? __pfx_kthread+0x10/0x10 [ 12.648834] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648854] ? calculate_sigpending+0x7b/0xa0 [ 12.648878] ? __pfx_kthread+0x10/0x10 [ 12.648898] ret_from_fork+0x116/0x1d0 [ 12.648916] ? __pfx_kthread+0x10/0x10 [ 12.648934] ret_from_fork_asm+0x1a/0x30 [ 12.648965] </TASK> [ 12.648975] [ 12.661800] Allocated by task 218: [ 12.662074] kasan_save_stack+0x45/0x70 [ 12.662451] kasan_save_track+0x18/0x40 [ 12.662601] kasan_save_alloc_info+0x3b/0x50 [ 12.662751] __kasan_kmalloc+0xb7/0xc0 [ 12.662882] __kmalloc_cache_noprof+0x189/0x420 [ 12.663044] workqueue_uaf+0x152/0x560 [ 12.663176] kunit_try_run_case+0x1a5/0x480 [ 12.663322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.663705] kthread+0x337/0x6f0 [ 12.664119] ret_from_fork+0x116/0x1d0 [ 12.664477] ret_from_fork_asm+0x1a/0x30 [ 12.664872] [ 12.665092] Freed by task 9: [ 12.665408] kasan_save_stack+0x45/0x70 [ 12.665783] kasan_save_track+0x18/0x40 [ 12.666232] kasan_save_free_info+0x3f/0x60 [ 12.666633] __kasan_slab_free+0x56/0x70 [ 12.667002] kfree+0x222/0x3f0 [ 12.667379] workqueue_uaf_work+0x12/0x20 [ 12.667770] process_one_work+0x5ee/0xf60 [ 12.668349] worker_thread+0x758/0x1220 [ 12.668729] kthread+0x337/0x6f0 [ 12.669125] ret_from_fork+0x116/0x1d0 [ 12.669514] ret_from_fork_asm+0x1a/0x30 [ 12.669824] [ 12.669896] Last potentially related work creation: [ 12.670116] kasan_save_stack+0x45/0x70 [ 12.670568] kasan_record_aux_stack+0xb2/0xc0 [ 12.670979] __queue_work+0x626/0xeb0 [ 12.671419] queue_work_on+0xb6/0xc0 [ 12.671669] workqueue_uaf+0x26d/0x560 [ 12.671807] kunit_try_run_case+0x1a5/0x480 [ 12.671953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.672642] kthread+0x337/0x6f0 [ 12.672969] ret_from_fork+0x116/0x1d0 [ 12.673562] ret_from_fork_asm+0x1a/0x30 [ 12.673940] [ 12.674037] The buggy address belongs to the object at ffff8881027ec480 [ 12.674037] which belongs to the cache kmalloc-32 of size 32 [ 12.674401] The buggy address is located 0 bytes inside of [ 12.674401] freed 32-byte region [ffff8881027ec480, ffff8881027ec4a0) [ 12.675509] [ 12.675676] The buggy address belongs to the physical page: [ 12.676211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ec [ 12.676887] flags: 0x200000000000000(node=0|zone=2) [ 12.677311] page_type: f5(slab) [ 12.677437] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.677679] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.677905] page dumped because: kasan: bad access detected [ 12.678075] [ 12.678143] Memory state around the buggy address: [ 12.678694] ffff8881027ec380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.679397] ffff8881027ec400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.680007] >ffff8881027ec480: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.680800] ^ [ 12.681129] ffff8881027ec500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681824] ffff8881027ec580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.606158] ================================================================== [ 12.606645] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.606987] Read of size 4 at addr ffff888102f63940 by task swapper/1/0 [ 12.607265] [ 12.607368] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.607472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.607484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.607517] Call Trace: [ 12.607544] <IRQ> [ 12.607562] dump_stack_lvl+0x73/0xb0 [ 12.607595] print_report+0xd1/0x610 [ 12.607655] ? __virt_addr_valid+0x1db/0x2d0 [ 12.607706] ? rcu_uaf_reclaim+0x50/0x60 [ 12.607725] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.607747] ? rcu_uaf_reclaim+0x50/0x60 [ 12.607767] kasan_report+0x141/0x180 [ 12.607788] ? rcu_uaf_reclaim+0x50/0x60 [ 12.607812] __asan_report_load4_noabort+0x18/0x20 [ 12.607835] rcu_uaf_reclaim+0x50/0x60 [ 12.607855] rcu_core+0x66f/0x1c40 [ 12.607883] ? __pfx_rcu_core+0x10/0x10 [ 12.607903] ? ktime_get+0x6b/0x150 [ 12.607924] ? handle_softirqs+0x18e/0x730 [ 12.607949] rcu_core_si+0x12/0x20 [ 12.607968] handle_softirqs+0x209/0x730 [ 12.607987] ? hrtimer_interrupt+0x2fe/0x780 [ 12.608008] ? __pfx_handle_softirqs+0x10/0x10 [ 12.608033] __irq_exit_rcu+0xc9/0x110 [ 12.608053] irq_exit_rcu+0x12/0x20 [ 12.608072] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.608096] </IRQ> [ 12.608121] <TASK> [ 12.608131] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.608301] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.608533] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.608616] RSP: 0000:ffff888100877dc8 EFLAGS: 00010202 [ 12.608703] RAX: ffff88819e772000 RBX: ffff888100853000 RCX: ffffffffba476125 [ 12.608747] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000000e714 [ 12.608788] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.608829] R10: ffff88815b130c53 R11: 0000000000000000 R12: 0000000000000001 [ 12.608873] R13: ffffed102010a600 R14: ffffffffbc1b1490 R15: 0000000000000000 [ 12.608934] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.608986] ? default_idle+0xd/0x20 [ 12.609007] arch_cpu_idle+0xd/0x20 [ 12.609028] default_idle_call+0x48/0x80 [ 12.609047] do_idle+0x379/0x4f0 [ 12.609072] ? __pfx_do_idle+0x10/0x10 [ 12.609099] cpu_startup_entry+0x5c/0x70 [ 12.609118] start_secondary+0x211/0x290 [ 12.609139] ? __pfx_start_secondary+0x10/0x10 [ 12.609164] common_startup_64+0x13e/0x148 [ 12.609195] </TASK> [ 12.609205] [ 12.623787] Allocated by task 216: [ 12.624099] kasan_save_stack+0x45/0x70 [ 12.624429] kasan_save_track+0x18/0x40 [ 12.624867] kasan_save_alloc_info+0x3b/0x50 [ 12.625285] __kasan_kmalloc+0xb7/0xc0 [ 12.625484] __kmalloc_cache_noprof+0x189/0x420 [ 12.625673] rcu_uaf+0xb0/0x330 [ 12.625859] kunit_try_run_case+0x1a5/0x480 [ 12.626048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.626359] kthread+0x337/0x6f0 [ 12.626533] ret_from_fork+0x116/0x1d0 [ 12.626735] ret_from_fork_asm+0x1a/0x30 [ 12.626882] [ 12.626978] Freed by task 0: [ 12.627217] kasan_save_stack+0x45/0x70 [ 12.627399] kasan_save_track+0x18/0x40 [ 12.627603] kasan_save_free_info+0x3f/0x60 [ 12.627814] __kasan_slab_free+0x56/0x70 [ 12.628001] kfree+0x222/0x3f0 [ 12.628157] rcu_uaf_reclaim+0x1f/0x60 [ 12.628442] rcu_core+0x66f/0x1c40 [ 12.628651] rcu_core_si+0x12/0x20 [ 12.628859] handle_softirqs+0x209/0x730 [ 12.629218] __irq_exit_rcu+0xc9/0x110 [ 12.629415] irq_exit_rcu+0x12/0x20 [ 12.629619] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.629860] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.630146] [ 12.630311] Last potentially related work creation: [ 12.630550] kasan_save_stack+0x45/0x70 [ 12.630752] kasan_record_aux_stack+0xb2/0xc0 [ 12.630979] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.631363] call_rcu+0x12/0x20 [ 12.631523] rcu_uaf+0x168/0x330 [ 12.631716] kunit_try_run_case+0x1a5/0x480 [ 12.631913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.632150] kthread+0x337/0x6f0 [ 12.632266] ret_from_fork+0x116/0x1d0 [ 12.632394] ret_from_fork_asm+0x1a/0x30 [ 12.632552] [ 12.632661] The buggy address belongs to the object at ffff888102f63940 [ 12.632661] which belongs to the cache kmalloc-32 of size 32 [ 12.633386] The buggy address is located 0 bytes inside of [ 12.633386] freed 32-byte region [ffff888102f63940, ffff888102f63960) [ 12.633861] [ 12.633958] The buggy address belongs to the physical page: [ 12.634387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f63 [ 12.634810] flags: 0x200000000000000(node=0|zone=2) [ 12.635042] page_type: f5(slab) [ 12.635163] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.635576] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.635841] page dumped because: kasan: bad access detected [ 12.636015] [ 12.636105] Memory state around the buggy address: [ 12.636326] ffff888102f63800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.636877] ffff888102f63880: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.637566] >ffff888102f63900: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.638168] ^ [ 12.639036] ffff888102f63980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639284] ffff888102f63a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639769] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.549599] ================================================================== [ 12.549943] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.550215] Read of size 1 at addr ffff8881027e4500 by task kunit_try_catch/214 [ 12.550529] [ 12.550631] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.550674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.550684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.550705] Call Trace: [ 12.550717] <TASK> [ 12.550731] dump_stack_lvl+0x73/0xb0 [ 12.550758] print_report+0xd1/0x610 [ 12.550779] ? __virt_addr_valid+0x1db/0x2d0 [ 12.550800] ? ksize_uaf+0x5fe/0x6c0 [ 12.550820] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.550841] ? ksize_uaf+0x5fe/0x6c0 [ 12.550861] kasan_report+0x141/0x180 [ 12.550882] ? ksize_uaf+0x5fe/0x6c0 [ 12.550906] __asan_report_load1_noabort+0x18/0x20 [ 12.550930] ksize_uaf+0x5fe/0x6c0 [ 12.550950] ? __pfx_ksize_uaf+0x10/0x10 [ 12.550971] ? __schedule+0x10cc/0x2b60 [ 12.550992] ? __pfx_read_tsc+0x10/0x10 [ 12.551012] ? ktime_get_ts64+0x86/0x230 [ 12.551036] kunit_try_run_case+0x1a5/0x480 [ 12.551058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.551103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.551125] ? __kthread_parkme+0x82/0x180 [ 12.551167] ? preempt_count_sub+0x50/0x80 [ 12.551192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.551237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.551262] kthread+0x337/0x6f0 [ 12.551281] ? trace_preempt_on+0x20/0xc0 [ 12.551548] ? __pfx_kthread+0x10/0x10 [ 12.551568] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.551588] ? calculate_sigpending+0x7b/0xa0 [ 12.551613] ? __pfx_kthread+0x10/0x10 [ 12.551635] ret_from_fork+0x116/0x1d0 [ 12.551654] ? __pfx_kthread+0x10/0x10 [ 12.551673] ret_from_fork_asm+0x1a/0x30 [ 12.551702] </TASK> [ 12.551712] [ 12.558583] Allocated by task 214: [ 12.558762] kasan_save_stack+0x45/0x70 [ 12.558947] kasan_save_track+0x18/0x40 [ 12.559112] kasan_save_alloc_info+0x3b/0x50 [ 12.559323] __kasan_kmalloc+0xb7/0xc0 [ 12.559483] __kmalloc_cache_noprof+0x189/0x420 [ 12.559696] ksize_uaf+0xaa/0x6c0 [ 12.559840] kunit_try_run_case+0x1a5/0x480 [ 12.560033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.560263] kthread+0x337/0x6f0 [ 12.560386] ret_from_fork+0x116/0x1d0 [ 12.560530] ret_from_fork_asm+0x1a/0x30 [ 12.560723] [ 12.560825] Freed by task 214: [ 12.560985] kasan_save_stack+0x45/0x70 [ 12.561206] kasan_save_track+0x18/0x40 [ 12.561399] kasan_save_free_info+0x3f/0x60 [ 12.561590] __kasan_slab_free+0x56/0x70 [ 12.561775] kfree+0x222/0x3f0 [ 12.561927] ksize_uaf+0x12c/0x6c0 [ 12.562102] kunit_try_run_case+0x1a5/0x480 [ 12.562299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.562549] kthread+0x337/0x6f0 [ 12.562704] ret_from_fork+0x116/0x1d0 [ 12.562878] ret_from_fork_asm+0x1a/0x30 [ 12.563055] [ 12.563159] The buggy address belongs to the object at ffff8881027e4500 [ 12.563159] which belongs to the cache kmalloc-128 of size 128 [ 12.563655] The buggy address is located 0 bytes inside of [ 12.563655] freed 128-byte region [ffff8881027e4500, ffff8881027e4580) [ 12.564121] [ 12.564240] The buggy address belongs to the physical page: [ 12.564460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.564786] flags: 0x200000000000000(node=0|zone=2) [ 12.565001] page_type: f5(slab) [ 12.565129] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.565381] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.565676] page dumped because: kasan: bad access detected [ 12.565928] [ 12.566017] Memory state around the buggy address: [ 12.566269] ffff8881027e4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.566590] ffff8881027e4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.566831] >ffff8881027e4500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.567103] ^ [ 12.567295] ffff8881027e4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567622] ffff8881027e4600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567890] ================================================================== [ 12.526522] ================================================================== [ 12.526947] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.527373] Read of size 1 at addr ffff8881027e4500 by task kunit_try_catch/214 [ 12.527688] [ 12.527785] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.527830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.527841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.527863] Call Trace: [ 12.527875] <TASK> [ 12.527891] dump_stack_lvl+0x73/0xb0 [ 12.527923] print_report+0xd1/0x610 [ 12.527944] ? __virt_addr_valid+0x1db/0x2d0 [ 12.527968] ? ksize_uaf+0x19d/0x6c0 [ 12.527988] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.528010] ? ksize_uaf+0x19d/0x6c0 [ 12.528030] kasan_report+0x141/0x180 [ 12.528050] ? ksize_uaf+0x19d/0x6c0 [ 12.528073] ? ksize_uaf+0x19d/0x6c0 [ 12.528092] __kasan_check_byte+0x3d/0x50 [ 12.528168] ksize+0x20/0x60 [ 12.528188] ksize_uaf+0x19d/0x6c0 [ 12.528208] ? __pfx_ksize_uaf+0x10/0x10 [ 12.528229] ? __schedule+0x10cc/0x2b60 [ 12.528251] ? __pfx_read_tsc+0x10/0x10 [ 12.528272] ? ktime_get_ts64+0x86/0x230 [ 12.528296] kunit_try_run_case+0x1a5/0x480 [ 12.528321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.528366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.528388] ? __kthread_parkme+0x82/0x180 [ 12.528408] ? preempt_count_sub+0x50/0x80 [ 12.528433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.528478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.528514] kthread+0x337/0x6f0 [ 12.528533] ? trace_preempt_on+0x20/0xc0 [ 12.528556] ? __pfx_kthread+0x10/0x10 [ 12.528575] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.528596] ? calculate_sigpending+0x7b/0xa0 [ 12.528621] ? __pfx_kthread+0x10/0x10 [ 12.528641] ret_from_fork+0x116/0x1d0 [ 12.528659] ? __pfx_kthread+0x10/0x10 [ 12.528679] ret_from_fork_asm+0x1a/0x30 [ 12.528709] </TASK> [ 12.528719] [ 12.536263] Allocated by task 214: [ 12.536402] kasan_save_stack+0x45/0x70 [ 12.536618] kasan_save_track+0x18/0x40 [ 12.536810] kasan_save_alloc_info+0x3b/0x50 [ 12.536964] __kasan_kmalloc+0xb7/0xc0 [ 12.537096] __kmalloc_cache_noprof+0x189/0x420 [ 12.537253] ksize_uaf+0xaa/0x6c0 [ 12.537428] kunit_try_run_case+0x1a5/0x480 [ 12.537630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.537859] kthread+0x337/0x6f0 [ 12.538016] ret_from_fork+0x116/0x1d0 [ 12.538208] ret_from_fork_asm+0x1a/0x30 [ 12.538392] [ 12.538480] Freed by task 214: [ 12.538812] kasan_save_stack+0x45/0x70 [ 12.538958] kasan_save_track+0x18/0x40 [ 12.539231] kasan_save_free_info+0x3f/0x60 [ 12.539447] __kasan_slab_free+0x56/0x70 [ 12.539655] kfree+0x222/0x3f0 [ 12.539824] ksize_uaf+0x12c/0x6c0 [ 12.540002] kunit_try_run_case+0x1a5/0x480 [ 12.540293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.540548] kthread+0x337/0x6f0 [ 12.540704] ret_from_fork+0x116/0x1d0 [ 12.540835] ret_from_fork_asm+0x1a/0x30 [ 12.541010] [ 12.541192] The buggy address belongs to the object at ffff8881027e4500 [ 12.541192] which belongs to the cache kmalloc-128 of size 128 [ 12.541720] The buggy address is located 0 bytes inside of [ 12.541720] freed 128-byte region [ffff8881027e4500, ffff8881027e4580) [ 12.542382] [ 12.542459] The buggy address belongs to the physical page: [ 12.542645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.542887] flags: 0x200000000000000(node=0|zone=2) [ 12.543134] page_type: f5(slab) [ 12.543325] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.543672] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.544000] page dumped because: kasan: bad access detected [ 12.544335] [ 12.544433] Memory state around the buggy address: [ 12.544654] ffff8881027e4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.544871] ffff8881027e4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.545162] >ffff8881027e4500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.545489] ^ [ 12.545666] ffff8881027e4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.545980] ffff8881027e4600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.546517] ================================================================== [ 12.568928] ================================================================== [ 12.569292] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.569582] Read of size 1 at addr ffff8881027e4578 by task kunit_try_catch/214 [ 12.569818] [ 12.569907] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.569949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.569960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.569980] Call Trace: [ 12.569998] <TASK> [ 12.570014] dump_stack_lvl+0x73/0xb0 [ 12.570040] print_report+0xd1/0x610 [ 12.570061] ? __virt_addr_valid+0x1db/0x2d0 [ 12.570083] ? ksize_uaf+0x5e4/0x6c0 [ 12.570102] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.570124] ? ksize_uaf+0x5e4/0x6c0 [ 12.570165] kasan_report+0x141/0x180 [ 12.570186] ? ksize_uaf+0x5e4/0x6c0 [ 12.570216] __asan_report_load1_noabort+0x18/0x20 [ 12.570239] ksize_uaf+0x5e4/0x6c0 [ 12.570259] ? __pfx_ksize_uaf+0x10/0x10 [ 12.570280] ? __schedule+0x10cc/0x2b60 [ 12.570301] ? __pfx_read_tsc+0x10/0x10 [ 12.570321] ? ktime_get_ts64+0x86/0x230 [ 12.570345] kunit_try_run_case+0x1a5/0x480 [ 12.570367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.570389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.570413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.570435] ? __kthread_parkme+0x82/0x180 [ 12.570455] ? preempt_count_sub+0x50/0x80 [ 12.570478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.570510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.570533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.570556] kthread+0x337/0x6f0 [ 12.570574] ? trace_preempt_on+0x20/0xc0 [ 12.570596] ? __pfx_kthread+0x10/0x10 [ 12.570616] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.570636] ? calculate_sigpending+0x7b/0xa0 [ 12.570659] ? __pfx_kthread+0x10/0x10 [ 12.570679] ret_from_fork+0x116/0x1d0 [ 12.570697] ? __pfx_kthread+0x10/0x10 [ 12.570717] ret_from_fork_asm+0x1a/0x30 [ 12.570746] </TASK> [ 12.570755] [ 12.577402] Allocated by task 214: [ 12.577588] kasan_save_stack+0x45/0x70 [ 12.577763] kasan_save_track+0x18/0x40 [ 12.577898] kasan_save_alloc_info+0x3b/0x50 [ 12.578087] __kasan_kmalloc+0xb7/0xc0 [ 12.578305] __kmalloc_cache_noprof+0x189/0x420 [ 12.578537] ksize_uaf+0xaa/0x6c0 [ 12.578706] kunit_try_run_case+0x1a5/0x480 [ 12.578874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.579114] kthread+0x337/0x6f0 [ 12.579278] ret_from_fork+0x116/0x1d0 [ 12.579453] ret_from_fork_asm+0x1a/0x30 [ 12.579639] [ 12.579726] Freed by task 214: [ 12.579879] kasan_save_stack+0x45/0x70 [ 12.580043] kasan_save_track+0x18/0x40 [ 12.580236] kasan_save_free_info+0x3f/0x60 [ 12.580383] __kasan_slab_free+0x56/0x70 [ 12.580581] kfree+0x222/0x3f0 [ 12.580725] ksize_uaf+0x12c/0x6c0 [ 12.580887] kunit_try_run_case+0x1a5/0x480 [ 12.581059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.581336] kthread+0x337/0x6f0 [ 12.581478] ret_from_fork+0x116/0x1d0 [ 12.581616] ret_from_fork_asm+0x1a/0x30 [ 12.581753] [ 12.581821] The buggy address belongs to the object at ffff8881027e4500 [ 12.581821] which belongs to the cache kmalloc-128 of size 128 [ 12.582201] The buggy address is located 120 bytes inside of [ 12.582201] freed 128-byte region [ffff8881027e4500, ffff8881027e4580) [ 12.584069] [ 12.584473] The buggy address belongs to the physical page: [ 12.585224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.586254] flags: 0x200000000000000(node=0|zone=2) [ 12.586910] page_type: f5(slab) [ 12.587462] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.588418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.589328] page dumped because: kasan: bad access detected [ 12.590118] [ 12.590462] Memory state around the buggy address: [ 12.591085] ffff8881027e4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.591371] ffff8881027e4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.591603] >ffff8881027e4500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.591819] ^ [ 12.592034] ffff8881027e4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.592251] ffff8881027e4600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.592758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.479634] ================================================================== [ 12.480002] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.480732] Read of size 1 at addr ffff888102f59878 by task kunit_try_catch/212 [ 12.481093] [ 12.481231] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.481275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.481286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.481309] Call Trace: [ 12.481322] <TASK> [ 12.481338] dump_stack_lvl+0x73/0xb0 [ 12.481366] print_report+0xd1/0x610 [ 12.481387] ? __virt_addr_valid+0x1db/0x2d0 [ 12.481410] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.481432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.481454] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.481476] kasan_report+0x141/0x180 [ 12.481507] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.481534] __asan_report_load1_noabort+0x18/0x20 [ 12.481558] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.481581] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.481605] ? __kasan_check_write+0x18/0x20 [ 12.481623] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.481646] ? irqentry_exit+0x2a/0x60 [ 12.481667] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.481691] ? trace_hardirqs_on+0x37/0xe0 [ 12.481714] ? __pfx_read_tsc+0x10/0x10 [ 12.481733] ? ktime_get_ts64+0x86/0x230 [ 12.481757] kunit_try_run_case+0x1a5/0x480 [ 12.481781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.481805] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.481827] ? __kthread_parkme+0x82/0x180 [ 12.481847] ? preempt_count_sub+0x50/0x80 [ 12.481871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.481894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.481917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.481940] kthread+0x337/0x6f0 [ 12.481958] ? trace_preempt_on+0x20/0xc0 [ 12.481979] ? __pfx_kthread+0x10/0x10 [ 12.481999] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.482020] ? calculate_sigpending+0x7b/0xa0 [ 12.482079] ? __pfx_kthread+0x10/0x10 [ 12.482102] ret_from_fork+0x116/0x1d0 [ 12.482121] ? __pfx_kthread+0x10/0x10 [ 12.482140] ret_from_fork_asm+0x1a/0x30 [ 12.482170] </TASK> [ 12.482180] [ 12.490730] Allocated by task 212: [ 12.490922] kasan_save_stack+0x45/0x70 [ 12.491265] kasan_save_track+0x18/0x40 [ 12.491470] kasan_save_alloc_info+0x3b/0x50 [ 12.491672] __kasan_kmalloc+0xb7/0xc0 [ 12.491838] __kmalloc_cache_noprof+0x189/0x420 [ 12.492035] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.492282] kunit_try_run_case+0x1a5/0x480 [ 12.492506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.492712] kthread+0x337/0x6f0 [ 12.492835] ret_from_fork+0x116/0x1d0 [ 12.493021] ret_from_fork_asm+0x1a/0x30 [ 12.493344] [ 12.493441] The buggy address belongs to the object at ffff888102f59800 [ 12.493441] which belongs to the cache kmalloc-128 of size 128 [ 12.493880] The buggy address is located 5 bytes to the right of [ 12.493880] allocated 115-byte region [ffff888102f59800, ffff888102f59873) [ 12.494686] [ 12.494768] The buggy address belongs to the physical page: [ 12.494959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 12.495640] flags: 0x200000000000000(node=0|zone=2) [ 12.495870] page_type: f5(slab) [ 12.496011] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.496424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.496672] page dumped because: kasan: bad access detected [ 12.496842] [ 12.496910] Memory state around the buggy address: [ 12.497074] ffff888102f59700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.497768] ffff888102f59780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.498082] >ffff888102f59800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.498357] ^ [ 12.498582] ffff888102f59880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.498992] ffff888102f59900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.499712] ================================================================== [ 12.500206] ================================================================== [ 12.500526] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.500762] Read of size 1 at addr ffff888102f5987f by task kunit_try_catch/212 [ 12.501405] [ 12.501546] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.501593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.501603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.501624] Call Trace: [ 12.501641] <TASK> [ 12.501658] dump_stack_lvl+0x73/0xb0 [ 12.501689] print_report+0xd1/0x610 [ 12.501710] ? __virt_addr_valid+0x1db/0x2d0 [ 12.501733] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.501755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.501777] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.501800] kasan_report+0x141/0x180 [ 12.501821] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.501849] __asan_report_load1_noabort+0x18/0x20 [ 12.501873] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.501897] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.501921] ? __kasan_check_write+0x18/0x20 [ 12.501939] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.501962] ? irqentry_exit+0x2a/0x60 [ 12.501983] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.502006] ? trace_hardirqs_on+0x37/0xe0 [ 12.502029] ? __pfx_read_tsc+0x10/0x10 [ 12.502104] ? ktime_get_ts64+0x86/0x230 [ 12.502128] kunit_try_run_case+0x1a5/0x480 [ 12.502152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.502175] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.502204] ? __kthread_parkme+0x82/0x180 [ 12.502224] ? preempt_count_sub+0x50/0x80 [ 12.502247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.502270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.502293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.502316] kthread+0x337/0x6f0 [ 12.502334] ? trace_preempt_on+0x20/0xc0 [ 12.502355] ? __pfx_kthread+0x10/0x10 [ 12.502374] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.502394] ? calculate_sigpending+0x7b/0xa0 [ 12.502419] ? __pfx_kthread+0x10/0x10 [ 12.502439] ret_from_fork+0x116/0x1d0 [ 12.502457] ? __pfx_kthread+0x10/0x10 [ 12.502476] ret_from_fork_asm+0x1a/0x30 [ 12.502519] </TASK> [ 12.502528] [ 12.510394] Allocated by task 212: [ 12.510590] kasan_save_stack+0x45/0x70 [ 12.510793] kasan_save_track+0x18/0x40 [ 12.510968] kasan_save_alloc_info+0x3b/0x50 [ 12.511225] __kasan_kmalloc+0xb7/0xc0 [ 12.511404] __kmalloc_cache_noprof+0x189/0x420 [ 12.511621] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.511800] kunit_try_run_case+0x1a5/0x480 [ 12.511947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.512122] kthread+0x337/0x6f0 [ 12.512242] ret_from_fork+0x116/0x1d0 [ 12.512374] ret_from_fork_asm+0x1a/0x30 [ 12.512522] [ 12.512616] The buggy address belongs to the object at ffff888102f59800 [ 12.512616] which belongs to the cache kmalloc-128 of size 128 [ 12.513330] The buggy address is located 12 bytes to the right of [ 12.513330] allocated 115-byte region [ffff888102f59800, ffff888102f59873) [ 12.514586] [ 12.514659] The buggy address belongs to the physical page: [ 12.514830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 12.515226] flags: 0x200000000000000(node=0|zone=2) [ 12.515475] page_type: f5(slab) [ 12.515656] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.515972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.516368] page dumped because: kasan: bad access detected [ 12.516596] [ 12.516687] Memory state around the buggy address: [ 12.516896] ffff888102f59700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.517264] ffff888102f59780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.517565] >ffff888102f59800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.517842] ^ [ 12.518147] ffff888102f59880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.518532] ffff888102f59900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.518814] ================================================================== [ 12.460770] ================================================================== [ 12.461317] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.461649] Read of size 1 at addr ffff888102f59873 by task kunit_try_catch/212 [ 12.461947] [ 12.462040] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.462086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.462097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.462118] Call Trace: [ 12.462130] <TASK> [ 12.462147] dump_stack_lvl+0x73/0xb0 [ 12.462378] print_report+0xd1/0x610 [ 12.462400] ? __virt_addr_valid+0x1db/0x2d0 [ 12.462423] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.462445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.462467] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.462490] kasan_report+0x141/0x180 [ 12.462524] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.462551] __asan_report_load1_noabort+0x18/0x20 [ 12.462575] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.462598] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.462622] ? __kasan_check_write+0x18/0x20 [ 12.462640] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.462664] ? irqentry_exit+0x2a/0x60 [ 12.462685] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.462708] ? trace_hardirqs_on+0x37/0xe0 [ 12.462731] ? __pfx_read_tsc+0x10/0x10 [ 12.462751] ? ktime_get_ts64+0x86/0x230 [ 12.462775] kunit_try_run_case+0x1a5/0x480 [ 12.462800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462823] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.462846] ? __kthread_parkme+0x82/0x180 [ 12.462866] ? preempt_count_sub+0x50/0x80 [ 12.462889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.462935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.462958] kthread+0x337/0x6f0 [ 12.462977] ? trace_preempt_on+0x20/0xc0 [ 12.462997] ? __pfx_kthread+0x10/0x10 [ 12.463017] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.463038] ? calculate_sigpending+0x7b/0xa0 [ 12.463206] ? __pfx_kthread+0x10/0x10 [ 12.463227] ret_from_fork+0x116/0x1d0 [ 12.463246] ? __pfx_kthread+0x10/0x10 [ 12.463265] ret_from_fork_asm+0x1a/0x30 [ 12.463295] </TASK> [ 12.463306] [ 12.471131] Allocated by task 212: [ 12.471327] kasan_save_stack+0x45/0x70 [ 12.471540] kasan_save_track+0x18/0x40 [ 12.471712] kasan_save_alloc_info+0x3b/0x50 [ 12.471908] __kasan_kmalloc+0xb7/0xc0 [ 12.472042] __kmalloc_cache_noprof+0x189/0x420 [ 12.472364] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.472564] kunit_try_run_case+0x1a5/0x480 [ 12.472753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.472960] kthread+0x337/0x6f0 [ 12.473127] ret_from_fork+0x116/0x1d0 [ 12.473297] ret_from_fork_asm+0x1a/0x30 [ 12.473438] [ 12.473517] The buggy address belongs to the object at ffff888102f59800 [ 12.473517] which belongs to the cache kmalloc-128 of size 128 [ 12.473965] The buggy address is located 0 bytes to the right of [ 12.473965] allocated 115-byte region [ffff888102f59800, ffff888102f59873) [ 12.474640] [ 12.474723] The buggy address belongs to the physical page: [ 12.474943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 12.475222] flags: 0x200000000000000(node=0|zone=2) [ 12.475564] page_type: f5(slab) [ 12.475693] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.475994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.476486] page dumped because: kasan: bad access detected [ 12.476725] [ 12.476819] Memory state around the buggy address: [ 12.477007] ffff888102f59700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.477710] ffff888102f59780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.478002] >ffff888102f59800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.478233] ^ [ 12.478440] ffff888102f59880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.478667] ffff888102f59900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.478879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.436675] ================================================================== [ 12.437025] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.437224] Free of addr ffff888101994600 by task kunit_try_catch/210 [ 12.437419] [ 12.437631] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.437680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.437690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.437711] Call Trace: [ 12.437723] <TASK> [ 12.437738] dump_stack_lvl+0x73/0xb0 [ 12.437765] print_report+0xd1/0x610 [ 12.437786] ? __virt_addr_valid+0x1db/0x2d0 [ 12.437809] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.437830] ? kfree_sensitive+0x2e/0x90 [ 12.437850] kasan_report_invalid_free+0x10a/0x130 [ 12.437874] ? kfree_sensitive+0x2e/0x90 [ 12.437895] ? kfree_sensitive+0x2e/0x90 [ 12.437913] check_slab_allocation+0x101/0x130 [ 12.437934] __kasan_slab_pre_free+0x28/0x40 [ 12.437955] kfree+0xf0/0x3f0 [ 12.437975] ? kfree_sensitive+0x2e/0x90 [ 12.437996] kfree_sensitive+0x2e/0x90 [ 12.438015] kmalloc_double_kzfree+0x19c/0x350 [ 12.438038] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.438096] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.438120] ? trace_hardirqs_on+0x37/0xe0 [ 12.438143] ? __pfx_read_tsc+0x10/0x10 [ 12.438176] ? ktime_get_ts64+0x86/0x230 [ 12.438206] kunit_try_run_case+0x1a5/0x480 [ 12.438230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438253] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.438276] ? __kthread_parkme+0x82/0x180 [ 12.438296] ? preempt_count_sub+0x50/0x80 [ 12.438319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.438365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.438388] kthread+0x337/0x6f0 [ 12.438406] ? trace_preempt_on+0x20/0xc0 [ 12.438426] ? __pfx_kthread+0x10/0x10 [ 12.438445] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.438466] ? calculate_sigpending+0x7b/0xa0 [ 12.438489] ? __pfx_kthread+0x10/0x10 [ 12.438520] ret_from_fork+0x116/0x1d0 [ 12.438538] ? __pfx_kthread+0x10/0x10 [ 12.438558] ret_from_fork_asm+0x1a/0x30 [ 12.438587] </TASK> [ 12.438597] [ 12.446812] Allocated by task 210: [ 12.446991] kasan_save_stack+0x45/0x70 [ 12.447274] kasan_save_track+0x18/0x40 [ 12.447448] kasan_save_alloc_info+0x3b/0x50 [ 12.447633] __kasan_kmalloc+0xb7/0xc0 [ 12.447819] __kmalloc_cache_noprof+0x189/0x420 [ 12.448004] kmalloc_double_kzfree+0xa9/0x350 [ 12.448380] kunit_try_run_case+0x1a5/0x480 [ 12.448606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.448788] kthread+0x337/0x6f0 [ 12.448909] ret_from_fork+0x116/0x1d0 [ 12.449040] ret_from_fork_asm+0x1a/0x30 [ 12.449320] [ 12.449417] Freed by task 210: [ 12.449579] kasan_save_stack+0x45/0x70 [ 12.449766] kasan_save_track+0x18/0x40 [ 12.449953] kasan_save_free_info+0x3f/0x60 [ 12.450125] __kasan_slab_free+0x56/0x70 [ 12.450383] kfree+0x222/0x3f0 [ 12.450547] kfree_sensitive+0x67/0x90 [ 12.450681] kmalloc_double_kzfree+0x12b/0x350 [ 12.450898] kunit_try_run_case+0x1a5/0x480 [ 12.451106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.451347] kthread+0x337/0x6f0 [ 12.451519] ret_from_fork+0x116/0x1d0 [ 12.451672] ret_from_fork_asm+0x1a/0x30 [ 12.451863] [ 12.451954] The buggy address belongs to the object at ffff888101994600 [ 12.451954] which belongs to the cache kmalloc-16 of size 16 [ 12.452407] The buggy address is located 0 bytes inside of [ 12.452407] 16-byte region [ffff888101994600, ffff888101994610) [ 12.452861] [ 12.452949] The buggy address belongs to the physical page: [ 12.453141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101994 [ 12.453491] flags: 0x200000000000000(node=0|zone=2) [ 12.453733] page_type: f5(slab) [ 12.453866] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.454096] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.454330] page dumped because: kasan: bad access detected [ 12.454508] [ 12.454575] Memory state around the buggy address: [ 12.454731] ffff888101994500: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.454947] ffff888101994580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.455177] >ffff888101994600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.455739] ^ [ 12.455901] ffff888101994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456211] ffff888101994700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.414248] ================================================================== [ 12.414857] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.415199] Read of size 1 at addr ffff888101994600 by task kunit_try_catch/210 [ 12.415563] [ 12.415679] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.415726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.415736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.415757] Call Trace: [ 12.415770] <TASK> [ 12.415787] dump_stack_lvl+0x73/0xb0 [ 12.415816] print_report+0xd1/0x610 [ 12.415837] ? __virt_addr_valid+0x1db/0x2d0 [ 12.415860] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.415882] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.415904] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.415927] kasan_report+0x141/0x180 [ 12.415948] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.415973] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.415996] __kasan_check_byte+0x3d/0x50 [ 12.416017] kfree_sensitive+0x22/0x90 [ 12.416039] kmalloc_double_kzfree+0x19c/0x350 [ 12.416061] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.416083] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.416108] ? trace_hardirqs_on+0x37/0xe0 [ 12.416130] ? __pfx_read_tsc+0x10/0x10 [ 12.416151] ? ktime_get_ts64+0x86/0x230 [ 12.416174] kunit_try_run_case+0x1a5/0x480 [ 12.416199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.416222] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.416246] ? __kthread_parkme+0x82/0x180 [ 12.416266] ? preempt_count_sub+0x50/0x80 [ 12.416290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.416312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.416336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.416359] kthread+0x337/0x6f0 [ 12.416532] ? trace_preempt_on+0x20/0xc0 [ 12.416554] ? __pfx_kthread+0x10/0x10 [ 12.416574] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.416595] ? calculate_sigpending+0x7b/0xa0 [ 12.416619] ? __pfx_kthread+0x10/0x10 [ 12.416639] ret_from_fork+0x116/0x1d0 [ 12.416658] ? __pfx_kthread+0x10/0x10 [ 12.416677] ret_from_fork_asm+0x1a/0x30 [ 12.416707] </TASK> [ 12.416717] [ 12.424728] Allocated by task 210: [ 12.424908] kasan_save_stack+0x45/0x70 [ 12.425149] kasan_save_track+0x18/0x40 [ 12.425321] kasan_save_alloc_info+0x3b/0x50 [ 12.425526] __kasan_kmalloc+0xb7/0xc0 [ 12.425694] __kmalloc_cache_noprof+0x189/0x420 [ 12.425885] kmalloc_double_kzfree+0xa9/0x350 [ 12.426035] kunit_try_run_case+0x1a5/0x480 [ 12.426179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.426857] kthread+0x337/0x6f0 [ 12.427035] ret_from_fork+0x116/0x1d0 [ 12.427396] ret_from_fork_asm+0x1a/0x30 [ 12.427582] [ 12.427656] Freed by task 210: [ 12.427790] kasan_save_stack+0x45/0x70 [ 12.427966] kasan_save_track+0x18/0x40 [ 12.428219] kasan_save_free_info+0x3f/0x60 [ 12.428363] __kasan_slab_free+0x56/0x70 [ 12.428505] kfree+0x222/0x3f0 [ 12.428717] kfree_sensitive+0x67/0x90 [ 12.428904] kmalloc_double_kzfree+0x12b/0x350 [ 12.429193] kunit_try_run_case+0x1a5/0x480 [ 12.429429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.429617] kthread+0x337/0x6f0 [ 12.429737] ret_from_fork+0x116/0x1d0 [ 12.429868] ret_from_fork_asm+0x1a/0x30 [ 12.430005] [ 12.430074] The buggy address belongs to the object at ffff888101994600 [ 12.430074] which belongs to the cache kmalloc-16 of size 16 [ 12.430664] The buggy address is located 0 bytes inside of [ 12.430664] freed 16-byte region [ffff888101994600, ffff888101994610) [ 12.431167] [ 12.431408] The buggy address belongs to the physical page: [ 12.431686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101994 [ 12.432034] flags: 0x200000000000000(node=0|zone=2) [ 12.432260] page_type: f5(slab) [ 12.432381] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.432618] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.433326] page dumped because: kasan: bad access detected [ 12.433621] [ 12.433716] Memory state around the buggy address: [ 12.433944] ffff888101994500: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.434538] ffff888101994580: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.434910] >ffff888101994600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435246] ^ [ 12.435365] ffff888101994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435604] ffff888101994700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.435923] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.383513] ================================================================== [ 12.383976] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.384300] Read of size 1 at addr ffff8881027ea3a8 by task kunit_try_catch/206 [ 12.384780] [ 12.384902] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.384949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.384960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.384981] Call Trace: [ 12.385008] <TASK> [ 12.385025] dump_stack_lvl+0x73/0xb0 [ 12.385055] print_report+0xd1/0x610 [ 12.385077] ? __virt_addr_valid+0x1db/0x2d0 [ 12.385100] ? kmalloc_uaf2+0x4a8/0x520 [ 12.385170] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.385193] ? kmalloc_uaf2+0x4a8/0x520 [ 12.385212] kasan_report+0x141/0x180 [ 12.385234] ? kmalloc_uaf2+0x4a8/0x520 [ 12.385257] __asan_report_load1_noabort+0x18/0x20 [ 12.385281] kmalloc_uaf2+0x4a8/0x520 [ 12.385300] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.385321] ? __kasan_check_write+0x18/0x20 [ 12.385339] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.385363] ? irqentry_exit+0x2a/0x60 [ 12.385384] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.385408] ? trace_hardirqs_on+0x37/0xe0 [ 12.385432] ? __pfx_read_tsc+0x10/0x10 [ 12.385452] ? ktime_get_ts64+0x86/0x230 [ 12.385477] kunit_try_run_case+0x1a5/0x480 [ 12.385515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.385538] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.385561] ? __kthread_parkme+0x82/0x180 [ 12.385581] ? preempt_count_sub+0x50/0x80 [ 12.385605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.385628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.385650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.385673] kthread+0x337/0x6f0 [ 12.385691] ? trace_preempt_on+0x20/0xc0 [ 12.385712] ? __pfx_kthread+0x10/0x10 [ 12.385731] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.385752] ? calculate_sigpending+0x7b/0xa0 [ 12.385776] ? __pfx_kthread+0x10/0x10 [ 12.385796] ret_from_fork+0x116/0x1d0 [ 12.385814] ? __pfx_kthread+0x10/0x10 [ 12.385833] ret_from_fork_asm+0x1a/0x30 [ 12.385863] </TASK> [ 12.385874] [ 12.393695] Allocated by task 206: [ 12.393876] kasan_save_stack+0x45/0x70 [ 12.394080] kasan_save_track+0x18/0x40 [ 12.394368] kasan_save_alloc_info+0x3b/0x50 [ 12.394606] __kasan_kmalloc+0xb7/0xc0 [ 12.394770] __kmalloc_cache_noprof+0x189/0x420 [ 12.394992] kmalloc_uaf2+0xc6/0x520 [ 12.395136] kunit_try_run_case+0x1a5/0x480 [ 12.395339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.395609] kthread+0x337/0x6f0 [ 12.395783] ret_from_fork+0x116/0x1d0 [ 12.395957] ret_from_fork_asm+0x1a/0x30 [ 12.396121] [ 12.396191] Freed by task 206: [ 12.396302] kasan_save_stack+0x45/0x70 [ 12.396702] kasan_save_track+0x18/0x40 [ 12.396909] kasan_save_free_info+0x3f/0x60 [ 12.397263] __kasan_slab_free+0x56/0x70 [ 12.397460] kfree+0x222/0x3f0 [ 12.397600] kmalloc_uaf2+0x14c/0x520 [ 12.397730] kunit_try_run_case+0x1a5/0x480 [ 12.397873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.398048] kthread+0x337/0x6f0 [ 12.398166] ret_from_fork+0x116/0x1d0 [ 12.398302] ret_from_fork_asm+0x1a/0x30 [ 12.398441] [ 12.398537] The buggy address belongs to the object at ffff8881027ea380 [ 12.398537] which belongs to the cache kmalloc-64 of size 64 [ 12.399430] The buggy address is located 40 bytes inside of [ 12.399430] freed 64-byte region [ffff8881027ea380, ffff8881027ea3c0) [ 12.399920] [ 12.399995] The buggy address belongs to the physical page: [ 12.400176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ea [ 12.400414] flags: 0x200000000000000(node=0|zone=2) [ 12.400589] page_type: f5(slab) [ 12.401021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.401720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.402109] page dumped because: kasan: bad access detected [ 12.402646] [ 12.402740] Memory state around the buggy address: [ 12.402967] ffff8881027ea280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.403377] ffff8881027ea300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.403607] >ffff8881027ea380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.403823] ^ [ 12.404031] ffff8881027ea400: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.404730] ffff8881027ea480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.405037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.352894] ================================================================== [ 12.353391] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.353729] Write of size 33 at addr ffff888102f66180 by task kunit_try_catch/204 [ 12.354030] [ 12.354141] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.354187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.354204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.354225] Call Trace: [ 12.354237] <TASK> [ 12.354254] dump_stack_lvl+0x73/0xb0 [ 12.354307] print_report+0xd1/0x610 [ 12.354328] ? __virt_addr_valid+0x1db/0x2d0 [ 12.354351] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.354371] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.354393] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.354413] kasan_report+0x141/0x180 [ 12.354435] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.354460] kasan_check_range+0x10c/0x1c0 [ 12.354482] __asan_memset+0x27/0x50 [ 12.354512] kmalloc_uaf_memset+0x1a3/0x360 [ 12.354532] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.354554] ? __schedule+0x10cc/0x2b60 [ 12.354576] ? __pfx_read_tsc+0x10/0x10 [ 12.354596] ? ktime_get_ts64+0x86/0x230 [ 12.354619] kunit_try_run_case+0x1a5/0x480 [ 12.354642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.354664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.354686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.354709] ? __kthread_parkme+0x82/0x180 [ 12.354729] ? preempt_count_sub+0x50/0x80 [ 12.354752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.354775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.354798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.354821] kthread+0x337/0x6f0 [ 12.354839] ? trace_preempt_on+0x20/0xc0 [ 12.354861] ? __pfx_kthread+0x10/0x10 [ 12.354880] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.354901] ? calculate_sigpending+0x7b/0xa0 [ 12.354925] ? __pfx_kthread+0x10/0x10 [ 12.354945] ret_from_fork+0x116/0x1d0 [ 12.354962] ? __pfx_kthread+0x10/0x10 [ 12.354981] ret_from_fork_asm+0x1a/0x30 [ 12.355011] </TASK> [ 12.355021] [ 12.368146] Allocated by task 204: [ 12.368569] kasan_save_stack+0x45/0x70 [ 12.368749] kasan_save_track+0x18/0x40 [ 12.368929] kasan_save_alloc_info+0x3b/0x50 [ 12.369080] __kasan_kmalloc+0xb7/0xc0 [ 12.369284] __kmalloc_cache_noprof+0x189/0x420 [ 12.369583] kmalloc_uaf_memset+0xa9/0x360 [ 12.369796] kunit_try_run_case+0x1a5/0x480 [ 12.369981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.370280] kthread+0x337/0x6f0 [ 12.370430] ret_from_fork+0x116/0x1d0 [ 12.370576] ret_from_fork_asm+0x1a/0x30 [ 12.370717] [ 12.370786] Freed by task 204: [ 12.370922] kasan_save_stack+0x45/0x70 [ 12.371102] kasan_save_track+0x18/0x40 [ 12.371287] kasan_save_free_info+0x3f/0x60 [ 12.371554] __kasan_slab_free+0x56/0x70 [ 12.371745] kfree+0x222/0x3f0 [ 12.371908] kmalloc_uaf_memset+0x12b/0x360 [ 12.372079] kunit_try_run_case+0x1a5/0x480 [ 12.372381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.372648] kthread+0x337/0x6f0 [ 12.372775] ret_from_fork+0x116/0x1d0 [ 12.372967] ret_from_fork_asm+0x1a/0x30 [ 12.373256] [ 12.373350] The buggy address belongs to the object at ffff888102f66180 [ 12.373350] which belongs to the cache kmalloc-64 of size 64 [ 12.374174] The buggy address is located 0 bytes inside of [ 12.374174] freed 64-byte region [ffff888102f66180, ffff888102f661c0) [ 12.374778] [ 12.374875] The buggy address belongs to the physical page: [ 12.375197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f66 [ 12.375519] flags: 0x200000000000000(node=0|zone=2) [ 12.375688] page_type: f5(slab) [ 12.375812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.376129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.376462] page dumped because: kasan: bad access detected [ 12.376804] [ 12.376872] Memory state around the buggy address: [ 12.377028] ffff888102f66080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.377569] ffff888102f66100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.377889] >ffff888102f66180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.378238] ^ [ 12.378358] ffff888102f66200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.378588] ffff888102f66280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.378802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.327424] ================================================================== [ 12.327949] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.328488] Read of size 1 at addr ffff888101642a28 by task kunit_try_catch/202 [ 12.328805] [ 12.328920] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.328987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.328998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.329018] Call Trace: [ 12.329030] <TASK> [ 12.329046] dump_stack_lvl+0x73/0xb0 [ 12.329076] print_report+0xd1/0x610 [ 12.329098] ? __virt_addr_valid+0x1db/0x2d0 [ 12.329121] ? kmalloc_uaf+0x320/0x380 [ 12.329139] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.329235] ? kmalloc_uaf+0x320/0x380 [ 12.329257] kasan_report+0x141/0x180 [ 12.329278] ? kmalloc_uaf+0x320/0x380 [ 12.329301] __asan_report_load1_noabort+0x18/0x20 [ 12.329325] kmalloc_uaf+0x320/0x380 [ 12.329343] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.329362] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.329388] ? trace_hardirqs_on+0x37/0xe0 [ 12.329412] ? __pfx_read_tsc+0x10/0x10 [ 12.329451] ? ktime_get_ts64+0x86/0x230 [ 12.329475] kunit_try_run_case+0x1a5/0x480 [ 12.329509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.329533] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.329557] ? __kthread_parkme+0x82/0x180 [ 12.329577] ? preempt_count_sub+0x50/0x80 [ 12.329601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.329624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.329646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.329670] kthread+0x337/0x6f0 [ 12.329688] ? trace_preempt_on+0x20/0xc0 [ 12.329727] ? __pfx_kthread+0x10/0x10 [ 12.329746] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.329767] ? calculate_sigpending+0x7b/0xa0 [ 12.329790] ? __pfx_kthread+0x10/0x10 [ 12.329811] ret_from_fork+0x116/0x1d0 [ 12.329829] ? __pfx_kthread+0x10/0x10 [ 12.329848] ret_from_fork_asm+0x1a/0x30 [ 12.329894] </TASK> [ 12.329904] [ 12.337625] Allocated by task 202: [ 12.337788] kasan_save_stack+0x45/0x70 [ 12.337932] kasan_save_track+0x18/0x40 [ 12.338064] kasan_save_alloc_info+0x3b/0x50 [ 12.338276] __kasan_kmalloc+0xb7/0xc0 [ 12.338456] __kmalloc_cache_noprof+0x189/0x420 [ 12.338683] kmalloc_uaf+0xaa/0x380 [ 12.338858] kunit_try_run_case+0x1a5/0x480 [ 12.339204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.339467] kthread+0x337/0x6f0 [ 12.339611] ret_from_fork+0x116/0x1d0 [ 12.339740] ret_from_fork_asm+0x1a/0x30 [ 12.339930] [ 12.340025] Freed by task 202: [ 12.340339] kasan_save_stack+0x45/0x70 [ 12.340554] kasan_save_track+0x18/0x40 [ 12.340725] kasan_save_free_info+0x3f/0x60 [ 12.340936] __kasan_slab_free+0x56/0x70 [ 12.341107] kfree+0x222/0x3f0 [ 12.341254] kmalloc_uaf+0x12c/0x380 [ 12.341451] kunit_try_run_case+0x1a5/0x480 [ 12.341812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.342114] kthread+0x337/0x6f0 [ 12.342284] ret_from_fork+0x116/0x1d0 [ 12.342620] ret_from_fork_asm+0x1a/0x30 [ 12.342755] [ 12.342822] The buggy address belongs to the object at ffff888101642a20 [ 12.342822] which belongs to the cache kmalloc-16 of size 16 [ 12.343682] The buggy address is located 8 bytes inside of [ 12.343682] freed 16-byte region [ffff888101642a20, ffff888101642a30) [ 12.344176] [ 12.344336] The buggy address belongs to the physical page: [ 12.344725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 12.345121] flags: 0x200000000000000(node=0|zone=2) [ 12.345295] page_type: f5(slab) [ 12.345418] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.345784] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.346200] page dumped because: kasan: bad access detected [ 12.346443] [ 12.346521] Memory state around the buggy address: [ 12.346743] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.347077] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.347647] >ffff888101642a00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.347944] ^ [ 12.348307] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348609] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.299845] ================================================================== [ 12.301649] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.302042] Read of size 64 at addr ffff8881027ea284 by task kunit_try_catch/200 [ 12.302599] [ 12.302849] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.302897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.302908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.302930] Call Trace: [ 12.302943] <TASK> [ 12.302962] dump_stack_lvl+0x73/0xb0 [ 12.302994] print_report+0xd1/0x610 [ 12.303040] ? __virt_addr_valid+0x1db/0x2d0 [ 12.303109] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.303133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.303155] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.303179] kasan_report+0x141/0x180 [ 12.303201] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.303230] kasan_check_range+0x10c/0x1c0 [ 12.303252] __asan_memmove+0x27/0x70 [ 12.303295] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.303319] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.303344] ? __schedule+0x10cc/0x2b60 [ 12.303366] ? __pfx_read_tsc+0x10/0x10 [ 12.303387] ? ktime_get_ts64+0x86/0x230 [ 12.303411] kunit_try_run_case+0x1a5/0x480 [ 12.303436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.303482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.303516] ? __kthread_parkme+0x82/0x180 [ 12.303556] ? preempt_count_sub+0x50/0x80 [ 12.303580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.303626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.303649] kthread+0x337/0x6f0 [ 12.303667] ? trace_preempt_on+0x20/0xc0 [ 12.303691] ? __pfx_kthread+0x10/0x10 [ 12.303710] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.303747] ? calculate_sigpending+0x7b/0xa0 [ 12.303771] ? __pfx_kthread+0x10/0x10 [ 12.303791] ret_from_fork+0x116/0x1d0 [ 12.303809] ? __pfx_kthread+0x10/0x10 [ 12.303829] ret_from_fork_asm+0x1a/0x30 [ 12.303859] </TASK> [ 12.303870] [ 12.312290] Allocated by task 200: [ 12.312485] kasan_save_stack+0x45/0x70 [ 12.312701] kasan_save_track+0x18/0x40 [ 12.312836] kasan_save_alloc_info+0x3b/0x50 [ 12.312984] __kasan_kmalloc+0xb7/0xc0 [ 12.313160] __kmalloc_cache_noprof+0x189/0x420 [ 12.313588] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.313838] kunit_try_run_case+0x1a5/0x480 [ 12.314084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.314394] kthread+0x337/0x6f0 [ 12.314579] ret_from_fork+0x116/0x1d0 [ 12.314722] ret_from_fork_asm+0x1a/0x30 [ 12.314862] [ 12.314932] The buggy address belongs to the object at ffff8881027ea280 [ 12.314932] which belongs to the cache kmalloc-64 of size 64 [ 12.315521] The buggy address is located 4 bytes inside of [ 12.315521] allocated 64-byte region [ffff8881027ea280, ffff8881027ea2c0) [ 12.316225] [ 12.316306] The buggy address belongs to the physical page: [ 12.316685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ea [ 12.317048] flags: 0x200000000000000(node=0|zone=2) [ 12.317329] page_type: f5(slab) [ 12.317527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.317883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.318246] page dumped because: kasan: bad access detected [ 12.318501] [ 12.318594] Memory state around the buggy address: [ 12.318821] ffff8881027ea180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.319104] ffff8881027ea200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.319319] >ffff8881027ea280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.319539] ^ [ 12.319925] ffff8881027ea300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.320593] ffff8881027ea380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.320995] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.275664] ================================================================== [ 12.276235] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.276717] Read of size 18446744073709551614 at addr ffff8881027ea204 by task kunit_try_catch/198 [ 12.277103] [ 12.277293] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.277361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.277388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.277412] Call Trace: [ 12.277425] <TASK> [ 12.277442] dump_stack_lvl+0x73/0xb0 [ 12.277474] print_report+0xd1/0x610 [ 12.277507] ? __virt_addr_valid+0x1db/0x2d0 [ 12.277531] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.277555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.277577] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.277621] kasan_report+0x141/0x180 [ 12.277642] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.277670] kasan_check_range+0x10c/0x1c0 [ 12.277693] __asan_memmove+0x27/0x70 [ 12.277733] kmalloc_memmove_negative_size+0x171/0x330 [ 12.277758] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.277783] ? __schedule+0x10cc/0x2b60 [ 12.277806] ? __pfx_read_tsc+0x10/0x10 [ 12.277826] ? ktime_get_ts64+0x86/0x230 [ 12.277852] kunit_try_run_case+0x1a5/0x480 [ 12.277876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.277937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.277961] ? __kthread_parkme+0x82/0x180 [ 12.277983] ? preempt_count_sub+0x50/0x80 [ 12.278008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.278030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.278212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.278239] kthread+0x337/0x6f0 [ 12.278258] ? trace_preempt_on+0x20/0xc0 [ 12.278281] ? __pfx_kthread+0x10/0x10 [ 12.278300] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.278321] ? calculate_sigpending+0x7b/0xa0 [ 12.278345] ? __pfx_kthread+0x10/0x10 [ 12.278365] ret_from_fork+0x116/0x1d0 [ 12.278383] ? __pfx_kthread+0x10/0x10 [ 12.278402] ret_from_fork_asm+0x1a/0x30 [ 12.278432] </TASK> [ 12.278443] [ 12.286938] Allocated by task 198: [ 12.287211] kasan_save_stack+0x45/0x70 [ 12.287534] kasan_save_track+0x18/0x40 [ 12.287724] kasan_save_alloc_info+0x3b/0x50 [ 12.287921] __kasan_kmalloc+0xb7/0xc0 [ 12.288180] __kmalloc_cache_noprof+0x189/0x420 [ 12.288370] kmalloc_memmove_negative_size+0xac/0x330 [ 12.288618] kunit_try_run_case+0x1a5/0x480 [ 12.288828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.289033] kthread+0x337/0x6f0 [ 12.289319] ret_from_fork+0x116/0x1d0 [ 12.289484] ret_from_fork_asm+0x1a/0x30 [ 12.289702] [ 12.289773] The buggy address belongs to the object at ffff8881027ea200 [ 12.289773] which belongs to the cache kmalloc-64 of size 64 [ 12.290309] The buggy address is located 4 bytes inside of [ 12.290309] 64-byte region [ffff8881027ea200, ffff8881027ea240) [ 12.290942] [ 12.291056] The buggy address belongs to the physical page: [ 12.291397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ea [ 12.291700] flags: 0x200000000000000(node=0|zone=2) [ 12.291862] page_type: f5(slab) [ 12.291982] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.292297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.292632] page dumped because: kasan: bad access detected [ 12.292930] [ 12.293000] Memory state around the buggy address: [ 12.293152] ffff8881027ea100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.293427] ffff8881027ea180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.293757] >ffff8881027ea200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.294321] ^ [ 12.294509] ffff8881027ea280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.294850] ffff8881027ea300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.295237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.245759] ================================================================== [ 12.246261] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.246516] Write of size 16 at addr ffff8881027e4469 by task kunit_try_catch/196 [ 12.246739] [ 12.246830] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.246877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.246891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.246914] Call Trace: [ 12.246926] <TASK> [ 12.246943] dump_stack_lvl+0x73/0xb0 [ 12.246973] print_report+0xd1/0x610 [ 12.246994] ? __virt_addr_valid+0x1db/0x2d0 [ 12.247017] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.247036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.247057] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.247077] kasan_report+0x141/0x180 [ 12.247097] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.247122] kasan_check_range+0x10c/0x1c0 [ 12.247144] __asan_memset+0x27/0x50 [ 12.247162] kmalloc_oob_memset_16+0x166/0x330 [ 12.247184] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.247205] ? __schedule+0x10cc/0x2b60 [ 12.247227] ? __pfx_read_tsc+0x10/0x10 [ 12.247248] ? ktime_get_ts64+0x86/0x230 [ 12.247272] kunit_try_run_case+0x1a5/0x480 [ 12.247297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.247318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.247344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.247366] ? __kthread_parkme+0x82/0x180 [ 12.247385] ? preempt_count_sub+0x50/0x80 [ 12.247408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.247431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.247475] kthread+0x337/0x6f0 [ 12.247898] ? trace_preempt_on+0x20/0xc0 [ 12.247937] ? __pfx_kthread+0x10/0x10 [ 12.247961] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.247996] ? calculate_sigpending+0x7b/0xa0 [ 12.248257] ? __pfx_kthread+0x10/0x10 [ 12.248300] ret_from_fork+0x116/0x1d0 [ 12.248348] ? __pfx_kthread+0x10/0x10 [ 12.248368] ret_from_fork_asm+0x1a/0x30 [ 12.248398] </TASK> [ 12.248409] [ 12.260009] Allocated by task 196: [ 12.260645] kasan_save_stack+0x45/0x70 [ 12.260859] kasan_save_track+0x18/0x40 [ 12.261030] kasan_save_alloc_info+0x3b/0x50 [ 12.261506] __kasan_kmalloc+0xb7/0xc0 [ 12.261708] __kmalloc_cache_noprof+0x189/0x420 [ 12.262028] kmalloc_oob_memset_16+0xac/0x330 [ 12.262524] kunit_try_run_case+0x1a5/0x480 [ 12.262795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.263023] kthread+0x337/0x6f0 [ 12.263352] ret_from_fork+0x116/0x1d0 [ 12.263550] ret_from_fork_asm+0x1a/0x30 [ 12.263733] [ 12.263812] The buggy address belongs to the object at ffff8881027e4400 [ 12.263812] which belongs to the cache kmalloc-128 of size 128 [ 12.264735] The buggy address is located 105 bytes inside of [ 12.264735] allocated 120-byte region [ffff8881027e4400, ffff8881027e4478) [ 12.265515] [ 12.265719] The buggy address belongs to the physical page: [ 12.266164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.266561] flags: 0x200000000000000(node=0|zone=2) [ 12.266954] page_type: f5(slab) [ 12.267283] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.267767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.268292] page dumped because: kasan: bad access detected [ 12.268527] [ 12.268626] Memory state around the buggy address: [ 12.268927] ffff8881027e4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.269479] ffff8881027e4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270224] >ffff8881027e4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.270530] ^ [ 12.270831] ffff8881027e4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271125] ffff8881027e4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.217599] ================================================================== [ 12.218339] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.218765] Write of size 8 at addr ffff8881027e4371 by task kunit_try_catch/194 [ 12.219455] [ 12.219722] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.219860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.219875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219897] Call Trace: [ 12.219910] <TASK> [ 12.219926] dump_stack_lvl+0x73/0xb0 [ 12.219958] print_report+0xd1/0x610 [ 12.219981] ? __virt_addr_valid+0x1db/0x2d0 [ 12.220004] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.220025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.220108] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.220134] kasan_report+0x141/0x180 [ 12.220155] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.220182] kasan_check_range+0x10c/0x1c0 [ 12.220205] __asan_memset+0x27/0x50 [ 12.220223] kmalloc_oob_memset_8+0x166/0x330 [ 12.220245] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.220268] ? __schedule+0x10cc/0x2b60 [ 12.220290] ? __pfx_read_tsc+0x10/0x10 [ 12.220310] ? ktime_get_ts64+0x86/0x230 [ 12.220335] kunit_try_run_case+0x1a5/0x480 [ 12.220360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.220382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.220407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.220430] ? __kthread_parkme+0x82/0x180 [ 12.220450] ? preempt_count_sub+0x50/0x80 [ 12.220473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.220512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.220535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.220559] kthread+0x337/0x6f0 [ 12.220578] ? trace_preempt_on+0x20/0xc0 [ 12.220601] ? __pfx_kthread+0x10/0x10 [ 12.220621] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.220642] ? calculate_sigpending+0x7b/0xa0 [ 12.220666] ? __pfx_kthread+0x10/0x10 [ 12.220686] ret_from_fork+0x116/0x1d0 [ 12.220704] ? __pfx_kthread+0x10/0x10 [ 12.220724] ret_from_fork_asm+0x1a/0x30 [ 12.220754] </TASK> [ 12.220764] [ 12.231294] Allocated by task 194: [ 12.231625] kasan_save_stack+0x45/0x70 [ 12.231943] kasan_save_track+0x18/0x40 [ 12.232289] kasan_save_alloc_info+0x3b/0x50 [ 12.232491] __kasan_kmalloc+0xb7/0xc0 [ 12.232677] __kmalloc_cache_noprof+0x189/0x420 [ 12.232891] kmalloc_oob_memset_8+0xac/0x330 [ 12.233096] kunit_try_run_case+0x1a5/0x480 [ 12.233621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.233820] kthread+0x337/0x6f0 [ 12.234263] ret_from_fork+0x116/0x1d0 [ 12.234566] ret_from_fork_asm+0x1a/0x30 [ 12.234927] [ 12.235020] The buggy address belongs to the object at ffff8881027e4300 [ 12.235020] which belongs to the cache kmalloc-128 of size 128 [ 12.235736] The buggy address is located 113 bytes inside of [ 12.235736] allocated 120-byte region [ffff8881027e4300, ffff8881027e4378) [ 12.236592] [ 12.236692] The buggy address belongs to the physical page: [ 12.236897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.237476] flags: 0x200000000000000(node=0|zone=2) [ 12.237817] page_type: f5(slab) [ 12.237991] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.238590] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.239002] page dumped because: kasan: bad access detected [ 12.239474] [ 12.239579] Memory state around the buggy address: [ 12.239796] ffff8881027e4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.240386] ffff8881027e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.240688] >ffff8881027e4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.241156] ^ [ 12.241573] ffff8881027e4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.241979] ffff8881027e4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.242579] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.194650] ================================================================== [ 12.195129] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.195792] Write of size 4 at addr ffff8881027e4275 by task kunit_try_catch/192 [ 12.196233] [ 12.196358] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.196405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.196416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.196437] Call Trace: [ 12.196448] <TASK> [ 12.196463] dump_stack_lvl+0x73/0xb0 [ 12.196506] print_report+0xd1/0x610 [ 12.196527] ? __virt_addr_valid+0x1db/0x2d0 [ 12.196550] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.196570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.196592] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.196613] kasan_report+0x141/0x180 [ 12.196634] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.196659] kasan_check_range+0x10c/0x1c0 [ 12.196681] __asan_memset+0x27/0x50 [ 12.196700] kmalloc_oob_memset_4+0x166/0x330 [ 12.196722] ? __kasan_check_write+0x18/0x20 [ 12.196741] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.196762] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.196787] ? trace_hardirqs_on+0x37/0xe0 [ 12.196811] ? __pfx_read_tsc+0x10/0x10 [ 12.196831] ? ktime_get_ts64+0x86/0x230 [ 12.196855] kunit_try_run_case+0x1a5/0x480 [ 12.196880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.196904] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.196930] ? __kthread_parkme+0x82/0x180 [ 12.196950] ? preempt_count_sub+0x50/0x80 [ 12.196974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.196997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.197020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.197134] kthread+0x337/0x6f0 [ 12.197169] ? trace_preempt_on+0x20/0xc0 [ 12.197191] ? __pfx_kthread+0x10/0x10 [ 12.197211] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.197232] ? calculate_sigpending+0x7b/0xa0 [ 12.197256] ? __pfx_kthread+0x10/0x10 [ 12.197276] ret_from_fork+0x116/0x1d0 [ 12.197296] ? __pfx_kthread+0x10/0x10 [ 12.197315] ret_from_fork_asm+0x1a/0x30 [ 12.197346] </TASK> [ 12.197356] [ 12.204735] Allocated by task 192: [ 12.205305] kasan_save_stack+0x45/0x70 [ 12.205619] kasan_save_track+0x18/0x40 [ 12.205810] kasan_save_alloc_info+0x3b/0x50 [ 12.205972] __kasan_kmalloc+0xb7/0xc0 [ 12.206330] __kmalloc_cache_noprof+0x189/0x420 [ 12.206559] kmalloc_oob_memset_4+0xac/0x330 [ 12.206757] kunit_try_run_case+0x1a5/0x480 [ 12.206906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.207209] kthread+0x337/0x6f0 [ 12.207381] ret_from_fork+0x116/0x1d0 [ 12.207562] ret_from_fork_asm+0x1a/0x30 [ 12.207703] [ 12.207794] The buggy address belongs to the object at ffff8881027e4200 [ 12.207794] which belongs to the cache kmalloc-128 of size 128 [ 12.208384] The buggy address is located 117 bytes inside of [ 12.208384] allocated 120-byte region [ffff8881027e4200, ffff8881027e4278) [ 12.208763] [ 12.208838] The buggy address belongs to the physical page: [ 12.209015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.209410] flags: 0x200000000000000(node=0|zone=2) [ 12.210019] page_type: f5(slab) [ 12.210348] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.211079] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.211485] page dumped because: kasan: bad access detected [ 12.211747] [ 12.211838] Memory state around the buggy address: [ 12.211995] ffff8881027e4100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.212211] ffff8881027e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.212537] >ffff8881027e4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.212859] ^ [ 12.213172] ffff8881027e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.213453] ffff8881027e4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.213925] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.171812] ================================================================== [ 12.172304] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.172657] Write of size 2 at addr ffff888102f59777 by task kunit_try_catch/190 [ 12.173176] [ 12.173536] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.173586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.173597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.173619] Call Trace: [ 12.173630] <TASK> [ 12.173647] dump_stack_lvl+0x73/0xb0 [ 12.173678] print_report+0xd1/0x610 [ 12.173700] ? __virt_addr_valid+0x1db/0x2d0 [ 12.173725] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.173746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.173768] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.173789] kasan_report+0x141/0x180 [ 12.173810] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.173835] kasan_check_range+0x10c/0x1c0 [ 12.173858] __asan_memset+0x27/0x50 [ 12.173877] kmalloc_oob_memset_2+0x166/0x330 [ 12.173899] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.173921] ? __schedule+0x10cc/0x2b60 [ 12.173943] ? __pfx_read_tsc+0x10/0x10 [ 12.173963] ? ktime_get_ts64+0x86/0x230 [ 12.173987] kunit_try_run_case+0x1a5/0x480 [ 12.174012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.174033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.174106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.174130] ? __kthread_parkme+0x82/0x180 [ 12.174151] ? preempt_count_sub+0x50/0x80 [ 12.174175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.174204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.174227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.174251] kthread+0x337/0x6f0 [ 12.174269] ? trace_preempt_on+0x20/0xc0 [ 12.174292] ? __pfx_kthread+0x10/0x10 [ 12.174311] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.174332] ? calculate_sigpending+0x7b/0xa0 [ 12.174356] ? __pfx_kthread+0x10/0x10 [ 12.174376] ret_from_fork+0x116/0x1d0 [ 12.174394] ? __pfx_kthread+0x10/0x10 [ 12.174414] ret_from_fork_asm+0x1a/0x30 [ 12.174445] </TASK> [ 12.174455] [ 12.181739] Allocated by task 190: [ 12.181875] kasan_save_stack+0x45/0x70 [ 12.182052] kasan_save_track+0x18/0x40 [ 12.182299] kasan_save_alloc_info+0x3b/0x50 [ 12.182523] __kasan_kmalloc+0xb7/0xc0 [ 12.182710] __kmalloc_cache_noprof+0x189/0x420 [ 12.182932] kmalloc_oob_memset_2+0xac/0x330 [ 12.183299] kunit_try_run_case+0x1a5/0x480 [ 12.183739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.184011] kthread+0x337/0x6f0 [ 12.184280] ret_from_fork+0x116/0x1d0 [ 12.184476] ret_from_fork_asm+0x1a/0x30 [ 12.184634] [ 12.184730] The buggy address belongs to the object at ffff888102f59700 [ 12.184730] which belongs to the cache kmalloc-128 of size 128 [ 12.185291] The buggy address is located 119 bytes inside of [ 12.185291] allocated 120-byte region [ffff888102f59700, ffff888102f59778) [ 12.185778] [ 12.185874] The buggy address belongs to the physical page: [ 12.186130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 12.186476] flags: 0x200000000000000(node=0|zone=2) [ 12.186693] page_type: f5(slab) [ 12.186863] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.187201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.187585] page dumped because: kasan: bad access detected [ 12.187802] [ 12.187894] Memory state around the buggy address: [ 12.188250] ffff888102f59600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.188534] ffff888102f59680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.188847] >ffff888102f59700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.189229] ^ [ 12.189445] ffff888102f59780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.189762] ffff888102f59800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.190023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.147760] ================================================================== [ 12.148433] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.148746] Write of size 128 at addr ffff8881027e4100 by task kunit_try_catch/188 [ 12.149046] [ 12.149408] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.149457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.149468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.149489] Call Trace: [ 12.149513] <TASK> [ 12.149529] dump_stack_lvl+0x73/0xb0 [ 12.149559] print_report+0xd1/0x610 [ 12.149580] ? __virt_addr_valid+0x1db/0x2d0 [ 12.149602] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.149623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.149645] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.149666] kasan_report+0x141/0x180 [ 12.149687] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.149713] kasan_check_range+0x10c/0x1c0 [ 12.149735] __asan_memset+0x27/0x50 [ 12.149753] kmalloc_oob_in_memset+0x15f/0x320 [ 12.149775] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.149797] ? __schedule+0x10cc/0x2b60 [ 12.149819] ? __pfx_read_tsc+0x10/0x10 [ 12.149839] ? ktime_get_ts64+0x86/0x230 [ 12.149862] kunit_try_run_case+0x1a5/0x480 [ 12.149887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.149909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.149932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.149955] ? __kthread_parkme+0x82/0x180 [ 12.149974] ? preempt_count_sub+0x50/0x80 [ 12.149997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.150020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.150043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.150066] kthread+0x337/0x6f0 [ 12.150092] ? trace_preempt_on+0x20/0xc0 [ 12.150115] ? __pfx_kthread+0x10/0x10 [ 12.150135] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.150155] ? calculate_sigpending+0x7b/0xa0 [ 12.150179] ? __pfx_kthread+0x10/0x10 [ 12.150205] ret_from_fork+0x116/0x1d0 [ 12.150223] ? __pfx_kthread+0x10/0x10 [ 12.150242] ret_from_fork_asm+0x1a/0x30 [ 12.150271] </TASK> [ 12.150281] [ 12.157607] Allocated by task 188: [ 12.157792] kasan_save_stack+0x45/0x70 [ 12.158028] kasan_save_track+0x18/0x40 [ 12.158165] kasan_save_alloc_info+0x3b/0x50 [ 12.158319] __kasan_kmalloc+0xb7/0xc0 [ 12.158449] __kmalloc_cache_noprof+0x189/0x420 [ 12.158683] kmalloc_oob_in_memset+0xac/0x320 [ 12.158891] kunit_try_run_case+0x1a5/0x480 [ 12.159090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.159486] kthread+0x337/0x6f0 [ 12.159642] ret_from_fork+0x116/0x1d0 [ 12.159824] ret_from_fork_asm+0x1a/0x30 [ 12.159987] [ 12.160257] The buggy address belongs to the object at ffff8881027e4100 [ 12.160257] which belongs to the cache kmalloc-128 of size 128 [ 12.160688] The buggy address is located 0 bytes inside of [ 12.160688] allocated 120-byte region [ffff8881027e4100, ffff8881027e4178) [ 12.161431] [ 12.161542] The buggy address belongs to the physical page: [ 12.161763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.162020] flags: 0x200000000000000(node=0|zone=2) [ 12.162345] page_type: f5(slab) [ 12.162480] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.162725] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.163050] page dumped because: kasan: bad access detected [ 12.163334] [ 12.163402] Memory state around the buggy address: [ 12.163682] ffff8881027e4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.163998] ffff8881027e4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.164296] >ffff8881027e4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.164779] ^ [ 12.165041] ffff8881027e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.165447] ffff8881027e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.165693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.118979] ================================================================== [ 12.119988] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.120821] Read of size 16 at addr ffff8881019945e0 by task kunit_try_catch/186 [ 12.121754] [ 12.121854] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.121901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.121912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.121933] Call Trace: [ 12.121946] <TASK> [ 12.121963] dump_stack_lvl+0x73/0xb0 [ 12.121993] print_report+0xd1/0x610 [ 12.122014] ? __virt_addr_valid+0x1db/0x2d0 [ 12.122037] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.122057] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.122078] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.122098] kasan_report+0x141/0x180 [ 12.122119] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.122143] __asan_report_load16_noabort+0x18/0x20 [ 12.122219] kmalloc_uaf_16+0x47b/0x4c0 [ 12.122240] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.122261] ? __schedule+0x10cc/0x2b60 [ 12.122283] ? __pfx_read_tsc+0x10/0x10 [ 12.122303] ? ktime_get_ts64+0x86/0x230 [ 12.122328] kunit_try_run_case+0x1a5/0x480 [ 12.122351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.122395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.122418] ? __kthread_parkme+0x82/0x180 [ 12.122438] ? preempt_count_sub+0x50/0x80 [ 12.122462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.122521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.122544] kthread+0x337/0x6f0 [ 12.122563] ? trace_preempt_on+0x20/0xc0 [ 12.122586] ? __pfx_kthread+0x10/0x10 [ 12.122606] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.122626] ? calculate_sigpending+0x7b/0xa0 [ 12.122650] ? __pfx_kthread+0x10/0x10 [ 12.122670] ret_from_fork+0x116/0x1d0 [ 12.122688] ? __pfx_kthread+0x10/0x10 [ 12.122707] ret_from_fork_asm+0x1a/0x30 [ 12.122737] </TASK> [ 12.122747] [ 12.132818] Allocated by task 186: [ 12.132948] kasan_save_stack+0x45/0x70 [ 12.133301] kasan_save_track+0x18/0x40 [ 12.133508] kasan_save_alloc_info+0x3b/0x50 [ 12.133695] __kasan_kmalloc+0xb7/0xc0 [ 12.133865] __kmalloc_cache_noprof+0x189/0x420 [ 12.134097] kmalloc_uaf_16+0x15b/0x4c0 [ 12.134313] kunit_try_run_case+0x1a5/0x480 [ 12.134477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.134773] kthread+0x337/0x6f0 [ 12.134918] ret_from_fork+0x116/0x1d0 [ 12.135206] ret_from_fork_asm+0x1a/0x30 [ 12.135379] [ 12.135462] Freed by task 186: [ 12.135583] kasan_save_stack+0x45/0x70 [ 12.135718] kasan_save_track+0x18/0x40 [ 12.135851] kasan_save_free_info+0x3f/0x60 [ 12.135997] __kasan_slab_free+0x56/0x70 [ 12.136186] kfree+0x222/0x3f0 [ 12.136489] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.136685] kunit_try_run_case+0x1a5/0x480 [ 12.136886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.137105] kthread+0x337/0x6f0 [ 12.137222] ret_from_fork+0x116/0x1d0 [ 12.137351] ret_from_fork_asm+0x1a/0x30 [ 12.137486] [ 12.137711] The buggy address belongs to the object at ffff8881019945e0 [ 12.137711] which belongs to the cache kmalloc-16 of size 16 [ 12.138535] The buggy address is located 0 bytes inside of [ 12.138535] freed 16-byte region [ffff8881019945e0, ffff8881019945f0) [ 12.139033] [ 12.139116] The buggy address belongs to the physical page: [ 12.139386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101994 [ 12.139714] flags: 0x200000000000000(node=0|zone=2) [ 12.139881] page_type: f5(slab) [ 12.140104] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.140604] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.140842] page dumped because: kasan: bad access detected [ 12.141013] [ 12.141081] Memory state around the buggy address: [ 12.141237] ffff888101994480: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.141522] ffff888101994500: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.141842] >ffff888101994580: fa fb fc fc 00 05 fc fc 00 00 fc fc fa fb fc fc [ 12.142158] ^ [ 12.142539] ffff888101994600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.142807] ffff888101994680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143020] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.097906] ================================================================== [ 12.098568] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.098869] Write of size 16 at addr ffff8881016429e0 by task kunit_try_catch/184 [ 12.099176] [ 12.099373] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.099420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.099431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.099453] Call Trace: [ 12.099466] <TASK> [ 12.099484] dump_stack_lvl+0x73/0xb0 [ 12.099528] print_report+0xd1/0x610 [ 12.099550] ? __virt_addr_valid+0x1db/0x2d0 [ 12.099574] ? kmalloc_oob_16+0x452/0x4a0 [ 12.099593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.099614] ? kmalloc_oob_16+0x452/0x4a0 [ 12.099634] kasan_report+0x141/0x180 [ 12.099655] ? kmalloc_oob_16+0x452/0x4a0 [ 12.099679] __asan_report_store16_noabort+0x1b/0x30 [ 12.099704] kmalloc_oob_16+0x452/0x4a0 [ 12.099724] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.099744] ? __schedule+0x10cc/0x2b60 [ 12.099766] ? __pfx_read_tsc+0x10/0x10 [ 12.099787] ? ktime_get_ts64+0x86/0x230 [ 12.099812] kunit_try_run_case+0x1a5/0x480 [ 12.099838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.099883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.099905] ? __kthread_parkme+0x82/0x180 [ 12.099926] ? preempt_count_sub+0x50/0x80 [ 12.099950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.099996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.100022] kthread+0x337/0x6f0 [ 12.100041] ? trace_preempt_on+0x20/0xc0 [ 12.100065] ? __pfx_kthread+0x10/0x10 [ 12.100084] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.100104] ? calculate_sigpending+0x7b/0xa0 [ 12.100128] ? __pfx_kthread+0x10/0x10 [ 12.100148] ret_from_fork+0x116/0x1d0 [ 12.100167] ? __pfx_kthread+0x10/0x10 [ 12.100187] ret_from_fork_asm+0x1a/0x30 [ 12.100218] </TASK> [ 12.100228] [ 12.107097] Allocated by task 184: [ 12.107415] kasan_save_stack+0x45/0x70 [ 12.107630] kasan_save_track+0x18/0x40 [ 12.107818] kasan_save_alloc_info+0x3b/0x50 [ 12.108031] __kasan_kmalloc+0xb7/0xc0 [ 12.108314] __kmalloc_cache_noprof+0x189/0x420 [ 12.108525] kmalloc_oob_16+0xa8/0x4a0 [ 12.108669] kunit_try_run_case+0x1a5/0x480 [ 12.108857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.109201] kthread+0x337/0x6f0 [ 12.109362] ret_from_fork+0x116/0x1d0 [ 12.109537] ret_from_fork_asm+0x1a/0x30 [ 12.109681] [ 12.109756] The buggy address belongs to the object at ffff8881016429e0 [ 12.109756] which belongs to the cache kmalloc-16 of size 16 [ 12.110383] The buggy address is located 0 bytes inside of [ 12.110383] allocated 13-byte region [ffff8881016429e0, ffff8881016429ed) [ 12.110864] [ 12.110959] The buggy address belongs to the physical page: [ 12.111422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 12.111709] flags: 0x200000000000000(node=0|zone=2) [ 12.111875] page_type: f5(slab) [ 12.111997] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.112227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.112640] page dumped because: kasan: bad access detected [ 12.112954] [ 12.113045] Memory state around the buggy address: [ 12.113262] ffff888101642880: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 12.113483] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.113857] >ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.114251] ^ [ 12.114457] ffff888101642a00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.114743] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.115108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.022223] ================================================================== [ 12.022716] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.023437] Read of size 1 at addr ffff888100a3c000 by task kunit_try_catch/182 [ 12.024005] [ 12.024211] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.024259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.024270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.024293] Call Trace: [ 12.024304] <TASK> [ 12.024321] dump_stack_lvl+0x73/0xb0 [ 12.024354] print_report+0xd1/0x610 [ 12.024592] ? __virt_addr_valid+0x1db/0x2d0 [ 12.024624] ? krealloc_uaf+0x1b8/0x5e0 [ 12.024645] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.024667] ? krealloc_uaf+0x1b8/0x5e0 [ 12.024688] kasan_report+0x141/0x180 [ 12.024709] ? krealloc_uaf+0x1b8/0x5e0 [ 12.024732] ? krealloc_uaf+0x1b8/0x5e0 [ 12.024752] __kasan_check_byte+0x3d/0x50 [ 12.024773] krealloc_noprof+0x3f/0x340 [ 12.024793] ? stack_depot_save_flags+0x48b/0x840 [ 12.024824] krealloc_uaf+0x1b8/0x5e0 [ 12.024845] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.024864] ? finish_task_switch.isra.0+0x153/0x700 [ 12.024888] ? __switch_to+0x47/0xf50 [ 12.024914] ? __schedule+0x10cc/0x2b60 [ 12.024936] ? __pfx_read_tsc+0x10/0x10 [ 12.024957] ? ktime_get_ts64+0x86/0x230 [ 12.024981] kunit_try_run_case+0x1a5/0x480 [ 12.025007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.025029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.025121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.025145] ? __kthread_parkme+0x82/0x180 [ 12.025174] ? preempt_count_sub+0x50/0x80 [ 12.025196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.025220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.025243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.025266] kthread+0x337/0x6f0 [ 12.025285] ? trace_preempt_on+0x20/0xc0 [ 12.025309] ? __pfx_kthread+0x10/0x10 [ 12.025328] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.025349] ? calculate_sigpending+0x7b/0xa0 [ 12.025373] ? __pfx_kthread+0x10/0x10 [ 12.025393] ret_from_fork+0x116/0x1d0 [ 12.025412] ? __pfx_kthread+0x10/0x10 [ 12.025433] ret_from_fork_asm+0x1a/0x30 [ 12.025463] </TASK> [ 12.025474] [ 12.037677] Allocated by task 182: [ 12.037863] kasan_save_stack+0x45/0x70 [ 12.038050] kasan_save_track+0x18/0x40 [ 12.038532] kasan_save_alloc_info+0x3b/0x50 [ 12.038807] __kasan_kmalloc+0xb7/0xc0 [ 12.038943] __kmalloc_cache_noprof+0x189/0x420 [ 12.039105] krealloc_uaf+0xbb/0x5e0 [ 12.039232] kunit_try_run_case+0x1a5/0x480 [ 12.039370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.039547] kthread+0x337/0x6f0 [ 12.039663] ret_from_fork+0x116/0x1d0 [ 12.039789] ret_from_fork_asm+0x1a/0x30 [ 12.039922] [ 12.039990] Freed by task 182: [ 12.040099] kasan_save_stack+0x45/0x70 [ 12.040229] kasan_save_track+0x18/0x40 [ 12.040359] kasan_save_free_info+0x3f/0x60 [ 12.041176] __kasan_slab_free+0x56/0x70 [ 12.041655] kfree+0x222/0x3f0 [ 12.042302] krealloc_uaf+0x13d/0x5e0 [ 12.042763] kunit_try_run_case+0x1a5/0x480 [ 12.043449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.044323] kthread+0x337/0x6f0 [ 12.044778] ret_from_fork+0x116/0x1d0 [ 12.045294] ret_from_fork_asm+0x1a/0x30 [ 12.045797] [ 12.046116] The buggy address belongs to the object at ffff888100a3c000 [ 12.046116] which belongs to the cache kmalloc-256 of size 256 [ 12.047653] The buggy address is located 0 bytes inside of [ 12.047653] freed 256-byte region [ffff888100a3c000, ffff888100a3c100) [ 12.049168] [ 12.049462] The buggy address belongs to the physical page: [ 12.050140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a3c [ 12.051050] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.052023] flags: 0x200000000000040(head|node=0|zone=2) [ 12.052785] page_type: f5(slab) [ 12.053359] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.054160] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.054678] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.054917] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.055700] head: 0200000000000001 ffffea0004028f01 00000000ffffffff 00000000ffffffff [ 12.056465] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.056716] page dumped because: kasan: bad access detected [ 12.056886] [ 12.056956] Memory state around the buggy address: [ 12.057113] ffff888100a3bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.057793] ffff888100a3bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.058511] >ffff888100a3c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.059290] ^ [ 12.059644] ffff888100a3c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.060340] ffff888100a3c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.060966] ================================================================== [ 12.062001] ================================================================== [ 12.062997] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.063675] Read of size 1 at addr ffff888100a3c000 by task kunit_try_catch/182 [ 12.064398] [ 12.064605] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.064653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.064663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.064685] Call Trace: [ 12.064703] <TASK> [ 12.064721] dump_stack_lvl+0x73/0xb0 [ 12.064750] print_report+0xd1/0x610 [ 12.064771] ? __virt_addr_valid+0x1db/0x2d0 [ 12.064793] ? krealloc_uaf+0x53c/0x5e0 [ 12.064813] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.064835] ? krealloc_uaf+0x53c/0x5e0 [ 12.064856] kasan_report+0x141/0x180 [ 12.064877] ? krealloc_uaf+0x53c/0x5e0 [ 12.064903] __asan_report_load1_noabort+0x18/0x20 [ 12.064927] krealloc_uaf+0x53c/0x5e0 [ 12.064948] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.064968] ? finish_task_switch.isra.0+0x153/0x700 [ 12.064993] ? __switch_to+0x47/0xf50 [ 12.065020] ? __schedule+0x10cc/0x2b60 [ 12.065042] ? __pfx_read_tsc+0x10/0x10 [ 12.065064] ? ktime_get_ts64+0x86/0x230 [ 12.065088] kunit_try_run_case+0x1a5/0x480 [ 12.065112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.065134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.065170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.065193] ? __kthread_parkme+0x82/0x180 [ 12.065213] ? preempt_count_sub+0x50/0x80 [ 12.065235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.065258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.065281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.065303] kthread+0x337/0x6f0 [ 12.065321] ? trace_preempt_on+0x20/0xc0 [ 12.065344] ? __pfx_kthread+0x10/0x10 [ 12.065363] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.065384] ? calculate_sigpending+0x7b/0xa0 [ 12.065407] ? __pfx_kthread+0x10/0x10 [ 12.065428] ret_from_fork+0x116/0x1d0 [ 12.065445] ? __pfx_kthread+0x10/0x10 [ 12.065465] ret_from_fork_asm+0x1a/0x30 [ 12.065505] </TASK> [ 12.065515] [ 12.078010] Allocated by task 182: [ 12.078151] kasan_save_stack+0x45/0x70 [ 12.078752] kasan_save_track+0x18/0x40 [ 12.079102] kasan_save_alloc_info+0x3b/0x50 [ 12.079483] __kasan_kmalloc+0xb7/0xc0 [ 12.079907] __kmalloc_cache_noprof+0x189/0x420 [ 12.080328] krealloc_uaf+0xbb/0x5e0 [ 12.080722] kunit_try_run_case+0x1a5/0x480 [ 12.081154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.081638] kthread+0x337/0x6f0 [ 12.081937] ret_from_fork+0x116/0x1d0 [ 12.082317] ret_from_fork_asm+0x1a/0x30 [ 12.082683] [ 12.082836] Freed by task 182: [ 12.082956] kasan_save_stack+0x45/0x70 [ 12.083109] kasan_save_track+0x18/0x40 [ 12.083677] kasan_save_free_info+0x3f/0x60 [ 12.084114] __kasan_slab_free+0x56/0x70 [ 12.084522] kfree+0x222/0x3f0 [ 12.084810] krealloc_uaf+0x13d/0x5e0 [ 12.085011] kunit_try_run_case+0x1a5/0x480 [ 12.085351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.085834] kthread+0x337/0x6f0 [ 12.086078] ret_from_fork+0x116/0x1d0 [ 12.086425] ret_from_fork_asm+0x1a/0x30 [ 12.086680] [ 12.086751] The buggy address belongs to the object at ffff888100a3c000 [ 12.086751] which belongs to the cache kmalloc-256 of size 256 [ 12.087459] The buggy address is located 0 bytes inside of [ 12.087459] freed 256-byte region [ffff888100a3c000, ffff888100a3c100) [ 12.088615] [ 12.088791] The buggy address belongs to the physical page: [ 12.089512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a3c [ 12.090212] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.090445] flags: 0x200000000000040(head|node=0|zone=2) [ 12.090637] page_type: f5(slab) [ 12.090758] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.090986] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.091228] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.091645] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.091930] head: 0200000000000001 ffffea0004028f01 00000000ffffffff 00000000ffffffff [ 12.092268] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.092622] page dumped because: kasan: bad access detected [ 12.092828] [ 12.092897] Memory state around the buggy address: [ 12.093172] ffff888100a3bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.093489] ffff888100a3bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.093745] >ffff888100a3c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.093988] ^ [ 12.094143] ffff888100a3c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.094587] ffff888100a3c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.094854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.979879] ================================================================== [ 11.980294] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.980649] Write of size 1 at addr ffff88810394e0ea by task kunit_try_catch/180 [ 11.980956] [ 11.981096] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.981138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.981148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.981168] Call Trace: [ 11.981184] <TASK> [ 11.981198] dump_stack_lvl+0x73/0xb0 [ 11.981224] print_report+0xd1/0x610 [ 11.981247] ? __virt_addr_valid+0x1db/0x2d0 [ 11.981270] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.981293] ? kasan_addr_to_slab+0x11/0xa0 [ 11.981313] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.981336] kasan_report+0x141/0x180 [ 11.981357] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.981385] __asan_report_store1_noabort+0x1b/0x30 [ 11.981409] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.981435] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.981458] ? irqentry_exit+0x2a/0x60 [ 11.981479] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.981517] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 11.981543] krealloc_large_less_oob+0x1c/0x30 [ 11.981565] kunit_try_run_case+0x1a5/0x480 [ 11.981589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.981610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.981634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.981656] ? __kthread_parkme+0x82/0x180 [ 11.981676] ? preempt_count_sub+0x50/0x80 [ 11.981699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.981724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.981747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.981770] kthread+0x337/0x6f0 [ 11.981788] ? trace_preempt_on+0x20/0xc0 [ 11.981810] ? __pfx_kthread+0x10/0x10 [ 11.981829] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.981850] ? calculate_sigpending+0x7b/0xa0 [ 11.981873] ? __pfx_kthread+0x10/0x10 [ 11.981893] ret_from_fork+0x116/0x1d0 [ 11.981912] ? __pfx_kthread+0x10/0x10 [ 11.981931] ret_from_fork_asm+0x1a/0x30 [ 11.981960] </TASK> [ 11.981970] [ 11.989808] The buggy address belongs to the physical page: [ 11.990085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 11.990569] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.990794] flags: 0x200000000000040(head|node=0|zone=2) [ 11.991047] page_type: f8(unknown) [ 11.991220] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.991712] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.992031] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.992352] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.992688] head: 0200000000000002 ffffea00040e5301 00000000ffffffff 00000000ffffffff [ 11.993108] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.993488] page dumped because: kasan: bad access detected [ 11.993664] [ 11.993730] Memory state around the buggy address: [ 11.993899] ffff88810394df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.994562] ffff88810394e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.994898] >ffff88810394e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.995392] ^ [ 11.995730] ffff88810394e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.996045] ffff88810394e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.996377] ================================================================== [ 11.758894] ================================================================== [ 11.759250] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.759685] Write of size 1 at addr ffff8881003384d0 by task kunit_try_catch/176 [ 11.760020] [ 11.760143] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.760354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.760371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.760406] Call Trace: [ 11.760425] <TASK> [ 11.760440] dump_stack_lvl+0x73/0xb0 [ 11.760483] print_report+0xd1/0x610 [ 11.760522] ? __virt_addr_valid+0x1db/0x2d0 [ 11.760544] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.760567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.760590] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.760613] kasan_report+0x141/0x180 [ 11.760634] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.760662] __asan_report_store1_noabort+0x1b/0x30 [ 11.760686] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.760711] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.760733] ? irqentry_exit+0x2a/0x60 [ 11.760754] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.760782] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.760807] krealloc_less_oob+0x1c/0x30 [ 11.760827] kunit_try_run_case+0x1a5/0x480 [ 11.760850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.760871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.760894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.760917] ? __kthread_parkme+0x82/0x180 [ 11.760937] ? preempt_count_sub+0x50/0x80 [ 11.760960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.760983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.761005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.761028] kthread+0x337/0x6f0 [ 11.761046] ? trace_preempt_on+0x20/0xc0 [ 11.761070] ? __pfx_kthread+0x10/0x10 [ 11.761089] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.761119] ? calculate_sigpending+0x7b/0xa0 [ 11.761143] ? __pfx_kthread+0x10/0x10 [ 11.761465] ret_from_fork+0x116/0x1d0 [ 11.761485] ? __pfx_kthread+0x10/0x10 [ 11.761513] ret_from_fork_asm+0x1a/0x30 [ 11.761543] </TASK> [ 11.761553] [ 11.772033] Allocated by task 176: [ 11.772912] kasan_save_stack+0x45/0x70 [ 11.773198] kasan_save_track+0x18/0x40 [ 11.773426] kasan_save_alloc_info+0x3b/0x50 [ 11.773655] __kasan_krealloc+0x190/0x1f0 [ 11.774140] krealloc_noprof+0xf3/0x340 [ 11.774457] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.774690] krealloc_less_oob+0x1c/0x30 [ 11.774878] kunit_try_run_case+0x1a5/0x480 [ 11.775074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.775664] kthread+0x337/0x6f0 [ 11.775825] ret_from_fork+0x116/0x1d0 [ 11.776541] ret_from_fork_asm+0x1a/0x30 [ 11.776739] [ 11.776817] The buggy address belongs to the object at ffff888100338400 [ 11.776817] which belongs to the cache kmalloc-256 of size 256 [ 11.777506] The buggy address is located 7 bytes to the right of [ 11.777506] allocated 201-byte region [ffff888100338400, ffff8881003384c9) [ 11.778038] [ 11.778145] The buggy address belongs to the physical page: [ 11.778810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.779074] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.779308] flags: 0x200000000000040(head|node=0|zone=2) [ 11.779506] page_type: f5(slab) [ 11.779681] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.780110] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.780437] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.781122] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.781952] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.782540] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.783269] page dumped because: kasan: bad access detected [ 11.783604] [ 11.783677] Memory state around the buggy address: [ 11.783834] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.784052] ffff888100338400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.784274] >ffff888100338480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.784486] ^ [ 11.784676] ffff888100338500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.784929] ffff888100338580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.785246] ================================================================== [ 11.916320] ================================================================== [ 11.916836] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.917328] Write of size 1 at addr ffff88810394e0c9 by task kunit_try_catch/180 [ 11.917653] [ 11.917751] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.917798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.917809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.917831] Call Trace: [ 11.917844] <TASK> [ 11.917863] dump_stack_lvl+0x73/0xb0 [ 11.917894] print_report+0xd1/0x610 [ 11.917917] ? __virt_addr_valid+0x1db/0x2d0 [ 11.917942] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.917965] ? kasan_addr_to_slab+0x11/0xa0 [ 11.917985] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.918009] kasan_report+0x141/0x180 [ 11.918030] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.918057] __asan_report_store1_noabort+0x1b/0x30 [ 11.918081] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.918106] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.918129] ? irqentry_exit+0x2a/0x60 [ 11.918150] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.918284] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 11.918311] krealloc_large_less_oob+0x1c/0x30 [ 11.918348] kunit_try_run_case+0x1a5/0x480 [ 11.918374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.918396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.918420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.918442] ? __kthread_parkme+0x82/0x180 [ 11.918463] ? preempt_count_sub+0x50/0x80 [ 11.918488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.918519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.918542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.918565] kthread+0x337/0x6f0 [ 11.918583] ? trace_preempt_on+0x20/0xc0 [ 11.918606] ? __pfx_kthread+0x10/0x10 [ 11.918626] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.918646] ? calculate_sigpending+0x7b/0xa0 [ 11.918670] ? __pfx_kthread+0x10/0x10 [ 11.918690] ret_from_fork+0x116/0x1d0 [ 11.918710] ? __pfx_kthread+0x10/0x10 [ 11.918729] ret_from_fork_asm+0x1a/0x30 [ 11.918759] </TASK> [ 11.918769] [ 11.927996] The buggy address belongs to the physical page: [ 11.928301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 11.928621] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.929156] flags: 0x200000000000040(head|node=0|zone=2) [ 11.929502] page_type: f8(unknown) [ 11.929636] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.929980] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.930521] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.930874] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.931364] head: 0200000000000002 ffffea00040e5301 00000000ffffffff 00000000ffffffff [ 11.931655] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.932125] page dumped because: kasan: bad access detected [ 11.932428] [ 11.932539] Memory state around the buggy address: [ 11.932749] ffff88810394df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.933341] ffff88810394e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.933637] >ffff88810394e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.934129] ^ [ 11.934517] ffff88810394e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.934812] ffff88810394e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.935349] ================================================================== [ 11.959740] ================================================================== [ 11.960624] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.961030] Write of size 1 at addr ffff88810394e0da by task kunit_try_catch/180 [ 11.961987] [ 11.962190] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.962342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.962354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.962389] Call Trace: [ 11.962400] <TASK> [ 11.962415] dump_stack_lvl+0x73/0xb0 [ 11.962446] print_report+0xd1/0x610 [ 11.962467] ? __virt_addr_valid+0x1db/0x2d0 [ 11.962489] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.962523] ? kasan_addr_to_slab+0x11/0xa0 [ 11.962542] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.962566] kasan_report+0x141/0x180 [ 11.962586] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.962614] __asan_report_store1_noabort+0x1b/0x30 [ 11.962637] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.962662] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.962685] ? irqentry_exit+0x2a/0x60 [ 11.962705] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.962733] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 11.962760] krealloc_large_less_oob+0x1c/0x30 [ 11.962782] kunit_try_run_case+0x1a5/0x480 [ 11.962805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.962827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.962850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.962872] ? __kthread_parkme+0x82/0x180 [ 11.962892] ? preempt_count_sub+0x50/0x80 [ 11.962915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.962938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.962960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.962983] kthread+0x337/0x6f0 [ 11.963001] ? trace_preempt_on+0x20/0xc0 [ 11.963023] ? __pfx_kthread+0x10/0x10 [ 11.963080] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.963105] ? calculate_sigpending+0x7b/0xa0 [ 11.963128] ? __pfx_kthread+0x10/0x10 [ 11.963148] ret_from_fork+0x116/0x1d0 [ 11.963167] ? __pfx_kthread+0x10/0x10 [ 11.963187] ret_from_fork_asm+0x1a/0x30 [ 11.963216] </TASK> [ 11.963226] [ 11.972487] The buggy address belongs to the physical page: [ 11.972744] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 11.972990] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.973905] flags: 0x200000000000040(head|node=0|zone=2) [ 11.974342] page_type: f8(unknown) [ 11.974474] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.974805] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.975217] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.975607] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.975966] head: 0200000000000002 ffffea00040e5301 00000000ffffffff 00000000ffffffff [ 11.976454] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.976756] page dumped because: kasan: bad access detected [ 11.976962] [ 11.977055] Memory state around the buggy address: [ 11.977479] ffff88810394df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.977758] ffff88810394e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.978150] >ffff88810394e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.978480] ^ [ 11.978710] ffff88810394e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.979019] ffff88810394e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.979406] ================================================================== [ 11.996826] ================================================================== [ 11.997248] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.997584] Write of size 1 at addr ffff88810394e0eb by task kunit_try_catch/180 [ 11.997896] [ 11.998019] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.998072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.998229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.998255] Call Trace: [ 11.998272] <TASK> [ 11.998287] dump_stack_lvl+0x73/0xb0 [ 11.998362] print_report+0xd1/0x610 [ 11.998384] ? __virt_addr_valid+0x1db/0x2d0 [ 11.998408] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.998431] ? kasan_addr_to_slab+0x11/0xa0 [ 11.998450] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.998473] kasan_report+0x141/0x180 [ 11.998504] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.998532] __asan_report_store1_noabort+0x1b/0x30 [ 11.998556] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.998582] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.998605] ? irqentry_exit+0x2a/0x60 [ 11.998625] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.998663] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 11.998689] krealloc_large_less_oob+0x1c/0x30 [ 11.998711] kunit_try_run_case+0x1a5/0x480 [ 11.998747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.998769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.998792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.998814] ? __kthread_parkme+0x82/0x180 [ 11.998833] ? preempt_count_sub+0x50/0x80 [ 11.998857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.998880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.998902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.998925] kthread+0x337/0x6f0 [ 11.998942] ? trace_preempt_on+0x20/0xc0 [ 11.998964] ? __pfx_kthread+0x10/0x10 [ 11.998983] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.999005] ? calculate_sigpending+0x7b/0xa0 [ 11.999029] ? __pfx_kthread+0x10/0x10 [ 11.999059] ret_from_fork+0x116/0x1d0 [ 11.999078] ? __pfx_kthread+0x10/0x10 [ 11.999097] ret_from_fork_asm+0x1a/0x30 [ 11.999127] </TASK> [ 11.999136] [ 12.006779] The buggy address belongs to the physical page: [ 12.007550] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 12.007996] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.009011] flags: 0x200000000000040(head|node=0|zone=2) [ 12.009440] page_type: f8(unknown) [ 12.009754] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.010267] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.010711] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.011205] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.011614] head: 0200000000000002 ffffea00040e5301 00000000ffffffff 00000000ffffffff [ 12.011994] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.012479] page dumped because: kasan: bad access detected [ 12.012723] [ 12.013008] Memory state around the buggy address: [ 12.013463] ffff88810394df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.013790] ffff88810394e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.014432] >ffff88810394e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.014836] ^ [ 12.015269] ffff88810394e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.015671] ffff88810394e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.016121] ================================================================== [ 11.807765] ================================================================== [ 11.808309] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.808682] Write of size 1 at addr ffff8881003384ea by task kunit_try_catch/176 [ 11.809132] [ 11.809219] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.809261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.809272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.809292] Call Trace: [ 11.809308] <TASK> [ 11.809322] dump_stack_lvl+0x73/0xb0 [ 11.809349] print_report+0xd1/0x610 [ 11.809370] ? __virt_addr_valid+0x1db/0x2d0 [ 11.809392] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.809415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.809437] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.809460] kasan_report+0x141/0x180 [ 11.809481] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.809519] __asan_report_store1_noabort+0x1b/0x30 [ 11.809543] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.809568] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.809590] ? irqentry_exit+0x2a/0x60 [ 11.809611] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.809639] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.809664] krealloc_less_oob+0x1c/0x30 [ 11.809685] kunit_try_run_case+0x1a5/0x480 [ 11.809708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.809730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.809754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.809777] ? __kthread_parkme+0x82/0x180 [ 11.809796] ? preempt_count_sub+0x50/0x80 [ 11.809820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.809843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.809865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.809888] kthread+0x337/0x6f0 [ 11.809906] ? trace_preempt_on+0x20/0xc0 [ 11.809928] ? __pfx_kthread+0x10/0x10 [ 11.809947] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.809968] ? calculate_sigpending+0x7b/0xa0 [ 11.809991] ? __pfx_kthread+0x10/0x10 [ 11.810011] ret_from_fork+0x116/0x1d0 [ 11.810029] ? __pfx_kthread+0x10/0x10 [ 11.810048] ret_from_fork_asm+0x1a/0x30 [ 11.810077] </TASK> [ 11.810087] [ 11.818064] Allocated by task 176: [ 11.818266] kasan_save_stack+0x45/0x70 [ 11.818440] kasan_save_track+0x18/0x40 [ 11.818639] kasan_save_alloc_info+0x3b/0x50 [ 11.818883] __kasan_krealloc+0x190/0x1f0 [ 11.819105] krealloc_noprof+0xf3/0x340 [ 11.819424] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.819904] krealloc_less_oob+0x1c/0x30 [ 11.820280] kunit_try_run_case+0x1a5/0x480 [ 11.820510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.820758] kthread+0x337/0x6f0 [ 11.820919] ret_from_fork+0x116/0x1d0 [ 11.821119] ret_from_fork_asm+0x1a/0x30 [ 11.821325] [ 11.821424] The buggy address belongs to the object at ffff888100338400 [ 11.821424] which belongs to the cache kmalloc-256 of size 256 [ 11.821957] The buggy address is located 33 bytes to the right of [ 11.821957] allocated 201-byte region [ffff888100338400, ffff8881003384c9) [ 11.822487] [ 11.822566] The buggy address belongs to the physical page: [ 11.822732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.822964] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.823539] flags: 0x200000000000040(head|node=0|zone=2) [ 11.823792] page_type: f5(slab) [ 11.823984] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.824414] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.824777] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.825317] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.825556] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.825890] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.826313] page dumped because: kasan: bad access detected [ 11.826560] [ 11.826653] Memory state around the buggy address: [ 11.826868] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827276] ffff888100338400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.827601] >ffff888100338480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.827937] ^ [ 11.828249] ffff888100338500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.828581] ffff888100338580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.828899] ================================================================== [ 11.936414] ================================================================== [ 11.937387] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.937732] Write of size 1 at addr ffff88810394e0d0 by task kunit_try_catch/180 [ 11.938024] [ 11.938328] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.938376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.938386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.938406] Call Trace: [ 11.938418] <TASK> [ 11.938434] dump_stack_lvl+0x73/0xb0 [ 11.938463] print_report+0xd1/0x610 [ 11.938484] ? __virt_addr_valid+0x1db/0x2d0 [ 11.938596] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.938632] ? kasan_addr_to_slab+0x11/0xa0 [ 11.938652] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.938707] kasan_report+0x141/0x180 [ 11.938728] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.938767] __asan_report_store1_noabort+0x1b/0x30 [ 11.938791] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.938817] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.938840] ? irqentry_exit+0x2a/0x60 [ 11.938861] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.938889] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 11.938915] krealloc_large_less_oob+0x1c/0x30 [ 11.938937] kunit_try_run_case+0x1a5/0x480 [ 11.938961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.938982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.939006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.939029] ? __kthread_parkme+0x82/0x180 [ 11.939050] ? preempt_count_sub+0x50/0x80 [ 11.939128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.939152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.939175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.939198] kthread+0x337/0x6f0 [ 11.939217] ? trace_preempt_on+0x20/0xc0 [ 11.939238] ? __pfx_kthread+0x10/0x10 [ 11.939258] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.939278] ? calculate_sigpending+0x7b/0xa0 [ 11.939302] ? __pfx_kthread+0x10/0x10 [ 11.939322] ret_from_fork+0x116/0x1d0 [ 11.939341] ? __pfx_kthread+0x10/0x10 [ 11.939360] ret_from_fork_asm+0x1a/0x30 [ 11.939390] </TASK> [ 11.939399] [ 11.949057] The buggy address belongs to the physical page: [ 11.949376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 11.949867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.950100] flags: 0x200000000000040(head|node=0|zone=2) [ 11.950289] page_type: f8(unknown) [ 11.950422] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.951039] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.951613] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.951845] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.952510] head: 0200000000000002 ffffea00040e5301 00000000ffffffff 00000000ffffffff [ 11.953070] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.953883] page dumped because: kasan: bad access detected [ 11.954631] [ 11.954787] Memory state around the buggy address: [ 11.955324] ffff88810394df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.956063] ffff88810394e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.956617] >ffff88810394e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.956838] ^ [ 11.957019] ffff88810394e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.957971] ffff88810394e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.958800] ================================================================== [ 11.785953] ================================================================== [ 11.786332] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.786598] Write of size 1 at addr ffff8881003384da by task kunit_try_catch/176 [ 11.786930] [ 11.787066] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.787126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.787167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.787188] Call Trace: [ 11.787221] <TASK> [ 11.787239] dump_stack_lvl+0x73/0xb0 [ 11.787269] print_report+0xd1/0x610 [ 11.787312] ? __virt_addr_valid+0x1db/0x2d0 [ 11.787335] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.787358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.787379] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.787403] kasan_report+0x141/0x180 [ 11.787423] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.787451] __asan_report_store1_noabort+0x1b/0x30 [ 11.787504] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.787530] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.787566] ? irqentry_exit+0x2a/0x60 [ 11.787587] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.787629] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.787667] krealloc_less_oob+0x1c/0x30 [ 11.787687] kunit_try_run_case+0x1a5/0x480 [ 11.787711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.787769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.787805] ? __kthread_parkme+0x82/0x180 [ 11.787824] ? preempt_count_sub+0x50/0x80 [ 11.787848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.787893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.787917] kthread+0x337/0x6f0 [ 11.787935] ? trace_preempt_on+0x20/0xc0 [ 11.787957] ? __pfx_kthread+0x10/0x10 [ 11.787976] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.787997] ? calculate_sigpending+0x7b/0xa0 [ 11.788022] ? __pfx_kthread+0x10/0x10 [ 11.788049] ret_from_fork+0x116/0x1d0 [ 11.788067] ? __pfx_kthread+0x10/0x10 [ 11.788087] ret_from_fork_asm+0x1a/0x30 [ 11.788117] </TASK> [ 11.788127] [ 11.796464] Allocated by task 176: [ 11.796646] kasan_save_stack+0x45/0x70 [ 11.796844] kasan_save_track+0x18/0x40 [ 11.797049] kasan_save_alloc_info+0x3b/0x50 [ 11.797303] __kasan_krealloc+0x190/0x1f0 [ 11.797504] krealloc_noprof+0xf3/0x340 [ 11.797641] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.797802] krealloc_less_oob+0x1c/0x30 [ 11.797939] kunit_try_run_case+0x1a5/0x480 [ 11.798239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.798512] kthread+0x337/0x6f0 [ 11.798724] ret_from_fork+0x116/0x1d0 [ 11.798932] ret_from_fork_asm+0x1a/0x30 [ 11.799245] [ 11.799360] The buggy address belongs to the object at ffff888100338400 [ 11.799360] which belongs to the cache kmalloc-256 of size 256 [ 11.799894] The buggy address is located 17 bytes to the right of [ 11.799894] allocated 201-byte region [ffff888100338400, ffff8881003384c9) [ 11.800609] [ 11.800744] The buggy address belongs to the physical page: [ 11.801077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.801630] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.801918] flags: 0x200000000000040(head|node=0|zone=2) [ 11.802206] page_type: f5(slab) [ 11.802358] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.802783] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.803115] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.803538] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.803825] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.804195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.804570] page dumped because: kasan: bad access detected [ 11.804791] [ 11.804885] Memory state around the buggy address: [ 11.805115] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.805530] ffff888100338400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.805888] >ffff888100338480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.806253] ^ [ 11.806563] ffff888100338500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.806886] ffff888100338580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.807219] ================================================================== [ 11.829538] ================================================================== [ 11.829824] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.830211] Write of size 1 at addr ffff8881003384eb by task kunit_try_catch/176 [ 11.830540] [ 11.830650] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.830711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.830721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.830740] Call Trace: [ 11.830756] <TASK> [ 11.830770] dump_stack_lvl+0x73/0xb0 [ 11.830798] print_report+0xd1/0x610 [ 11.830819] ? __virt_addr_valid+0x1db/0x2d0 [ 11.830840] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.830863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.830885] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.830908] kasan_report+0x141/0x180 [ 11.830929] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.830958] __asan_report_store1_noabort+0x1b/0x30 [ 11.830982] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.831007] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.831052] ? irqentry_exit+0x2a/0x60 [ 11.831074] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.831122] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.831177] krealloc_less_oob+0x1c/0x30 [ 11.831212] kunit_try_run_case+0x1a5/0x480 [ 11.831248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.831306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.831341] ? __kthread_parkme+0x82/0x180 [ 11.831373] ? preempt_count_sub+0x50/0x80 [ 11.831411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.831483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.831516] kthread+0x337/0x6f0 [ 11.831548] ? trace_preempt_on+0x20/0xc0 [ 11.831583] ? __pfx_kthread+0x10/0x10 [ 11.831615] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.831636] ? calculate_sigpending+0x7b/0xa0 [ 11.831672] ? __pfx_kthread+0x10/0x10 [ 11.831705] ret_from_fork+0x116/0x1d0 [ 11.831737] ? __pfx_kthread+0x10/0x10 [ 11.831769] ret_from_fork_asm+0x1a/0x30 [ 11.831812] </TASK> [ 11.831834] [ 11.843041] Allocated by task 176: [ 11.843289] kasan_save_stack+0x45/0x70 [ 11.843515] kasan_save_track+0x18/0x40 [ 11.843699] kasan_save_alloc_info+0x3b/0x50 [ 11.844053] __kasan_krealloc+0x190/0x1f0 [ 11.844366] krealloc_noprof+0xf3/0x340 [ 11.844695] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.844909] krealloc_less_oob+0x1c/0x30 [ 11.845353] kunit_try_run_case+0x1a5/0x480 [ 11.845588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.846017] kthread+0x337/0x6f0 [ 11.846304] ret_from_fork+0x116/0x1d0 [ 11.846538] ret_from_fork_asm+0x1a/0x30 [ 11.846715] [ 11.846807] The buggy address belongs to the object at ffff888100338400 [ 11.846807] which belongs to the cache kmalloc-256 of size 256 [ 11.847270] The buggy address is located 34 bytes to the right of [ 11.847270] allocated 201-byte region [ffff888100338400, ffff8881003384c9) [ 11.848218] [ 11.848318] The buggy address belongs to the physical page: [ 11.848688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.849180] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.849737] flags: 0x200000000000040(head|node=0|zone=2) [ 11.850003] page_type: f5(slab) [ 11.850253] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.850784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.851142] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.851628] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.851916] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.852636] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.853039] page dumped because: kasan: bad access detected [ 11.853248] [ 11.853368] Memory state around the buggy address: [ 11.853668] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.853950] ffff888100338400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.854507] >ffff888100338480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.854780] ^ [ 11.855192] ffff888100338500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.855536] ffff888100338580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.855911] ================================================================== [ 11.727447] ================================================================== [ 11.728860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.729180] Write of size 1 at addr ffff8881003384c9 by task kunit_try_catch/176 [ 11.729409] [ 11.729509] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.729557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.729568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.729590] Call Trace: [ 11.729604] <TASK> [ 11.729621] dump_stack_lvl+0x73/0xb0 [ 11.729650] print_report+0xd1/0x610 [ 11.729672] ? __virt_addr_valid+0x1db/0x2d0 [ 11.729695] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.729718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.729739] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.729762] kasan_report+0x141/0x180 [ 11.729785] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.729812] __asan_report_store1_noabort+0x1b/0x30 [ 11.729836] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.729861] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.729883] ? irqentry_exit+0x2a/0x60 [ 11.729904] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.729932] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.729957] krealloc_less_oob+0x1c/0x30 [ 11.729977] kunit_try_run_case+0x1a5/0x480 [ 11.730001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.730022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.730046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.730069] ? __kthread_parkme+0x82/0x180 [ 11.730089] ? preempt_count_sub+0x50/0x80 [ 11.730112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.730134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.730157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.730180] kthread+0x337/0x6f0 [ 11.730204] ? trace_preempt_on+0x20/0xc0 [ 11.730226] ? __pfx_kthread+0x10/0x10 [ 11.730246] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.730266] ? calculate_sigpending+0x7b/0xa0 [ 11.730289] ? __pfx_kthread+0x10/0x10 [ 11.730310] ret_from_fork+0x116/0x1d0 [ 11.730328] ? __pfx_kthread+0x10/0x10 [ 11.730347] ret_from_fork_asm+0x1a/0x30 [ 11.730377] </TASK> [ 11.730387] [ 11.743325] Allocated by task 176: [ 11.743740] kasan_save_stack+0x45/0x70 [ 11.744193] kasan_save_track+0x18/0x40 [ 11.744641] kasan_save_alloc_info+0x3b/0x50 [ 11.745134] __kasan_krealloc+0x190/0x1f0 [ 11.745593] krealloc_noprof+0xf3/0x340 [ 11.745970] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.746456] krealloc_less_oob+0x1c/0x30 [ 11.746613] kunit_try_run_case+0x1a5/0x480 [ 11.746760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.746938] kthread+0x337/0x6f0 [ 11.747256] ret_from_fork+0x116/0x1d0 [ 11.747707] ret_from_fork_asm+0x1a/0x30 [ 11.748180] [ 11.748394] The buggy address belongs to the object at ffff888100338400 [ 11.748394] which belongs to the cache kmalloc-256 of size 256 [ 11.749551] The buggy address is located 0 bytes to the right of [ 11.749551] allocated 201-byte region [ffff888100338400, ffff8881003384c9) [ 11.750748] [ 11.750826] The buggy address belongs to the physical page: [ 11.751005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.751881] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.752641] flags: 0x200000000000040(head|node=0|zone=2) [ 11.753185] page_type: f5(slab) [ 11.753384] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.753631] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.753864] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.754248] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.754651] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.754984] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.755624] page dumped because: kasan: bad access detected [ 11.755855] [ 11.755949] Memory state around the buggy address: [ 11.756125] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.756682] ffff888100338400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.756992] >ffff888100338480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.757329] ^ [ 11.757658] ffff888100338500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.757960] ffff888100338580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.758350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.675355] ================================================================== [ 11.676006] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.676618] Write of size 1 at addr ffff8881003382eb by task kunit_try_catch/174 [ 11.676981] [ 11.677231] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.677387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.677399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.677422] Call Trace: [ 11.677435] <TASK> [ 11.677452] dump_stack_lvl+0x73/0xb0 [ 11.677484] print_report+0xd1/0x610 [ 11.677518] ? __virt_addr_valid+0x1db/0x2d0 [ 11.677542] ? krealloc_more_oob_helper+0x821/0x930 [ 11.677565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.677587] ? krealloc_more_oob_helper+0x821/0x930 [ 11.677610] kasan_report+0x141/0x180 [ 11.677631] ? krealloc_more_oob_helper+0x821/0x930 [ 11.677659] __asan_report_store1_noabort+0x1b/0x30 [ 11.677683] krealloc_more_oob_helper+0x821/0x930 [ 11.677704] ? __schedule+0x10cc/0x2b60 [ 11.677727] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.677752] ? __kasan_check_write+0x18/0x20 [ 11.677770] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.677792] ? irqentry_exit+0x2a/0x60 [ 11.677813] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.677836] ? trace_hardirqs_on+0x37/0xe0 [ 11.677859] ? __pfx_read_tsc+0x10/0x10 [ 11.677884] krealloc_more_oob+0x1c/0x30 [ 11.677905] kunit_try_run_case+0x1a5/0x480 [ 11.677930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.677953] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.677975] ? __kthread_parkme+0x82/0x180 [ 11.677995] ? preempt_count_sub+0x50/0x80 [ 11.678019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.678041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.678064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.678089] kthread+0x337/0x6f0 [ 11.678107] ? trace_preempt_on+0x20/0xc0 [ 11.678128] ? __pfx_kthread+0x10/0x10 [ 11.678148] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.678179] ? calculate_sigpending+0x7b/0xa0 [ 11.678209] ? __pfx_kthread+0x10/0x10 [ 11.678229] ret_from_fork+0x116/0x1d0 [ 11.678248] ? __pfx_kthread+0x10/0x10 [ 11.678267] ret_from_fork_asm+0x1a/0x30 [ 11.678299] </TASK> [ 11.678309] [ 11.687665] Allocated by task 174: [ 11.687891] kasan_save_stack+0x45/0x70 [ 11.688040] kasan_save_track+0x18/0x40 [ 11.688459] kasan_save_alloc_info+0x3b/0x50 [ 11.688683] __kasan_krealloc+0x190/0x1f0 [ 11.688931] krealloc_noprof+0xf3/0x340 [ 11.689240] krealloc_more_oob_helper+0x1a9/0x930 [ 11.689508] krealloc_more_oob+0x1c/0x30 [ 11.689652] kunit_try_run_case+0x1a5/0x480 [ 11.689896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.690142] kthread+0x337/0x6f0 [ 11.690475] ret_from_fork+0x116/0x1d0 [ 11.690641] ret_from_fork_asm+0x1a/0x30 [ 11.690813] [ 11.690907] The buggy address belongs to the object at ffff888100338200 [ 11.690907] which belongs to the cache kmalloc-256 of size 256 [ 11.691534] The buggy address is located 0 bytes to the right of [ 11.691534] allocated 235-byte region [ffff888100338200, ffff8881003382eb) [ 11.692046] [ 11.692141] The buggy address belongs to the physical page: [ 11.692580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.692948] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.693441] flags: 0x200000000000040(head|node=0|zone=2) [ 11.693698] page_type: f5(slab) [ 11.693907] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.694297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.694737] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.695077] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.695461] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.695778] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.696009] page dumped because: kasan: bad access detected [ 11.696568] [ 11.696850] Memory state around the buggy address: [ 11.697172] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.697508] ffff888100338200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.697778] >ffff888100338280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.698141] ^ [ 11.698626] ffff888100338300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.698932] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.699459] ================================================================== [ 11.859320] ================================================================== [ 11.859747] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.859997] Write of size 1 at addr ffff88810391a0eb by task kunit_try_catch/178 [ 11.860787] [ 11.861008] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.861064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.861074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.861095] Call Trace: [ 11.861107] <TASK> [ 11.861124] dump_stack_lvl+0x73/0xb0 [ 11.861154] print_report+0xd1/0x610 [ 11.861175] ? __virt_addr_valid+0x1db/0x2d0 [ 11.861198] ? krealloc_more_oob_helper+0x821/0x930 [ 11.861221] ? kasan_addr_to_slab+0x11/0xa0 [ 11.861241] ? krealloc_more_oob_helper+0x821/0x930 [ 11.861265] kasan_report+0x141/0x180 [ 11.861286] ? krealloc_more_oob_helper+0x821/0x930 [ 11.861313] __asan_report_store1_noabort+0x1b/0x30 [ 11.861337] krealloc_more_oob_helper+0x821/0x930 [ 11.861359] ? __schedule+0x10cc/0x2b60 [ 11.861381] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.861404] ? finish_task_switch.isra.0+0x153/0x700 [ 11.861426] ? __switch_to+0x47/0xf50 [ 11.861452] ? __schedule+0x10cc/0x2b60 [ 11.861522] ? __pfx_read_tsc+0x10/0x10 [ 11.861546] krealloc_large_more_oob+0x1c/0x30 [ 11.861580] kunit_try_run_case+0x1a5/0x480 [ 11.861605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.861626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.861649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.861672] ? __kthread_parkme+0x82/0x180 [ 11.861692] ? preempt_count_sub+0x50/0x80 [ 11.861714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.861737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.861760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.861783] kthread+0x337/0x6f0 [ 11.861801] ? trace_preempt_on+0x20/0xc0 [ 11.861823] ? __pfx_kthread+0x10/0x10 [ 11.861843] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.861863] ? calculate_sigpending+0x7b/0xa0 [ 11.861887] ? __pfx_kthread+0x10/0x10 [ 11.861908] ret_from_fork+0x116/0x1d0 [ 11.861925] ? __pfx_kthread+0x10/0x10 [ 11.861945] ret_from_fork_asm+0x1a/0x30 [ 11.861976] </TASK> [ 11.861986] [ 11.879353] The buggy address belongs to the physical page: [ 11.879802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103918 [ 11.880061] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.880727] flags: 0x200000000000040(head|node=0|zone=2) [ 11.881251] page_type: f8(unknown) [ 11.881652] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.882615] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.883317] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.884223] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.884828] head: 0200000000000002 ffffea00040e4601 00000000ffffffff 00000000ffffffff [ 11.885624] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.886150] page dumped because: kasan: bad access detected [ 11.886737] [ 11.886893] Memory state around the buggy address: [ 11.887117] ffff888103919f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.887902] ffff88810391a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.888548] >ffff88810391a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.888763] ^ [ 11.888964] ffff88810391a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.889678] ffff88810391a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.890425] ================================================================== [ 11.700216] ================================================================== [ 11.700509] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.700828] Write of size 1 at addr ffff8881003382f0 by task kunit_try_catch/174 [ 11.701434] [ 11.701585] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.701633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.701644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.701664] Call Trace: [ 11.701682] <TASK> [ 11.701697] dump_stack_lvl+0x73/0xb0 [ 11.701727] print_report+0xd1/0x610 [ 11.701748] ? __virt_addr_valid+0x1db/0x2d0 [ 11.701770] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.701793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.701816] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.701839] kasan_report+0x141/0x180 [ 11.701860] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.701888] __asan_report_store1_noabort+0x1b/0x30 [ 11.701912] krealloc_more_oob_helper+0x7eb/0x930 [ 11.701933] ? __schedule+0x10cc/0x2b60 [ 11.701955] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.701980] ? __kasan_check_write+0x18/0x20 [ 11.702037] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.702061] ? irqentry_exit+0x2a/0x60 [ 11.702081] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.702306] ? trace_hardirqs_on+0x37/0xe0 [ 11.702336] ? __pfx_read_tsc+0x10/0x10 [ 11.702372] krealloc_more_oob+0x1c/0x30 [ 11.702394] kunit_try_run_case+0x1a5/0x480 [ 11.702418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702441] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.702464] ? __kthread_parkme+0x82/0x180 [ 11.702483] ? preempt_count_sub+0x50/0x80 [ 11.702515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.702560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.702583] kthread+0x337/0x6f0 [ 11.702601] ? trace_preempt_on+0x20/0xc0 [ 11.702622] ? __pfx_kthread+0x10/0x10 [ 11.702642] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.702663] ? calculate_sigpending+0x7b/0xa0 [ 11.702686] ? __pfx_kthread+0x10/0x10 [ 11.702706] ret_from_fork+0x116/0x1d0 [ 11.702724] ? __pfx_kthread+0x10/0x10 [ 11.702743] ret_from_fork_asm+0x1a/0x30 [ 11.702772] </TASK> [ 11.702782] [ 11.712354] Allocated by task 174: [ 11.712622] kasan_save_stack+0x45/0x70 [ 11.712844] kasan_save_track+0x18/0x40 [ 11.713124] kasan_save_alloc_info+0x3b/0x50 [ 11.713423] __kasan_krealloc+0x190/0x1f0 [ 11.713619] krealloc_noprof+0xf3/0x340 [ 11.713794] krealloc_more_oob_helper+0x1a9/0x930 [ 11.714018] krealloc_more_oob+0x1c/0x30 [ 11.714450] kunit_try_run_case+0x1a5/0x480 [ 11.714672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.714851] kthread+0x337/0x6f0 [ 11.714971] ret_from_fork+0x116/0x1d0 [ 11.715135] ret_from_fork_asm+0x1a/0x30 [ 11.715328] [ 11.715422] The buggy address belongs to the object at ffff888100338200 [ 11.715422] which belongs to the cache kmalloc-256 of size 256 [ 11.715961] The buggy address is located 5 bytes to the right of [ 11.715961] allocated 235-byte region [ffff888100338200, ffff8881003382eb) [ 11.716626] [ 11.716727] The buggy address belongs to the physical page: [ 11.716980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 11.717444] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.717711] flags: 0x200000000000040(head|node=0|zone=2) [ 11.717967] page_type: f5(slab) [ 11.718421] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.718775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.719066] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.719833] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.720172] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 11.720618] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.720964] page dumped because: kasan: bad access detected [ 11.721139] [ 11.721216] Memory state around the buggy address: [ 11.721564] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722036] ffff888100338200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.722341] >ffff888100338280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.722644] ^ [ 11.722922] ffff888100338300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.723527] ffff888100338380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.723749] ================================================================== [ 11.891999] ================================================================== [ 11.892821] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.893424] Write of size 1 at addr ffff88810391a0f0 by task kunit_try_catch/178 [ 11.894323] [ 11.894485] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.894543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.894554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.894575] Call Trace: [ 11.894590] <TASK> [ 11.894635] dump_stack_lvl+0x73/0xb0 [ 11.894666] print_report+0xd1/0x610 [ 11.894689] ? __virt_addr_valid+0x1db/0x2d0 [ 11.894712] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.894734] ? kasan_addr_to_slab+0x11/0xa0 [ 11.894754] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.894777] kasan_report+0x141/0x180 [ 11.894799] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.894827] __asan_report_store1_noabort+0x1b/0x30 [ 11.894850] krealloc_more_oob_helper+0x7eb/0x930 [ 11.894872] ? __schedule+0x10cc/0x2b60 [ 11.894894] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.894917] ? finish_task_switch.isra.0+0x153/0x700 [ 11.894941] ? __switch_to+0x47/0xf50 [ 11.894965] ? __schedule+0x10cc/0x2b60 [ 11.894986] ? __pfx_read_tsc+0x10/0x10 [ 11.895009] krealloc_large_more_oob+0x1c/0x30 [ 11.895031] kunit_try_run_case+0x1a5/0x480 [ 11.895147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.895183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.895207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.895229] ? __kthread_parkme+0x82/0x180 [ 11.895249] ? preempt_count_sub+0x50/0x80 [ 11.895271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.895294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.895317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.895340] kthread+0x337/0x6f0 [ 11.895358] ? trace_preempt_on+0x20/0xc0 [ 11.895382] ? __pfx_kthread+0x10/0x10 [ 11.895401] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.895421] ? calculate_sigpending+0x7b/0xa0 [ 11.895445] ? __pfx_kthread+0x10/0x10 [ 11.895465] ret_from_fork+0x116/0x1d0 [ 11.895483] ? __pfx_kthread+0x10/0x10 [ 11.895512] ret_from_fork_asm+0x1a/0x30 [ 11.895542] </TASK> [ 11.895552] [ 11.904726] The buggy address belongs to the physical page: [ 11.905075] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103918 [ 11.905672] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.905979] flags: 0x200000000000040(head|node=0|zone=2) [ 11.906160] page_type: f8(unknown) [ 11.906295] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.906668] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.907312] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.907672] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.908306] head: 0200000000000002 ffffea00040e4601 00000000ffffffff 00000000ffffffff [ 11.908685] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.908961] page dumped because: kasan: bad access detected [ 11.909131] [ 11.909199] Memory state around the buggy address: [ 11.909740] ffff888103919f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.910154] ffff88810391a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.910672] >ffff88810391a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.910973] ^ [ 11.911574] ffff88810391a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.911846] ffff88810391a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.912240] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.651696] ================================================================== [ 11.652608] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.652882] Read of size 1 at addr ffff8881039c0000 by task kunit_try_catch/172 [ 11.653427] [ 11.653582] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.653667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.653679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.653731] Call Trace: [ 11.653744] <TASK> [ 11.653760] dump_stack_lvl+0x73/0xb0 [ 11.653802] print_report+0xd1/0x610 [ 11.653823] ? __virt_addr_valid+0x1db/0x2d0 [ 11.653846] ? page_alloc_uaf+0x356/0x3d0 [ 11.653866] ? kasan_addr_to_slab+0x11/0xa0 [ 11.653886] ? page_alloc_uaf+0x356/0x3d0 [ 11.653906] kasan_report+0x141/0x180 [ 11.653927] ? page_alloc_uaf+0x356/0x3d0 [ 11.653952] __asan_report_load1_noabort+0x18/0x20 [ 11.653976] page_alloc_uaf+0x356/0x3d0 [ 11.653996] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.654126] ? __schedule+0x10cc/0x2b60 [ 11.654150] ? __pfx_read_tsc+0x10/0x10 [ 11.654170] ? ktime_get_ts64+0x86/0x230 [ 11.654203] kunit_try_run_case+0x1a5/0x480 [ 11.654227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.654249] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.654272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.654295] ? __kthread_parkme+0x82/0x180 [ 11.654315] ? preempt_count_sub+0x50/0x80 [ 11.654339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.654361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.654384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.654407] kthread+0x337/0x6f0 [ 11.654426] ? trace_preempt_on+0x20/0xc0 [ 11.654448] ? __pfx_kthread+0x10/0x10 [ 11.654467] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.654488] ? calculate_sigpending+0x7b/0xa0 [ 11.654521] ? __pfx_kthread+0x10/0x10 [ 11.654541] ret_from_fork+0x116/0x1d0 [ 11.654559] ? __pfx_kthread+0x10/0x10 [ 11.654578] ret_from_fork_asm+0x1a/0x30 [ 11.654608] </TASK> [ 11.654618] [ 11.663836] The buggy address belongs to the physical page: [ 11.664106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 11.664444] flags: 0x200000000000000(node=0|zone=2) [ 11.664770] page_type: f0(buddy) [ 11.664944] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 11.665330] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 11.665580] page dumped because: kasan: bad access detected [ 11.665746] [ 11.665867] Memory state around the buggy address: [ 11.666092] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.666441] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.666941] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.667314] ^ [ 11.667488] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.667816] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.668084] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.622219] ================================================================== [ 11.622867] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.623336] Free of addr ffff888103914001 by task kunit_try_catch/168 [ 11.623582] [ 11.623782] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.623878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.623890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.623933] Call Trace: [ 11.623958] <TASK> [ 11.623975] dump_stack_lvl+0x73/0xb0 [ 11.624007] print_report+0xd1/0x610 [ 11.624029] ? __virt_addr_valid+0x1db/0x2d0 [ 11.624052] ? kasan_addr_to_slab+0x11/0xa0 [ 11.624072] ? kfree+0x274/0x3f0 [ 11.624092] kasan_report_invalid_free+0x10a/0x130 [ 11.624116] ? kfree+0x274/0x3f0 [ 11.624148] ? kfree+0x274/0x3f0 [ 11.624168] __kasan_kfree_large+0x86/0xd0 [ 11.624198] free_large_kmalloc+0x4b/0x110 [ 11.624221] kfree+0x274/0x3f0 [ 11.624245] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.624268] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.624292] ? __schedule+0x10cc/0x2b60 [ 11.624313] ? __pfx_read_tsc+0x10/0x10 [ 11.624334] ? ktime_get_ts64+0x86/0x230 [ 11.624358] kunit_try_run_case+0x1a5/0x480 [ 11.624382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.624404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.624427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.624459] ? __kthread_parkme+0x82/0x180 [ 11.624479] ? preempt_count_sub+0x50/0x80 [ 11.624512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.624535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.624557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.624613] kthread+0x337/0x6f0 [ 11.624632] ? trace_preempt_on+0x20/0xc0 [ 11.624655] ? __pfx_kthread+0x10/0x10 [ 11.624796] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.624824] ? calculate_sigpending+0x7b/0xa0 [ 11.624849] ? __pfx_kthread+0x10/0x10 [ 11.624870] ret_from_fork+0x116/0x1d0 [ 11.624888] ? __pfx_kthread+0x10/0x10 [ 11.624908] ret_from_fork_asm+0x1a/0x30 [ 11.624939] </TASK> [ 11.624951] [ 11.636996] The buggy address belongs to the physical page: [ 11.637394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103914 [ 11.637916] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.638381] flags: 0x200000000000040(head|node=0|zone=2) [ 11.638690] page_type: f8(unknown) [ 11.638897] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.639124] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.639448] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.639802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.640577] head: 0200000000000002 ffffea00040e4501 00000000ffffffff 00000000ffffffff [ 11.640921] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.641557] page dumped because: kasan: bad access detected [ 11.641786] [ 11.641857] Memory state around the buggy address: [ 11.642361] ffff888103913f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.642920] ffff888103913f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.643521] >ffff888103914000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.643940] ^ [ 11.644553] ffff888103914080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.644856] ffff888103914100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.645405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.594205] ================================================================== [ 11.594887] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.595340] Read of size 1 at addr ffff88810394c000 by task kunit_try_catch/166 [ 11.596148] [ 11.596399] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.596449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.596460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.596482] Call Trace: [ 11.596507] <TASK> [ 11.596524] dump_stack_lvl+0x73/0xb0 [ 11.596555] print_report+0xd1/0x610 [ 11.596577] ? __virt_addr_valid+0x1db/0x2d0 [ 11.596599] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.596619] ? kasan_addr_to_slab+0x11/0xa0 [ 11.596639] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.596659] kasan_report+0x141/0x180 [ 11.596681] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.596707] __asan_report_load1_noabort+0x18/0x20 [ 11.596733] kmalloc_large_uaf+0x2f1/0x340 [ 11.596752] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.596773] ? __schedule+0x10cc/0x2b60 [ 11.596795] ? __pfx_read_tsc+0x10/0x10 [ 11.596815] ? ktime_get_ts64+0x86/0x230 [ 11.596838] kunit_try_run_case+0x1a5/0x480 [ 11.596863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.596884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.596907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.596929] ? __kthread_parkme+0x82/0x180 [ 11.596949] ? preempt_count_sub+0x50/0x80 [ 11.596972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.596994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.597017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.597040] kthread+0x337/0x6f0 [ 11.597150] ? trace_preempt_on+0x20/0xc0 [ 11.597173] ? __pfx_kthread+0x10/0x10 [ 11.597194] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.597214] ? calculate_sigpending+0x7b/0xa0 [ 11.597238] ? __pfx_kthread+0x10/0x10 [ 11.597258] ret_from_fork+0x116/0x1d0 [ 11.597277] ? __pfx_kthread+0x10/0x10 [ 11.597296] ret_from_fork_asm+0x1a/0x30 [ 11.597325] </TASK> [ 11.597336] [ 11.609813] The buggy address belongs to the physical page: [ 11.610071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10394c [ 11.610633] flags: 0x200000000000000(node=0|zone=2) [ 11.611246] raw: 0200000000000000 ffffea00040e5408 ffff88815b039f80 0000000000000000 [ 11.611702] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.612226] page dumped because: kasan: bad access detected [ 11.612436] [ 11.612545] Memory state around the buggy address: [ 11.612775] ffff88810394bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.613424] ffff88810394bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.613871] >ffff88810394c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.614405] ^ [ 11.614852] ffff88810394c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.615365] ffff88810394c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.615793] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.566861] ================================================================== [ 11.567939] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.568379] Write of size 1 at addr ffff88810391600a by task kunit_try_catch/164 [ 11.568926] [ 11.569022] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.569070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.569080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.569102] Call Trace: [ 11.569115] <TASK> [ 11.569133] dump_stack_lvl+0x73/0xb0 [ 11.569190] print_report+0xd1/0x610 [ 11.569212] ? __virt_addr_valid+0x1db/0x2d0 [ 11.569236] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.569286] ? kasan_addr_to_slab+0x11/0xa0 [ 11.569307] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.569329] kasan_report+0x141/0x180 [ 11.569350] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.569376] __asan_report_store1_noabort+0x1b/0x30 [ 11.569400] kmalloc_large_oob_right+0x2e9/0x330 [ 11.569422] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.569445] ? __schedule+0x10cc/0x2b60 [ 11.569467] ? __pfx_read_tsc+0x10/0x10 [ 11.569520] ? ktime_get_ts64+0x86/0x230 [ 11.569546] kunit_try_run_case+0x1a5/0x480 [ 11.569571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.569593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.569617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.569640] ? __kthread_parkme+0x82/0x180 [ 11.569660] ? preempt_count_sub+0x50/0x80 [ 11.569685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.569707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.569730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.569753] kthread+0x337/0x6f0 [ 11.569771] ? trace_preempt_on+0x20/0xc0 [ 11.569795] ? __pfx_kthread+0x10/0x10 [ 11.569814] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.569834] ? calculate_sigpending+0x7b/0xa0 [ 11.569858] ? __pfx_kthread+0x10/0x10 [ 11.569878] ret_from_fork+0x116/0x1d0 [ 11.569899] ? __pfx_kthread+0x10/0x10 [ 11.569918] ret_from_fork_asm+0x1a/0x30 [ 11.569949] </TASK> [ 11.569959] [ 11.581217] The buggy address belongs to the physical page: [ 11.581709] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103914 [ 11.582406] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.583048] flags: 0x200000000000040(head|node=0|zone=2) [ 11.583563] page_type: f8(unknown) [ 11.583888] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.584381] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.584776] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.585012] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.585473] head: 0200000000000002 ffffea00040e4501 00000000ffffffff 00000000ffffffff [ 11.586133] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.586803] page dumped because: kasan: bad access detected [ 11.587291] [ 11.587444] Memory state around the buggy address: [ 11.587872] ffff888103915f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.588339] ffff888103915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.588670] >ffff888103916000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.589288] ^ [ 11.589604] ffff888103916080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.590062] ffff888103916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.590606] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.529749] ================================================================== [ 11.531258] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.531948] Write of size 1 at addr ffff888102aa5f00 by task kunit_try_catch/162 [ 11.532603] [ 11.532778] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.532825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.532836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.532857] Call Trace: [ 11.532869] <TASK> [ 11.532885] dump_stack_lvl+0x73/0xb0 [ 11.532914] print_report+0xd1/0x610 [ 11.532934] ? __virt_addr_valid+0x1db/0x2d0 [ 11.532956] ? kmalloc_big_oob_right+0x316/0x370 [ 11.532977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.532999] ? kmalloc_big_oob_right+0x316/0x370 [ 11.533021] kasan_report+0x141/0x180 [ 11.533041] ? kmalloc_big_oob_right+0x316/0x370 [ 11.533067] __asan_report_store1_noabort+0x1b/0x30 [ 11.533091] kmalloc_big_oob_right+0x316/0x370 [ 11.533113] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.533135] ? __schedule+0x10cc/0x2b60 [ 11.533157] ? __pfx_read_tsc+0x10/0x10 [ 11.533178] ? ktime_get_ts64+0x86/0x230 [ 11.533202] kunit_try_run_case+0x1a5/0x480 [ 11.533226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.533247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.533270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.533293] ? __kthread_parkme+0x82/0x180 [ 11.533313] ? preempt_count_sub+0x50/0x80 [ 11.533336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.533359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.533382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.533405] kthread+0x337/0x6f0 [ 11.533423] ? trace_preempt_on+0x20/0xc0 [ 11.533445] ? __pfx_kthread+0x10/0x10 [ 11.533464] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.533484] ? calculate_sigpending+0x7b/0xa0 [ 11.533519] ? __pfx_kthread+0x10/0x10 [ 11.533539] ret_from_fork+0x116/0x1d0 [ 11.533556] ? __pfx_kthread+0x10/0x10 [ 11.533575] ret_from_fork_asm+0x1a/0x30 [ 11.533604] </TASK> [ 11.533614] [ 11.545191] Allocated by task 162: [ 11.545616] kasan_save_stack+0x45/0x70 [ 11.545959] kasan_save_track+0x18/0x40 [ 11.546382] kasan_save_alloc_info+0x3b/0x50 [ 11.546769] __kasan_kmalloc+0xb7/0xc0 [ 11.547107] __kmalloc_cache_noprof+0x189/0x420 [ 11.547530] kmalloc_big_oob_right+0xa9/0x370 [ 11.547913] kunit_try_run_case+0x1a5/0x480 [ 11.548332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.548838] kthread+0x337/0x6f0 [ 11.549132] ret_from_fork+0x116/0x1d0 [ 11.549513] ret_from_fork_asm+0x1a/0x30 [ 11.549869] [ 11.550022] The buggy address belongs to the object at ffff888102aa4000 [ 11.550022] which belongs to the cache kmalloc-8k of size 8192 [ 11.551080] The buggy address is located 0 bytes to the right of [ 11.551080] allocated 7936-byte region [ffff888102aa4000, ffff888102aa5f00) [ 11.552339] [ 11.552512] The buggy address belongs to the physical page: [ 11.552996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aa0 [ 11.553351] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.553589] flags: 0x200000000000040(head|node=0|zone=2) [ 11.553769] page_type: f5(slab) [ 11.553891] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.554129] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.554801] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.555655] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.556567] head: 0200000000000003 ffffea00040aa801 00000000ffffffff 00000000ffffffff [ 11.557333] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.558011] page dumped because: kasan: bad access detected [ 11.558569] [ 11.558732] Memory state around the buggy address: [ 11.559166] ffff888102aa5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.559783] ffff888102aa5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.560433] >ffff888102aa5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.561050] ^ [ 11.561381] ffff888102aa5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.561993] ffff888102aa6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.562287] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.484510] ================================================================== [ 11.485008] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.485602] Write of size 1 at addr ffff888102f59578 by task kunit_try_catch/160 [ 11.486009] [ 11.486122] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.486171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.486182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.486210] Call Trace: [ 11.486223] <TASK> [ 11.486241] dump_stack_lvl+0x73/0xb0 [ 11.486274] print_report+0xd1/0x610 [ 11.486296] ? __virt_addr_valid+0x1db/0x2d0 [ 11.486320] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.486345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.486366] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.486391] kasan_report+0x141/0x180 [ 11.486412] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.486478] __asan_report_store1_noabort+0x1b/0x30 [ 11.486531] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.486555] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.486581] ? __schedule+0x10cc/0x2b60 [ 11.486603] ? __pfx_read_tsc+0x10/0x10 [ 11.486624] ? ktime_get_ts64+0x86/0x230 [ 11.486650] kunit_try_run_case+0x1a5/0x480 [ 11.486675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.486697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.486721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.486743] ? __kthread_parkme+0x82/0x180 [ 11.486764] ? preempt_count_sub+0x50/0x80 [ 11.486788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.486810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.486833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.486856] kthread+0x337/0x6f0 [ 11.486875] ? trace_preempt_on+0x20/0xc0 [ 11.486898] ? __pfx_kthread+0x10/0x10 [ 11.486917] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.486937] ? calculate_sigpending+0x7b/0xa0 [ 11.486961] ? __pfx_kthread+0x10/0x10 [ 11.486982] ret_from_fork+0x116/0x1d0 [ 11.487000] ? __pfx_kthread+0x10/0x10 [ 11.487020] ret_from_fork_asm+0x1a/0x30 [ 11.487050] </TASK> [ 11.487061] [ 11.494810] Allocated by task 160: [ 11.494947] kasan_save_stack+0x45/0x70 [ 11.495219] kasan_save_track+0x18/0x40 [ 11.495582] kasan_save_alloc_info+0x3b/0x50 [ 11.495789] __kasan_kmalloc+0xb7/0xc0 [ 11.496054] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.496238] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.496408] kunit_try_run_case+0x1a5/0x480 [ 11.496626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.496887] kthread+0x337/0x6f0 [ 11.497175] ret_from_fork+0x116/0x1d0 [ 11.497505] ret_from_fork_asm+0x1a/0x30 [ 11.497716] [ 11.497827] The buggy address belongs to the object at ffff888102f59500 [ 11.497827] which belongs to the cache kmalloc-128 of size 128 [ 11.498371] The buggy address is located 0 bytes to the right of [ 11.498371] allocated 120-byte region [ffff888102f59500, ffff888102f59578) [ 11.499103] [ 11.499243] The buggy address belongs to the physical page: [ 11.499521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 11.499765] flags: 0x200000000000000(node=0|zone=2) [ 11.500084] page_type: f5(slab) [ 11.500323] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.500721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.501008] page dumped because: kasan: bad access detected [ 11.501183] [ 11.501251] Memory state around the buggy address: [ 11.501408] ffff888102f59400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.501730] ffff888102f59480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.502457] >ffff888102f59500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.502792] ^ [ 11.503005] ffff888102f59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.503674] ffff888102f59600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.503983] ================================================================== [ 11.504900] ================================================================== [ 11.505297] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.505856] Write of size 1 at addr ffff888102f59678 by task kunit_try_catch/160 [ 11.506133] [ 11.506226] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.506269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.506280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.506300] Call Trace: [ 11.506311] <TASK> [ 11.506326] dump_stack_lvl+0x73/0xb0 [ 11.506353] print_report+0xd1/0x610 [ 11.506375] ? __virt_addr_valid+0x1db/0x2d0 [ 11.506397] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.506420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.506442] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.506467] kasan_report+0x141/0x180 [ 11.506488] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.506547] __asan_report_store1_noabort+0x1b/0x30 [ 11.506571] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.506595] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.506620] ? __schedule+0x10cc/0x2b60 [ 11.506642] ? __pfx_read_tsc+0x10/0x10 [ 11.506662] ? ktime_get_ts64+0x86/0x230 [ 11.506686] kunit_try_run_case+0x1a5/0x480 [ 11.506709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.506730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.506753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.506776] ? __kthread_parkme+0x82/0x180 [ 11.506796] ? preempt_count_sub+0x50/0x80 [ 11.506820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.506843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.506866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.506889] kthread+0x337/0x6f0 [ 11.506907] ? trace_preempt_on+0x20/0xc0 [ 11.506929] ? __pfx_kthread+0x10/0x10 [ 11.506949] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.506970] ? calculate_sigpending+0x7b/0xa0 [ 11.506994] ? __pfx_kthread+0x10/0x10 [ 11.507014] ret_from_fork+0x116/0x1d0 [ 11.507032] ? __pfx_kthread+0x10/0x10 [ 11.507080] ret_from_fork_asm+0x1a/0x30 [ 11.507110] </TASK> [ 11.507130] [ 11.516169] Allocated by task 160: [ 11.516318] kasan_save_stack+0x45/0x70 [ 11.516467] kasan_save_track+0x18/0x40 [ 11.516808] kasan_save_alloc_info+0x3b/0x50 [ 11.516983] __kasan_kmalloc+0xb7/0xc0 [ 11.517216] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.517601] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.517920] kunit_try_run_case+0x1a5/0x480 [ 11.518152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.518371] kthread+0x337/0x6f0 [ 11.518502] ret_from_fork+0x116/0x1d0 [ 11.518636] ret_from_fork_asm+0x1a/0x30 [ 11.518786] [ 11.518928] The buggy address belongs to the object at ffff888102f59600 [ 11.518928] which belongs to the cache kmalloc-128 of size 128 [ 11.519553] The buggy address is located 0 bytes to the right of [ 11.519553] allocated 120-byte region [ffff888102f59600, ffff888102f59678) [ 11.520234] [ 11.520346] The buggy address belongs to the physical page: [ 11.520671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f59 [ 11.521060] flags: 0x200000000000000(node=0|zone=2) [ 11.521278] page_type: f5(slab) [ 11.521489] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.521801] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.522158] page dumped because: kasan: bad access detected [ 11.522512] [ 11.522655] Memory state around the buggy address: [ 11.522936] ffff888102f59500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.523195] ffff888102f59580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.523632] >ffff888102f59600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.523991] ^ [ 11.524279] ffff888102f59680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.524621] ffff888102f59700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.524835] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.966618] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.966729] WARNING: CPU: 1 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.968977] Modules linked in: [ 141.969451] CPU: 1 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.969912] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.970221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.970769] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.971018] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 9e ba 4c 89 f2 48 c7 c7 a0 87 9e ba 48 89 c6 e8 74 b6 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.971921] RSP: 0000:ffff88810a9b7d18 EFLAGS: 00010286 [ 141.972470] RAX: 0000000000000000 RBX: ffff8881030aa000 RCX: 1ffffffff76e4cf0 [ 141.972782] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.973485] RBP: ffff88810a9b7d48 R08: 0000000000000000 R09: fffffbfff76e4cf0 [ 141.973821] R10: 0000000000000003 R11: 000000000003a8c8 R12: ffff88810a6f8000 [ 141.974525] R13: ffff8881030aa0f8 R14: ffff88810b8a6280 R15: ffff88810039fb40 [ 141.975011] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 141.975569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.975995] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 141.976499] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 141.976846] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.977453] Call Trace: [ 141.977716] <TASK> [ 141.977864] ? trace_preempt_on+0x20/0xc0 [ 141.978338] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.978617] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.978834] __kunit_action_free+0x57/0x70 [ 141.979372] kunit_remove_resource+0x133/0x200 [ 141.979621] ? preempt_count_sub+0x50/0x80 [ 141.979942] kunit_cleanup+0x7a/0x120 [ 141.980279] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.980649] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.980914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.981371] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.981837] kthread+0x337/0x6f0 [ 141.982035] ? trace_preempt_on+0x20/0xc0 [ 141.982481] ? __pfx_kthread+0x10/0x10 [ 141.982767] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.983008] ? calculate_sigpending+0x7b/0xa0 [ 141.983479] ? __pfx_kthread+0x10/0x10 [ 141.983714] ret_from_fork+0x116/0x1d0 [ 141.983888] ? __pfx_kthread+0x10/0x10 [ 141.984365] ret_from_fork_asm+0x1a/0x30 [ 141.984591] </TASK> [ 141.984713] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 141.827990] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 141.828674] Modules linked in: [ 141.828863] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.829589] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.829822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.830480] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 141.830769] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 141.831612] RSP: 0000:ffff88810a607b20 EFLAGS: 00010246 [ 141.831898] RAX: ffff88810a607ba8 RBX: ffff88810a607c28 RCX: 1ffff110214c0f8e [ 141.832289] RDX: dffffc0000000000 RSI: ffff88810a631000 RDI: ffff88810a631000 [ 141.832856] RBP: ffff88810a607b70 R08: ffff88810a631000 R09: ffffffffba9d8e20 [ 141.833145] R10: 0000000000000003 R11: 000000004400359f R12: 1ffff110214c0f71 [ 141.833532] R13: ffff88810a607c70 R14: ffff88810a607db8 R15: 0000000000000000 [ 141.833885] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 141.834337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.834600] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 141.834870] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 141.835231] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.835592] Call Trace: [ 141.835732] <TASK> [ 141.835853] ? trace_preempt_on+0x20/0xc0 [ 141.836038] ? add_dr+0xc1/0x1d0 [ 141.836237] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 141.836853] ? add_dr+0x148/0x1d0 [ 141.837189] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.837603] ? __drmm_add_action+0x1a4/0x280 [ 141.837820] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.838214] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.838509] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.838767] ? __schedule+0x10cc/0x2b60 [ 141.838990] ? __pfx_read_tsc+0x10/0x10 [ 141.839334] ? ktime_get_ts64+0x86/0x230 [ 141.839663] kunit_try_run_case+0x1a5/0x480 [ 141.839896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.840382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.840647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.840921] ? __kthread_parkme+0x82/0x180 [ 141.841127] ? preempt_count_sub+0x50/0x80 [ 141.841496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.841749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.842005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.842453] kthread+0x337/0x6f0 [ 141.842641] ? trace_preempt_on+0x20/0xc0 [ 141.842890] ? __pfx_kthread+0x10/0x10 [ 141.843058] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.843336] ? calculate_sigpending+0x7b/0xa0 [ 141.843669] ? __pfx_kthread+0x10/0x10 [ 141.843901] ret_from_fork+0x116/0x1d0 [ 141.844169] ? __pfx_kthread+0x10/0x10 [ 141.844659] ret_from_fork_asm+0x1a/0x30 [ 141.844879] </TASK> [ 141.845047] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 141.792796] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 141.792921] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 141.794372] Modules linked in: [ 141.794545] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.795022] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.795195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.795452] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 141.796155] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 9d ba 4c 89 fa 48 c7 c7 20 39 9d ba 48 89 c6 e8 f2 dc 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 141.796862] RSP: 0000:ffff88810a5dfb68 EFLAGS: 00010282 [ 141.797483] RAX: 0000000000000000 RBX: ffff88810a5dfc40 RCX: 1ffffffff76e4cf0 [ 141.797915] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.798537] RBP: ffff88810a5dfb90 R08: 0000000000000000 R09: fffffbfff76e4cf0 [ 141.798988] R10: 0000000000000003 R11: 0000000000038ec0 R12: ffff88810a5dfc18 [ 141.799869] R13: ffff88810a40a000 R14: ffff88810a53f000 R15: ffff888103166880 [ 141.800469] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 141.801013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.801526] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 141.801999] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 141.802787] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.803214] Call Trace: [ 141.803495] <TASK> [ 141.803652] drm_test_framebuffer_free+0x1ab/0x610 [ 141.803894] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 141.804439] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.804936] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.805494] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.805754] ? __schedule+0x10cc/0x2b60 [ 141.805942] ? __pfx_read_tsc+0x10/0x10 [ 141.806727] ? ktime_get_ts64+0x86/0x230 [ 141.806896] kunit_try_run_case+0x1a5/0x480 [ 141.807066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.807230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.807392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.807563] ? __kthread_parkme+0x82/0x180 [ 141.807724] ? preempt_count_sub+0x50/0x80 [ 141.807872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.808105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.808365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.809012] kthread+0x337/0x6f0 [ 141.809405] ? trace_preempt_on+0x20/0xc0 [ 141.809652] ? __pfx_kthread+0x10/0x10 [ 141.809835] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.810289] ? calculate_sigpending+0x7b/0xa0 [ 141.810520] ? __pfx_kthread+0x10/0x10 [ 141.810796] ret_from_fork+0x116/0x1d0 [ 141.810971] ? __pfx_kthread+0x10/0x10 [ 141.811324] ret_from_fork_asm+0x1a/0x30 [ 141.811597] </TASK> [ 141.811710] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 140.427829] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.429318] Modules linked in: [ 140.429747] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.430096] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.430719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.431721] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.432380] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 34 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.432913] RSP: 0000:ffff8881052a7c90 EFLAGS: 00010246 [ 140.433160] RAX: dffffc0000000000 RBX: ffff888104a8e000 RCX: 0000000000000000 [ 140.433847] RDX: 1ffff11020951c32 RSI: ffffffffb7c06998 RDI: ffff888104a8e190 [ 140.434579] RBP: ffff8881052a7ca0 R08: 1ffff11020073f69 R09: ffffed1020a54f65 [ 140.435085] R10: 0000000000000003 R11: ffffffffb71859b8 R12: 0000000000000000 [ 140.435486] R13: ffff8881052a7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.436135] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 140.436772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.436961] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 140.437607] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 140.438596] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.439396] Call Trace: [ 140.439699] <TASK> [ 140.440153] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 140.440744] ? __kasan_check_write+0x18/0x20 [ 140.440913] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 140.441289] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 140.441748] ? trace_hardirqs_on+0x37/0xe0 [ 140.442188] ? __pfx_read_tsc+0x10/0x10 [ 140.442668] ? ktime_get_ts64+0x86/0x230 [ 140.443127] kunit_try_run_case+0x1a5/0x480 [ 140.443593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.443899] ? queued_spin_lock_slowpath+0x116/0xb40 [ 140.444138] ? __kthread_parkme+0x82/0x180 [ 140.444580] ? preempt_count_sub+0x50/0x80 [ 140.445193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.445721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.445911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.446172] kthread+0x337/0x6f0 [ 140.446525] ? trace_preempt_on+0x20/0xc0 [ 140.447190] ? __pfx_kthread+0x10/0x10 [ 140.447717] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.448429] ? calculate_sigpending+0x7b/0xa0 [ 140.449002] ? __pfx_kthread+0x10/0x10 [ 140.449380] ret_from_fork+0x116/0x1d0 [ 140.449937] ? __pfx_kthread+0x10/0x10 [ 140.450435] ret_from_fork_asm+0x1a/0x30 [ 140.450622] </TASK> [ 140.450719] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.511437] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.513104] Modules linked in: [ 140.513704] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.515204] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.515798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.516923] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.517806] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 34 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.519654] RSP: 0000:ffff888105357c90 EFLAGS: 00010246 [ 140.520005] RAX: dffffc0000000000 RBX: ffff888104ace000 RCX: 0000000000000000 [ 140.520701] RDX: 1ffff11020959c32 RSI: ffffffffb7c06998 RDI: ffff888104ace190 [ 140.521523] RBP: ffff888105357ca0 R08: 1ffff11020073f69 R09: ffffed1020a6af65 [ 140.522027] R10: 0000000000000003 R11: ffffffffb71859b8 R12: 0000000000000000 [ 140.522557] R13: ffff888105357d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.522854] FS: 0000000000000000(0000) GS:ffff88819e672000(0000) knlGS:0000000000000000 [ 140.523198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.523652] CR2: 00007ffff7ffe000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 140.523966] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52442 [ 140.524366] DR3: ffffffffbca52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.524649] Call Trace: [ 140.524790] <TASK> [ 140.524931] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 140.525338] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 140.525691] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 140.525974] kunit_try_run_case+0x1a5/0x480 [ 140.526266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.526490] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.526713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.526889] ? __kthread_parkme+0x82/0x180 [ 140.527367] ? preempt_count_sub+0x50/0x80 [ 140.527623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.527806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.528009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.528286] kthread+0x337/0x6f0 [ 140.528513] ? trace_preempt_on+0x20/0xc0 [ 140.528691] ? __pfx_kthread+0x10/0x10 [ 140.528878] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.529048] ? calculate_sigpending+0x7b/0xa0 [ 140.529439] ? __pfx_kthread+0x10/0x10 [ 140.529642] ret_from_fork+0x116/0x1d0 [ 140.529835] ? __pfx_kthread+0x10/0x10 [ 140.530003] ret_from_fork_asm+0x1a/0x30 [ 140.530191] </TASK> [ 140.530371] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.114396] WARNING: CPU: 1 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.115363] Modules linked in: [ 110.115943] CPU: 1 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 110.117317] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.117981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.118272] RIP: 0010:intlog10+0x2a/0x40 [ 110.118428] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.119144] RSP: 0000:ffff8881021cfcb0 EFLAGS: 00010246 [ 110.119605] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020439fb4 [ 110.119957] RDX: 1ffffffff7512dc4 RSI: 1ffff11020439fb3 RDI: 0000000000000000 [ 110.120659] RBP: ffff8881021cfd60 R08: 0000000000000000 R09: ffffed10201c83c0 [ 110.120996] R10: ffff888100e41e07 R11: 0000000000000000 R12: 1ffff11020439f97 [ 110.121431] R13: ffffffffba896e20 R14: 0000000000000000 R15: ffff8881021cfd38 [ 110.121764] FS: 0000000000000000(0000) GS:ffff88819e772000(0000) knlGS:0000000000000000 [ 110.122192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.122464] CR2: ffff88815a918000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 110.122778] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52443 [ 110.123362] DR3: ffffffffbca52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.123693] Call Trace: [ 110.123839] <TASK> [ 110.123974] ? intlog10_test+0xf2/0x220 [ 110.124353] ? __pfx_intlog10_test+0x10/0x10 [ 110.124591] ? __schedule+0x10cc/0x2b60 [ 110.124808] ? __pfx_read_tsc+0x10/0x10 [ 110.124988] ? ktime_get_ts64+0x86/0x230 [ 110.125331] kunit_try_run_case+0x1a5/0x480 [ 110.125588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.125818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.126024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.126408] ? __kthread_parkme+0x82/0x180 [ 110.126607] ? preempt_count_sub+0x50/0x80 [ 110.126796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.127288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.127621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.127888] kthread+0x337/0x6f0 [ 110.128186] ? trace_preempt_on+0x20/0xc0 [ 110.128426] ? __pfx_kthread+0x10/0x10 [ 110.128633] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.128823] ? calculate_sigpending+0x7b/0xa0 [ 110.129087] ? __pfx_kthread+0x10/0x10 [ 110.129297] ret_from_fork+0x116/0x1d0 [ 110.129568] ? __pfx_kthread+0x10/0x10 [ 110.129725] ret_from_fork_asm+0x1a/0x30 [ 110.129962] </TASK> [ 110.130177] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.076057] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.076538] Modules linked in: [ 110.076757] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 110.077276] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.077494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.077855] RIP: 0010:intlog2+0xdf/0x110 [ 110.078182] Code: 89 ba c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 b8 86 02 90 <0f> 0b 90 31 c0 e9 c7 b8 86 02 89 45 e4 e8 8f d6 55 ff 8b 45 e4 eb [ 110.079227] RSP: 0000:ffff88810b33fcb0 EFLAGS: 00010246 [ 110.079499] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021667fb4 [ 110.079731] RDX: 1ffffffff7512e18 RSI: 1ffff11021667fb3 RDI: 0000000000000000 [ 110.080041] RBP: ffff88810b33fd60 R08: 0000000000000000 R09: ffffed102054e780 [ 110.080514] R10: ffff888102a73c07 R11: 0000000000000000 R12: 1ffff11021667f97 [ 110.080821] R13: ffffffffba8970c0 R14: 0000000000000000 R15: ffff88810b33fd38 [ 110.081216] FS: 0000000000000000(0000) GS:ffff88819e672000(0000) knlGS:0000000000000000 [ 110.081511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.081788] CR2: dffffc0000000000 CR3: 00000001538bc000 CR4: 00000000000006f0 [ 110.082002] DR0: ffffffffbca52440 DR1: ffffffffbca52441 DR2: ffffffffbca52442 [ 110.082739] DR3: ffffffffbca52443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.083019] Call Trace: [ 110.083163] <TASK> [ 110.083578] ? intlog2_test+0xf2/0x220 [ 110.083759] ? __pfx_intlog2_test+0x10/0x10 [ 110.083971] ? __schedule+0x10cc/0x2b60 [ 110.084275] ? __pfx_read_tsc+0x10/0x10 [ 110.084486] ? ktime_get_ts64+0x86/0x230 [ 110.084696] kunit_try_run_case+0x1a5/0x480 [ 110.084864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.085111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.085680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.085921] ? __kthread_parkme+0x82/0x180 [ 110.086468] ? preempt_count_sub+0x50/0x80 [ 110.086901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.087622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.087883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.088513] kthread+0x337/0x6f0 [ 110.088719] ? trace_preempt_on+0x20/0xc0 [ 110.088909] ? __pfx_kthread+0x10/0x10 [ 110.089466] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.089888] ? calculate_sigpending+0x7b/0xa0 [ 110.090350] ? __pfx_kthread+0x10/0x10 [ 110.090534] ret_from_fork+0x116/0x1d0 [ 110.090720] ? __pfx_kthread+0x10/0x10 [ 110.090886] ret_from_fork_asm+0x1a/0x30 [ 110.091552] </TASK> [ 110.091860] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 109.491946] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI