Date
July 19, 2025, 11:12 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.342711] ================================================================== [ 11.343761] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.343993] Read of size 1 at addr ffff888101ccd27f by task kunit_try_catch/155 [ 11.344239] [ 11.344329] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.344372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.344382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.344404] Call Trace: [ 11.344416] <TASK> [ 11.344430] dump_stack_lvl+0x73/0xb0 [ 11.344456] print_report+0xd1/0x610 [ 11.344476] ? __virt_addr_valid+0x1db/0x2d0 [ 11.344607] ? kmalloc_oob_left+0x361/0x3c0 [ 11.344627] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.344647] ? kmalloc_oob_left+0x361/0x3c0 [ 11.344668] kasan_report+0x141/0x180 [ 11.344691] ? kmalloc_oob_left+0x361/0x3c0 [ 11.344717] __asan_report_load1_noabort+0x18/0x20 [ 11.344740] kmalloc_oob_left+0x361/0x3c0 [ 11.344760] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.344780] ? __schedule+0x10cc/0x2b60 [ 11.344801] ? __pfx_read_tsc+0x10/0x10 [ 11.344820] ? ktime_get_ts64+0x86/0x230 [ 11.344843] kunit_try_run_case+0x1a5/0x480 [ 11.344865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.344886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.344907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.344929] ? __kthread_parkme+0x82/0x180 [ 11.344947] ? preempt_count_sub+0x50/0x80 [ 11.344985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.345017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.345039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.345060] kthread+0x337/0x6f0 [ 11.345079] ? trace_preempt_on+0x20/0xc0 [ 11.345100] ? __pfx_kthread+0x10/0x10 [ 11.345120] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.345139] ? calculate_sigpending+0x7b/0xa0 [ 11.345162] ? __pfx_kthread+0x10/0x10 [ 11.345182] ret_from_fork+0x116/0x1d0 [ 11.345198] ? __pfx_kthread+0x10/0x10 [ 11.345228] ret_from_fork_asm+0x1a/0x30 [ 11.345257] </TASK> [ 11.345267] [ 11.358620] Allocated by task 9: [ 11.358945] kasan_save_stack+0x45/0x70 [ 11.359218] kasan_save_track+0x18/0x40 [ 11.359604] kasan_save_alloc_info+0x3b/0x50 [ 11.359758] __kasan_kmalloc+0xb7/0xc0 [ 11.359888] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.360080] kvasprintf+0xc5/0x150 [ 11.360207] kasprintf+0xb6/0xf0 [ 11.360324] input_devnode+0x46/0x80 [ 11.360553] device_get_devnode+0x145/0x2a0 [ 11.360703] dev_uevent+0x41c/0x730 [ 11.360940] kobject_uevent_env+0x50d/0xff0 [ 11.361176] kobject_uevent+0xf/0x20 [ 11.361313] device_add+0xe4c/0x1820 [ 11.361595] cdev_device_add+0xab/0x1c0 [ 11.361739] evdev_connect+0x356/0x480 [ 11.361886] input_attach_handler.isra.0+0x117/0x1f0 [ 11.362116] input_register_device+0x722/0xe10 [ 11.362422] atkbd_connect+0x53b/0x940 [ 11.362623] serio_driver_probe+0x7a/0xb0 [ 11.362796] really_probe+0x1d4/0x920 [ 11.362927] __driver_probe_device+0x18f/0x3e0 [ 11.363176] driver_probe_device+0x4f/0x130 [ 11.363418] __driver_attach+0x1eb/0x4b0 [ 11.363758] bus_for_each_dev+0x10f/0x1a0 [ 11.363988] driver_attach+0x41/0x60 [ 11.364173] serio_handle_event+0x254/0x940 [ 11.364321] process_one_work+0x5ee/0xf60 [ 11.364639] worker_thread+0x758/0x1220 [ 11.364995] kthread+0x337/0x6f0 [ 11.365151] ret_from_fork+0x116/0x1d0 [ 11.365282] ret_from_fork_asm+0x1a/0x30 [ 11.365420] [ 11.365535] Freed by task 9: [ 11.365701] kasan_save_stack+0x45/0x70 [ 11.365997] kasan_save_track+0x18/0x40 [ 11.366203] kasan_save_free_info+0x3f/0x60 [ 11.366488] __kasan_slab_free+0x56/0x70 [ 11.366639] kfree+0x222/0x3f0 [ 11.366755] dev_uevent+0x466/0x730 [ 11.366963] kobject_uevent_env+0x50d/0xff0 [ 11.367178] kobject_uevent+0xf/0x20 [ 11.367372] device_add+0xe4c/0x1820 [ 11.367618] cdev_device_add+0xab/0x1c0 [ 11.367822] evdev_connect+0x356/0x480 [ 11.367988] input_attach_handler.isra.0+0x117/0x1f0 [ 11.368229] input_register_device+0x722/0xe10 [ 11.368554] atkbd_connect+0x53b/0x940 [ 11.368723] serio_driver_probe+0x7a/0xb0 [ 11.368928] really_probe+0x1d4/0x920 [ 11.369075] __driver_probe_device+0x18f/0x3e0 [ 11.369223] driver_probe_device+0x4f/0x130 [ 11.369456] __driver_attach+0x1eb/0x4b0 [ 11.369677] bus_for_each_dev+0x10f/0x1a0 [ 11.369874] driver_attach+0x41/0x60 [ 11.370064] serio_handle_event+0x254/0x940 [ 11.370234] process_one_work+0x5ee/0xf60 [ 11.370442] worker_thread+0x758/0x1220 [ 11.370637] kthread+0x337/0x6f0 [ 11.370806] ret_from_fork+0x116/0x1d0 [ 11.370985] ret_from_fork_asm+0x1a/0x30 [ 11.371203] [ 11.371305] The buggy address belongs to the object at ffff888101ccd260 [ 11.371305] which belongs to the cache kmalloc-16 of size 16 [ 11.371760] The buggy address is located 15 bytes to the right of [ 11.371760] allocated 16-byte region [ffff888101ccd260, ffff888101ccd270) [ 11.372565] [ 11.372730] The buggy address belongs to the physical page: [ 11.373205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ccd [ 11.373983] flags: 0x200000000000000(node=0|zone=2) [ 11.374491] page_type: f5(slab) [ 11.374615] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.374844] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.375216] page dumped because: kasan: bad access detected [ 11.375825] [ 11.376012] Memory state around the buggy address: [ 11.376536] ffff888101ccd100: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 11.377179] ffff888101ccd180: fa fb fc fc fa fb fc fc 00 00 fc fc 00 00 fc fc [ 11.377871] >ffff888101ccd200: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 11.378255] ^ [ 11.378801] ffff888101ccd280: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.379030] ffff888101ccd300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.379240] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.319079] ================================================================== [ 11.319655] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.319895] Read of size 1 at addr ffff888102fc3f80 by task kunit_try_catch/153 [ 11.320755] [ 11.321122] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.321173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.321185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.321206] Call Trace: [ 11.321219] <TASK> [ 11.321232] dump_stack_lvl+0x73/0xb0 [ 11.321269] print_report+0xd1/0x610 [ 11.321290] ? __virt_addr_valid+0x1db/0x2d0 [ 11.321311] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.321331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.321357] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.321377] kasan_report+0x141/0x180 [ 11.321397] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.321422] __asan_report_load1_noabort+0x18/0x20 [ 11.321444] kmalloc_oob_right+0x68a/0x7f0 [ 11.321464] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.321485] ? __schedule+0x10cc/0x2b60 [ 11.321506] ? __pfx_read_tsc+0x10/0x10 [ 11.321525] ? ktime_get_ts64+0x86/0x230 [ 11.321548] kunit_try_run_case+0x1a5/0x480 [ 11.321570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.321591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.321612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.321634] ? __kthread_parkme+0x82/0x180 [ 11.321653] ? preempt_count_sub+0x50/0x80 [ 11.321675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.321698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.321719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.321741] kthread+0x337/0x6f0 [ 11.321759] ? trace_preempt_on+0x20/0xc0 [ 11.321780] ? __pfx_kthread+0x10/0x10 [ 11.321799] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.321819] ? calculate_sigpending+0x7b/0xa0 [ 11.321842] ? __pfx_kthread+0x10/0x10 [ 11.321863] ret_from_fork+0x116/0x1d0 [ 11.321879] ? __pfx_kthread+0x10/0x10 [ 11.321898] ret_from_fork_asm+0x1a/0x30 [ 11.321927] </TASK> [ 11.321936] [ 11.330058] Allocated by task 153: [ 11.330248] kasan_save_stack+0x45/0x70 [ 11.330632] kasan_save_track+0x18/0x40 [ 11.330833] kasan_save_alloc_info+0x3b/0x50 [ 11.331171] __kasan_kmalloc+0xb7/0xc0 [ 11.331328] __kmalloc_cache_noprof+0x189/0x420 [ 11.331612] kmalloc_oob_right+0xa9/0x7f0 [ 11.331833] kunit_try_run_case+0x1a5/0x480 [ 11.332050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.332293] kthread+0x337/0x6f0 [ 11.332406] ret_from_fork+0x116/0x1d0 [ 11.332530] ret_from_fork_asm+0x1a/0x30 [ 11.332660] [ 11.332775] The buggy address belongs to the object at ffff888102fc3f00 [ 11.332775] which belongs to the cache kmalloc-128 of size 128 [ 11.333508] The buggy address is located 13 bytes to the right of [ 11.333508] allocated 115-byte region [ffff888102fc3f00, ffff888102fc3f73) [ 11.334141] [ 11.334261] The buggy address belongs to the physical page: [ 11.334641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fc3 [ 11.335026] flags: 0x200000000000000(node=0|zone=2) [ 11.335259] page_type: f5(slab) [ 11.335519] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.335857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.336205] page dumped because: kasan: bad access detected [ 11.336467] [ 11.336589] Memory state around the buggy address: [ 11.336914] ffff888102fc3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337242] ffff888102fc3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.337550] >ffff888102fc3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.338109] ^ [ 11.338265] ffff888102fc4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.338476] ffff888102fc4080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.338788] ================================================================== [ 11.260775] ================================================================== [ 11.261477] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.262203] Write of size 1 at addr ffff888102fc3f73 by task kunit_try_catch/153 [ 11.262872] [ 11.264075] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.264487] Tainted: [N]=TEST [ 11.264522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.264735] Call Trace: [ 11.264798] <TASK> [ 11.264937] dump_stack_lvl+0x73/0xb0 [ 11.265040] print_report+0xd1/0x610 [ 11.265068] ? __virt_addr_valid+0x1db/0x2d0 [ 11.265093] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.265113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.265134] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.265154] kasan_report+0x141/0x180 [ 11.265175] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.265200] __asan_report_store1_noabort+0x1b/0x30 [ 11.265224] kmalloc_oob_right+0x6f0/0x7f0 [ 11.265245] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.265266] ? __schedule+0x10cc/0x2b60 [ 11.265289] ? __pfx_read_tsc+0x10/0x10 [ 11.265310] ? ktime_get_ts64+0x86/0x230 [ 11.265335] kunit_try_run_case+0x1a5/0x480 [ 11.265361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.265405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.265447] ? __kthread_parkme+0x82/0x180 [ 11.265468] ? preempt_count_sub+0x50/0x80 [ 11.265491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.265536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.265558] kthread+0x337/0x6f0 [ 11.265576] ? trace_preempt_on+0x20/0xc0 [ 11.265599] ? __pfx_kthread+0x10/0x10 [ 11.265618] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.265638] ? calculate_sigpending+0x7b/0xa0 [ 11.265664] ? __pfx_kthread+0x10/0x10 [ 11.265684] ret_from_fork+0x116/0x1d0 [ 11.265702] ? __pfx_kthread+0x10/0x10 [ 11.265721] ret_from_fork_asm+0x1a/0x30 [ 11.265780] </TASK> [ 11.265844] [ 11.277081] Allocated by task 153: [ 11.277538] kasan_save_stack+0x45/0x70 [ 11.277905] kasan_save_track+0x18/0x40 [ 11.278079] kasan_save_alloc_info+0x3b/0x50 [ 11.278545] __kasan_kmalloc+0xb7/0xc0 [ 11.278817] __kmalloc_cache_noprof+0x189/0x420 [ 11.279029] kmalloc_oob_right+0xa9/0x7f0 [ 11.279226] kunit_try_run_case+0x1a5/0x480 [ 11.279751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.279972] kthread+0x337/0x6f0 [ 11.280345] ret_from_fork+0x116/0x1d0 [ 11.280754] ret_from_fork_asm+0x1a/0x30 [ 11.281254] [ 11.281668] The buggy address belongs to the object at ffff888102fc3f00 [ 11.281668] which belongs to the cache kmalloc-128 of size 128 [ 11.282711] The buggy address is located 0 bytes to the right of [ 11.282711] allocated 115-byte region [ffff888102fc3f00, ffff888102fc3f73) [ 11.283686] [ 11.284088] The buggy address belongs to the physical page: [ 11.284981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fc3 [ 11.285899] flags: 0x200000000000000(node=0|zone=2) [ 11.286592] page_type: f5(slab) [ 11.287104] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.287416] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.288155] page dumped because: kasan: bad access detected [ 11.288630] [ 11.288739] Memory state around the buggy address: [ 11.289580] ffff888102fc3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.289905] ffff888102fc3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.290264] >ffff888102fc3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.290894] ^ [ 11.291389] ffff888102fc3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.291880] ffff888102fc4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.292329] ================================================================== [ 11.294303] ================================================================== [ 11.294732] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.295117] Write of size 1 at addr ffff888102fc3f78 by task kunit_try_catch/153 [ 11.295834] [ 11.296138] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.296257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.296270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.296289] Call Trace: [ 11.296300] <TASK> [ 11.296314] dump_stack_lvl+0x73/0xb0 [ 11.296340] print_report+0xd1/0x610 [ 11.296361] ? __virt_addr_valid+0x1db/0x2d0 [ 11.296403] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.296423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.296461] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.296481] kasan_report+0x141/0x180 [ 11.296501] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.296525] __asan_report_store1_noabort+0x1b/0x30 [ 11.296548] kmalloc_oob_right+0x6bd/0x7f0 [ 11.296568] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.296589] ? __schedule+0x10cc/0x2b60 [ 11.296610] ? __pfx_read_tsc+0x10/0x10 [ 11.296629] ? ktime_get_ts64+0x86/0x230 [ 11.296652] kunit_try_run_case+0x1a5/0x480 [ 11.296674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.296695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.296716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.296737] ? __kthread_parkme+0x82/0x180 [ 11.296756] ? preempt_count_sub+0x50/0x80 [ 11.296777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.296799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.296821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.296843] kthread+0x337/0x6f0 [ 11.296861] ? trace_preempt_on+0x20/0xc0 [ 11.296882] ? __pfx_kthread+0x10/0x10 [ 11.296901] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.296921] ? calculate_sigpending+0x7b/0xa0 [ 11.296945] ? __pfx_kthread+0x10/0x10 [ 11.296965] ret_from_fork+0x116/0x1d0 [ 11.296989] ? __pfx_kthread+0x10/0x10 [ 11.297019] ret_from_fork_asm+0x1a/0x30 [ 11.297048] </TASK> [ 11.297057] [ 11.307253] Allocated by task 153: [ 11.307666] kasan_save_stack+0x45/0x70 [ 11.308025] kasan_save_track+0x18/0x40 [ 11.308317] kasan_save_alloc_info+0x3b/0x50 [ 11.308620] __kasan_kmalloc+0xb7/0xc0 [ 11.308765] __kmalloc_cache_noprof+0x189/0x420 [ 11.309224] kmalloc_oob_right+0xa9/0x7f0 [ 11.309390] kunit_try_run_case+0x1a5/0x480 [ 11.309671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.310128] kthread+0x337/0x6f0 [ 11.310255] ret_from_fork+0x116/0x1d0 [ 11.310633] ret_from_fork_asm+0x1a/0x30 [ 11.310797] [ 11.310953] The buggy address belongs to the object at ffff888102fc3f00 [ 11.310953] which belongs to the cache kmalloc-128 of size 128 [ 11.311772] The buggy address is located 5 bytes to the right of [ 11.311772] allocated 115-byte region [ffff888102fc3f00, ffff888102fc3f73) [ 11.312298] [ 11.312588] The buggy address belongs to the physical page: [ 11.312992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fc3 [ 11.313448] flags: 0x200000000000000(node=0|zone=2) [ 11.313898] page_type: f5(slab) [ 11.314059] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.314617] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.314983] page dumped because: kasan: bad access detected [ 11.315462] [ 11.315567] Memory state around the buggy address: [ 11.315894] ffff888102fc3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.316176] ffff888102fc3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.316670] >ffff888102fc3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.317095] ^ [ 11.317543] ffff888102fc3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.318084] ffff888102fc4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.318547] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 142.122800] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.123904] Modules linked in: [ 142.124115] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.125039] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.125330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.125905] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.126161] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.128497] RSP: 0000:ffff88810b59fc78 EFLAGS: 00010286 [ 142.128736] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.128955] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff96433d74 [ 142.129187] RBP: ffff88810b59fca0 R08: 0000000000000000 R09: ffffed1020478180 [ 142.129740] R10: ffff8881023c0c07 R11: 0000000000000000 R12: ffffffff96433d60 [ 142.130710] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b59fd38 [ 142.131455] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 142.132322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.132980] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 142.133787] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 142.134529] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.135054] Call Trace: [ 142.135242] <TASK> [ 142.135593] drm_test_rect_calc_vscale+0x108/0x270 [ 142.135902] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.136269] ? __schedule+0x10cc/0x2b60 [ 142.136541] ? __pfx_read_tsc+0x10/0x10 [ 142.136903] ? ktime_get_ts64+0x86/0x230 [ 142.137068] kunit_try_run_case+0x1a5/0x480 [ 142.137222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.137455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.137914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.138447] ? __kthread_parkme+0x82/0x180 [ 142.138989] ? preempt_count_sub+0x50/0x80 [ 142.139477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.139953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.140469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.140852] kthread+0x337/0x6f0 [ 142.140991] ? trace_preempt_on+0x20/0xc0 [ 142.141146] ? __pfx_kthread+0x10/0x10 [ 142.141279] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.141607] ? calculate_sigpending+0x7b/0xa0 [ 142.142061] ? __pfx_kthread+0x10/0x10 [ 142.142440] ret_from_fork+0x116/0x1d0 [ 142.142953] ? __pfx_kthread+0x10/0x10 [ 142.143566] ret_from_fork_asm+0x1a/0x30 [ 142.143966] </TASK> [ 142.144201] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.101981] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.102508] Modules linked in: [ 142.102724] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.103143] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.103324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.104058] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.104370] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.105316] RSP: 0000:ffff88810b67fc78 EFLAGS: 00010286 [ 142.105895] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.106252] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff96433d3c [ 142.106921] RBP: ffff88810b67fca0 R08: 0000000000000000 R09: ffffed10212b1520 [ 142.107200] R10: ffff88810958a907 R11: 0000000000000000 R12: ffffffff96433d28 [ 142.107734] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b67fd38 [ 142.108190] FS: 0000000000000000(0000) GS:ffff8881c2d72000(0000) knlGS:0000000000000000 [ 142.108748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.109020] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 142.109289] DR0: ffffffff98452444 DR1: ffffffff98452449 DR2: ffffffff9845244a [ 142.109782] DR3: ffffffff9845244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.110091] Call Trace: [ 142.110233] <TASK> [ 142.110364] drm_test_rect_calc_vscale+0x108/0x270 [ 142.110747] ? __kasan_check_write+0x18/0x20 [ 142.110919] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.111186] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 142.111560] ? trace_hardirqs_on+0x37/0xe0 [ 142.111787] ? __pfx_read_tsc+0x10/0x10 [ 142.111969] ? ktime_get_ts64+0x86/0x230 [ 142.112141] kunit_try_run_case+0x1a5/0x480 [ 142.112358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.112659] ? queued_spin_lock_slowpath+0x116/0xb40 [ 142.112830] ? __kthread_parkme+0x82/0x180 [ 142.113056] ? preempt_count_sub+0x50/0x80 [ 142.113267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.113894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.114322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.114881] kthread+0x337/0x6f0 [ 142.115065] ? trace_preempt_on+0x20/0xc0 [ 142.115254] ? __pfx_kthread+0x10/0x10 [ 142.115867] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.116215] ? calculate_sigpending+0x7b/0xa0 [ 142.116783] ? __pfx_kthread+0x10/0x10 [ 142.117015] ret_from_fork+0x116/0x1d0 [ 142.117199] ? __pfx_kthread+0x10/0x10 [ 142.117366] ret_from_fork_asm+0x1a/0x30 [ 142.117983] </TASK> [ 142.118255] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 142.061507] WARNING: CPU: 1 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.061807] Modules linked in: [ 142.061954] CPU: 1 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.062290] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.062465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.062726] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.062899] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.065449] RSP: 0000:ffff88810b50fc78 EFLAGS: 00010286 [ 142.065978] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.066925] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff96433d78 [ 142.067659] RBP: ffff88810b50fca0 R08: 0000000000000000 R09: ffffed10212b1440 [ 142.068471] R10: ffff88810958a207 R11: 0000000000000000 R12: ffffffff96433d60 [ 142.069183] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b50fd38 [ 142.069974] FS: 0000000000000000(0000) GS:ffff8881c2d72000(0000) knlGS:0000000000000000 [ 142.070884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.071564] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 142.072213] DR0: ffffffff98452444 DR1: ffffffff98452449 DR2: ffffffff9845244a [ 142.073091] DR3: ffffffff9845244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.073640] Call Trace: [ 142.073800] <TASK> [ 142.074074] drm_test_rect_calc_hscale+0x108/0x270 [ 142.074493] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.074817] ? __schedule+0x10cc/0x2b60 [ 142.074966] ? __pfx_read_tsc+0x10/0x10 [ 142.075120] ? ktime_get_ts64+0x86/0x230 [ 142.075269] kunit_try_run_case+0x1a5/0x480 [ 142.075435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.075593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.076210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.077038] ? __kthread_parkme+0x82/0x180 [ 142.077399] ? preempt_count_sub+0x50/0x80 [ 142.077771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.078057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.078532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.078737] kthread+0x337/0x6f0 [ 142.078867] ? trace_preempt_on+0x20/0xc0 [ 142.079030] ? __pfx_kthread+0x10/0x10 [ 142.079184] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.079342] ? calculate_sigpending+0x7b/0xa0 [ 142.079587] ? __pfx_kthread+0x10/0x10 [ 142.080031] ret_from_fork+0x116/0x1d0 [ 142.080870] ? __pfx_kthread+0x10/0x10 [ 142.081241] ret_from_fork_asm+0x1a/0x30 [ 142.081781] </TASK> [ 142.082003] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.039673] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.040627] Modules linked in: [ 142.040802] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.041664] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.042072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.042762] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.043197] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 5b e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.044739] RSP: 0000:ffff88810b6f7c78 EFLAGS: 00010286 [ 142.045173] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.045939] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff96433d40 [ 142.046310] RBP: ffff88810b6f7ca0 R08: 0000000000000000 R09: ffffed10204780c0 [ 142.046756] R10: ffff8881023c0607 R11: 0000000000000000 R12: ffffffff96433d28 [ 142.047062] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b6f7d38 [ 142.047347] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 142.048022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.048525] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 142.048924] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 142.049435] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.049857] Call Trace: [ 142.049992] <TASK> [ 142.050131] drm_test_rect_calc_hscale+0x108/0x270 [ 142.050359] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.050959] ? __schedule+0x10cc/0x2b60 [ 142.051469] ? __pfx_read_tsc+0x10/0x10 [ 142.051881] ? ktime_get_ts64+0x86/0x230 [ 142.052096] kunit_try_run_case+0x1a5/0x480 [ 142.052299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.052865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.053284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.053794] ? __kthread_parkme+0x82/0x180 [ 142.054027] ? preempt_count_sub+0x50/0x80 [ 142.054222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.054766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.055143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.055706] kthread+0x337/0x6f0 [ 142.055903] ? trace_preempt_on+0x20/0xc0 [ 142.056104] ? __pfx_kthread+0x10/0x10 [ 142.056286] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.056884] ? calculate_sigpending+0x7b/0xa0 [ 142.057186] ? __pfx_kthread+0x10/0x10 [ 142.057700] ret_from_fork+0x116/0x1d0 [ 142.057911] ? __pfx_kthread+0x10/0x10 [ 142.058106] ret_from_fork_asm+0x1a/0x30 [ 142.058302] </TASK> [ 142.058795] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.557251] ================================================================== [ 50.557758] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 50.557758] [ 50.558126] Use-after-free read at 0x(____ptrval____) (in kfence-#146): [ 50.558446] test_krealloc+0x6fc/0xbe0 [ 50.558599] kunit_try_run_case+0x1a5/0x480 [ 50.558790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.559032] kthread+0x337/0x6f0 [ 50.559178] ret_from_fork+0x116/0x1d0 [ 50.559321] ret_from_fork_asm+0x1a/0x30 [ 50.559523] [ 50.559623] kfence-#146: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 50.559623] [ 50.560036] allocated by task 355 on cpu 0 at 50.556635s (0.003398s ago): [ 50.560361] test_alloc+0x364/0x10f0 [ 50.560518] test_krealloc+0xad/0xbe0 [ 50.560649] kunit_try_run_case+0x1a5/0x480 [ 50.561387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.561675] kthread+0x337/0x6f0 [ 50.561855] ret_from_fork+0x116/0x1d0 [ 50.562034] ret_from_fork_asm+0x1a/0x30 [ 50.562245] [ 50.562344] freed by task 355 on cpu 0 at 50.556848s (0.005493s ago): [ 50.563000] krealloc_noprof+0x108/0x340 [ 50.563284] test_krealloc+0x226/0xbe0 [ 50.563523] kunit_try_run_case+0x1a5/0x480 [ 50.563716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.563949] kthread+0x337/0x6f0 [ 50.564114] ret_from_fork+0x116/0x1d0 [ 50.564281] ret_from_fork_asm+0x1a/0x30 [ 50.564761] [ 50.564887] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.565456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.565724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.566150] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.463709] ================================================================== [ 50.464145] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.464145] [ 50.464582] Use-after-free read at 0x(____ptrval____) (in kfence-#145): [ 50.465451] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.465877] kunit_try_run_case+0x1a5/0x480 [ 50.466066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.466348] kthread+0x337/0x6f0 [ 50.466887] ret_from_fork+0x116/0x1d0 [ 50.467059] ret_from_fork_asm+0x1a/0x30 [ 50.467253] [ 50.467356] kfence-#145: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 50.467356] [ 50.467945] allocated by task 353 on cpu 1 at 50.453615s (0.014328s ago): [ 50.468505] test_alloc+0x2a6/0x10f0 [ 50.468676] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 50.469080] kunit_try_run_case+0x1a5/0x480 [ 50.469271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.469649] kthread+0x337/0x6f0 [ 50.469898] ret_from_fork+0x116/0x1d0 [ 50.470073] ret_from_fork_asm+0x1a/0x30 [ 50.470391] [ 50.470476] freed by task 353 on cpu 1 at 50.453725s (0.016748s ago): [ 50.470753] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 50.470984] kunit_try_run_case+0x1a5/0x480 [ 50.471187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.471407] kthread+0x337/0x6f0 [ 50.471843] ret_from_fork+0x116/0x1d0 [ 50.472003] ret_from_fork_asm+0x1a/0x30 [ 50.472286] [ 50.472532] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.473084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.473345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.473798] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.090113] ================================================================== [ 25.090645] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 25.090645] [ 25.091493] Invalid read at 0x(____ptrval____): [ 25.091902] test_invalid_access+0xf0/0x210 [ 25.092478] kunit_try_run_case+0x1a5/0x480 [ 25.092754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.093028] kthread+0x337/0x6f0 [ 25.093191] ret_from_fork+0x116/0x1d0 [ 25.093705] ret_from_fork_asm+0x1a/0x30 [ 25.093916] [ 25.094028] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 25.094722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.094914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.095412] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.868916] ================================================================== [ 24.869322] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.869322] [ 24.869685] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#140): [ 24.870299] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.870659] kunit_try_run_case+0x1a5/0x480 [ 24.870854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.871041] kthread+0x337/0x6f0 [ 24.871245] ret_from_fork+0x116/0x1d0 [ 24.871435] ret_from_fork_asm+0x1a/0x30 [ 24.871692] [ 24.871791] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.871791] [ 24.872173] allocated by task 343 on cpu 1 at 24.868672s (0.003498s ago): [ 24.872495] test_alloc+0x364/0x10f0 [ 24.872686] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.872957] kunit_try_run_case+0x1a5/0x480 [ 24.873127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.873307] kthread+0x337/0x6f0 [ 24.873495] ret_from_fork+0x116/0x1d0 [ 24.873685] ret_from_fork_asm+0x1a/0x30 [ 24.873855] [ 24.873928] freed by task 343 on cpu 1 at 24.868806s (0.005119s ago): [ 24.874379] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.874641] kunit_try_run_case+0x1a5/0x480 [ 24.874844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.875101] kthread+0x337/0x6f0 [ 24.875275] ret_from_fork+0x116/0x1d0 [ 24.875503] ret_from_fork_asm+0x1a/0x30 [ 24.875656] [ 24.875751] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.876144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.876367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.876765] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.764807] ================================================================== [ 24.765204] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.765204] [ 24.765907] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#139): [ 24.766603] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.766947] kunit_try_run_case+0x1a5/0x480 [ 24.767183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.767676] kthread+0x337/0x6f0 [ 24.767952] ret_from_fork+0x116/0x1d0 [ 24.768137] ret_from_fork_asm+0x1a/0x30 [ 24.768299] [ 24.768590] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.768590] [ 24.769022] allocated by task 341 on cpu 0 at 24.764607s (0.004412s ago): [ 24.769542] test_alloc+0x364/0x10f0 [ 24.769823] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.770164] kunit_try_run_case+0x1a5/0x480 [ 24.770377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.770762] kthread+0x337/0x6f0 [ 24.771033] ret_from_fork+0x116/0x1d0 [ 24.771201] ret_from_fork_asm+0x1a/0x30 [ 24.771698] [ 24.771844] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.772419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.772635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.773160] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.980776] ================================================================== [ 19.981189] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.981189] [ 19.981587] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#93): [ 19.981961] test_corruption+0x216/0x3e0 [ 19.982172] kunit_try_run_case+0x1a5/0x480 [ 19.982326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.982572] kthread+0x337/0x6f0 [ 19.982783] ret_from_fork+0x116/0x1d0 [ 19.982977] ret_from_fork_asm+0x1a/0x30 [ 19.983129] [ 19.983202] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.983202] [ 19.983639] allocated by task 331 on cpu 0 at 19.980648s (0.002989s ago): [ 19.983922] test_alloc+0x2a6/0x10f0 [ 19.984116] test_corruption+0x1cb/0x3e0 [ 19.984281] kunit_try_run_case+0x1a5/0x480 [ 19.984429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.984663] kthread+0x337/0x6f0 [ 19.984881] ret_from_fork+0x116/0x1d0 [ 19.985085] ret_from_fork_asm+0x1a/0x30 [ 19.985293] [ 19.985392] freed by task 331 on cpu 0 at 19.980701s (0.004689s ago): [ 19.985667] test_corruption+0x216/0x3e0 [ 19.985810] kunit_try_run_case+0x1a5/0x480 [ 19.986031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.986260] kthread+0x337/0x6f0 [ 19.986441] ret_from_fork+0x116/0x1d0 [ 19.986578] ret_from_fork_asm+0x1a/0x30 [ 19.986772] [ 19.986893] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.987348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.987588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.987861] ================================================================== [ 19.252772] ================================================================== [ 19.253185] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.253185] [ 19.253564] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 19.254190] test_corruption+0x131/0x3e0 [ 19.254356] kunit_try_run_case+0x1a5/0x480 [ 19.254556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.254734] kthread+0x337/0x6f0 [ 19.254908] ret_from_fork+0x116/0x1d0 [ 19.255107] ret_from_fork_asm+0x1a/0x30 [ 19.255314] [ 19.255411] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.255411] [ 19.255736] allocated by task 331 on cpu 0 at 19.252641s (0.003092s ago): [ 19.256068] test_alloc+0x2a6/0x10f0 [ 19.256245] test_corruption+0xe6/0x3e0 [ 19.256463] kunit_try_run_case+0x1a5/0x480 [ 19.256616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.256872] kthread+0x337/0x6f0 [ 19.257025] ret_from_fork+0x116/0x1d0 [ 19.257203] ret_from_fork_asm+0x1a/0x30 [ 19.257344] [ 19.257416] freed by task 331 on cpu 0 at 19.252696s (0.004717s ago): [ 19.257624] test_corruption+0x131/0x3e0 [ 19.257820] kunit_try_run_case+0x1a5/0x480 [ 19.258051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.258305] kthread+0x337/0x6f0 [ 19.258498] ret_from_fork+0x116/0x1d0 [ 19.258631] ret_from_fork_asm+0x1a/0x30 [ 19.258769] [ 19.258889] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.259384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.259586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.259983] ================================================================== [ 18.628910] ================================================================== [ 18.629327] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.629327] [ 18.629718] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 18.630953] test_corruption+0x2d2/0x3e0 [ 18.631276] kunit_try_run_case+0x1a5/0x480 [ 18.631496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.631901] kthread+0x337/0x6f0 [ 18.632109] ret_from_fork+0x116/0x1d0 [ 18.632420] ret_from_fork_asm+0x1a/0x30 [ 18.632712] [ 18.632815] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.632815] [ 18.633385] allocated by task 329 on cpu 1 at 18.628686s (0.004677s ago): [ 18.633839] test_alloc+0x364/0x10f0 [ 18.634050] test_corruption+0xe6/0x3e0 [ 18.634216] kunit_try_run_case+0x1a5/0x480 [ 18.634622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.634947] kthread+0x337/0x6f0 [ 18.635207] ret_from_fork+0x116/0x1d0 [ 18.635413] ret_from_fork_asm+0x1a/0x30 [ 18.635726] [ 18.635840] freed by task 329 on cpu 1 at 18.628762s (0.007076s ago): [ 18.636265] test_corruption+0x2d2/0x3e0 [ 18.636567] kunit_try_run_case+0x1a5/0x480 [ 18.636759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.637057] kthread+0x337/0x6f0 [ 18.637374] ret_from_fork+0x116/0x1d0 [ 18.637689] ret_from_fork_asm+0x1a/0x30 [ 18.637942] [ 18.638090] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.638732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.638933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.639313] ================================================================== [ 18.732859] ================================================================== [ 18.733259] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.733259] [ 18.733643] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 18.734079] test_corruption+0x2df/0x3e0 [ 18.734253] kunit_try_run_case+0x1a5/0x480 [ 18.734456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.734782] kthread+0x337/0x6f0 [ 18.734948] ret_from_fork+0x116/0x1d0 [ 18.735092] ret_from_fork_asm+0x1a/0x30 [ 18.735275] [ 18.735374] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.735374] [ 18.735840] allocated by task 329 on cpu 1 at 18.732625s (0.003212s ago): [ 18.736164] test_alloc+0x364/0x10f0 [ 18.736367] test_corruption+0x1cb/0x3e0 [ 18.736559] kunit_try_run_case+0x1a5/0x480 [ 18.736771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.737035] kthread+0x337/0x6f0 [ 18.737153] ret_from_fork+0x116/0x1d0 [ 18.737298] ret_from_fork_asm+0x1a/0x30 [ 18.737639] [ 18.737758] freed by task 329 on cpu 1 at 18.732711s (0.005045s ago): [ 18.738053] test_corruption+0x2df/0x3e0 [ 18.738246] kunit_try_run_case+0x1a5/0x480 [ 18.738465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.738741] kthread+0x337/0x6f0 [ 18.738906] ret_from_fork+0x116/0x1d0 [ 18.739280] ret_from_fork_asm+0x1a/0x30 [ 18.739444] [ 18.739553] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.740137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.740340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.740787] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.524765] ================================================================== [ 18.525164] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.525164] [ 18.525574] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 18.525859] test_invalid_addr_free+0xfb/0x260 [ 18.526045] kunit_try_run_case+0x1a5/0x480 [ 18.526212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.526538] kthread+0x337/0x6f0 [ 18.526695] ret_from_fork+0x116/0x1d0 [ 18.526829] ret_from_fork_asm+0x1a/0x30 [ 18.527026] [ 18.527123] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.527123] [ 18.527562] allocated by task 327 on cpu 0 at 18.524660s (0.002900s ago): [ 18.527780] test_alloc+0x2a6/0x10f0 [ 18.527964] test_invalid_addr_free+0xdb/0x260 [ 18.528191] kunit_try_run_case+0x1a5/0x480 [ 18.528399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.528641] kthread+0x337/0x6f0 [ 18.528865] ret_from_fork+0x116/0x1d0 [ 18.529028] ret_from_fork_asm+0x1a/0x30 [ 18.529168] [ 18.529259] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.529702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.529893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.530226] ================================================================== [ 18.420786] ================================================================== [ 18.421195] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.421195] [ 18.421616] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.422202] test_invalid_addr_free+0x1e1/0x260 [ 18.422369] kunit_try_run_case+0x1a5/0x480 [ 18.422592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.422823] kthread+0x337/0x6f0 [ 18.422990] ret_from_fork+0x116/0x1d0 [ 18.423188] ret_from_fork_asm+0x1a/0x30 [ 18.423392] [ 18.423471] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.423471] [ 18.423870] allocated by task 325 on cpu 1 at 18.420663s (0.003204s ago): [ 18.424797] test_alloc+0x364/0x10f0 [ 18.424983] test_invalid_addr_free+0xdb/0x260 [ 18.425330] kunit_try_run_case+0x1a5/0x480 [ 18.425506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.425877] kthread+0x337/0x6f0 [ 18.426124] ret_from_fork+0x116/0x1d0 [ 18.426359] ret_from_fork_asm+0x1a/0x30 [ 18.426628] [ 18.426805] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.427329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.427629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.428086] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.316834] ================================================================== [ 18.317243] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.317243] [ 18.317571] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.317850] test_double_free+0x112/0x260 [ 18.318070] kunit_try_run_case+0x1a5/0x480 [ 18.318264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.318989] kthread+0x337/0x6f0 [ 18.319138] ret_from_fork+0x116/0x1d0 [ 18.319678] ret_from_fork_asm+0x1a/0x30 [ 18.319940] [ 18.320045] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.320045] [ 18.320556] allocated by task 323 on cpu 0 at 18.316678s (0.003876s ago): [ 18.320838] test_alloc+0x2a6/0x10f0 [ 18.321043] test_double_free+0xdb/0x260 [ 18.321216] kunit_try_run_case+0x1a5/0x480 [ 18.321410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.322020] kthread+0x337/0x6f0 [ 18.322194] ret_from_fork+0x116/0x1d0 [ 18.322572] ret_from_fork_asm+0x1a/0x30 [ 18.322781] [ 18.322875] freed by task 323 on cpu 0 at 18.316723s (0.006150s ago): [ 18.323167] test_double_free+0xfa/0x260 [ 18.323350] kunit_try_run_case+0x1a5/0x480 [ 18.323960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.324291] kthread+0x337/0x6f0 [ 18.324422] ret_from_fork+0x116/0x1d0 [ 18.324661] ret_from_fork_asm+0x1a/0x30 [ 18.324828] [ 18.324959] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.325388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.325582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.326078] ================================================================== [ 18.212870] ================================================================== [ 18.213321] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.213321] [ 18.213749] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.214082] test_double_free+0x1d3/0x260 [ 18.214271] kunit_try_run_case+0x1a5/0x480 [ 18.214435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.214835] kthread+0x337/0x6f0 [ 18.215039] ret_from_fork+0x116/0x1d0 [ 18.215210] ret_from_fork_asm+0x1a/0x30 [ 18.215420] [ 18.215517] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.215517] [ 18.215879] allocated by task 321 on cpu 1 at 18.212620s (0.003256s ago): [ 18.216232] test_alloc+0x364/0x10f0 [ 18.216399] test_double_free+0xdb/0x260 [ 18.216608] kunit_try_run_case+0x1a5/0x480 [ 18.216822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.217109] kthread+0x337/0x6f0 [ 18.217276] ret_from_fork+0x116/0x1d0 [ 18.217469] ret_from_fork_asm+0x1a/0x30 [ 18.217612] [ 18.217712] freed by task 321 on cpu 1 at 18.212679s (0.005030s ago): [ 18.218039] test_double_free+0x1e0/0x260 [ 18.218217] kunit_try_run_case+0x1a5/0x480 [ 18.218412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.218655] kthread+0x337/0x6f0 [ 18.218802] ret_from_fork+0x116/0x1d0 [ 18.218999] ret_from_fork_asm+0x1a/0x30 [ 18.219175] [ 18.219315] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.219771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.219981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.220344] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.796879] ================================================================== [ 17.797366] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.797366] [ 17.797776] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 17.798104] test_use_after_free_read+0x129/0x270 [ 17.798292] kunit_try_run_case+0x1a5/0x480 [ 17.798442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.798697] kthread+0x337/0x6f0 [ 17.798997] ret_from_fork+0x116/0x1d0 [ 17.799171] ret_from_fork_asm+0x1a/0x30 [ 17.799462] [ 17.799599] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.799599] [ 17.800061] allocated by task 313 on cpu 0 at 17.796658s (0.003400s ago): [ 17.800387] test_alloc+0x364/0x10f0 [ 17.800610] test_use_after_free_read+0xdc/0x270 [ 17.800836] kunit_try_run_case+0x1a5/0x480 [ 17.801038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.801207] kthread+0x337/0x6f0 [ 17.801329] ret_from_fork+0x116/0x1d0 [ 17.801774] ret_from_fork_asm+0x1a/0x30 [ 17.801981] [ 17.802224] freed by task 313 on cpu 0 at 17.796723s (0.005406s ago): [ 17.803255] test_use_after_free_read+0x1e7/0x270 [ 17.803633] kunit_try_run_case+0x1a5/0x480 [ 17.804107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.804378] kthread+0x337/0x6f0 [ 17.804553] ret_from_fork+0x116/0x1d0 [ 17.804722] ret_from_fork_asm+0x1a/0x30 [ 17.804939] [ 17.805061] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.805533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.805723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.806099] ================================================================== [ 17.900813] ================================================================== [ 17.901239] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.901239] [ 17.901677] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 17.901959] test_use_after_free_read+0x129/0x270 [ 17.902185] kunit_try_run_case+0x1a5/0x480 [ 17.902382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.903220] kthread+0x337/0x6f0 [ 17.903378] ret_from_fork+0x116/0x1d0 [ 17.903582] ret_from_fork_asm+0x1a/0x30 [ 17.903880] [ 17.903965] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.903965] [ 17.904347] allocated by task 315 on cpu 1 at 17.900694s (0.003651s ago): [ 17.904974] test_alloc+0x2a6/0x10f0 [ 17.905239] test_use_after_free_read+0xdc/0x270 [ 17.905495] kunit_try_run_case+0x1a5/0x480 [ 17.905857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.906191] kthread+0x337/0x6f0 [ 17.906337] ret_from_fork+0x116/0x1d0 [ 17.906635] ret_from_fork_asm+0x1a/0x30 [ 17.906789] [ 17.906889] freed by task 315 on cpu 1 at 17.900731s (0.006155s ago): [ 17.907220] test_use_after_free_read+0xfb/0x270 [ 17.907410] kunit_try_run_case+0x1a5/0x480 [ 17.907893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.908240] kthread+0x337/0x6f0 [ 17.908381] ret_from_fork+0x116/0x1d0 [ 17.908588] ret_from_fork_asm+0x1a/0x30 [ 17.908934] [ 17.909063] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.909684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.909955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.910445] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.484804] ================================================================== [ 17.485266] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.485266] [ 17.485758] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 17.486102] test_out_of_bounds_write+0x10d/0x260 [ 17.486316] kunit_try_run_case+0x1a5/0x480 [ 17.486590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.486774] kthread+0x337/0x6f0 [ 17.486908] ret_from_fork+0x116/0x1d0 [ 17.487115] ret_from_fork_asm+0x1a/0x30 [ 17.487320] [ 17.487438] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.487438] [ 17.487869] allocated by task 309 on cpu 0 at 17.484688s (0.003179s ago): [ 17.488123] test_alloc+0x364/0x10f0 [ 17.488356] test_out_of_bounds_write+0xd4/0x260 [ 17.488589] kunit_try_run_case+0x1a5/0x480 [ 17.488795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.489026] kthread+0x337/0x6f0 [ 17.489201] ret_from_fork+0x116/0x1d0 [ 17.489333] ret_from_fork_asm+0x1a/0x30 [ 17.489475] [ 17.489635] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.490136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.490275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.490828] ================================================================== [ 17.692636] ================================================================== [ 17.693079] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.693079] [ 17.693628] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 17.693981] test_out_of_bounds_write+0x10d/0x260 [ 17.694197] kunit_try_run_case+0x1a5/0x480 [ 17.694419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694618] kthread+0x337/0x6f0 [ 17.694769] ret_from_fork+0x116/0x1d0 [ 17.694937] ret_from_fork_asm+0x1a/0x30 [ 17.695154] [ 17.695265] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.695265] [ 17.695683] allocated by task 311 on cpu 1 at 17.692573s (0.003108s ago): [ 17.696170] test_alloc+0x2a6/0x10f0 [ 17.696361] test_out_of_bounds_write+0xd4/0x260 [ 17.696597] kunit_try_run_case+0x1a5/0x480 [ 17.696804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.697073] kthread+0x337/0x6f0 [ 17.697201] ret_from_fork+0x116/0x1d0 [ 17.697328] ret_from_fork_asm+0x1a/0x30 [ 17.697739] [ 17.697865] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.698306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.698525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.698919] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.756727] ================================================================== [ 16.757127] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.757127] [ 16.757600] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.757927] test_out_of_bounds_read+0x126/0x4e0 [ 16.758177] kunit_try_run_case+0x1a5/0x480 [ 16.758392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.758569] kthread+0x337/0x6f0 [ 16.758733] ret_from_fork+0x116/0x1d0 [ 16.758951] ret_from_fork_asm+0x1a/0x30 [ 16.759172] [ 16.759287] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.759287] [ 16.759624] allocated by task 307 on cpu 0 at 16.756671s (0.002950s ago): [ 16.760040] test_alloc+0x2a6/0x10f0 [ 16.760183] test_out_of_bounds_read+0xed/0x4e0 [ 16.760405] kunit_try_run_case+0x1a5/0x480 [ 16.760678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.761017] kthread+0x337/0x6f0 [ 16.761158] ret_from_fork+0x116/0x1d0 [ 16.761349] ret_from_fork_asm+0x1a/0x30 [ 16.761524] [ 16.761660] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.762152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.762457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.762712] ================================================================== [ 17.172732] ================================================================== [ 17.173151] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.173151] [ 17.173570] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 17.173956] test_out_of_bounds_read+0x216/0x4e0 [ 17.174243] kunit_try_run_case+0x1a5/0x480 [ 17.174475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.174674] kthread+0x337/0x6f0 [ 17.174796] ret_from_fork+0x116/0x1d0 [ 17.174927] ret_from_fork_asm+0x1a/0x30 [ 17.175169] [ 17.175269] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.175269] [ 17.175738] allocated by task 307 on cpu 0 at 17.172677s (0.003059s ago): [ 17.176054] test_alloc+0x2a6/0x10f0 [ 17.176238] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.176533] kunit_try_run_case+0x1a5/0x480 [ 17.176742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.176939] kthread+0x337/0x6f0 [ 17.177077] ret_from_fork+0x116/0x1d0 [ 17.177270] ret_from_fork_asm+0x1a/0x30 [ 17.177595] [ 17.177715] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.178167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.178357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.178741] ================================================================== [ 16.652865] ================================================================== [ 16.653291] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.653291] [ 16.653685] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 16.654043] test_out_of_bounds_read+0x216/0x4e0 [ 16.654252] kunit_try_run_case+0x1a5/0x480 [ 16.654431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.654753] kthread+0x337/0x6f0 [ 16.654946] ret_from_fork+0x116/0x1d0 [ 16.655118] ret_from_fork_asm+0x1a/0x30 [ 16.655279] [ 16.655380] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.655380] [ 16.655798] allocated by task 305 on cpu 0 at 16.652681s (0.003115s ago): [ 16.656110] test_alloc+0x364/0x10f0 [ 16.656264] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.656422] kunit_try_run_case+0x1a5/0x480 [ 16.656572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.656823] kthread+0x337/0x6f0 [ 16.657020] ret_from_fork+0x116/0x1d0 [ 16.657210] ret_from_fork_asm+0x1a/0x30 [ 16.657386] [ 16.657504] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.657927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.658115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.658583] ================================================================== [ 16.237863] ================================================================== [ 16.238325] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.238325] [ 16.238805] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#57): [ 16.239591] test_out_of_bounds_read+0x126/0x4e0 [ 16.239788] kunit_try_run_case+0x1a5/0x480 [ 16.240022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.240249] kthread+0x337/0x6f0 [ 16.240773] ret_from_fork+0x116/0x1d0 [ 16.240982] ret_from_fork_asm+0x1a/0x30 [ 16.241179] [ 16.241579] kfence-#57: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.241579] [ 16.242351] allocated by task 305 on cpu 0 at 16.236649s (0.005512s ago): [ 16.243041] test_alloc+0x364/0x10f0 [ 16.243253] test_out_of_bounds_read+0xed/0x4e0 [ 16.243452] kunit_try_run_case+0x1a5/0x480 [ 16.243944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.244461] kthread+0x337/0x6f0 [ 16.244596] ret_from_fork+0x116/0x1d0 [ 16.244735] ret_from_fork_asm+0x1a/0x30 [ 16.244943] [ 16.245110] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.245861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.246035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.246422] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.075934] ================================================================== [ 16.076280] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.076653] Write of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 16.076993] [ 16.077110] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.077151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.077163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.077184] Call Trace: [ 16.077197] <TASK> [ 16.077211] dump_stack_lvl+0x73/0xb0 [ 16.077238] print_report+0xd1/0x610 [ 16.077260] ? __virt_addr_valid+0x1db/0x2d0 [ 16.077283] ? strncpy_from_user+0x2e/0x1d0 [ 16.077306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.077329] ? strncpy_from_user+0x2e/0x1d0 [ 16.077352] kasan_report+0x141/0x180 [ 16.077374] ? strncpy_from_user+0x2e/0x1d0 [ 16.077680] kasan_check_range+0x10c/0x1c0 [ 16.077707] __kasan_check_write+0x18/0x20 [ 16.077727] strncpy_from_user+0x2e/0x1d0 [ 16.077750] ? __kasan_check_read+0x15/0x20 [ 16.077772] copy_user_test_oob+0x760/0x10f0 [ 16.077800] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.077824] ? finish_task_switch.isra.0+0x153/0x700 [ 16.077846] ? __switch_to+0x47/0xf50 [ 16.077871] ? __schedule+0x10cc/0x2b60 [ 16.077893] ? __pfx_read_tsc+0x10/0x10 [ 16.077915] ? ktime_get_ts64+0x86/0x230 [ 16.077939] kunit_try_run_case+0x1a5/0x480 [ 16.077963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.077986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.078023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.078047] ? __kthread_parkme+0x82/0x180 [ 16.078888] ? preempt_count_sub+0x50/0x80 [ 16.078917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.078943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.078967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.078992] kthread+0x337/0x6f0 [ 16.079027] ? trace_preempt_on+0x20/0xc0 [ 16.079052] ? __pfx_kthread+0x10/0x10 [ 16.079074] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.079096] ? calculate_sigpending+0x7b/0xa0 [ 16.079119] ? __pfx_kthread+0x10/0x10 [ 16.079141] ret_from_fork+0x116/0x1d0 [ 16.079160] ? __pfx_kthread+0x10/0x10 [ 16.079180] ret_from_fork_asm+0x1a/0x30 [ 16.079210] </TASK> [ 16.079221] [ 16.092661] Allocated by task 303: [ 16.093056] kasan_save_stack+0x45/0x70 [ 16.093499] kasan_save_track+0x18/0x40 [ 16.093842] kasan_save_alloc_info+0x3b/0x50 [ 16.094229] __kasan_kmalloc+0xb7/0xc0 [ 16.094568] __kmalloc_noprof+0x1c9/0x500 [ 16.094707] kunit_kmalloc_array+0x25/0x60 [ 16.094845] copy_user_test_oob+0xab/0x10f0 [ 16.094987] kunit_try_run_case+0x1a5/0x480 [ 16.095138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.095308] kthread+0x337/0x6f0 [ 16.095625] ret_from_fork+0x116/0x1d0 [ 16.096044] ret_from_fork_asm+0x1a/0x30 [ 16.096475] [ 16.096635] The buggy address belongs to the object at ffff888102fd1e00 [ 16.096635] which belongs to the cache kmalloc-128 of size 128 [ 16.097806] The buggy address is located 0 bytes inside of [ 16.097806] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.098926] [ 16.099098] The buggy address belongs to the physical page: [ 16.099629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.100183] flags: 0x200000000000000(node=0|zone=2) [ 16.100345] page_type: f5(slab) [ 16.100500] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.101113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.101419] page dumped because: kasan: bad access detected [ 16.102038] [ 16.102216] Memory state around the buggy address: [ 16.102584] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.102804] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.103028] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.103241] ^ [ 16.103581] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.104211] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.104907] ================================================================== [ 16.105909] ================================================================== [ 16.106650] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.107386] Write of size 1 at addr ffff888102fd1e78 by task kunit_try_catch/303 [ 16.108137] [ 16.108309] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.108351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.108363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.108385] Call Trace: [ 16.108399] <TASK> [ 16.108425] dump_stack_lvl+0x73/0xb0 [ 16.108454] print_report+0xd1/0x610 [ 16.108476] ? __virt_addr_valid+0x1db/0x2d0 [ 16.108511] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.108560] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108584] kasan_report+0x141/0x180 [ 16.108607] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108636] __asan_report_store1_noabort+0x1b/0x30 [ 16.108661] strncpy_from_user+0x1a5/0x1d0 [ 16.108686] copy_user_test_oob+0x760/0x10f0 [ 16.108712] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.108735] ? finish_task_switch.isra.0+0x153/0x700 [ 16.108757] ? __switch_to+0x47/0xf50 [ 16.108783] ? __schedule+0x10cc/0x2b60 [ 16.108805] ? __pfx_read_tsc+0x10/0x10 [ 16.108828] ? ktime_get_ts64+0x86/0x230 [ 16.108852] kunit_try_run_case+0x1a5/0x480 [ 16.108876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.108923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.108946] ? __kthread_parkme+0x82/0x180 [ 16.108966] ? preempt_count_sub+0x50/0x80 [ 16.108996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.109029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.109053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.109076] kthread+0x337/0x6f0 [ 16.109096] ? trace_preempt_on+0x20/0xc0 [ 16.109119] ? __pfx_kthread+0x10/0x10 [ 16.109140] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.109162] ? calculate_sigpending+0x7b/0xa0 [ 16.109184] ? __pfx_kthread+0x10/0x10 [ 16.109206] ret_from_fork+0x116/0x1d0 [ 16.109224] ? __pfx_kthread+0x10/0x10 [ 16.109244] ret_from_fork_asm+0x1a/0x30 [ 16.109276] </TASK> [ 16.109287] [ 16.122070] Allocated by task 303: [ 16.122429] kasan_save_stack+0x45/0x70 [ 16.122711] kasan_save_track+0x18/0x40 [ 16.123097] kasan_save_alloc_info+0x3b/0x50 [ 16.123258] __kasan_kmalloc+0xb7/0xc0 [ 16.123531] __kmalloc_noprof+0x1c9/0x500 [ 16.123926] kunit_kmalloc_array+0x25/0x60 [ 16.124344] copy_user_test_oob+0xab/0x10f0 [ 16.124644] kunit_try_run_case+0x1a5/0x480 [ 16.124916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.125138] kthread+0x337/0x6f0 [ 16.125261] ret_from_fork+0x116/0x1d0 [ 16.125415] ret_from_fork_asm+0x1a/0x30 [ 16.125782] [ 16.125962] The buggy address belongs to the object at ffff888102fd1e00 [ 16.125962] which belongs to the cache kmalloc-128 of size 128 [ 16.127111] The buggy address is located 0 bytes to the right of [ 16.127111] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.128258] [ 16.128436] The buggy address belongs to the physical page: [ 16.128833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.129096] flags: 0x200000000000000(node=0|zone=2) [ 16.129259] page_type: f5(slab) [ 16.129379] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.129692] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.130037] page dumped because: kasan: bad access detected [ 16.130276] [ 16.130381] Memory state around the buggy address: [ 16.130597] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.130844] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.131179] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.131441] ^ [ 16.131751] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.132103] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.132391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.023436] ================================================================== [ 16.023779] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.024121] Read of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 16.024464] [ 16.024551] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.024592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.024605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.024626] Call Trace: [ 16.024640] <TASK> [ 16.024655] dump_stack_lvl+0x73/0xb0 [ 16.024681] print_report+0xd1/0x610 [ 16.024705] ? __virt_addr_valid+0x1db/0x2d0 [ 16.024727] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.024752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.024774] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.024798] kasan_report+0x141/0x180 [ 16.024820] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.024848] kasan_check_range+0x10c/0x1c0 [ 16.024872] __kasan_check_read+0x15/0x20 [ 16.024891] copy_user_test_oob+0x4aa/0x10f0 [ 16.024918] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.024941] ? finish_task_switch.isra.0+0x153/0x700 [ 16.024963] ? __switch_to+0x47/0xf50 [ 16.024995] ? __schedule+0x10cc/0x2b60 [ 16.025028] ? __pfx_read_tsc+0x10/0x10 [ 16.025050] ? ktime_get_ts64+0x86/0x230 [ 16.025073] kunit_try_run_case+0x1a5/0x480 [ 16.025097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.025120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.025144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.025168] ? __kthread_parkme+0x82/0x180 [ 16.025189] ? preempt_count_sub+0x50/0x80 [ 16.025213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.025237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.025261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.025285] kthread+0x337/0x6f0 [ 16.025306] ? trace_preempt_on+0x20/0xc0 [ 16.025329] ? __pfx_kthread+0x10/0x10 [ 16.025350] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.025371] ? calculate_sigpending+0x7b/0xa0 [ 16.025408] ? __pfx_kthread+0x10/0x10 [ 16.025430] ret_from_fork+0x116/0x1d0 [ 16.025450] ? __pfx_kthread+0x10/0x10 [ 16.025470] ret_from_fork_asm+0x1a/0x30 [ 16.025500] </TASK> [ 16.025510] [ 16.032757] Allocated by task 303: [ 16.032934] kasan_save_stack+0x45/0x70 [ 16.033121] kasan_save_track+0x18/0x40 [ 16.033289] kasan_save_alloc_info+0x3b/0x50 [ 16.033566] __kasan_kmalloc+0xb7/0xc0 [ 16.033745] __kmalloc_noprof+0x1c9/0x500 [ 16.033907] kunit_kmalloc_array+0x25/0x60 [ 16.034059] copy_user_test_oob+0xab/0x10f0 [ 16.034274] kunit_try_run_case+0x1a5/0x480 [ 16.034576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.034775] kthread+0x337/0x6f0 [ 16.034942] ret_from_fork+0x116/0x1d0 [ 16.035104] ret_from_fork_asm+0x1a/0x30 [ 16.035302] [ 16.035394] The buggy address belongs to the object at ffff888102fd1e00 [ 16.035394] which belongs to the cache kmalloc-128 of size 128 [ 16.035844] The buggy address is located 0 bytes inside of [ 16.035844] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.036329] [ 16.036404] The buggy address belongs to the physical page: [ 16.036653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.036949] flags: 0x200000000000000(node=0|zone=2) [ 16.037174] page_type: f5(slab) [ 16.037313] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.037713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.037947] page dumped because: kasan: bad access detected [ 16.038184] [ 16.038279] Memory state around the buggy address: [ 16.038620] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.038850] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.039180] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.039497] ^ [ 16.039719] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.039941] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.040240] ================================================================== [ 16.006103] ================================================================== [ 16.006476] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.006757] Write of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 16.007087] [ 16.007172] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.007214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.007226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.007246] Call Trace: [ 16.007259] <TASK> [ 16.007273] dump_stack_lvl+0x73/0xb0 [ 16.007302] print_report+0xd1/0x610 [ 16.007324] ? __virt_addr_valid+0x1db/0x2d0 [ 16.007347] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.007371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.007393] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.007431] kasan_report+0x141/0x180 [ 16.007454] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.007482] kasan_check_range+0x10c/0x1c0 [ 16.007506] __kasan_check_write+0x18/0x20 [ 16.007525] copy_user_test_oob+0x3fd/0x10f0 [ 16.007550] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.007573] ? finish_task_switch.isra.0+0x153/0x700 [ 16.007595] ? __switch_to+0x47/0xf50 [ 16.007620] ? __schedule+0x10cc/0x2b60 [ 16.007643] ? __pfx_read_tsc+0x10/0x10 [ 16.007665] ? ktime_get_ts64+0x86/0x230 [ 16.007688] kunit_try_run_case+0x1a5/0x480 [ 16.007713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.007736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.007760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.007784] ? __kthread_parkme+0x82/0x180 [ 16.007804] ? preempt_count_sub+0x50/0x80 [ 16.007828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.007852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.007877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.007902] kthread+0x337/0x6f0 [ 16.007921] ? trace_preempt_on+0x20/0xc0 [ 16.007944] ? __pfx_kthread+0x10/0x10 [ 16.007966] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.007987] ? calculate_sigpending+0x7b/0xa0 [ 16.008021] ? __pfx_kthread+0x10/0x10 [ 16.008043] ret_from_fork+0x116/0x1d0 [ 16.008062] ? __pfx_kthread+0x10/0x10 [ 16.008083] ret_from_fork_asm+0x1a/0x30 [ 16.008113] </TASK> [ 16.008123] [ 16.015242] Allocated by task 303: [ 16.015452] kasan_save_stack+0x45/0x70 [ 16.015652] kasan_save_track+0x18/0x40 [ 16.015850] kasan_save_alloc_info+0x3b/0x50 [ 16.016074] __kasan_kmalloc+0xb7/0xc0 [ 16.016237] __kmalloc_noprof+0x1c9/0x500 [ 16.016376] kunit_kmalloc_array+0x25/0x60 [ 16.016588] copy_user_test_oob+0xab/0x10f0 [ 16.016800] kunit_try_run_case+0x1a5/0x480 [ 16.017001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.017188] kthread+0x337/0x6f0 [ 16.017360] ret_from_fork+0x116/0x1d0 [ 16.017558] ret_from_fork_asm+0x1a/0x30 [ 16.017737] [ 16.017825] The buggy address belongs to the object at ffff888102fd1e00 [ 16.017825] which belongs to the cache kmalloc-128 of size 128 [ 16.018307] The buggy address is located 0 bytes inside of [ 16.018307] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.018805] [ 16.018904] The buggy address belongs to the physical page: [ 16.019118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.019478] flags: 0x200000000000000(node=0|zone=2) [ 16.019647] page_type: f5(slab) [ 16.019767] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.019998] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.020233] page dumped because: kasan: bad access detected [ 16.020404] [ 16.020473] Memory state around the buggy address: [ 16.020670] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.021356] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.021673] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.021985] ^ [ 16.022305] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.022619] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.022955] ================================================================== [ 16.040890] ================================================================== [ 16.041427] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.041706] Write of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 16.041994] [ 16.042114] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.042157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.042168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.042190] Call Trace: [ 16.042203] <TASK> [ 16.042218] dump_stack_lvl+0x73/0xb0 [ 16.042245] print_report+0xd1/0x610 [ 16.042268] ? __virt_addr_valid+0x1db/0x2d0 [ 16.042290] ? copy_user_test_oob+0x557/0x10f0 [ 16.042313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.042335] ? copy_user_test_oob+0x557/0x10f0 [ 16.042359] kasan_report+0x141/0x180 [ 16.042383] ? copy_user_test_oob+0x557/0x10f0 [ 16.042419] kasan_check_range+0x10c/0x1c0 [ 16.042443] __kasan_check_write+0x18/0x20 [ 16.042462] copy_user_test_oob+0x557/0x10f0 [ 16.042488] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.042511] ? finish_task_switch.isra.0+0x153/0x700 [ 16.042532] ? __switch_to+0x47/0xf50 [ 16.042557] ? __schedule+0x10cc/0x2b60 [ 16.042579] ? __pfx_read_tsc+0x10/0x10 [ 16.042602] ? ktime_get_ts64+0x86/0x230 [ 16.042626] kunit_try_run_case+0x1a5/0x480 [ 16.042651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.042674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.042698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.042722] ? __kthread_parkme+0x82/0x180 [ 16.042743] ? preempt_count_sub+0x50/0x80 [ 16.042766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.042790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.042814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.042838] kthread+0x337/0x6f0 [ 16.042857] ? trace_preempt_on+0x20/0xc0 [ 16.042880] ? __pfx_kthread+0x10/0x10 [ 16.042901] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.042923] ? calculate_sigpending+0x7b/0xa0 [ 16.042947] ? __pfx_kthread+0x10/0x10 [ 16.042968] ret_from_fork+0x116/0x1d0 [ 16.042987] ? __pfx_kthread+0x10/0x10 [ 16.043018] ret_from_fork_asm+0x1a/0x30 [ 16.043049] </TASK> [ 16.043059] [ 16.049852] Allocated by task 303: [ 16.050040] kasan_save_stack+0x45/0x70 [ 16.050304] kasan_save_track+0x18/0x40 [ 16.050626] kasan_save_alloc_info+0x3b/0x50 [ 16.050836] __kasan_kmalloc+0xb7/0xc0 [ 16.051036] __kmalloc_noprof+0x1c9/0x500 [ 16.051191] kunit_kmalloc_array+0x25/0x60 [ 16.051336] copy_user_test_oob+0xab/0x10f0 [ 16.051722] kunit_try_run_case+0x1a5/0x480 [ 16.051927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.052113] kthread+0x337/0x6f0 [ 16.052235] ret_from_fork+0x116/0x1d0 [ 16.052367] ret_from_fork_asm+0x1a/0x30 [ 16.052572] [ 16.052666] The buggy address belongs to the object at ffff888102fd1e00 [ 16.052666] which belongs to the cache kmalloc-128 of size 128 [ 16.053226] The buggy address is located 0 bytes inside of [ 16.053226] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.053738] [ 16.053826] The buggy address belongs to the physical page: [ 16.054049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.054290] flags: 0x200000000000000(node=0|zone=2) [ 16.054682] page_type: f5(slab) [ 16.054848] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.055178] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.055503] page dumped because: kasan: bad access detected [ 16.055719] [ 16.055789] Memory state around the buggy address: [ 16.056021] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.056308] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.056603] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.056903] ^ [ 16.057204] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.057529] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.057812] ================================================================== [ 16.058280] ================================================================== [ 16.058614] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.058898] Read of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 16.059221] [ 16.059304] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.059343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.059356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.059375] Call Trace: [ 16.059388] <TASK> [ 16.059401] dump_stack_lvl+0x73/0xb0 [ 16.059427] print_report+0xd1/0x610 [ 16.059450] ? __virt_addr_valid+0x1db/0x2d0 [ 16.059472] ? copy_user_test_oob+0x604/0x10f0 [ 16.059496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.059518] ? copy_user_test_oob+0x604/0x10f0 [ 16.059542] kasan_report+0x141/0x180 [ 16.059564] ? copy_user_test_oob+0x604/0x10f0 [ 16.059592] kasan_check_range+0x10c/0x1c0 [ 16.059616] __kasan_check_read+0x15/0x20 [ 16.059635] copy_user_test_oob+0x604/0x10f0 [ 16.059660] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.059683] ? finish_task_switch.isra.0+0x153/0x700 [ 16.059705] ? __switch_to+0x47/0xf50 [ 16.059730] ? __schedule+0x10cc/0x2b60 [ 16.059753] ? __pfx_read_tsc+0x10/0x10 [ 16.059774] ? ktime_get_ts64+0x86/0x230 [ 16.059798] kunit_try_run_case+0x1a5/0x480 [ 16.059823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.059846] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.059870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.059894] ? __kthread_parkme+0x82/0x180 [ 16.059916] ? preempt_count_sub+0x50/0x80 [ 16.059941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.059967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.059991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.060025] kthread+0x337/0x6f0 [ 16.060046] ? trace_preempt_on+0x20/0xc0 [ 16.060068] ? __pfx_kthread+0x10/0x10 [ 16.060090] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.060111] ? calculate_sigpending+0x7b/0xa0 [ 16.060135] ? __pfx_kthread+0x10/0x10 [ 16.060158] ret_from_fork+0x116/0x1d0 [ 16.060178] ? __pfx_kthread+0x10/0x10 [ 16.060198] ret_from_fork_asm+0x1a/0x30 [ 16.060229] </TASK> [ 16.060239] [ 16.067554] Allocated by task 303: [ 16.067762] kasan_save_stack+0x45/0x70 [ 16.067962] kasan_save_track+0x18/0x40 [ 16.068164] kasan_save_alloc_info+0x3b/0x50 [ 16.068372] __kasan_kmalloc+0xb7/0xc0 [ 16.068565] __kmalloc_noprof+0x1c9/0x500 [ 16.068713] kunit_kmalloc_array+0x25/0x60 [ 16.068856] copy_user_test_oob+0xab/0x10f0 [ 16.069016] kunit_try_run_case+0x1a5/0x480 [ 16.069230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069601] kthread+0x337/0x6f0 [ 16.069770] ret_from_fork+0x116/0x1d0 [ 16.069962] ret_from_fork_asm+0x1a/0x30 [ 16.070142] [ 16.070235] The buggy address belongs to the object at ffff888102fd1e00 [ 16.070235] which belongs to the cache kmalloc-128 of size 128 [ 16.070714] The buggy address is located 0 bytes inside of [ 16.070714] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 16.071178] [ 16.071272] The buggy address belongs to the physical page: [ 16.071518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 16.071838] flags: 0x200000000000000(node=0|zone=2) [ 16.072039] page_type: f5(slab) [ 16.072196] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.072519] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.072836] page dumped because: kasan: bad access detected [ 16.073081] [ 16.073151] Memory state around the buggy address: [ 16.073304] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.073761] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.074114] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.074338] ^ [ 16.074725] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.075151] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.075393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.985141] ================================================================== [ 15.985479] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.985738] Read of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 15.986041] [ 15.986154] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.986197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.986209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.986230] Call Trace: [ 15.986243] <TASK> [ 15.986259] dump_stack_lvl+0x73/0xb0 [ 15.986285] print_report+0xd1/0x610 [ 15.986308] ? __virt_addr_valid+0x1db/0x2d0 [ 15.986330] ? _copy_to_user+0x3c/0x70 [ 15.986349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.986372] ? _copy_to_user+0x3c/0x70 [ 15.986391] kasan_report+0x141/0x180 [ 15.986422] ? _copy_to_user+0x3c/0x70 [ 15.986445] kasan_check_range+0x10c/0x1c0 [ 15.986469] __kasan_check_read+0x15/0x20 [ 15.986488] _copy_to_user+0x3c/0x70 [ 15.986508] copy_user_test_oob+0x364/0x10f0 [ 15.986534] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.986557] ? finish_task_switch.isra.0+0x153/0x700 [ 15.986579] ? __switch_to+0x47/0xf50 [ 15.986604] ? __schedule+0x10cc/0x2b60 [ 15.986626] ? __pfx_read_tsc+0x10/0x10 [ 15.986648] ? ktime_get_ts64+0x86/0x230 [ 15.986672] kunit_try_run_case+0x1a5/0x480 [ 15.986696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.986718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.986743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.986766] ? __kthread_parkme+0x82/0x180 [ 15.986787] ? preempt_count_sub+0x50/0x80 [ 15.986810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.986835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.986858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.986882] kthread+0x337/0x6f0 [ 15.986902] ? trace_preempt_on+0x20/0xc0 [ 15.986925] ? __pfx_kthread+0x10/0x10 [ 15.986946] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.986968] ? calculate_sigpending+0x7b/0xa0 [ 15.986991] ? __pfx_kthread+0x10/0x10 [ 15.987024] ret_from_fork+0x116/0x1d0 [ 15.987044] ? __pfx_kthread+0x10/0x10 [ 15.987065] ret_from_fork_asm+0x1a/0x30 [ 15.987096] </TASK> [ 15.987106] [ 15.994254] Allocated by task 303: [ 15.994423] kasan_save_stack+0x45/0x70 [ 15.994596] kasan_save_track+0x18/0x40 [ 15.994764] kasan_save_alloc_info+0x3b/0x50 [ 15.994913] __kasan_kmalloc+0xb7/0xc0 [ 15.995058] __kmalloc_noprof+0x1c9/0x500 [ 15.995251] kunit_kmalloc_array+0x25/0x60 [ 15.995459] copy_user_test_oob+0xab/0x10f0 [ 15.995669] kunit_try_run_case+0x1a5/0x480 [ 15.995922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.996109] kthread+0x337/0x6f0 [ 15.996229] ret_from_fork+0x116/0x1d0 [ 15.996385] ret_from_fork_asm+0x1a/0x30 [ 15.996594] [ 15.996688] The buggy address belongs to the object at ffff888102fd1e00 [ 15.996688] which belongs to the cache kmalloc-128 of size 128 [ 15.997249] The buggy address is located 0 bytes inside of [ 15.997249] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 15.997754] [ 15.997843] The buggy address belongs to the physical page: [ 15.998060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 15.998383] flags: 0x200000000000000(node=0|zone=2) [ 15.998602] page_type: f5(slab) [ 15.998757] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.999047] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.999275] page dumped because: kasan: bad access detected [ 15.999581] [ 15.999681] Memory state around the buggy address: [ 15.999902] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.000233] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.000547] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.000766] ^ [ 16.001100] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.001438] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.001714] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.959615] ================================================================== [ 15.960284] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.960820] Write of size 121 at addr ffff888102fd1e00 by task kunit_try_catch/303 [ 15.961446] [ 15.961733] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.961791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.961806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.961830] Call Trace: [ 15.961843] <TASK> [ 15.961873] dump_stack_lvl+0x73/0xb0 [ 15.961909] print_report+0xd1/0x610 [ 15.961933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.961957] ? _copy_from_user+0x32/0x90 [ 15.961977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.962002] ? _copy_from_user+0x32/0x90 [ 15.962032] kasan_report+0x141/0x180 [ 15.962055] ? _copy_from_user+0x32/0x90 [ 15.962079] kasan_check_range+0x10c/0x1c0 [ 15.962102] __kasan_check_write+0x18/0x20 [ 15.962121] _copy_from_user+0x32/0x90 [ 15.962142] copy_user_test_oob+0x2be/0x10f0 [ 15.962169] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.962193] ? finish_task_switch.isra.0+0x153/0x700 [ 15.962216] ? __switch_to+0x47/0xf50 [ 15.962243] ? __schedule+0x10cc/0x2b60 [ 15.962266] ? __pfx_read_tsc+0x10/0x10 [ 15.962289] ? ktime_get_ts64+0x86/0x230 [ 15.962314] kunit_try_run_case+0x1a5/0x480 [ 15.962339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.962362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.962387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.962411] ? __kthread_parkme+0x82/0x180 [ 15.962433] ? preempt_count_sub+0x50/0x80 [ 15.962456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.962481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.962504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.962528] kthread+0x337/0x6f0 [ 15.962548] ? trace_preempt_on+0x20/0xc0 [ 15.962572] ? __pfx_kthread+0x10/0x10 [ 15.962593] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.962614] ? calculate_sigpending+0x7b/0xa0 [ 15.962640] ? __pfx_kthread+0x10/0x10 [ 15.962661] ret_from_fork+0x116/0x1d0 [ 15.962681] ? __pfx_kthread+0x10/0x10 [ 15.962702] ret_from_fork_asm+0x1a/0x30 [ 15.962733] </TASK> [ 15.962745] [ 15.974261] Allocated by task 303: [ 15.974481] kasan_save_stack+0x45/0x70 [ 15.974655] kasan_save_track+0x18/0x40 [ 15.974794] kasan_save_alloc_info+0x3b/0x50 [ 15.974985] __kasan_kmalloc+0xb7/0xc0 [ 15.975186] __kmalloc_noprof+0x1c9/0x500 [ 15.975361] kunit_kmalloc_array+0x25/0x60 [ 15.975587] copy_user_test_oob+0xab/0x10f0 [ 15.975774] kunit_try_run_case+0x1a5/0x480 [ 15.975921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.976159] kthread+0x337/0x6f0 [ 15.976334] ret_from_fork+0x116/0x1d0 [ 15.976520] ret_from_fork_asm+0x1a/0x30 [ 15.976716] [ 15.976790] The buggy address belongs to the object at ffff888102fd1e00 [ 15.976790] which belongs to the cache kmalloc-128 of size 128 [ 15.977509] The buggy address is located 0 bytes inside of [ 15.977509] allocated 120-byte region [ffff888102fd1e00, ffff888102fd1e78) [ 15.977982] [ 15.978078] The buggy address belongs to the physical page: [ 15.978325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 15.978637] flags: 0x200000000000000(node=0|zone=2) [ 15.978858] page_type: f5(slab) [ 15.979018] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.979288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.979517] page dumped because: kasan: bad access detected [ 15.979689] [ 15.979783] Memory state around the buggy address: [ 15.980042] ffff888102fd1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.980359] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.980712] >ffff888102fd1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.980980] ^ [ 15.981205] ffff888102fd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981676] ffff888102fd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.982012] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.905536] ================================================================== [ 15.907067] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.907847] Read of size 8 at addr ffff888102fd1d78 by task kunit_try_catch/299 [ 15.908562] [ 15.908740] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.908788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.908802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.908825] Call Trace: [ 15.908837] <TASK> [ 15.908853] dump_stack_lvl+0x73/0xb0 [ 15.908906] print_report+0xd1/0x610 [ 15.908930] ? __virt_addr_valid+0x1db/0x2d0 [ 15.908954] ? copy_to_kernel_nofault+0x225/0x260 [ 15.908984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.909017] ? copy_to_kernel_nofault+0x225/0x260 [ 15.909041] kasan_report+0x141/0x180 [ 15.909064] ? copy_to_kernel_nofault+0x225/0x260 [ 15.909092] __asan_report_load8_noabort+0x18/0x20 [ 15.909117] copy_to_kernel_nofault+0x225/0x260 [ 15.909142] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.909166] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.909189] ? finish_task_switch.isra.0+0x153/0x700 [ 15.909212] ? __schedule+0x10cc/0x2b60 [ 15.909235] ? trace_hardirqs_on+0x37/0xe0 [ 15.909266] ? __pfx_read_tsc+0x10/0x10 [ 15.909288] ? ktime_get_ts64+0x86/0x230 [ 15.909312] kunit_try_run_case+0x1a5/0x480 [ 15.909340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.909369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.909393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.909417] ? __kthread_parkme+0x82/0x180 [ 15.909438] ? preempt_count_sub+0x50/0x80 [ 15.909461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.909486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.909509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.909533] kthread+0x337/0x6f0 [ 15.909553] ? trace_preempt_on+0x20/0xc0 [ 15.909576] ? __pfx_kthread+0x10/0x10 [ 15.909597] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.909619] ? calculate_sigpending+0x7b/0xa0 [ 15.909644] ? __pfx_kthread+0x10/0x10 [ 15.909666] ret_from_fork+0x116/0x1d0 [ 15.909685] ? __pfx_kthread+0x10/0x10 [ 15.909705] ret_from_fork_asm+0x1a/0x30 [ 15.909736] </TASK> [ 15.909748] [ 15.916956] Allocated by task 299: [ 15.917152] kasan_save_stack+0x45/0x70 [ 15.917444] kasan_save_track+0x18/0x40 [ 15.917790] kasan_save_alloc_info+0x3b/0x50 [ 15.917972] __kasan_kmalloc+0xb7/0xc0 [ 15.918119] __kmalloc_cache_noprof+0x189/0x420 [ 15.918279] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.918529] kunit_try_run_case+0x1a5/0x480 [ 15.918757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.919079] kthread+0x337/0x6f0 [ 15.919250] ret_from_fork+0x116/0x1d0 [ 15.919487] ret_from_fork_asm+0x1a/0x30 [ 15.919756] [ 15.919874] The buggy address belongs to the object at ffff888102fd1d00 [ 15.919874] which belongs to the cache kmalloc-128 of size 128 [ 15.920302] The buggy address is located 0 bytes to the right of [ 15.920302] allocated 120-byte region [ffff888102fd1d00, ffff888102fd1d78) [ 15.920868] [ 15.920975] The buggy address belongs to the physical page: [ 15.921166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 15.921496] flags: 0x200000000000000(node=0|zone=2) [ 15.921717] page_type: f5(slab) [ 15.921862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.922246] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.922574] page dumped because: kasan: bad access detected [ 15.922818] [ 15.922908] Memory state around the buggy address: [ 15.923097] ffff888102fd1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.923370] ffff888102fd1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.923586] >ffff888102fd1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.923798] ^ [ 15.924036] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.924253] ffff888102fd1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.924585] ================================================================== [ 15.925553] ================================================================== [ 15.926229] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.926574] Write of size 8 at addr ffff888102fd1d78 by task kunit_try_catch/299 [ 15.926878] [ 15.927071] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.927113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.927125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.927147] Call Trace: [ 15.927159] <TASK> [ 15.927172] dump_stack_lvl+0x73/0xb0 [ 15.927200] print_report+0xd1/0x610 [ 15.927223] ? __virt_addr_valid+0x1db/0x2d0 [ 15.927245] ? copy_to_kernel_nofault+0x99/0x260 [ 15.927269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.927292] ? copy_to_kernel_nofault+0x99/0x260 [ 15.927315] kasan_report+0x141/0x180 [ 15.927338] ? copy_to_kernel_nofault+0x99/0x260 [ 15.927373] kasan_check_range+0x10c/0x1c0 [ 15.927398] __kasan_check_write+0x18/0x20 [ 15.927417] copy_to_kernel_nofault+0x99/0x260 [ 15.927442] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.927466] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.927489] ? finish_task_switch.isra.0+0x153/0x700 [ 15.927512] ? __schedule+0x10cc/0x2b60 [ 15.927534] ? trace_hardirqs_on+0x37/0xe0 [ 15.927564] ? __pfx_read_tsc+0x10/0x10 [ 15.927586] ? ktime_get_ts64+0x86/0x230 [ 15.927609] kunit_try_run_case+0x1a5/0x480 [ 15.927633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.927657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.927680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.927704] ? __kthread_parkme+0x82/0x180 [ 15.927724] ? preempt_count_sub+0x50/0x80 [ 15.927747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.927772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.927795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.927820] kthread+0x337/0x6f0 [ 15.927840] ? trace_preempt_on+0x20/0xc0 [ 15.927862] ? __pfx_kthread+0x10/0x10 [ 15.927883] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.927904] ? calculate_sigpending+0x7b/0xa0 [ 15.927928] ? __pfx_kthread+0x10/0x10 [ 15.927949] ret_from_fork+0x116/0x1d0 [ 15.927968] ? __pfx_kthread+0x10/0x10 [ 15.927989] ret_from_fork_asm+0x1a/0x30 [ 15.928030] </TASK> [ 15.928040] [ 15.936799] Allocated by task 299: [ 15.937064] kasan_save_stack+0x45/0x70 [ 15.937321] kasan_save_track+0x18/0x40 [ 15.937540] kasan_save_alloc_info+0x3b/0x50 [ 15.937762] __kasan_kmalloc+0xb7/0xc0 [ 15.937941] __kmalloc_cache_noprof+0x189/0x420 [ 15.938143] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.938346] kunit_try_run_case+0x1a5/0x480 [ 15.938569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938903] kthread+0x337/0x6f0 [ 15.939071] ret_from_fork+0x116/0x1d0 [ 15.939257] ret_from_fork_asm+0x1a/0x30 [ 15.939402] [ 15.939474] The buggy address belongs to the object at ffff888102fd1d00 [ 15.939474] which belongs to the cache kmalloc-128 of size 128 [ 15.940126] The buggy address is located 0 bytes to the right of [ 15.940126] allocated 120-byte region [ffff888102fd1d00, ffff888102fd1d78) [ 15.940702] [ 15.940778] The buggy address belongs to the physical page: [ 15.941185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 15.942411] flags: 0x200000000000000(node=0|zone=2) [ 15.942579] page_type: f5(slab) [ 15.942703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.942940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.943558] page dumped because: kasan: bad access detected [ 15.943845] [ 15.943943] Memory state around the buggy address: [ 15.944199] ffff888102fd1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.944819] ffff888102fd1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945093] >ffff888102fd1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.945389] ^ [ 15.945824] ffff888102fd1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946071] ffff888102fd1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.949720] ================================================================== [ 14.950102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.950826] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.951533] [ 14.951788] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.951838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.951967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.951994] Call Trace: [ 14.952021] <TASK> [ 14.952037] dump_stack_lvl+0x73/0xb0 [ 14.952068] print_report+0xd1/0x610 [ 14.952090] ? __virt_addr_valid+0x1db/0x2d0 [ 14.952147] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.952168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.952190] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.952212] kasan_report+0x141/0x180 [ 14.952234] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.952261] __asan_report_load4_noabort+0x18/0x20 [ 14.952285] kasan_atomics_helper+0x4a36/0x5450 [ 14.952308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.952331] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.952392] ? kasan_atomics+0x152/0x310 [ 14.952432] kasan_atomics+0x1dc/0x310 [ 14.952455] ? __pfx_kasan_atomics+0x10/0x10 [ 14.952479] ? __pfx_read_tsc+0x10/0x10 [ 14.952501] ? ktime_get_ts64+0x86/0x230 [ 14.952525] kunit_try_run_case+0x1a5/0x480 [ 14.952549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.952594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.952617] ? __kthread_parkme+0x82/0x180 [ 14.952638] ? preempt_count_sub+0x50/0x80 [ 14.952661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.952732] kthread+0x337/0x6f0 [ 14.952751] ? trace_preempt_on+0x20/0xc0 [ 14.952774] ? __pfx_kthread+0x10/0x10 [ 14.952795] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.952816] ? calculate_sigpending+0x7b/0xa0 [ 14.952841] ? __pfx_kthread+0x10/0x10 [ 14.952863] ret_from_fork+0x116/0x1d0 [ 14.952881] ? __pfx_kthread+0x10/0x10 [ 14.952902] ret_from_fork_asm+0x1a/0x30 [ 14.952933] </TASK> [ 14.952945] [ 14.961262] Allocated by task 283: [ 14.961499] kasan_save_stack+0x45/0x70 [ 14.961724] kasan_save_track+0x18/0x40 [ 14.961883] kasan_save_alloc_info+0x3b/0x50 [ 14.962123] __kasan_kmalloc+0xb7/0xc0 [ 14.962312] __kmalloc_cache_noprof+0x189/0x420 [ 14.962590] kasan_atomics+0x95/0x310 [ 14.962767] kunit_try_run_case+0x1a5/0x480 [ 14.962983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.963279] kthread+0x337/0x6f0 [ 14.963472] ret_from_fork+0x116/0x1d0 [ 14.963693] ret_from_fork_asm+0x1a/0x30 [ 14.963898] [ 14.963972] The buggy address belongs to the object at ffff8881039b8880 [ 14.963972] which belongs to the cache kmalloc-64 of size 64 [ 14.964651] The buggy address is located 0 bytes to the right of [ 14.964651] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.965153] [ 14.965226] The buggy address belongs to the physical page: [ 14.965405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.965671] flags: 0x200000000000000(node=0|zone=2) [ 14.965905] page_type: f5(slab) [ 14.966082] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.966421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.966758] page dumped because: kasan: bad access detected [ 14.966973] [ 14.967071] Memory state around the buggy address: [ 14.967248] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.967636] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.967962] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.968247] ^ [ 14.968477] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968801] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969125] ================================================================== [ 15.469265] ================================================================== [ 15.469816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.470738] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.471069] [ 15.471154] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.471196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.471209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.471232] Call Trace: [ 15.471246] <TASK> [ 15.471261] dump_stack_lvl+0x73/0xb0 [ 15.471288] print_report+0xd1/0x610 [ 15.471310] ? __virt_addr_valid+0x1db/0x2d0 [ 15.471332] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.471353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.471532] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.471559] kasan_report+0x141/0x180 [ 15.471581] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.471608] kasan_check_range+0x10c/0x1c0 [ 15.471634] __kasan_check_write+0x18/0x20 [ 15.471653] kasan_atomics_helper+0x19e3/0x5450 [ 15.471676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.471697] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.471722] ? kasan_atomics+0x152/0x310 [ 15.471748] kasan_atomics+0x1dc/0x310 [ 15.471770] ? __pfx_kasan_atomics+0x10/0x10 [ 15.471795] ? __pfx_read_tsc+0x10/0x10 [ 15.471815] ? ktime_get_ts64+0x86/0x230 [ 15.471839] kunit_try_run_case+0x1a5/0x480 [ 15.471863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.471909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.471933] ? __kthread_parkme+0x82/0x180 [ 15.471953] ? preempt_count_sub+0x50/0x80 [ 15.471976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.472000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.472036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.472060] kthread+0x337/0x6f0 [ 15.472079] ? trace_preempt_on+0x20/0xc0 [ 15.472101] ? __pfx_kthread+0x10/0x10 [ 15.472122] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.472143] ? calculate_sigpending+0x7b/0xa0 [ 15.472167] ? __pfx_kthread+0x10/0x10 [ 15.472188] ret_from_fork+0x116/0x1d0 [ 15.472206] ? __pfx_kthread+0x10/0x10 [ 15.472227] ret_from_fork_asm+0x1a/0x30 [ 15.472257] </TASK> [ 15.472268] [ 15.485849] Allocated by task 283: [ 15.486051] kasan_save_stack+0x45/0x70 [ 15.486265] kasan_save_track+0x18/0x40 [ 15.486840] kasan_save_alloc_info+0x3b/0x50 [ 15.487047] __kasan_kmalloc+0xb7/0xc0 [ 15.487575] __kmalloc_cache_noprof+0x189/0x420 [ 15.487809] kasan_atomics+0x95/0x310 [ 15.488127] kunit_try_run_case+0x1a5/0x480 [ 15.488310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.488985] kthread+0x337/0x6f0 [ 15.489281] ret_from_fork+0x116/0x1d0 [ 15.489815] ret_from_fork_asm+0x1a/0x30 [ 15.490040] [ 15.490132] The buggy address belongs to the object at ffff8881039b8880 [ 15.490132] which belongs to the cache kmalloc-64 of size 64 [ 15.491188] The buggy address is located 0 bytes to the right of [ 15.491188] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.492158] [ 15.492260] The buggy address belongs to the physical page: [ 15.492663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.493247] flags: 0x200000000000000(node=0|zone=2) [ 15.493784] page_type: f5(slab) [ 15.493938] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.494634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.494955] page dumped because: kasan: bad access detected [ 15.495331] [ 15.495635] Memory state around the buggy address: [ 15.495847] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.496188] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496798] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.497197] ^ [ 15.497462] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.498129] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.498639] ================================================================== [ 14.393639] ================================================================== [ 14.394244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.394590] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.394906] [ 14.395000] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.395542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.395554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.395677] Call Trace: [ 14.395706] <TASK> [ 14.395722] dump_stack_lvl+0x73/0xb0 [ 14.395752] print_report+0xd1/0x610 [ 14.395773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.395794] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.395814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.395836] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.395856] kasan_report+0x141/0x180 [ 14.395877] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.395902] __asan_report_load4_noabort+0x18/0x20 [ 14.395926] kasan_atomics_helper+0x4bbc/0x5450 [ 14.395947] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.395969] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.395993] ? kasan_atomics+0x152/0x310 [ 14.396029] kasan_atomics+0x1dc/0x310 [ 14.396050] ? __pfx_kasan_atomics+0x10/0x10 [ 14.396073] ? __pfx_read_tsc+0x10/0x10 [ 14.396092] ? ktime_get_ts64+0x86/0x230 [ 14.396115] kunit_try_run_case+0x1a5/0x480 [ 14.396139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.396161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.396183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.396205] ? __kthread_parkme+0x82/0x180 [ 14.396223] ? preempt_count_sub+0x50/0x80 [ 14.396245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.396269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.396290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.396313] kthread+0x337/0x6f0 [ 14.396330] ? trace_preempt_on+0x20/0xc0 [ 14.396390] ? __pfx_kthread+0x10/0x10 [ 14.396427] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.396447] ? calculate_sigpending+0x7b/0xa0 [ 14.396471] ? __pfx_kthread+0x10/0x10 [ 14.396491] ret_from_fork+0x116/0x1d0 [ 14.396509] ? __pfx_kthread+0x10/0x10 [ 14.396528] ret_from_fork_asm+0x1a/0x30 [ 14.396558] </TASK> [ 14.396568] [ 14.410779] Allocated by task 283: [ 14.410954] kasan_save_stack+0x45/0x70 [ 14.411113] kasan_save_track+0x18/0x40 [ 14.411250] kasan_save_alloc_info+0x3b/0x50 [ 14.411405] __kasan_kmalloc+0xb7/0xc0 [ 14.411536] __kmalloc_cache_noprof+0x189/0x420 [ 14.411689] kasan_atomics+0x95/0x310 [ 14.411819] kunit_try_run_case+0x1a5/0x480 [ 14.411963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413203] kthread+0x337/0x6f0 [ 14.413711] ret_from_fork+0x116/0x1d0 [ 14.414217] ret_from_fork_asm+0x1a/0x30 [ 14.414800] [ 14.415091] The buggy address belongs to the object at ffff8881039b8880 [ 14.415091] which belongs to the cache kmalloc-64 of size 64 [ 14.416474] The buggy address is located 0 bytes to the right of [ 14.416474] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.418107] [ 14.418417] The buggy address belongs to the physical page: [ 14.418960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.419629] flags: 0x200000000000000(node=0|zone=2) [ 14.419813] page_type: f5(slab) [ 14.419935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.420180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.420406] page dumped because: kasan: bad access detected [ 14.420577] [ 14.420646] Memory state around the buggy address: [ 14.420800] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.421076] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.422424] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.423153] ^ [ 14.423778] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.424527] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.425296] ================================================================== [ 14.426320] ================================================================== [ 14.427129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.427879] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.428758] [ 14.428989] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.429044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.429056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.429076] Call Trace: [ 14.429091] <TASK> [ 14.429139] dump_stack_lvl+0x73/0xb0 [ 14.429167] print_report+0xd1/0x610 [ 14.429187] ? __virt_addr_valid+0x1db/0x2d0 [ 14.429209] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.429230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.429253] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.429275] kasan_report+0x141/0x180 [ 14.429295] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.429320] __asan_report_store4_noabort+0x1b/0x30 [ 14.429344] kasan_atomics_helper+0x4ba2/0x5450 [ 14.429365] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.429407] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.429431] ? kasan_atomics+0x152/0x310 [ 14.429456] kasan_atomics+0x1dc/0x310 [ 14.429477] ? __pfx_kasan_atomics+0x10/0x10 [ 14.429500] ? __pfx_read_tsc+0x10/0x10 [ 14.429521] ? ktime_get_ts64+0x86/0x230 [ 14.429544] kunit_try_run_case+0x1a5/0x480 [ 14.429568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.429612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.429634] ? __kthread_parkme+0x82/0x180 [ 14.429653] ? preempt_count_sub+0x50/0x80 [ 14.429676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.429721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.429744] kthread+0x337/0x6f0 [ 14.429762] ? trace_preempt_on+0x20/0xc0 [ 14.429784] ? __pfx_kthread+0x10/0x10 [ 14.429804] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.429824] ? calculate_sigpending+0x7b/0xa0 [ 14.429863] ? __pfx_kthread+0x10/0x10 [ 14.429884] ret_from_fork+0x116/0x1d0 [ 14.429919] ? __pfx_kthread+0x10/0x10 [ 14.429939] ret_from_fork_asm+0x1a/0x30 [ 14.429969] </TASK> [ 14.429978] [ 14.437476] Allocated by task 283: [ 14.437604] kasan_save_stack+0x45/0x70 [ 14.437860] kasan_save_track+0x18/0x40 [ 14.438066] kasan_save_alloc_info+0x3b/0x50 [ 14.438288] __kasan_kmalloc+0xb7/0xc0 [ 14.438524] __kmalloc_cache_noprof+0x189/0x420 [ 14.438792] kasan_atomics+0x95/0x310 [ 14.438985] kunit_try_run_case+0x1a5/0x480 [ 14.439207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.439459] kthread+0x337/0x6f0 [ 14.439672] ret_from_fork+0x116/0x1d0 [ 14.439875] ret_from_fork_asm+0x1a/0x30 [ 14.440110] [ 14.440187] The buggy address belongs to the object at ffff8881039b8880 [ 14.440187] which belongs to the cache kmalloc-64 of size 64 [ 14.440923] The buggy address is located 0 bytes to the right of [ 14.440923] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.441466] [ 14.441594] The buggy address belongs to the physical page: [ 14.441889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.442265] flags: 0x200000000000000(node=0|zone=2) [ 14.442589] page_type: f5(slab) [ 14.442777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.443123] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.443499] page dumped because: kasan: bad access detected [ 14.443798] [ 14.443902] Memory state around the buggy address: [ 14.444084] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.444293] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.444509] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.444713] ^ [ 14.444859] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445169] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445470] ================================================================== [ 15.042263] ================================================================== [ 15.042652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.043365] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.043676] [ 15.043759] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.043801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.043813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.043837] Call Trace: [ 15.043850] <TASK> [ 15.043865] dump_stack_lvl+0x73/0xb0 [ 15.043892] print_report+0xd1/0x610 [ 15.043915] ? __virt_addr_valid+0x1db/0x2d0 [ 15.043937] ? kasan_atomics_helper+0x1217/0x5450 [ 15.043958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.043980] ? kasan_atomics_helper+0x1217/0x5450 [ 15.044002] kasan_report+0x141/0x180 [ 15.044038] ? kasan_atomics_helper+0x1217/0x5450 [ 15.044093] kasan_check_range+0x10c/0x1c0 [ 15.044132] __kasan_check_write+0x18/0x20 [ 15.044152] kasan_atomics_helper+0x1217/0x5450 [ 15.044174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.044198] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.044222] ? kasan_atomics+0x152/0x310 [ 15.044248] kasan_atomics+0x1dc/0x310 [ 15.044271] ? __pfx_kasan_atomics+0x10/0x10 [ 15.044294] ? __pfx_read_tsc+0x10/0x10 [ 15.044315] ? ktime_get_ts64+0x86/0x230 [ 15.044338] kunit_try_run_case+0x1a5/0x480 [ 15.044396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.044419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.044441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.044466] ? __kthread_parkme+0x82/0x180 [ 15.044508] ? preempt_count_sub+0x50/0x80 [ 15.044531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.044556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.044579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.044602] kthread+0x337/0x6f0 [ 15.044622] ? trace_preempt_on+0x20/0xc0 [ 15.044644] ? __pfx_kthread+0x10/0x10 [ 15.044665] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.044687] ? calculate_sigpending+0x7b/0xa0 [ 15.044710] ? __pfx_kthread+0x10/0x10 [ 15.044731] ret_from_fork+0x116/0x1d0 [ 15.044749] ? __pfx_kthread+0x10/0x10 [ 15.044770] ret_from_fork_asm+0x1a/0x30 [ 15.044801] </TASK> [ 15.044812] [ 15.052132] Allocated by task 283: [ 15.052261] kasan_save_stack+0x45/0x70 [ 15.052475] kasan_save_track+0x18/0x40 [ 15.052733] kasan_save_alloc_info+0x3b/0x50 [ 15.052938] __kasan_kmalloc+0xb7/0xc0 [ 15.053145] __kmalloc_cache_noprof+0x189/0x420 [ 15.053446] kasan_atomics+0x95/0x310 [ 15.053683] kunit_try_run_case+0x1a5/0x480 [ 15.053862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.054242] kthread+0x337/0x6f0 [ 15.054374] ret_from_fork+0x116/0x1d0 [ 15.054506] ret_from_fork_asm+0x1a/0x30 [ 15.054845] [ 15.054940] The buggy address belongs to the object at ffff8881039b8880 [ 15.054940] which belongs to the cache kmalloc-64 of size 64 [ 15.055467] The buggy address is located 0 bytes to the right of [ 15.055467] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.055947] [ 15.056090] The buggy address belongs to the physical page: [ 15.056337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.056642] flags: 0x200000000000000(node=0|zone=2) [ 15.056805] page_type: f5(slab) [ 15.056927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.057178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.057453] page dumped because: kasan: bad access detected [ 15.057627] [ 15.057696] Memory state around the buggy address: [ 15.057849] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.058102] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.058445] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.058986] ^ [ 15.059482] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059823] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060147] ================================================================== [ 14.803681] ================================================================== [ 14.804059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.804510] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.804851] [ 14.804958] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.805016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.805029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.805051] Call Trace: [ 14.805065] <TASK> [ 14.805081] dump_stack_lvl+0x73/0xb0 [ 14.805108] print_report+0xd1/0x610 [ 14.805131] ? __virt_addr_valid+0x1db/0x2d0 [ 14.805154] ? kasan_atomics_helper+0xc70/0x5450 [ 14.805175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.805198] ? kasan_atomics_helper+0xc70/0x5450 [ 14.805219] kasan_report+0x141/0x180 [ 14.805241] ? kasan_atomics_helper+0xc70/0x5450 [ 14.805267] kasan_check_range+0x10c/0x1c0 [ 14.805290] __kasan_check_write+0x18/0x20 [ 14.805309] kasan_atomics_helper+0xc70/0x5450 [ 14.805332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.805567] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.805600] ? kasan_atomics+0x152/0x310 [ 14.805626] kasan_atomics+0x1dc/0x310 [ 14.805649] ? __pfx_kasan_atomics+0x10/0x10 [ 14.805674] ? __pfx_read_tsc+0x10/0x10 [ 14.805694] ? ktime_get_ts64+0x86/0x230 [ 14.805719] kunit_try_run_case+0x1a5/0x480 [ 14.805743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.805765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.805789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.805813] ? __kthread_parkme+0x82/0x180 [ 14.805833] ? preempt_count_sub+0x50/0x80 [ 14.805856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.805881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.805904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.805928] kthread+0x337/0x6f0 [ 14.805947] ? trace_preempt_on+0x20/0xc0 [ 14.805970] ? __pfx_kthread+0x10/0x10 [ 14.805990] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.806025] ? calculate_sigpending+0x7b/0xa0 [ 14.806050] ? __pfx_kthread+0x10/0x10 [ 14.806071] ret_from_fork+0x116/0x1d0 [ 14.806089] ? __pfx_kthread+0x10/0x10 [ 14.806110] ret_from_fork_asm+0x1a/0x30 [ 14.806140] </TASK> [ 14.806151] [ 14.817140] Allocated by task 283: [ 14.817272] kasan_save_stack+0x45/0x70 [ 14.817419] kasan_save_track+0x18/0x40 [ 14.817555] kasan_save_alloc_info+0x3b/0x50 [ 14.817704] __kasan_kmalloc+0xb7/0xc0 [ 14.817837] __kmalloc_cache_noprof+0x189/0x420 [ 14.817993] kasan_atomics+0x95/0x310 [ 14.818210] kunit_try_run_case+0x1a5/0x480 [ 14.818633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.818888] kthread+0x337/0x6f0 [ 14.819312] ret_from_fork+0x116/0x1d0 [ 14.819761] ret_from_fork_asm+0x1a/0x30 [ 14.819964] [ 14.820055] The buggy address belongs to the object at ffff8881039b8880 [ 14.820055] which belongs to the cache kmalloc-64 of size 64 [ 14.820411] The buggy address is located 0 bytes to the right of [ 14.820411] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.820829] [ 14.820927] The buggy address belongs to the physical page: [ 14.821204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.821829] flags: 0x200000000000000(node=0|zone=2) [ 14.822088] page_type: f5(slab) [ 14.822264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.823051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.823367] page dumped because: kasan: bad access detected [ 14.823604] [ 14.823677] Memory state around the buggy address: [ 14.823899] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.824239] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.824557] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.824859] ^ [ 14.825200] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825560] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825936] ================================================================== [ 15.838641] ================================================================== [ 15.838963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.839487] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.839740] [ 15.839844] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.839886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.839897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.839918] Call Trace: [ 15.839931] <TASK> [ 15.839945] dump_stack_lvl+0x73/0xb0 [ 15.839972] print_report+0xd1/0x610 [ 15.839995] ? __virt_addr_valid+0x1db/0x2d0 [ 15.840027] ? kasan_atomics_helper+0x224c/0x5450 [ 15.840048] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.840070] ? kasan_atomics_helper+0x224c/0x5450 [ 15.840091] kasan_report+0x141/0x180 [ 15.840113] ? kasan_atomics_helper+0x224c/0x5450 [ 15.840140] kasan_check_range+0x10c/0x1c0 [ 15.840163] __kasan_check_write+0x18/0x20 [ 15.840182] kasan_atomics_helper+0x224c/0x5450 [ 15.840205] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.840227] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.840251] ? kasan_atomics+0x152/0x310 [ 15.840277] kasan_atomics+0x1dc/0x310 [ 15.840300] ? __pfx_kasan_atomics+0x10/0x10 [ 15.840324] ? __pfx_read_tsc+0x10/0x10 [ 15.840344] ? ktime_get_ts64+0x86/0x230 [ 15.840368] kunit_try_run_case+0x1a5/0x480 [ 15.840412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.840459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.840482] ? __kthread_parkme+0x82/0x180 [ 15.840502] ? preempt_count_sub+0x50/0x80 [ 15.840525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.840572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.840596] kthread+0x337/0x6f0 [ 15.840615] ? trace_preempt_on+0x20/0xc0 [ 15.840658] ? __pfx_kthread+0x10/0x10 [ 15.840679] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.840700] ? calculate_sigpending+0x7b/0xa0 [ 15.840723] ? __pfx_kthread+0x10/0x10 [ 15.840744] ret_from_fork+0x116/0x1d0 [ 15.840763] ? __pfx_kthread+0x10/0x10 [ 15.840783] ret_from_fork_asm+0x1a/0x30 [ 15.840814] </TASK> [ 15.840824] [ 15.850123] Allocated by task 283: [ 15.850295] kasan_save_stack+0x45/0x70 [ 15.851142] kasan_save_track+0x18/0x40 [ 15.851595] kasan_save_alloc_info+0x3b/0x50 [ 15.851824] __kasan_kmalloc+0xb7/0xc0 [ 15.852015] __kmalloc_cache_noprof+0x189/0x420 [ 15.852226] kasan_atomics+0x95/0x310 [ 15.852726] kunit_try_run_case+0x1a5/0x480 [ 15.853027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.853270] kthread+0x337/0x6f0 [ 15.853724] ret_from_fork+0x116/0x1d0 [ 15.853987] ret_from_fork_asm+0x1a/0x30 [ 15.854351] [ 15.854458] The buggy address belongs to the object at ffff8881039b8880 [ 15.854458] which belongs to the cache kmalloc-64 of size 64 [ 15.854935] The buggy address is located 0 bytes to the right of [ 15.854935] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.855846] [ 15.855941] The buggy address belongs to the physical page: [ 15.856364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.856699] flags: 0x200000000000000(node=0|zone=2) [ 15.856922] page_type: f5(slab) [ 15.857103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.857754] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.858271] page dumped because: kasan: bad access detected [ 15.858858] [ 15.858964] Memory state around the buggy address: [ 15.859216] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.859457] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.859680] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.859895] ^ [ 15.860543] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861176] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861835] ================================================================== [ 15.233962] ================================================================== [ 15.234260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.235158] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.235635] [ 15.235735] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.235777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.235790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.235811] Call Trace: [ 15.235825] <TASK> [ 15.235840] dump_stack_lvl+0x73/0xb0 [ 15.235868] print_report+0xd1/0x610 [ 15.235892] ? __virt_addr_valid+0x1db/0x2d0 [ 15.235915] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.235936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.235959] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.235980] kasan_report+0x141/0x180 [ 15.236003] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.236202] __asan_report_store8_noabort+0x1b/0x30 [ 15.236228] kasan_atomics_helper+0x50d4/0x5450 [ 15.236251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.236273] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.236298] ? kasan_atomics+0x152/0x310 [ 15.236324] kasan_atomics+0x1dc/0x310 [ 15.236347] ? __pfx_kasan_atomics+0x10/0x10 [ 15.236373] ? __pfx_read_tsc+0x10/0x10 [ 15.236394] ? ktime_get_ts64+0x86/0x230 [ 15.236434] kunit_try_run_case+0x1a5/0x480 [ 15.236458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.236505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.236528] ? __kthread_parkme+0x82/0x180 [ 15.236548] ? preempt_count_sub+0x50/0x80 [ 15.236571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.236642] kthread+0x337/0x6f0 [ 15.236661] ? trace_preempt_on+0x20/0xc0 [ 15.236684] ? __pfx_kthread+0x10/0x10 [ 15.236706] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.236727] ? calculate_sigpending+0x7b/0xa0 [ 15.236752] ? __pfx_kthread+0x10/0x10 [ 15.236773] ret_from_fork+0x116/0x1d0 [ 15.236791] ? __pfx_kthread+0x10/0x10 [ 15.236812] ret_from_fork_asm+0x1a/0x30 [ 15.236842] </TASK> [ 15.236853] [ 15.248462] Allocated by task 283: [ 15.248887] kasan_save_stack+0x45/0x70 [ 15.249098] kasan_save_track+0x18/0x40 [ 15.249554] kasan_save_alloc_info+0x3b/0x50 [ 15.249912] __kasan_kmalloc+0xb7/0xc0 [ 15.250157] __kmalloc_cache_noprof+0x189/0x420 [ 15.250365] kasan_atomics+0x95/0x310 [ 15.250788] kunit_try_run_case+0x1a5/0x480 [ 15.251096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.251467] kthread+0x337/0x6f0 [ 15.251845] ret_from_fork+0x116/0x1d0 [ 15.252143] ret_from_fork_asm+0x1a/0x30 [ 15.252298] [ 15.252394] The buggy address belongs to the object at ffff8881039b8880 [ 15.252394] which belongs to the cache kmalloc-64 of size 64 [ 15.253354] The buggy address is located 0 bytes to the right of [ 15.253354] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.254173] [ 15.254320] The buggy address belongs to the physical page: [ 15.254646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.255476] flags: 0x200000000000000(node=0|zone=2) [ 15.255929] page_type: f5(slab) [ 15.256137] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.256876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.257313] page dumped because: kasan: bad access detected [ 15.257768] [ 15.258017] Memory state around the buggy address: [ 15.258734] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.259058] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.259566] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.259885] ^ [ 15.260183] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260672] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261161] ================================================================== [ 15.005762] ================================================================== [ 15.006121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.006488] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.006758] [ 15.006840] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.006880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.006891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.006912] Call Trace: [ 15.006925] <TASK> [ 15.006939] dump_stack_lvl+0x73/0xb0 [ 15.006964] print_report+0xd1/0x610 [ 15.006986] ? __virt_addr_valid+0x1db/0x2d0 [ 15.007021] ? kasan_atomics_helper+0x1148/0x5450 [ 15.007043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.007066] ? kasan_atomics_helper+0x1148/0x5450 [ 15.007087] kasan_report+0x141/0x180 [ 15.007110] ? kasan_atomics_helper+0x1148/0x5450 [ 15.007136] kasan_check_range+0x10c/0x1c0 [ 15.007160] __kasan_check_write+0x18/0x20 [ 15.007180] kasan_atomics_helper+0x1148/0x5450 [ 15.007203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.007225] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.007249] ? kasan_atomics+0x152/0x310 [ 15.007275] kasan_atomics+0x1dc/0x310 [ 15.007298] ? __pfx_kasan_atomics+0x10/0x10 [ 15.007321] ? __pfx_read_tsc+0x10/0x10 [ 15.007342] ? ktime_get_ts64+0x86/0x230 [ 15.007366] kunit_try_run_case+0x1a5/0x480 [ 15.007412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.007458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.007481] ? __kthread_parkme+0x82/0x180 [ 15.007501] ? preempt_count_sub+0x50/0x80 [ 15.007525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.007572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.007594] kthread+0x337/0x6f0 [ 15.007614] ? trace_preempt_on+0x20/0xc0 [ 15.007637] ? __pfx_kthread+0x10/0x10 [ 15.007657] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.007679] ? calculate_sigpending+0x7b/0xa0 [ 15.007702] ? __pfx_kthread+0x10/0x10 [ 15.007723] ret_from_fork+0x116/0x1d0 [ 15.007742] ? __pfx_kthread+0x10/0x10 [ 15.007763] ret_from_fork_asm+0x1a/0x30 [ 15.007794] </TASK> [ 15.007804] [ 15.015844] Allocated by task 283: [ 15.015974] kasan_save_stack+0x45/0x70 [ 15.016216] kasan_save_track+0x18/0x40 [ 15.016552] kasan_save_alloc_info+0x3b/0x50 [ 15.016762] __kasan_kmalloc+0xb7/0xc0 [ 15.016936] __kmalloc_cache_noprof+0x189/0x420 [ 15.017131] kasan_atomics+0x95/0x310 [ 15.017267] kunit_try_run_case+0x1a5/0x480 [ 15.017460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.017745] kthread+0x337/0x6f0 [ 15.017915] ret_from_fork+0x116/0x1d0 [ 15.018118] ret_from_fork_asm+0x1a/0x30 [ 15.018321] [ 15.018424] The buggy address belongs to the object at ffff8881039b8880 [ 15.018424] which belongs to the cache kmalloc-64 of size 64 [ 15.018914] The buggy address is located 0 bytes to the right of [ 15.018914] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.019434] [ 15.019523] The buggy address belongs to the physical page: [ 15.019738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.019977] flags: 0x200000000000000(node=0|zone=2) [ 15.020219] page_type: f5(slab) [ 15.020409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.020761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.021194] page dumped because: kasan: bad access detected [ 15.021430] [ 15.021566] Memory state around the buggy address: [ 15.021814] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.022059] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.022352] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.022675] ^ [ 15.022879] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023108] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023532] ================================================================== [ 14.910139] ================================================================== [ 14.910501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.910731] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.910955] [ 14.911054] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.911094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.911106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911128] Call Trace: [ 14.911141] <TASK> [ 14.911155] dump_stack_lvl+0x73/0xb0 [ 14.911180] print_report+0xd1/0x610 [ 14.911201] ? __virt_addr_valid+0x1db/0x2d0 [ 14.911224] ? kasan_atomics_helper+0xf10/0x5450 [ 14.911245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.911267] ? kasan_atomics_helper+0xf10/0x5450 [ 14.911288] kasan_report+0x141/0x180 [ 14.911311] ? kasan_atomics_helper+0xf10/0x5450 [ 14.911337] kasan_check_range+0x10c/0x1c0 [ 14.911441] __kasan_check_write+0x18/0x20 [ 14.911461] kasan_atomics_helper+0xf10/0x5450 [ 14.911484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.911506] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.911531] ? kasan_atomics+0x152/0x310 [ 14.911557] kasan_atomics+0x1dc/0x310 [ 14.911580] ? __pfx_kasan_atomics+0x10/0x10 [ 14.911604] ? __pfx_read_tsc+0x10/0x10 [ 14.911625] ? ktime_get_ts64+0x86/0x230 [ 14.911650] kunit_try_run_case+0x1a5/0x480 [ 14.911674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.911720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.911744] ? __kthread_parkme+0x82/0x180 [ 14.911764] ? preempt_count_sub+0x50/0x80 [ 14.911788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.911835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.911859] kthread+0x337/0x6f0 [ 14.911879] ? trace_preempt_on+0x20/0xc0 [ 14.911901] ? __pfx_kthread+0x10/0x10 [ 14.911922] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.911943] ? calculate_sigpending+0x7b/0xa0 [ 14.911967] ? __pfx_kthread+0x10/0x10 [ 14.911988] ret_from_fork+0x116/0x1d0 [ 14.912018] ? __pfx_kthread+0x10/0x10 [ 14.912039] ret_from_fork_asm+0x1a/0x30 [ 14.912069] </TASK> [ 14.912079] [ 14.920524] Allocated by task 283: [ 14.920716] kasan_save_stack+0x45/0x70 [ 14.920918] kasan_save_track+0x18/0x40 [ 14.921115] kasan_save_alloc_info+0x3b/0x50 [ 14.921330] __kasan_kmalloc+0xb7/0xc0 [ 14.921558] __kmalloc_cache_noprof+0x189/0x420 [ 14.921769] kasan_atomics+0x95/0x310 [ 14.921959] kunit_try_run_case+0x1a5/0x480 [ 14.922135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.922337] kthread+0x337/0x6f0 [ 14.922593] ret_from_fork+0x116/0x1d0 [ 14.922765] ret_from_fork_asm+0x1a/0x30 [ 14.922958] [ 14.923054] The buggy address belongs to the object at ffff8881039b8880 [ 14.923054] which belongs to the cache kmalloc-64 of size 64 [ 14.923609] The buggy address is located 0 bytes to the right of [ 14.923609] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.924105] [ 14.924200] The buggy address belongs to the physical page: [ 14.924629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.924958] flags: 0x200000000000000(node=0|zone=2) [ 14.925197] page_type: f5(slab) [ 14.925343] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.925713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.926062] page dumped because: kasan: bad access detected [ 14.926290] [ 14.926463] Memory state around the buggy address: [ 14.926655] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.926950] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.927235] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.927577] ^ [ 14.927814] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928116] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928557] ================================================================== [ 15.390495] ================================================================== [ 15.390797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.391124] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.391873] [ 15.391998] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.392070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.392083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.392104] Call Trace: [ 15.392116] <TASK> [ 15.392146] dump_stack_lvl+0x73/0xb0 [ 15.392174] print_report+0xd1/0x610 [ 15.392196] ? __virt_addr_valid+0x1db/0x2d0 [ 15.392219] ? kasan_atomics_helper+0x1818/0x5450 [ 15.392240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.392262] ? kasan_atomics_helper+0x1818/0x5450 [ 15.392284] kasan_report+0x141/0x180 [ 15.392306] ? kasan_atomics_helper+0x1818/0x5450 [ 15.392332] kasan_check_range+0x10c/0x1c0 [ 15.392355] __kasan_check_write+0x18/0x20 [ 15.392374] kasan_atomics_helper+0x1818/0x5450 [ 15.392396] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.392419] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.392481] ? kasan_atomics+0x152/0x310 [ 15.392509] kasan_atomics+0x1dc/0x310 [ 15.392531] ? __pfx_kasan_atomics+0x10/0x10 [ 15.392555] ? __pfx_read_tsc+0x10/0x10 [ 15.392575] ? ktime_get_ts64+0x86/0x230 [ 15.392598] kunit_try_run_case+0x1a5/0x480 [ 15.392623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.392668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.392691] ? __kthread_parkme+0x82/0x180 [ 15.392778] ? preempt_count_sub+0x50/0x80 [ 15.392804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.392875] kthread+0x337/0x6f0 [ 15.392894] ? trace_preempt_on+0x20/0xc0 [ 15.392918] ? __pfx_kthread+0x10/0x10 [ 15.392940] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.392962] ? calculate_sigpending+0x7b/0xa0 [ 15.392993] ? __pfx_kthread+0x10/0x10 [ 15.393026] ret_from_fork+0x116/0x1d0 [ 15.393045] ? __pfx_kthread+0x10/0x10 [ 15.393065] ret_from_fork_asm+0x1a/0x30 [ 15.393096] </TASK> [ 15.393106] [ 15.402024] Allocated by task 283: [ 15.402206] kasan_save_stack+0x45/0x70 [ 15.402560] kasan_save_track+0x18/0x40 [ 15.402793] kasan_save_alloc_info+0x3b/0x50 [ 15.402966] __kasan_kmalloc+0xb7/0xc0 [ 15.403188] __kmalloc_cache_noprof+0x189/0x420 [ 15.403483] kasan_atomics+0x95/0x310 [ 15.403672] kunit_try_run_case+0x1a5/0x480 [ 15.403934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.404206] kthread+0x337/0x6f0 [ 15.404454] ret_from_fork+0x116/0x1d0 [ 15.404639] ret_from_fork_asm+0x1a/0x30 [ 15.404841] [ 15.404934] The buggy address belongs to the object at ffff8881039b8880 [ 15.404934] which belongs to the cache kmalloc-64 of size 64 [ 15.405492] The buggy address is located 0 bytes to the right of [ 15.405492] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.405957] [ 15.406065] The buggy address belongs to the physical page: [ 15.406313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.406661] flags: 0x200000000000000(node=0|zone=2) [ 15.406963] page_type: f5(slab) [ 15.407315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.407561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.408352] page dumped because: kasan: bad access detected [ 15.408693] [ 15.408808] Memory state around the buggy address: [ 15.409081] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.409593] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.410225] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.411437] ^ [ 15.411636] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411986] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412327] ================================================================== [ 14.784684] ================================================================== [ 14.784917] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.785169] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.785631] [ 14.785725] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.785766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.785779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.785800] Call Trace: [ 14.785815] <TASK> [ 14.785829] dump_stack_lvl+0x73/0xb0 [ 14.785858] print_report+0xd1/0x610 [ 14.785880] ? __virt_addr_valid+0x1db/0x2d0 [ 14.785902] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.785923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.785945] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.785966] kasan_report+0x141/0x180 [ 14.785988] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.786029] kasan_check_range+0x10c/0x1c0 [ 14.786052] __kasan_check_write+0x18/0x20 [ 14.786072] kasan_atomics_helper+0xb6a/0x5450 [ 14.786096] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.786118] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.786143] ? kasan_atomics+0x152/0x310 [ 14.786170] kasan_atomics+0x1dc/0x310 [ 14.786193] ? __pfx_kasan_atomics+0x10/0x10 [ 14.786217] ? __pfx_read_tsc+0x10/0x10 [ 14.786238] ? ktime_get_ts64+0x86/0x230 [ 14.786262] kunit_try_run_case+0x1a5/0x480 [ 14.786285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.786308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.786331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.786446] ? __kthread_parkme+0x82/0x180 [ 14.786469] ? preempt_count_sub+0x50/0x80 [ 14.786494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.786518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.786541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.786565] kthread+0x337/0x6f0 [ 14.786584] ? trace_preempt_on+0x20/0xc0 [ 14.786607] ? __pfx_kthread+0x10/0x10 [ 14.786627] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.786650] ? calculate_sigpending+0x7b/0xa0 [ 14.786674] ? __pfx_kthread+0x10/0x10 [ 14.786696] ret_from_fork+0x116/0x1d0 [ 14.786714] ? __pfx_kthread+0x10/0x10 [ 14.786735] ret_from_fork_asm+0x1a/0x30 [ 14.786766] </TASK> [ 14.786777] [ 14.794864] Allocated by task 283: [ 14.794997] kasan_save_stack+0x45/0x70 [ 14.795192] kasan_save_track+0x18/0x40 [ 14.795329] kasan_save_alloc_info+0x3b/0x50 [ 14.795602] __kasan_kmalloc+0xb7/0xc0 [ 14.795792] __kmalloc_cache_noprof+0x189/0x420 [ 14.796021] kasan_atomics+0x95/0x310 [ 14.796206] kunit_try_run_case+0x1a5/0x480 [ 14.796487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.796745] kthread+0x337/0x6f0 [ 14.796913] ret_from_fork+0x116/0x1d0 [ 14.797125] ret_from_fork_asm+0x1a/0x30 [ 14.797324] [ 14.797607] The buggy address belongs to the object at ffff8881039b8880 [ 14.797607] which belongs to the cache kmalloc-64 of size 64 [ 14.798158] The buggy address is located 0 bytes to the right of [ 14.798158] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.798699] [ 14.798777] The buggy address belongs to the physical page: [ 14.798948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.799318] flags: 0x200000000000000(node=0|zone=2) [ 14.799655] page_type: f5(slab) [ 14.799832] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.800188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.800564] page dumped because: kasan: bad access detected [ 14.800812] [ 14.800890] Memory state around the buggy address: [ 14.801108] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.801626] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.801934] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.802239] ^ [ 14.802534] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.802760] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.802974] ================================================================== [ 15.560783] ================================================================== [ 15.561113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.561592] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.561907] [ 15.561992] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.562043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.562055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.562077] Call Trace: [ 15.562091] <TASK> [ 15.562104] dump_stack_lvl+0x73/0xb0 [ 15.562130] print_report+0xd1/0x610 [ 15.562152] ? __virt_addr_valid+0x1db/0x2d0 [ 15.562174] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.562196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.562218] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.562240] kasan_report+0x141/0x180 [ 15.562262] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.562311] __asan_report_load8_noabort+0x18/0x20 [ 15.562337] kasan_atomics_helper+0x4f30/0x5450 [ 15.562359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.562381] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.562405] ? kasan_atomics+0x152/0x310 [ 15.562432] kasan_atomics+0x1dc/0x310 [ 15.562454] ? __pfx_kasan_atomics+0x10/0x10 [ 15.562477] ? __pfx_read_tsc+0x10/0x10 [ 15.562498] ? ktime_get_ts64+0x86/0x230 [ 15.562521] kunit_try_run_case+0x1a5/0x480 [ 15.562547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.562592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.562615] ? __kthread_parkme+0x82/0x180 [ 15.562635] ? preempt_count_sub+0x50/0x80 [ 15.562659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.562897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.562923] kthread+0x337/0x6f0 [ 15.562943] ? trace_preempt_on+0x20/0xc0 [ 15.562967] ? __pfx_kthread+0x10/0x10 [ 15.562988] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.563021] ? calculate_sigpending+0x7b/0xa0 [ 15.563044] ? __pfx_kthread+0x10/0x10 [ 15.563066] ret_from_fork+0x116/0x1d0 [ 15.563085] ? __pfx_kthread+0x10/0x10 [ 15.563105] ret_from_fork_asm+0x1a/0x30 [ 15.563136] </TASK> [ 15.563147] [ 15.571939] Allocated by task 283: [ 15.572121] kasan_save_stack+0x45/0x70 [ 15.572317] kasan_save_track+0x18/0x40 [ 15.572614] kasan_save_alloc_info+0x3b/0x50 [ 15.572820] __kasan_kmalloc+0xb7/0xc0 [ 15.573023] __kmalloc_cache_noprof+0x189/0x420 [ 15.573241] kasan_atomics+0x95/0x310 [ 15.573539] kunit_try_run_case+0x1a5/0x480 [ 15.573717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.573888] kthread+0x337/0x6f0 [ 15.574017] ret_from_fork+0x116/0x1d0 [ 15.574203] ret_from_fork_asm+0x1a/0x30 [ 15.574526] [ 15.574630] The buggy address belongs to the object at ffff8881039b8880 [ 15.574630] which belongs to the cache kmalloc-64 of size 64 [ 15.575230] The buggy address is located 0 bytes to the right of [ 15.575230] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.575974] [ 15.576092] The buggy address belongs to the physical page: [ 15.576299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.576837] flags: 0x200000000000000(node=0|zone=2) [ 15.577026] page_type: f5(slab) [ 15.577272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.577811] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.578056] page dumped because: kasan: bad access detected [ 15.578228] [ 15.578297] Memory state around the buggy address: [ 15.578638] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.579306] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.579959] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.580280] ^ [ 15.580613] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580835] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581071] ================================================================== [ 15.702574] ================================================================== [ 15.702908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.703251] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.703661] [ 15.703772] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.703815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.703828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.703848] Call Trace: [ 15.703862] <TASK> [ 15.703875] dump_stack_lvl+0x73/0xb0 [ 15.703903] print_report+0xd1/0x610 [ 15.703925] ? __virt_addr_valid+0x1db/0x2d0 [ 15.703948] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.703969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.703991] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.704024] kasan_report+0x141/0x180 [ 15.704046] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.704073] __asan_report_load8_noabort+0x18/0x20 [ 15.704097] kasan_atomics_helper+0x4f71/0x5450 [ 15.704120] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.704144] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.704170] ? kasan_atomics+0x152/0x310 [ 15.704197] kasan_atomics+0x1dc/0x310 [ 15.704220] ? __pfx_kasan_atomics+0x10/0x10 [ 15.704244] ? __pfx_read_tsc+0x10/0x10 [ 15.704264] ? ktime_get_ts64+0x86/0x230 [ 15.704288] kunit_try_run_case+0x1a5/0x480 [ 15.704312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.704334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.704436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.704461] ? __kthread_parkme+0x82/0x180 [ 15.704482] ? preempt_count_sub+0x50/0x80 [ 15.704505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.704530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.704554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.704577] kthread+0x337/0x6f0 [ 15.704597] ? trace_preempt_on+0x20/0xc0 [ 15.704620] ? __pfx_kthread+0x10/0x10 [ 15.704641] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.704663] ? calculate_sigpending+0x7b/0xa0 [ 15.704686] ? __pfx_kthread+0x10/0x10 [ 15.704708] ret_from_fork+0x116/0x1d0 [ 15.704727] ? __pfx_kthread+0x10/0x10 [ 15.704747] ret_from_fork_asm+0x1a/0x30 [ 15.704778] </TASK> [ 15.704788] [ 15.712817] Allocated by task 283: [ 15.712994] kasan_save_stack+0x45/0x70 [ 15.713156] kasan_save_track+0x18/0x40 [ 15.713526] kasan_save_alloc_info+0x3b/0x50 [ 15.713750] __kasan_kmalloc+0xb7/0xc0 [ 15.713944] __kmalloc_cache_noprof+0x189/0x420 [ 15.714150] kasan_atomics+0x95/0x310 [ 15.714329] kunit_try_run_case+0x1a5/0x480 [ 15.714601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.714857] kthread+0x337/0x6f0 [ 15.714986] ret_from_fork+0x116/0x1d0 [ 15.715131] ret_from_fork_asm+0x1a/0x30 [ 15.715270] [ 15.715342] The buggy address belongs to the object at ffff8881039b8880 [ 15.715342] which belongs to the cache kmalloc-64 of size 64 [ 15.715772] The buggy address is located 0 bytes to the right of [ 15.715772] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.716226] [ 15.716323] The buggy address belongs to the physical page: [ 15.716651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.717018] flags: 0x200000000000000(node=0|zone=2) [ 15.717250] page_type: f5(slab) [ 15.717619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.717964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.718316] page dumped because: kasan: bad access detected [ 15.718650] [ 15.718748] Memory state around the buggy address: [ 15.718973] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.719307] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.719657] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.719936] ^ [ 15.720154] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.720519] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.720782] ================================================================== [ 14.473631] ================================================================== [ 14.474388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.475227] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.476031] [ 14.476200] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.476241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.476252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.476275] Call Trace: [ 14.476289] <TASK> [ 14.476304] dump_stack_lvl+0x73/0xb0 [ 14.476342] print_report+0xd1/0x610 [ 14.476364] ? __virt_addr_valid+0x1db/0x2d0 [ 14.476386] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.476419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.476442] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.476463] kasan_report+0x141/0x180 [ 14.476486] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.476512] __asan_report_store4_noabort+0x1b/0x30 [ 14.476555] kasan_atomics_helper+0x4b6e/0x5450 [ 14.476595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.476617] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.476642] ? kasan_atomics+0x152/0x310 [ 14.476668] kasan_atomics+0x1dc/0x310 [ 14.476691] ? __pfx_kasan_atomics+0x10/0x10 [ 14.476715] ? __pfx_read_tsc+0x10/0x10 [ 14.476735] ? ktime_get_ts64+0x86/0x230 [ 14.476759] kunit_try_run_case+0x1a5/0x480 [ 14.476782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.476827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.476851] ? __kthread_parkme+0x82/0x180 [ 14.476871] ? preempt_count_sub+0x50/0x80 [ 14.476894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.476941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.476965] kthread+0x337/0x6f0 [ 14.476989] ? trace_preempt_on+0x20/0xc0 [ 14.477021] ? __pfx_kthread+0x10/0x10 [ 14.477043] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.477065] ? calculate_sigpending+0x7b/0xa0 [ 14.477089] ? __pfx_kthread+0x10/0x10 [ 14.477110] ret_from_fork+0x116/0x1d0 [ 14.477129] ? __pfx_kthread+0x10/0x10 [ 14.477150] ret_from_fork_asm+0x1a/0x30 [ 14.477180] </TASK> [ 14.477190] [ 14.492080] Allocated by task 283: [ 14.492435] kasan_save_stack+0x45/0x70 [ 14.492752] kasan_save_track+0x18/0x40 [ 14.492891] kasan_save_alloc_info+0x3b/0x50 [ 14.493060] __kasan_kmalloc+0xb7/0xc0 [ 14.493193] __kmalloc_cache_noprof+0x189/0x420 [ 14.493347] kasan_atomics+0x95/0x310 [ 14.493541] kunit_try_run_case+0x1a5/0x480 [ 14.493957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.494483] kthread+0x337/0x6f0 [ 14.494736] ret_from_fork+0x116/0x1d0 [ 14.494869] ret_from_fork_asm+0x1a/0x30 [ 14.495017] [ 14.495087] The buggy address belongs to the object at ffff8881039b8880 [ 14.495087] which belongs to the cache kmalloc-64 of size 64 [ 14.495512] The buggy address is located 0 bytes to the right of [ 14.495512] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.496843] [ 14.497030] The buggy address belongs to the physical page: [ 14.497533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.498000] flags: 0x200000000000000(node=0|zone=2) [ 14.498461] page_type: f5(slab) [ 14.498781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.499333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.500037] page dumped because: kasan: bad access detected [ 14.500499] [ 14.500711] Memory state around the buggy address: [ 14.501090] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.501627] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.502276] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.502985] ^ [ 14.503487] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.504183] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.504761] ================================================================== [ 14.595366] ================================================================== [ 14.595727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.595954] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.596192] [ 14.596274] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.596315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.596327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.596347] Call Trace: [ 14.596360] <TASK> [ 14.596374] dump_stack_lvl+0x73/0xb0 [ 14.596399] print_report+0xd1/0x610 [ 14.596421] ? __virt_addr_valid+0x1db/0x2d0 [ 14.596443] ? kasan_atomics_helper+0x565/0x5450 [ 14.596463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.596485] ? kasan_atomics_helper+0x565/0x5450 [ 14.596506] kasan_report+0x141/0x180 [ 14.596529] ? kasan_atomics_helper+0x565/0x5450 [ 14.596554] kasan_check_range+0x10c/0x1c0 [ 14.596577] __kasan_check_write+0x18/0x20 [ 14.596598] kasan_atomics_helper+0x565/0x5450 [ 14.596620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.596642] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.596666] ? kasan_atomics+0x152/0x310 [ 14.596691] kasan_atomics+0x1dc/0x310 [ 14.596714] ? __pfx_kasan_atomics+0x10/0x10 [ 14.596738] ? __pfx_read_tsc+0x10/0x10 [ 14.596759] ? ktime_get_ts64+0x86/0x230 [ 14.596782] kunit_try_run_case+0x1a5/0x480 [ 14.596806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.596828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.596851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.596924] ? __kthread_parkme+0x82/0x180 [ 14.596944] ? preempt_count_sub+0x50/0x80 [ 14.596973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.596997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.597030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.597054] kthread+0x337/0x6f0 [ 14.597073] ? trace_preempt_on+0x20/0xc0 [ 14.597095] ? __pfx_kthread+0x10/0x10 [ 14.597115] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.597137] ? calculate_sigpending+0x7b/0xa0 [ 14.597159] ? __pfx_kthread+0x10/0x10 [ 14.597181] ret_from_fork+0x116/0x1d0 [ 14.597198] ? __pfx_kthread+0x10/0x10 [ 14.597219] ret_from_fork_asm+0x1a/0x30 [ 14.597249] </TASK> [ 14.597259] [ 14.606193] Allocated by task 283: [ 14.606322] kasan_save_stack+0x45/0x70 [ 14.606648] kasan_save_track+0x18/0x40 [ 14.606974] kasan_save_alloc_info+0x3b/0x50 [ 14.607198] __kasan_kmalloc+0xb7/0xc0 [ 14.607392] __kmalloc_cache_noprof+0x189/0x420 [ 14.607614] kasan_atomics+0x95/0x310 [ 14.607774] kunit_try_run_case+0x1a5/0x480 [ 14.607921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.608104] kthread+0x337/0x6f0 [ 14.608226] ret_from_fork+0x116/0x1d0 [ 14.608358] ret_from_fork_asm+0x1a/0x30 [ 14.608652] [ 14.608768] The buggy address belongs to the object at ffff8881039b8880 [ 14.608768] which belongs to the cache kmalloc-64 of size 64 [ 14.609320] The buggy address is located 0 bytes to the right of [ 14.609320] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.610248] [ 14.610319] The buggy address belongs to the physical page: [ 14.610489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.610727] flags: 0x200000000000000(node=0|zone=2) [ 14.610887] page_type: f5(slab) [ 14.611012] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.611240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.611464] page dumped because: kasan: bad access detected [ 14.611634] [ 14.611702] Memory state around the buggy address: [ 14.612024] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.612716] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.613438] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.613770] ^ [ 14.613994] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.614318] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.614625] ================================================================== [ 15.767807] ================================================================== [ 15.768133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.768389] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.768812] [ 15.768919] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.768962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.768980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.769002] Call Trace: [ 15.769026] <TASK> [ 15.769041] dump_stack_lvl+0x73/0xb0 [ 15.769068] print_report+0xd1/0x610 [ 15.769089] ? __virt_addr_valid+0x1db/0x2d0 [ 15.769111] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.769132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.769154] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.769176] kasan_report+0x141/0x180 [ 15.769197] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.769224] kasan_check_range+0x10c/0x1c0 [ 15.769248] __kasan_check_write+0x18/0x20 [ 15.769267] kasan_atomics_helper+0x20c8/0x5450 [ 15.769290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.769312] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.769336] ? kasan_atomics+0x152/0x310 [ 15.769362] kasan_atomics+0x1dc/0x310 [ 15.769384] ? __pfx_kasan_atomics+0x10/0x10 [ 15.769434] ? __pfx_read_tsc+0x10/0x10 [ 15.769456] ? ktime_get_ts64+0x86/0x230 [ 15.769481] kunit_try_run_case+0x1a5/0x480 [ 15.769505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.769527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.769550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.769573] ? __kthread_parkme+0x82/0x180 [ 15.769593] ? preempt_count_sub+0x50/0x80 [ 15.769616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.769640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.769664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.769690] kthread+0x337/0x6f0 [ 15.769709] ? trace_preempt_on+0x20/0xc0 [ 15.769731] ? __pfx_kthread+0x10/0x10 [ 15.769752] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.769773] ? calculate_sigpending+0x7b/0xa0 [ 15.769796] ? __pfx_kthread+0x10/0x10 [ 15.769818] ret_from_fork+0x116/0x1d0 [ 15.769836] ? __pfx_kthread+0x10/0x10 [ 15.769857] ret_from_fork_asm+0x1a/0x30 [ 15.769888] </TASK> [ 15.769898] [ 15.777635] Allocated by task 283: [ 15.778023] kasan_save_stack+0x45/0x70 [ 15.778225] kasan_save_track+0x18/0x40 [ 15.778413] kasan_save_alloc_info+0x3b/0x50 [ 15.778626] __kasan_kmalloc+0xb7/0xc0 [ 15.778978] __kmalloc_cache_noprof+0x189/0x420 [ 15.779144] kasan_atomics+0x95/0x310 [ 15.779277] kunit_try_run_case+0x1a5/0x480 [ 15.779504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.779761] kthread+0x337/0x6f0 [ 15.779949] ret_from_fork+0x116/0x1d0 [ 15.780150] ret_from_fork_asm+0x1a/0x30 [ 15.780363] [ 15.780503] The buggy address belongs to the object at ffff8881039b8880 [ 15.780503] which belongs to the cache kmalloc-64 of size 64 [ 15.780939] The buggy address is located 0 bytes to the right of [ 15.780939] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.781499] [ 15.781615] The buggy address belongs to the physical page: [ 15.781842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.782157] flags: 0x200000000000000(node=0|zone=2) [ 15.782426] page_type: f5(slab) [ 15.782592] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.782900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.783167] page dumped because: kasan: bad access detected [ 15.783338] [ 15.783408] Memory state around the buggy address: [ 15.783561] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.783779] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.784502] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.784817] ^ [ 15.785053] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.785367] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.785662] ================================================================== [ 14.969589] ================================================================== [ 14.970031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.970368] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.970671] [ 14.970754] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.970794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.970806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.970826] Call Trace: [ 14.970839] <TASK> [ 14.970854] dump_stack_lvl+0x73/0xb0 [ 14.970880] print_report+0xd1/0x610 [ 14.970903] ? __virt_addr_valid+0x1db/0x2d0 [ 14.970925] ? kasan_atomics_helper+0x1079/0x5450 [ 14.970946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.970968] ? kasan_atomics_helper+0x1079/0x5450 [ 14.970990] kasan_report+0x141/0x180 [ 14.971022] ? kasan_atomics_helper+0x1079/0x5450 [ 14.971048] kasan_check_range+0x10c/0x1c0 [ 14.971072] __kasan_check_write+0x18/0x20 [ 14.971091] kasan_atomics_helper+0x1079/0x5450 [ 14.971113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.971136] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.971160] ? kasan_atomics+0x152/0x310 [ 14.971186] kasan_atomics+0x1dc/0x310 [ 14.971208] ? __pfx_kasan_atomics+0x10/0x10 [ 14.971232] ? __pfx_read_tsc+0x10/0x10 [ 14.971252] ? ktime_get_ts64+0x86/0x230 [ 14.971276] kunit_try_run_case+0x1a5/0x480 [ 14.971300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.971323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.971345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.971368] ? __kthread_parkme+0x82/0x180 [ 14.971411] ? preempt_count_sub+0x50/0x80 [ 14.971436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.971461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.971485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.971509] kthread+0x337/0x6f0 [ 14.971529] ? trace_preempt_on+0x20/0xc0 [ 14.971552] ? __pfx_kthread+0x10/0x10 [ 14.971572] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.971595] ? calculate_sigpending+0x7b/0xa0 [ 14.971619] ? __pfx_kthread+0x10/0x10 [ 14.971640] ret_from_fork+0x116/0x1d0 [ 14.971659] ? __pfx_kthread+0x10/0x10 [ 14.971698] ret_from_fork_asm+0x1a/0x30 [ 14.971729] </TASK> [ 14.971739] [ 14.979230] Allocated by task 283: [ 14.979416] kasan_save_stack+0x45/0x70 [ 14.979718] kasan_save_track+0x18/0x40 [ 14.979913] kasan_save_alloc_info+0x3b/0x50 [ 14.980142] __kasan_kmalloc+0xb7/0xc0 [ 14.980336] __kmalloc_cache_noprof+0x189/0x420 [ 14.980559] kasan_atomics+0x95/0x310 [ 14.980740] kunit_try_run_case+0x1a5/0x480 [ 14.980886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.981242] kthread+0x337/0x6f0 [ 14.981573] ret_from_fork+0x116/0x1d0 [ 14.981761] ret_from_fork_asm+0x1a/0x30 [ 14.981907] [ 14.982003] The buggy address belongs to the object at ffff8881039b8880 [ 14.982003] which belongs to the cache kmalloc-64 of size 64 [ 14.982415] The buggy address is located 0 bytes to the right of [ 14.982415] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.983377] [ 14.983468] The buggy address belongs to the physical page: [ 14.983727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.984056] flags: 0x200000000000000(node=0|zone=2) [ 14.984275] page_type: f5(slab) [ 14.984438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.984690] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.984957] page dumped because: kasan: bad access detected [ 14.985487] [ 14.985585] Memory state around the buggy address: [ 14.985757] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.986057] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986334] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.986621] ^ [ 14.986819] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987174] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987482] ================================================================== [ 14.848068] ================================================================== [ 14.848593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.848892] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.849315] [ 14.849437] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.849509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.849522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.849544] Call Trace: [ 14.849557] <TASK> [ 14.849570] dump_stack_lvl+0x73/0xb0 [ 14.849612] print_report+0xd1/0x610 [ 14.849647] ? __virt_addr_valid+0x1db/0x2d0 [ 14.849669] ? kasan_atomics_helper+0xd47/0x5450 [ 14.849690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.849713] ? kasan_atomics_helper+0xd47/0x5450 [ 14.849738] kasan_report+0x141/0x180 [ 14.849760] ? kasan_atomics_helper+0xd47/0x5450 [ 14.849787] kasan_check_range+0x10c/0x1c0 [ 14.849811] __kasan_check_write+0x18/0x20 [ 14.849830] kasan_atomics_helper+0xd47/0x5450 [ 14.849853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.849876] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.849900] ? kasan_atomics+0x152/0x310 [ 14.849942] kasan_atomics+0x1dc/0x310 [ 14.849965] ? __pfx_kasan_atomics+0x10/0x10 [ 14.849989] ? __pfx_read_tsc+0x10/0x10 [ 14.850020] ? ktime_get_ts64+0x86/0x230 [ 14.850045] kunit_try_run_case+0x1a5/0x480 [ 14.850068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.850091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.850114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.850138] ? __kthread_parkme+0x82/0x180 [ 14.850158] ? preempt_count_sub+0x50/0x80 [ 14.850181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.850207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.850231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.850255] kthread+0x337/0x6f0 [ 14.850274] ? trace_preempt_on+0x20/0xc0 [ 14.850312] ? __pfx_kthread+0x10/0x10 [ 14.850334] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.850356] ? calculate_sigpending+0x7b/0xa0 [ 14.850379] ? __pfx_kthread+0x10/0x10 [ 14.850401] ret_from_fork+0x116/0x1d0 [ 14.850420] ? __pfx_kthread+0x10/0x10 [ 14.850440] ret_from_fork_asm+0x1a/0x30 [ 14.850470] </TASK> [ 14.850481] [ 14.863025] Allocated by task 283: [ 14.863364] kasan_save_stack+0x45/0x70 [ 14.863801] kasan_save_track+0x18/0x40 [ 14.864247] kasan_save_alloc_info+0x3b/0x50 [ 14.864566] __kasan_kmalloc+0xb7/0xc0 [ 14.864892] __kmalloc_cache_noprof+0x189/0x420 [ 14.865350] kasan_atomics+0x95/0x310 [ 14.865544] kunit_try_run_case+0x1a5/0x480 [ 14.865694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.865955] kthread+0x337/0x6f0 [ 14.866109] ret_from_fork+0x116/0x1d0 [ 14.866284] ret_from_fork_asm+0x1a/0x30 [ 14.866491] [ 14.866565] The buggy address belongs to the object at ffff8881039b8880 [ 14.866565] which belongs to the cache kmalloc-64 of size 64 [ 14.867016] The buggy address is located 0 bytes to the right of [ 14.867016] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.867655] [ 14.867738] The buggy address belongs to the physical page: [ 14.867990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.868357] flags: 0x200000000000000(node=0|zone=2) [ 14.868708] page_type: f5(slab) [ 14.868839] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.869171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.869400] page dumped because: kasan: bad access detected [ 14.869769] [ 14.869862] Memory state around the buggy address: [ 14.870064] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.870461] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.870778] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.871016] ^ [ 14.871173] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871454] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871776] ================================================================== [ 15.178106] ================================================================== [ 15.179025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.180191] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.180962] [ 15.181070] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.181116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.181129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.181150] Call Trace: [ 15.181166] <TASK> [ 15.181180] dump_stack_lvl+0x73/0xb0 [ 15.181209] print_report+0xd1/0x610 [ 15.181232] ? __virt_addr_valid+0x1db/0x2d0 [ 15.181253] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.181273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.181295] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.181316] kasan_report+0x141/0x180 [ 15.181338] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.181378] __asan_report_load8_noabort+0x18/0x20 [ 15.181413] kasan_atomics_helper+0x4eae/0x5450 [ 15.181435] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.181456] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.181481] ? kasan_atomics+0x152/0x310 [ 15.181506] kasan_atomics+0x1dc/0x310 [ 15.181528] ? __pfx_kasan_atomics+0x10/0x10 [ 15.181552] ? __pfx_read_tsc+0x10/0x10 [ 15.181573] ? ktime_get_ts64+0x86/0x230 [ 15.181596] kunit_try_run_case+0x1a5/0x480 [ 15.181619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.181807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.181836] ? __kthread_parkme+0x82/0x180 [ 15.181856] ? preempt_count_sub+0x50/0x80 [ 15.181880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.181928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.181952] kthread+0x337/0x6f0 [ 15.181971] ? trace_preempt_on+0x20/0xc0 [ 15.181995] ? __pfx_kthread+0x10/0x10 [ 15.182029] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.182050] ? calculate_sigpending+0x7b/0xa0 [ 15.182074] ? __pfx_kthread+0x10/0x10 [ 15.182095] ret_from_fork+0x116/0x1d0 [ 15.182113] ? __pfx_kthread+0x10/0x10 [ 15.182134] ret_from_fork_asm+0x1a/0x30 [ 15.182164] </TASK> [ 15.182176] [ 15.194931] Allocated by task 283: [ 15.195092] kasan_save_stack+0x45/0x70 [ 15.195442] kasan_save_track+0x18/0x40 [ 15.195773] kasan_save_alloc_info+0x3b/0x50 [ 15.196205] __kasan_kmalloc+0xb7/0xc0 [ 15.196366] __kmalloc_cache_noprof+0x189/0x420 [ 15.196799] kasan_atomics+0x95/0x310 [ 15.197077] kunit_try_run_case+0x1a5/0x480 [ 15.197347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.197698] kthread+0x337/0x6f0 [ 15.197878] ret_from_fork+0x116/0x1d0 [ 15.198194] ret_from_fork_asm+0x1a/0x30 [ 15.198543] [ 15.198655] The buggy address belongs to the object at ffff8881039b8880 [ 15.198655] which belongs to the cache kmalloc-64 of size 64 [ 15.199264] The buggy address is located 0 bytes to the right of [ 15.199264] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.200041] [ 15.200145] The buggy address belongs to the physical page: [ 15.200319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.200694] flags: 0x200000000000000(node=0|zone=2) [ 15.201262] page_type: f5(slab) [ 15.201669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.201993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.202316] page dumped because: kasan: bad access detected [ 15.202821] [ 15.203090] Memory state around the buggy address: [ 15.203322] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.203990] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.204288] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.204976] ^ [ 15.205209] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205723] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.206173] ================================================================== [ 15.804500] ================================================================== [ 15.804786] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.805141] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.805515] [ 15.805611] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.805651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.805663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.805684] Call Trace: [ 15.805696] <TASK> [ 15.805710] dump_stack_lvl+0x73/0xb0 [ 15.805736] print_report+0xd1/0x610 [ 15.805759] ? __virt_addr_valid+0x1db/0x2d0 [ 15.805781] ? kasan_atomics_helper+0x218a/0x5450 [ 15.805801] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.805847] ? kasan_atomics_helper+0x218a/0x5450 [ 15.805869] kasan_report+0x141/0x180 [ 15.805890] ? kasan_atomics_helper+0x218a/0x5450 [ 15.805917] kasan_check_range+0x10c/0x1c0 [ 15.805941] __kasan_check_write+0x18/0x20 [ 15.805961] kasan_atomics_helper+0x218a/0x5450 [ 15.806001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.806033] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.806057] ? kasan_atomics+0x152/0x310 [ 15.806083] kasan_atomics+0x1dc/0x310 [ 15.806105] ? __pfx_kasan_atomics+0x10/0x10 [ 15.806130] ? __pfx_read_tsc+0x10/0x10 [ 15.806151] ? ktime_get_ts64+0x86/0x230 [ 15.806175] kunit_try_run_case+0x1a5/0x480 [ 15.806199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.806243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.806267] ? __kthread_parkme+0x82/0x180 [ 15.806307] ? preempt_count_sub+0x50/0x80 [ 15.806330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.806420] kthread+0x337/0x6f0 [ 15.806440] ? trace_preempt_on+0x20/0xc0 [ 15.806462] ? __pfx_kthread+0x10/0x10 [ 15.806483] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.806504] ? calculate_sigpending+0x7b/0xa0 [ 15.806527] ? __pfx_kthread+0x10/0x10 [ 15.806549] ret_from_fork+0x116/0x1d0 [ 15.806567] ? __pfx_kthread+0x10/0x10 [ 15.806587] ret_from_fork_asm+0x1a/0x30 [ 15.806618] </TASK> [ 15.806628] [ 15.813844] Allocated by task 283: [ 15.814023] kasan_save_stack+0x45/0x70 [ 15.814218] kasan_save_track+0x18/0x40 [ 15.814350] kasan_save_alloc_info+0x3b/0x50 [ 15.814513] __kasan_kmalloc+0xb7/0xc0 [ 15.814642] __kmalloc_cache_noprof+0x189/0x420 [ 15.814792] kasan_atomics+0x95/0x310 [ 15.814919] kunit_try_run_case+0x1a5/0x480 [ 15.815097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.815341] kthread+0x337/0x6f0 [ 15.815552] ret_from_fork+0x116/0x1d0 [ 15.815739] ret_from_fork_asm+0x1a/0x30 [ 15.815937] [ 15.816040] The buggy address belongs to the object at ffff8881039b8880 [ 15.816040] which belongs to the cache kmalloc-64 of size 64 [ 15.816583] The buggy address is located 0 bytes to the right of [ 15.816583] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.817040] [ 15.817114] The buggy address belongs to the physical page: [ 15.817366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.817756] flags: 0x200000000000000(node=0|zone=2) [ 15.817997] page_type: f5(slab) [ 15.818158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818485] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818788] page dumped because: kasan: bad access detected [ 15.819064] [ 15.819137] Memory state around the buggy address: [ 15.819292] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.819529] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819747] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820091] ^ [ 15.820306] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820641] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820947] ================================================================== [ 15.090116] ================================================================== [ 15.091346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.091631] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.091859] [ 15.091944] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.091988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.092040] Call Trace: [ 15.092053] <TASK> [ 15.092068] dump_stack_lvl+0x73/0xb0 [ 15.092095] print_report+0xd1/0x610 [ 15.092117] ? __virt_addr_valid+0x1db/0x2d0 [ 15.092139] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.092161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.092183] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.092204] kasan_report+0x141/0x180 [ 15.092226] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.092252] kasan_check_range+0x10c/0x1c0 [ 15.092275] __kasan_check_write+0x18/0x20 [ 15.092295] kasan_atomics_helper+0x12e6/0x5450 [ 15.092317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.092340] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.092364] ? kasan_atomics+0x152/0x310 [ 15.092390] kasan_atomics+0x1dc/0x310 [ 15.092413] ? __pfx_kasan_atomics+0x10/0x10 [ 15.092437] ? __pfx_read_tsc+0x10/0x10 [ 15.092459] ? ktime_get_ts64+0x86/0x230 [ 15.092483] kunit_try_run_case+0x1a5/0x480 [ 15.092507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.092552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.092576] ? __kthread_parkme+0x82/0x180 [ 15.092595] ? preempt_count_sub+0x50/0x80 [ 15.092619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.092676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.092700] kthread+0x337/0x6f0 [ 15.092719] ? trace_preempt_on+0x20/0xc0 [ 15.092754] ? __pfx_kthread+0x10/0x10 [ 15.092775] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.092797] ? calculate_sigpending+0x7b/0xa0 [ 15.092820] ? __pfx_kthread+0x10/0x10 [ 15.092841] ret_from_fork+0x116/0x1d0 [ 15.092859] ? __pfx_kthread+0x10/0x10 [ 15.092880] ret_from_fork_asm+0x1a/0x30 [ 15.092910] </TASK> [ 15.092921] [ 15.108244] Allocated by task 283: [ 15.108588] kasan_save_stack+0x45/0x70 [ 15.109061] kasan_save_track+0x18/0x40 [ 15.109418] kasan_save_alloc_info+0x3b/0x50 [ 15.109872] __kasan_kmalloc+0xb7/0xc0 [ 15.110247] __kmalloc_cache_noprof+0x189/0x420 [ 15.110789] kasan_atomics+0x95/0x310 [ 15.111263] kunit_try_run_case+0x1a5/0x480 [ 15.111643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.112200] kthread+0x337/0x6f0 [ 15.112322] ret_from_fork+0x116/0x1d0 [ 15.112687] ret_from_fork_asm+0x1a/0x30 [ 15.113061] [ 15.113143] The buggy address belongs to the object at ffff8881039b8880 [ 15.113143] which belongs to the cache kmalloc-64 of size 64 [ 15.113922] The buggy address is located 0 bytes to the right of [ 15.113922] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.114306] [ 15.114381] The buggy address belongs to the physical page: [ 15.114571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.115089] flags: 0x200000000000000(node=0|zone=2) [ 15.115523] page_type: f5(slab) [ 15.115806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.116647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.117121] page dumped because: kasan: bad access detected [ 15.117300] [ 15.117370] Memory state around the buggy address: [ 15.117818] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.118515] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.119276] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.119911] ^ [ 15.120490] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121221] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121798] ================================================================== [ 15.413203] ================================================================== [ 15.413547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.414305] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.415048] [ 15.415349] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.415394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.415500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.415525] Call Trace: [ 15.415538] <TASK> [ 15.415552] dump_stack_lvl+0x73/0xb0 [ 15.415581] print_report+0xd1/0x610 [ 15.415603] ? __virt_addr_valid+0x1db/0x2d0 [ 15.415626] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.415647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.415669] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.415690] kasan_report+0x141/0x180 [ 15.415712] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.415739] kasan_check_range+0x10c/0x1c0 [ 15.415762] __kasan_check_write+0x18/0x20 [ 15.415782] kasan_atomics_helper+0x18b1/0x5450 [ 15.415804] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.415826] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.415850] ? kasan_atomics+0x152/0x310 [ 15.415876] kasan_atomics+0x1dc/0x310 [ 15.415899] ? __pfx_kasan_atomics+0x10/0x10 [ 15.415923] ? __pfx_read_tsc+0x10/0x10 [ 15.415944] ? ktime_get_ts64+0x86/0x230 [ 15.415969] kunit_try_run_case+0x1a5/0x480 [ 15.415992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.416027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.416051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.416073] ? __kthread_parkme+0x82/0x180 [ 15.416093] ? preempt_count_sub+0x50/0x80 [ 15.416116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.416140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.416164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.416188] kthread+0x337/0x6f0 [ 15.416207] ? trace_preempt_on+0x20/0xc0 [ 15.416230] ? __pfx_kthread+0x10/0x10 [ 15.416251] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.416272] ? calculate_sigpending+0x7b/0xa0 [ 15.416295] ? __pfx_kthread+0x10/0x10 [ 15.416318] ret_from_fork+0x116/0x1d0 [ 15.416336] ? __pfx_kthread+0x10/0x10 [ 15.416357] ret_from_fork_asm+0x1a/0x30 [ 15.416466] </TASK> [ 15.416476] [ 15.428756] Allocated by task 283: [ 15.429191] kasan_save_stack+0x45/0x70 [ 15.429525] kasan_save_track+0x18/0x40 [ 15.429736] kasan_save_alloc_info+0x3b/0x50 [ 15.430092] __kasan_kmalloc+0xb7/0xc0 [ 15.430367] __kmalloc_cache_noprof+0x189/0x420 [ 15.430686] kasan_atomics+0x95/0x310 [ 15.431079] kunit_try_run_case+0x1a5/0x480 [ 15.431553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.431809] kthread+0x337/0x6f0 [ 15.432179] ret_from_fork+0x116/0x1d0 [ 15.432491] ret_from_fork_asm+0x1a/0x30 [ 15.432870] [ 15.432996] The buggy address belongs to the object at ffff8881039b8880 [ 15.432996] which belongs to the cache kmalloc-64 of size 64 [ 15.433897] The buggy address is located 0 bytes to the right of [ 15.433897] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.434719] [ 15.434917] The buggy address belongs to the physical page: [ 15.435183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.435731] flags: 0x200000000000000(node=0|zone=2) [ 15.436245] page_type: f5(slab) [ 15.436510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.436836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.437182] page dumped because: kasan: bad access detected [ 15.437778] [ 15.437887] Memory state around the buggy address: [ 15.438093] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.438822] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.439236] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.439930] ^ [ 15.440199] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440720] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.441229] ================================================================== [ 15.499273] ================================================================== [ 15.499789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.500255] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.500983] [ 15.501105] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.501150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.501163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.501185] Call Trace: [ 15.501200] <TASK> [ 15.501215] dump_stack_lvl+0x73/0xb0 [ 15.501244] print_report+0xd1/0x610 [ 15.501266] ? __virt_addr_valid+0x1db/0x2d0 [ 15.501288] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.501309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.501332] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.501354] kasan_report+0x141/0x180 [ 15.501377] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.501593] kasan_check_range+0x10c/0x1c0 [ 15.501624] __kasan_check_write+0x18/0x20 [ 15.501644] kasan_atomics_helper+0x1a7f/0x5450 [ 15.501667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.501690] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.501714] ? kasan_atomics+0x152/0x310 [ 15.501740] kasan_atomics+0x1dc/0x310 [ 15.501762] ? __pfx_kasan_atomics+0x10/0x10 [ 15.501786] ? __pfx_read_tsc+0x10/0x10 [ 15.501808] ? ktime_get_ts64+0x86/0x230 [ 15.501832] kunit_try_run_case+0x1a5/0x480 [ 15.501858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.501880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.501903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.501927] ? __kthread_parkme+0x82/0x180 [ 15.501948] ? preempt_count_sub+0x50/0x80 [ 15.501972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.501996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.502035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.502058] kthread+0x337/0x6f0 [ 15.502078] ? trace_preempt_on+0x20/0xc0 [ 15.502100] ? __pfx_kthread+0x10/0x10 [ 15.502121] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.502143] ? calculate_sigpending+0x7b/0xa0 [ 15.502166] ? __pfx_kthread+0x10/0x10 [ 15.502188] ret_from_fork+0x116/0x1d0 [ 15.502206] ? __pfx_kthread+0x10/0x10 [ 15.502227] ret_from_fork_asm+0x1a/0x30 [ 15.502258] </TASK> [ 15.502269] [ 15.510571] Allocated by task 283: [ 15.510699] kasan_save_stack+0x45/0x70 [ 15.510842] kasan_save_track+0x18/0x40 [ 15.511322] kasan_save_alloc_info+0x3b/0x50 [ 15.511639] __kasan_kmalloc+0xb7/0xc0 [ 15.511906] __kmalloc_cache_noprof+0x189/0x420 [ 15.512146] kasan_atomics+0x95/0x310 [ 15.512334] kunit_try_run_case+0x1a5/0x480 [ 15.512634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.512873] kthread+0x337/0x6f0 [ 15.513055] ret_from_fork+0x116/0x1d0 [ 15.513243] ret_from_fork_asm+0x1a/0x30 [ 15.513544] [ 15.513664] The buggy address belongs to the object at ffff8881039b8880 [ 15.513664] which belongs to the cache kmalloc-64 of size 64 [ 15.514145] The buggy address is located 0 bytes to the right of [ 15.514145] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.514886] [ 15.515094] The buggy address belongs to the physical page: [ 15.515286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.515686] flags: 0x200000000000000(node=0|zone=2) [ 15.516108] page_type: f5(slab) [ 15.516237] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.516781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.517125] page dumped because: kasan: bad access detected [ 15.517347] [ 15.517417] Memory state around the buggy address: [ 15.517572] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.517787] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.518238] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.518604] ^ [ 15.519058] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519453] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519727] ================================================================== [ 14.928891] ================================================================== [ 14.929143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.929489] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.929821] [ 14.929927] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.929969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.929982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930014] Call Trace: [ 14.930027] <TASK> [ 14.930039] dump_stack_lvl+0x73/0xb0 [ 14.930065] print_report+0xd1/0x610 [ 14.930087] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930109] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.930130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930153] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.930174] kasan_report+0x141/0x180 [ 14.930196] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.930222] kasan_check_range+0x10c/0x1c0 [ 14.930246] __kasan_check_write+0x18/0x20 [ 14.930265] kasan_atomics_helper+0xfa9/0x5450 [ 14.930288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.930310] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.930334] ? kasan_atomics+0x152/0x310 [ 14.930367] kasan_atomics+0x1dc/0x310 [ 14.930389] ? __pfx_kasan_atomics+0x10/0x10 [ 14.930413] ? __pfx_read_tsc+0x10/0x10 [ 14.930435] ? ktime_get_ts64+0x86/0x230 [ 14.930458] kunit_try_run_case+0x1a5/0x480 [ 14.930482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.930527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.930550] ? __kthread_parkme+0x82/0x180 [ 14.930570] ? preempt_count_sub+0x50/0x80 [ 14.930594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.930641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.930665] kthread+0x337/0x6f0 [ 14.930684] ? trace_preempt_on+0x20/0xc0 [ 14.930706] ? __pfx_kthread+0x10/0x10 [ 14.930726] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.930748] ? calculate_sigpending+0x7b/0xa0 [ 14.930771] ? __pfx_kthread+0x10/0x10 [ 14.930792] ret_from_fork+0x116/0x1d0 [ 14.930812] ? __pfx_kthread+0x10/0x10 [ 14.930833] ret_from_fork_asm+0x1a/0x30 [ 14.930863] </TASK> [ 14.930874] [ 14.938987] Allocated by task 283: [ 14.939166] kasan_save_stack+0x45/0x70 [ 14.939342] kasan_save_track+0x18/0x40 [ 14.939616] kasan_save_alloc_info+0x3b/0x50 [ 14.939806] __kasan_kmalloc+0xb7/0xc0 [ 14.939984] __kmalloc_cache_noprof+0x189/0x420 [ 14.940196] kasan_atomics+0x95/0x310 [ 14.940657] kunit_try_run_case+0x1a5/0x480 [ 14.940873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.941134] kthread+0x337/0x6f0 [ 14.941306] ret_from_fork+0x116/0x1d0 [ 14.941564] ret_from_fork_asm+0x1a/0x30 [ 14.941729] [ 14.941828] The buggy address belongs to the object at ffff8881039b8880 [ 14.941828] which belongs to the cache kmalloc-64 of size 64 [ 14.942243] The buggy address is located 0 bytes to the right of [ 14.942243] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.942705] [ 14.942781] The buggy address belongs to the physical page: [ 14.942956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.943212] flags: 0x200000000000000(node=0|zone=2) [ 14.943499] page_type: f5(slab) [ 14.943672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.944019] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.944540] page dumped because: kasan: bad access detected [ 14.944808] [ 14.944902] Memory state around the buggy address: [ 14.945169] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.945535] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.945854] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.946175] ^ [ 14.946408] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.946724] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.947664] ================================================================== [ 15.367910] ================================================================== [ 15.368292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.368839] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.369231] [ 15.369341] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.369449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.369498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.369521] Call Trace: [ 15.369537] <TASK> [ 15.369551] dump_stack_lvl+0x73/0xb0 [ 15.369580] print_report+0xd1/0x610 [ 15.369602] ? __virt_addr_valid+0x1db/0x2d0 [ 15.369624] ? kasan_atomics_helper+0x177f/0x5450 [ 15.369645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.369695] ? kasan_atomics_helper+0x177f/0x5450 [ 15.369736] kasan_report+0x141/0x180 [ 15.369758] ? kasan_atomics_helper+0x177f/0x5450 [ 15.369784] kasan_check_range+0x10c/0x1c0 [ 15.369807] __kasan_check_write+0x18/0x20 [ 15.369827] kasan_atomics_helper+0x177f/0x5450 [ 15.369849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.369870] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.369895] ? kasan_atomics+0x152/0x310 [ 15.369921] kasan_atomics+0x1dc/0x310 [ 15.369943] ? __pfx_kasan_atomics+0x10/0x10 [ 15.369967] ? __pfx_read_tsc+0x10/0x10 [ 15.369987] ? ktime_get_ts64+0x86/0x230 [ 15.370022] kunit_try_run_case+0x1a5/0x480 [ 15.370046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.370068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.370091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.370115] ? __kthread_parkme+0x82/0x180 [ 15.370135] ? preempt_count_sub+0x50/0x80 [ 15.370158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.370182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.370205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.370229] kthread+0x337/0x6f0 [ 15.370248] ? trace_preempt_on+0x20/0xc0 [ 15.370270] ? __pfx_kthread+0x10/0x10 [ 15.370291] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.370312] ? calculate_sigpending+0x7b/0xa0 [ 15.370336] ? __pfx_kthread+0x10/0x10 [ 15.370358] ret_from_fork+0x116/0x1d0 [ 15.370483] ? __pfx_kthread+0x10/0x10 [ 15.370506] ret_from_fork_asm+0x1a/0x30 [ 15.370537] </TASK> [ 15.370547] [ 15.379753] Allocated by task 283: [ 15.379935] kasan_save_stack+0x45/0x70 [ 15.380171] kasan_save_track+0x18/0x40 [ 15.380407] kasan_save_alloc_info+0x3b/0x50 [ 15.380652] __kasan_kmalloc+0xb7/0xc0 [ 15.380787] __kmalloc_cache_noprof+0x189/0x420 [ 15.380939] kasan_atomics+0x95/0x310 [ 15.381090] kunit_try_run_case+0x1a5/0x480 [ 15.381300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.381940] kthread+0x337/0x6f0 [ 15.382198] ret_from_fork+0x116/0x1d0 [ 15.382636] ret_from_fork_asm+0x1a/0x30 [ 15.382896] [ 15.383086] The buggy address belongs to the object at ffff8881039b8880 [ 15.383086] which belongs to the cache kmalloc-64 of size 64 [ 15.383589] The buggy address is located 0 bytes to the right of [ 15.383589] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.383937] [ 15.384018] The buggy address belongs to the physical page: [ 15.384305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.384761] flags: 0x200000000000000(node=0|zone=2) [ 15.385064] page_type: f5(slab) [ 15.385273] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.385716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.385942] page dumped because: kasan: bad access detected [ 15.386185] [ 15.386277] Memory state around the buggy address: [ 15.386721] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.387063] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.387503] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.387800] ^ [ 15.387953] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388325] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388928] ================================================================== [ 15.441879] ================================================================== [ 15.442324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.442920] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.443293] [ 15.443670] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.443738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.443765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.443786] Call Trace: [ 15.443814] <TASK> [ 15.443828] dump_stack_lvl+0x73/0xb0 [ 15.443870] print_report+0xd1/0x610 [ 15.443893] ? __virt_addr_valid+0x1db/0x2d0 [ 15.443928] ? kasan_atomics_helper+0x194a/0x5450 [ 15.443969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.444279] ? kasan_atomics_helper+0x194a/0x5450 [ 15.444307] kasan_report+0x141/0x180 [ 15.444330] ? kasan_atomics_helper+0x194a/0x5450 [ 15.444356] kasan_check_range+0x10c/0x1c0 [ 15.444397] __kasan_check_write+0x18/0x20 [ 15.444418] kasan_atomics_helper+0x194a/0x5450 [ 15.444447] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.444470] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.444494] ? kasan_atomics+0x152/0x310 [ 15.444521] kasan_atomics+0x1dc/0x310 [ 15.444543] ? __pfx_kasan_atomics+0x10/0x10 [ 15.444567] ? __pfx_read_tsc+0x10/0x10 [ 15.444587] ? ktime_get_ts64+0x86/0x230 [ 15.444611] kunit_try_run_case+0x1a5/0x480 [ 15.444634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.444657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.444681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.444703] ? __kthread_parkme+0x82/0x180 [ 15.444724] ? preempt_count_sub+0x50/0x80 [ 15.444747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.444771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.444794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.444817] kthread+0x337/0x6f0 [ 15.444837] ? trace_preempt_on+0x20/0xc0 [ 15.444860] ? __pfx_kthread+0x10/0x10 [ 15.444881] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.444902] ? calculate_sigpending+0x7b/0xa0 [ 15.444926] ? __pfx_kthread+0x10/0x10 [ 15.444948] ret_from_fork+0x116/0x1d0 [ 15.444966] ? __pfx_kthread+0x10/0x10 [ 15.444992] ret_from_fork_asm+0x1a/0x30 [ 15.445035] </TASK> [ 15.445046] [ 15.456856] Allocated by task 283: [ 15.457068] kasan_save_stack+0x45/0x70 [ 15.457274] kasan_save_track+0x18/0x40 [ 15.458016] kasan_save_alloc_info+0x3b/0x50 [ 15.458245] __kasan_kmalloc+0xb7/0xc0 [ 15.458660] __kmalloc_cache_noprof+0x189/0x420 [ 15.458968] kasan_atomics+0x95/0x310 [ 15.459272] kunit_try_run_case+0x1a5/0x480 [ 15.459508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.459872] kthread+0x337/0x6f0 [ 15.460223] ret_from_fork+0x116/0x1d0 [ 15.460546] ret_from_fork_asm+0x1a/0x30 [ 15.460923] [ 15.461001] The buggy address belongs to the object at ffff8881039b8880 [ 15.461001] which belongs to the cache kmalloc-64 of size 64 [ 15.461580] The buggy address is located 0 bytes to the right of [ 15.461580] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.462652] [ 15.462773] The buggy address belongs to the physical page: [ 15.463177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.463708] flags: 0x200000000000000(node=0|zone=2) [ 15.464122] page_type: f5(slab) [ 15.464448] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.464785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.465135] page dumped because: kasan: bad access detected [ 15.465611] [ 15.465726] Memory state around the buggy address: [ 15.466228] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.466600] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.466975] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.467300] ^ [ 15.467703] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468128] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468615] ================================================================== [ 14.446041] ================================================================== [ 14.446432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.446777] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.447211] [ 14.447320] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.447408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447442] Call Trace: [ 14.447457] <TASK> [ 14.447471] dump_stack_lvl+0x73/0xb0 [ 14.447497] print_report+0xd1/0x610 [ 14.447519] ? __virt_addr_valid+0x1db/0x2d0 [ 14.447541] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.447562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.447585] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.447607] kasan_report+0x141/0x180 [ 14.447628] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.447654] __asan_report_load4_noabort+0x18/0x20 [ 14.447679] kasan_atomics_helper+0x4b88/0x5450 [ 14.447700] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.447723] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.447748] ? kasan_atomics+0x152/0x310 [ 14.447774] kasan_atomics+0x1dc/0x310 [ 14.447798] ? __pfx_kasan_atomics+0x10/0x10 [ 14.447822] ? __pfx_read_tsc+0x10/0x10 [ 14.447843] ? ktime_get_ts64+0x86/0x230 [ 14.447867] kunit_try_run_case+0x1a5/0x480 [ 14.447891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.447914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.447938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.447962] ? __kthread_parkme+0x82/0x180 [ 14.447983] ? preempt_count_sub+0x50/0x80 [ 14.448017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448090] kthread+0x337/0x6f0 [ 14.448110] ? trace_preempt_on+0x20/0xc0 [ 14.448133] ? __pfx_kthread+0x10/0x10 [ 14.448154] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448175] ? calculate_sigpending+0x7b/0xa0 [ 14.448199] ? __pfx_kthread+0x10/0x10 [ 14.448221] ret_from_fork+0x116/0x1d0 [ 14.448239] ? __pfx_kthread+0x10/0x10 [ 14.448260] ret_from_fork_asm+0x1a/0x30 [ 14.448291] </TASK> [ 14.448302] [ 14.459558] Allocated by task 283: [ 14.459883] kasan_save_stack+0x45/0x70 [ 14.460338] kasan_save_track+0x18/0x40 [ 14.460772] kasan_save_alloc_info+0x3b/0x50 [ 14.461250] __kasan_kmalloc+0xb7/0xc0 [ 14.461662] __kmalloc_cache_noprof+0x189/0x420 [ 14.462180] kasan_atomics+0x95/0x310 [ 14.462610] kunit_try_run_case+0x1a5/0x480 [ 14.463025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463597] kthread+0x337/0x6f0 [ 14.463946] ret_from_fork+0x116/0x1d0 [ 14.464179] ret_from_fork_asm+0x1a/0x30 [ 14.464608] [ 14.464736] The buggy address belongs to the object at ffff8881039b8880 [ 14.464736] which belongs to the cache kmalloc-64 of size 64 [ 14.465617] The buggy address is located 0 bytes to the right of [ 14.465617] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.466361] [ 14.466542] The buggy address belongs to the physical page: [ 14.466736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.467314] flags: 0x200000000000000(node=0|zone=2) [ 14.467742] page_type: f5(slab) [ 14.468088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.468650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.469369] page dumped because: kasan: bad access detected [ 14.469893] [ 14.469998] Memory state around the buggy address: [ 14.470173] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.470929] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.471613] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.472213] ^ [ 14.472699] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472981] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473196] ================================================================== [ 14.615084] ================================================================== [ 14.615314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.615538] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.615762] [ 14.615847] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.615889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.615901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.615923] Call Trace: [ 14.615936] <TASK> [ 14.615951] dump_stack_lvl+0x73/0xb0 [ 14.615976] print_report+0xd1/0x610 [ 14.615997] ? __virt_addr_valid+0x1db/0x2d0 [ 14.616030] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.616051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.616074] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.616095] kasan_report+0x141/0x180 [ 14.616117] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.616143] kasan_check_range+0x10c/0x1c0 [ 14.616166] __kasan_check_write+0x18/0x20 [ 14.616185] kasan_atomics_helper+0x5fe/0x5450 [ 14.616223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.616245] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.616271] ? kasan_atomics+0x152/0x310 [ 14.616296] kasan_atomics+0x1dc/0x310 [ 14.616319] ? __pfx_kasan_atomics+0x10/0x10 [ 14.616343] ? __pfx_read_tsc+0x10/0x10 [ 14.616363] ? ktime_get_ts64+0x86/0x230 [ 14.616387] kunit_try_run_case+0x1a5/0x480 [ 14.616411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.616433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.616457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.616480] ? __kthread_parkme+0x82/0x180 [ 14.616500] ? preempt_count_sub+0x50/0x80 [ 14.616525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.616549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.616572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.616596] kthread+0x337/0x6f0 [ 14.616615] ? trace_preempt_on+0x20/0xc0 [ 14.616637] ? __pfx_kthread+0x10/0x10 [ 14.616657] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.616679] ? calculate_sigpending+0x7b/0xa0 [ 14.616701] ? __pfx_kthread+0x10/0x10 [ 14.616723] ret_from_fork+0x116/0x1d0 [ 14.616741] ? __pfx_kthread+0x10/0x10 [ 14.616761] ret_from_fork_asm+0x1a/0x30 [ 14.616792] </TASK> [ 14.616802] [ 14.626310] Allocated by task 283: [ 14.626572] kasan_save_stack+0x45/0x70 [ 14.626774] kasan_save_track+0x18/0x40 [ 14.626964] kasan_save_alloc_info+0x3b/0x50 [ 14.627171] __kasan_kmalloc+0xb7/0xc0 [ 14.627341] __kmalloc_cache_noprof+0x189/0x420 [ 14.627589] kasan_atomics+0x95/0x310 [ 14.627756] kunit_try_run_case+0x1a5/0x480 [ 14.627945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.628173] kthread+0x337/0x6f0 [ 14.628350] ret_from_fork+0x116/0x1d0 [ 14.628536] ret_from_fork_asm+0x1a/0x30 [ 14.628721] [ 14.628800] The buggy address belongs to the object at ffff8881039b8880 [ 14.628800] which belongs to the cache kmalloc-64 of size 64 [ 14.629197] The buggy address is located 0 bytes to the right of [ 14.629197] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.629984] [ 14.630116] The buggy address belongs to the physical page: [ 14.630370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.630676] flags: 0x200000000000000(node=0|zone=2) [ 14.630839] page_type: f5(slab) [ 14.631280] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.632062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.632364] page dumped because: kasan: bad access detected [ 14.632597] [ 14.632679] Memory state around the buggy address: [ 14.632897] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.633135] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.633434] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.633754] ^ [ 14.633962] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634241] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634693] ================================================================== [ 14.826282] ================================================================== [ 14.826875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.827240] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.827581] [ 14.827664] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.827706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.827719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.827740] Call Trace: [ 14.827754] <TASK> [ 14.827768] dump_stack_lvl+0x73/0xb0 [ 14.827812] print_report+0xd1/0x610 [ 14.827834] ? __virt_addr_valid+0x1db/0x2d0 [ 14.827856] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.827877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.827900] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.827921] kasan_report+0x141/0x180 [ 14.827944] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.827969] __asan_report_load4_noabort+0x18/0x20 [ 14.827994] kasan_atomics_helper+0x4a84/0x5450 [ 14.828028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.828050] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.828075] ? kasan_atomics+0x152/0x310 [ 14.828101] kasan_atomics+0x1dc/0x310 [ 14.828123] ? __pfx_kasan_atomics+0x10/0x10 [ 14.828147] ? __pfx_read_tsc+0x10/0x10 [ 14.828168] ? ktime_get_ts64+0x86/0x230 [ 14.828193] kunit_try_run_case+0x1a5/0x480 [ 14.828217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.828263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.828286] ? __kthread_parkme+0x82/0x180 [ 14.828307] ? preempt_count_sub+0x50/0x80 [ 14.828330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.828389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.828413] kthread+0x337/0x6f0 [ 14.828434] ? trace_preempt_on+0x20/0xc0 [ 14.828456] ? __pfx_kthread+0x10/0x10 [ 14.828478] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.828507] ? calculate_sigpending+0x7b/0xa0 [ 14.828530] ? __pfx_kthread+0x10/0x10 [ 14.828552] ret_from_fork+0x116/0x1d0 [ 14.828570] ? __pfx_kthread+0x10/0x10 [ 14.828590] ret_from_fork_asm+0x1a/0x30 [ 14.828621] </TASK> [ 14.828632] [ 14.836573] Allocated by task 283: [ 14.836743] kasan_save_stack+0x45/0x70 [ 14.837028] kasan_save_track+0x18/0x40 [ 14.837209] kasan_save_alloc_info+0x3b/0x50 [ 14.837358] __kasan_kmalloc+0xb7/0xc0 [ 14.837490] __kmalloc_cache_noprof+0x189/0x420 [ 14.837644] kasan_atomics+0x95/0x310 [ 14.837776] kunit_try_run_case+0x1a5/0x480 [ 14.837921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.838225] kthread+0x337/0x6f0 [ 14.838401] ret_from_fork+0x116/0x1d0 [ 14.838589] ret_from_fork_asm+0x1a/0x30 [ 14.838786] [ 14.838880] The buggy address belongs to the object at ffff8881039b8880 [ 14.838880] which belongs to the cache kmalloc-64 of size 64 [ 14.839530] The buggy address is located 0 bytes to the right of [ 14.839530] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.840162] [ 14.840237] The buggy address belongs to the physical page: [ 14.840819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.841210] flags: 0x200000000000000(node=0|zone=2) [ 14.843344] page_type: f5(slab) [ 14.843576] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.843907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.844222] page dumped because: kasan: bad access detected [ 14.844416] [ 14.844515] Memory state around the buggy address: [ 14.845286] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.846189] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.846628] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.846854] ^ [ 14.847028] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847385] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847681] ================================================================== [ 15.742050] ================================================================== [ 15.742390] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.742719] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.742942] [ 15.743036] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.743078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.743090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.743110] Call Trace: [ 15.743123] <TASK> [ 15.743138] dump_stack_lvl+0x73/0xb0 [ 15.743164] print_report+0xd1/0x610 [ 15.743185] ? __virt_addr_valid+0x1db/0x2d0 [ 15.743207] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.743228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.743249] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.743271] kasan_report+0x141/0x180 [ 15.743292] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.743318] __asan_report_load8_noabort+0x18/0x20 [ 15.743342] kasan_atomics_helper+0x4f98/0x5450 [ 15.743364] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.743386] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.743410] ? kasan_atomics+0x152/0x310 [ 15.743436] kasan_atomics+0x1dc/0x310 [ 15.743459] ? __pfx_kasan_atomics+0x10/0x10 [ 15.743486] ? __pfx_read_tsc+0x10/0x10 [ 15.743505] ? ktime_get_ts64+0x86/0x230 [ 15.743529] kunit_try_run_case+0x1a5/0x480 [ 15.743552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.743574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.743598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.743621] ? __kthread_parkme+0x82/0x180 [ 15.743641] ? preempt_count_sub+0x50/0x80 [ 15.743664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.743688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.743735] kthread+0x337/0x6f0 [ 15.743755] ? trace_preempt_on+0x20/0xc0 [ 15.743777] ? __pfx_kthread+0x10/0x10 [ 15.743798] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.743819] ? calculate_sigpending+0x7b/0xa0 [ 15.743842] ? __pfx_kthread+0x10/0x10 [ 15.743863] ret_from_fork+0x116/0x1d0 [ 15.743881] ? __pfx_kthread+0x10/0x10 [ 15.743902] ret_from_fork_asm+0x1a/0x30 [ 15.743932] </TASK> [ 15.743943] [ 15.752965] Allocated by task 283: [ 15.753545] kasan_save_stack+0x45/0x70 [ 15.753984] kasan_save_track+0x18/0x40 [ 15.754156] kasan_save_alloc_info+0x3b/0x50 [ 15.754308] __kasan_kmalloc+0xb7/0xc0 [ 15.754862] __kmalloc_cache_noprof+0x189/0x420 [ 15.755451] kasan_atomics+0x95/0x310 [ 15.755925] kunit_try_run_case+0x1a5/0x480 [ 15.756515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.757055] kthread+0x337/0x6f0 [ 15.757187] ret_from_fork+0x116/0x1d0 [ 15.757321] ret_from_fork_asm+0x1a/0x30 [ 15.757926] [ 15.758248] The buggy address belongs to the object at ffff8881039b8880 [ 15.758248] which belongs to the cache kmalloc-64 of size 64 [ 15.759555] The buggy address is located 0 bytes to the right of [ 15.759555] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.759933] [ 15.760020] The buggy address belongs to the physical page: [ 15.760196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.760921] flags: 0x200000000000000(node=0|zone=2) [ 15.761632] page_type: f5(slab) [ 15.762130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.763130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.763984] page dumped because: kasan: bad access detected [ 15.764725] [ 15.765044] Memory state around the buggy address: [ 15.765584] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.765811] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.766042] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.766306] ^ [ 15.766594] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.766892] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.767156] ================================================================== [ 15.122491] ================================================================== [ 15.123462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.124171] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.125220] [ 15.125332] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.125377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.125390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.125413] Call Trace: [ 15.125427] <TASK> [ 15.125461] dump_stack_lvl+0x73/0xb0 [ 15.125489] print_report+0xd1/0x610 [ 15.125627] ? __virt_addr_valid+0x1db/0x2d0 [ 15.125732] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.125756] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.125779] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.125800] kasan_report+0x141/0x180 [ 15.125823] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.125849] __asan_report_load4_noabort+0x18/0x20 [ 15.125874] kasan_atomics_helper+0x49ce/0x5450 [ 15.125896] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.125918] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.125944] ? kasan_atomics+0x152/0x310 [ 15.125970] kasan_atomics+0x1dc/0x310 [ 15.125992] ? __pfx_kasan_atomics+0x10/0x10 [ 15.126027] ? __pfx_read_tsc+0x10/0x10 [ 15.126047] ? ktime_get_ts64+0x86/0x230 [ 15.126071] kunit_try_run_case+0x1a5/0x480 [ 15.126094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.126116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.126139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.126163] ? __kthread_parkme+0x82/0x180 [ 15.126183] ? preempt_count_sub+0x50/0x80 [ 15.126206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.126230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.126252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.126276] kthread+0x337/0x6f0 [ 15.126295] ? trace_preempt_on+0x20/0xc0 [ 15.126318] ? __pfx_kthread+0x10/0x10 [ 15.126338] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.126359] ? calculate_sigpending+0x7b/0xa0 [ 15.126382] ? __pfx_kthread+0x10/0x10 [ 15.126404] ret_from_fork+0x116/0x1d0 [ 15.126433] ? __pfx_kthread+0x10/0x10 [ 15.126453] ret_from_fork_asm+0x1a/0x30 [ 15.126485] </TASK> [ 15.126495] [ 15.141447] Allocated by task 283: [ 15.141858] kasan_save_stack+0x45/0x70 [ 15.142235] kasan_save_track+0x18/0x40 [ 15.142754] kasan_save_alloc_info+0x3b/0x50 [ 15.143181] __kasan_kmalloc+0xb7/0xc0 [ 15.143617] __kmalloc_cache_noprof+0x189/0x420 [ 15.143840] kasan_atomics+0x95/0x310 [ 15.143973] kunit_try_run_case+0x1a5/0x480 [ 15.144134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.144311] kthread+0x337/0x6f0 [ 15.144463] ret_from_fork+0x116/0x1d0 [ 15.144596] ret_from_fork_asm+0x1a/0x30 [ 15.144900] [ 15.145020] The buggy address belongs to the object at ffff8881039b8880 [ 15.145020] which belongs to the cache kmalloc-64 of size 64 [ 15.145726] The buggy address is located 0 bytes to the right of [ 15.145726] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.146242] [ 15.146344] The buggy address belongs to the physical page: [ 15.146645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.146974] flags: 0x200000000000000(node=0|zone=2) [ 15.147200] page_type: f5(slab) [ 15.147321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.147611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.148013] page dumped because: kasan: bad access detected [ 15.148183] [ 15.148253] Memory state around the buggy address: [ 15.148929] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.149524] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.149771] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.150115] ^ [ 15.150348] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151224] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.151696] ================================================================== [ 15.206939] ================================================================== [ 15.207648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.208019] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.208325] [ 15.208426] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.209023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.209038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.209060] Call Trace: [ 15.209076] <TASK> [ 15.209092] dump_stack_lvl+0x73/0xb0 [ 15.209121] print_report+0xd1/0x610 [ 15.209143] ? __virt_addr_valid+0x1db/0x2d0 [ 15.209165] ? kasan_atomics_helper+0x1467/0x5450 [ 15.209187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.209209] ? kasan_atomics_helper+0x1467/0x5450 [ 15.209230] kasan_report+0x141/0x180 [ 15.209252] ? kasan_atomics_helper+0x1467/0x5450 [ 15.209278] kasan_check_range+0x10c/0x1c0 [ 15.209301] __kasan_check_write+0x18/0x20 [ 15.209321] kasan_atomics_helper+0x1467/0x5450 [ 15.209344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.209461] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.209488] ? kasan_atomics+0x152/0x310 [ 15.209515] kasan_atomics+0x1dc/0x310 [ 15.209538] ? __pfx_kasan_atomics+0x10/0x10 [ 15.209563] ? __pfx_read_tsc+0x10/0x10 [ 15.209584] ? ktime_get_ts64+0x86/0x230 [ 15.209608] kunit_try_run_case+0x1a5/0x480 [ 15.209633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.209678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.209702] ? __kthread_parkme+0x82/0x180 [ 15.209722] ? preempt_count_sub+0x50/0x80 [ 15.209746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.209769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.209793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.209817] kthread+0x337/0x6f0 [ 15.209836] ? trace_preempt_on+0x20/0xc0 [ 15.209858] ? __pfx_kthread+0x10/0x10 [ 15.209879] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.209901] ? calculate_sigpending+0x7b/0xa0 [ 15.209924] ? __pfx_kthread+0x10/0x10 [ 15.209945] ret_from_fork+0x116/0x1d0 [ 15.209964] ? __pfx_kthread+0x10/0x10 [ 15.209984] ret_from_fork_asm+0x1a/0x30 [ 15.210026] </TASK> [ 15.210037] [ 15.221899] Allocated by task 283: [ 15.222048] kasan_save_stack+0x45/0x70 [ 15.222493] kasan_save_track+0x18/0x40 [ 15.222869] kasan_save_alloc_info+0x3b/0x50 [ 15.223094] __kasan_kmalloc+0xb7/0xc0 [ 15.223276] __kmalloc_cache_noprof+0x189/0x420 [ 15.223689] kasan_atomics+0x95/0x310 [ 15.223981] kunit_try_run_case+0x1a5/0x480 [ 15.224160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224631] kthread+0x337/0x6f0 [ 15.225097] ret_from_fork+0x116/0x1d0 [ 15.225266] ret_from_fork_asm+0x1a/0x30 [ 15.225812] [ 15.225914] The buggy address belongs to the object at ffff8881039b8880 [ 15.225914] which belongs to the cache kmalloc-64 of size 64 [ 15.226785] The buggy address is located 0 bytes to the right of [ 15.226785] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.227504] [ 15.227625] The buggy address belongs to the physical page: [ 15.227866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.228223] flags: 0x200000000000000(node=0|zone=2) [ 15.228834] page_type: f5(slab) [ 15.229014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.229556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.229976] page dumped because: kasan: bad access detected [ 15.230324] [ 15.230547] Memory state around the buggy address: [ 15.230838] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.231169] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.231766] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.232039] ^ [ 15.232690] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.232976] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233460] ================================================================== [ 15.319163] ================================================================== [ 15.319664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.320151] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.320795] [ 15.320906] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.320950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.320962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.320987] Call Trace: [ 15.321002] <TASK> [ 15.321028] dump_stack_lvl+0x73/0xb0 [ 15.321056] print_report+0xd1/0x610 [ 15.321078] ? __virt_addr_valid+0x1db/0x2d0 [ 15.321218] ? kasan_atomics_helper+0x164f/0x5450 [ 15.321240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.321262] ? kasan_atomics_helper+0x164f/0x5450 [ 15.321284] kasan_report+0x141/0x180 [ 15.321306] ? kasan_atomics_helper+0x164f/0x5450 [ 15.321333] kasan_check_range+0x10c/0x1c0 [ 15.321356] __kasan_check_write+0x18/0x20 [ 15.321442] kasan_atomics_helper+0x164f/0x5450 [ 15.321465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.321487] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.321512] ? kasan_atomics+0x152/0x310 [ 15.321537] kasan_atomics+0x1dc/0x310 [ 15.321559] ? __pfx_kasan_atomics+0x10/0x10 [ 15.321583] ? __pfx_read_tsc+0x10/0x10 [ 15.321605] ? ktime_get_ts64+0x86/0x230 [ 15.321629] kunit_try_run_case+0x1a5/0x480 [ 15.321653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.321675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.321699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.321722] ? __kthread_parkme+0x82/0x180 [ 15.321742] ? preempt_count_sub+0x50/0x80 [ 15.321765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.321789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.321812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.321835] kthread+0x337/0x6f0 [ 15.321855] ? trace_preempt_on+0x20/0xc0 [ 15.321878] ? __pfx_kthread+0x10/0x10 [ 15.321900] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.321920] ? calculate_sigpending+0x7b/0xa0 [ 15.321944] ? __pfx_kthread+0x10/0x10 [ 15.321966] ret_from_fork+0x116/0x1d0 [ 15.321984] ? __pfx_kthread+0x10/0x10 [ 15.322018] ret_from_fork_asm+0x1a/0x30 [ 15.322049] </TASK> [ 15.322059] [ 15.334730] Allocated by task 283: [ 15.334988] kasan_save_stack+0x45/0x70 [ 15.335292] kasan_save_track+0x18/0x40 [ 15.335544] kasan_save_alloc_info+0x3b/0x50 [ 15.335839] __kasan_kmalloc+0xb7/0xc0 [ 15.336037] __kmalloc_cache_noprof+0x189/0x420 [ 15.336258] kasan_atomics+0x95/0x310 [ 15.336882] kunit_try_run_case+0x1a5/0x480 [ 15.337104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.337782] kthread+0x337/0x6f0 [ 15.338079] ret_from_fork+0x116/0x1d0 [ 15.338376] ret_from_fork_asm+0x1a/0x30 [ 15.338832] [ 15.338938] The buggy address belongs to the object at ffff8881039b8880 [ 15.338938] which belongs to the cache kmalloc-64 of size 64 [ 15.339720] The buggy address is located 0 bytes to the right of [ 15.339720] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.340373] [ 15.340730] The buggy address belongs to the physical page: [ 15.340931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.341349] flags: 0x200000000000000(node=0|zone=2) [ 15.341742] page_type: f5(slab) [ 15.341911] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.342264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.342607] page dumped because: kasan: bad access detected [ 15.343044] [ 15.343217] Memory state around the buggy address: [ 15.343545] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.343861] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344136] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.344762] ^ [ 15.345026] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345329] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345697] ================================================================== [ 15.721269] ================================================================== [ 15.721769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.722128] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.722526] [ 15.722618] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.722660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.722672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.722692] Call Trace: [ 15.722706] <TASK> [ 15.722719] dump_stack_lvl+0x73/0xb0 [ 15.722746] print_report+0xd1/0x610 [ 15.722768] ? __virt_addr_valid+0x1db/0x2d0 [ 15.722789] ? kasan_atomics_helper+0x2006/0x5450 [ 15.722810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.722833] ? kasan_atomics_helper+0x2006/0x5450 [ 15.722855] kasan_report+0x141/0x180 [ 15.722877] ? kasan_atomics_helper+0x2006/0x5450 [ 15.722904] kasan_check_range+0x10c/0x1c0 [ 15.722928] __kasan_check_write+0x18/0x20 [ 15.722947] kasan_atomics_helper+0x2006/0x5450 [ 15.722970] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.722992] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.723028] ? kasan_atomics+0x152/0x310 [ 15.723054] kasan_atomics+0x1dc/0x310 [ 15.723076] ? __pfx_kasan_atomics+0x10/0x10 [ 15.723100] ? __pfx_read_tsc+0x10/0x10 [ 15.723120] ? ktime_get_ts64+0x86/0x230 [ 15.723146] kunit_try_run_case+0x1a5/0x480 [ 15.723170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.723215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.723238] ? __kthread_parkme+0x82/0x180 [ 15.723258] ? preempt_count_sub+0x50/0x80 [ 15.723282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.723306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.723330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.723428] kthread+0x337/0x6f0 [ 15.723451] ? trace_preempt_on+0x20/0xc0 [ 15.723475] ? __pfx_kthread+0x10/0x10 [ 15.723496] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.723518] ? calculate_sigpending+0x7b/0xa0 [ 15.723541] ? __pfx_kthread+0x10/0x10 [ 15.723563] ret_from_fork+0x116/0x1d0 [ 15.723582] ? __pfx_kthread+0x10/0x10 [ 15.723602] ret_from_fork_asm+0x1a/0x30 [ 15.723632] </TASK> [ 15.723644] [ 15.731732] Allocated by task 283: [ 15.731884] kasan_save_stack+0x45/0x70 [ 15.732101] kasan_save_track+0x18/0x40 [ 15.732279] kasan_save_alloc_info+0x3b/0x50 [ 15.732837] __kasan_kmalloc+0xb7/0xc0 [ 15.733058] __kmalloc_cache_noprof+0x189/0x420 [ 15.733215] kasan_atomics+0x95/0x310 [ 15.733599] kunit_try_run_case+0x1a5/0x480 [ 15.733823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.734087] kthread+0x337/0x6f0 [ 15.734245] ret_from_fork+0x116/0x1d0 [ 15.734494] ret_from_fork_asm+0x1a/0x30 [ 15.734670] [ 15.734767] The buggy address belongs to the object at ffff8881039b8880 [ 15.734767] which belongs to the cache kmalloc-64 of size 64 [ 15.735256] The buggy address is located 0 bytes to the right of [ 15.735256] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.735751] [ 15.735828] The buggy address belongs to the physical page: [ 15.736002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.736255] flags: 0x200000000000000(node=0|zone=2) [ 15.736553] page_type: f5(slab) [ 15.736725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.737084] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.737614] page dumped because: kasan: bad access detected [ 15.737871] [ 15.737967] Memory state around the buggy address: [ 15.738195] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.738503] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.738788] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.739123] ^ [ 15.739417] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.739746] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740052] ================================================================== [ 14.537840] ================================================================== [ 14.538470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.539185] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.539937] [ 14.540128] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.540172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.540184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.540206] Call Trace: [ 14.540222] <TASK> [ 14.540239] dump_stack_lvl+0x73/0xb0 [ 14.540267] print_report+0xd1/0x610 [ 14.540289] ? __virt_addr_valid+0x1db/0x2d0 [ 14.540310] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.540331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.540353] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.540392] kasan_report+0x141/0x180 [ 14.540415] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.540441] __asan_report_load4_noabort+0x18/0x20 [ 14.540465] kasan_atomics_helper+0x4b54/0x5450 [ 14.540487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.540509] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.540534] ? kasan_atomics+0x152/0x310 [ 14.540559] kasan_atomics+0x1dc/0x310 [ 14.540581] ? __pfx_kasan_atomics+0x10/0x10 [ 14.540606] ? __pfx_read_tsc+0x10/0x10 [ 14.540627] ? ktime_get_ts64+0x86/0x230 [ 14.540651] kunit_try_run_case+0x1a5/0x480 [ 14.540674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.540698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.540720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.540744] ? __kthread_parkme+0x82/0x180 [ 14.540764] ? preempt_count_sub+0x50/0x80 [ 14.540787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.540812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.540835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.540858] kthread+0x337/0x6f0 [ 14.540878] ? trace_preempt_on+0x20/0xc0 [ 14.540900] ? __pfx_kthread+0x10/0x10 [ 14.540921] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.540943] ? calculate_sigpending+0x7b/0xa0 [ 14.540967] ? __pfx_kthread+0x10/0x10 [ 14.540997] ret_from_fork+0x116/0x1d0 [ 14.541025] ? __pfx_kthread+0x10/0x10 [ 14.541046] ret_from_fork_asm+0x1a/0x30 [ 14.541099] </TASK> [ 14.541109] [ 14.548995] Allocated by task 283: [ 14.549173] kasan_save_stack+0x45/0x70 [ 14.549353] kasan_save_track+0x18/0x40 [ 14.549586] kasan_save_alloc_info+0x3b/0x50 [ 14.549799] __kasan_kmalloc+0xb7/0xc0 [ 14.549960] __kmalloc_cache_noprof+0x189/0x420 [ 14.550148] kasan_atomics+0x95/0x310 [ 14.550341] kunit_try_run_case+0x1a5/0x480 [ 14.550590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.550822] kthread+0x337/0x6f0 [ 14.550944] ret_from_fork+0x116/0x1d0 [ 14.551089] ret_from_fork_asm+0x1a/0x30 [ 14.551309] [ 14.551403] The buggy address belongs to the object at ffff8881039b8880 [ 14.551403] which belongs to the cache kmalloc-64 of size 64 [ 14.551963] The buggy address is located 0 bytes to the right of [ 14.551963] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.552522] [ 14.552703] The buggy address belongs to the physical page: [ 14.552957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.553261] flags: 0x200000000000000(node=0|zone=2) [ 14.553483] page_type: f5(slab) [ 14.553603] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.553837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.554072] page dumped because: kasan: bad access detected [ 14.554242] [ 14.554312] Memory state around the buggy address: [ 14.554557] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.554875] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.555201] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.555677] ^ [ 14.555899] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556385] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556602] ================================================================== [ 14.691701] ================================================================== [ 14.691927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.692239] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.692667] [ 14.692779] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.692820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.692833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.692854] Call Trace: [ 14.692868] <TASK> [ 14.692882] dump_stack_lvl+0x73/0xb0 [ 14.692908] print_report+0xd1/0x610 [ 14.692930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.692952] ? kasan_atomics_helper+0x860/0x5450 [ 14.692979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.693001] ? kasan_atomics_helper+0x860/0x5450 [ 14.693034] kasan_report+0x141/0x180 [ 14.693056] ? kasan_atomics_helper+0x860/0x5450 [ 14.693082] kasan_check_range+0x10c/0x1c0 [ 14.693105] __kasan_check_write+0x18/0x20 [ 14.693125] kasan_atomics_helper+0x860/0x5450 [ 14.693147] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.693169] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.693194] ? kasan_atomics+0x152/0x310 [ 14.693220] kasan_atomics+0x1dc/0x310 [ 14.693243] ? __pfx_kasan_atomics+0x10/0x10 [ 14.693267] ? __pfx_read_tsc+0x10/0x10 [ 14.693287] ? ktime_get_ts64+0x86/0x230 [ 14.693311] kunit_try_run_case+0x1a5/0x480 [ 14.693334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.693560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.693585] ? __kthread_parkme+0x82/0x180 [ 14.693605] ? preempt_count_sub+0x50/0x80 [ 14.693627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.693676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.693700] kthread+0x337/0x6f0 [ 14.693719] ? trace_preempt_on+0x20/0xc0 [ 14.693741] ? __pfx_kthread+0x10/0x10 [ 14.693762] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.693783] ? calculate_sigpending+0x7b/0xa0 [ 14.693807] ? __pfx_kthread+0x10/0x10 [ 14.693829] ret_from_fork+0x116/0x1d0 [ 14.693848] ? __pfx_kthread+0x10/0x10 [ 14.693868] ret_from_fork_asm+0x1a/0x30 [ 14.693899] </TASK> [ 14.693909] [ 14.701886] Allocated by task 283: [ 14.702060] kasan_save_stack+0x45/0x70 [ 14.702259] kasan_save_track+0x18/0x40 [ 14.702541] kasan_save_alloc_info+0x3b/0x50 [ 14.702755] __kasan_kmalloc+0xb7/0xc0 [ 14.702938] __kmalloc_cache_noprof+0x189/0x420 [ 14.703168] kasan_atomics+0x95/0x310 [ 14.703428] kunit_try_run_case+0x1a5/0x480 [ 14.703650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.703902] kthread+0x337/0x6f0 [ 14.704078] ret_from_fork+0x116/0x1d0 [ 14.704266] ret_from_fork_asm+0x1a/0x30 [ 14.704542] [ 14.704643] The buggy address belongs to the object at ffff8881039b8880 [ 14.704643] which belongs to the cache kmalloc-64 of size 64 [ 14.705163] The buggy address is located 0 bytes to the right of [ 14.705163] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.705825] [ 14.705928] The buggy address belongs to the physical page: [ 14.706112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.706344] flags: 0x200000000000000(node=0|zone=2) [ 14.706670] page_type: f5(slab) [ 14.706842] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.707194] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.707595] page dumped because: kasan: bad access detected [ 14.707841] [ 14.707915] Memory state around the buggy address: [ 14.708122] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.708643] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.708942] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.709233] ^ [ 14.709628] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.709853] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.710115] ================================================================== [ 15.346152] ================================================================== [ 15.346780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.347060] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.347495] [ 15.347613] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.347689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.347702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.347723] Call Trace: [ 15.347738] <TASK> [ 15.347752] dump_stack_lvl+0x73/0xb0 [ 15.347809] print_report+0xd1/0x610 [ 15.347832] ? __virt_addr_valid+0x1db/0x2d0 [ 15.347854] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.347875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.347898] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.347919] kasan_report+0x141/0x180 [ 15.347942] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.347995] kasan_check_range+0x10c/0x1c0 [ 15.348028] __kasan_check_write+0x18/0x20 [ 15.348048] kasan_atomics_helper+0x16e7/0x5450 [ 15.348070] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.348092] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.348117] ? kasan_atomics+0x152/0x310 [ 15.348143] kasan_atomics+0x1dc/0x310 [ 15.348166] ? __pfx_kasan_atomics+0x10/0x10 [ 15.348190] ? __pfx_read_tsc+0x10/0x10 [ 15.348211] ? ktime_get_ts64+0x86/0x230 [ 15.348235] kunit_try_run_case+0x1a5/0x480 [ 15.348261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.348306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.348330] ? __kthread_parkme+0x82/0x180 [ 15.348350] ? preempt_count_sub+0x50/0x80 [ 15.348595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.348645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.348669] kthread+0x337/0x6f0 [ 15.348689] ? trace_preempt_on+0x20/0xc0 [ 15.348712] ? __pfx_kthread+0x10/0x10 [ 15.348733] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.348756] ? calculate_sigpending+0x7b/0xa0 [ 15.348780] ? __pfx_kthread+0x10/0x10 [ 15.348801] ret_from_fork+0x116/0x1d0 [ 15.348819] ? __pfx_kthread+0x10/0x10 [ 15.348840] ret_from_fork_asm+0x1a/0x30 [ 15.348871] </TASK> [ 15.348882] [ 15.357948] Allocated by task 283: [ 15.358182] kasan_save_stack+0x45/0x70 [ 15.358687] kasan_save_track+0x18/0x40 [ 15.358890] kasan_save_alloc_info+0x3b/0x50 [ 15.359077] __kasan_kmalloc+0xb7/0xc0 [ 15.359213] __kmalloc_cache_noprof+0x189/0x420 [ 15.359429] kasan_atomics+0x95/0x310 [ 15.359613] kunit_try_run_case+0x1a5/0x480 [ 15.360048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.360255] kthread+0x337/0x6f0 [ 15.360584] ret_from_fork+0x116/0x1d0 [ 15.360784] ret_from_fork_asm+0x1a/0x30 [ 15.361215] [ 15.361321] The buggy address belongs to the object at ffff8881039b8880 [ 15.361321] which belongs to the cache kmalloc-64 of size 64 [ 15.361958] The buggy address is located 0 bytes to the right of [ 15.361958] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.362639] [ 15.362730] The buggy address belongs to the physical page: [ 15.362997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.363365] flags: 0x200000000000000(node=0|zone=2) [ 15.363572] page_type: f5(slab) [ 15.363730] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.363962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.364269] page dumped because: kasan: bad access detected [ 15.364651] [ 15.364829] Memory state around the buggy address: [ 15.365404] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.365817] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.366160] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.366393] ^ [ 15.366550] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366852] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.367239] ================================================================== [ 15.520140] ================================================================== [ 15.520588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.521045] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.521448] [ 15.521564] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.521607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.521620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.521642] Call Trace: [ 15.521656] <TASK> [ 15.521670] dump_stack_lvl+0x73/0xb0 [ 15.521698] print_report+0xd1/0x610 [ 15.521719] ? __virt_addr_valid+0x1db/0x2d0 [ 15.521767] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.521788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.521811] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.521832] kasan_report+0x141/0x180 [ 15.521854] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.521881] kasan_check_range+0x10c/0x1c0 [ 15.521921] __kasan_check_write+0x18/0x20 [ 15.521942] kasan_atomics_helper+0x1b22/0x5450 [ 15.521965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.521987] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.522021] ? kasan_atomics+0x152/0x310 [ 15.522048] kasan_atomics+0x1dc/0x310 [ 15.522070] ? __pfx_kasan_atomics+0x10/0x10 [ 15.522095] ? __pfx_read_tsc+0x10/0x10 [ 15.522115] ? ktime_get_ts64+0x86/0x230 [ 15.522138] kunit_try_run_case+0x1a5/0x480 [ 15.522162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.522185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.522208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.522231] ? __kthread_parkme+0x82/0x180 [ 15.522251] ? preempt_count_sub+0x50/0x80 [ 15.522274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.522298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.522322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.522345] kthread+0x337/0x6f0 [ 15.522364] ? trace_preempt_on+0x20/0xc0 [ 15.522591] ? __pfx_kthread+0x10/0x10 [ 15.522613] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.522635] ? calculate_sigpending+0x7b/0xa0 [ 15.522658] ? __pfx_kthread+0x10/0x10 [ 15.522680] ret_from_fork+0x116/0x1d0 [ 15.522698] ? __pfx_kthread+0x10/0x10 [ 15.522720] ret_from_fork_asm+0x1a/0x30 [ 15.522749] </TASK> [ 15.522761] [ 15.531367] Allocated by task 283: [ 15.531608] kasan_save_stack+0x45/0x70 [ 15.531757] kasan_save_track+0x18/0x40 [ 15.531893] kasan_save_alloc_info+0x3b/0x50 [ 15.532055] __kasan_kmalloc+0xb7/0xc0 [ 15.532259] __kmalloc_cache_noprof+0x189/0x420 [ 15.532479] kasan_atomics+0x95/0x310 [ 15.532666] kunit_try_run_case+0x1a5/0x480 [ 15.532873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.533211] kthread+0x337/0x6f0 [ 15.533332] ret_from_fork+0x116/0x1d0 [ 15.533464] ret_from_fork_asm+0x1a/0x30 [ 15.533940] [ 15.534059] The buggy address belongs to the object at ffff8881039b8880 [ 15.534059] which belongs to the cache kmalloc-64 of size 64 [ 15.534621] The buggy address is located 0 bytes to the right of [ 15.534621] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.535275] [ 15.535355] The buggy address belongs to the physical page: [ 15.535530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.535774] flags: 0x200000000000000(node=0|zone=2) [ 15.536013] page_type: f5(slab) [ 15.536180] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.536525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.537385] page dumped because: kasan: bad access detected [ 15.537654] [ 15.537729] Memory state around the buggy address: [ 15.537887] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.538126] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.538545] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.539099] ^ [ 15.539423] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.539762] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540113] ================================================================== [ 15.261831] ================================================================== [ 15.262480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.262920] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.263274] [ 15.263367] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.263761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.263774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.263796] Call Trace: [ 15.263811] <TASK> [ 15.263826] dump_stack_lvl+0x73/0xb0 [ 15.263855] print_report+0xd1/0x610 [ 15.263877] ? __virt_addr_valid+0x1db/0x2d0 [ 15.263899] ? kasan_atomics_helper+0x151d/0x5450 [ 15.263920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.263942] ? kasan_atomics_helper+0x151d/0x5450 [ 15.263964] kasan_report+0x141/0x180 [ 15.263985] ? kasan_atomics_helper+0x151d/0x5450 [ 15.264025] kasan_check_range+0x10c/0x1c0 [ 15.264049] __kasan_check_write+0x18/0x20 [ 15.264068] kasan_atomics_helper+0x151d/0x5450 [ 15.264092] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.264114] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.264139] ? kasan_atomics+0x152/0x310 [ 15.264165] kasan_atomics+0x1dc/0x310 [ 15.264187] ? __pfx_kasan_atomics+0x10/0x10 [ 15.264211] ? __pfx_read_tsc+0x10/0x10 [ 15.264233] ? ktime_get_ts64+0x86/0x230 [ 15.264257] kunit_try_run_case+0x1a5/0x480 [ 15.264281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.264303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.264326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.264351] ? __kthread_parkme+0x82/0x180 [ 15.264384] ? preempt_count_sub+0x50/0x80 [ 15.264407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.264444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.264468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.264491] kthread+0x337/0x6f0 [ 15.264511] ? trace_preempt_on+0x20/0xc0 [ 15.264534] ? __pfx_kthread+0x10/0x10 [ 15.264554] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.264576] ? calculate_sigpending+0x7b/0xa0 [ 15.264599] ? __pfx_kthread+0x10/0x10 [ 15.264621] ret_from_fork+0x116/0x1d0 [ 15.264640] ? __pfx_kthread+0x10/0x10 [ 15.264660] ret_from_fork_asm+0x1a/0x30 [ 15.264690] </TASK> [ 15.264701] [ 15.277043] Allocated by task 283: [ 15.277509] kasan_save_stack+0x45/0x70 [ 15.278150] kasan_save_track+0x18/0x40 [ 15.278332] kasan_save_alloc_info+0x3b/0x50 [ 15.278974] __kasan_kmalloc+0xb7/0xc0 [ 15.279174] __kmalloc_cache_noprof+0x189/0x420 [ 15.279386] kasan_atomics+0x95/0x310 [ 15.279875] kunit_try_run_case+0x1a5/0x480 [ 15.280161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.280632] kthread+0x337/0x6f0 [ 15.280915] ret_from_fork+0x116/0x1d0 [ 15.281222] ret_from_fork_asm+0x1a/0x30 [ 15.281567] [ 15.281976] The buggy address belongs to the object at ffff8881039b8880 [ 15.281976] which belongs to the cache kmalloc-64 of size 64 [ 15.282481] The buggy address is located 0 bytes to the right of [ 15.282481] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.283374] [ 15.283832] The buggy address belongs to the physical page: [ 15.284084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.284656] flags: 0x200000000000000(node=0|zone=2) [ 15.284991] page_type: f5(slab) [ 15.285288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.286025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.286340] page dumped because: kasan: bad access detected [ 15.286832] [ 15.286945] Memory state around the buggy address: [ 15.287181] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.287776] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.288161] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.288674] ^ [ 15.289023] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289486] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290093] ================================================================== [ 15.683965] ================================================================== [ 15.684233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.684532] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.684866] [ 15.684982] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.685035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.685049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.685070] Call Trace: [ 15.685085] <TASK> [ 15.685098] dump_stack_lvl+0x73/0xb0 [ 15.685124] print_report+0xd1/0x610 [ 15.685146] ? __virt_addr_valid+0x1db/0x2d0 [ 15.685167] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.685188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.685209] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.685231] kasan_report+0x141/0x180 [ 15.685252] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.685278] kasan_check_range+0x10c/0x1c0 [ 15.685301] __kasan_check_write+0x18/0x20 [ 15.685320] kasan_atomics_helper+0x1f43/0x5450 [ 15.685342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.685364] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.685388] ? kasan_atomics+0x152/0x310 [ 15.685414] kasan_atomics+0x1dc/0x310 [ 15.685436] ? __pfx_kasan_atomics+0x10/0x10 [ 15.685459] ? __pfx_read_tsc+0x10/0x10 [ 15.685480] ? ktime_get_ts64+0x86/0x230 [ 15.685503] kunit_try_run_case+0x1a5/0x480 [ 15.685526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.685549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.685572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.685594] ? __kthread_parkme+0x82/0x180 [ 15.685614] ? preempt_count_sub+0x50/0x80 [ 15.685637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.685661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.685684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.685707] kthread+0x337/0x6f0 [ 15.685726] ? trace_preempt_on+0x20/0xc0 [ 15.685748] ? __pfx_kthread+0x10/0x10 [ 15.685769] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.685791] ? calculate_sigpending+0x7b/0xa0 [ 15.685814] ? __pfx_kthread+0x10/0x10 [ 15.685835] ret_from_fork+0x116/0x1d0 [ 15.685853] ? __pfx_kthread+0x10/0x10 [ 15.685873] ret_from_fork_asm+0x1a/0x30 [ 15.685902] </TASK> [ 15.685913] [ 15.694153] Allocated by task 283: [ 15.694287] kasan_save_stack+0x45/0x70 [ 15.694559] kasan_save_track+0x18/0x40 [ 15.694756] kasan_save_alloc_info+0x3b/0x50 [ 15.694965] __kasan_kmalloc+0xb7/0xc0 [ 15.695166] __kmalloc_cache_noprof+0x189/0x420 [ 15.695463] kasan_atomics+0x95/0x310 [ 15.695657] kunit_try_run_case+0x1a5/0x480 [ 15.695865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.696122] kthread+0x337/0x6f0 [ 15.696243] ret_from_fork+0x116/0x1d0 [ 15.696504] ret_from_fork_asm+0x1a/0x30 [ 15.696703] [ 15.696785] The buggy address belongs to the object at ffff8881039b8880 [ 15.696785] which belongs to the cache kmalloc-64 of size 64 [ 15.697273] The buggy address is located 0 bytes to the right of [ 15.697273] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.697961] [ 15.698066] The buggy address belongs to the physical page: [ 15.698300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.698701] flags: 0x200000000000000(node=0|zone=2) [ 15.698910] page_type: f5(slab) [ 15.699092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.699481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.699787] page dumped because: kasan: bad access detected [ 15.699961] [ 15.700042] Memory state around the buggy address: [ 15.700196] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.700509] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.700830] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.701168] ^ [ 15.701599] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.701907] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702136] ================================================================== [ 14.765784] ================================================================== [ 14.766085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.766476] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.766710] [ 14.766797] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.766838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.766853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.766874] Call Trace: [ 14.766890] <TASK> [ 14.766904] dump_stack_lvl+0x73/0xb0 [ 14.766932] print_report+0xd1/0x610 [ 14.766953] ? __virt_addr_valid+0x1db/0x2d0 [ 14.766975] ? kasan_atomics_helper+0xac7/0x5450 [ 14.766996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.767030] ? kasan_atomics_helper+0xac7/0x5450 [ 14.767052] kasan_report+0x141/0x180 [ 14.767074] ? kasan_atomics_helper+0xac7/0x5450 [ 14.767100] kasan_check_range+0x10c/0x1c0 [ 14.767123] __kasan_check_write+0x18/0x20 [ 14.767142] kasan_atomics_helper+0xac7/0x5450 [ 14.767165] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.767186] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.767211] ? kasan_atomics+0x152/0x310 [ 14.767237] kasan_atomics+0x1dc/0x310 [ 14.767259] ? __pfx_kasan_atomics+0x10/0x10 [ 14.767283] ? __pfx_read_tsc+0x10/0x10 [ 14.767306] ? ktime_get_ts64+0x86/0x230 [ 14.767330] kunit_try_run_case+0x1a5/0x480 [ 14.767431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.767457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.767481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.767505] ? __kthread_parkme+0x82/0x180 [ 14.767525] ? preempt_count_sub+0x50/0x80 [ 14.767549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.767573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.767596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.767619] kthread+0x337/0x6f0 [ 14.767638] ? trace_preempt_on+0x20/0xc0 [ 14.767661] ? __pfx_kthread+0x10/0x10 [ 14.767682] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.767703] ? calculate_sigpending+0x7b/0xa0 [ 14.767727] ? __pfx_kthread+0x10/0x10 [ 14.767749] ret_from_fork+0x116/0x1d0 [ 14.767768] ? __pfx_kthread+0x10/0x10 [ 14.767788] ret_from_fork_asm+0x1a/0x30 [ 14.767818] </TASK> [ 14.767828] [ 14.776160] Allocated by task 283: [ 14.776344] kasan_save_stack+0x45/0x70 [ 14.776621] kasan_save_track+0x18/0x40 [ 14.776809] kasan_save_alloc_info+0x3b/0x50 [ 14.777036] __kasan_kmalloc+0xb7/0xc0 [ 14.777206] __kmalloc_cache_noprof+0x189/0x420 [ 14.777602] kasan_atomics+0x95/0x310 [ 14.777763] kunit_try_run_case+0x1a5/0x480 [ 14.777971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.778166] kthread+0x337/0x6f0 [ 14.778290] ret_from_fork+0x116/0x1d0 [ 14.778520] ret_from_fork_asm+0x1a/0x30 [ 14.778667] [ 14.778740] The buggy address belongs to the object at ffff8881039b8880 [ 14.778740] which belongs to the cache kmalloc-64 of size 64 [ 14.779292] The buggy address is located 0 bytes to the right of [ 14.779292] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.779864] [ 14.779964] The buggy address belongs to the physical page: [ 14.780328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.780756] flags: 0x200000000000000(node=0|zone=2) [ 14.781015] page_type: f5(slab) [ 14.781189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.781738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.781976] page dumped because: kasan: bad access detected [ 14.782162] [ 14.782234] Memory state around the buggy address: [ 14.782479] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.782806] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.783137] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.783534] ^ [ 14.783769] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.784026] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.784242] ================================================================== [ 14.891232] ================================================================== [ 14.891630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.891926] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.892260] [ 14.892557] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.892603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.892615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.892636] Call Trace: [ 14.892650] <TASK> [ 14.892665] dump_stack_lvl+0x73/0xb0 [ 14.892692] print_report+0xd1/0x610 [ 14.892715] ? __virt_addr_valid+0x1db/0x2d0 [ 14.892737] ? kasan_atomics_helper+0xe78/0x5450 [ 14.892758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.892780] ? kasan_atomics_helper+0xe78/0x5450 [ 14.892802] kasan_report+0x141/0x180 [ 14.892824] ? kasan_atomics_helper+0xe78/0x5450 [ 14.892850] kasan_check_range+0x10c/0x1c0 [ 14.892873] __kasan_check_write+0x18/0x20 [ 14.892893] kasan_atomics_helper+0xe78/0x5450 [ 14.892915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.892937] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.892961] ? kasan_atomics+0x152/0x310 [ 14.892994] kasan_atomics+0x1dc/0x310 [ 14.893028] ? __pfx_kasan_atomics+0x10/0x10 [ 14.893052] ? __pfx_read_tsc+0x10/0x10 [ 14.893073] ? ktime_get_ts64+0x86/0x230 [ 14.893097] kunit_try_run_case+0x1a5/0x480 [ 14.893121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.893167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.893190] ? __kthread_parkme+0x82/0x180 [ 14.893211] ? preempt_count_sub+0x50/0x80 [ 14.893234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.893281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.893305] kthread+0x337/0x6f0 [ 14.893323] ? trace_preempt_on+0x20/0xc0 [ 14.893450] ? __pfx_kthread+0x10/0x10 [ 14.893476] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.893499] ? calculate_sigpending+0x7b/0xa0 [ 14.893523] ? __pfx_kthread+0x10/0x10 [ 14.893545] ret_from_fork+0x116/0x1d0 [ 14.893564] ? __pfx_kthread+0x10/0x10 [ 14.893584] ret_from_fork_asm+0x1a/0x30 [ 14.893615] </TASK> [ 14.893626] [ 14.901663] Allocated by task 283: [ 14.901810] kasan_save_stack+0x45/0x70 [ 14.901952] kasan_save_track+0x18/0x40 [ 14.902099] kasan_save_alloc_info+0x3b/0x50 [ 14.902250] __kasan_kmalloc+0xb7/0xc0 [ 14.902460] __kmalloc_cache_noprof+0x189/0x420 [ 14.902623] kasan_atomics+0x95/0x310 [ 14.902758] kunit_try_run_case+0x1a5/0x480 [ 14.902968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.903230] kthread+0x337/0x6f0 [ 14.903479] ret_from_fork+0x116/0x1d0 [ 14.903673] ret_from_fork_asm+0x1a/0x30 [ 14.903876] [ 14.903971] The buggy address belongs to the object at ffff8881039b8880 [ 14.903971] which belongs to the cache kmalloc-64 of size 64 [ 14.904723] The buggy address is located 0 bytes to the right of [ 14.904723] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.905150] [ 14.905249] The buggy address belongs to the physical page: [ 14.905597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.905965] flags: 0x200000000000000(node=0|zone=2) [ 14.906212] page_type: f5(slab) [ 14.906458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.906757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.907080] page dumped because: kasan: bad access detected [ 14.907304] [ 14.907493] Memory state around the buggy address: [ 14.907693] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.907983] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.908276] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.908773] ^ [ 14.908994] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909291] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909703] ================================================================== [ 14.747065] ================================================================== [ 14.747492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.747779] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.748028] [ 14.748122] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.748163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.748175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.748195] Call Trace: [ 14.748210] <TASK> [ 14.748223] dump_stack_lvl+0x73/0xb0 [ 14.748248] print_report+0xd1/0x610 [ 14.748270] ? __virt_addr_valid+0x1db/0x2d0 [ 14.748292] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.748313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.748335] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.748430] kasan_report+0x141/0x180 [ 14.748455] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.748481] kasan_check_range+0x10c/0x1c0 [ 14.748504] __kasan_check_write+0x18/0x20 [ 14.748523] kasan_atomics_helper+0xa2b/0x5450 [ 14.748545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.748567] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.748591] ? kasan_atomics+0x152/0x310 [ 14.748616] kasan_atomics+0x1dc/0x310 [ 14.748639] ? __pfx_kasan_atomics+0x10/0x10 [ 14.748663] ? __pfx_read_tsc+0x10/0x10 [ 14.748684] ? ktime_get_ts64+0x86/0x230 [ 14.748708] kunit_try_run_case+0x1a5/0x480 [ 14.748732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.748756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.748779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.748803] ? __kthread_parkme+0x82/0x180 [ 14.748824] ? preempt_count_sub+0x50/0x80 [ 14.748847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.748871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.748895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.748918] kthread+0x337/0x6f0 [ 14.748937] ? trace_preempt_on+0x20/0xc0 [ 14.748961] ? __pfx_kthread+0x10/0x10 [ 14.748988] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.749018] ? calculate_sigpending+0x7b/0xa0 [ 14.749041] ? __pfx_kthread+0x10/0x10 [ 14.749062] ret_from_fork+0x116/0x1d0 [ 14.749081] ? __pfx_kthread+0x10/0x10 [ 14.749101] ret_from_fork_asm+0x1a/0x30 [ 14.749132] </TASK> [ 14.749141] [ 14.757031] Allocated by task 283: [ 14.757214] kasan_save_stack+0x45/0x70 [ 14.757625] kasan_save_track+0x18/0x40 [ 14.757821] kasan_save_alloc_info+0x3b/0x50 [ 14.757991] __kasan_kmalloc+0xb7/0xc0 [ 14.758193] __kmalloc_cache_noprof+0x189/0x420 [ 14.758492] kasan_atomics+0x95/0x310 [ 14.758693] kunit_try_run_case+0x1a5/0x480 [ 14.758877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.759102] kthread+0x337/0x6f0 [ 14.759258] ret_from_fork+0x116/0x1d0 [ 14.759521] ret_from_fork_asm+0x1a/0x30 [ 14.759688] [ 14.759786] The buggy address belongs to the object at ffff8881039b8880 [ 14.759786] which belongs to the cache kmalloc-64 of size 64 [ 14.760277] The buggy address is located 0 bytes to the right of [ 14.760277] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.760849] [ 14.760948] The buggy address belongs to the physical page: [ 14.761143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.761579] flags: 0x200000000000000(node=0|zone=2) [ 14.761758] page_type: f5(slab) [ 14.761926] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.762278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.762727] page dumped because: kasan: bad access detected [ 14.762984] [ 14.763092] Memory state around the buggy address: [ 14.763317] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.763627] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.763901] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.764243] ^ [ 14.764550] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.764842] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765135] ================================================================== [ 15.638136] ================================================================== [ 15.638485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.638931] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.639224] [ 15.639308] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.639352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.639364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.639385] Call Trace: [ 15.639399] <TASK> [ 15.639413] dump_stack_lvl+0x73/0xb0 [ 15.639478] print_report+0xd1/0x610 [ 15.639501] ? __virt_addr_valid+0x1db/0x2d0 [ 15.639523] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.639544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.639566] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.639588] kasan_report+0x141/0x180 [ 15.639610] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.639636] kasan_check_range+0x10c/0x1c0 [ 15.639660] __kasan_check_write+0x18/0x20 [ 15.639680] kasan_atomics_helper+0x1e12/0x5450 [ 15.639703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.639726] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.639750] ? kasan_atomics+0x152/0x310 [ 15.639776] kasan_atomics+0x1dc/0x310 [ 15.639801] ? __pfx_kasan_atomics+0x10/0x10 [ 15.639825] ? __pfx_read_tsc+0x10/0x10 [ 15.639846] ? ktime_get_ts64+0x86/0x230 [ 15.639871] kunit_try_run_case+0x1a5/0x480 [ 15.639895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.639918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.639974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.640032] ? __kthread_parkme+0x82/0x180 [ 15.640055] ? preempt_count_sub+0x50/0x80 [ 15.640077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.640101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.640124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.640148] kthread+0x337/0x6f0 [ 15.640167] ? trace_preempt_on+0x20/0xc0 [ 15.640189] ? __pfx_kthread+0x10/0x10 [ 15.640210] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.640231] ? calculate_sigpending+0x7b/0xa0 [ 15.640254] ? __pfx_kthread+0x10/0x10 [ 15.640276] ret_from_fork+0x116/0x1d0 [ 15.640294] ? __pfx_kthread+0x10/0x10 [ 15.640317] ret_from_fork_asm+0x1a/0x30 [ 15.640348] </TASK> [ 15.640358] [ 15.648840] Allocated by task 283: [ 15.649020] kasan_save_stack+0x45/0x70 [ 15.649254] kasan_save_track+0x18/0x40 [ 15.649561] kasan_save_alloc_info+0x3b/0x50 [ 15.649820] __kasan_kmalloc+0xb7/0xc0 [ 15.650031] __kmalloc_cache_noprof+0x189/0x420 [ 15.650256] kasan_atomics+0x95/0x310 [ 15.650530] kunit_try_run_case+0x1a5/0x480 [ 15.650827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.651091] kthread+0x337/0x6f0 [ 15.651293] ret_from_fork+0x116/0x1d0 [ 15.651550] ret_from_fork_asm+0x1a/0x30 [ 15.651724] [ 15.651794] The buggy address belongs to the object at ffff8881039b8880 [ 15.651794] which belongs to the cache kmalloc-64 of size 64 [ 15.652271] The buggy address is located 0 bytes to the right of [ 15.652271] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.652749] [ 15.652821] The buggy address belongs to the physical page: [ 15.652989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.653230] flags: 0x200000000000000(node=0|zone=2) [ 15.653386] page_type: f5(slab) [ 15.653670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.654017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.654765] page dumped because: kasan: bad access detected [ 15.655014] [ 15.655107] Memory state around the buggy address: [ 15.655254] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.655460] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.655666] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.655877] ^ [ 15.656032] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.656704] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.657038] ================================================================== [ 15.821550] ================================================================== [ 15.821898] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.822231] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.822543] [ 15.822649] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.822712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.822724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.822744] Call Trace: [ 15.822758] <TASK> [ 15.822773] dump_stack_lvl+0x73/0xb0 [ 15.822800] print_report+0xd1/0x610 [ 15.822822] ? __virt_addr_valid+0x1db/0x2d0 [ 15.822843] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.822886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.822908] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.822929] kasan_report+0x141/0x180 [ 15.822951] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.822978] __asan_report_load8_noabort+0x18/0x20 [ 15.823002] kasan_atomics_helper+0x4fa5/0x5450 [ 15.823035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.823057] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.823080] ? kasan_atomics+0x152/0x310 [ 15.823106] kasan_atomics+0x1dc/0x310 [ 15.823129] ? __pfx_kasan_atomics+0x10/0x10 [ 15.823153] ? __pfx_read_tsc+0x10/0x10 [ 15.823173] ? ktime_get_ts64+0x86/0x230 [ 15.823196] kunit_try_run_case+0x1a5/0x480 [ 15.823220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.823265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.823289] ? __kthread_parkme+0x82/0x180 [ 15.823309] ? preempt_count_sub+0x50/0x80 [ 15.823332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.823424] kthread+0x337/0x6f0 [ 15.823443] ? trace_preempt_on+0x20/0xc0 [ 15.823466] ? __pfx_kthread+0x10/0x10 [ 15.823486] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.823509] ? calculate_sigpending+0x7b/0xa0 [ 15.823532] ? __pfx_kthread+0x10/0x10 [ 15.823554] ret_from_fork+0x116/0x1d0 [ 15.823572] ? __pfx_kthread+0x10/0x10 [ 15.823613] ret_from_fork_asm+0x1a/0x30 [ 15.823644] </TASK> [ 15.823654] [ 15.830752] Allocated by task 283: [ 15.830934] kasan_save_stack+0x45/0x70 [ 15.831138] kasan_save_track+0x18/0x40 [ 15.831331] kasan_save_alloc_info+0x3b/0x50 [ 15.831506] __kasan_kmalloc+0xb7/0xc0 [ 15.831639] __kmalloc_cache_noprof+0x189/0x420 [ 15.831794] kasan_atomics+0x95/0x310 [ 15.831927] kunit_try_run_case+0x1a5/0x480 [ 15.832116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832371] kthread+0x337/0x6f0 [ 15.832560] ret_from_fork+0x116/0x1d0 [ 15.832752] ret_from_fork_asm+0x1a/0x30 [ 15.832955] [ 15.833068] The buggy address belongs to the object at ffff8881039b8880 [ 15.833068] which belongs to the cache kmalloc-64 of size 64 [ 15.833659] The buggy address is located 0 bytes to the right of [ 15.833659] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.834232] [ 15.834307] The buggy address belongs to the physical page: [ 15.834503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.834744] flags: 0x200000000000000(node=0|zone=2) [ 15.834934] page_type: f5(slab) [ 15.835110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.835517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.835872] page dumped because: kasan: bad access detected [ 15.836137] [ 15.836251] Memory state around the buggy address: [ 15.836484] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.836787] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.837103] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.837410] ^ [ 15.837628] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837862] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838118] ================================================================== [ 14.872427] ================================================================== [ 14.872840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.873215] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.873537] [ 14.873652] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.873694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.873706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.873728] Call Trace: [ 14.873743] <TASK> [ 14.873759] dump_stack_lvl+0x73/0xb0 [ 14.873785] print_report+0xd1/0x610 [ 14.873807] ? __virt_addr_valid+0x1db/0x2d0 [ 14.873828] ? kasan_atomics_helper+0xde0/0x5450 [ 14.873853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.873875] ? kasan_atomics_helper+0xde0/0x5450 [ 14.873905] kasan_report+0x141/0x180 [ 14.873927] ? kasan_atomics_helper+0xde0/0x5450 [ 14.873954] kasan_check_range+0x10c/0x1c0 [ 14.873978] __kasan_check_write+0x18/0x20 [ 14.874023] kasan_atomics_helper+0xde0/0x5450 [ 14.874045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.874067] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.874092] ? kasan_atomics+0x152/0x310 [ 14.874118] kasan_atomics+0x1dc/0x310 [ 14.874141] ? __pfx_kasan_atomics+0x10/0x10 [ 14.874165] ? __pfx_read_tsc+0x10/0x10 [ 14.874186] ? ktime_get_ts64+0x86/0x230 [ 14.874210] kunit_try_run_case+0x1a5/0x480 [ 14.874235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.874257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.874280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.874304] ? __kthread_parkme+0x82/0x180 [ 14.874325] ? preempt_count_sub+0x50/0x80 [ 14.874348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.874373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.874404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.874428] kthread+0x337/0x6f0 [ 14.874448] ? trace_preempt_on+0x20/0xc0 [ 14.874471] ? __pfx_kthread+0x10/0x10 [ 14.874492] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.874513] ? calculate_sigpending+0x7b/0xa0 [ 14.874537] ? __pfx_kthread+0x10/0x10 [ 14.874558] ret_from_fork+0x116/0x1d0 [ 14.874577] ? __pfx_kthread+0x10/0x10 [ 14.874597] ret_from_fork_asm+0x1a/0x30 [ 14.874628] </TASK> [ 14.874638] [ 14.882294] Allocated by task 283: [ 14.882438] kasan_save_stack+0x45/0x70 [ 14.882633] kasan_save_track+0x18/0x40 [ 14.882823] kasan_save_alloc_info+0x3b/0x50 [ 14.883058] __kasan_kmalloc+0xb7/0xc0 [ 14.883245] __kmalloc_cache_noprof+0x189/0x420 [ 14.883465] kasan_atomics+0x95/0x310 [ 14.883651] kunit_try_run_case+0x1a5/0x480 [ 14.883857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884669] kthread+0x337/0x6f0 [ 14.884845] ret_from_fork+0x116/0x1d0 [ 14.885035] ret_from_fork_asm+0x1a/0x30 [ 14.885209] [ 14.885281] The buggy address belongs to the object at ffff8881039b8880 [ 14.885281] which belongs to the cache kmalloc-64 of size 64 [ 14.885734] The buggy address is located 0 bytes to the right of [ 14.885734] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.886123] [ 14.886227] The buggy address belongs to the physical page: [ 14.886570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.886926] flags: 0x200000000000000(node=0|zone=2) [ 14.887165] page_type: f5(slab) [ 14.887333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.887775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.888130] page dumped because: kasan: bad access detected [ 14.888586] [ 14.888688] Memory state around the buggy address: [ 14.888920] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.889233] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.889600] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.889907] ^ [ 14.890115] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890474] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890777] ================================================================== [ 15.023965] ================================================================== [ 15.024311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.024585] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.024809] [ 15.024889] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.024930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.024943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.024964] Call Trace: [ 15.024984] <TASK> [ 15.024997] dump_stack_lvl+0x73/0xb0 [ 15.025045] print_report+0xd1/0x610 [ 15.025067] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025110] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.025133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.025156] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.025178] kasan_report+0x141/0x180 [ 15.025200] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.025226] __asan_report_load4_noabort+0x18/0x20 [ 15.025251] kasan_atomics_helper+0x4a02/0x5450 [ 15.025273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.025295] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.025319] ? kasan_atomics+0x152/0x310 [ 15.025364] kasan_atomics+0x1dc/0x310 [ 15.025403] ? __pfx_kasan_atomics+0x10/0x10 [ 15.025427] ? __pfx_read_tsc+0x10/0x10 [ 15.025447] ? ktime_get_ts64+0x86/0x230 [ 15.025471] kunit_try_run_case+0x1a5/0x480 [ 15.025495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.025517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.025541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.025564] ? __kthread_parkme+0x82/0x180 [ 15.025585] ? preempt_count_sub+0x50/0x80 [ 15.025608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.025632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.025655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.025679] kthread+0x337/0x6f0 [ 15.025699] ? trace_preempt_on+0x20/0xc0 [ 15.025720] ? __pfx_kthread+0x10/0x10 [ 15.025742] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.025763] ? calculate_sigpending+0x7b/0xa0 [ 15.025787] ? __pfx_kthread+0x10/0x10 [ 15.025808] ret_from_fork+0x116/0x1d0 [ 15.025827] ? __pfx_kthread+0x10/0x10 [ 15.025847] ret_from_fork_asm+0x1a/0x30 [ 15.025877] </TASK> [ 15.025888] [ 15.034017] Allocated by task 283: [ 15.034236] kasan_save_stack+0x45/0x70 [ 15.034453] kasan_save_track+0x18/0x40 [ 15.034733] kasan_save_alloc_info+0x3b/0x50 [ 15.035074] __kasan_kmalloc+0xb7/0xc0 [ 15.035210] __kmalloc_cache_noprof+0x189/0x420 [ 15.035487] kasan_atomics+0x95/0x310 [ 15.035673] kunit_try_run_case+0x1a5/0x480 [ 15.035838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.036026] kthread+0x337/0x6f0 [ 15.036261] ret_from_fork+0x116/0x1d0 [ 15.036474] ret_from_fork_asm+0x1a/0x30 [ 15.036770] [ 15.036842] The buggy address belongs to the object at ffff8881039b8880 [ 15.036842] which belongs to the cache kmalloc-64 of size 64 [ 15.037374] The buggy address is located 0 bytes to the right of [ 15.037374] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.037771] [ 15.037867] The buggy address belongs to the physical page: [ 15.038127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.038484] flags: 0x200000000000000(node=0|zone=2) [ 15.038704] page_type: f5(slab) [ 15.038852] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.039229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.039641] page dumped because: kasan: bad access detected [ 15.039859] [ 15.040021] Memory state around the buggy address: [ 15.040262] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.040551] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.040849] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.041175] ^ [ 15.041337] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041553] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041764] ================================================================== [ 15.862279] ================================================================== [ 15.863383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.864260] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.864862] [ 15.864954] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.865004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.865028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.865050] Call Trace: [ 15.865065] <TASK> [ 15.865080] dump_stack_lvl+0x73/0xb0 [ 15.865108] print_report+0xd1/0x610 [ 15.865129] ? __virt_addr_valid+0x1db/0x2d0 [ 15.865151] ? kasan_atomics_helper+0x5115/0x5450 [ 15.865173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.865195] ? kasan_atomics_helper+0x5115/0x5450 [ 15.865216] kasan_report+0x141/0x180 [ 15.865239] ? kasan_atomics_helper+0x5115/0x5450 [ 15.865266] __asan_report_load8_noabort+0x18/0x20 [ 15.865290] kasan_atomics_helper+0x5115/0x5450 [ 15.865313] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.865335] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.865360] ? kasan_atomics+0x152/0x310 [ 15.865386] kasan_atomics+0x1dc/0x310 [ 15.865409] ? __pfx_kasan_atomics+0x10/0x10 [ 15.865433] ? __pfx_read_tsc+0x10/0x10 [ 15.865453] ? ktime_get_ts64+0x86/0x230 [ 15.865478] kunit_try_run_case+0x1a5/0x480 [ 15.865599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.865623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.865647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.865671] ? __kthread_parkme+0x82/0x180 [ 15.865691] ? preempt_count_sub+0x50/0x80 [ 15.865716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.865741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.865766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.865792] kthread+0x337/0x6f0 [ 15.865811] ? trace_preempt_on+0x20/0xc0 [ 15.865835] ? __pfx_kthread+0x10/0x10 [ 15.865858] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.865880] ? calculate_sigpending+0x7b/0xa0 [ 15.865905] ? __pfx_kthread+0x10/0x10 [ 15.865926] ret_from_fork+0x116/0x1d0 [ 15.865945] ? __pfx_kthread+0x10/0x10 [ 15.865966] ret_from_fork_asm+0x1a/0x30 [ 15.865998] </TASK> [ 15.866017] [ 15.873497] Allocated by task 283: [ 15.873685] kasan_save_stack+0x45/0x70 [ 15.873886] kasan_save_track+0x18/0x40 [ 15.874093] kasan_save_alloc_info+0x3b/0x50 [ 15.874318] __kasan_kmalloc+0xb7/0xc0 [ 15.874519] __kmalloc_cache_noprof+0x189/0x420 [ 15.874742] kasan_atomics+0x95/0x310 [ 15.874909] kunit_try_run_case+0x1a5/0x480 [ 15.875088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.875366] kthread+0x337/0x6f0 [ 15.875562] ret_from_fork+0x116/0x1d0 [ 15.875738] ret_from_fork_asm+0x1a/0x30 [ 15.875941] [ 15.876045] The buggy address belongs to the object at ffff8881039b8880 [ 15.876045] which belongs to the cache kmalloc-64 of size 64 [ 15.876504] The buggy address is located 0 bytes to the right of [ 15.876504] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.876869] [ 15.876941] The buggy address belongs to the physical page: [ 15.877131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.877592] flags: 0x200000000000000(node=0|zone=2) [ 15.877855] page_type: f5(slab) [ 15.878042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.878382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.878630] page dumped because: kasan: bad access detected [ 15.878800] [ 15.878869] Memory state around the buggy address: [ 15.879041] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.879364] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.879723] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.880048] ^ [ 15.880293] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.880573] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.880909] ================================================================== [ 14.672991] ================================================================== [ 14.673337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.673869] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.674213] [ 14.674317] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.674396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.674409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.674430] Call Trace: [ 14.674443] <TASK> [ 14.674457] dump_stack_lvl+0x73/0xb0 [ 14.674483] print_report+0xd1/0x610 [ 14.674505] ? __virt_addr_valid+0x1db/0x2d0 [ 14.674526] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.674546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.674569] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.674590] kasan_report+0x141/0x180 [ 14.674612] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.674638] kasan_check_range+0x10c/0x1c0 [ 14.674662] __kasan_check_write+0x18/0x20 [ 14.674681] kasan_atomics_helper+0x7c7/0x5450 [ 14.674704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.674726] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.674750] ? kasan_atomics+0x152/0x310 [ 14.674776] kasan_atomics+0x1dc/0x310 [ 14.674799] ? __pfx_kasan_atomics+0x10/0x10 [ 14.674823] ? __pfx_read_tsc+0x10/0x10 [ 14.674843] ? ktime_get_ts64+0x86/0x230 [ 14.674867] kunit_try_run_case+0x1a5/0x480 [ 14.674892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.674914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.674936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.674959] ? __kthread_parkme+0x82/0x180 [ 14.674979] ? preempt_count_sub+0x50/0x80 [ 14.675012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.675060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.675084] kthread+0x337/0x6f0 [ 14.675103] ? trace_preempt_on+0x20/0xc0 [ 14.675126] ? __pfx_kthread+0x10/0x10 [ 14.675146] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.675167] ? calculate_sigpending+0x7b/0xa0 [ 14.675191] ? __pfx_kthread+0x10/0x10 [ 14.675212] ret_from_fork+0x116/0x1d0 [ 14.675231] ? __pfx_kthread+0x10/0x10 [ 14.675251] ret_from_fork_asm+0x1a/0x30 [ 14.675281] </TASK> [ 14.675291] [ 14.683284] Allocated by task 283: [ 14.683498] kasan_save_stack+0x45/0x70 [ 14.683648] kasan_save_track+0x18/0x40 [ 14.683801] kasan_save_alloc_info+0x3b/0x50 [ 14.684027] __kasan_kmalloc+0xb7/0xc0 [ 14.684216] __kmalloc_cache_noprof+0x189/0x420 [ 14.684543] kasan_atomics+0x95/0x310 [ 14.684739] kunit_try_run_case+0x1a5/0x480 [ 14.684952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.685225] kthread+0x337/0x6f0 [ 14.685586] ret_from_fork+0x116/0x1d0 [ 14.685790] ret_from_fork_asm+0x1a/0x30 [ 14.685975] [ 14.686078] The buggy address belongs to the object at ffff8881039b8880 [ 14.686078] which belongs to the cache kmalloc-64 of size 64 [ 14.686631] The buggy address is located 0 bytes to the right of [ 14.686631] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.687133] [ 14.687218] The buggy address belongs to the physical page: [ 14.687502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.687826] flags: 0x200000000000000(node=0|zone=2) [ 14.688074] page_type: f5(slab) [ 14.688199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.688508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.688740] page dumped because: kasan: bad access detected [ 14.689013] [ 14.689107] Memory state around the buggy address: [ 14.689329] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.689840] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.690179] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.690587] ^ [ 14.690781] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691068] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691286] ================================================================== [ 14.987923] ================================================================== [ 14.988249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.988577] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.988803] [ 14.988884] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.988923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.988935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.988955] Call Trace: [ 14.988974] <TASK> [ 14.988988] dump_stack_lvl+0x73/0xb0 [ 14.989024] print_report+0xd1/0x610 [ 14.989046] ? __virt_addr_valid+0x1db/0x2d0 [ 14.989071] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.989092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.989115] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.989166] kasan_report+0x141/0x180 [ 14.989188] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.989215] __asan_report_load4_noabort+0x18/0x20 [ 14.989239] kasan_atomics_helper+0x4a1c/0x5450 [ 14.989263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.989285] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.989310] ? kasan_atomics+0x152/0x310 [ 14.989337] kasan_atomics+0x1dc/0x310 [ 14.989368] ? __pfx_kasan_atomics+0x10/0x10 [ 14.989392] ? __pfx_read_tsc+0x10/0x10 [ 14.989412] ? ktime_get_ts64+0x86/0x230 [ 14.989436] kunit_try_run_case+0x1a5/0x480 [ 14.989460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.989506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.989529] ? __kthread_parkme+0x82/0x180 [ 14.989550] ? preempt_count_sub+0x50/0x80 [ 14.989573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.989621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.989645] kthread+0x337/0x6f0 [ 14.989664] ? trace_preempt_on+0x20/0xc0 [ 14.989687] ? __pfx_kthread+0x10/0x10 [ 14.989708] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.989729] ? calculate_sigpending+0x7b/0xa0 [ 14.989752] ? __pfx_kthread+0x10/0x10 [ 14.989774] ret_from_fork+0x116/0x1d0 [ 14.989793] ? __pfx_kthread+0x10/0x10 [ 14.989814] ret_from_fork_asm+0x1a/0x30 [ 14.989843] </TASK> [ 14.989853] [ 14.997802] Allocated by task 283: [ 14.997953] kasan_save_stack+0x45/0x70 [ 14.998174] kasan_save_track+0x18/0x40 [ 14.998361] kasan_save_alloc_info+0x3b/0x50 [ 14.998584] __kasan_kmalloc+0xb7/0xc0 [ 14.998718] __kmalloc_cache_noprof+0x189/0x420 [ 14.998874] kasan_atomics+0x95/0x310 [ 14.999016] kunit_try_run_case+0x1a5/0x480 [ 14.999224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.999517] kthread+0x337/0x6f0 [ 14.999685] ret_from_fork+0x116/0x1d0 [ 14.999871] ret_from_fork_asm+0x1a/0x30 [ 15.000155] [ 15.000268] The buggy address belongs to the object at ffff8881039b8880 [ 15.000268] which belongs to the cache kmalloc-64 of size 64 [ 15.000810] The buggy address is located 0 bytes to the right of [ 15.000810] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.001385] [ 15.001483] The buggy address belongs to the physical page: [ 15.001703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.002000] flags: 0x200000000000000(node=0|zone=2) [ 15.002208] page_type: f5(slab) [ 15.002364] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.002671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.002966] page dumped because: kasan: bad access detected [ 15.003221] [ 15.003305] Memory state around the buggy address: [ 15.003484] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.003791] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.004074] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.004288] ^ [ 15.004636] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004982] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.005255] ================================================================== [ 15.152342] ================================================================== [ 15.153084] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.153367] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.153862] [ 15.153971] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.154179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.154245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.154267] Call Trace: [ 15.154281] <TASK> [ 15.154295] dump_stack_lvl+0x73/0xb0 [ 15.154324] print_report+0xd1/0x610 [ 15.154346] ? __virt_addr_valid+0x1db/0x2d0 [ 15.154562] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.154590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.154612] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.154634] kasan_report+0x141/0x180 [ 15.154657] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.154683] kasan_check_range+0x10c/0x1c0 [ 15.154707] __kasan_check_read+0x15/0x20 [ 15.154725] kasan_atomics_helper+0x13b5/0x5450 [ 15.154748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.154770] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.154794] ? kasan_atomics+0x152/0x310 [ 15.154820] kasan_atomics+0x1dc/0x310 [ 15.154842] ? __pfx_kasan_atomics+0x10/0x10 [ 15.154866] ? __pfx_read_tsc+0x10/0x10 [ 15.154886] ? ktime_get_ts64+0x86/0x230 [ 15.154912] kunit_try_run_case+0x1a5/0x480 [ 15.154935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.154958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.154980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.155016] ? __kthread_parkme+0x82/0x180 [ 15.155037] ? preempt_count_sub+0x50/0x80 [ 15.155061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.155086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.155109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.155133] kthread+0x337/0x6f0 [ 15.155151] ? trace_preempt_on+0x20/0xc0 [ 15.155174] ? __pfx_kthread+0x10/0x10 [ 15.155194] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.155216] ? calculate_sigpending+0x7b/0xa0 [ 15.155239] ? __pfx_kthread+0x10/0x10 [ 15.155260] ret_from_fork+0x116/0x1d0 [ 15.155279] ? __pfx_kthread+0x10/0x10 [ 15.155299] ret_from_fork_asm+0x1a/0x30 [ 15.155329] </TASK> [ 15.155339] [ 15.166394] Allocated by task 283: [ 15.166792] kasan_save_stack+0x45/0x70 [ 15.167080] kasan_save_track+0x18/0x40 [ 15.167237] kasan_save_alloc_info+0x3b/0x50 [ 15.167458] __kasan_kmalloc+0xb7/0xc0 [ 15.167917] __kmalloc_cache_noprof+0x189/0x420 [ 15.168160] kasan_atomics+0x95/0x310 [ 15.168338] kunit_try_run_case+0x1a5/0x480 [ 15.168864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.169096] kthread+0x337/0x6f0 [ 15.169497] ret_from_fork+0x116/0x1d0 [ 15.169685] ret_from_fork_asm+0x1a/0x30 [ 15.169867] [ 15.169950] The buggy address belongs to the object at ffff8881039b8880 [ 15.169950] which belongs to the cache kmalloc-64 of size 64 [ 15.170488] The buggy address is located 0 bytes to the right of [ 15.170488] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.171348] [ 15.171627] The buggy address belongs to the physical page: [ 15.172161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.172658] flags: 0x200000000000000(node=0|zone=2) [ 15.172960] page_type: f5(slab) [ 15.173107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.173615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.173896] page dumped because: kasan: bad access detected [ 15.174164] [ 15.174263] Memory state around the buggy address: [ 15.174432] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.174749] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.175042] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.175328] ^ [ 15.176138] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.176494] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177104] ================================================================== [ 14.505522] ================================================================== [ 14.506216] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.506913] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.507519] [ 14.507679] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.507721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.507733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.507755] Call Trace: [ 14.507769] <TASK> [ 14.507782] dump_stack_lvl+0x73/0xb0 [ 14.507810] print_report+0xd1/0x610 [ 14.507832] ? __virt_addr_valid+0x1db/0x2d0 [ 14.507854] ? kasan_atomics_helper+0x3df/0x5450 [ 14.507874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.507896] ? kasan_atomics_helper+0x3df/0x5450 [ 14.507918] kasan_report+0x141/0x180 [ 14.507939] ? kasan_atomics_helper+0x3df/0x5450 [ 14.507966] kasan_check_range+0x10c/0x1c0 [ 14.507989] __kasan_check_read+0x15/0x20 [ 14.508019] kasan_atomics_helper+0x3df/0x5450 [ 14.508041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.508064] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.508088] ? kasan_atomics+0x152/0x310 [ 14.508114] kasan_atomics+0x1dc/0x310 [ 14.508136] ? __pfx_kasan_atomics+0x10/0x10 [ 14.508160] ? __pfx_read_tsc+0x10/0x10 [ 14.508182] ? ktime_get_ts64+0x86/0x230 [ 14.508206] kunit_try_run_case+0x1a5/0x480 [ 14.508231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.508253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.508278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.508303] ? __kthread_parkme+0x82/0x180 [ 14.508323] ? preempt_count_sub+0x50/0x80 [ 14.508347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.508382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.508406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.508429] kthread+0x337/0x6f0 [ 14.508449] ? trace_preempt_on+0x20/0xc0 [ 14.508472] ? __pfx_kthread+0x10/0x10 [ 14.508495] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.508527] ? calculate_sigpending+0x7b/0xa0 [ 14.508551] ? __pfx_kthread+0x10/0x10 [ 14.508574] ret_from_fork+0x116/0x1d0 [ 14.508592] ? __pfx_kthread+0x10/0x10 [ 14.508613] ret_from_fork_asm+0x1a/0x30 [ 14.508644] </TASK> [ 14.508654] [ 14.523251] Allocated by task 283: [ 14.523565] kasan_save_stack+0x45/0x70 [ 14.524001] kasan_save_track+0x18/0x40 [ 14.524443] kasan_save_alloc_info+0x3b/0x50 [ 14.524822] __kasan_kmalloc+0xb7/0xc0 [ 14.525224] __kmalloc_cache_noprof+0x189/0x420 [ 14.525624] kasan_atomics+0x95/0x310 [ 14.525772] kunit_try_run_case+0x1a5/0x480 [ 14.526181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526789] kthread+0x337/0x6f0 [ 14.526918] ret_from_fork+0x116/0x1d0 [ 14.527275] ret_from_fork_asm+0x1a/0x30 [ 14.527659] [ 14.527816] The buggy address belongs to the object at ffff8881039b8880 [ 14.527816] which belongs to the cache kmalloc-64 of size 64 [ 14.528717] The buggy address is located 0 bytes to the right of [ 14.528717] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.529943] [ 14.530036] The buggy address belongs to the physical page: [ 14.530207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.530549] flags: 0x200000000000000(node=0|zone=2) [ 14.531468] page_type: f5(slab) [ 14.531789] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.532547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.533211] page dumped because: kasan: bad access detected [ 14.533802] [ 14.533961] Memory state around the buggy address: [ 14.534445] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.534778] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.534989] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.535211] ^ [ 14.535374] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.536202] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537054] ================================================================== [ 15.609703] ================================================================== [ 15.610297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.610977] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.611261] [ 15.611347] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.611390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.611403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.611425] Call Trace: [ 15.611441] <TASK> [ 15.611456] dump_stack_lvl+0x73/0xb0 [ 15.611485] print_report+0xd1/0x610 [ 15.611507] ? __virt_addr_valid+0x1db/0x2d0 [ 15.611529] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.611550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.611573] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.611595] kasan_report+0x141/0x180 [ 15.611617] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.611644] kasan_check_range+0x10c/0x1c0 [ 15.611667] __kasan_check_write+0x18/0x20 [ 15.611687] kasan_atomics_helper+0x1d7a/0x5450 [ 15.611709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.611731] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.611756] ? kasan_atomics+0x152/0x310 [ 15.611782] kasan_atomics+0x1dc/0x310 [ 15.611804] ? __pfx_kasan_atomics+0x10/0x10 [ 15.611828] ? __pfx_read_tsc+0x10/0x10 [ 15.611849] ? ktime_get_ts64+0x86/0x230 [ 15.611872] kunit_try_run_case+0x1a5/0x480 [ 15.611896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.611918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.611941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.611964] ? __kthread_parkme+0x82/0x180 [ 15.611983] ? preempt_count_sub+0x50/0x80 [ 15.612017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.612041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.612063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.612087] kthread+0x337/0x6f0 [ 15.612106] ? trace_preempt_on+0x20/0xc0 [ 15.612128] ? __pfx_kthread+0x10/0x10 [ 15.612148] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.612170] ? calculate_sigpending+0x7b/0xa0 [ 15.612194] ? __pfx_kthread+0x10/0x10 [ 15.612215] ret_from_fork+0x116/0x1d0 [ 15.612233] ? __pfx_kthread+0x10/0x10 [ 15.612254] ret_from_fork_asm+0x1a/0x30 [ 15.612285] </TASK> [ 15.612295] [ 15.625131] Allocated by task 283: [ 15.625328] kasan_save_stack+0x45/0x70 [ 15.625907] kasan_save_track+0x18/0x40 [ 15.626077] kasan_save_alloc_info+0x3b/0x50 [ 15.626505] __kasan_kmalloc+0xb7/0xc0 [ 15.626860] __kmalloc_cache_noprof+0x189/0x420 [ 15.627101] kasan_atomics+0x95/0x310 [ 15.627295] kunit_try_run_case+0x1a5/0x480 [ 15.627811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.628255] kthread+0x337/0x6f0 [ 15.628587] ret_from_fork+0x116/0x1d0 [ 15.628802] ret_from_fork_asm+0x1a/0x30 [ 15.629207] [ 15.629453] The buggy address belongs to the object at ffff8881039b8880 [ 15.629453] which belongs to the cache kmalloc-64 of size 64 [ 15.630259] The buggy address is located 0 bytes to the right of [ 15.630259] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.631030] [ 15.631312] The buggy address belongs to the physical page: [ 15.631640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.632030] flags: 0x200000000000000(node=0|zone=2) [ 15.632501] page_type: f5(slab) [ 15.632754] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.633193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.633724] page dumped because: kasan: bad access detected [ 15.634169] [ 15.634271] Memory state around the buggy address: [ 15.634551] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.635138] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.635644] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.636105] ^ [ 15.636317] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636884] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.637481] ================================================================== [ 15.786239] ================================================================== [ 15.786591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.787345] Read of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.787831] [ 15.787943] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.787986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.787999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.788032] Call Trace: [ 15.788048] <TASK> [ 15.788062] dump_stack_lvl+0x73/0xb0 [ 15.788089] print_report+0xd1/0x610 [ 15.788112] ? __virt_addr_valid+0x1db/0x2d0 [ 15.788134] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.788155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.788178] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.788199] kasan_report+0x141/0x180 [ 15.788243] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.788270] __asan_report_load8_noabort+0x18/0x20 [ 15.788295] kasan_atomics_helper+0x4fb2/0x5450 [ 15.788318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.788340] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.788401] ? kasan_atomics+0x152/0x310 [ 15.788427] kasan_atomics+0x1dc/0x310 [ 15.788449] ? __pfx_kasan_atomics+0x10/0x10 [ 15.788472] ? __pfx_read_tsc+0x10/0x10 [ 15.788493] ? ktime_get_ts64+0x86/0x230 [ 15.788517] kunit_try_run_case+0x1a5/0x480 [ 15.788541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.788563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.788586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.788610] ? __kthread_parkme+0x82/0x180 [ 15.788630] ? preempt_count_sub+0x50/0x80 [ 15.788653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.788677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.788701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.788724] kthread+0x337/0x6f0 [ 15.788761] ? trace_preempt_on+0x20/0xc0 [ 15.788785] ? __pfx_kthread+0x10/0x10 [ 15.788806] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.788828] ? calculate_sigpending+0x7b/0xa0 [ 15.788851] ? __pfx_kthread+0x10/0x10 [ 15.788872] ret_from_fork+0x116/0x1d0 [ 15.788891] ? __pfx_kthread+0x10/0x10 [ 15.788911] ret_from_fork_asm+0x1a/0x30 [ 15.788942] </TASK> [ 15.788952] [ 15.796341] Allocated by task 283: [ 15.796559] kasan_save_stack+0x45/0x70 [ 15.796740] kasan_save_track+0x18/0x40 [ 15.796942] kasan_save_alloc_info+0x3b/0x50 [ 15.797146] __kasan_kmalloc+0xb7/0xc0 [ 15.797332] __kmalloc_cache_noprof+0x189/0x420 [ 15.797562] kasan_atomics+0x95/0x310 [ 15.797746] kunit_try_run_case+0x1a5/0x480 [ 15.797965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.798204] kthread+0x337/0x6f0 [ 15.798371] ret_from_fork+0x116/0x1d0 [ 15.798531] ret_from_fork_asm+0x1a/0x30 [ 15.798672] [ 15.798744] The buggy address belongs to the object at ffff8881039b8880 [ 15.798744] which belongs to the cache kmalloc-64 of size 64 [ 15.799248] The buggy address is located 0 bytes to the right of [ 15.799248] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.799815] [ 15.799901] The buggy address belongs to the physical page: [ 15.800083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.800460] flags: 0x200000000000000(node=0|zone=2) [ 15.800670] page_type: f5(slab) [ 15.800789] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.801056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.801438] page dumped because: kasan: bad access detected [ 15.801692] [ 15.801788] Memory state around the buggy address: [ 15.802040] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.802372] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.802610] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.802826] ^ [ 15.803031] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.803392] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.803748] ================================================================== [ 15.060565] ================================================================== [ 15.060799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.061051] Read of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.061272] [ 15.061392] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.061434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.061446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.061466] Call Trace: [ 15.061479] <TASK> [ 15.061493] dump_stack_lvl+0x73/0xb0 [ 15.061519] print_report+0xd1/0x610 [ 15.061541] ? __virt_addr_valid+0x1db/0x2d0 [ 15.061563] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.061584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.061606] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.061628] kasan_report+0x141/0x180 [ 15.061649] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.061676] __asan_report_load4_noabort+0x18/0x20 [ 15.061700] kasan_atomics_helper+0x49e8/0x5450 [ 15.061722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.061744] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.061768] ? kasan_atomics+0x152/0x310 [ 15.061794] kasan_atomics+0x1dc/0x310 [ 15.061830] ? __pfx_kasan_atomics+0x10/0x10 [ 15.061855] ? __pfx_read_tsc+0x10/0x10 [ 15.061875] ? ktime_get_ts64+0x86/0x230 [ 15.061898] kunit_try_run_case+0x1a5/0x480 [ 15.061922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.061944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.061967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.061990] ? __kthread_parkme+0x82/0x180 [ 15.062020] ? preempt_count_sub+0x50/0x80 [ 15.062043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.062113] kthread+0x337/0x6f0 [ 15.062133] ? trace_preempt_on+0x20/0xc0 [ 15.062155] ? __pfx_kthread+0x10/0x10 [ 15.062176] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.062197] ? calculate_sigpending+0x7b/0xa0 [ 15.062220] ? __pfx_kthread+0x10/0x10 [ 15.062242] ret_from_fork+0x116/0x1d0 [ 15.062260] ? __pfx_kthread+0x10/0x10 [ 15.062281] ret_from_fork_asm+0x1a/0x30 [ 15.062310] </TASK> [ 15.062321] [ 15.071129] Allocated by task 283: [ 15.071982] kasan_save_stack+0x45/0x70 [ 15.072528] kasan_save_track+0x18/0x40 [ 15.072830] kasan_save_alloc_info+0x3b/0x50 [ 15.073063] __kasan_kmalloc+0xb7/0xc0 [ 15.073220] __kmalloc_cache_noprof+0x189/0x420 [ 15.073767] kasan_atomics+0x95/0x310 [ 15.073986] kunit_try_run_case+0x1a5/0x480 [ 15.074817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.075725] kthread+0x337/0x6f0 [ 15.076265] ret_from_fork+0x116/0x1d0 [ 15.077027] ret_from_fork_asm+0x1a/0x30 [ 15.077820] [ 15.077961] The buggy address belongs to the object at ffff8881039b8880 [ 15.077961] which belongs to the cache kmalloc-64 of size 64 [ 15.078955] The buggy address is located 0 bytes to the right of [ 15.078955] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.080600] [ 15.080684] The buggy address belongs to the physical page: [ 15.080941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.081273] flags: 0x200000000000000(node=0|zone=2) [ 15.081530] page_type: f5(slab) [ 15.081695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.081928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.082166] page dumped because: kasan: bad access detected [ 15.082338] [ 15.082408] Memory state around the buggy address: [ 15.082563] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.082887] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.084839] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.085929] ^ [ 15.086560] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087691] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088718] ================================================================== [ 14.575548] ================================================================== [ 14.576132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.576673] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.577245] [ 14.577328] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.577368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.577380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.577400] Call Trace: [ 14.577412] <TASK> [ 14.577425] dump_stack_lvl+0x73/0xb0 [ 14.577458] print_report+0xd1/0x610 [ 14.577487] ? __virt_addr_valid+0x1db/0x2d0 [ 14.577517] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.577538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.577560] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.577582] kasan_report+0x141/0x180 [ 14.577603] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.577629] __asan_report_store4_noabort+0x1b/0x30 [ 14.577653] kasan_atomics_helper+0x4b3a/0x5450 [ 14.577676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.577698] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.577722] ? kasan_atomics+0x152/0x310 [ 14.577748] kasan_atomics+0x1dc/0x310 [ 14.577771] ? __pfx_kasan_atomics+0x10/0x10 [ 14.577794] ? __pfx_read_tsc+0x10/0x10 [ 14.577815] ? ktime_get_ts64+0x86/0x230 [ 14.577838] kunit_try_run_case+0x1a5/0x480 [ 14.577862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.577884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.577906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.577929] ? __kthread_parkme+0x82/0x180 [ 14.577949] ? preempt_count_sub+0x50/0x80 [ 14.577972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.577996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.578054] kthread+0x337/0x6f0 [ 14.578072] ? trace_preempt_on+0x20/0xc0 [ 14.578095] ? __pfx_kthread+0x10/0x10 [ 14.578116] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.578136] ? calculate_sigpending+0x7b/0xa0 [ 14.578159] ? __pfx_kthread+0x10/0x10 [ 14.578181] ret_from_fork+0x116/0x1d0 [ 14.578199] ? __pfx_kthread+0x10/0x10 [ 14.578219] ret_from_fork_asm+0x1a/0x30 [ 14.578250] </TASK> [ 14.578260] [ 14.586641] Allocated by task 283: [ 14.586818] kasan_save_stack+0x45/0x70 [ 14.587107] kasan_save_track+0x18/0x40 [ 14.587319] kasan_save_alloc_info+0x3b/0x50 [ 14.587670] __kasan_kmalloc+0xb7/0xc0 [ 14.587846] __kmalloc_cache_noprof+0x189/0x420 [ 14.588065] kasan_atomics+0x95/0x310 [ 14.588198] kunit_try_run_case+0x1a5/0x480 [ 14.588343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.588599] kthread+0x337/0x6f0 [ 14.588912] ret_from_fork+0x116/0x1d0 [ 14.589135] ret_from_fork_asm+0x1a/0x30 [ 14.589275] [ 14.589345] The buggy address belongs to the object at ffff8881039b8880 [ 14.589345] which belongs to the cache kmalloc-64 of size 64 [ 14.590096] The buggy address is located 0 bytes to the right of [ 14.590096] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.590667] [ 14.590772] The buggy address belongs to the physical page: [ 14.590950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.591199] flags: 0x200000000000000(node=0|zone=2) [ 14.591430] page_type: f5(slab) [ 14.591751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.592104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.592425] page dumped because: kasan: bad access detected [ 14.592656] [ 14.592772] Memory state around the buggy address: [ 14.592971] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.593203] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.593676] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.594029] ^ [ 14.594229] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.594620] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.594949] ================================================================== [ 15.290923] ================================================================== [ 15.291212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.292095] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.292788] [ 15.292907] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.293097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.293113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.293136] Call Trace: [ 15.293152] <TASK> [ 15.293168] dump_stack_lvl+0x73/0xb0 [ 15.293199] print_report+0xd1/0x610 [ 15.293223] ? __virt_addr_valid+0x1db/0x2d0 [ 15.293245] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.293267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.293290] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.293312] kasan_report+0x141/0x180 [ 15.293334] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.293361] kasan_check_range+0x10c/0x1c0 [ 15.293409] __kasan_check_write+0x18/0x20 [ 15.293428] kasan_atomics_helper+0x15b6/0x5450 [ 15.293451] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.293473] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.293498] ? kasan_atomics+0x152/0x310 [ 15.293524] kasan_atomics+0x1dc/0x310 [ 15.293547] ? __pfx_kasan_atomics+0x10/0x10 [ 15.293570] ? __pfx_read_tsc+0x10/0x10 [ 15.293591] ? ktime_get_ts64+0x86/0x230 [ 15.293615] kunit_try_run_case+0x1a5/0x480 [ 15.293639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.293684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.293707] ? __kthread_parkme+0x82/0x180 [ 15.293728] ? preempt_count_sub+0x50/0x80 [ 15.293751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.293798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.293822] kthread+0x337/0x6f0 [ 15.293840] ? trace_preempt_on+0x20/0xc0 [ 15.293863] ? __pfx_kthread+0x10/0x10 [ 15.293884] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.293906] ? calculate_sigpending+0x7b/0xa0 [ 15.293929] ? __pfx_kthread+0x10/0x10 [ 15.293951] ret_from_fork+0x116/0x1d0 [ 15.293970] ? __pfx_kthread+0x10/0x10 [ 15.293990] ret_from_fork_asm+0x1a/0x30 [ 15.294033] </TASK> [ 15.294043] [ 15.305930] Allocated by task 283: [ 15.306118] kasan_save_stack+0x45/0x70 [ 15.306309] kasan_save_track+0x18/0x40 [ 15.307144] kasan_save_alloc_info+0x3b/0x50 [ 15.307417] __kasan_kmalloc+0xb7/0xc0 [ 15.307797] __kmalloc_cache_noprof+0x189/0x420 [ 15.308134] kasan_atomics+0x95/0x310 [ 15.308533] kunit_try_run_case+0x1a5/0x480 [ 15.308915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.309189] kthread+0x337/0x6f0 [ 15.309558] ret_from_fork+0x116/0x1d0 [ 15.309985] ret_from_fork_asm+0x1a/0x30 [ 15.310272] [ 15.310351] The buggy address belongs to the object at ffff8881039b8880 [ 15.310351] which belongs to the cache kmalloc-64 of size 64 [ 15.310927] The buggy address is located 0 bytes to the right of [ 15.310927] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.311984] [ 15.312104] The buggy address belongs to the physical page: [ 15.312315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.312936] flags: 0x200000000000000(node=0|zone=2) [ 15.313276] page_type: f5(slab) [ 15.313674] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.314143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.314711] page dumped because: kasan: bad access detected [ 15.314940] [ 15.315053] Memory state around the buggy address: [ 15.315267] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.316017] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.316657] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.317003] ^ [ 15.317351] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.317850] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318166] ================================================================== [ 15.540577] ================================================================== [ 15.540861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.541317] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.541748] [ 15.541836] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.541879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.541891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.541912] Call Trace: [ 15.541927] <TASK> [ 15.541942] dump_stack_lvl+0x73/0xb0 [ 15.541969] print_report+0xd1/0x610 [ 15.541991] ? __virt_addr_valid+0x1db/0x2d0 [ 15.542025] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.542051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.542073] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.542095] kasan_report+0x141/0x180 [ 15.542117] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.542144] kasan_check_range+0x10c/0x1c0 [ 15.542167] __kasan_check_write+0x18/0x20 [ 15.542187] kasan_atomics_helper+0x1c18/0x5450 [ 15.542209] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.542231] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.542256] ? kasan_atomics+0x152/0x310 [ 15.542282] kasan_atomics+0x1dc/0x310 [ 15.542305] ? __pfx_kasan_atomics+0x10/0x10 [ 15.542332] ? __pfx_read_tsc+0x10/0x10 [ 15.542353] ? ktime_get_ts64+0x86/0x230 [ 15.542393] kunit_try_run_case+0x1a5/0x480 [ 15.542443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.542489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.542513] ? __kthread_parkme+0x82/0x180 [ 15.542533] ? preempt_count_sub+0x50/0x80 [ 15.542558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.542606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.542836] kthread+0x337/0x6f0 [ 15.542858] ? trace_preempt_on+0x20/0xc0 [ 15.542881] ? __pfx_kthread+0x10/0x10 [ 15.542901] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.542923] ? calculate_sigpending+0x7b/0xa0 [ 15.542947] ? __pfx_kthread+0x10/0x10 [ 15.542968] ret_from_fork+0x116/0x1d0 [ 15.542987] ? __pfx_kthread+0x10/0x10 [ 15.543021] ret_from_fork_asm+0x1a/0x30 [ 15.543052] </TASK> [ 15.543062] [ 15.551916] Allocated by task 283: [ 15.552114] kasan_save_stack+0x45/0x70 [ 15.552257] kasan_save_track+0x18/0x40 [ 15.552541] kasan_save_alloc_info+0x3b/0x50 [ 15.552755] __kasan_kmalloc+0xb7/0xc0 [ 15.552946] __kmalloc_cache_noprof+0x189/0x420 [ 15.553154] kasan_atomics+0x95/0x310 [ 15.553288] kunit_try_run_case+0x1a5/0x480 [ 15.553652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.553927] kthread+0x337/0x6f0 [ 15.554107] ret_from_fork+0x116/0x1d0 [ 15.554304] ret_from_fork_asm+0x1a/0x30 [ 15.554682] [ 15.554816] The buggy address belongs to the object at ffff8881039b8880 [ 15.554816] which belongs to the cache kmalloc-64 of size 64 [ 15.555301] The buggy address is located 0 bytes to the right of [ 15.555301] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.555944] [ 15.556046] The buggy address belongs to the physical page: [ 15.556288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.556702] flags: 0x200000000000000(node=0|zone=2) [ 15.556870] page_type: f5(slab) [ 15.556992] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.557236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.557592] page dumped because: kasan: bad access detected [ 15.557845] [ 15.557968] Memory state around the buggy address: [ 15.558589] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.558826] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.559125] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.559584] ^ [ 15.559835] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560064] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560380] ================================================================== [ 14.635136] ================================================================== [ 14.635489] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.635815] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.636136] [ 14.636231] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.636272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.636285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.636305] Call Trace: [ 14.636321] <TASK> [ 14.636336] dump_stack_lvl+0x73/0xb0 [ 14.636362] print_report+0xd1/0x610 [ 14.636384] ? __virt_addr_valid+0x1db/0x2d0 [ 14.636406] ? kasan_atomics_helper+0x697/0x5450 [ 14.636427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.636449] ? kasan_atomics_helper+0x697/0x5450 [ 14.636471] kasan_report+0x141/0x180 [ 14.636493] ? kasan_atomics_helper+0x697/0x5450 [ 14.636518] kasan_check_range+0x10c/0x1c0 [ 14.636542] __kasan_check_write+0x18/0x20 [ 14.636561] kasan_atomics_helper+0x697/0x5450 [ 14.636583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.636604] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.636628] ? kasan_atomics+0x152/0x310 [ 14.636655] kasan_atomics+0x1dc/0x310 [ 14.636676] ? __pfx_kasan_atomics+0x10/0x10 [ 14.636700] ? __pfx_read_tsc+0x10/0x10 [ 14.636720] ? ktime_get_ts64+0x86/0x230 [ 14.636744] kunit_try_run_case+0x1a5/0x480 [ 14.636768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.636790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.636814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.636836] ? __kthread_parkme+0x82/0x180 [ 14.636856] ? preempt_count_sub+0x50/0x80 [ 14.636880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.636904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.636927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.636951] kthread+0x337/0x6f0 [ 14.636975] ? trace_preempt_on+0x20/0xc0 [ 14.636997] ? __pfx_kthread+0x10/0x10 [ 14.637207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.637231] ? calculate_sigpending+0x7b/0xa0 [ 14.637256] ? __pfx_kthread+0x10/0x10 [ 14.637278] ret_from_fork+0x116/0x1d0 [ 14.637299] ? __pfx_kthread+0x10/0x10 [ 14.637320] ret_from_fork_asm+0x1a/0x30 [ 14.637351] </TASK> [ 14.637361] [ 14.645200] Allocated by task 283: [ 14.645375] kasan_save_stack+0x45/0x70 [ 14.645723] kasan_save_track+0x18/0x40 [ 14.645867] kasan_save_alloc_info+0x3b/0x50 [ 14.646097] __kasan_kmalloc+0xb7/0xc0 [ 14.646276] __kmalloc_cache_noprof+0x189/0x420 [ 14.646574] kasan_atomics+0x95/0x310 [ 14.646725] kunit_try_run_case+0x1a5/0x480 [ 14.646937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647164] kthread+0x337/0x6f0 [ 14.647334] ret_from_fork+0x116/0x1d0 [ 14.647535] ret_from_fork_asm+0x1a/0x30 [ 14.647744] [ 14.647837] The buggy address belongs to the object at ffff8881039b8880 [ 14.647837] which belongs to the cache kmalloc-64 of size 64 [ 14.648301] The buggy address is located 0 bytes to the right of [ 14.648301] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.649015] [ 14.649105] The buggy address belongs to the physical page: [ 14.649361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.649814] flags: 0x200000000000000(node=0|zone=2) [ 14.650072] page_type: f5(slab) [ 14.650227] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.650465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.650692] page dumped because: kasan: bad access detected [ 14.650862] [ 14.650932] Memory state around the buggy address: [ 14.651167] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.651486] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.651867] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.652457] ^ [ 14.652613] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652828] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653173] ================================================================== [ 15.581678] ================================================================== [ 15.582091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.583195] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.583502] [ 15.583581] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.583622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.583634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.583655] Call Trace: [ 15.583669] <TASK> [ 15.583683] dump_stack_lvl+0x73/0xb0 [ 15.583710] print_report+0xd1/0x610 [ 15.583788] ? __virt_addr_valid+0x1db/0x2d0 [ 15.583810] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.583831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.583854] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.583876] kasan_report+0x141/0x180 [ 15.583898] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.583924] kasan_check_range+0x10c/0x1c0 [ 15.583948] __kasan_check_write+0x18/0x20 [ 15.583967] kasan_atomics_helper+0x1ce1/0x5450 [ 15.583990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.584024] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.584048] ? kasan_atomics+0x152/0x310 [ 15.584075] kasan_atomics+0x1dc/0x310 [ 15.584097] ? __pfx_kasan_atomics+0x10/0x10 [ 15.584120] ? __pfx_read_tsc+0x10/0x10 [ 15.584142] ? ktime_get_ts64+0x86/0x230 [ 15.584166] kunit_try_run_case+0x1a5/0x480 [ 15.584190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.584235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.584259] ? __kthread_parkme+0x82/0x180 [ 15.584279] ? preempt_count_sub+0x50/0x80 [ 15.584302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.584350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.584373] kthread+0x337/0x6f0 [ 15.584510] ? trace_preempt_on+0x20/0xc0 [ 15.584538] ? __pfx_kthread+0x10/0x10 [ 15.584559] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.584581] ? calculate_sigpending+0x7b/0xa0 [ 15.584603] ? __pfx_kthread+0x10/0x10 [ 15.584625] ret_from_fork+0x116/0x1d0 [ 15.584643] ? __pfx_kthread+0x10/0x10 [ 15.584698] ret_from_fork_asm+0x1a/0x30 [ 15.584729] </TASK> [ 15.584740] [ 15.596221] Allocated by task 283: [ 15.596635] kasan_save_stack+0x45/0x70 [ 15.596839] kasan_save_track+0x18/0x40 [ 15.597152] kasan_save_alloc_info+0x3b/0x50 [ 15.597549] __kasan_kmalloc+0xb7/0xc0 [ 15.597938] __kmalloc_cache_noprof+0x189/0x420 [ 15.598409] kasan_atomics+0x95/0x310 [ 15.598690] kunit_try_run_case+0x1a5/0x480 [ 15.598974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.599278] kthread+0x337/0x6f0 [ 15.599446] ret_from_fork+0x116/0x1d0 [ 15.600024] ret_from_fork_asm+0x1a/0x30 [ 15.600295] [ 15.600374] The buggy address belongs to the object at ffff8881039b8880 [ 15.600374] which belongs to the cache kmalloc-64 of size 64 [ 15.601258] The buggy address is located 0 bytes to the right of [ 15.601258] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.602281] [ 15.602389] The buggy address belongs to the physical page: [ 15.602748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.603276] flags: 0x200000000000000(node=0|zone=2) [ 15.603689] page_type: f5(slab) [ 15.603875] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.604557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.604928] page dumped because: kasan: bad access detected [ 15.605287] [ 15.605423] Memory state around the buggy address: [ 15.605593] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.606250] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.606904] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.607383] ^ [ 15.607785] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608310] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608807] ================================================================== [ 14.653796] ================================================================== [ 14.654122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.654525] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.654861] [ 14.654944] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.654985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.654997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.655029] Call Trace: [ 14.655041] <TASK> [ 14.655055] dump_stack_lvl+0x73/0xb0 [ 14.655081] print_report+0xd1/0x610 [ 14.655103] ? __virt_addr_valid+0x1db/0x2d0 [ 14.655126] ? kasan_atomics_helper+0x72f/0x5450 [ 14.655146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.655171] ? kasan_atomics_helper+0x72f/0x5450 [ 14.655192] kasan_report+0x141/0x180 [ 14.655214] ? kasan_atomics_helper+0x72f/0x5450 [ 14.655240] kasan_check_range+0x10c/0x1c0 [ 14.655264] __kasan_check_write+0x18/0x20 [ 14.655283] kasan_atomics_helper+0x72f/0x5450 [ 14.655304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.655326] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.655425] ? kasan_atomics+0x152/0x310 [ 14.655455] kasan_atomics+0x1dc/0x310 [ 14.655479] ? __pfx_kasan_atomics+0x10/0x10 [ 14.655504] ? __pfx_read_tsc+0x10/0x10 [ 14.655524] ? ktime_get_ts64+0x86/0x230 [ 14.655548] kunit_try_run_case+0x1a5/0x480 [ 14.655572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.655617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.655640] ? __kthread_parkme+0x82/0x180 [ 14.655673] ? preempt_count_sub+0x50/0x80 [ 14.655696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.655744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.655767] kthread+0x337/0x6f0 [ 14.655786] ? trace_preempt_on+0x20/0xc0 [ 14.655809] ? __pfx_kthread+0x10/0x10 [ 14.655829] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.655852] ? calculate_sigpending+0x7b/0xa0 [ 14.655874] ? __pfx_kthread+0x10/0x10 [ 14.655896] ret_from_fork+0x116/0x1d0 [ 14.655914] ? __pfx_kthread+0x10/0x10 [ 14.655934] ret_from_fork_asm+0x1a/0x30 [ 14.655964] </TASK> [ 14.655975] [ 14.664498] Allocated by task 283: [ 14.664683] kasan_save_stack+0x45/0x70 [ 14.664886] kasan_save_track+0x18/0x40 [ 14.665094] kasan_save_alloc_info+0x3b/0x50 [ 14.665305] __kasan_kmalloc+0xb7/0xc0 [ 14.665673] __kmalloc_cache_noprof+0x189/0x420 [ 14.665902] kasan_atomics+0x95/0x310 [ 14.666101] kunit_try_run_case+0x1a5/0x480 [ 14.666309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.666669] kthread+0x337/0x6f0 [ 14.666840] ret_from_fork+0x116/0x1d0 [ 14.667035] ret_from_fork_asm+0x1a/0x30 [ 14.667237] [ 14.667320] The buggy address belongs to the object at ffff8881039b8880 [ 14.667320] which belongs to the cache kmalloc-64 of size 64 [ 14.667874] The buggy address is located 0 bytes to the right of [ 14.667874] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.668496] [ 14.668599] The buggy address belongs to the physical page: [ 14.668825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.669137] flags: 0x200000000000000(node=0|zone=2) [ 14.669605] page_type: f5(slab) [ 14.669762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.670082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.670474] page dumped because: kasan: bad access detected [ 14.670696] [ 14.670790] Memory state around the buggy address: [ 14.670973] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.671266] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.671646] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.671883] ^ [ 14.672052] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672269] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672582] ================================================================== [ 14.556946] ================================================================== [ 14.557195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.557890] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.558242] [ 14.558425] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.558466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558498] Call Trace: [ 14.558512] <TASK> [ 14.558526] dump_stack_lvl+0x73/0xb0 [ 14.558552] print_report+0xd1/0x610 [ 14.558573] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558595] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.558615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.558637] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.558658] kasan_report+0x141/0x180 [ 14.558680] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.558706] kasan_check_range+0x10c/0x1c0 [ 14.558729] __kasan_check_write+0x18/0x20 [ 14.558748] kasan_atomics_helper+0x4a0/0x5450 [ 14.558770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.558792] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.558816] ? kasan_atomics+0x152/0x310 [ 14.558842] kasan_atomics+0x1dc/0x310 [ 14.558864] ? __pfx_kasan_atomics+0x10/0x10 [ 14.558888] ? __pfx_read_tsc+0x10/0x10 [ 14.558908] ? ktime_get_ts64+0x86/0x230 [ 14.558932] kunit_try_run_case+0x1a5/0x480 [ 14.558955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559035] ? __kthread_parkme+0x82/0x180 [ 14.559055] ? preempt_count_sub+0x50/0x80 [ 14.559078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559149] kthread+0x337/0x6f0 [ 14.559168] ? trace_preempt_on+0x20/0xc0 [ 14.559191] ? __pfx_kthread+0x10/0x10 [ 14.559212] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559233] ? calculate_sigpending+0x7b/0xa0 [ 14.559256] ? __pfx_kthread+0x10/0x10 [ 14.559278] ret_from_fork+0x116/0x1d0 [ 14.559296] ? __pfx_kthread+0x10/0x10 [ 14.559317] ret_from_fork_asm+0x1a/0x30 [ 14.559347] </TASK> [ 14.559358] [ 14.568034] Allocated by task 283: [ 14.568254] kasan_save_stack+0x45/0x70 [ 14.568497] kasan_save_track+0x18/0x40 [ 14.568683] kasan_save_alloc_info+0x3b/0x50 [ 14.568893] __kasan_kmalloc+0xb7/0xc0 [ 14.569045] __kmalloc_cache_noprof+0x189/0x420 [ 14.569209] kasan_atomics+0x95/0x310 [ 14.569344] kunit_try_run_case+0x1a5/0x480 [ 14.569584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569841] kthread+0x337/0x6f0 [ 14.570019] ret_from_fork+0x116/0x1d0 [ 14.570211] ret_from_fork_asm+0x1a/0x30 [ 14.570368] [ 14.570438] The buggy address belongs to the object at ffff8881039b8880 [ 14.570438] which belongs to the cache kmalloc-64 of size 64 [ 14.570791] The buggy address is located 0 bytes to the right of [ 14.570791] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.571170] [ 14.571242] The buggy address belongs to the physical page: [ 14.571414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.571660] flags: 0x200000000000000(node=0|zone=2) [ 14.571905] page_type: f5(slab) [ 14.572078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.572433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.572766] page dumped because: kasan: bad access detected [ 14.573029] [ 14.573121] Memory state around the buggy address: [ 14.573341] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.574035] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.574355] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.574631] ^ [ 14.574788] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575013] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575225] ================================================================== [ 14.729119] ================================================================== [ 14.729664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.729986] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.730291] [ 14.730475] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.730518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.730530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.730551] Call Trace: [ 14.730565] <TASK> [ 14.730578] dump_stack_lvl+0x73/0xb0 [ 14.730604] print_report+0xd1/0x610 [ 14.730626] ? __virt_addr_valid+0x1db/0x2d0 [ 14.730647] ? kasan_atomics_helper+0x992/0x5450 [ 14.730667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.730689] ? kasan_atomics_helper+0x992/0x5450 [ 14.730710] kasan_report+0x141/0x180 [ 14.730732] ? kasan_atomics_helper+0x992/0x5450 [ 14.730757] kasan_check_range+0x10c/0x1c0 [ 14.730781] __kasan_check_write+0x18/0x20 [ 14.730799] kasan_atomics_helper+0x992/0x5450 [ 14.730822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.730844] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.730868] ? kasan_atomics+0x152/0x310 [ 14.730894] kasan_atomics+0x1dc/0x310 [ 14.730917] ? __pfx_kasan_atomics+0x10/0x10 [ 14.730941] ? __pfx_read_tsc+0x10/0x10 [ 14.730961] ? ktime_get_ts64+0x86/0x230 [ 14.730985] kunit_try_run_case+0x1a5/0x480 [ 14.731020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.731043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.731067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.731092] ? __kthread_parkme+0x82/0x180 [ 14.731112] ? preempt_count_sub+0x50/0x80 [ 14.731135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.731159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.731183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.731206] kthread+0x337/0x6f0 [ 14.731226] ? trace_preempt_on+0x20/0xc0 [ 14.731249] ? __pfx_kthread+0x10/0x10 [ 14.731270] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.731291] ? calculate_sigpending+0x7b/0xa0 [ 14.731315] ? __pfx_kthread+0x10/0x10 [ 14.731336] ret_from_fork+0x116/0x1d0 [ 14.731428] ? __pfx_kthread+0x10/0x10 [ 14.731452] ret_from_fork_asm+0x1a/0x30 [ 14.731483] </TASK> [ 14.731494] [ 14.739065] Allocated by task 283: [ 14.739236] kasan_save_stack+0x45/0x70 [ 14.739470] kasan_save_track+0x18/0x40 [ 14.739613] kasan_save_alloc_info+0x3b/0x50 [ 14.739764] __kasan_kmalloc+0xb7/0xc0 [ 14.739897] __kmalloc_cache_noprof+0x189/0x420 [ 14.740091] kasan_atomics+0x95/0x310 [ 14.740277] kunit_try_run_case+0x1a5/0x480 [ 14.740565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.740826] kthread+0x337/0x6f0 [ 14.741014] ret_from_fork+0x116/0x1d0 [ 14.741151] ret_from_fork_asm+0x1a/0x30 [ 14.741290] [ 14.741562] The buggy address belongs to the object at ffff8881039b8880 [ 14.741562] which belongs to the cache kmalloc-64 of size 64 [ 14.741921] The buggy address is located 0 bytes to the right of [ 14.741921] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.742306] [ 14.742488] The buggy address belongs to the physical page: [ 14.742771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.743134] flags: 0x200000000000000(node=0|zone=2) [ 14.743465] page_type: f5(slab) [ 14.743636] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.743984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.744317] page dumped because: kasan: bad access detected [ 14.744573] [ 14.744649] Memory state around the buggy address: [ 14.744804] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.745046] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.745265] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.745671] ^ [ 14.745849] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746188] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746592] ================================================================== [ 15.657541] ================================================================== [ 15.657904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.658279] Write of size 8 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 15.658512] [ 15.658590] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.658629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.658642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.658663] Call Trace: [ 15.658675] <TASK> [ 15.658690] dump_stack_lvl+0x73/0xb0 [ 15.659398] print_report+0xd1/0x610 [ 15.659424] ? __virt_addr_valid+0x1db/0x2d0 [ 15.659448] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.659480] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.659503] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.659525] kasan_report+0x141/0x180 [ 15.659548] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.659574] kasan_check_range+0x10c/0x1c0 [ 15.659600] __kasan_check_write+0x18/0x20 [ 15.659620] kasan_atomics_helper+0x1eaa/0x5450 [ 15.659643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.659666] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.659690] ? kasan_atomics+0x152/0x310 [ 15.659717] kasan_atomics+0x1dc/0x310 [ 15.659740] ? __pfx_kasan_atomics+0x10/0x10 [ 15.659764] ? __pfx_read_tsc+0x10/0x10 [ 15.659785] ? ktime_get_ts64+0x86/0x230 [ 15.659810] kunit_try_run_case+0x1a5/0x480 [ 15.659834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.659857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.660514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.660554] ? __kthread_parkme+0x82/0x180 [ 15.660593] ? preempt_count_sub+0x50/0x80 [ 15.660617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.660642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.660666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.660690] kthread+0x337/0x6f0 [ 15.660709] ? trace_preempt_on+0x20/0xc0 [ 15.660734] ? __pfx_kthread+0x10/0x10 [ 15.660754] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.660775] ? calculate_sigpending+0x7b/0xa0 [ 15.660798] ? __pfx_kthread+0x10/0x10 [ 15.660819] ret_from_fork+0x116/0x1d0 [ 15.660838] ? __pfx_kthread+0x10/0x10 [ 15.660858] ret_from_fork_asm+0x1a/0x30 [ 15.660889] </TASK> [ 15.660899] [ 15.672344] Allocated by task 283: [ 15.672712] kasan_save_stack+0x45/0x70 [ 15.673083] kasan_save_track+0x18/0x40 [ 15.673426] kasan_save_alloc_info+0x3b/0x50 [ 15.673639] __kasan_kmalloc+0xb7/0xc0 [ 15.673820] __kmalloc_cache_noprof+0x189/0x420 [ 15.674053] kasan_atomics+0x95/0x310 [ 15.674235] kunit_try_run_case+0x1a5/0x480 [ 15.674649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.675042] kthread+0x337/0x6f0 [ 15.675204] ret_from_fork+0x116/0x1d0 [ 15.675524] ret_from_fork_asm+0x1a/0x30 [ 15.675673] [ 15.675869] The buggy address belongs to the object at ffff8881039b8880 [ 15.675869] which belongs to the cache kmalloc-64 of size 64 [ 15.676601] The buggy address is located 0 bytes to the right of [ 15.676601] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 15.677235] [ 15.677350] The buggy address belongs to the physical page: [ 15.677749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 15.678264] flags: 0x200000000000000(node=0|zone=2) [ 15.678622] page_type: f5(slab) [ 15.678823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.679372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.679938] page dumped because: kasan: bad access detected [ 15.680180] [ 15.680355] Memory state around the buggy address: [ 15.680573] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.681132] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.681641] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.682191] ^ [ 15.682502] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.683048] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.683424] ================================================================== [ 14.710694] ================================================================== [ 14.711053] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.711500] Write of size 4 at addr ffff8881039b88b0 by task kunit_try_catch/283 [ 14.711838] [ 14.711948] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.711990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.712003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.712035] Call Trace: [ 14.712050] <TASK> [ 14.712066] dump_stack_lvl+0x73/0xb0 [ 14.712094] print_report+0xd1/0x610 [ 14.712115] ? __virt_addr_valid+0x1db/0x2d0 [ 14.712138] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.712158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.712181] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.712203] kasan_report+0x141/0x180 [ 14.712225] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.712251] kasan_check_range+0x10c/0x1c0 [ 14.712274] __kasan_check_write+0x18/0x20 [ 14.712293] kasan_atomics_helper+0x8f9/0x5450 [ 14.712316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.712338] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.712440] ? kasan_atomics+0x152/0x310 [ 14.712466] kasan_atomics+0x1dc/0x310 [ 14.712489] ? __pfx_kasan_atomics+0x10/0x10 [ 14.712514] ? __pfx_read_tsc+0x10/0x10 [ 14.712535] ? ktime_get_ts64+0x86/0x230 [ 14.712559] kunit_try_run_case+0x1a5/0x480 [ 14.712584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.712607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.712630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.712653] ? __kthread_parkme+0x82/0x180 [ 14.712674] ? preempt_count_sub+0x50/0x80 [ 14.712699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.712723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.712747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.712770] kthread+0x337/0x6f0 [ 14.712789] ? trace_preempt_on+0x20/0xc0 [ 14.712812] ? __pfx_kthread+0x10/0x10 [ 14.712832] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.712854] ? calculate_sigpending+0x7b/0xa0 [ 14.712877] ? __pfx_kthread+0x10/0x10 [ 14.712899] ret_from_fork+0x116/0x1d0 [ 14.712916] ? __pfx_kthread+0x10/0x10 [ 14.712937] ret_from_fork_asm+0x1a/0x30 [ 14.712974] </TASK> [ 14.712985] [ 14.720850] Allocated by task 283: [ 14.720991] kasan_save_stack+0x45/0x70 [ 14.721198] kasan_save_track+0x18/0x40 [ 14.721643] kasan_save_alloc_info+0x3b/0x50 [ 14.721866] __kasan_kmalloc+0xb7/0xc0 [ 14.722069] __kmalloc_cache_noprof+0x189/0x420 [ 14.722295] kasan_atomics+0x95/0x310 [ 14.722565] kunit_try_run_case+0x1a5/0x480 [ 14.722748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.722930] kthread+0x337/0x6f0 [ 14.723112] ret_from_fork+0x116/0x1d0 [ 14.723302] ret_from_fork_asm+0x1a/0x30 [ 14.723574] [ 14.723668] The buggy address belongs to the object at ffff8881039b8880 [ 14.723668] which belongs to the cache kmalloc-64 of size 64 [ 14.724107] The buggy address is located 0 bytes to the right of [ 14.724107] allocated 48-byte region [ffff8881039b8880, ffff8881039b88b0) [ 14.724671] [ 14.724761] The buggy address belongs to the physical page: [ 14.724967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.725304] flags: 0x200000000000000(node=0|zone=2) [ 14.725703] page_type: f5(slab) [ 14.725860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.726161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.726534] page dumped because: kasan: bad access detected [ 14.726701] [ 14.726770] Memory state around the buggy address: [ 14.726917] ffff8881039b8780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 14.727135] ffff8881039b8800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.727344] >ffff8881039b8880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.727648] ^ [ 14.727868] ffff8881039b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.728260] ffff8881039b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.728652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.327228] ================================================================== [ 14.327807] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.328231] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.328692] [ 14.328801] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.328844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.328856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.328876] Call Trace: [ 14.328888] <TASK> [ 14.328900] dump_stack_lvl+0x73/0xb0 [ 14.328926] print_report+0xd1/0x610 [ 14.328947] ? __virt_addr_valid+0x1db/0x2d0 [ 14.328974] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.328999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.329030] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.329056] kasan_report+0x141/0x180 [ 14.329077] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.329108] kasan_check_range+0x10c/0x1c0 [ 14.329130] __kasan_check_write+0x18/0x20 [ 14.329148] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.329174] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.329200] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.329223] ? trace_hardirqs_on+0x37/0xe0 [ 14.329243] ? kasan_bitops_generic+0x92/0x1c0 [ 14.329269] kasan_bitops_generic+0x121/0x1c0 [ 14.329291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.329315] ? __pfx_read_tsc+0x10/0x10 [ 14.329334] ? ktime_get_ts64+0x86/0x230 [ 14.329358] kunit_try_run_case+0x1a5/0x480 [ 14.329436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.329458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.329480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.329503] ? __kthread_parkme+0x82/0x180 [ 14.329522] ? preempt_count_sub+0x50/0x80 [ 14.329544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.329567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.329589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.329612] kthread+0x337/0x6f0 [ 14.329629] ? trace_preempt_on+0x20/0xc0 [ 14.329650] ? __pfx_kthread+0x10/0x10 [ 14.329670] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.329690] ? calculate_sigpending+0x7b/0xa0 [ 14.329712] ? __pfx_kthread+0x10/0x10 [ 14.329733] ret_from_fork+0x116/0x1d0 [ 14.329751] ? __pfx_kthread+0x10/0x10 [ 14.329770] ret_from_fork_asm+0x1a/0x30 [ 14.329800] </TASK> [ 14.329810] [ 14.337987] Allocated by task 278: [ 14.338125] kasan_save_stack+0x45/0x70 [ 14.338381] kasan_save_track+0x18/0x40 [ 14.338676] kasan_save_alloc_info+0x3b/0x50 [ 14.338906] __kasan_kmalloc+0xb7/0xc0 [ 14.339082] __kmalloc_cache_noprof+0x189/0x420 [ 14.339287] kasan_bitops_generic+0x92/0x1c0 [ 14.339433] kunit_try_run_case+0x1a5/0x480 [ 14.339834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.340120] kthread+0x337/0x6f0 [ 14.340282] ret_from_fork+0x116/0x1d0 [ 14.340540] ret_from_fork_asm+0x1a/0x30 [ 14.340690] [ 14.340763] The buggy address belongs to the object at ffff888101df6d60 [ 14.340763] which belongs to the cache kmalloc-16 of size 16 [ 14.341195] The buggy address is located 8 bytes inside of [ 14.341195] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.341713] [ 14.341808] The buggy address belongs to the physical page: [ 14.342111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.342353] flags: 0x200000000000000(node=0|zone=2) [ 14.342514] page_type: f5(slab) [ 14.342732] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.343102] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.343574] page dumped because: kasan: bad access detected [ 14.343843] [ 14.343938] Memory state around the buggy address: [ 14.344152] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.344684] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.344993] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.345300] ^ [ 14.345630] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.345911] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.346200] ================================================================== [ 14.369243] ================================================================== [ 14.369623] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.369958] Read of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.370301] [ 14.370459] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.370502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.370514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.370534] Call Trace: [ 14.370548] <TASK> [ 14.370563] dump_stack_lvl+0x73/0xb0 [ 14.370588] print_report+0xd1/0x610 [ 14.370609] ? __virt_addr_valid+0x1db/0x2d0 [ 14.370629] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.370654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.370676] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.370701] kasan_report+0x141/0x180 [ 14.370722] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.370753] __asan_report_load8_noabort+0x18/0x20 [ 14.370776] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.370802] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.370830] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.370853] ? trace_hardirqs_on+0x37/0xe0 [ 14.370874] ? kasan_bitops_generic+0x92/0x1c0 [ 14.370900] kasan_bitops_generic+0x121/0x1c0 [ 14.370922] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.370946] ? __pfx_read_tsc+0x10/0x10 [ 14.370965] ? ktime_get_ts64+0x86/0x230 [ 14.370988] kunit_try_run_case+0x1a5/0x480 [ 14.371084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.371106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.371128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.371150] ? __kthread_parkme+0x82/0x180 [ 14.371170] ? preempt_count_sub+0x50/0x80 [ 14.371192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.371215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.371237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.371259] kthread+0x337/0x6f0 [ 14.371278] ? trace_preempt_on+0x20/0xc0 [ 14.371299] ? __pfx_kthread+0x10/0x10 [ 14.371319] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.371339] ? calculate_sigpending+0x7b/0xa0 [ 14.371361] ? __pfx_kthread+0x10/0x10 [ 14.371398] ret_from_fork+0x116/0x1d0 [ 14.371416] ? __pfx_kthread+0x10/0x10 [ 14.371435] ret_from_fork_asm+0x1a/0x30 [ 14.371465] </TASK> [ 14.371474] [ 14.379125] Allocated by task 278: [ 14.379252] kasan_save_stack+0x45/0x70 [ 14.379506] kasan_save_track+0x18/0x40 [ 14.379709] kasan_save_alloc_info+0x3b/0x50 [ 14.379922] __kasan_kmalloc+0xb7/0xc0 [ 14.380124] __kmalloc_cache_noprof+0x189/0x420 [ 14.380350] kasan_bitops_generic+0x92/0x1c0 [ 14.380585] kunit_try_run_case+0x1a5/0x480 [ 14.380757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.381001] kthread+0x337/0x6f0 [ 14.381142] ret_from_fork+0x116/0x1d0 [ 14.381330] ret_from_fork_asm+0x1a/0x30 [ 14.381722] [ 14.381821] The buggy address belongs to the object at ffff888101df6d60 [ 14.381821] which belongs to the cache kmalloc-16 of size 16 [ 14.382313] The buggy address is located 8 bytes inside of [ 14.382313] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.382938] [ 14.383054] The buggy address belongs to the physical page: [ 14.383273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.383612] flags: 0x200000000000000(node=0|zone=2) [ 14.383774] page_type: f5(slab) [ 14.383892] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.384137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.384367] page dumped because: kasan: bad access detected [ 14.384650] [ 14.384789] Memory state around the buggy address: [ 14.385030] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.385352] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.385706] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.385951] ^ [ 14.386161] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.386546] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.386887] ================================================================== [ 14.305742] ================================================================== [ 14.306070] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.306460] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.306755] [ 14.306852] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.306892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306922] Call Trace: [ 14.306934] <TASK> [ 14.306947] dump_stack_lvl+0x73/0xb0 [ 14.306970] print_report+0xd1/0x610 [ 14.306991] ? __virt_addr_valid+0x1db/0x2d0 [ 14.307023] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.307049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.307070] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.307096] kasan_report+0x141/0x180 [ 14.307117] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.307147] kasan_check_range+0x10c/0x1c0 [ 14.307169] __kasan_check_write+0x18/0x20 [ 14.307187] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.307213] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.307240] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.307262] ? trace_hardirqs_on+0x37/0xe0 [ 14.307282] ? kasan_bitops_generic+0x92/0x1c0 [ 14.307308] kasan_bitops_generic+0x121/0x1c0 [ 14.307331] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.307354] ? __pfx_read_tsc+0x10/0x10 [ 14.307373] ? ktime_get_ts64+0x86/0x230 [ 14.307395] kunit_try_run_case+0x1a5/0x480 [ 14.307417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.307460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307482] ? __kthread_parkme+0x82/0x180 [ 14.307501] ? preempt_count_sub+0x50/0x80 [ 14.307523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307591] kthread+0x337/0x6f0 [ 14.307608] ? trace_preempt_on+0x20/0xc0 [ 14.307629] ? __pfx_kthread+0x10/0x10 [ 14.307649] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307669] ? calculate_sigpending+0x7b/0xa0 [ 14.307692] ? __pfx_kthread+0x10/0x10 [ 14.307712] ret_from_fork+0x116/0x1d0 [ 14.307729] ? __pfx_kthread+0x10/0x10 [ 14.307748] ret_from_fork_asm+0x1a/0x30 [ 14.307777] </TASK> [ 14.307786] [ 14.316682] Allocated by task 278: [ 14.316862] kasan_save_stack+0x45/0x70 [ 14.317080] kasan_save_track+0x18/0x40 [ 14.317271] kasan_save_alloc_info+0x3b/0x50 [ 14.317640] __kasan_kmalloc+0xb7/0xc0 [ 14.317834] __kmalloc_cache_noprof+0x189/0x420 [ 14.318075] kasan_bitops_generic+0x92/0x1c0 [ 14.318288] kunit_try_run_case+0x1a5/0x480 [ 14.318521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.318767] kthread+0x337/0x6f0 [ 14.318989] ret_from_fork+0x116/0x1d0 [ 14.319191] ret_from_fork_asm+0x1a/0x30 [ 14.319441] [ 14.319615] The buggy address belongs to the object at ffff888101df6d60 [ 14.319615] which belongs to the cache kmalloc-16 of size 16 [ 14.320078] The buggy address is located 8 bytes inside of [ 14.320078] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.320698] [ 14.320778] The buggy address belongs to the physical page: [ 14.321031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.321344] flags: 0x200000000000000(node=0|zone=2) [ 14.321625] page_type: f5(slab) [ 14.321766] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.322088] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.322330] page dumped because: kasan: bad access detected [ 14.322758] [ 14.322871] Memory state around the buggy address: [ 14.323125] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.325051] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.325357] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.325571] ^ [ 14.325769] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.325982] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.326756] ================================================================== [ 14.265514] ================================================================== [ 14.266206] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.266658] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.267107] [ 14.267203] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.267244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.267256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.267276] Call Trace: [ 14.267289] <TASK> [ 14.267304] dump_stack_lvl+0x73/0xb0 [ 14.267331] print_report+0xd1/0x610 [ 14.267352] ? __virt_addr_valid+0x1db/0x2d0 [ 14.267583] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.267610] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.267632] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.267658] kasan_report+0x141/0x180 [ 14.267678] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.267709] kasan_check_range+0x10c/0x1c0 [ 14.267731] __kasan_check_write+0x18/0x20 [ 14.267749] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.267775] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.267802] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.267824] ? trace_hardirqs_on+0x37/0xe0 [ 14.267846] ? kasan_bitops_generic+0x92/0x1c0 [ 14.267873] kasan_bitops_generic+0x121/0x1c0 [ 14.267895] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.267918] ? __pfx_read_tsc+0x10/0x10 [ 14.267939] ? ktime_get_ts64+0x86/0x230 [ 14.267962] kunit_try_run_case+0x1a5/0x480 [ 14.267984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.268019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.268041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.268063] ? __kthread_parkme+0x82/0x180 [ 14.268081] ? preempt_count_sub+0x50/0x80 [ 14.268103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.268126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.268148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.268170] kthread+0x337/0x6f0 [ 14.268189] ? trace_preempt_on+0x20/0xc0 [ 14.268209] ? __pfx_kthread+0x10/0x10 [ 14.268229] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.268249] ? calculate_sigpending+0x7b/0xa0 [ 14.268272] ? __pfx_kthread+0x10/0x10 [ 14.268292] ret_from_fork+0x116/0x1d0 [ 14.268310] ? __pfx_kthread+0x10/0x10 [ 14.268328] ret_from_fork_asm+0x1a/0x30 [ 14.268358] </TASK> [ 14.268367] [ 14.277371] Allocated by task 278: [ 14.277508] kasan_save_stack+0x45/0x70 [ 14.277651] kasan_save_track+0x18/0x40 [ 14.277786] kasan_save_alloc_info+0x3b/0x50 [ 14.278000] __kasan_kmalloc+0xb7/0xc0 [ 14.278251] __kmalloc_cache_noprof+0x189/0x420 [ 14.278559] kasan_bitops_generic+0x92/0x1c0 [ 14.278766] kunit_try_run_case+0x1a5/0x480 [ 14.278932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.279116] kthread+0x337/0x6f0 [ 14.279237] ret_from_fork+0x116/0x1d0 [ 14.279459] ret_from_fork_asm+0x1a/0x30 [ 14.279667] [ 14.279763] The buggy address belongs to the object at ffff888101df6d60 [ 14.279763] which belongs to the cache kmalloc-16 of size 16 [ 14.280313] The buggy address is located 8 bytes inside of [ 14.280313] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.281157] [ 14.281265] The buggy address belongs to the physical page: [ 14.281593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.281840] flags: 0x200000000000000(node=0|zone=2) [ 14.282001] page_type: f5(slab) [ 14.282134] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.282637] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.282978] page dumped because: kasan: bad access detected [ 14.283242] [ 14.283336] Memory state around the buggy address: [ 14.283848] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.284170] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.284515] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.284804] ^ [ 14.285026] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.285241] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.285480] ================================================================== [ 14.238255] ================================================================== [ 14.238761] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.239177] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.239916] [ 14.240130] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.240174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.240185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.240206] Call Trace: [ 14.240218] <TASK> [ 14.240232] dump_stack_lvl+0x73/0xb0 [ 14.240260] print_report+0xd1/0x610 [ 14.240370] ? __virt_addr_valid+0x1db/0x2d0 [ 14.240397] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.240424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.240454] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.240481] kasan_report+0x141/0x180 [ 14.240502] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.240533] kasan_check_range+0x10c/0x1c0 [ 14.240555] __kasan_check_write+0x18/0x20 [ 14.240574] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.240600] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.240627] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.240648] ? trace_hardirqs_on+0x37/0xe0 [ 14.240669] ? kasan_bitops_generic+0x92/0x1c0 [ 14.240695] kasan_bitops_generic+0x121/0x1c0 [ 14.240717] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.240741] ? __pfx_read_tsc+0x10/0x10 [ 14.240760] ? ktime_get_ts64+0x86/0x230 [ 14.240782] kunit_try_run_case+0x1a5/0x480 [ 14.240805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.240852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.240874] ? __kthread_parkme+0x82/0x180 [ 14.240893] ? preempt_count_sub+0x50/0x80 [ 14.240915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.240961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.240990] kthread+0x337/0x6f0 [ 14.241021] ? trace_preempt_on+0x20/0xc0 [ 14.241042] ? __pfx_kthread+0x10/0x10 [ 14.241062] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.241082] ? calculate_sigpending+0x7b/0xa0 [ 14.241106] ? __pfx_kthread+0x10/0x10 [ 14.241127] ret_from_fork+0x116/0x1d0 [ 14.241144] ? __pfx_kthread+0x10/0x10 [ 14.241164] ret_from_fork_asm+0x1a/0x30 [ 14.241193] </TASK> [ 14.241202] [ 14.253349] Allocated by task 278: [ 14.253750] kasan_save_stack+0x45/0x70 [ 14.253948] kasan_save_track+0x18/0x40 [ 14.254235] kasan_save_alloc_info+0x3b/0x50 [ 14.254812] __kasan_kmalloc+0xb7/0xc0 [ 14.255016] __kmalloc_cache_noprof+0x189/0x420 [ 14.255209] kasan_bitops_generic+0x92/0x1c0 [ 14.255623] kunit_try_run_case+0x1a5/0x480 [ 14.255847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.256088] kthread+0x337/0x6f0 [ 14.256248] ret_from_fork+0x116/0x1d0 [ 14.256742] ret_from_fork_asm+0x1a/0x30 [ 14.256944] [ 14.257038] The buggy address belongs to the object at ffff888101df6d60 [ 14.257038] which belongs to the cache kmalloc-16 of size 16 [ 14.257886] The buggy address is located 8 bytes inside of [ 14.257886] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.258795] [ 14.258900] The buggy address belongs to the physical page: [ 14.259157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.259676] flags: 0x200000000000000(node=0|zone=2) [ 14.259917] page_type: f5(slab) [ 14.260061] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.260681] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.261114] page dumped because: kasan: bad access detected [ 14.261472] [ 14.261589] Memory state around the buggy address: [ 14.262017] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.262521] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.262907] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.263240] ^ [ 14.263677] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264094] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264793] ================================================================== [ 14.177939] ================================================================== [ 14.178199] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.179127] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.179726] [ 14.179839] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.179882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.179894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.179915] Call Trace: [ 14.179927] <TASK> [ 14.179941] dump_stack_lvl+0x73/0xb0 [ 14.179968] print_report+0xd1/0x610 [ 14.179989] ? __virt_addr_valid+0x1db/0x2d0 [ 14.180021] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.180046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.180068] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.180094] kasan_report+0x141/0x180 [ 14.180116] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.180146] kasan_check_range+0x10c/0x1c0 [ 14.180169] __kasan_check_write+0x18/0x20 [ 14.180187] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.180212] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.180239] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.180262] ? trace_hardirqs_on+0x37/0xe0 [ 14.180281] ? kasan_bitops_generic+0x92/0x1c0 [ 14.180307] kasan_bitops_generic+0x121/0x1c0 [ 14.180329] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.180353] ? __pfx_read_tsc+0x10/0x10 [ 14.180372] ? ktime_get_ts64+0x86/0x230 [ 14.180395] kunit_try_run_case+0x1a5/0x480 [ 14.180417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.180439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.180461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.180483] ? __kthread_parkme+0x82/0x180 [ 14.180502] ? preempt_count_sub+0x50/0x80 [ 14.180524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.180547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.180632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.180658] kthread+0x337/0x6f0 [ 14.180677] ? trace_preempt_on+0x20/0xc0 [ 14.180698] ? __pfx_kthread+0x10/0x10 [ 14.180717] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.180738] ? calculate_sigpending+0x7b/0xa0 [ 14.180761] ? __pfx_kthread+0x10/0x10 [ 14.180782] ret_from_fork+0x116/0x1d0 [ 14.180801] ? __pfx_kthread+0x10/0x10 [ 14.180821] ret_from_fork_asm+0x1a/0x30 [ 14.180850] </TASK> [ 14.180859] [ 14.195276] Allocated by task 278: [ 14.195861] kasan_save_stack+0x45/0x70 [ 14.196050] kasan_save_track+0x18/0x40 [ 14.196231] kasan_save_alloc_info+0x3b/0x50 [ 14.196660] __kasan_kmalloc+0xb7/0xc0 [ 14.196857] __kmalloc_cache_noprof+0x189/0x420 [ 14.197086] kasan_bitops_generic+0x92/0x1c0 [ 14.197280] kunit_try_run_case+0x1a5/0x480 [ 14.197937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.198398] kthread+0x337/0x6f0 [ 14.198672] ret_from_fork+0x116/0x1d0 [ 14.198859] ret_from_fork_asm+0x1a/0x30 [ 14.199051] [ 14.199142] The buggy address belongs to the object at ffff888101df6d60 [ 14.199142] which belongs to the cache kmalloc-16 of size 16 [ 14.200504] The buggy address is located 8 bytes inside of [ 14.200504] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.201417] [ 14.201667] The buggy address belongs to the physical page: [ 14.202054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.202608] flags: 0x200000000000000(node=0|zone=2) [ 14.202845] page_type: f5(slab) [ 14.203013] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.203327] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.204195] page dumped because: kasan: bad access detected [ 14.204389] [ 14.204462] Memory state around the buggy address: [ 14.204618] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.204833] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.205073] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.205283] ^ [ 14.205582] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205912] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.207015] ================================================================== [ 14.208227] ================================================================== [ 14.209392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.210679] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.211554] [ 14.211908] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.211957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.211969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.211989] Call Trace: [ 14.212013] <TASK> [ 14.212026] dump_stack_lvl+0x73/0xb0 [ 14.212189] print_report+0xd1/0x610 [ 14.212220] ? __virt_addr_valid+0x1db/0x2d0 [ 14.212243] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.212268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.212289] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.212316] kasan_report+0x141/0x180 [ 14.212336] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.212367] kasan_check_range+0x10c/0x1c0 [ 14.212413] __kasan_check_write+0x18/0x20 [ 14.212432] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.212458] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.212484] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.212507] ? trace_hardirqs_on+0x37/0xe0 [ 14.212529] ? kasan_bitops_generic+0x92/0x1c0 [ 14.212555] kasan_bitops_generic+0x121/0x1c0 [ 14.212578] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.212602] ? __pfx_read_tsc+0x10/0x10 [ 14.212622] ? ktime_get_ts64+0x86/0x230 [ 14.212644] kunit_try_run_case+0x1a5/0x480 [ 14.212668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.212712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.212734] ? __kthread_parkme+0x82/0x180 [ 14.212753] ? preempt_count_sub+0x50/0x80 [ 14.212775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.212860] kthread+0x337/0x6f0 [ 14.212891] ? trace_preempt_on+0x20/0xc0 [ 14.212912] ? __pfx_kthread+0x10/0x10 [ 14.212932] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212952] ? calculate_sigpending+0x7b/0xa0 [ 14.212978] ? __pfx_kthread+0x10/0x10 [ 14.212999] ret_from_fork+0x116/0x1d0 [ 14.213027] ? __pfx_kthread+0x10/0x10 [ 14.213046] ret_from_fork_asm+0x1a/0x30 [ 14.213076] </TASK> [ 14.213086] [ 14.226098] Allocated by task 278: [ 14.226293] kasan_save_stack+0x45/0x70 [ 14.226697] kasan_save_track+0x18/0x40 [ 14.227084] kasan_save_alloc_info+0x3b/0x50 [ 14.227448] __kasan_kmalloc+0xb7/0xc0 [ 14.227801] __kmalloc_cache_noprof+0x189/0x420 [ 14.228128] kasan_bitops_generic+0x92/0x1c0 [ 14.228517] kunit_try_run_case+0x1a5/0x480 [ 14.228837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.229179] kthread+0x337/0x6f0 [ 14.229357] ret_from_fork+0x116/0x1d0 [ 14.229842] ret_from_fork_asm+0x1a/0x30 [ 14.229993] [ 14.230218] The buggy address belongs to the object at ffff888101df6d60 [ 14.230218] which belongs to the cache kmalloc-16 of size 16 [ 14.230876] The buggy address is located 8 bytes inside of [ 14.230876] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.231383] [ 14.231725] The buggy address belongs to the physical page: [ 14.231971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.232450] flags: 0x200000000000000(node=0|zone=2) [ 14.232818] page_type: f5(slab) [ 14.232952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.233486] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.233885] page dumped because: kasan: bad access detected [ 14.234212] [ 14.234316] Memory state around the buggy address: [ 14.234832] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.235226] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.235729] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.236052] ^ [ 14.236334] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.237066] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.237592] ================================================================== [ 14.346769] ================================================================== [ 14.347076] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.347512] Read of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.347815] [ 14.347916] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.347955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.347966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.347986] Call Trace: [ 14.347999] <TASK> [ 14.348024] dump_stack_lvl+0x73/0xb0 [ 14.348050] print_report+0xd1/0x610 [ 14.348071] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348091] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.348118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.348139] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.348165] kasan_report+0x141/0x180 [ 14.348186] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.348217] kasan_check_range+0x10c/0x1c0 [ 14.348238] __kasan_check_read+0x15/0x20 [ 14.348257] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.348283] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.348309] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.348332] ? trace_hardirqs_on+0x37/0xe0 [ 14.348351] ? kasan_bitops_generic+0x92/0x1c0 [ 14.348378] kasan_bitops_generic+0x121/0x1c0 [ 14.348401] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.348436] ? __pfx_read_tsc+0x10/0x10 [ 14.348456] ? ktime_get_ts64+0x86/0x230 [ 14.348478] kunit_try_run_case+0x1a5/0x480 [ 14.348500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.348544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.348566] ? __kthread_parkme+0x82/0x180 [ 14.348585] ? preempt_count_sub+0x50/0x80 [ 14.348607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.348675] kthread+0x337/0x6f0 [ 14.348693] ? trace_preempt_on+0x20/0xc0 [ 14.348714] ? __pfx_kthread+0x10/0x10 [ 14.348734] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.348754] ? calculate_sigpending+0x7b/0xa0 [ 14.348776] ? __pfx_kthread+0x10/0x10 [ 14.348796] ret_from_fork+0x116/0x1d0 [ 14.348814] ? __pfx_kthread+0x10/0x10 [ 14.348834] ret_from_fork_asm+0x1a/0x30 [ 14.348864] </TASK> [ 14.348872] [ 14.357215] Allocated by task 278: [ 14.357401] kasan_save_stack+0x45/0x70 [ 14.357618] kasan_save_track+0x18/0x40 [ 14.357753] kasan_save_alloc_info+0x3b/0x50 [ 14.357900] __kasan_kmalloc+0xb7/0xc0 [ 14.358042] __kmalloc_cache_noprof+0x189/0x420 [ 14.358197] kasan_bitops_generic+0x92/0x1c0 [ 14.358345] kunit_try_run_case+0x1a5/0x480 [ 14.358549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.359360] kthread+0x337/0x6f0 [ 14.359549] ret_from_fork+0x116/0x1d0 [ 14.359736] ret_from_fork_asm+0x1a/0x30 [ 14.359931] [ 14.360036] The buggy address belongs to the object at ffff888101df6d60 [ 14.360036] which belongs to the cache kmalloc-16 of size 16 [ 14.360546] The buggy address is located 8 bytes inside of [ 14.360546] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.361436] [ 14.361618] The buggy address belongs to the physical page: [ 14.361858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.362174] flags: 0x200000000000000(node=0|zone=2) [ 14.363492] page_type: f5(slab) [ 14.363644] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.363877] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.364117] page dumped because: kasan: bad access detected [ 14.364357] [ 14.365118] Memory state around the buggy address: [ 14.365338] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.366186] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.367420] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.367719] ^ [ 14.367925] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368171] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368558] ================================================================== [ 14.285975] ================================================================== [ 14.286732] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.287125] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.287505] [ 14.287603] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.287644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.287655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.287675] Call Trace: [ 14.287687] <TASK> [ 14.287700] dump_stack_lvl+0x73/0xb0 [ 14.287726] print_report+0xd1/0x610 [ 14.287746] ? __virt_addr_valid+0x1db/0x2d0 [ 14.287767] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.287793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.287814] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.287840] kasan_report+0x141/0x180 [ 14.287860] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.287892] kasan_check_range+0x10c/0x1c0 [ 14.287915] __kasan_check_write+0x18/0x20 [ 14.287933] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.287958] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.287985] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.288021] ? trace_hardirqs_on+0x37/0xe0 [ 14.288042] ? kasan_bitops_generic+0x92/0x1c0 [ 14.288068] kasan_bitops_generic+0x121/0x1c0 [ 14.288090] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.288113] ? __pfx_read_tsc+0x10/0x10 [ 14.288133] ? ktime_get_ts64+0x86/0x230 [ 14.288156] kunit_try_run_case+0x1a5/0x480 [ 14.288178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.288221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.288242] ? __kthread_parkme+0x82/0x180 [ 14.288262] ? preempt_count_sub+0x50/0x80 [ 14.288284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.288352] kthread+0x337/0x6f0 [ 14.288370] ? trace_preempt_on+0x20/0xc0 [ 14.288391] ? __pfx_kthread+0x10/0x10 [ 14.288410] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.288492] ? calculate_sigpending+0x7b/0xa0 [ 14.288514] ? __pfx_kthread+0x10/0x10 [ 14.288535] ret_from_fork+0x116/0x1d0 [ 14.288552] ? __pfx_kthread+0x10/0x10 [ 14.288572] ret_from_fork_asm+0x1a/0x30 [ 14.288601] </TASK> [ 14.288612] [ 14.297242] Allocated by task 278: [ 14.297374] kasan_save_stack+0x45/0x70 [ 14.297578] kasan_save_track+0x18/0x40 [ 14.297767] kasan_save_alloc_info+0x3b/0x50 [ 14.298088] __kasan_kmalloc+0xb7/0xc0 [ 14.298235] __kmalloc_cache_noprof+0x189/0x420 [ 14.298492] kasan_bitops_generic+0x92/0x1c0 [ 14.298704] kunit_try_run_case+0x1a5/0x480 [ 14.298914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.299140] kthread+0x337/0x6f0 [ 14.299310] ret_from_fork+0x116/0x1d0 [ 14.299540] ret_from_fork_asm+0x1a/0x30 [ 14.299684] [ 14.299752] The buggy address belongs to the object at ffff888101df6d60 [ 14.299752] which belongs to the cache kmalloc-16 of size 16 [ 14.300116] The buggy address is located 8 bytes inside of [ 14.300116] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.300473] [ 14.300575] The buggy address belongs to the physical page: [ 14.301026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.301377] flags: 0x200000000000000(node=0|zone=2) [ 14.301604] page_type: f5(slab) [ 14.301770] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.302079] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.302301] page dumped because: kasan: bad access detected [ 14.302469] [ 14.302536] Memory state around the buggy address: [ 14.302687] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.303092] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.303419] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.303892] ^ [ 14.304199] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.304916] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.305204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.102866] ================================================================== [ 14.103154] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.103688] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.104032] [ 14.104116] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.104160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.104171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.104190] Call Trace: [ 14.104201] <TASK> [ 14.104214] dump_stack_lvl+0x73/0xb0 [ 14.104240] print_report+0xd1/0x610 [ 14.104261] ? __virt_addr_valid+0x1db/0x2d0 [ 14.104282] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.104339] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104411] kasan_report+0x141/0x180 [ 14.104475] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104507] kasan_check_range+0x10c/0x1c0 [ 14.104530] __kasan_check_write+0x18/0x20 [ 14.104548] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104573] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.104598] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.104650] ? trace_hardirqs_on+0x37/0xe0 [ 14.104671] ? kasan_bitops_generic+0x92/0x1c0 [ 14.104697] kasan_bitops_generic+0x116/0x1c0 [ 14.104719] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.104743] ? __pfx_read_tsc+0x10/0x10 [ 14.104763] ? ktime_get_ts64+0x86/0x230 [ 14.104813] kunit_try_run_case+0x1a5/0x480 [ 14.104836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.104880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.104902] ? __kthread_parkme+0x82/0x180 [ 14.104921] ? preempt_count_sub+0x50/0x80 [ 14.104974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.105031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.105053] kthread+0x337/0x6f0 [ 14.105071] ? trace_preempt_on+0x20/0xc0 [ 14.105092] ? __pfx_kthread+0x10/0x10 [ 14.105112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.105132] ? calculate_sigpending+0x7b/0xa0 [ 14.105154] ? __pfx_kthread+0x10/0x10 [ 14.105174] ret_from_fork+0x116/0x1d0 [ 14.105223] ? __pfx_kthread+0x10/0x10 [ 14.105243] ret_from_fork_asm+0x1a/0x30 [ 14.105272] </TASK> [ 14.105282] [ 14.115071] Allocated by task 278: [ 14.115205] kasan_save_stack+0x45/0x70 [ 14.115597] kasan_save_track+0x18/0x40 [ 14.115886] kasan_save_alloc_info+0x3b/0x50 [ 14.116190] __kasan_kmalloc+0xb7/0xc0 [ 14.116450] __kmalloc_cache_noprof+0x189/0x420 [ 14.116712] kasan_bitops_generic+0x92/0x1c0 [ 14.116953] kunit_try_run_case+0x1a5/0x480 [ 14.117180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.117478] kthread+0x337/0x6f0 [ 14.117773] ret_from_fork+0x116/0x1d0 [ 14.117998] ret_from_fork_asm+0x1a/0x30 [ 14.118151] [ 14.118221] The buggy address belongs to the object at ffff888101df6d60 [ 14.118221] which belongs to the cache kmalloc-16 of size 16 [ 14.118949] The buggy address is located 8 bytes inside of [ 14.118949] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.119693] [ 14.119791] The buggy address belongs to the physical page: [ 14.120075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.120503] flags: 0x200000000000000(node=0|zone=2) [ 14.120887] page_type: f5(slab) [ 14.121035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.121295] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.121998] page dumped because: kasan: bad access detected [ 14.122268] [ 14.122360] Memory state around the buggy address: [ 14.122514] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.122835] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.123241] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.123704] ^ [ 14.124063] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124468] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124787] ================================================================== [ 14.125314] ================================================================== [ 14.125608] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.126417] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.126685] [ 14.126792] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.126900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.126912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.126931] Call Trace: [ 14.126944] <TASK> [ 14.126957] dump_stack_lvl+0x73/0xb0 [ 14.126984] print_report+0xd1/0x610 [ 14.127016] ? __virt_addr_valid+0x1db/0x2d0 [ 14.127038] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.127083] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127140] kasan_report+0x141/0x180 [ 14.127163] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127215] kasan_check_range+0x10c/0x1c0 [ 14.127238] __kasan_check_write+0x18/0x20 [ 14.127256] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127281] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.127305] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.127327] ? trace_hardirqs_on+0x37/0xe0 [ 14.127348] ? kasan_bitops_generic+0x92/0x1c0 [ 14.127420] kasan_bitops_generic+0x116/0x1c0 [ 14.127444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.127467] ? __pfx_read_tsc+0x10/0x10 [ 14.127486] ? ktime_get_ts64+0x86/0x230 [ 14.127509] kunit_try_run_case+0x1a5/0x480 [ 14.127569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.127614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.127636] ? __kthread_parkme+0x82/0x180 [ 14.127655] ? preempt_count_sub+0x50/0x80 [ 14.127676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.127753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.127775] kthread+0x337/0x6f0 [ 14.127793] ? trace_preempt_on+0x20/0xc0 [ 14.127814] ? __pfx_kthread+0x10/0x10 [ 14.127834] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.127853] ? calculate_sigpending+0x7b/0xa0 [ 14.127906] ? __pfx_kthread+0x10/0x10 [ 14.127926] ret_from_fork+0x116/0x1d0 [ 14.127944] ? __pfx_kthread+0x10/0x10 [ 14.127963] ret_from_fork_asm+0x1a/0x30 [ 14.127992] </TASK> [ 14.128002] [ 14.137440] Allocated by task 278: [ 14.137721] kasan_save_stack+0x45/0x70 [ 14.137895] kasan_save_track+0x18/0x40 [ 14.138137] kasan_save_alloc_info+0x3b/0x50 [ 14.138370] __kasan_kmalloc+0xb7/0xc0 [ 14.138650] __kmalloc_cache_noprof+0x189/0x420 [ 14.138878] kasan_bitops_generic+0x92/0x1c0 [ 14.139158] kunit_try_run_case+0x1a5/0x480 [ 14.139650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140092] kthread+0x337/0x6f0 [ 14.140217] ret_from_fork+0x116/0x1d0 [ 14.140350] ret_from_fork_asm+0x1a/0x30 [ 14.140930] [ 14.141105] The buggy address belongs to the object at ffff888101df6d60 [ 14.141105] which belongs to the cache kmalloc-16 of size 16 [ 14.142473] The buggy address is located 8 bytes inside of [ 14.142473] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.143213] [ 14.143292] The buggy address belongs to the physical page: [ 14.143834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.144643] flags: 0x200000000000000(node=0|zone=2) [ 14.145195] page_type: f5(slab) [ 14.145523] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.146141] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.146416] page dumped because: kasan: bad access detected [ 14.147047] [ 14.147237] Memory state around the buggy address: [ 14.147853] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.148607] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.148868] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.149527] ^ [ 14.150122] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.150920] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.151211] ================================================================== [ 14.023742] ================================================================== [ 14.023975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.024555] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.024789] [ 14.024875] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.024918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.024929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.024950] Call Trace: [ 14.024963] <TASK> [ 14.024984] dump_stack_lvl+0x73/0xb0 [ 14.025024] print_report+0xd1/0x610 [ 14.025045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.025066] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.025139] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025163] kasan_report+0x141/0x180 [ 14.025200] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025244] kasan_check_range+0x10c/0x1c0 [ 14.025267] __kasan_check_write+0x18/0x20 [ 14.025298] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025336] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.025467] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.025494] ? trace_hardirqs_on+0x37/0xe0 [ 14.025514] ? kasan_bitops_generic+0x92/0x1c0 [ 14.025541] kasan_bitops_generic+0x116/0x1c0 [ 14.025563] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.025588] ? __pfx_read_tsc+0x10/0x10 [ 14.025607] ? ktime_get_ts64+0x86/0x230 [ 14.025631] kunit_try_run_case+0x1a5/0x480 [ 14.025654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.025720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.025742] ? __kthread_parkme+0x82/0x180 [ 14.025761] ? preempt_count_sub+0x50/0x80 [ 14.025784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.025847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.025870] kthread+0x337/0x6f0 [ 14.025889] ? trace_preempt_on+0x20/0xc0 [ 14.025909] ? __pfx_kthread+0x10/0x10 [ 14.025929] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.025949] ? calculate_sigpending+0x7b/0xa0 [ 14.025972] ? __pfx_kthread+0x10/0x10 [ 14.025993] ret_from_fork+0x116/0x1d0 [ 14.026039] ? __pfx_kthread+0x10/0x10 [ 14.026059] ret_from_fork_asm+0x1a/0x30 [ 14.026089] </TASK> [ 14.026098] [ 14.040283] Allocated by task 278: [ 14.040724] kasan_save_stack+0x45/0x70 [ 14.041118] kasan_save_track+0x18/0x40 [ 14.041545] kasan_save_alloc_info+0x3b/0x50 [ 14.041947] __kasan_kmalloc+0xb7/0xc0 [ 14.042300] __kmalloc_cache_noprof+0x189/0x420 [ 14.042805] kasan_bitops_generic+0x92/0x1c0 [ 14.043209] kunit_try_run_case+0x1a5/0x480 [ 14.043677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.043864] kthread+0x337/0x6f0 [ 14.043986] ret_from_fork+0x116/0x1d0 [ 14.044134] ret_from_fork_asm+0x1a/0x30 [ 14.044272] [ 14.044343] The buggy address belongs to the object at ffff888101df6d60 [ 14.044343] which belongs to the cache kmalloc-16 of size 16 [ 14.044704] The buggy address is located 8 bytes inside of [ 14.044704] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.045267] [ 14.045535] The buggy address belongs to the physical page: [ 14.046094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.046864] flags: 0x200000000000000(node=0|zone=2) [ 14.047322] page_type: f5(slab) [ 14.047707] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.048588] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.049275] page dumped because: kasan: bad access detected [ 14.049862] [ 14.050059] Memory state around the buggy address: [ 14.050564] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.051185] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.051867] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.052553] ^ [ 14.052895] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053132] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053551] ================================================================== [ 14.080466] ================================================================== [ 14.080807] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081183] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.081647] [ 14.081736] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.081777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.081788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.081808] Call Trace: [ 14.081820] <TASK> [ 14.081835] dump_stack_lvl+0x73/0xb0 [ 14.081863] print_report+0xd1/0x610 [ 14.081884] ? __virt_addr_valid+0x1db/0x2d0 [ 14.081906] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.081951] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081975] kasan_report+0x141/0x180 [ 14.081996] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.082040] kasan_check_range+0x10c/0x1c0 [ 14.082063] __kasan_check_write+0x18/0x20 [ 14.082082] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.082106] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.082131] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.082153] ? trace_hardirqs_on+0x37/0xe0 [ 14.082175] ? kasan_bitops_generic+0x92/0x1c0 [ 14.082201] kasan_bitops_generic+0x116/0x1c0 [ 14.082223] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.082247] ? __pfx_read_tsc+0x10/0x10 [ 14.082266] ? ktime_get_ts64+0x86/0x230 [ 14.082289] kunit_try_run_case+0x1a5/0x480 [ 14.082312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.082392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.082439] ? __kthread_parkme+0x82/0x180 [ 14.082481] ? preempt_count_sub+0x50/0x80 [ 14.082527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.082639] kthread+0x337/0x6f0 [ 14.082658] ? trace_preempt_on+0x20/0xc0 [ 14.082679] ? __pfx_kthread+0x10/0x10 [ 14.082720] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.082834] ? calculate_sigpending+0x7b/0xa0 [ 14.082858] ? __pfx_kthread+0x10/0x10 [ 14.082879] ret_from_fork+0x116/0x1d0 [ 14.082896] ? __pfx_kthread+0x10/0x10 [ 14.082917] ret_from_fork_asm+0x1a/0x30 [ 14.082946] </TASK> [ 14.082954] [ 14.092851] Allocated by task 278: [ 14.093117] kasan_save_stack+0x45/0x70 [ 14.093318] kasan_save_track+0x18/0x40 [ 14.093655] kasan_save_alloc_info+0x3b/0x50 [ 14.093888] __kasan_kmalloc+0xb7/0xc0 [ 14.094095] __kmalloc_cache_noprof+0x189/0x420 [ 14.094315] kasan_bitops_generic+0x92/0x1c0 [ 14.094624] kunit_try_run_case+0x1a5/0x480 [ 14.094779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.094954] kthread+0x337/0x6f0 [ 14.095085] ret_from_fork+0x116/0x1d0 [ 14.095219] ret_from_fork_asm+0x1a/0x30 [ 14.095524] [ 14.095642] The buggy address belongs to the object at ffff888101df6d60 [ 14.095642] which belongs to the cache kmalloc-16 of size 16 [ 14.096728] The buggy address is located 8 bytes inside of [ 14.096728] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.097387] [ 14.097507] The buggy address belongs to the physical page: [ 14.097764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.098135] flags: 0x200000000000000(node=0|zone=2) [ 14.098302] page_type: f5(slab) [ 14.098626] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.098913] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.099150] page dumped because: kasan: bad access detected [ 14.099358] [ 14.099501] Memory state around the buggy address: [ 14.099793] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.100178] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.100721] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.101095] ^ [ 14.101359] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.101759] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.102051] ================================================================== [ 14.003493] ================================================================== [ 14.004069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.004322] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.004988] [ 14.005107] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.005150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.005163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.005183] Call Trace: [ 14.005195] <TASK> [ 14.005209] dump_stack_lvl+0x73/0xb0 [ 14.005237] print_report+0xd1/0x610 [ 14.005259] ? __virt_addr_valid+0x1db/0x2d0 [ 14.005280] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.005325] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005349] kasan_report+0x141/0x180 [ 14.005371] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005575] kasan_check_range+0x10c/0x1c0 [ 14.005603] __kasan_check_write+0x18/0x20 [ 14.005622] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005646] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.005672] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.005696] ? trace_hardirqs_on+0x37/0xe0 [ 14.005718] ? kasan_bitops_generic+0x92/0x1c0 [ 14.005745] kasan_bitops_generic+0x116/0x1c0 [ 14.005768] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.005793] ? __pfx_read_tsc+0x10/0x10 [ 14.005814] ? ktime_get_ts64+0x86/0x230 [ 14.005837] kunit_try_run_case+0x1a5/0x480 [ 14.005861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.005907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.005929] ? __kthread_parkme+0x82/0x180 [ 14.005948] ? preempt_count_sub+0x50/0x80 [ 14.005972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.006033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.006059] kthread+0x337/0x6f0 [ 14.006078] ? trace_preempt_on+0x20/0xc0 [ 14.006099] ? __pfx_kthread+0x10/0x10 [ 14.006119] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.006140] ? calculate_sigpending+0x7b/0xa0 [ 14.006163] ? __pfx_kthread+0x10/0x10 [ 14.006183] ret_from_fork+0x116/0x1d0 [ 14.006200] ? __pfx_kthread+0x10/0x10 [ 14.006219] ret_from_fork_asm+0x1a/0x30 [ 14.006249] </TASK> [ 14.006259] [ 14.014844] Allocated by task 278: [ 14.015039] kasan_save_stack+0x45/0x70 [ 14.015190] kasan_save_track+0x18/0x40 [ 14.015324] kasan_save_alloc_info+0x3b/0x50 [ 14.015470] __kasan_kmalloc+0xb7/0xc0 [ 14.015602] __kmalloc_cache_noprof+0x189/0x420 [ 14.015755] kasan_bitops_generic+0x92/0x1c0 [ 14.015901] kunit_try_run_case+0x1a5/0x480 [ 14.016068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.016242] kthread+0x337/0x6f0 [ 14.016412] ret_from_fork+0x116/0x1d0 [ 14.017000] ret_from_fork_asm+0x1a/0x30 [ 14.017210] [ 14.017304] The buggy address belongs to the object at ffff888101df6d60 [ 14.017304] which belongs to the cache kmalloc-16 of size 16 [ 14.017827] The buggy address is located 8 bytes inside of [ 14.017827] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.018632] [ 14.018705] The buggy address belongs to the physical page: [ 14.018874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.019121] flags: 0x200000000000000(node=0|zone=2) [ 14.019572] page_type: f5(slab) [ 14.019750] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.020107] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.020566] page dumped because: kasan: bad access detected [ 14.020823] [ 14.020895] Memory state around the buggy address: [ 14.021119] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.021439] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.021725] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.022031] ^ [ 14.022300] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023131] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023368] ================================================================== [ 14.152546] ================================================================== [ 14.153224] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.154212] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.155075] [ 14.155280] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.155324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.155336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.155357] Call Trace: [ 14.155371] <TASK> [ 14.155385] dump_stack_lvl+0x73/0xb0 [ 14.155413] print_report+0xd1/0x610 [ 14.155435] ? __virt_addr_valid+0x1db/0x2d0 [ 14.155455] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.155530] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155554] kasan_report+0x141/0x180 [ 14.155575] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155604] kasan_check_range+0x10c/0x1c0 [ 14.155626] __kasan_check_write+0x18/0x20 [ 14.155644] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155669] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.155694] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.155716] ? trace_hardirqs_on+0x37/0xe0 [ 14.155737] ? kasan_bitops_generic+0x92/0x1c0 [ 14.155763] kasan_bitops_generic+0x116/0x1c0 [ 14.155785] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.155808] ? __pfx_read_tsc+0x10/0x10 [ 14.155828] ? ktime_get_ts64+0x86/0x230 [ 14.155851] kunit_try_run_case+0x1a5/0x480 [ 14.155873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.155895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.155917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.155939] ? __kthread_parkme+0x82/0x180 [ 14.155958] ? preempt_count_sub+0x50/0x80 [ 14.155980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.156057] kthread+0x337/0x6f0 [ 14.156104] ? trace_preempt_on+0x20/0xc0 [ 14.156124] ? __pfx_kthread+0x10/0x10 [ 14.156144] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.156164] ? calculate_sigpending+0x7b/0xa0 [ 14.156187] ? __pfx_kthread+0x10/0x10 [ 14.156208] ret_from_fork+0x116/0x1d0 [ 14.156225] ? __pfx_kthread+0x10/0x10 [ 14.156245] ret_from_fork_asm+0x1a/0x30 [ 14.156274] </TASK> [ 14.156284] [ 14.169223] Allocated by task 278: [ 14.169366] kasan_save_stack+0x45/0x70 [ 14.169556] kasan_save_track+0x18/0x40 [ 14.169724] kasan_save_alloc_info+0x3b/0x50 [ 14.169913] __kasan_kmalloc+0xb7/0xc0 [ 14.170099] __kmalloc_cache_noprof+0x189/0x420 [ 14.170305] kasan_bitops_generic+0x92/0x1c0 [ 14.170591] kunit_try_run_case+0x1a5/0x480 [ 14.170744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170936] kthread+0x337/0x6f0 [ 14.171119] ret_from_fork+0x116/0x1d0 [ 14.171327] ret_from_fork_asm+0x1a/0x30 [ 14.171708] [ 14.171828] The buggy address belongs to the object at ffff888101df6d60 [ 14.171828] which belongs to the cache kmalloc-16 of size 16 [ 14.172207] The buggy address is located 8 bytes inside of [ 14.172207] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.172683] [ 14.172781] The buggy address belongs to the physical page: [ 14.173042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.173272] flags: 0x200000000000000(node=0|zone=2) [ 14.173660] page_type: f5(slab) [ 14.173830] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.174231] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.174617] page dumped because: kasan: bad access detected [ 14.174833] [ 14.174923] Memory state around the buggy address: [ 14.175148] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.175356] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.176112] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.176532] ^ [ 14.176855] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.177094] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.177393] ================================================================== [ 13.984212] ================================================================== [ 13.984782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985105] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 13.985534] [ 13.985658] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.985703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.985714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.985734] Call Trace: [ 13.985745] <TASK> [ 13.985760] dump_stack_lvl+0x73/0xb0 [ 13.985788] print_report+0xd1/0x610 [ 13.985810] ? __virt_addr_valid+0x1db/0x2d0 [ 13.985832] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.985877] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985902] kasan_report+0x141/0x180 [ 13.985923] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985952] kasan_check_range+0x10c/0x1c0 [ 13.985975] __kasan_check_write+0x18/0x20 [ 13.985994] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.986031] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.986057] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.986080] ? trace_hardirqs_on+0x37/0xe0 [ 13.986102] ? kasan_bitops_generic+0x92/0x1c0 [ 13.986128] kasan_bitops_generic+0x116/0x1c0 [ 13.986151] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.986175] ? __pfx_read_tsc+0x10/0x10 [ 13.986195] ? ktime_get_ts64+0x86/0x230 [ 13.986219] kunit_try_run_case+0x1a5/0x480 [ 13.986242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.986264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.986286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.986309] ? __kthread_parkme+0x82/0x180 [ 13.986328] ? preempt_count_sub+0x50/0x80 [ 13.986351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.986447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.986471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.986493] kthread+0x337/0x6f0 [ 13.986512] ? trace_preempt_on+0x20/0xc0 [ 13.986533] ? __pfx_kthread+0x10/0x10 [ 13.986553] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.986573] ? calculate_sigpending+0x7b/0xa0 [ 13.986606] ? __pfx_kthread+0x10/0x10 [ 13.986627] ret_from_fork+0x116/0x1d0 [ 13.986644] ? __pfx_kthread+0x10/0x10 [ 13.986664] ret_from_fork_asm+0x1a/0x30 [ 13.986694] </TASK> [ 13.986703] [ 13.995031] Allocated by task 278: [ 13.995212] kasan_save_stack+0x45/0x70 [ 13.995454] kasan_save_track+0x18/0x40 [ 13.995620] kasan_save_alloc_info+0x3b/0x50 [ 13.995813] __kasan_kmalloc+0xb7/0xc0 [ 13.995998] __kmalloc_cache_noprof+0x189/0x420 [ 13.996205] kasan_bitops_generic+0x92/0x1c0 [ 13.996413] kunit_try_run_case+0x1a5/0x480 [ 13.996587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.996818] kthread+0x337/0x6f0 [ 13.996940] ret_from_fork+0x116/0x1d0 [ 13.997143] ret_from_fork_asm+0x1a/0x30 [ 13.997342] [ 13.997493] The buggy address belongs to the object at ffff888101df6d60 [ 13.997493] which belongs to the cache kmalloc-16 of size 16 [ 13.997967] The buggy address is located 8 bytes inside of [ 13.997967] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 13.998652] [ 13.998762] The buggy address belongs to the physical page: [ 13.999029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 13.999279] flags: 0x200000000000000(node=0|zone=2) [ 13.999607] page_type: f5(slab) [ 13.999859] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.000120] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.000615] page dumped because: kasan: bad access detected [ 14.000827] [ 14.000920] Memory state around the buggy address: [ 14.001105] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.001321] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.001535] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.001746] ^ [ 14.002015] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.002631] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.002945] ================================================================== [ 14.057107] ================================================================== [ 14.057949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.058888] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.059826] [ 14.059916] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.059958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.059969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.059990] Call Trace: [ 14.060001] <TASK> [ 14.060030] dump_stack_lvl+0x73/0xb0 [ 14.060059] print_report+0xd1/0x610 [ 14.060080] ? __virt_addr_valid+0x1db/0x2d0 [ 14.060101] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.060147] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060171] kasan_report+0x141/0x180 [ 14.060192] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060221] kasan_check_range+0x10c/0x1c0 [ 14.060243] __kasan_check_write+0x18/0x20 [ 14.060261] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.060311] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.060333] ? trace_hardirqs_on+0x37/0xe0 [ 14.060354] ? kasan_bitops_generic+0x92/0x1c0 [ 14.060381] kasan_bitops_generic+0x116/0x1c0 [ 14.060403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.060426] ? __pfx_read_tsc+0x10/0x10 [ 14.060446] ? ktime_get_ts64+0x86/0x230 [ 14.060493] kunit_try_run_case+0x1a5/0x480 [ 14.060531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.060554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.060577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.060599] ? __kthread_parkme+0x82/0x180 [ 14.060619] ? preempt_count_sub+0x50/0x80 [ 14.060641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.060663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.060686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.060708] kthread+0x337/0x6f0 [ 14.060726] ? trace_preempt_on+0x20/0xc0 [ 14.060747] ? __pfx_kthread+0x10/0x10 [ 14.060779] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.060801] ? calculate_sigpending+0x7b/0xa0 [ 14.060839] ? __pfx_kthread+0x10/0x10 [ 14.060860] ret_from_fork+0x116/0x1d0 [ 14.060877] ? __pfx_kthread+0x10/0x10 [ 14.060897] ret_from_fork_asm+0x1a/0x30 [ 14.060926] </TASK> [ 14.060935] [ 14.070640] Allocated by task 278: [ 14.071043] kasan_save_stack+0x45/0x70 [ 14.071287] kasan_save_track+0x18/0x40 [ 14.071679] kasan_save_alloc_info+0x3b/0x50 [ 14.071919] __kasan_kmalloc+0xb7/0xc0 [ 14.072066] __kmalloc_cache_noprof+0x189/0x420 [ 14.072222] kasan_bitops_generic+0x92/0x1c0 [ 14.072373] kunit_try_run_case+0x1a5/0x480 [ 14.072617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.072870] kthread+0x337/0x6f0 [ 14.073251] ret_from_fork+0x116/0x1d0 [ 14.073574] ret_from_fork_asm+0x1a/0x30 [ 14.073818] [ 14.073914] The buggy address belongs to the object at ffff888101df6d60 [ 14.073914] which belongs to the cache kmalloc-16 of size 16 [ 14.074355] The buggy address is located 8 bytes inside of [ 14.074355] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.074879] [ 14.074978] The buggy address belongs to the physical page: [ 14.075245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.075787] flags: 0x200000000000000(node=0|zone=2) [ 14.076054] page_type: f5(slab) [ 14.076169] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.076766] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.077198] page dumped because: kasan: bad access detected [ 14.077545] [ 14.077682] Memory state around the buggy address: [ 14.077912] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.078239] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.078615] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.078951] ^ [ 14.079257] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.079712] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.079982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.959944] ================================================================== [ 13.960247] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.960723] Read of size 1 at addr ffff88810397b990 by task kunit_try_catch/276 [ 13.961046] [ 13.961141] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.961183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.961195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.961215] Call Trace: [ 13.961229] <TASK> [ 13.961242] dump_stack_lvl+0x73/0xb0 [ 13.961269] print_report+0xd1/0x610 [ 13.961291] ? __virt_addr_valid+0x1db/0x2d0 [ 13.961312] ? strnlen+0x73/0x80 [ 13.961329] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.961351] ? strnlen+0x73/0x80 [ 13.961369] kasan_report+0x141/0x180 [ 13.961389] ? strnlen+0x73/0x80 [ 13.961424] __asan_report_load1_noabort+0x18/0x20 [ 13.961448] strnlen+0x73/0x80 [ 13.961467] kasan_strings+0x615/0xe80 [ 13.961486] ? trace_hardirqs_on+0x37/0xe0 [ 13.961508] ? __pfx_kasan_strings+0x10/0x10 [ 13.961528] ? finish_task_switch.isra.0+0x153/0x700 [ 13.961549] ? __switch_to+0x47/0xf50 [ 13.961574] ? __schedule+0x10cc/0x2b60 [ 13.961597] ? __pfx_read_tsc+0x10/0x10 [ 13.961617] ? ktime_get_ts64+0x86/0x230 [ 13.961641] kunit_try_run_case+0x1a5/0x480 [ 13.961664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.961709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.961732] ? __kthread_parkme+0x82/0x180 [ 13.961752] ? preempt_count_sub+0x50/0x80 [ 13.961774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.961842] kthread+0x337/0x6f0 [ 13.961862] ? trace_preempt_on+0x20/0xc0 [ 13.961882] ? __pfx_kthread+0x10/0x10 [ 13.961902] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.961922] ? calculate_sigpending+0x7b/0xa0 [ 13.961945] ? __pfx_kthread+0x10/0x10 [ 13.961965] ret_from_fork+0x116/0x1d0 [ 13.961983] ? __pfx_kthread+0x10/0x10 [ 13.962014] ret_from_fork_asm+0x1a/0x30 [ 13.962045] </TASK> [ 13.962054] [ 13.969857] Allocated by task 276: [ 13.969992] kasan_save_stack+0x45/0x70 [ 13.970145] kasan_save_track+0x18/0x40 [ 13.970279] kasan_save_alloc_info+0x3b/0x50 [ 13.970427] __kasan_kmalloc+0xb7/0xc0 [ 13.970560] __kmalloc_cache_noprof+0x189/0x420 [ 13.970715] kasan_strings+0xc0/0xe80 [ 13.970846] kunit_try_run_case+0x1a5/0x480 [ 13.970991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.971476] kthread+0x337/0x6f0 [ 13.971834] ret_from_fork+0x116/0x1d0 [ 13.972035] ret_from_fork_asm+0x1a/0x30 [ 13.972227] [ 13.972319] Freed by task 276: [ 13.972677] kasan_save_stack+0x45/0x70 [ 13.972879] kasan_save_track+0x18/0x40 [ 13.973085] kasan_save_free_info+0x3f/0x60 [ 13.973294] __kasan_slab_free+0x56/0x70 [ 13.973666] kfree+0x222/0x3f0 [ 13.973790] kasan_strings+0x2aa/0xe80 [ 13.973922] kunit_try_run_case+0x1a5/0x480 [ 13.974111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974507] kthread+0x337/0x6f0 [ 13.974697] ret_from_fork+0x116/0x1d0 [ 13.974885] ret_from_fork_asm+0x1a/0x30 [ 13.975083] [ 13.975158] The buggy address belongs to the object at ffff88810397b980 [ 13.975158] which belongs to the cache kmalloc-32 of size 32 [ 13.975901] The buggy address is located 16 bytes inside of [ 13.975901] freed 32-byte region [ffff88810397b980, ffff88810397b9a0) [ 13.976321] [ 13.976500] The buggy address belongs to the physical page: [ 13.976764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397b [ 13.977102] flags: 0x200000000000000(node=0|zone=2) [ 13.977263] page_type: f5(slab) [ 13.977495] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.977854] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.978189] page dumped because: kasan: bad access detected [ 13.978599] [ 13.978678] Memory state around the buggy address: [ 13.978878] ffff88810397b880: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.979168] ffff88810397b900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.979444] >ffff88810397b980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.979794] ^ [ 13.979925] ffff88810397ba00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.980152] ffff88810397ba80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.980364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.938335] ================================================================== [ 13.938678] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.939098] Read of size 1 at addr ffff88810397b990 by task kunit_try_catch/276 [ 13.939398] [ 13.939506] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.939550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.939562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.939582] Call Trace: [ 13.939597] <TASK> [ 13.939609] dump_stack_lvl+0x73/0xb0 [ 13.939637] print_report+0xd1/0x610 [ 13.939657] ? __virt_addr_valid+0x1db/0x2d0 [ 13.939679] ? strlen+0x8f/0xb0 [ 13.939695] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.939717] ? strlen+0x8f/0xb0 [ 13.939733] kasan_report+0x141/0x180 [ 13.939755] ? strlen+0x8f/0xb0 [ 13.939777] __asan_report_load1_noabort+0x18/0x20 [ 13.939801] strlen+0x8f/0xb0 [ 13.939818] kasan_strings+0x57b/0xe80 [ 13.939838] ? trace_hardirqs_on+0x37/0xe0 [ 13.939859] ? __pfx_kasan_strings+0x10/0x10 [ 13.939879] ? finish_task_switch.isra.0+0x153/0x700 [ 13.939901] ? __switch_to+0x47/0xf50 [ 13.939925] ? __schedule+0x10cc/0x2b60 [ 13.939947] ? __pfx_read_tsc+0x10/0x10 [ 13.939967] ? ktime_get_ts64+0x86/0x230 [ 13.939991] kunit_try_run_case+0x1a5/0x480 [ 13.940025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.940047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.940070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.940093] ? __kthread_parkme+0x82/0x180 [ 13.940112] ? preempt_count_sub+0x50/0x80 [ 13.940135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.940159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.940182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.940205] kthread+0x337/0x6f0 [ 13.940224] ? trace_preempt_on+0x20/0xc0 [ 13.940244] ? __pfx_kthread+0x10/0x10 [ 13.940265] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.940285] ? calculate_sigpending+0x7b/0xa0 [ 13.940307] ? __pfx_kthread+0x10/0x10 [ 13.940329] ret_from_fork+0x116/0x1d0 [ 13.940346] ? __pfx_kthread+0x10/0x10 [ 13.940366] ret_from_fork_asm+0x1a/0x30 [ 13.940395] </TASK> [ 13.940404] [ 13.948202] Allocated by task 276: [ 13.948336] kasan_save_stack+0x45/0x70 [ 13.948547] kasan_save_track+0x18/0x40 [ 13.949049] kasan_save_alloc_info+0x3b/0x50 [ 13.949278] __kasan_kmalloc+0xb7/0xc0 [ 13.949611] __kmalloc_cache_noprof+0x189/0x420 [ 13.949832] kasan_strings+0xc0/0xe80 [ 13.950001] kunit_try_run_case+0x1a5/0x480 [ 13.950208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.950503] kthread+0x337/0x6f0 [ 13.950672] ret_from_fork+0x116/0x1d0 [ 13.950829] ret_from_fork_asm+0x1a/0x30 [ 13.950966] [ 13.951046] Freed by task 276: [ 13.951204] kasan_save_stack+0x45/0x70 [ 13.951465] kasan_save_track+0x18/0x40 [ 13.951662] kasan_save_free_info+0x3f/0x60 [ 13.951855] __kasan_slab_free+0x56/0x70 [ 13.952063] kfree+0x222/0x3f0 [ 13.952181] kasan_strings+0x2aa/0xe80 [ 13.952361] kunit_try_run_case+0x1a5/0x480 [ 13.952668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.952844] kthread+0x337/0x6f0 [ 13.952963] ret_from_fork+0x116/0x1d0 [ 13.953114] ret_from_fork_asm+0x1a/0x30 [ 13.953252] [ 13.953322] The buggy address belongs to the object at ffff88810397b980 [ 13.953322] which belongs to the cache kmalloc-32 of size 32 [ 13.953695] The buggy address is located 16 bytes inside of [ 13.953695] freed 32-byte region [ffff88810397b980, ffff88810397b9a0) [ 13.954216] [ 13.954311] The buggy address belongs to the physical page: [ 13.954775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397b [ 13.955260] flags: 0x200000000000000(node=0|zone=2) [ 13.955573] page_type: f5(slab) [ 13.955738] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.956565] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.956826] page dumped because: kasan: bad access detected [ 13.957018] [ 13.957088] Memory state around the buggy address: [ 13.957241] ffff88810397b880: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.957817] ffff88810397b900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.958160] >ffff88810397b980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.958625] ^ [ 13.958809] ffff88810397ba00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.959142] ffff88810397ba80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.959504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.915191] ================================================================== [ 13.915751] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.916083] Read of size 1 at addr ffff88810397b990 by task kunit_try_catch/276 [ 13.916462] [ 13.916581] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.916622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.916633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.916654] Call Trace: [ 13.916665] <TASK> [ 13.916677] dump_stack_lvl+0x73/0xb0 [ 13.916705] print_report+0xd1/0x610 [ 13.916727] ? __virt_addr_valid+0x1db/0x2d0 [ 13.916747] ? kasan_strings+0xcbc/0xe80 [ 13.916767] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.916789] ? kasan_strings+0xcbc/0xe80 [ 13.916810] kasan_report+0x141/0x180 [ 13.916830] ? kasan_strings+0xcbc/0xe80 [ 13.916855] __asan_report_load1_noabort+0x18/0x20 [ 13.916878] kasan_strings+0xcbc/0xe80 [ 13.916897] ? trace_hardirqs_on+0x37/0xe0 [ 13.916919] ? __pfx_kasan_strings+0x10/0x10 [ 13.916939] ? finish_task_switch.isra.0+0x153/0x700 [ 13.916960] ? __switch_to+0x47/0xf50 [ 13.916990] ? __schedule+0x10cc/0x2b60 [ 13.917022] ? __pfx_read_tsc+0x10/0x10 [ 13.917045] ? ktime_get_ts64+0x86/0x230 [ 13.917068] kunit_try_run_case+0x1a5/0x480 [ 13.917092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.917114] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.917137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.917160] ? __kthread_parkme+0x82/0x180 [ 13.917179] ? preempt_count_sub+0x50/0x80 [ 13.917201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.917225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.917248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.917270] kthread+0x337/0x6f0 [ 13.917289] ? trace_preempt_on+0x20/0xc0 [ 13.917309] ? __pfx_kthread+0x10/0x10 [ 13.917329] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.917350] ? calculate_sigpending+0x7b/0xa0 [ 13.917436] ? __pfx_kthread+0x10/0x10 [ 13.917457] ret_from_fork+0x116/0x1d0 [ 13.917475] ? __pfx_kthread+0x10/0x10 [ 13.917495] ret_from_fork_asm+0x1a/0x30 [ 13.917526] </TASK> [ 13.917535] [ 13.925294] Allocated by task 276: [ 13.925592] kasan_save_stack+0x45/0x70 [ 13.925747] kasan_save_track+0x18/0x40 [ 13.925935] kasan_save_alloc_info+0x3b/0x50 [ 13.926130] __kasan_kmalloc+0xb7/0xc0 [ 13.926304] __kmalloc_cache_noprof+0x189/0x420 [ 13.926634] kasan_strings+0xc0/0xe80 [ 13.926771] kunit_try_run_case+0x1a5/0x480 [ 13.926917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.927102] kthread+0x337/0x6f0 [ 13.927224] ret_from_fork+0x116/0x1d0 [ 13.927354] ret_from_fork_asm+0x1a/0x30 [ 13.927493] [ 13.927567] Freed by task 276: [ 13.927676] kasan_save_stack+0x45/0x70 [ 13.927810] kasan_save_track+0x18/0x40 [ 13.927942] kasan_save_free_info+0x3f/0x60 [ 13.928327] __kasan_slab_free+0x56/0x70 [ 13.928591] kfree+0x222/0x3f0 [ 13.928756] kasan_strings+0x2aa/0xe80 [ 13.928941] kunit_try_run_case+0x1a5/0x480 [ 13.929817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930103] kthread+0x337/0x6f0 [ 13.930279] ret_from_fork+0x116/0x1d0 [ 13.931288] ret_from_fork_asm+0x1a/0x30 [ 13.931724] [ 13.931828] The buggy address belongs to the object at ffff88810397b980 [ 13.931828] which belongs to the cache kmalloc-32 of size 32 [ 13.932741] The buggy address is located 16 bytes inside of [ 13.932741] freed 32-byte region [ffff88810397b980, ffff88810397b9a0) [ 13.933638] [ 13.933746] The buggy address belongs to the physical page: [ 13.933943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397b [ 13.934199] flags: 0x200000000000000(node=0|zone=2) [ 13.934419] page_type: f5(slab) [ 13.934596] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.934920] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.935256] page dumped because: kasan: bad access detected [ 13.935706] [ 13.935795] Memory state around the buggy address: [ 13.935993] ffff88810397b880: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.936298] ffff88810397b900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.936665] >ffff88810397b980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.936883] ^ [ 13.937083] ffff88810397ba00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.937458] ffff88810397ba80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.937869] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.893254] ================================================================== [ 13.894845] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.895087] Read of size 1 at addr ffff88810397b990 by task kunit_try_catch/276 [ 13.895531] [ 13.895633] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.895681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.895692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.895715] Call Trace: [ 13.895726] <TASK> [ 13.895744] dump_stack_lvl+0x73/0xb0 [ 13.895773] print_report+0xd1/0x610 [ 13.895800] ? __virt_addr_valid+0x1db/0x2d0 [ 13.895825] ? strcmp+0xb0/0xc0 [ 13.895842] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.895863] ? strcmp+0xb0/0xc0 [ 13.895881] kasan_report+0x141/0x180 [ 13.895902] ? strcmp+0xb0/0xc0 [ 13.895924] __asan_report_load1_noabort+0x18/0x20 [ 13.895947] strcmp+0xb0/0xc0 [ 13.895965] kasan_strings+0x431/0xe80 [ 13.895985] ? trace_hardirqs_on+0x37/0xe0 [ 13.896022] ? __pfx_kasan_strings+0x10/0x10 [ 13.896042] ? finish_task_switch.isra.0+0x153/0x700 [ 13.896065] ? __switch_to+0x47/0xf50 [ 13.896092] ? __schedule+0x10cc/0x2b60 [ 13.896115] ? __pfx_read_tsc+0x10/0x10 [ 13.896135] ? ktime_get_ts64+0x86/0x230 [ 13.896160] kunit_try_run_case+0x1a5/0x480 [ 13.896186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.896208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.896231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.896254] ? __kthread_parkme+0x82/0x180 [ 13.896274] ? preempt_count_sub+0x50/0x80 [ 13.896297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.896320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.896343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.896365] kthread+0x337/0x6f0 [ 13.896383] ? trace_preempt_on+0x20/0xc0 [ 13.896405] ? __pfx_kthread+0x10/0x10 [ 13.896425] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.896445] ? calculate_sigpending+0x7b/0xa0 [ 13.896469] ? __pfx_kthread+0x10/0x10 [ 13.896490] ret_from_fork+0x116/0x1d0 [ 13.896508] ? __pfx_kthread+0x10/0x10 [ 13.896527] ret_from_fork_asm+0x1a/0x30 [ 13.896557] </TASK> [ 13.896569] [ 13.903906] Allocated by task 276: [ 13.904048] kasan_save_stack+0x45/0x70 [ 13.904193] kasan_save_track+0x18/0x40 [ 13.904336] kasan_save_alloc_info+0x3b/0x50 [ 13.904741] __kasan_kmalloc+0xb7/0xc0 [ 13.904934] __kmalloc_cache_noprof+0x189/0x420 [ 13.905172] kasan_strings+0xc0/0xe80 [ 13.905356] kunit_try_run_case+0x1a5/0x480 [ 13.905773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.906046] kthread+0x337/0x6f0 [ 13.906215] ret_from_fork+0x116/0x1d0 [ 13.906456] ret_from_fork_asm+0x1a/0x30 [ 13.906624] [ 13.906723] Freed by task 276: [ 13.906881] kasan_save_stack+0x45/0x70 [ 13.907039] kasan_save_track+0x18/0x40 [ 13.907220] kasan_save_free_info+0x3f/0x60 [ 13.907364] __kasan_slab_free+0x56/0x70 [ 13.907580] kfree+0x222/0x3f0 [ 13.907748] kasan_strings+0x2aa/0xe80 [ 13.907917] kunit_try_run_case+0x1a5/0x480 [ 13.908100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.908277] kthread+0x337/0x6f0 [ 13.908546] ret_from_fork+0x116/0x1d0 [ 13.908740] ret_from_fork_asm+0x1a/0x30 [ 13.908935] [ 13.909047] The buggy address belongs to the object at ffff88810397b980 [ 13.909047] which belongs to the cache kmalloc-32 of size 32 [ 13.909743] The buggy address is located 16 bytes inside of [ 13.909743] freed 32-byte region [ffff88810397b980, ffff88810397b9a0) [ 13.910213] [ 13.910313] The buggy address belongs to the physical page: [ 13.910627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397b [ 13.910961] flags: 0x200000000000000(node=0|zone=2) [ 13.911150] page_type: f5(slab) [ 13.911270] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.911506] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.911733] page dumped because: kasan: bad access detected [ 13.911905] [ 13.911973] Memory state around the buggy address: [ 13.912197] ffff88810397b880: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.912939] ffff88810397b900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.913276] >ffff88810397b980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.913585] ^ [ 13.913766] ffff88810397ba00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.914089] ffff88810397ba80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.914651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.868709] ================================================================== [ 13.869274] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.869621] Read of size 1 at addr ffff8881039ba0d8 by task kunit_try_catch/274 [ 13.870066] [ 13.870168] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.870212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.870223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.870244] Call Trace: [ 13.870255] <TASK> [ 13.870293] dump_stack_lvl+0x73/0xb0 [ 13.870323] print_report+0xd1/0x610 [ 13.870346] ? __virt_addr_valid+0x1db/0x2d0 [ 13.870367] ? memcmp+0x1b4/0x1d0 [ 13.870385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.870407] ? memcmp+0x1b4/0x1d0 [ 13.870425] kasan_report+0x141/0x180 [ 13.870446] ? memcmp+0x1b4/0x1d0 [ 13.870548] __asan_report_load1_noabort+0x18/0x20 [ 13.870577] memcmp+0x1b4/0x1d0 [ 13.870597] kasan_memcmp+0x18f/0x390 [ 13.870629] ? trace_hardirqs_on+0x37/0xe0 [ 13.870653] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.870672] ? finish_task_switch.isra.0+0x153/0x700 [ 13.870693] ? __switch_to+0x47/0xf50 [ 13.870722] ? __pfx_read_tsc+0x10/0x10 [ 13.870742] ? ktime_get_ts64+0x86/0x230 [ 13.870765] kunit_try_run_case+0x1a5/0x480 [ 13.870790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.870835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.870876] ? __kthread_parkme+0x82/0x180 [ 13.870897] ? preempt_count_sub+0x50/0x80 [ 13.870919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.870966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.870989] kthread+0x337/0x6f0 [ 13.871020] ? trace_preempt_on+0x20/0xc0 [ 13.871041] ? __pfx_kthread+0x10/0x10 [ 13.871061] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.871081] ? calculate_sigpending+0x7b/0xa0 [ 13.871105] ? __pfx_kthread+0x10/0x10 [ 13.871125] ret_from_fork+0x116/0x1d0 [ 13.871143] ? __pfx_kthread+0x10/0x10 [ 13.871163] ret_from_fork_asm+0x1a/0x30 [ 13.871193] </TASK> [ 13.871204] [ 13.878716] Allocated by task 274: [ 13.878892] kasan_save_stack+0x45/0x70 [ 13.879106] kasan_save_track+0x18/0x40 [ 13.879305] kasan_save_alloc_info+0x3b/0x50 [ 13.879534] __kasan_kmalloc+0xb7/0xc0 [ 13.879723] __kmalloc_cache_noprof+0x189/0x420 [ 13.879918] kasan_memcmp+0xb7/0x390 [ 13.880109] kunit_try_run_case+0x1a5/0x480 [ 13.880299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.880621] kthread+0x337/0x6f0 [ 13.880778] ret_from_fork+0x116/0x1d0 [ 13.880932] ret_from_fork_asm+0x1a/0x30 [ 13.881130] [ 13.881203] The buggy address belongs to the object at ffff8881039ba0c0 [ 13.881203] which belongs to the cache kmalloc-32 of size 32 [ 13.881637] The buggy address is located 0 bytes to the right of [ 13.881637] allocated 24-byte region [ffff8881039ba0c0, ffff8881039ba0d8) [ 13.882309] [ 13.882384] The buggy address belongs to the physical page: [ 13.882636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ba [ 13.882944] flags: 0x200000000000000(node=0|zone=2) [ 13.883120] page_type: f5(slab) [ 13.883241] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.883473] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.883697] page dumped because: kasan: bad access detected [ 13.883895] [ 13.883989] Memory state around the buggy address: [ 13.884543] ffff8881039b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.884864] ffff8881039ba000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.885200] >ffff8881039ba080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.885506] ^ [ 13.885791] ffff8881039ba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.886002] ffff8881039ba180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.886221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.840460] ================================================================== [ 13.842111] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.843217] Read of size 1 at addr ffff888103aafc4a by task kunit_try_catch/270 [ 13.844075] [ 13.844189] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.844339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.844355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.844430] Call Trace: [ 13.844444] <TASK> [ 13.844458] dump_stack_lvl+0x73/0xb0 [ 13.844490] print_report+0xd1/0x610 [ 13.844511] ? __virt_addr_valid+0x1db/0x2d0 [ 13.844532] ? kasan_alloca_oob_right+0x329/0x390 [ 13.844553] ? kasan_addr_to_slab+0x11/0xa0 [ 13.844573] ? kasan_alloca_oob_right+0x329/0x390 [ 13.844595] kasan_report+0x141/0x180 [ 13.844616] ? kasan_alloca_oob_right+0x329/0x390 [ 13.844642] __asan_report_load1_noabort+0x18/0x20 [ 13.844665] kasan_alloca_oob_right+0x329/0x390 [ 13.844685] ? __kasan_check_write+0x18/0x20 [ 13.844704] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.844725] ? finish_task_switch.isra.0+0x153/0x700 [ 13.844746] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 13.844768] ? trace_hardirqs_on+0x37/0xe0 [ 13.844792] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.844815] ? __schedule+0x10cc/0x2b60 [ 13.844836] ? __pfx_read_tsc+0x10/0x10 [ 13.844856] ? ktime_get_ts64+0x86/0x230 [ 13.844878] kunit_try_run_case+0x1a5/0x480 [ 13.844902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.844945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.844973] ? __kthread_parkme+0x82/0x180 [ 13.844993] ? preempt_count_sub+0x50/0x80 [ 13.845027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.845050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.845072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.845095] kthread+0x337/0x6f0 [ 13.845113] ? trace_preempt_on+0x20/0xc0 [ 13.845134] ? __pfx_kthread+0x10/0x10 [ 13.845154] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.845175] ? calculate_sigpending+0x7b/0xa0 [ 13.845197] ? __pfx_kthread+0x10/0x10 [ 13.845218] ret_from_fork+0x116/0x1d0 [ 13.845235] ? __pfx_kthread+0x10/0x10 [ 13.845255] ret_from_fork_asm+0x1a/0x30 [ 13.845284] </TASK> [ 13.845294] [ 13.854643] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.855119] [ 13.855194] The buggy address belongs to the physical page: [ 13.855367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 13.855725] flags: 0x200000000000000(node=0|zone=2) [ 13.856047] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 13.856435] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.856689] page dumped because: kasan: bad access detected [ 13.856861] [ 13.856933] Memory state around the buggy address: [ 13.857201] ffff888103aafb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.857659] ffff888103aafb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.857980] >ffff888103aafc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.858242] ^ [ 13.858525] ffff888103aafc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.859115] ffff888103aafd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.859435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.819323] ================================================================== [ 13.819981] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.820253] Read of size 1 at addr ffff888103977c3f by task kunit_try_catch/268 [ 13.820591] [ 13.820735] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.820778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.820790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.820809] Call Trace: [ 13.820820] <TASK> [ 13.820833] dump_stack_lvl+0x73/0xb0 [ 13.820861] print_report+0xd1/0x610 [ 13.820882] ? __virt_addr_valid+0x1db/0x2d0 [ 13.820904] ? kasan_alloca_oob_left+0x320/0x380 [ 13.820925] ? kasan_addr_to_slab+0x11/0xa0 [ 13.820945] ? kasan_alloca_oob_left+0x320/0x380 [ 13.820966] kasan_report+0x141/0x180 [ 13.820994] ? kasan_alloca_oob_left+0x320/0x380 [ 13.821031] __asan_report_load1_noabort+0x18/0x20 [ 13.821075] kasan_alloca_oob_left+0x320/0x380 [ 13.821098] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.821119] ? finish_task_switch.isra.0+0x153/0x700 [ 13.821141] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 13.821163] ? trace_hardirqs_on+0x37/0xe0 [ 13.821186] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.821210] ? __schedule+0x10cc/0x2b60 [ 13.821231] ? __pfx_read_tsc+0x10/0x10 [ 13.821254] ? ktime_get_ts64+0x86/0x230 [ 13.821278] kunit_try_run_case+0x1a5/0x480 [ 13.821301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.821323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.821346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.821368] ? __kthread_parkme+0x82/0x180 [ 13.821387] ? preempt_count_sub+0x50/0x80 [ 13.821410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.821433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.821455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.821517] kthread+0x337/0x6f0 [ 13.821536] ? trace_preempt_on+0x20/0xc0 [ 13.821557] ? __pfx_kthread+0x10/0x10 [ 13.821577] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.821597] ? calculate_sigpending+0x7b/0xa0 [ 13.821620] ? __pfx_kthread+0x10/0x10 [ 13.821640] ret_from_fork+0x116/0x1d0 [ 13.821657] ? __pfx_kthread+0x10/0x10 [ 13.821677] ret_from_fork_asm+0x1a/0x30 [ 13.821705] </TASK> [ 13.821715] [ 13.832504] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.833016] [ 13.833231] The buggy address belongs to the physical page: [ 13.833613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103977 [ 13.834099] flags: 0x200000000000000(node=0|zone=2) [ 13.834630] raw: 0200000000000000 ffffea00040e5dc8 ffffea00040e5dc8 0000000000000000 [ 13.834944] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.835604] page dumped because: kasan: bad access detected [ 13.835841] [ 13.835911] Memory state around the buggy address: [ 13.836073] ffff888103977b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.836281] ffff888103977b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.836486] >ffff888103977c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.836690] ^ [ 13.836847] ffff888103977c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.837067] ffff888103977d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.837279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.790308] ================================================================== [ 13.790802] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.791202] Read of size 1 at addr ffff888103a37d02 by task kunit_try_catch/266 [ 13.792737] [ 13.793124] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.793468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.793481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.793505] Call Trace: [ 13.793517] <TASK> [ 13.793533] dump_stack_lvl+0x73/0xb0 [ 13.793565] print_report+0xd1/0x610 [ 13.793588] ? __virt_addr_valid+0x1db/0x2d0 [ 13.793610] ? kasan_stack_oob+0x2b5/0x300 [ 13.793628] ? kasan_addr_to_slab+0x11/0xa0 [ 13.793647] ? kasan_stack_oob+0x2b5/0x300 [ 13.793667] kasan_report+0x141/0x180 [ 13.793687] ? kasan_stack_oob+0x2b5/0x300 [ 13.793710] __asan_report_load1_noabort+0x18/0x20 [ 13.793733] kasan_stack_oob+0x2b5/0x300 [ 13.793752] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.793770] ? finish_task_switch.isra.0+0x153/0x700 [ 13.793792] ? __switch_to+0x47/0xf50 [ 13.793818] ? __schedule+0x10cc/0x2b60 [ 13.793840] ? __pfx_read_tsc+0x10/0x10 [ 13.793862] ? ktime_get_ts64+0x86/0x230 [ 13.793887] kunit_try_run_case+0x1a5/0x480 [ 13.793913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.793934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.793958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.793980] ? __kthread_parkme+0x82/0x180 [ 13.794000] ? preempt_count_sub+0x50/0x80 [ 13.794066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.794089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.794112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.794135] kthread+0x337/0x6f0 [ 13.794153] ? trace_preempt_on+0x20/0xc0 [ 13.794176] ? __pfx_kthread+0x10/0x10 [ 13.794195] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.794215] ? calculate_sigpending+0x7b/0xa0 [ 13.794239] ? __pfx_kthread+0x10/0x10 [ 13.794259] ret_from_fork+0x116/0x1d0 [ 13.794277] ? __pfx_kthread+0x10/0x10 [ 13.794297] ret_from_fork_asm+0x1a/0x30 [ 13.794327] </TASK> [ 13.794338] [ 13.807667] The buggy address belongs to stack of task kunit_try_catch/266 [ 13.808236] and is located at offset 138 in frame: [ 13.808596] kasan_stack_oob+0x0/0x300 [ 13.809073] [ 13.809189] This frame has 4 objects: [ 13.809765] [48, 49) '__assertion' [ 13.809797] [64, 72) 'array' [ 13.809971] [96, 112) '__assertion' [ 13.810142] [128, 138) 'stack_array' [ 13.810630] [ 13.810859] The buggy address belongs to the physical page: [ 13.811140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a37 [ 13.811874] flags: 0x200000000000000(node=0|zone=2) [ 13.812129] raw: 0200000000000000 ffffea00040e8dc8 ffffea00040e8dc8 0000000000000000 [ 13.812595] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.813057] page dumped because: kasan: bad access detected [ 13.813637] [ 13.813750] Memory state around the buggy address: [ 13.813998] ffff888103a37c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.814624] ffff888103a37c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.815050] >ffff888103a37d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.815562] ^ [ 13.815700] ffff888103a37d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.816219] ffff888103a37e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.816792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.765238] ================================================================== [ 13.766073] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.766356] Read of size 1 at addr ffffffff98463e8d by task kunit_try_catch/262 [ 13.766903] [ 13.767049] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.767093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.767105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.767125] Call Trace: [ 13.767136] <TASK> [ 13.767150] dump_stack_lvl+0x73/0xb0 [ 13.767179] print_report+0xd1/0x610 [ 13.767201] ? __virt_addr_valid+0x1db/0x2d0 [ 13.767223] ? kasan_global_oob_right+0x286/0x2d0 [ 13.767243] ? kasan_addr_to_slab+0x11/0xa0 [ 13.767263] ? kasan_global_oob_right+0x286/0x2d0 [ 13.767284] kasan_report+0x141/0x180 [ 13.767305] ? kasan_global_oob_right+0x286/0x2d0 [ 13.767331] __asan_report_load1_noabort+0x18/0x20 [ 13.767353] kasan_global_oob_right+0x286/0x2d0 [ 13.767403] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.767427] ? __schedule+0x10cc/0x2b60 [ 13.767449] ? __pfx_read_tsc+0x10/0x10 [ 13.767472] ? ktime_get_ts64+0x86/0x230 [ 13.767497] kunit_try_run_case+0x1a5/0x480 [ 13.767522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.767543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.767567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.767590] ? __kthread_parkme+0x82/0x180 [ 13.767611] ? preempt_count_sub+0x50/0x80 [ 13.767633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.767657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.767680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.767702] kthread+0x337/0x6f0 [ 13.767721] ? trace_preempt_on+0x20/0xc0 [ 13.767744] ? __pfx_kthread+0x10/0x10 [ 13.767764] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.767785] ? calculate_sigpending+0x7b/0xa0 [ 13.767807] ? __pfx_kthread+0x10/0x10 [ 13.767828] ret_from_fork+0x116/0x1d0 [ 13.767847] ? __pfx_kthread+0x10/0x10 [ 13.767867] ret_from_fork_asm+0x1a/0x30 [ 13.767897] </TASK> [ 13.767908] [ 13.775785] The buggy address belongs to the variable: [ 13.775977] global_array+0xd/0x40 [ 13.776128] [ 13.776243] The buggy address belongs to the physical page: [ 13.776553] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x132863 [ 13.777025] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.777269] raw: 0200000000002000 ffffea0004ca18c8 ffffea0004ca18c8 0000000000000000 [ 13.777835] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.778093] page dumped because: kasan: bad access detected [ 13.778343] [ 13.778714] Memory state around the buggy address: [ 13.778942] ffffffff98463d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.779166] ffffffff98463e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.779374] >ffffffff98463e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.779686] ^ [ 13.779944] ffffffff98463f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.780278] ffffffff98463f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.780575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.720182] ================================================================== [ 13.721289] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.721842] Free of addr ffff888102fd1a01 by task kunit_try_catch/258 [ 13.722122] [ 13.722230] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.722273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.722284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.722304] Call Trace: [ 13.722315] <TASK> [ 13.722329] dump_stack_lvl+0x73/0xb0 [ 13.722359] print_report+0xd1/0x610 [ 13.722380] ? __virt_addr_valid+0x1db/0x2d0 [ 13.722402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.722423] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.722448] kasan_report_invalid_free+0x10a/0x130 [ 13.722471] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.722497] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.722520] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.722543] check_slab_allocation+0x11f/0x130 [ 13.722564] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.722587] mempool_free+0x2ec/0x380 [ 13.722613] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.722638] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.722663] ? __kasan_check_write+0x18/0x20 [ 13.722682] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.722702] ? finish_task_switch.isra.0+0x153/0x700 [ 13.722727] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.722749] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.722775] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.722796] ? __pfx_mempool_kfree+0x10/0x10 [ 13.722820] ? __pfx_read_tsc+0x10/0x10 [ 13.722840] ? ktime_get_ts64+0x86/0x230 [ 13.722863] kunit_try_run_case+0x1a5/0x480 [ 13.722887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.722909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.722932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.722955] ? __kthread_parkme+0x82/0x180 [ 13.722974] ? preempt_count_sub+0x50/0x80 [ 13.722996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.723031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.723053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.723077] kthread+0x337/0x6f0 [ 13.723096] ? trace_preempt_on+0x20/0xc0 [ 13.723119] ? __pfx_kthread+0x10/0x10 [ 13.723139] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.723159] ? calculate_sigpending+0x7b/0xa0 [ 13.723183] ? __pfx_kthread+0x10/0x10 [ 13.723203] ret_from_fork+0x116/0x1d0 [ 13.723221] ? __pfx_kthread+0x10/0x10 [ 13.723240] ret_from_fork_asm+0x1a/0x30 [ 13.723270] </TASK> [ 13.723280] [ 13.732510] Allocated by task 258: [ 13.732696] kasan_save_stack+0x45/0x70 [ 13.732903] kasan_save_track+0x18/0x40 [ 13.733114] kasan_save_alloc_info+0x3b/0x50 [ 13.733298] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.733602] remove_element+0x11e/0x190 [ 13.733796] mempool_alloc_preallocated+0x4d/0x90 [ 13.733970] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.734210] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.734597] kunit_try_run_case+0x1a5/0x480 [ 13.734798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.735034] kthread+0x337/0x6f0 [ 13.735193] ret_from_fork+0x116/0x1d0 [ 13.735423] ret_from_fork_asm+0x1a/0x30 [ 13.735602] [ 13.735702] The buggy address belongs to the object at ffff888102fd1a00 [ 13.735702] which belongs to the cache kmalloc-128 of size 128 [ 13.736183] The buggy address is located 1 bytes inside of [ 13.736183] 128-byte region [ffff888102fd1a00, ffff888102fd1a80) [ 13.736700] [ 13.736802] The buggy address belongs to the physical page: [ 13.737045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 13.737350] flags: 0x200000000000000(node=0|zone=2) [ 13.737513] page_type: f5(slab) [ 13.737632] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.737862] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.738137] page dumped because: kasan: bad access detected [ 13.738387] [ 13.738499] Memory state around the buggy address: [ 13.738720] ffff888102fd1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.739043] ffff888102fd1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.739258] >ffff888102fd1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.739803] ^ [ 13.739980] ffff888102fd1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.740309] ffff888102fd1b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.740761] ================================================================== [ 13.745938] ================================================================== [ 13.746419] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.746960] Free of addr ffff8881039f8001 by task kunit_try_catch/260 [ 13.747223] [ 13.747333] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.747375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.747386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.747407] Call Trace: [ 13.747418] <TASK> [ 13.747431] dump_stack_lvl+0x73/0xb0 [ 13.747458] print_report+0xd1/0x610 [ 13.747479] ? __virt_addr_valid+0x1db/0x2d0 [ 13.747514] ? kasan_addr_to_slab+0x11/0xa0 [ 13.747533] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.747558] kasan_report_invalid_free+0x10a/0x130 [ 13.747581] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.747608] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.747631] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.747654] mempool_free+0x2ec/0x380 [ 13.747679] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.747704] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.747730] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.747751] ? finish_task_switch.isra.0+0x153/0x700 [ 13.747775] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.747799] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.747826] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.747848] ? __pfx_mempool_kfree+0x10/0x10 [ 13.747873] ? __pfx_read_tsc+0x10/0x10 [ 13.747893] ? ktime_get_ts64+0x86/0x230 [ 13.747916] kunit_try_run_case+0x1a5/0x480 [ 13.747939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.747960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.747982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.748014] ? __kthread_parkme+0x82/0x180 [ 13.748042] ? preempt_count_sub+0x50/0x80 [ 13.748064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.748107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.748129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.748152] kthread+0x337/0x6f0 [ 13.748170] ? trace_preempt_on+0x20/0xc0 [ 13.748193] ? __pfx_kthread+0x10/0x10 [ 13.748212] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.748232] ? calculate_sigpending+0x7b/0xa0 [ 13.748254] ? __pfx_kthread+0x10/0x10 [ 13.748274] ret_from_fork+0x116/0x1d0 [ 13.748291] ? __pfx_kthread+0x10/0x10 [ 13.748311] ret_from_fork_asm+0x1a/0x30 [ 13.748340] </TASK> [ 13.748351] [ 13.757354] The buggy address belongs to the physical page: [ 13.757772] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.758139] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.758367] flags: 0x200000000000040(head|node=0|zone=2) [ 13.758622] page_type: f8(unknown) [ 13.758803] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.759157] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.759528] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.759775] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.760055] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 13.760391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.761042] page dumped because: kasan: bad access detected [ 13.761216] [ 13.761285] Memory state around the buggy address: [ 13.761439] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.761674] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.761988] >ffff8881039f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.762313] ^ [ 13.762477] ffff8881039f8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.762776] ffff8881039f8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.762991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.644842] ================================================================== [ 13.645775] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.646107] Free of addr ffff8881039b7200 by task kunit_try_catch/252 [ 13.646366] [ 13.646498] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.646544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.646555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.646577] Call Trace: [ 13.646588] <TASK> [ 13.646603] dump_stack_lvl+0x73/0xb0 [ 13.646632] print_report+0xd1/0x610 [ 13.646653] ? __virt_addr_valid+0x1db/0x2d0 [ 13.646679] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.646700] ? mempool_double_free_helper+0x184/0x370 [ 13.646723] kasan_report_invalid_free+0x10a/0x130 [ 13.646746] ? mempool_double_free_helper+0x184/0x370 [ 13.646771] ? mempool_double_free_helper+0x184/0x370 [ 13.646793] ? mempool_double_free_helper+0x184/0x370 [ 13.646815] check_slab_allocation+0x101/0x130 [ 13.646835] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.646859] mempool_free+0x2ec/0x380 [ 13.646887] mempool_double_free_helper+0x184/0x370 [ 13.646910] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.646935] ? __kasan_check_write+0x18/0x20 [ 13.646953] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.646974] ? finish_task_switch.isra.0+0x153/0x700 [ 13.646999] mempool_kmalloc_double_free+0xed/0x140 [ 13.647044] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.647071] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.647092] ? __pfx_mempool_kfree+0x10/0x10 [ 13.647116] ? __pfx_read_tsc+0x10/0x10 [ 13.647137] ? ktime_get_ts64+0x86/0x230 [ 13.647161] kunit_try_run_case+0x1a5/0x480 [ 13.647186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.647208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.647231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.647253] ? __kthread_parkme+0x82/0x180 [ 13.647273] ? preempt_count_sub+0x50/0x80 [ 13.647294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.647317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.647340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.647363] kthread+0x337/0x6f0 [ 13.647392] ? trace_preempt_on+0x20/0xc0 [ 13.647414] ? __pfx_kthread+0x10/0x10 [ 13.647434] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.647454] ? calculate_sigpending+0x7b/0xa0 [ 13.647477] ? __pfx_kthread+0x10/0x10 [ 13.647498] ret_from_fork+0x116/0x1d0 [ 13.647516] ? __pfx_kthread+0x10/0x10 [ 13.647536] ret_from_fork_asm+0x1a/0x30 [ 13.647565] </TASK> [ 13.647575] [ 13.660182] Allocated by task 252: [ 13.660362] kasan_save_stack+0x45/0x70 [ 13.660973] kasan_save_track+0x18/0x40 [ 13.661158] kasan_save_alloc_info+0x3b/0x50 [ 13.661728] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.662114] remove_element+0x11e/0x190 [ 13.662398] mempool_alloc_preallocated+0x4d/0x90 [ 13.662792] mempool_double_free_helper+0x8a/0x370 [ 13.662995] mempool_kmalloc_double_free+0xed/0x140 [ 13.663223] kunit_try_run_case+0x1a5/0x480 [ 13.663431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.663920] kthread+0x337/0x6f0 [ 13.664068] ret_from_fork+0x116/0x1d0 [ 13.664505] ret_from_fork_asm+0x1a/0x30 [ 13.664808] [ 13.664911] Freed by task 252: [ 13.665217] kasan_save_stack+0x45/0x70 [ 13.665426] kasan_save_track+0x18/0x40 [ 13.665764] kasan_save_free_info+0x3f/0x60 [ 13.665974] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.666215] mempool_free+0x2ec/0x380 [ 13.666721] mempool_double_free_helper+0x109/0x370 [ 13.666958] mempool_kmalloc_double_free+0xed/0x140 [ 13.667258] kunit_try_run_case+0x1a5/0x480 [ 13.667430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.667860] kthread+0x337/0x6f0 [ 13.668051] ret_from_fork+0x116/0x1d0 [ 13.668232] ret_from_fork_asm+0x1a/0x30 [ 13.668667] [ 13.668841] The buggy address belongs to the object at ffff8881039b7200 [ 13.668841] which belongs to the cache kmalloc-128 of size 128 [ 13.669427] The buggy address is located 0 bytes inside of [ 13.669427] 128-byte region [ffff8881039b7200, ffff8881039b7280) [ 13.670185] [ 13.670283] The buggy address belongs to the physical page: [ 13.670611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 13.671111] flags: 0x200000000000000(node=0|zone=2) [ 13.671325] page_type: f5(slab) [ 13.671793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.672176] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.672715] page dumped because: kasan: bad access detected [ 13.672976] [ 13.673081] Memory state around the buggy address: [ 13.673269] ffff8881039b7100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.673587] ffff8881039b7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.674158] >ffff8881039b7200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.674598] ^ [ 13.674749] ffff8881039b7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.675049] ffff8881039b7300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.675375] ================================================================== [ 13.678357] ================================================================== [ 13.679550] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.679887] Free of addr ffff8881039f8000 by task kunit_try_catch/254 [ 13.680189] [ 13.680298] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.680342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.680353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.680374] Call Trace: [ 13.680385] <TASK> [ 13.680399] dump_stack_lvl+0x73/0xb0 [ 13.680427] print_report+0xd1/0x610 [ 13.680448] ? __virt_addr_valid+0x1db/0x2d0 [ 13.680471] ? kasan_addr_to_slab+0x11/0xa0 [ 13.680490] ? mempool_double_free_helper+0x184/0x370 [ 13.680513] kasan_report_invalid_free+0x10a/0x130 [ 13.680537] ? mempool_double_free_helper+0x184/0x370 [ 13.680563] ? mempool_double_free_helper+0x184/0x370 [ 13.680584] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.680608] mempool_free+0x2ec/0x380 [ 13.680634] mempool_double_free_helper+0x184/0x370 [ 13.680657] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.680682] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.680703] ? finish_task_switch.isra.0+0x153/0x700 [ 13.680728] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.680752] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.680779] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.680800] ? __pfx_mempool_kfree+0x10/0x10 [ 13.680824] ? __pfx_read_tsc+0x10/0x10 [ 13.680844] ? ktime_get_ts64+0x86/0x230 [ 13.680867] kunit_try_run_case+0x1a5/0x480 [ 13.680890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.680934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.680957] ? __kthread_parkme+0x82/0x180 [ 13.680982] ? preempt_count_sub+0x50/0x80 [ 13.681013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.681037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.681058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.681081] kthread+0x337/0x6f0 [ 13.681100] ? trace_preempt_on+0x20/0xc0 [ 13.681121] ? __pfx_kthread+0x10/0x10 [ 13.681141] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.681162] ? calculate_sigpending+0x7b/0xa0 [ 13.681186] ? __pfx_kthread+0x10/0x10 [ 13.681206] ret_from_fork+0x116/0x1d0 [ 13.681223] ? __pfx_kthread+0x10/0x10 [ 13.681242] ret_from_fork_asm+0x1a/0x30 [ 13.681271] </TASK> [ 13.681281] [ 13.689526] The buggy address belongs to the physical page: [ 13.689788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.690151] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.690577] flags: 0x200000000000040(head|node=0|zone=2) [ 13.690755] page_type: f8(unknown) [ 13.690909] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.691266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.691627] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.691905] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.692147] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 13.692380] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.692795] page dumped because: kasan: bad access detected [ 13.693067] [ 13.693161] Memory state around the buggy address: [ 13.693383] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.693702] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.694031] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.694246] ^ [ 13.694364] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.695088] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.695370] ================================================================== [ 13.699946] ================================================================== [ 13.700486] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.700879] Free of addr ffff8881039f8000 by task kunit_try_catch/256 [ 13.701192] [ 13.701298] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.701343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.701355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.701377] Call Trace: [ 13.701388] <TASK> [ 13.701403] dump_stack_lvl+0x73/0xb0 [ 13.701432] print_report+0xd1/0x610 [ 13.701453] ? __virt_addr_valid+0x1db/0x2d0 [ 13.701477] ? kasan_addr_to_slab+0x11/0xa0 [ 13.701495] ? mempool_double_free_helper+0x184/0x370 [ 13.701519] kasan_report_invalid_free+0x10a/0x130 [ 13.701543] ? mempool_double_free_helper+0x184/0x370 [ 13.701568] ? mempool_double_free_helper+0x184/0x370 [ 13.701590] __kasan_mempool_poison_pages+0x115/0x130 [ 13.701614] mempool_free+0x290/0x380 [ 13.701640] mempool_double_free_helper+0x184/0x370 [ 13.701662] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.701687] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.701709] ? finish_task_switch.isra.0+0x153/0x700 [ 13.701733] mempool_page_alloc_double_free+0xe8/0x140 [ 13.701757] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.701782] ? __kasan_check_write+0x18/0x20 [ 13.701802] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.701824] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.701849] ? __pfx_read_tsc+0x10/0x10 [ 13.701869] ? ktime_get_ts64+0x86/0x230 [ 13.701889] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.701915] kunit_try_run_case+0x1a5/0x480 [ 13.701940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.701963] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.701988] ? __kthread_parkme+0x82/0x180 [ 13.702018] ? preempt_count_sub+0x50/0x80 [ 13.702040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.702085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.702107] kthread+0x337/0x6f0 [ 13.702125] ? trace_preempt_on+0x20/0xc0 [ 13.702147] ? __pfx_kthread+0x10/0x10 [ 13.702167] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.702187] ? calculate_sigpending+0x7b/0xa0 [ 13.702210] ? __pfx_kthread+0x10/0x10 [ 13.702231] ret_from_fork+0x116/0x1d0 [ 13.702249] ? __pfx_kthread+0x10/0x10 [ 13.702269] ret_from_fork_asm+0x1a/0x30 [ 13.702300] </TASK> [ 13.702310] [ 13.710488] The buggy address belongs to the physical page: [ 13.710667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.711346] flags: 0x200000000000000(node=0|zone=2) [ 13.711646] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.712030] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.712326] page dumped because: kasan: bad access detected [ 13.712770] [ 13.712842] Memory state around the buggy address: [ 13.713074] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.713389] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.713695] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.713986] ^ [ 13.714136] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.714465] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.714794] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.614591] ================================================================== [ 13.615128] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.615369] Read of size 1 at addr ffff888103a68000 by task kunit_try_catch/250 [ 13.616226] [ 13.616425] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.616471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.616483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.616505] Call Trace: [ 13.616517] <TASK> [ 13.616532] dump_stack_lvl+0x73/0xb0 [ 13.616612] print_report+0xd1/0x610 [ 13.616635] ? __virt_addr_valid+0x1db/0x2d0 [ 13.616886] ? mempool_uaf_helper+0x392/0x400 [ 13.616907] ? kasan_addr_to_slab+0x11/0xa0 [ 13.616926] ? mempool_uaf_helper+0x392/0x400 [ 13.616948] kasan_report+0x141/0x180 [ 13.616973] ? mempool_uaf_helper+0x392/0x400 [ 13.616999] __asan_report_load1_noabort+0x18/0x20 [ 13.617032] mempool_uaf_helper+0x392/0x400 [ 13.617054] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.617076] ? __kasan_check_write+0x18/0x20 [ 13.617095] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.617117] ? finish_task_switch.isra.0+0x153/0x700 [ 13.617141] mempool_page_alloc_uaf+0xed/0x140 [ 13.617164] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.617190] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.617213] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.617238] ? __pfx_read_tsc+0x10/0x10 [ 13.617258] ? ktime_get_ts64+0x86/0x230 [ 13.617281] kunit_try_run_case+0x1a5/0x480 [ 13.617306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.617350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.617385] ? __kthread_parkme+0x82/0x180 [ 13.617407] ? preempt_count_sub+0x50/0x80 [ 13.617429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.617474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.617496] kthread+0x337/0x6f0 [ 13.617515] ? trace_preempt_on+0x20/0xc0 [ 13.617537] ? __pfx_kthread+0x10/0x10 [ 13.617557] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.617577] ? calculate_sigpending+0x7b/0xa0 [ 13.617599] ? __pfx_kthread+0x10/0x10 [ 13.617619] ret_from_fork+0x116/0x1d0 [ 13.617637] ? __pfx_kthread+0x10/0x10 [ 13.617657] ret_from_fork_asm+0x1a/0x30 [ 13.617687] </TASK> [ 13.617698] [ 13.633979] The buggy address belongs to the physical page: [ 13.634737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a68 [ 13.635192] flags: 0x200000000000000(node=0|zone=2) [ 13.635429] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.636116] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.636347] page dumped because: kasan: bad access detected [ 13.636936] [ 13.637129] Memory state around the buggy address: [ 13.637619] ffff888103a67f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.638042] ffff888103a67f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.638261] >ffff888103a68000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.638949] ^ [ 13.639275] ffff888103a68080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.640001] ffff888103a68100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.640679] ================================================================== [ 13.552734] ================================================================== [ 13.553707] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.554017] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/246 [ 13.554315] [ 13.554703] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.554751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.554763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.554784] Call Trace: [ 13.554795] <TASK> [ 13.554810] dump_stack_lvl+0x73/0xb0 [ 13.554839] print_report+0xd1/0x610 [ 13.554873] ? __virt_addr_valid+0x1db/0x2d0 [ 13.554895] ? mempool_uaf_helper+0x392/0x400 [ 13.554916] ? kasan_addr_to_slab+0x11/0xa0 [ 13.554948] ? mempool_uaf_helper+0x392/0x400 [ 13.554970] kasan_report+0x141/0x180 [ 13.554991] ? mempool_uaf_helper+0x392/0x400 [ 13.555026] __asan_report_load1_noabort+0x18/0x20 [ 13.555059] mempool_uaf_helper+0x392/0x400 [ 13.555081] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.555102] ? update_load_avg+0x1be/0x21b0 [ 13.555139] ? finish_task_switch.isra.0+0x153/0x700 [ 13.555164] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.555186] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.555211] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.555234] ? __pfx_mempool_kfree+0x10/0x10 [ 13.555267] ? __pfx_read_tsc+0x10/0x10 [ 13.555287] ? ktime_get_ts64+0x86/0x230 [ 13.555310] kunit_try_run_case+0x1a5/0x480 [ 13.555343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.555436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.555465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.555488] ? __kthread_parkme+0x82/0x180 [ 13.555508] ? preempt_count_sub+0x50/0x80 [ 13.555531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.555554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.555599] kthread+0x337/0x6f0 [ 13.555617] ? trace_preempt_on+0x20/0xc0 [ 13.555639] ? __pfx_kthread+0x10/0x10 [ 13.555658] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.555679] ? calculate_sigpending+0x7b/0xa0 [ 13.555701] ? __pfx_kthread+0x10/0x10 [ 13.555722] ret_from_fork+0x116/0x1d0 [ 13.555739] ? __pfx_kthread+0x10/0x10 [ 13.555759] ret_from_fork_asm+0x1a/0x30 [ 13.555789] </TASK> [ 13.555799] [ 13.565744] The buggy address belongs to the physical page: [ 13.566058] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.566619] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.566984] flags: 0x200000000000040(head|node=0|zone=2) [ 13.567214] page_type: f8(unknown) [ 13.567461] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.567787] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.568129] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.568590] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.568934] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 13.569262] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.569653] page dumped because: kasan: bad access detected [ 13.569877] [ 13.569994] Memory state around the buggy address: [ 13.570209] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.570726] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.571104] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.571438] ^ [ 13.571569] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.571784] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.572001] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.512165] ================================================================== [ 13.513326] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.513815] Read of size 1 at addr ffff8881027d6e00 by task kunit_try_catch/244 [ 13.514056] [ 13.514148] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.514194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.514205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.514226] Call Trace: [ 13.514237] <TASK> [ 13.514251] dump_stack_lvl+0x73/0xb0 [ 13.514278] print_report+0xd1/0x610 [ 13.514299] ? __virt_addr_valid+0x1db/0x2d0 [ 13.514320] ? mempool_uaf_helper+0x392/0x400 [ 13.514341] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.514408] ? mempool_uaf_helper+0x392/0x400 [ 13.514429] kasan_report+0x141/0x180 [ 13.514451] ? mempool_uaf_helper+0x392/0x400 [ 13.514476] __asan_report_load1_noabort+0x18/0x20 [ 13.514499] mempool_uaf_helper+0x392/0x400 [ 13.514520] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.514543] ? __kasan_check_write+0x18/0x20 [ 13.514561] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.514583] ? finish_task_switch.isra.0+0x153/0x700 [ 13.514609] mempool_kmalloc_uaf+0xef/0x140 [ 13.514630] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.514673] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.514706] ? __pfx_mempool_kfree+0x10/0x10 [ 13.514730] ? __pfx_read_tsc+0x10/0x10 [ 13.514751] ? ktime_get_ts64+0x86/0x230 [ 13.514784] kunit_try_run_case+0x1a5/0x480 [ 13.514807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.514851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.514873] ? __kthread_parkme+0x82/0x180 [ 13.514892] ? preempt_count_sub+0x50/0x80 [ 13.514914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.514937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.514958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.514981] kthread+0x337/0x6f0 [ 13.514999] ? trace_preempt_on+0x20/0xc0 [ 13.515031] ? __pfx_kthread+0x10/0x10 [ 13.515051] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.515072] ? calculate_sigpending+0x7b/0xa0 [ 13.515095] ? __pfx_kthread+0x10/0x10 [ 13.515115] ret_from_fork+0x116/0x1d0 [ 13.515143] ? __pfx_kthread+0x10/0x10 [ 13.515163] ret_from_fork_asm+0x1a/0x30 [ 13.515192] </TASK> [ 13.515214] [ 13.531475] Allocated by task 244: [ 13.531879] kasan_save_stack+0x45/0x70 [ 13.532184] kasan_save_track+0x18/0x40 [ 13.532320] kasan_save_alloc_info+0x3b/0x50 [ 13.532477] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.532652] remove_element+0x11e/0x190 [ 13.532791] mempool_alloc_preallocated+0x4d/0x90 [ 13.532946] mempool_uaf_helper+0x96/0x400 [ 13.533331] mempool_kmalloc_uaf+0xef/0x140 [ 13.533803] kunit_try_run_case+0x1a5/0x480 [ 13.534289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.534854] kthread+0x337/0x6f0 [ 13.535176] ret_from_fork+0x116/0x1d0 [ 13.535568] ret_from_fork_asm+0x1a/0x30 [ 13.536023] [ 13.536204] Freed by task 244: [ 13.536586] kasan_save_stack+0x45/0x70 [ 13.536988] kasan_save_track+0x18/0x40 [ 13.537355] kasan_save_free_info+0x3f/0x60 [ 13.537805] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.538280] mempool_free+0x2ec/0x380 [ 13.538706] mempool_uaf_helper+0x11a/0x400 [ 13.539129] mempool_kmalloc_uaf+0xef/0x140 [ 13.539708] kunit_try_run_case+0x1a5/0x480 [ 13.539928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.540114] kthread+0x337/0x6f0 [ 13.540234] ret_from_fork+0x116/0x1d0 [ 13.540378] ret_from_fork_asm+0x1a/0x30 [ 13.540743] [ 13.540924] The buggy address belongs to the object at ffff8881027d6e00 [ 13.540924] which belongs to the cache kmalloc-128 of size 128 [ 13.542337] The buggy address is located 0 bytes inside of [ 13.542337] freed 128-byte region [ffff8881027d6e00, ffff8881027d6e80) [ 13.543562] [ 13.543750] The buggy address belongs to the physical page: [ 13.544254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 13.544943] flags: 0x200000000000000(node=0|zone=2) [ 13.545169] page_type: f5(slab) [ 13.545394] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.545885] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.546126] page dumped because: kasan: bad access detected [ 13.546297] [ 13.546367] Memory state around the buggy address: [ 13.546612] ffff8881027d6d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.547158] ffff8881027d6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547789] >ffff8881027d6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.548020] ^ [ 13.548137] ffff8881027d6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548352] ffff8881027d6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.548566] ================================================================== [ 13.576751] ================================================================== [ 13.577246] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.577799] Read of size 1 at addr ffff8881039b7240 by task kunit_try_catch/248 [ 13.578593] [ 13.578706] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.578750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.578788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.578809] Call Trace: [ 13.578820] <TASK> [ 13.578834] dump_stack_lvl+0x73/0xb0 [ 13.579018] print_report+0xd1/0x610 [ 13.579042] ? __virt_addr_valid+0x1db/0x2d0 [ 13.579064] ? mempool_uaf_helper+0x392/0x400 [ 13.579086] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.579108] ? mempool_uaf_helper+0x392/0x400 [ 13.579129] kasan_report+0x141/0x180 [ 13.579151] ? mempool_uaf_helper+0x392/0x400 [ 13.579177] __asan_report_load1_noabort+0x18/0x20 [ 13.579200] mempool_uaf_helper+0x392/0x400 [ 13.579222] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.579251] mempool_slab_uaf+0xea/0x140 [ 13.579274] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.579296] ? schedule+0x7c/0x2e0 [ 13.579317] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.579341] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.579366] ? __pfx_read_tsc+0x10/0x10 [ 13.579386] ? ktime_get_ts64+0x86/0x230 [ 13.579410] kunit_try_run_case+0x1a5/0x480 [ 13.579433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.579454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.579476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.579498] ? __kthread_parkme+0x82/0x180 [ 13.579518] ? preempt_count_sub+0x50/0x80 [ 13.579540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.579563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.579586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.579608] kthread+0x337/0x6f0 [ 13.579626] ? trace_preempt_on+0x20/0xc0 [ 13.579648] ? __pfx_kthread+0x10/0x10 [ 13.579668] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.579689] ? calculate_sigpending+0x7b/0xa0 [ 13.579710] ? __pfx_kthread+0x10/0x10 [ 13.579731] ret_from_fork+0x116/0x1d0 [ 13.579749] ? __pfx_kthread+0x10/0x10 [ 13.579770] ret_from_fork_asm+0x1a/0x30 [ 13.579799] </TASK> [ 13.579809] [ 13.590861] Allocated by task 248: [ 13.591065] kasan_save_stack+0x45/0x70 [ 13.591245] kasan_save_track+0x18/0x40 [ 13.591913] kasan_save_alloc_info+0x3b/0x50 [ 13.592130] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.592473] remove_element+0x11e/0x190 [ 13.592663] mempool_alloc_preallocated+0x4d/0x90 [ 13.593121] mempool_uaf_helper+0x96/0x400 [ 13.593437] mempool_slab_uaf+0xea/0x140 [ 13.593664] kunit_try_run_case+0x1a5/0x480 [ 13.594032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.594368] kthread+0x337/0x6f0 [ 13.594547] ret_from_fork+0x116/0x1d0 [ 13.594900] ret_from_fork_asm+0x1a/0x30 [ 13.595228] [ 13.595305] Freed by task 248: [ 13.595501] kasan_save_stack+0x45/0x70 [ 13.595902] kasan_save_track+0x18/0x40 [ 13.596143] kasan_save_free_info+0x3f/0x60 [ 13.596556] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.596886] mempool_free+0x2ec/0x380 [ 13.597079] mempool_uaf_helper+0x11a/0x400 [ 13.597455] mempool_slab_uaf+0xea/0x140 [ 13.597776] kunit_try_run_case+0x1a5/0x480 [ 13.597992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.598247] kthread+0x337/0x6f0 [ 13.598403] ret_from_fork+0x116/0x1d0 [ 13.598884] ret_from_fork_asm+0x1a/0x30 [ 13.599049] [ 13.599338] The buggy address belongs to the object at ffff8881039b7240 [ 13.599338] which belongs to the cache test_cache of size 123 [ 13.600135] The buggy address is located 0 bytes inside of [ 13.600135] freed 123-byte region [ffff8881039b7240, ffff8881039b72bb) [ 13.600759] [ 13.600869] The buggy address belongs to the physical page: [ 13.601148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 13.601824] flags: 0x200000000000000(node=0|zone=2) [ 13.602066] page_type: f5(slab) [ 13.602240] raw: 0200000000000000 ffff8881027f2140 dead000000000122 0000000000000000 [ 13.602763] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.603225] page dumped because: kasan: bad access detected [ 13.603622] [ 13.603724] Memory state around the buggy address: [ 13.603928] ffff8881039b7100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.604260] ffff8881039b7180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.604797] >ffff8881039b7200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.605180] ^ [ 13.605531] ffff8881039b7280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.605994] ffff8881039b7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.606324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.418336] ================================================================== [ 13.418851] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.419240] Read of size 1 at addr ffff888102fd1673 by task kunit_try_catch/238 [ 13.419971] [ 13.420271] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.420347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.420360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.420555] Call Trace: [ 13.420572] <TASK> [ 13.420591] dump_stack_lvl+0x73/0xb0 [ 13.420626] print_report+0xd1/0x610 [ 13.420649] ? __virt_addr_valid+0x1db/0x2d0 [ 13.420675] ? mempool_oob_right_helper+0x318/0x380 [ 13.420699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.420721] ? mempool_oob_right_helper+0x318/0x380 [ 13.420744] kasan_report+0x141/0x180 [ 13.420765] ? mempool_oob_right_helper+0x318/0x380 [ 13.420792] __asan_report_load1_noabort+0x18/0x20 [ 13.420815] mempool_oob_right_helper+0x318/0x380 [ 13.420838] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.420862] ? __kasan_check_write+0x18/0x20 [ 13.420881] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.420903] ? finish_task_switch.isra.0+0x153/0x700 [ 13.420929] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.420951] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.420985] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.421023] ? __pfx_mempool_kfree+0x10/0x10 [ 13.421047] ? __pfx_read_tsc+0x10/0x10 [ 13.421069] ? ktime_get_ts64+0x86/0x230 [ 13.421094] kunit_try_run_case+0x1a5/0x480 [ 13.421120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.421141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.421165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.421187] ? __kthread_parkme+0x82/0x180 [ 13.421208] ? preempt_count_sub+0x50/0x80 [ 13.421230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.421253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.421275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.421297] kthread+0x337/0x6f0 [ 13.421315] ? trace_preempt_on+0x20/0xc0 [ 13.421338] ? __pfx_kthread+0x10/0x10 [ 13.421358] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.421391] ? calculate_sigpending+0x7b/0xa0 [ 13.421415] ? __pfx_kthread+0x10/0x10 [ 13.421435] ret_from_fork+0x116/0x1d0 [ 13.421453] ? __pfx_kthread+0x10/0x10 [ 13.421472] ret_from_fork_asm+0x1a/0x30 [ 13.421505] </TASK> [ 13.421517] [ 13.433515] Allocated by task 238: [ 13.433786] kasan_save_stack+0x45/0x70 [ 13.433981] kasan_save_track+0x18/0x40 [ 13.434193] kasan_save_alloc_info+0x3b/0x50 [ 13.434401] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.434987] remove_element+0x11e/0x190 [ 13.435280] mempool_alloc_preallocated+0x4d/0x90 [ 13.435704] mempool_oob_right_helper+0x8a/0x380 [ 13.436039] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.436281] kunit_try_run_case+0x1a5/0x480 [ 13.436771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.437042] kthread+0x337/0x6f0 [ 13.437564] ret_from_fork+0x116/0x1d0 [ 13.437737] ret_from_fork_asm+0x1a/0x30 [ 13.438115] [ 13.438220] The buggy address belongs to the object at ffff888102fd1600 [ 13.438220] which belongs to the cache kmalloc-128 of size 128 [ 13.438972] The buggy address is located 0 bytes to the right of [ 13.438972] allocated 115-byte region [ffff888102fd1600, ffff888102fd1673) [ 13.439740] [ 13.439851] The buggy address belongs to the physical page: [ 13.440325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 13.440693] flags: 0x200000000000000(node=0|zone=2) [ 13.441084] page_type: f5(slab) [ 13.441265] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.441863] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.442290] page dumped because: kasan: bad access detected [ 13.442778] [ 13.442892] Memory state around the buggy address: [ 13.443195] ffff888102fd1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.443802] ffff888102fd1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.444147] >ffff888102fd1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.444840] ^ [ 13.445137] ffff888102fd1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.445653] ffff888102fd1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.446119] ================================================================== [ 13.449802] ================================================================== [ 13.450345] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.450877] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240 [ 13.451185] [ 13.451280] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.451324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.451336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.451357] Call Trace: [ 13.451369] <TASK> [ 13.451386] dump_stack_lvl+0x73/0xb0 [ 13.451415] print_report+0xd1/0x610 [ 13.451722] ? __virt_addr_valid+0x1db/0x2d0 [ 13.451747] ? mempool_oob_right_helper+0x318/0x380 [ 13.451769] ? kasan_addr_to_slab+0x11/0xa0 [ 13.451789] ? mempool_oob_right_helper+0x318/0x380 [ 13.451812] kasan_report+0x141/0x180 [ 13.451833] ? mempool_oob_right_helper+0x318/0x380 [ 13.451860] __asan_report_load1_noabort+0x18/0x20 [ 13.451884] mempool_oob_right_helper+0x318/0x380 [ 13.451908] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.451930] ? update_curr+0x5c1/0x810 [ 13.451959] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.451983] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.452020] ? schedule+0x7c/0x2e0 [ 13.452043] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.452067] ? __pfx_mempool_kfree+0x10/0x10 [ 13.452091] ? __pfx_read_tsc+0x10/0x10 [ 13.452110] ? ktime_get_ts64+0x86/0x230 [ 13.452133] kunit_try_run_case+0x1a5/0x480 [ 13.452159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.452180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.452204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.452226] ? __kthread_parkme+0x82/0x180 [ 13.452247] ? preempt_count_sub+0x50/0x80 [ 13.452270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.452292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.452315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.452338] kthread+0x337/0x6f0 [ 13.452356] ? trace_preempt_on+0x20/0xc0 [ 13.452378] ? __pfx_kthread+0x10/0x10 [ 13.452409] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.452448] ? calculate_sigpending+0x7b/0xa0 [ 13.452471] ? __pfx_kthread+0x10/0x10 [ 13.452492] ret_from_fork+0x116/0x1d0 [ 13.452509] ? __pfx_kthread+0x10/0x10 [ 13.452529] ret_from_fork_asm+0x1a/0x30 [ 13.452559] </TASK> [ 13.452569] [ 13.462712] The buggy address belongs to the physical page: [ 13.463045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.463407] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.463932] flags: 0x200000000000040(head|node=0|zone=2) [ 13.464209] page_type: f8(unknown) [ 13.464362] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.464653] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.465087] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.465530] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.465905] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 13.466257] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.466686] page dumped because: kasan: bad access detected [ 13.466880] [ 13.466970] Memory state around the buggy address: [ 13.467220] ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.467789] ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.468034] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.468320] ^ [ 13.468659] ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.469089] ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.469420] ================================================================== [ 13.475904] ================================================================== [ 13.476478] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.477034] Read of size 1 at addr ffff8881039792bb by task kunit_try_catch/242 [ 13.477362] [ 13.477477] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.477520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.477531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.477552] Call Trace: [ 13.477563] <TASK> [ 13.477577] dump_stack_lvl+0x73/0xb0 [ 13.477729] print_report+0xd1/0x610 [ 13.477752] ? __virt_addr_valid+0x1db/0x2d0 [ 13.477775] ? mempool_oob_right_helper+0x318/0x380 [ 13.477797] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.477818] ? mempool_oob_right_helper+0x318/0x380 [ 13.477841] kasan_report+0x141/0x180 [ 13.477862] ? mempool_oob_right_helper+0x318/0x380 [ 13.477889] __asan_report_load1_noabort+0x18/0x20 [ 13.477947] mempool_oob_right_helper+0x318/0x380 [ 13.477995] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.478028] ? update_load_avg+0x1be/0x21b0 [ 13.478055] ? finish_task_switch.isra.0+0x153/0x700 [ 13.478080] mempool_slab_oob_right+0xed/0x140 [ 13.478103] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.478126] ? __kasan_check_write+0x18/0x20 [ 13.478146] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.478170] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.478195] ? __pfx_read_tsc+0x10/0x10 [ 13.478215] ? ktime_get_ts64+0x86/0x230 [ 13.478236] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.478261] kunit_try_run_case+0x1a5/0x480 [ 13.478285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478309] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.478334] ? __kthread_parkme+0x82/0x180 [ 13.478353] ? preempt_count_sub+0x50/0x80 [ 13.478430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.478455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.478477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.478499] kthread+0x337/0x6f0 [ 13.478522] ? trace_preempt_on+0x20/0xc0 [ 13.478544] ? __pfx_kthread+0x10/0x10 [ 13.478564] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.478584] ? calculate_sigpending+0x7b/0xa0 [ 13.478607] ? __pfx_kthread+0x10/0x10 [ 13.478628] ret_from_fork+0x116/0x1d0 [ 13.478646] ? __pfx_kthread+0x10/0x10 [ 13.478666] ret_from_fork_asm+0x1a/0x30 [ 13.478697] </TASK> [ 13.478707] [ 13.490698] Allocated by task 242: [ 13.490912] kasan_save_stack+0x45/0x70 [ 13.491211] kasan_save_track+0x18/0x40 [ 13.491459] kasan_save_alloc_info+0x3b/0x50 [ 13.492043] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.492366] remove_element+0x11e/0x190 [ 13.492794] mempool_alloc_preallocated+0x4d/0x90 [ 13.492987] mempool_oob_right_helper+0x8a/0x380 [ 13.493339] mempool_slab_oob_right+0xed/0x140 [ 13.493800] kunit_try_run_case+0x1a5/0x480 [ 13.494120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.494491] kthread+0x337/0x6f0 [ 13.494666] ret_from_fork+0x116/0x1d0 [ 13.494846] ret_from_fork_asm+0x1a/0x30 [ 13.495048] [ 13.495134] The buggy address belongs to the object at ffff888103979240 [ 13.495134] which belongs to the cache test_cache of size 123 [ 13.496154] The buggy address is located 0 bytes to the right of [ 13.496154] allocated 123-byte region [ffff888103979240, ffff8881039792bb) [ 13.497088] [ 13.497306] The buggy address belongs to the physical page: [ 13.497773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103979 [ 13.498327] flags: 0x200000000000000(node=0|zone=2) [ 13.498697] page_type: f5(slab) [ 13.499058] raw: 0200000000000000 ffff888102fd9280 dead000000000122 0000000000000000 [ 13.499624] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.500217] page dumped because: kasan: bad access detected [ 13.500714] [ 13.500817] Memory state around the buggy address: [ 13.501243] ffff888103979180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.501725] ffff888103979200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.502161] >ffff888103979280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.502720] ^ [ 13.503036] ffff888103979300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503509] ffff888103979380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.852262] ================================================================== [ 12.852830] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.853168] Read of size 1 at addr ffff888101da2dc0 by task kunit_try_catch/232 [ 12.853497] [ 12.853656] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.853704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.853715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.853737] Call Trace: [ 12.853750] <TASK> [ 12.853767] dump_stack_lvl+0x73/0xb0 [ 12.853796] print_report+0xd1/0x610 [ 12.853818] ? __virt_addr_valid+0x1db/0x2d0 [ 12.853841] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.853863] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.853884] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.853908] kasan_report+0x141/0x180 [ 12.853929] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.853955] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.853979] __kasan_check_byte+0x3d/0x50 [ 12.853999] kmem_cache_destroy+0x25/0x1d0 [ 12.854034] kmem_cache_double_destroy+0x1bf/0x380 [ 12.854057] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.854081] ? finish_task_switch.isra.0+0x153/0x700 [ 12.854104] ? __switch_to+0x47/0xf50 [ 12.854132] ? __pfx_read_tsc+0x10/0x10 [ 12.854156] ? ktime_get_ts64+0x86/0x230 [ 12.854180] kunit_try_run_case+0x1a5/0x480 [ 12.854205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.854226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.854250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.854271] ? __kthread_parkme+0x82/0x180 [ 12.854292] ? preempt_count_sub+0x50/0x80 [ 12.854315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.854338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.854361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.854384] kthread+0x337/0x6f0 [ 12.854403] ? trace_preempt_on+0x20/0xc0 [ 12.854425] ? __pfx_kthread+0x10/0x10 [ 12.854445] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.854466] ? calculate_sigpending+0x7b/0xa0 [ 12.854489] ? __pfx_kthread+0x10/0x10 [ 12.854684] ret_from_fork+0x116/0x1d0 [ 12.854706] ? __pfx_kthread+0x10/0x10 [ 12.854727] ret_from_fork_asm+0x1a/0x30 [ 12.854758] </TASK> [ 12.854769] [ 12.865183] Allocated by task 232: [ 12.865324] kasan_save_stack+0x45/0x70 [ 12.866073] kasan_save_track+0x18/0x40 [ 12.866260] kasan_save_alloc_info+0x3b/0x50 [ 12.866412] __kasan_slab_alloc+0x91/0xa0 [ 12.866751] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.866979] __kmem_cache_create_args+0x169/0x240 [ 12.867215] kmem_cache_double_destroy+0xd5/0x380 [ 12.867435] kunit_try_run_case+0x1a5/0x480 [ 12.868001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868244] kthread+0x337/0x6f0 [ 12.868685] ret_from_fork+0x116/0x1d0 [ 12.868847] ret_from_fork_asm+0x1a/0x30 [ 12.869067] [ 12.869164] Freed by task 232: [ 12.869322] kasan_save_stack+0x45/0x70 [ 12.869480] kasan_save_track+0x18/0x40 [ 12.869668] kasan_save_free_info+0x3f/0x60 [ 12.869868] __kasan_slab_free+0x56/0x70 [ 12.870080] kmem_cache_free+0x249/0x420 [ 12.870230] slab_kmem_cache_release+0x2e/0x40 [ 12.871045] kmem_cache_release+0x16/0x20 [ 12.871550] kobject_put+0x181/0x450 [ 12.871687] sysfs_slab_release+0x16/0x20 [ 12.871828] kmem_cache_destroy+0xf0/0x1d0 [ 12.871970] kmem_cache_double_destroy+0x14e/0x380 [ 12.872549] kunit_try_run_case+0x1a5/0x480 [ 12.872859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.873289] kthread+0x337/0x6f0 [ 12.873711] ret_from_fork+0x116/0x1d0 [ 12.874067] ret_from_fork_asm+0x1a/0x30 [ 12.874214] [ 12.874292] The buggy address belongs to the object at ffff888101da2dc0 [ 12.874292] which belongs to the cache kmem_cache of size 208 [ 12.875664] The buggy address is located 0 bytes inside of [ 12.875664] freed 208-byte region [ffff888101da2dc0, ffff888101da2e90) [ 12.876611] [ 12.876694] The buggy address belongs to the physical page: [ 12.876870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101da2 [ 12.877135] flags: 0x200000000000000(node=0|zone=2) [ 12.877300] page_type: f5(slab) [ 12.877712] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.878570] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.879258] page dumped because: kasan: bad access detected [ 12.879943] [ 12.880117] Memory state around the buggy address: [ 12.880666] ffff888101da2c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.881236] ffff888101da2d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.881774] >ffff888101da2d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.882221] ^ [ 12.882530] ffff888101da2e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.883506] ffff888101da2e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.884109] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.796668] ================================================================== [ 12.797181] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.797487] Read of size 1 at addr ffff888102fdc000 by task kunit_try_catch/230 [ 12.797897] [ 12.798041] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.798186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.798199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.798222] Call Trace: [ 12.798234] <TASK> [ 12.798251] dump_stack_lvl+0x73/0xb0 [ 12.798283] print_report+0xd1/0x610 [ 12.798304] ? __virt_addr_valid+0x1db/0x2d0 [ 12.798327] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.798350] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.798425] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.798450] kasan_report+0x141/0x180 [ 12.798471] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.798498] __asan_report_load1_noabort+0x18/0x20 [ 12.798521] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.798543] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.798565] ? finish_task_switch.isra.0+0x153/0x700 [ 12.798611] ? __switch_to+0x47/0xf50 [ 12.798640] ? __pfx_read_tsc+0x10/0x10 [ 12.798660] ? ktime_get_ts64+0x86/0x230 [ 12.798684] kunit_try_run_case+0x1a5/0x480 [ 12.798709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.798730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.798772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.798795] ? __kthread_parkme+0x82/0x180 [ 12.798816] ? preempt_count_sub+0x50/0x80 [ 12.798838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.798861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.798882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.798905] kthread+0x337/0x6f0 [ 12.798924] ? trace_preempt_on+0x20/0xc0 [ 12.798946] ? __pfx_kthread+0x10/0x10 [ 12.798965] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.798986] ? calculate_sigpending+0x7b/0xa0 [ 12.799021] ? __pfx_kthread+0x10/0x10 [ 12.799041] ret_from_fork+0x116/0x1d0 [ 12.799059] ? __pfx_kthread+0x10/0x10 [ 12.799078] ret_from_fork_asm+0x1a/0x30 [ 12.799109] </TASK> [ 12.799119] [ 12.809771] Allocated by task 230: [ 12.809958] kasan_save_stack+0x45/0x70 [ 12.810187] kasan_save_track+0x18/0x40 [ 12.810556] kasan_save_alloc_info+0x3b/0x50 [ 12.810904] __kasan_slab_alloc+0x91/0xa0 [ 12.811142] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.811464] kmem_cache_rcu_uaf+0x155/0x510 [ 12.811771] kunit_try_run_case+0x1a5/0x480 [ 12.811979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.812215] kthread+0x337/0x6f0 [ 12.812367] ret_from_fork+0x116/0x1d0 [ 12.812554] ret_from_fork_asm+0x1a/0x30 [ 12.812836] [ 12.812907] Freed by task 0: [ 12.813054] kasan_save_stack+0x45/0x70 [ 12.813583] kasan_save_track+0x18/0x40 [ 12.813720] kasan_save_free_info+0x3f/0x60 [ 12.814315] __kasan_slab_free+0x56/0x70 [ 12.814934] slab_free_after_rcu_debug+0xe4/0x310 [ 12.815188] rcu_core+0x66f/0x1c40 [ 12.815357] rcu_core_si+0x12/0x20 [ 12.815764] handle_softirqs+0x209/0x730 [ 12.816139] __irq_exit_rcu+0xc9/0x110 [ 12.816334] irq_exit_rcu+0x12/0x20 [ 12.816704] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.816926] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.817159] [ 12.817248] Last potentially related work creation: [ 12.817818] kasan_save_stack+0x45/0x70 [ 12.818351] kasan_record_aux_stack+0xb2/0xc0 [ 12.818671] kmem_cache_free+0x131/0x420 [ 12.818849] kmem_cache_rcu_uaf+0x194/0x510 [ 12.819049] kunit_try_run_case+0x1a5/0x480 [ 12.819243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.819968] kthread+0x337/0x6f0 [ 12.820295] ret_from_fork+0x116/0x1d0 [ 12.820856] ret_from_fork_asm+0x1a/0x30 [ 12.821062] [ 12.821155] The buggy address belongs to the object at ffff888102fdc000 [ 12.821155] which belongs to the cache test_cache of size 200 [ 12.822350] The buggy address is located 0 bytes inside of [ 12.822350] freed 200-byte region [ffff888102fdc000, ffff888102fdc0c8) [ 12.823562] [ 12.823806] The buggy address belongs to the physical page: [ 12.824064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fdc [ 12.824619] flags: 0x200000000000000(node=0|zone=2) [ 12.824899] page_type: f5(slab) [ 12.825222] raw: 0200000000000000 ffff888102fd9000 dead000000000122 0000000000000000 [ 12.825733] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.826046] page dumped because: kasan: bad access detected [ 12.826279] [ 12.826364] Memory state around the buggy address: [ 12.826988] ffff888102fdbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.827479] ffff888102fdbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828056] >ffff888102fdc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.828719] ^ [ 12.829048] ffff888102fdc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.829352] ffff888102fdc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.734983] ================================================================== [ 12.735404] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.736098] Free of addr ffff8881027ef001 by task kunit_try_catch/228 [ 12.736856] [ 12.737056] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.737100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.737110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.737131] Call Trace: [ 12.737142] <TASK> [ 12.737158] dump_stack_lvl+0x73/0xb0 [ 12.737190] print_report+0xd1/0x610 [ 12.737211] ? __virt_addr_valid+0x1db/0x2d0 [ 12.737235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.737255] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.737279] kasan_report_invalid_free+0x10a/0x130 [ 12.737301] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.737326] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.737349] check_slab_allocation+0x11f/0x130 [ 12.737369] __kasan_slab_pre_free+0x28/0x40 [ 12.737388] kmem_cache_free+0xed/0x420 [ 12.737406] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.737425] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.737451] kmem_cache_invalid_free+0x1d8/0x460 [ 12.737473] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.737515] ? finish_task_switch.isra.0+0x153/0x700 [ 12.737537] ? __switch_to+0x47/0xf50 [ 12.737571] ? __pfx_read_tsc+0x10/0x10 [ 12.737591] ? ktime_get_ts64+0x86/0x230 [ 12.737614] kunit_try_run_case+0x1a5/0x480 [ 12.737638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.737681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.737703] ? __kthread_parkme+0x82/0x180 [ 12.737723] ? preempt_count_sub+0x50/0x80 [ 12.737744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.737810] kthread+0x337/0x6f0 [ 12.737828] ? trace_preempt_on+0x20/0xc0 [ 12.737850] ? __pfx_kthread+0x10/0x10 [ 12.737869] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.737889] ? calculate_sigpending+0x7b/0xa0 [ 12.737911] ? __pfx_kthread+0x10/0x10 [ 12.737931] ret_from_fork+0x116/0x1d0 [ 12.737948] ? __pfx_kthread+0x10/0x10 [ 12.737967] ret_from_fork_asm+0x1a/0x30 [ 12.737996] </TASK> [ 12.738015] [ 12.751519] Allocated by task 228: [ 12.751681] kasan_save_stack+0x45/0x70 [ 12.752151] kasan_save_track+0x18/0x40 [ 12.752356] kasan_save_alloc_info+0x3b/0x50 [ 12.752791] __kasan_slab_alloc+0x91/0xa0 [ 12.753032] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.753186] kmem_cache_invalid_free+0x157/0x460 [ 12.753340] kunit_try_run_case+0x1a5/0x480 [ 12.753833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.754424] kthread+0x337/0x6f0 [ 12.754745] ret_from_fork+0x116/0x1d0 [ 12.755100] ret_from_fork_asm+0x1a/0x30 [ 12.755464] [ 12.755628] The buggy address belongs to the object at ffff8881027ef000 [ 12.755628] which belongs to the cache test_cache of size 200 [ 12.756351] The buggy address is located 1 bytes inside of [ 12.756351] 200-byte region [ffff8881027ef000, ffff8881027ef0c8) [ 12.757533] [ 12.757704] The buggy address belongs to the physical page: [ 12.758114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ef [ 12.758923] flags: 0x200000000000000(node=0|zone=2) [ 12.759227] page_type: f5(slab) [ 12.759349] raw: 0200000000000000 ffff888101da2c80 dead000000000122 0000000000000000 [ 12.760070] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.760730] page dumped because: kasan: bad access detected [ 12.760901] [ 12.760977] Memory state around the buggy address: [ 12.761143] ffff8881027eef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.762131] ffff8881027eef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.762950] >ffff8881027ef000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.763794] ^ [ 12.764154] ffff8881027ef080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.764815] ffff8881027ef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.765562] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.699610] ================================================================== [ 12.700998] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.702370] Free of addr ffff888102fd9000 by task kunit_try_catch/226 [ 12.702770] [ 12.702876] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.702920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.702931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.702953] Call Trace: [ 12.702965] <TASK> [ 12.702981] dump_stack_lvl+0x73/0xb0 [ 12.703023] print_report+0xd1/0x610 [ 12.703045] ? __virt_addr_valid+0x1db/0x2d0 [ 12.703067] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.703088] ? kmem_cache_double_free+0x1e5/0x480 [ 12.703112] kasan_report_invalid_free+0x10a/0x130 [ 12.703134] ? kmem_cache_double_free+0x1e5/0x480 [ 12.703159] ? kmem_cache_double_free+0x1e5/0x480 [ 12.703182] check_slab_allocation+0x101/0x130 [ 12.703202] __kasan_slab_pre_free+0x28/0x40 [ 12.703221] kmem_cache_free+0xed/0x420 [ 12.703240] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.703259] ? kmem_cache_double_free+0x1e5/0x480 [ 12.703285] kmem_cache_double_free+0x1e5/0x480 [ 12.703308] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.703330] ? finish_task_switch.isra.0+0x153/0x700 [ 12.703351] ? __switch_to+0x47/0xf50 [ 12.703446] ? __pfx_read_tsc+0x10/0x10 [ 12.703468] ? ktime_get_ts64+0x86/0x230 [ 12.703492] kunit_try_run_case+0x1a5/0x480 [ 12.703517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.703561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.703583] ? __kthread_parkme+0x82/0x180 [ 12.703603] ? preempt_count_sub+0x50/0x80 [ 12.703624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.703669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.703691] kthread+0x337/0x6f0 [ 12.703709] ? trace_preempt_on+0x20/0xc0 [ 12.703730] ? __pfx_kthread+0x10/0x10 [ 12.703750] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.703769] ? calculate_sigpending+0x7b/0xa0 [ 12.703793] ? __pfx_kthread+0x10/0x10 [ 12.703813] ret_from_fork+0x116/0x1d0 [ 12.703831] ? __pfx_kthread+0x10/0x10 [ 12.703850] ret_from_fork_asm+0x1a/0x30 [ 12.703880] </TASK> [ 12.703891] [ 12.713821] Allocated by task 226: [ 12.714024] kasan_save_stack+0x45/0x70 [ 12.714215] kasan_save_track+0x18/0x40 [ 12.714378] kasan_save_alloc_info+0x3b/0x50 [ 12.715132] __kasan_slab_alloc+0x91/0xa0 [ 12.715319] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.715714] kmem_cache_double_free+0x14f/0x480 [ 12.716114] kunit_try_run_case+0x1a5/0x480 [ 12.716305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.716794] kthread+0x337/0x6f0 [ 12.717046] ret_from_fork+0x116/0x1d0 [ 12.717242] ret_from_fork_asm+0x1a/0x30 [ 12.717617] [ 12.717711] Freed by task 226: [ 12.718122] kasan_save_stack+0x45/0x70 [ 12.718538] kasan_save_track+0x18/0x40 [ 12.718734] kasan_save_free_info+0x3f/0x60 [ 12.718890] __kasan_slab_free+0x56/0x70 [ 12.719173] kmem_cache_free+0x249/0x420 [ 12.719376] kmem_cache_double_free+0x16a/0x480 [ 12.719822] kunit_try_run_case+0x1a5/0x480 [ 12.720040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.720280] kthread+0x337/0x6f0 [ 12.720473] ret_from_fork+0x116/0x1d0 [ 12.720900] ret_from_fork_asm+0x1a/0x30 [ 12.721189] [ 12.721292] The buggy address belongs to the object at ffff888102fd9000 [ 12.721292] which belongs to the cache test_cache of size 200 [ 12.722099] The buggy address is located 0 bytes inside of [ 12.722099] 200-byte region [ffff888102fd9000, ffff888102fd90c8) [ 12.722712] [ 12.722799] The buggy address belongs to the physical page: [ 12.723033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd9 [ 12.723381] flags: 0x200000000000000(node=0|zone=2) [ 12.723946] page_type: f5(slab) [ 12.724092] raw: 0200000000000000 ffff888101060dc0 dead000000000122 0000000000000000 [ 12.724903] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.725264] page dumped because: kasan: bad access detected [ 12.725854] [ 12.725954] Memory state around the buggy address: [ 12.726143] ffff888102fd8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.726672] ffff888102fd8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.726963] >ffff888102fd9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.727278] ^ [ 12.727438] ffff888102fd9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.727719] ffff888102fd9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.728028] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.664814] ================================================================== [ 12.665311] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.665618] Read of size 1 at addr ffff8881027ed0c8 by task kunit_try_catch/224 [ 12.666094] [ 12.666214] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.666257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.666268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.666288] Call Trace: [ 12.666300] <TASK> [ 12.666315] dump_stack_lvl+0x73/0xb0 [ 12.666345] print_report+0xd1/0x610 [ 12.666366] ? __virt_addr_valid+0x1db/0x2d0 [ 12.666388] ? kmem_cache_oob+0x402/0x530 [ 12.666633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.666655] ? kmem_cache_oob+0x402/0x530 [ 12.666677] kasan_report+0x141/0x180 [ 12.666698] ? kmem_cache_oob+0x402/0x530 [ 12.666723] __asan_report_load1_noabort+0x18/0x20 [ 12.666746] kmem_cache_oob+0x402/0x530 [ 12.666766] ? trace_hardirqs_on+0x37/0xe0 [ 12.666789] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.666810] ? finish_task_switch.isra.0+0x153/0x700 [ 12.666832] ? __switch_to+0x47/0xf50 [ 12.666859] ? __pfx_read_tsc+0x10/0x10 [ 12.666879] ? ktime_get_ts64+0x86/0x230 [ 12.666902] kunit_try_run_case+0x1a5/0x480 [ 12.666926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.666947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.666970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.666992] ? __kthread_parkme+0x82/0x180 [ 12.667026] ? preempt_count_sub+0x50/0x80 [ 12.667048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.667071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.667092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.667114] kthread+0x337/0x6f0 [ 12.667133] ? trace_preempt_on+0x20/0xc0 [ 12.667153] ? __pfx_kthread+0x10/0x10 [ 12.667172] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.667192] ? calculate_sigpending+0x7b/0xa0 [ 12.667215] ? __pfx_kthread+0x10/0x10 [ 12.667235] ret_from_fork+0x116/0x1d0 [ 12.667253] ? __pfx_kthread+0x10/0x10 [ 12.667272] ret_from_fork_asm+0x1a/0x30 [ 12.667301] </TASK> [ 12.667311] [ 12.674722] Allocated by task 224: [ 12.674896] kasan_save_stack+0x45/0x70 [ 12.675067] kasan_save_track+0x18/0x40 [ 12.675262] kasan_save_alloc_info+0x3b/0x50 [ 12.675492] __kasan_slab_alloc+0x91/0xa0 [ 12.675681] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.675837] kmem_cache_oob+0x157/0x530 [ 12.675974] kunit_try_run_case+0x1a5/0x480 [ 12.676191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.676572] kthread+0x337/0x6f0 [ 12.676743] ret_from_fork+0x116/0x1d0 [ 12.676927] ret_from_fork_asm+0x1a/0x30 [ 12.677125] [ 12.677195] The buggy address belongs to the object at ffff8881027ed000 [ 12.677195] which belongs to the cache test_cache of size 200 [ 12.677916] The buggy address is located 0 bytes to the right of [ 12.677916] allocated 200-byte region [ffff8881027ed000, ffff8881027ed0c8) [ 12.678630] [ 12.678719] The buggy address belongs to the physical page: [ 12.678942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027ed [ 12.679265] flags: 0x200000000000000(node=0|zone=2) [ 12.679558] page_type: f5(slab) [ 12.679718] raw: 0200000000000000 ffff888101da2b40 dead000000000122 0000000000000000 [ 12.680032] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.680331] page dumped because: kasan: bad access detected [ 12.680570] [ 12.680665] Memory state around the buggy address: [ 12.680874] ffff8881027ecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681127] ffff8881027ed000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681344] >ffff8881027ed080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.681655] ^ [ 12.681911] ffff8881027ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682235] ffff8881027ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.617853] ================================================================== [ 12.618410] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.619178] Read of size 8 at addr ffff888102fd53c0 by task kunit_try_catch/217 [ 12.619931] [ 12.620172] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.620237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.620248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.620268] Call Trace: [ 12.620281] <TASK> [ 12.620296] dump_stack_lvl+0x73/0xb0 [ 12.620326] print_report+0xd1/0x610 [ 12.620435] ? __virt_addr_valid+0x1db/0x2d0 [ 12.620462] ? workqueue_uaf+0x4d6/0x560 [ 12.620483] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.620516] ? workqueue_uaf+0x4d6/0x560 [ 12.620536] kasan_report+0x141/0x180 [ 12.620559] ? workqueue_uaf+0x4d6/0x560 [ 12.620585] __asan_report_load8_noabort+0x18/0x20 [ 12.620609] workqueue_uaf+0x4d6/0x560 [ 12.620630] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.620651] ? __schedule+0x10cc/0x2b60 [ 12.620674] ? __pfx_read_tsc+0x10/0x10 [ 12.620694] ? ktime_get_ts64+0x86/0x230 [ 12.620718] kunit_try_run_case+0x1a5/0x480 [ 12.620743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.620764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.620787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.620809] ? __kthread_parkme+0x82/0x180 [ 12.620829] ? preempt_count_sub+0x50/0x80 [ 12.620852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.620874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.620896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.620918] kthread+0x337/0x6f0 [ 12.620937] ? trace_preempt_on+0x20/0xc0 [ 12.620959] ? __pfx_kthread+0x10/0x10 [ 12.620984] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.621013] ? calculate_sigpending+0x7b/0xa0 [ 12.621036] ? __pfx_kthread+0x10/0x10 [ 12.621057] ret_from_fork+0x116/0x1d0 [ 12.621074] ? __pfx_kthread+0x10/0x10 [ 12.621094] ret_from_fork_asm+0x1a/0x30 [ 12.621124] </TASK> [ 12.621134] [ 12.632312] Allocated by task 217: [ 12.632744] kasan_save_stack+0x45/0x70 [ 12.632939] kasan_save_track+0x18/0x40 [ 12.633087] kasan_save_alloc_info+0x3b/0x50 [ 12.633231] __kasan_kmalloc+0xb7/0xc0 [ 12.633365] __kmalloc_cache_noprof+0x189/0x420 [ 12.633515] workqueue_uaf+0x152/0x560 [ 12.633643] kunit_try_run_case+0x1a5/0x480 [ 12.633783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.633950] kthread+0x337/0x6f0 [ 12.634075] ret_from_fork+0x116/0x1d0 [ 12.634201] ret_from_fork_asm+0x1a/0x30 [ 12.634335] [ 12.634402] Freed by task 9: [ 12.634504] kasan_save_stack+0x45/0x70 [ 12.634633] kasan_save_track+0x18/0x40 [ 12.634761] kasan_save_free_info+0x3f/0x60 [ 12.634899] __kasan_slab_free+0x56/0x70 [ 12.635200] kfree+0x222/0x3f0 [ 12.635928] workqueue_uaf_work+0x12/0x20 [ 12.636290] process_one_work+0x5ee/0xf60 [ 12.636698] worker_thread+0x758/0x1220 [ 12.637056] kthread+0x337/0x6f0 [ 12.637365] ret_from_fork+0x116/0x1d0 [ 12.637873] ret_from_fork_asm+0x1a/0x30 [ 12.638287] [ 12.638577] Last potentially related work creation: [ 12.639128] kasan_save_stack+0x45/0x70 [ 12.639618] kasan_record_aux_stack+0xb2/0xc0 [ 12.640080] __queue_work+0x626/0xeb0 [ 12.640488] queue_work_on+0xb6/0xc0 [ 12.640912] workqueue_uaf+0x26d/0x560 [ 12.641365] kunit_try_run_case+0x1a5/0x480 [ 12.641831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.642418] kthread+0x337/0x6f0 [ 12.642787] ret_from_fork+0x116/0x1d0 [ 12.643177] ret_from_fork_asm+0x1a/0x30 [ 12.643628] [ 12.643841] The buggy address belongs to the object at ffff888102fd53c0 [ 12.643841] which belongs to the cache kmalloc-32 of size 32 [ 12.645220] The buggy address is located 0 bytes inside of [ 12.645220] freed 32-byte region [ffff888102fd53c0, ffff888102fd53e0) [ 12.646530] [ 12.646747] The buggy address belongs to the physical page: [ 12.647292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd5 [ 12.648187] flags: 0x200000000000000(node=0|zone=2) [ 12.648724] page_type: f5(slab) [ 12.648855] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.649097] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.649313] page dumped because: kasan: bad access detected [ 12.649886] [ 12.650095] Memory state around the buggy address: [ 12.650969] ffff888102fd5280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.651959] ffff888102fd5300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.652575] >ffff888102fd5380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.653401] ^ [ 12.653646] ffff888102fd5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653866] ffff888102fd5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.654094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.579521] ================================================================== [ 12.579984] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.580306] Read of size 4 at addr ffff8881027e49c0 by task swapper/1/0 [ 12.580570] [ 12.580682] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.580724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.580735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.580756] Call Trace: [ 12.580781] <IRQ> [ 12.580796] dump_stack_lvl+0x73/0xb0 [ 12.580826] print_report+0xd1/0x610 [ 12.580847] ? __virt_addr_valid+0x1db/0x2d0 [ 12.580869] ? rcu_uaf_reclaim+0x50/0x60 [ 12.580887] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.580908] ? rcu_uaf_reclaim+0x50/0x60 [ 12.580927] kasan_report+0x141/0x180 [ 12.580947] ? rcu_uaf_reclaim+0x50/0x60 [ 12.580977] __asan_report_load4_noabort+0x18/0x20 [ 12.580999] rcu_uaf_reclaim+0x50/0x60 [ 12.581055] rcu_core+0x66f/0x1c40 [ 12.581083] ? __pfx_rcu_core+0x10/0x10 [ 12.581104] ? ktime_get+0x6b/0x150 [ 12.581125] ? handle_softirqs+0x18e/0x730 [ 12.581150] rcu_core_si+0x12/0x20 [ 12.581169] handle_softirqs+0x209/0x730 [ 12.581187] ? hrtimer_interrupt+0x2fe/0x780 [ 12.581208] ? __pfx_handle_softirqs+0x10/0x10 [ 12.581235] __irq_exit_rcu+0xc9/0x110 [ 12.581275] irq_exit_rcu+0x12/0x20 [ 12.581294] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.581317] </IRQ> [ 12.581343] <TASK> [ 12.581390] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.581482] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.581722] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 52 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.581803] RSP: 0000:ffff888100877dc8 EFLAGS: 00010216 [ 12.581896] RAX: ffff8881c2d72000 RBX: ffff888100853000 RCX: ffffffff95e77125 [ 12.581941] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000001073c [ 12.581984] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.582042] R10: ffff88815b130c53 R11: ffffffff983c36c0 R12: 0000000000000001 [ 12.582085] R13: ffffed102010a600 R14: ffffffff97bb1a90 R15: 0000000000000000 [ 12.582145] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.582198] ? default_idle+0xd/0x20 [ 12.582217] arch_cpu_idle+0xd/0x20 [ 12.582234] default_idle_call+0x48/0x80 [ 12.582252] do_idle+0x379/0x4f0 [ 12.582273] ? complete+0x15b/0x1d0 [ 12.582290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.582315] ? __pfx_do_idle+0x10/0x10 [ 12.582335] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 12.582365] ? complete+0x15b/0x1d0 [ 12.582403] cpu_startup_entry+0x5c/0x70 [ 12.582422] start_secondary+0x211/0x290 [ 12.582443] ? __pfx_start_secondary+0x10/0x10 [ 12.582468] common_startup_64+0x13e/0x148 [ 12.582500] </TASK> [ 12.582510] [ 12.594674] Allocated by task 215: [ 12.595081] kasan_save_stack+0x45/0x70 [ 12.595287] kasan_save_track+0x18/0x40 [ 12.595629] kasan_save_alloc_info+0x3b/0x50 [ 12.595798] __kasan_kmalloc+0xb7/0xc0 [ 12.595996] __kmalloc_cache_noprof+0x189/0x420 [ 12.596189] rcu_uaf+0xb0/0x330 [ 12.596353] kunit_try_run_case+0x1a5/0x480 [ 12.596905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.597237] kthread+0x337/0x6f0 [ 12.597376] ret_from_fork+0x116/0x1d0 [ 12.597710] ret_from_fork_asm+0x1a/0x30 [ 12.598234] [ 12.598317] Freed by task 0: [ 12.598449] kasan_save_stack+0x45/0x70 [ 12.598993] kasan_save_track+0x18/0x40 [ 12.599169] kasan_save_free_info+0x3f/0x60 [ 12.599448] __kasan_slab_free+0x56/0x70 [ 12.599644] kfree+0x222/0x3f0 [ 12.599781] rcu_uaf_reclaim+0x1f/0x60 [ 12.599971] rcu_core+0x66f/0x1c40 [ 12.600136] rcu_core_si+0x12/0x20 [ 12.600300] handle_softirqs+0x209/0x730 [ 12.600479] __irq_exit_rcu+0xc9/0x110 [ 12.601103] irq_exit_rcu+0x12/0x20 [ 12.601236] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.601605] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.601995] [ 12.602133] Last potentially related work creation: [ 12.602693] kasan_save_stack+0x45/0x70 [ 12.602910] kasan_record_aux_stack+0xb2/0xc0 [ 12.603268] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.603541] call_rcu+0x12/0x20 [ 12.603705] rcu_uaf+0x168/0x330 [ 12.603875] kunit_try_run_case+0x1a5/0x480 [ 12.604090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604289] kthread+0x337/0x6f0 [ 12.604469] ret_from_fork+0x116/0x1d0 [ 12.605022] ret_from_fork_asm+0x1a/0x30 [ 12.605227] [ 12.605412] The buggy address belongs to the object at ffff8881027e49c0 [ 12.605412] which belongs to the cache kmalloc-32 of size 32 [ 12.606033] The buggy address is located 0 bytes inside of [ 12.606033] freed 32-byte region [ffff8881027e49c0, ffff8881027e49e0) [ 12.606821] [ 12.606998] The buggy address belongs to the physical page: [ 12.607219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 12.607921] flags: 0x200000000000000(node=0|zone=2) [ 12.608124] page_type: f5(slab) [ 12.608290] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.608944] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.609287] page dumped because: kasan: bad access detected [ 12.609661] [ 12.609757] Memory state around the buggy address: [ 12.609958] ffff8881027e4880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.610276] ffff8881027e4900: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.610834] >ffff8881027e4980: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.611146] ^ [ 12.611339] ffff8881027e4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611940] ffff8881027e4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.612246] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.544647] ================================================================== [ 12.544994] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.545312] Read of size 1 at addr ffff888102fd1378 by task kunit_try_catch/213 [ 12.545706] [ 12.545814] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.545854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.545864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.545883] Call Trace: [ 12.545893] <TASK> [ 12.545906] dump_stack_lvl+0x73/0xb0 [ 12.545931] print_report+0xd1/0x610 [ 12.545951] ? __virt_addr_valid+0x1db/0x2d0 [ 12.545971] ? ksize_uaf+0x5e4/0x6c0 [ 12.545990] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.546022] ? ksize_uaf+0x5e4/0x6c0 [ 12.546042] kasan_report+0x141/0x180 [ 12.546062] ? ksize_uaf+0x5e4/0x6c0 [ 12.546086] __asan_report_load1_noabort+0x18/0x20 [ 12.546109] ksize_uaf+0x5e4/0x6c0 [ 12.546128] ? __pfx_ksize_uaf+0x10/0x10 [ 12.546148] ? __schedule+0x10cc/0x2b60 [ 12.546170] ? __pfx_read_tsc+0x10/0x10 [ 12.546189] ? ktime_get_ts64+0x86/0x230 [ 12.546212] kunit_try_run_case+0x1a5/0x480 [ 12.546234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.546255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.546277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.546299] ? __kthread_parkme+0x82/0x180 [ 12.546317] ? preempt_count_sub+0x50/0x80 [ 12.546339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.546361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.546401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.546423] kthread+0x337/0x6f0 [ 12.546441] ? trace_preempt_on+0x20/0xc0 [ 12.546462] ? __pfx_kthread+0x10/0x10 [ 12.546481] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.546501] ? calculate_sigpending+0x7b/0xa0 [ 12.546523] ? __pfx_kthread+0x10/0x10 [ 12.546543] ret_from_fork+0x116/0x1d0 [ 12.546560] ? __pfx_kthread+0x10/0x10 [ 12.546579] ret_from_fork_asm+0x1a/0x30 [ 12.546607] </TASK> [ 12.546616] [ 12.553468] Allocated by task 213: [ 12.553788] kasan_save_stack+0x45/0x70 [ 12.553988] kasan_save_track+0x18/0x40 [ 12.554157] kasan_save_alloc_info+0x3b/0x50 [ 12.554303] __kasan_kmalloc+0xb7/0xc0 [ 12.554697] __kmalloc_cache_noprof+0x189/0x420 [ 12.554933] ksize_uaf+0xaa/0x6c0 [ 12.555121] kunit_try_run_case+0x1a5/0x480 [ 12.555304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.555564] kthread+0x337/0x6f0 [ 12.555688] ret_from_fork+0x116/0x1d0 [ 12.555827] ret_from_fork_asm+0x1a/0x30 [ 12.555966] [ 12.556052] Freed by task 213: [ 12.556162] kasan_save_stack+0x45/0x70 [ 12.556296] kasan_save_track+0x18/0x40 [ 12.556428] kasan_save_free_info+0x3f/0x60 [ 12.556591] __kasan_slab_free+0x56/0x70 [ 12.556785] kfree+0x222/0x3f0 [ 12.556964] ksize_uaf+0x12c/0x6c0 [ 12.557157] kunit_try_run_case+0x1a5/0x480 [ 12.557362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.557783] kthread+0x337/0x6f0 [ 12.558291] ret_from_fork+0x116/0x1d0 [ 12.558542] ret_from_fork_asm+0x1a/0x30 [ 12.558721] [ 12.558792] The buggy address belongs to the object at ffff888102fd1300 [ 12.558792] which belongs to the cache kmalloc-128 of size 128 [ 12.559161] The buggy address is located 120 bytes inside of [ 12.559161] freed 128-byte region [ffff888102fd1300, ffff888102fd1380) [ 12.560170] [ 12.560280] The buggy address belongs to the physical page: [ 12.560721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.561058] flags: 0x200000000000000(node=0|zone=2) [ 12.561282] page_type: f5(slab) [ 12.561660] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.561960] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.562283] page dumped because: kasan: bad access detected [ 12.562577] [ 12.562671] Memory state around the buggy address: [ 12.562881] ffff888102fd1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.563166] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.563535] >ffff888102fd1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.563808] ^ [ 12.564102] ffff888102fd1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.564458] ffff888102fd1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.564712] ================================================================== [ 12.497982] ================================================================== [ 12.499724] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.500326] Read of size 1 at addr ffff888102fd1300 by task kunit_try_catch/213 [ 12.500727] [ 12.500825] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.500868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.500879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.500899] Call Trace: [ 12.500910] <TASK> [ 12.500924] dump_stack_lvl+0x73/0xb0 [ 12.500954] print_report+0xd1/0x610 [ 12.500978] ? __virt_addr_valid+0x1db/0x2d0 [ 12.500999] ? ksize_uaf+0x19d/0x6c0 [ 12.501032] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.501052] ? ksize_uaf+0x19d/0x6c0 [ 12.501072] kasan_report+0x141/0x180 [ 12.501092] ? ksize_uaf+0x19d/0x6c0 [ 12.501114] ? ksize_uaf+0x19d/0x6c0 [ 12.501134] __kasan_check_byte+0x3d/0x50 [ 12.501154] ksize+0x20/0x60 [ 12.501173] ksize_uaf+0x19d/0x6c0 [ 12.501192] ? __pfx_ksize_uaf+0x10/0x10 [ 12.501213] ? __schedule+0x10cc/0x2b60 [ 12.501234] ? __pfx_read_tsc+0x10/0x10 [ 12.501256] ? ktime_get_ts64+0x86/0x230 [ 12.501279] kunit_try_run_case+0x1a5/0x480 [ 12.501301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.501322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.501347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.501415] ? __kthread_parkme+0x82/0x180 [ 12.501437] ? preempt_count_sub+0x50/0x80 [ 12.501459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.501481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.501503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.501525] kthread+0x337/0x6f0 [ 12.501542] ? trace_preempt_on+0x20/0xc0 [ 12.501563] ? __pfx_kthread+0x10/0x10 [ 12.501582] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.501602] ? calculate_sigpending+0x7b/0xa0 [ 12.501624] ? __pfx_kthread+0x10/0x10 [ 12.501644] ret_from_fork+0x116/0x1d0 [ 12.501662] ? __pfx_kthread+0x10/0x10 [ 12.501682] ret_from_fork_asm+0x1a/0x30 [ 12.501710] </TASK> [ 12.501720] [ 12.510035] Allocated by task 213: [ 12.510214] kasan_save_stack+0x45/0x70 [ 12.510445] kasan_save_track+0x18/0x40 [ 12.510610] kasan_save_alloc_info+0x3b/0x50 [ 12.510754] __kasan_kmalloc+0xb7/0xc0 [ 12.510879] __kmalloc_cache_noprof+0x189/0x420 [ 12.511093] ksize_uaf+0xaa/0x6c0 [ 12.511265] kunit_try_run_case+0x1a5/0x480 [ 12.511652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.511909] kthread+0x337/0x6f0 [ 12.512217] ret_from_fork+0x116/0x1d0 [ 12.512910] ret_from_fork_asm+0x1a/0x30 [ 12.513127] [ 12.513219] Freed by task 213: [ 12.513368] kasan_save_stack+0x45/0x70 [ 12.514696] kasan_save_track+0x18/0x40 [ 12.514849] kasan_save_free_info+0x3f/0x60 [ 12.514995] __kasan_slab_free+0x56/0x70 [ 12.515164] kfree+0x222/0x3f0 [ 12.515343] ksize_uaf+0x12c/0x6c0 [ 12.515684] kunit_try_run_case+0x1a5/0x480 [ 12.516119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.516364] kthread+0x337/0x6f0 [ 12.516674] ret_from_fork+0x116/0x1d0 [ 12.517209] ret_from_fork_asm+0x1a/0x30 [ 12.517687] [ 12.517851] The buggy address belongs to the object at ffff888102fd1300 [ 12.517851] which belongs to the cache kmalloc-128 of size 128 [ 12.518228] The buggy address is located 0 bytes inside of [ 12.518228] freed 128-byte region [ffff888102fd1300, ffff888102fd1380) [ 12.518592] [ 12.518695] The buggy address belongs to the physical page: [ 12.518946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.519239] flags: 0x200000000000000(node=0|zone=2) [ 12.519593] page_type: f5(slab) [ 12.519762] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.520058] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.520363] page dumped because: kasan: bad access detected [ 12.520733] [ 12.520805] Memory state around the buggy address: [ 12.520989] ffff888102fd1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.521330] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521566] >ffff888102fd1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.521957] ^ [ 12.522135] ffff888102fd1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522460] ffff888102fd1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522730] ================================================================== [ 12.523286] ================================================================== [ 12.523627] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.523907] Read of size 1 at addr ffff888102fd1300 by task kunit_try_catch/213 [ 12.524222] [ 12.524305] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.524345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.524355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.524375] Call Trace: [ 12.524389] <TASK> [ 12.524402] dump_stack_lvl+0x73/0xb0 [ 12.524428] print_report+0xd1/0x610 [ 12.524448] ? __virt_addr_valid+0x1db/0x2d0 [ 12.524469] ? ksize_uaf+0x5fe/0x6c0 [ 12.524488] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.524508] ? ksize_uaf+0x5fe/0x6c0 [ 12.524528] kasan_report+0x141/0x180 [ 12.524548] ? ksize_uaf+0x5fe/0x6c0 [ 12.524572] __asan_report_load1_noabort+0x18/0x20 [ 12.524594] ksize_uaf+0x5fe/0x6c0 [ 12.524613] ? __pfx_ksize_uaf+0x10/0x10 [ 12.524634] ? __schedule+0x10cc/0x2b60 [ 12.524655] ? __pfx_read_tsc+0x10/0x10 [ 12.524674] ? ktime_get_ts64+0x86/0x230 [ 12.524697] kunit_try_run_case+0x1a5/0x480 [ 12.524720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.524741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.524762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.524784] ? __kthread_parkme+0x82/0x180 [ 12.524804] ? preempt_count_sub+0x50/0x80 [ 12.524826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.524848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.524870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.524892] kthread+0x337/0x6f0 [ 12.524910] ? trace_preempt_on+0x20/0xc0 [ 12.524931] ? __pfx_kthread+0x10/0x10 [ 12.524950] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.524974] ? calculate_sigpending+0x7b/0xa0 [ 12.524996] ? __pfx_kthread+0x10/0x10 [ 12.525317] ret_from_fork+0x116/0x1d0 [ 12.525338] ? __pfx_kthread+0x10/0x10 [ 12.525358] ret_from_fork_asm+0x1a/0x30 [ 12.525387] </TASK> [ 12.525396] [ 12.532387] Allocated by task 213: [ 12.532576] kasan_save_stack+0x45/0x70 [ 12.532779] kasan_save_track+0x18/0x40 [ 12.532966] kasan_save_alloc_info+0x3b/0x50 [ 12.533144] __kasan_kmalloc+0xb7/0xc0 [ 12.534237] __kmalloc_cache_noprof+0x189/0x420 [ 12.534960] ksize_uaf+0xaa/0x6c0 [ 12.535173] kunit_try_run_case+0x1a5/0x480 [ 12.535358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.535657] kthread+0x337/0x6f0 [ 12.535778] ret_from_fork+0x116/0x1d0 [ 12.535911] ret_from_fork_asm+0x1a/0x30 [ 12.536120] [ 12.536217] Freed by task 213: [ 12.536343] kasan_save_stack+0x45/0x70 [ 12.536720] kasan_save_track+0x18/0x40 [ 12.536882] kasan_save_free_info+0x3f/0x60 [ 12.537049] __kasan_slab_free+0x56/0x70 [ 12.537222] kfree+0x222/0x3f0 [ 12.537383] ksize_uaf+0x12c/0x6c0 [ 12.537626] kunit_try_run_case+0x1a5/0x480 [ 12.537897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.538241] kthread+0x337/0x6f0 [ 12.538485] ret_from_fork+0x116/0x1d0 [ 12.538648] ret_from_fork_asm+0x1a/0x30 [ 12.538835] [ 12.538934] The buggy address belongs to the object at ffff888102fd1300 [ 12.538934] which belongs to the cache kmalloc-128 of size 128 [ 12.539445] The buggy address is located 0 bytes inside of [ 12.539445] freed 128-byte region [ffff888102fd1300, ffff888102fd1380) [ 12.539906] [ 12.539979] The buggy address belongs to the physical page: [ 12.540164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.540513] flags: 0x200000000000000(node=0|zone=2) [ 12.540744] page_type: f5(slab) [ 12.540908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.541254] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.541638] page dumped because: kasan: bad access detected [ 12.541889] [ 12.541980] Memory state around the buggy address: [ 12.542163] ffff888102fd1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.542380] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542853] >ffff888102fd1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.543193] ^ [ 12.543419] ffff888102fd1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.543717] ffff888102fd1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.543978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.475100] ================================================================== [ 12.475554] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.475893] Read of size 1 at addr ffff888102fd127f by task kunit_try_catch/211 [ 12.476202] [ 12.476283] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.476322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.476333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.476425] Call Trace: [ 12.476439] <TASK> [ 12.476452] dump_stack_lvl+0x73/0xb0 [ 12.476480] print_report+0xd1/0x610 [ 12.476500] ? __virt_addr_valid+0x1db/0x2d0 [ 12.476521] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.476542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.476562] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.476584] kasan_report+0x141/0x180 [ 12.476604] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.476631] __asan_report_load1_noabort+0x18/0x20 [ 12.476653] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.476675] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.476710] ? __kasan_check_write+0x18/0x20 [ 12.476727] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.476749] ? irqentry_exit+0x2a/0x60 [ 12.476790] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.476812] ? trace_hardirqs_on+0x37/0xe0 [ 12.476834] ? __pfx_read_tsc+0x10/0x10 [ 12.476864] ? ktime_get_ts64+0x86/0x230 [ 12.476888] kunit_try_run_case+0x1a5/0x480 [ 12.476910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.476933] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.476955] ? __kthread_parkme+0x82/0x180 [ 12.476980] ? preempt_count_sub+0x50/0x80 [ 12.477018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.477041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.477062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.477095] kthread+0x337/0x6f0 [ 12.477113] ? trace_preempt_on+0x20/0xc0 [ 12.477133] ? __pfx_kthread+0x10/0x10 [ 12.477153] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.477172] ? calculate_sigpending+0x7b/0xa0 [ 12.477194] ? __pfx_kthread+0x10/0x10 [ 12.477223] ret_from_fork+0x116/0x1d0 [ 12.477240] ? __pfx_kthread+0x10/0x10 [ 12.477259] ret_from_fork_asm+0x1a/0x30 [ 12.477298] </TASK> [ 12.477307] [ 12.485663] Allocated by task 211: [ 12.485870] kasan_save_stack+0x45/0x70 [ 12.486083] kasan_save_track+0x18/0x40 [ 12.486263] kasan_save_alloc_info+0x3b/0x50 [ 12.486674] __kasan_kmalloc+0xb7/0xc0 [ 12.486857] __kmalloc_cache_noprof+0x189/0x420 [ 12.487097] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.487308] kunit_try_run_case+0x1a5/0x480 [ 12.487648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.487910] kthread+0x337/0x6f0 [ 12.488102] ret_from_fork+0x116/0x1d0 [ 12.488270] ret_from_fork_asm+0x1a/0x30 [ 12.488479] [ 12.488553] The buggy address belongs to the object at ffff888102fd1200 [ 12.488553] which belongs to the cache kmalloc-128 of size 128 [ 12.488989] The buggy address is located 12 bytes to the right of [ 12.488989] allocated 115-byte region [ffff888102fd1200, ffff888102fd1273) [ 12.489658] [ 12.489756] The buggy address belongs to the physical page: [ 12.489956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.490310] flags: 0x200000000000000(node=0|zone=2) [ 12.490708] page_type: f5(slab) [ 12.490835] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.491203] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.491645] page dumped because: kasan: bad access detected [ 12.491889] [ 12.492013] Memory state around the buggy address: [ 12.492183] ffff888102fd1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.492581] ffff888102fd1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492899] >ffff888102fd1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.493216] ^ [ 12.493613] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493888] ffff888102fd1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.494116] ================================================================== [ 12.436680] ================================================================== [ 12.437178] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.437518] Read of size 1 at addr ffff888102fd1273 by task kunit_try_catch/211 [ 12.438107] [ 12.438223] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.438267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.438277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.438298] Call Trace: [ 12.438309] <TASK> [ 12.438323] dump_stack_lvl+0x73/0xb0 [ 12.438353] print_report+0xd1/0x610 [ 12.438375] ? __virt_addr_valid+0x1db/0x2d0 [ 12.438473] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.438504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.438527] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.438549] kasan_report+0x141/0x180 [ 12.438570] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.438597] __asan_report_load1_noabort+0x18/0x20 [ 12.438620] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.438643] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.438666] ? __kasan_check_write+0x18/0x20 [ 12.438683] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.438706] ? irqentry_exit+0x2a/0x60 [ 12.438727] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.438750] ? trace_hardirqs_on+0x37/0xe0 [ 12.438772] ? __pfx_read_tsc+0x10/0x10 [ 12.438792] ? ktime_get_ts64+0x86/0x230 [ 12.438815] kunit_try_run_case+0x1a5/0x480 [ 12.438838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438861] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.438882] ? __kthread_parkme+0x82/0x180 [ 12.438902] ? preempt_count_sub+0x50/0x80 [ 12.438924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.438947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.438968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.438990] kthread+0x337/0x6f0 [ 12.439020] ? trace_preempt_on+0x20/0xc0 [ 12.439041] ? __pfx_kthread+0x10/0x10 [ 12.439060] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.439079] ? calculate_sigpending+0x7b/0xa0 [ 12.439102] ? __pfx_kthread+0x10/0x10 [ 12.439122] ret_from_fork+0x116/0x1d0 [ 12.439139] ? __pfx_kthread+0x10/0x10 [ 12.439158] ret_from_fork_asm+0x1a/0x30 [ 12.439187] </TASK> [ 12.439198] [ 12.447127] Allocated by task 211: [ 12.447282] kasan_save_stack+0x45/0x70 [ 12.447495] kasan_save_track+0x18/0x40 [ 12.447689] kasan_save_alloc_info+0x3b/0x50 [ 12.447861] __kasan_kmalloc+0xb7/0xc0 [ 12.448054] __kmalloc_cache_noprof+0x189/0x420 [ 12.448228] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.448468] kunit_try_run_case+0x1a5/0x480 [ 12.448633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.448865] kthread+0x337/0x6f0 [ 12.448990] ret_from_fork+0x116/0x1d0 [ 12.449130] ret_from_fork_asm+0x1a/0x30 [ 12.449294] [ 12.449385] The buggy address belongs to the object at ffff888102fd1200 [ 12.449385] which belongs to the cache kmalloc-128 of size 128 [ 12.449903] The buggy address is located 0 bytes to the right of [ 12.449903] allocated 115-byte region [ffff888102fd1200, ffff888102fd1273) [ 12.450677] [ 12.450759] The buggy address belongs to the physical page: [ 12.450931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.451188] flags: 0x200000000000000(node=0|zone=2) [ 12.451353] page_type: f5(slab) [ 12.451474] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.451811] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.452164] page dumped because: kasan: bad access detected [ 12.452456] [ 12.452553] Memory state around the buggy address: [ 12.452820] ffff888102fd1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.453161] ffff888102fd1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.453702] >ffff888102fd1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.454035] ^ [ 12.454298] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.454655] ffff888102fd1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.454912] ================================================================== [ 12.455307] ================================================================== [ 12.456064] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.456526] Read of size 1 at addr ffff888102fd1278 by task kunit_try_catch/211 [ 12.456833] [ 12.456934] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.456981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.456991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.457022] Call Trace: [ 12.457035] <TASK> [ 12.457049] dump_stack_lvl+0x73/0xb0 [ 12.457075] print_report+0xd1/0x610 [ 12.457096] ? __virt_addr_valid+0x1db/0x2d0 [ 12.457116] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.457138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.457159] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.457181] kasan_report+0x141/0x180 [ 12.457201] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.457227] __asan_report_load1_noabort+0x18/0x20 [ 12.457250] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.457272] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.457295] ? __kasan_check_write+0x18/0x20 [ 12.457313] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.457335] ? irqentry_exit+0x2a/0x60 [ 12.457355] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.457395] ? trace_hardirqs_on+0x37/0xe0 [ 12.457416] ? __pfx_read_tsc+0x10/0x10 [ 12.457437] ? ktime_get_ts64+0x86/0x230 [ 12.457460] kunit_try_run_case+0x1a5/0x480 [ 12.457483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.457506] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.457528] ? __kthread_parkme+0x82/0x180 [ 12.457547] ? preempt_count_sub+0x50/0x80 [ 12.457569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.457592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.457614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.457636] kthread+0x337/0x6f0 [ 12.457654] ? trace_preempt_on+0x20/0xc0 [ 12.457675] ? __pfx_kthread+0x10/0x10 [ 12.457694] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.457714] ? calculate_sigpending+0x7b/0xa0 [ 12.457736] ? __pfx_kthread+0x10/0x10 [ 12.457757] ret_from_fork+0x116/0x1d0 [ 12.457774] ? __pfx_kthread+0x10/0x10 [ 12.457793] ret_from_fork_asm+0x1a/0x30 [ 12.457821] </TASK> [ 12.457831] [ 12.465813] Allocated by task 211: [ 12.465941] kasan_save_stack+0x45/0x70 [ 12.466100] kasan_save_track+0x18/0x40 [ 12.466234] kasan_save_alloc_info+0x3b/0x50 [ 12.466592] __kasan_kmalloc+0xb7/0xc0 [ 12.466819] __kmalloc_cache_noprof+0x189/0x420 [ 12.467102] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.467448] kunit_try_run_case+0x1a5/0x480 [ 12.467697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467952] kthread+0x337/0x6f0 [ 12.468130] ret_from_fork+0x116/0x1d0 [ 12.468317] ret_from_fork_asm+0x1a/0x30 [ 12.468615] [ 12.468714] The buggy address belongs to the object at ffff888102fd1200 [ 12.468714] which belongs to the cache kmalloc-128 of size 128 [ 12.469287] The buggy address is located 5 bytes to the right of [ 12.469287] allocated 115-byte region [ffff888102fd1200, ffff888102fd1273) [ 12.469923] [ 12.470053] The buggy address belongs to the physical page: [ 12.470234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.470648] flags: 0x200000000000000(node=0|zone=2) [ 12.470846] page_type: f5(slab) [ 12.471024] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.471451] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.471821] page dumped because: kasan: bad access detected [ 12.472086] [ 12.472183] Memory state around the buggy address: [ 12.472507] ffff888102fd1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.472828] ffff888102fd1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.473177] >ffff888102fd1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.473552] ^ [ 12.473782] ffff888102fd1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.473996] ffff888102fd1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.474547] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.409515] ================================================================== [ 12.410253] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.410824] Free of addr ffff888101df6d40 by task kunit_try_catch/209 [ 12.411541] [ 12.411679] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.411721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.411731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.411751] Call Trace: [ 12.411762] <TASK> [ 12.411774] dump_stack_lvl+0x73/0xb0 [ 12.411801] print_report+0xd1/0x610 [ 12.411822] ? __virt_addr_valid+0x1db/0x2d0 [ 12.411844] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.411865] ? kfree_sensitive+0x2e/0x90 [ 12.411885] kasan_report_invalid_free+0x10a/0x130 [ 12.411909] ? kfree_sensitive+0x2e/0x90 [ 12.411930] ? kfree_sensitive+0x2e/0x90 [ 12.411948] check_slab_allocation+0x101/0x130 [ 12.411969] __kasan_slab_pre_free+0x28/0x40 [ 12.411988] kfree+0xf0/0x3f0 [ 12.412021] ? kfree_sensitive+0x2e/0x90 [ 12.412042] kfree_sensitive+0x2e/0x90 [ 12.412061] kmalloc_double_kzfree+0x19c/0x350 [ 12.412083] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.412104] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.412128] ? trace_hardirqs_on+0x37/0xe0 [ 12.412149] ? __pfx_read_tsc+0x10/0x10 [ 12.412170] ? ktime_get_ts64+0x86/0x230 [ 12.412193] kunit_try_run_case+0x1a5/0x480 [ 12.412218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412241] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.412264] ? __kthread_parkme+0x82/0x180 [ 12.412282] ? preempt_count_sub+0x50/0x80 [ 12.412305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.412348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.412405] kthread+0x337/0x6f0 [ 12.412424] ? trace_preempt_on+0x20/0xc0 [ 12.412445] ? __pfx_kthread+0x10/0x10 [ 12.412464] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.412484] ? calculate_sigpending+0x7b/0xa0 [ 12.412506] ? __pfx_kthread+0x10/0x10 [ 12.412526] ret_from_fork+0x116/0x1d0 [ 12.412543] ? __pfx_kthread+0x10/0x10 [ 12.412562] ret_from_fork_asm+0x1a/0x30 [ 12.412591] </TASK> [ 12.412599] [ 12.420017] Allocated by task 209: [ 12.420207] kasan_save_stack+0x45/0x70 [ 12.420462] kasan_save_track+0x18/0x40 [ 12.420672] kasan_save_alloc_info+0x3b/0x50 [ 12.420843] __kasan_kmalloc+0xb7/0xc0 [ 12.420978] __kmalloc_cache_noprof+0x189/0x420 [ 12.421143] kmalloc_double_kzfree+0xa9/0x350 [ 12.421302] kunit_try_run_case+0x1a5/0x480 [ 12.421529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.421830] kthread+0x337/0x6f0 [ 12.422001] ret_from_fork+0x116/0x1d0 [ 12.422199] ret_from_fork_asm+0x1a/0x30 [ 12.422613] [ 12.422723] Freed by task 209: [ 12.422883] kasan_save_stack+0x45/0x70 [ 12.423056] kasan_save_track+0x18/0x40 [ 12.423247] kasan_save_free_info+0x3f/0x60 [ 12.423512] __kasan_slab_free+0x56/0x70 [ 12.423679] kfree+0x222/0x3f0 [ 12.423844] kfree_sensitive+0x67/0x90 [ 12.423977] kmalloc_double_kzfree+0x12b/0x350 [ 12.424138] kunit_try_run_case+0x1a5/0x480 [ 12.424286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.424514] kthread+0x337/0x6f0 [ 12.424679] ret_from_fork+0x116/0x1d0 [ 12.424865] ret_from_fork_asm+0x1a/0x30 [ 12.425092] [ 12.425188] The buggy address belongs to the object at ffff888101df6d40 [ 12.425188] which belongs to the cache kmalloc-16 of size 16 [ 12.425798] The buggy address is located 0 bytes inside of [ 12.425798] 16-byte region [ffff888101df6d40, ffff888101df6d50) [ 12.426145] [ 12.426245] The buggy address belongs to the physical page: [ 12.426703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 12.427076] flags: 0x200000000000000(node=0|zone=2) [ 12.427311] page_type: f5(slab) [ 12.427559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.427873] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.428162] page dumped because: kasan: bad access detected [ 12.428642] [ 12.428738] Memory state around the buggy address: [ 12.428937] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.429242] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.429509] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.429941] ^ [ 12.430205] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.430543] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.430823] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.373204] ================================================================== [ 12.374402] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.374650] Read of size 1 at addr ffff888101df6d40 by task kunit_try_catch/209 [ 12.374873] [ 12.374964] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.375022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.375034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.375054] Call Trace: [ 12.375066] <TASK> [ 12.375081] dump_stack_lvl+0x73/0xb0 [ 12.375108] print_report+0xd1/0x610 [ 12.375129] ? __virt_addr_valid+0x1db/0x2d0 [ 12.375150] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.375172] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.375192] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.375214] kasan_report+0x141/0x180 [ 12.375234] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.375258] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.375280] __kasan_check_byte+0x3d/0x50 [ 12.375301] kfree_sensitive+0x22/0x90 [ 12.375322] kmalloc_double_kzfree+0x19c/0x350 [ 12.375344] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.375366] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.375390] ? trace_hardirqs_on+0x37/0xe0 [ 12.375411] ? __pfx_read_tsc+0x10/0x10 [ 12.375431] ? ktime_get_ts64+0x86/0x230 [ 12.375454] kunit_try_run_case+0x1a5/0x480 [ 12.375478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.375501] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.375525] ? __kthread_parkme+0x82/0x180 [ 12.375545] ? preempt_count_sub+0x50/0x80 [ 12.375567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.375589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.375611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.375633] kthread+0x337/0x6f0 [ 12.375651] ? trace_preempt_on+0x20/0xc0 [ 12.375672] ? __pfx_kthread+0x10/0x10 [ 12.375691] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.375711] ? calculate_sigpending+0x7b/0xa0 [ 12.375734] ? __pfx_kthread+0x10/0x10 [ 12.375754] ret_from_fork+0x116/0x1d0 [ 12.375771] ? __pfx_kthread+0x10/0x10 [ 12.375790] ret_from_fork_asm+0x1a/0x30 [ 12.375819] </TASK> [ 12.375829] [ 12.391128] Allocated by task 209: [ 12.391798] kasan_save_stack+0x45/0x70 [ 12.392170] kasan_save_track+0x18/0x40 [ 12.392562] kasan_save_alloc_info+0x3b/0x50 [ 12.393054] __kasan_kmalloc+0xb7/0xc0 [ 12.393398] __kmalloc_cache_noprof+0x189/0x420 [ 12.393580] kmalloc_double_kzfree+0xa9/0x350 [ 12.393736] kunit_try_run_case+0x1a5/0x480 [ 12.394270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.394814] kthread+0x337/0x6f0 [ 12.395197] ret_from_fork+0x116/0x1d0 [ 12.395737] ret_from_fork_asm+0x1a/0x30 [ 12.396217] [ 12.396376] Freed by task 209: [ 12.396729] kasan_save_stack+0x45/0x70 [ 12.396887] kasan_save_track+0x18/0x40 [ 12.397040] kasan_save_free_info+0x3f/0x60 [ 12.397186] __kasan_slab_free+0x56/0x70 [ 12.397322] kfree+0x222/0x3f0 [ 12.397457] kfree_sensitive+0x67/0x90 [ 12.397590] kmalloc_double_kzfree+0x12b/0x350 [ 12.397769] kunit_try_run_case+0x1a5/0x480 [ 12.398229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.398748] kthread+0x337/0x6f0 [ 12.399102] ret_from_fork+0x116/0x1d0 [ 12.399640] ret_from_fork_asm+0x1a/0x30 [ 12.400050] [ 12.400252] The buggy address belongs to the object at ffff888101df6d40 [ 12.400252] which belongs to the cache kmalloc-16 of size 16 [ 12.401334] The buggy address is located 0 bytes inside of [ 12.401334] freed 16-byte region [ffff888101df6d40, ffff888101df6d50) [ 12.402188] [ 12.402277] The buggy address belongs to the physical page: [ 12.402474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 12.403266] flags: 0x200000000000000(node=0|zone=2) [ 12.403717] page_type: f5(slab) [ 12.403869] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.404110] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.404337] page dumped because: kasan: bad access detected [ 12.404616] [ 12.404740] Memory state around the buggy address: [ 12.405171] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.405936] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.406515] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.407145] ^ [ 12.407317] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.408015] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.408756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.329979] ================================================================== [ 12.331392] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.331996] Read of size 1 at addr ffff8881027e72a8 by task kunit_try_catch/205 [ 12.332777] [ 12.332957] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.333020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.333032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.333053] Call Trace: [ 12.333064] <TASK> [ 12.333078] dump_stack_lvl+0x73/0xb0 [ 12.333109] print_report+0xd1/0x610 [ 12.333130] ? __virt_addr_valid+0x1db/0x2d0 [ 12.333176] ? kmalloc_uaf2+0x4a8/0x520 [ 12.333195] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.333231] ? kmalloc_uaf2+0x4a8/0x520 [ 12.333263] kasan_report+0x141/0x180 [ 12.333284] ? kmalloc_uaf2+0x4a8/0x520 [ 12.333321] __asan_report_load1_noabort+0x18/0x20 [ 12.333351] kmalloc_uaf2+0x4a8/0x520 [ 12.333370] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.333389] ? finish_task_switch.isra.0+0x153/0x700 [ 12.333411] ? __switch_to+0x47/0xf50 [ 12.333436] ? __schedule+0x10cc/0x2b60 [ 12.333458] ? __pfx_read_tsc+0x10/0x10 [ 12.333479] ? ktime_get_ts64+0x86/0x230 [ 12.333500] kunit_try_run_case+0x1a5/0x480 [ 12.333523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.333568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.333590] ? __kthread_parkme+0x82/0x180 [ 12.333610] ? preempt_count_sub+0x50/0x80 [ 12.333633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.333656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.333701] kthread+0x337/0x6f0 [ 12.333720] ? trace_preempt_on+0x20/0xc0 [ 12.333742] ? __pfx_kthread+0x10/0x10 [ 12.333761] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.333781] ? calculate_sigpending+0x7b/0xa0 [ 12.333804] ? __pfx_kthread+0x10/0x10 [ 12.333825] ret_from_fork+0x116/0x1d0 [ 12.333842] ? __pfx_kthread+0x10/0x10 [ 12.333861] ret_from_fork_asm+0x1a/0x30 [ 12.333892] </TASK> [ 12.333902] [ 12.348027] Allocated by task 205: [ 12.348397] kasan_save_stack+0x45/0x70 [ 12.348888] kasan_save_track+0x18/0x40 [ 12.349428] kasan_save_alloc_info+0x3b/0x50 [ 12.349588] __kasan_kmalloc+0xb7/0xc0 [ 12.349720] __kmalloc_cache_noprof+0x189/0x420 [ 12.349877] kmalloc_uaf2+0xc6/0x520 [ 12.350017] kunit_try_run_case+0x1a5/0x480 [ 12.350579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.351184] kthread+0x337/0x6f0 [ 12.351557] ret_from_fork+0x116/0x1d0 [ 12.351979] ret_from_fork_asm+0x1a/0x30 [ 12.352361] [ 12.352618] Freed by task 205: [ 12.353016] kasan_save_stack+0x45/0x70 [ 12.353468] kasan_save_track+0x18/0x40 [ 12.353967] kasan_save_free_info+0x3f/0x60 [ 12.354326] __kasan_slab_free+0x56/0x70 [ 12.354485] kfree+0x222/0x3f0 [ 12.354857] kmalloc_uaf2+0x14c/0x520 [ 12.355215] kunit_try_run_case+0x1a5/0x480 [ 12.355720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.356140] kthread+0x337/0x6f0 [ 12.356264] ret_from_fork+0x116/0x1d0 [ 12.356451] ret_from_fork_asm+0x1a/0x30 [ 12.356877] [ 12.357089] The buggy address belongs to the object at ffff8881027e7280 [ 12.357089] which belongs to the cache kmalloc-64 of size 64 [ 12.358304] The buggy address is located 40 bytes inside of [ 12.358304] freed 64-byte region [ffff8881027e7280, ffff8881027e72c0) [ 12.358983] [ 12.359079] The buggy address belongs to the physical page: [ 12.359251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 12.359549] flags: 0x200000000000000(node=0|zone=2) [ 12.359928] page_type: f5(slab) [ 12.360335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.360734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.361089] page dumped because: kasan: bad access detected [ 12.361312] [ 12.361401] Memory state around the buggy address: [ 12.361657] ffff8881027e7180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.361993] ffff8881027e7200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.362297] >ffff8881027e7280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.362604] ^ [ 12.362831] ffff8881027e7300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.363169] ffff8881027e7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.363616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.303054] ================================================================== [ 12.303610] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.303886] Write of size 33 at addr ffff888102fd3180 by task kunit_try_catch/203 [ 12.304181] [ 12.304300] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.304344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.304355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.304375] Call Trace: [ 12.304386] <TASK> [ 12.304402] dump_stack_lvl+0x73/0xb0 [ 12.304521] print_report+0xd1/0x610 [ 12.304545] ? __virt_addr_valid+0x1db/0x2d0 [ 12.304568] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.304587] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.304608] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.304628] kasan_report+0x141/0x180 [ 12.304648] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.304674] kasan_check_range+0x10c/0x1c0 [ 12.304697] __asan_memset+0x27/0x50 [ 12.304716] kmalloc_uaf_memset+0x1a3/0x360 [ 12.304736] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.304757] ? __schedule+0x10cc/0x2b60 [ 12.304780] ? __pfx_read_tsc+0x10/0x10 [ 12.304800] ? ktime_get_ts64+0x86/0x230 [ 12.304825] kunit_try_run_case+0x1a5/0x480 [ 12.304849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.304893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.304915] ? __kthread_parkme+0x82/0x180 [ 12.304934] ? preempt_count_sub+0x50/0x80 [ 12.304957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.305019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.305041] kthread+0x337/0x6f0 [ 12.305059] ? trace_preempt_on+0x20/0xc0 [ 12.305081] ? __pfx_kthread+0x10/0x10 [ 12.305101] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.305121] ? calculate_sigpending+0x7b/0xa0 [ 12.305144] ? __pfx_kthread+0x10/0x10 [ 12.305164] ret_from_fork+0x116/0x1d0 [ 12.305181] ? __pfx_kthread+0x10/0x10 [ 12.305200] ret_from_fork_asm+0x1a/0x30 [ 12.305230] </TASK> [ 12.305240] [ 12.312642] Allocated by task 203: [ 12.312798] kasan_save_stack+0x45/0x70 [ 12.312984] kasan_save_track+0x18/0x40 [ 12.313171] kasan_save_alloc_info+0x3b/0x50 [ 12.313318] __kasan_kmalloc+0xb7/0xc0 [ 12.313761] __kmalloc_cache_noprof+0x189/0x420 [ 12.313992] kmalloc_uaf_memset+0xa9/0x360 [ 12.314143] kunit_try_run_case+0x1a5/0x480 [ 12.314289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.314666] kthread+0x337/0x6f0 [ 12.314839] ret_from_fork+0x116/0x1d0 [ 12.315040] ret_from_fork_asm+0x1a/0x30 [ 12.315235] [ 12.315332] Freed by task 203: [ 12.315569] kasan_save_stack+0x45/0x70 [ 12.315757] kasan_save_track+0x18/0x40 [ 12.315932] kasan_save_free_info+0x3f/0x60 [ 12.316133] __kasan_slab_free+0x56/0x70 [ 12.316334] kfree+0x222/0x3f0 [ 12.316701] kmalloc_uaf_memset+0x12b/0x360 [ 12.317499] kunit_try_run_case+0x1a5/0x480 [ 12.318159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.318467] kthread+0x337/0x6f0 [ 12.318617] ret_from_fork+0x116/0x1d0 [ 12.318791] ret_from_fork_asm+0x1a/0x30 [ 12.318956] [ 12.319064] The buggy address belongs to the object at ffff888102fd3180 [ 12.319064] which belongs to the cache kmalloc-64 of size 64 [ 12.319725] The buggy address is located 0 bytes inside of [ 12.319725] freed 64-byte region [ffff888102fd3180, ffff888102fd31c0) [ 12.320177] [ 12.320277] The buggy address belongs to the physical page: [ 12.320540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd3 [ 12.321391] flags: 0x200000000000000(node=0|zone=2) [ 12.321564] page_type: f5(slab) [ 12.321687] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.321919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.322904] page dumped because: kasan: bad access detected [ 12.323129] [ 12.323288] Memory state around the buggy address: [ 12.323882] ffff888102fd3080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.324499] ffff888102fd3100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.325291] >ffff888102fd3180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.325514] ^ [ 12.325630] ffff888102fd3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.325843] ffff888102fd3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.326070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.270582] ================================================================== [ 12.271635] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.271858] Read of size 1 at addr ffff888101df6d28 by task kunit_try_catch/201 [ 12.272097] [ 12.272185] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.272228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.272239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.272259] Call Trace: [ 12.272271] <TASK> [ 12.272287] dump_stack_lvl+0x73/0xb0 [ 12.272314] print_report+0xd1/0x610 [ 12.272335] ? __virt_addr_valid+0x1db/0x2d0 [ 12.272356] ? kmalloc_uaf+0x320/0x380 [ 12.272385] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.272406] ? kmalloc_uaf+0x320/0x380 [ 12.272425] kasan_report+0x141/0x180 [ 12.272446] ? kmalloc_uaf+0x320/0x380 [ 12.272469] __asan_report_load1_noabort+0x18/0x20 [ 12.272492] kmalloc_uaf+0x320/0x380 [ 12.272510] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.272530] ? __schedule+0x10cc/0x2b60 [ 12.272551] ? __pfx_read_tsc+0x10/0x10 [ 12.272571] ? ktime_get_ts64+0x86/0x230 [ 12.272594] kunit_try_run_case+0x1a5/0x480 [ 12.272618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.272698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.272721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.272743] ? __kthread_parkme+0x82/0x180 [ 12.272763] ? preempt_count_sub+0x50/0x80 [ 12.272786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.272809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.272831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.272853] kthread+0x337/0x6f0 [ 12.272872] ? trace_preempt_on+0x20/0xc0 [ 12.272893] ? __pfx_kthread+0x10/0x10 [ 12.272913] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.272933] ? calculate_sigpending+0x7b/0xa0 [ 12.272955] ? __pfx_kthread+0x10/0x10 [ 12.272982] ret_from_fork+0x116/0x1d0 [ 12.273000] ? __pfx_kthread+0x10/0x10 [ 12.273030] ret_from_fork_asm+0x1a/0x30 [ 12.273059] </TASK> [ 12.273069] [ 12.286040] Allocated by task 201: [ 12.286501] kasan_save_stack+0x45/0x70 [ 12.286872] kasan_save_track+0x18/0x40 [ 12.287036] kasan_save_alloc_info+0x3b/0x50 [ 12.287189] __kasan_kmalloc+0xb7/0xc0 [ 12.287322] __kmalloc_cache_noprof+0x189/0x420 [ 12.287759] kmalloc_uaf+0xaa/0x380 [ 12.288204] kunit_try_run_case+0x1a5/0x480 [ 12.288686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.289175] kthread+0x337/0x6f0 [ 12.289514] ret_from_fork+0x116/0x1d0 [ 12.289890] ret_from_fork_asm+0x1a/0x30 [ 12.290261] [ 12.290368] Freed by task 201: [ 12.290528] kasan_save_stack+0x45/0x70 [ 12.290891] kasan_save_track+0x18/0x40 [ 12.291241] kasan_save_free_info+0x3f/0x60 [ 12.291591] __kasan_slab_free+0x56/0x70 [ 12.291738] kfree+0x222/0x3f0 [ 12.291855] kmalloc_uaf+0x12c/0x380 [ 12.291983] kunit_try_run_case+0x1a5/0x480 [ 12.292144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.292319] kthread+0x337/0x6f0 [ 12.292467] ret_from_fork+0x116/0x1d0 [ 12.292599] ret_from_fork_asm+0x1a/0x30 [ 12.292877] [ 12.292980] The buggy address belongs to the object at ffff888101df6d20 [ 12.292980] which belongs to the cache kmalloc-16 of size 16 [ 12.293482] The buggy address is located 8 bytes inside of [ 12.293482] freed 16-byte region [ffff888101df6d20, ffff888101df6d30) [ 12.293869] [ 12.293968] The buggy address belongs to the physical page: [ 12.294230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 12.294624] flags: 0x200000000000000(node=0|zone=2) [ 12.294788] page_type: f5(slab) [ 12.294907] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.295257] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.295669] page dumped because: kasan: bad access detected [ 12.295893] [ 12.295985] Memory state around the buggy address: [ 12.296195] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.296473] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.296765] >ffff888101df6d00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.297018] ^ [ 12.297166] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.297418] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.297824] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.236278] ================================================================== [ 12.236719] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.236982] Read of size 64 at addr ffff8881027e7184 by task kunit_try_catch/199 [ 12.238021] [ 12.238302] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.238364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.238416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.238449] Call Trace: [ 12.238461] <TASK> [ 12.238555] dump_stack_lvl+0x73/0xb0 [ 12.238590] print_report+0xd1/0x610 [ 12.238613] ? __virt_addr_valid+0x1db/0x2d0 [ 12.238638] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.238665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.238690] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.238717] kasan_report+0x141/0x180 [ 12.238740] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.238771] kasan_check_range+0x10c/0x1c0 [ 12.238796] __asan_memmove+0x27/0x70 [ 12.238816] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.238843] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.238871] ? __schedule+0x10cc/0x2b60 [ 12.238895] ? __pfx_read_tsc+0x10/0x10 [ 12.238917] ? ktime_get_ts64+0x86/0x230 [ 12.238943] kunit_try_run_case+0x1a5/0x480 [ 12.238970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.238995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.239033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.239059] ? __kthread_parkme+0x82/0x180 [ 12.239080] ? preempt_count_sub+0x50/0x80 [ 12.239106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.239132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.239158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.239186] kthread+0x337/0x6f0 [ 12.239206] ? trace_preempt_on+0x20/0xc0 [ 12.239230] ? __pfx_kthread+0x10/0x10 [ 12.239251] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.239274] ? calculate_sigpending+0x7b/0xa0 [ 12.239299] ? __pfx_kthread+0x10/0x10 [ 12.239321] ret_from_fork+0x116/0x1d0 [ 12.239340] ? __pfx_kthread+0x10/0x10 [ 12.239362] ret_from_fork_asm+0x1a/0x30 [ 12.239394] </TASK> [ 12.239405] [ 12.254089] Allocated by task 199: [ 12.254236] kasan_save_stack+0x45/0x70 [ 12.254443] kasan_save_track+0x18/0x40 [ 12.254797] kasan_save_alloc_info+0x3b/0x50 [ 12.255203] __kasan_kmalloc+0xb7/0xc0 [ 12.255646] __kmalloc_cache_noprof+0x189/0x420 [ 12.256152] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.256695] kunit_try_run_case+0x1a5/0x480 [ 12.257089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.257762] kthread+0x337/0x6f0 [ 12.257895] ret_from_fork+0x116/0x1d0 [ 12.258080] ret_from_fork_asm+0x1a/0x30 [ 12.258223] [ 12.258296] The buggy address belongs to the object at ffff8881027e7180 [ 12.258296] which belongs to the cache kmalloc-64 of size 64 [ 12.258706] The buggy address is located 4 bytes inside of [ 12.258706] allocated 64-byte region [ffff8881027e7180, ffff8881027e71c0) [ 12.259798] [ 12.259963] The buggy address belongs to the physical page: [ 12.260319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 12.260652] flags: 0x200000000000000(node=0|zone=2) [ 12.260821] page_type: f5(slab) [ 12.260942] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.261214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.261553] page dumped because: kasan: bad access detected [ 12.262116] [ 12.262301] Memory state around the buggy address: [ 12.262776] ffff8881027e7080: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.263701] ffff8881027e7100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.264316] >ffff8881027e7180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.265063] ^ [ 12.265636] ffff8881027e7200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.266258] ffff8881027e7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.213105] ================================================================== [ 12.213784] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.214141] Read of size 18446744073709551614 at addr ffff8881027e7004 by task kunit_try_catch/197 [ 12.214590] [ 12.214858] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.214904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.214915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.214934] Call Trace: [ 12.214945] <TASK> [ 12.214958] dump_stack_lvl+0x73/0xb0 [ 12.214986] print_report+0xd1/0x610 [ 12.215021] ? __virt_addr_valid+0x1db/0x2d0 [ 12.215043] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.215066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.215087] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.215131] kasan_report+0x141/0x180 [ 12.215153] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.215181] kasan_check_range+0x10c/0x1c0 [ 12.215203] __asan_memmove+0x27/0x70 [ 12.215222] kmalloc_memmove_negative_size+0x171/0x330 [ 12.215245] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.215269] ? __schedule+0x10cc/0x2b60 [ 12.215292] ? __pfx_read_tsc+0x10/0x10 [ 12.215311] ? ktime_get_ts64+0x86/0x230 [ 12.215334] kunit_try_run_case+0x1a5/0x480 [ 12.215357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.215422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.215443] ? __kthread_parkme+0x82/0x180 [ 12.215462] ? preempt_count_sub+0x50/0x80 [ 12.215483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.215528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.215550] kthread+0x337/0x6f0 [ 12.215567] ? trace_preempt_on+0x20/0xc0 [ 12.215590] ? __pfx_kthread+0x10/0x10 [ 12.215609] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.215629] ? calculate_sigpending+0x7b/0xa0 [ 12.215651] ? __pfx_kthread+0x10/0x10 [ 12.215671] ret_from_fork+0x116/0x1d0 [ 12.215688] ? __pfx_kthread+0x10/0x10 [ 12.215707] ret_from_fork_asm+0x1a/0x30 [ 12.215736] </TASK> [ 12.215746] [ 12.223166] Allocated by task 197: [ 12.223380] kasan_save_stack+0x45/0x70 [ 12.223583] kasan_save_track+0x18/0x40 [ 12.223796] kasan_save_alloc_info+0x3b/0x50 [ 12.224199] __kasan_kmalloc+0xb7/0xc0 [ 12.224605] __kmalloc_cache_noprof+0x189/0x420 [ 12.225028] kmalloc_memmove_negative_size+0xac/0x330 [ 12.225303] kunit_try_run_case+0x1a5/0x480 [ 12.225515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.225832] kthread+0x337/0x6f0 [ 12.226021] ret_from_fork+0x116/0x1d0 [ 12.226297] ret_from_fork_asm+0x1a/0x30 [ 12.226903] [ 12.227001] The buggy address belongs to the object at ffff8881027e7000 [ 12.227001] which belongs to the cache kmalloc-64 of size 64 [ 12.227523] The buggy address is located 4 bytes inside of [ 12.227523] 64-byte region [ffff8881027e7000, ffff8881027e7040) [ 12.227951] [ 12.228032] The buggy address belongs to the physical page: [ 12.228202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e7 [ 12.228442] flags: 0x200000000000000(node=0|zone=2) [ 12.228776] page_type: f5(slab) [ 12.228945] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.229322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.229670] page dumped because: kasan: bad access detected [ 12.229930] [ 12.230021] Memory state around the buggy address: [ 12.230172] ffff8881027e6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.230884] ffff8881027e6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231115] >ffff8881027e7000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.231326] ^ [ 12.231440] ffff8881027e7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231763] ffff8881027e7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.232134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.190253] ================================================================== [ 12.191159] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.191502] Write of size 16 at addr ffff8881027d6b69 by task kunit_try_catch/195 [ 12.191915] [ 12.192046] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.192088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.192099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.192120] Call Trace: [ 12.192131] <TASK> [ 12.192145] dump_stack_lvl+0x73/0xb0 [ 12.192175] print_report+0xd1/0x610 [ 12.192196] ? __virt_addr_valid+0x1db/0x2d0 [ 12.192218] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.192238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.192258] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.192279] kasan_report+0x141/0x180 [ 12.192300] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.192325] kasan_check_range+0x10c/0x1c0 [ 12.192347] __asan_memset+0x27/0x50 [ 12.192365] kmalloc_oob_memset_16+0x166/0x330 [ 12.192408] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.192429] ? __schedule+0x10cc/0x2b60 [ 12.192451] ? __pfx_read_tsc+0x10/0x10 [ 12.192471] ? ktime_get_ts64+0x86/0x230 [ 12.192494] kunit_try_run_case+0x1a5/0x480 [ 12.192519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.192540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.192562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.192584] ? __kthread_parkme+0x82/0x180 [ 12.192604] ? preempt_count_sub+0x50/0x80 [ 12.192626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.192650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.192671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.192693] kthread+0x337/0x6f0 [ 12.192712] ? trace_preempt_on+0x20/0xc0 [ 12.192734] ? __pfx_kthread+0x10/0x10 [ 12.192753] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.192773] ? calculate_sigpending+0x7b/0xa0 [ 12.192795] ? __pfx_kthread+0x10/0x10 [ 12.192816] ret_from_fork+0x116/0x1d0 [ 12.192833] ? __pfx_kthread+0x10/0x10 [ 12.192852] ret_from_fork_asm+0x1a/0x30 [ 12.192881] </TASK> [ 12.192891] [ 12.200798] Allocated by task 195: [ 12.200953] kasan_save_stack+0x45/0x70 [ 12.201184] kasan_save_track+0x18/0x40 [ 12.201752] kasan_save_alloc_info+0x3b/0x50 [ 12.202001] __kasan_kmalloc+0xb7/0xc0 [ 12.202195] __kmalloc_cache_noprof+0x189/0x420 [ 12.202412] kmalloc_oob_memset_16+0xac/0x330 [ 12.202579] kunit_try_run_case+0x1a5/0x480 [ 12.202724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.202976] kthread+0x337/0x6f0 [ 12.203160] ret_from_fork+0x116/0x1d0 [ 12.203749] ret_from_fork_asm+0x1a/0x30 [ 12.203975] [ 12.204085] The buggy address belongs to the object at ffff8881027d6b00 [ 12.204085] which belongs to the cache kmalloc-128 of size 128 [ 12.205352] The buggy address is located 105 bytes inside of [ 12.205352] allocated 120-byte region [ffff8881027d6b00, ffff8881027d6b78) [ 12.206028] [ 12.206109] The buggy address belongs to the physical page: [ 12.206515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 12.206884] flags: 0x200000000000000(node=0|zone=2) [ 12.207067] page_type: f5(slab) [ 12.207189] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.207464] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.207810] page dumped because: kasan: bad access detected [ 12.208120] [ 12.208216] Memory state around the buggy address: [ 12.208375] ffff8881027d6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.208653] ffff8881027d6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208988] >ffff8881027d6b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.209312] ^ [ 12.209755] ffff8881027d6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.210042] ffff8881027d6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.210343] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.159899] ================================================================== [ 12.161158] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.161918] Write of size 8 at addr ffff8881027d6a71 by task kunit_try_catch/193 [ 12.162619] [ 12.162713] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.162757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.162768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.162788] Call Trace: [ 12.162799] <TASK> [ 12.162813] dump_stack_lvl+0x73/0xb0 [ 12.162842] print_report+0xd1/0x610 [ 12.162863] ? __virt_addr_valid+0x1db/0x2d0 [ 12.162884] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.162904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.162924] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.162944] kasan_report+0x141/0x180 [ 12.162965] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.162990] kasan_check_range+0x10c/0x1c0 [ 12.163025] __asan_memset+0x27/0x50 [ 12.163044] kmalloc_oob_memset_8+0x166/0x330 [ 12.163065] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.163086] ? __schedule+0x10cc/0x2b60 [ 12.163107] ? __pfx_read_tsc+0x10/0x10 [ 12.163128] ? ktime_get_ts64+0x86/0x230 [ 12.163151] kunit_try_run_case+0x1a5/0x480 [ 12.163174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.163196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.163218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.163240] ? __kthread_parkme+0x82/0x180 [ 12.163260] ? preempt_count_sub+0x50/0x80 [ 12.163283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.163306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.163328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.163428] kthread+0x337/0x6f0 [ 12.163451] ? trace_preempt_on+0x20/0xc0 [ 12.163485] ? __pfx_kthread+0x10/0x10 [ 12.163504] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.163525] ? calculate_sigpending+0x7b/0xa0 [ 12.163558] ? __pfx_kthread+0x10/0x10 [ 12.163587] ret_from_fork+0x116/0x1d0 [ 12.163605] ? __pfx_kthread+0x10/0x10 [ 12.163625] ret_from_fork_asm+0x1a/0x30 [ 12.163664] </TASK> [ 12.163674] [ 12.176573] Allocated by task 193: [ 12.176920] kasan_save_stack+0x45/0x70 [ 12.177311] kasan_save_track+0x18/0x40 [ 12.177776] kasan_save_alloc_info+0x3b/0x50 [ 12.177967] __kasan_kmalloc+0xb7/0xc0 [ 12.178308] __kmalloc_cache_noprof+0x189/0x420 [ 12.178826] kmalloc_oob_memset_8+0xac/0x330 [ 12.178985] kunit_try_run_case+0x1a5/0x480 [ 12.179250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.179799] kthread+0x337/0x6f0 [ 12.180133] ret_from_fork+0x116/0x1d0 [ 12.180280] ret_from_fork_asm+0x1a/0x30 [ 12.180740] [ 12.180905] The buggy address belongs to the object at ffff8881027d6a00 [ 12.180905] which belongs to the cache kmalloc-128 of size 128 [ 12.181611] The buggy address is located 113 bytes inside of [ 12.181611] allocated 120-byte region [ffff8881027d6a00, ffff8881027d6a78) [ 12.181978] [ 12.182087] The buggy address belongs to the physical page: [ 12.182334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 12.182623] flags: 0x200000000000000(node=0|zone=2) [ 12.182882] page_type: f5(slab) [ 12.183088] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.183442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.183763] page dumped because: kasan: bad access detected [ 12.184042] [ 12.184130] Memory state around the buggy address: [ 12.184360] ffff8881027d6900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.184701] ffff8881027d6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.185030] >ffff8881027d6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.185319] ^ [ 12.185753] ffff8881027d6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.185974] ffff8881027d6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.186321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.128834] ================================================================== [ 12.129373] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.129927] Write of size 4 at addr ffff888102fd1175 by task kunit_try_catch/191 [ 12.130611] [ 12.130704] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.130746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.130757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.130776] Call Trace: [ 12.130787] <TASK> [ 12.130802] dump_stack_lvl+0x73/0xb0 [ 12.130830] print_report+0xd1/0x610 [ 12.130851] ? __virt_addr_valid+0x1db/0x2d0 [ 12.130873] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.130893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.130922] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.130942] kasan_report+0x141/0x180 [ 12.130963] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.130987] kasan_check_range+0x10c/0x1c0 [ 12.131017] __asan_memset+0x27/0x50 [ 12.131036] kmalloc_oob_memset_4+0x166/0x330 [ 12.131056] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.131077] ? __schedule+0x10cc/0x2b60 [ 12.131099] ? __pfx_read_tsc+0x10/0x10 [ 12.131119] ? ktime_get_ts64+0x86/0x230 [ 12.131143] kunit_try_run_case+0x1a5/0x480 [ 12.131167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.131187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.131210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.131231] ? __kthread_parkme+0x82/0x180 [ 12.131250] ? preempt_count_sub+0x50/0x80 [ 12.131272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.131294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.131316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.131338] kthread+0x337/0x6f0 [ 12.131356] ? trace_preempt_on+0x20/0xc0 [ 12.131378] ? __pfx_kthread+0x10/0x10 [ 12.131397] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.131416] ? calculate_sigpending+0x7b/0xa0 [ 12.131439] ? __pfx_kthread+0x10/0x10 [ 12.131459] ret_from_fork+0x116/0x1d0 [ 12.131476] ? __pfx_kthread+0x10/0x10 [ 12.131495] ret_from_fork_asm+0x1a/0x30 [ 12.131524] </TASK> [ 12.131534] [ 12.145576] Allocated by task 191: [ 12.145976] kasan_save_stack+0x45/0x70 [ 12.146430] kasan_save_track+0x18/0x40 [ 12.146834] kasan_save_alloc_info+0x3b/0x50 [ 12.147288] __kasan_kmalloc+0xb7/0xc0 [ 12.147739] __kmalloc_cache_noprof+0x189/0x420 [ 12.148202] kmalloc_oob_memset_4+0xac/0x330 [ 12.148642] kunit_try_run_case+0x1a5/0x480 [ 12.148866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.149430] kthread+0x337/0x6f0 [ 12.149713] ret_from_fork+0x116/0x1d0 [ 12.150088] ret_from_fork_asm+0x1a/0x30 [ 12.150228] [ 12.150298] The buggy address belongs to the object at ffff888102fd1100 [ 12.150298] which belongs to the cache kmalloc-128 of size 128 [ 12.150660] The buggy address is located 117 bytes inside of [ 12.150660] allocated 120-byte region [ffff888102fd1100, ffff888102fd1178) [ 12.151025] [ 12.151099] The buggy address belongs to the physical page: [ 12.151270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.151751] flags: 0x200000000000000(node=0|zone=2) [ 12.151980] page_type: f5(slab) [ 12.152110] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.152445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.152830] page dumped because: kasan: bad access detected [ 12.153141] [ 12.153238] Memory state around the buggy address: [ 12.153779] ffff888102fd1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.154026] ffff888102fd1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.154438] >ffff888102fd1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.154737] ^ [ 12.155338] ffff888102fd1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.156049] ffff888102fd1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.156773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.102669] ================================================================== [ 12.103130] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.103720] Write of size 2 at addr ffff8881027d6977 by task kunit_try_catch/189 [ 12.104238] [ 12.104430] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.104580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.104592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.104613] Call Trace: [ 12.104624] <TASK> [ 12.104638] dump_stack_lvl+0x73/0xb0 [ 12.104668] print_report+0xd1/0x610 [ 12.104689] ? __virt_addr_valid+0x1db/0x2d0 [ 12.104710] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.104731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.104751] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.104772] kasan_report+0x141/0x180 [ 12.104792] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.104817] kasan_check_range+0x10c/0x1c0 [ 12.104839] __asan_memset+0x27/0x50 [ 12.104858] kmalloc_oob_memset_2+0x166/0x330 [ 12.104880] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.104901] ? __schedule+0x10cc/0x2b60 [ 12.104922] ? __pfx_read_tsc+0x10/0x10 [ 12.104943] ? ktime_get_ts64+0x86/0x230 [ 12.104966] kunit_try_run_case+0x1a5/0x480 [ 12.105016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.105038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.105060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.105081] ? __kthread_parkme+0x82/0x180 [ 12.105102] ? preempt_count_sub+0x50/0x80 [ 12.105124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.105147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.105169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.105191] kthread+0x337/0x6f0 [ 12.105209] ? trace_preempt_on+0x20/0xc0 [ 12.105231] ? __pfx_kthread+0x10/0x10 [ 12.105250] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.105270] ? calculate_sigpending+0x7b/0xa0 [ 12.105292] ? __pfx_kthread+0x10/0x10 [ 12.105313] ret_from_fork+0x116/0x1d0 [ 12.105330] ? __pfx_kthread+0x10/0x10 [ 12.105349] ret_from_fork_asm+0x1a/0x30 [ 12.105379] </TASK> [ 12.105388] [ 12.115424] Allocated by task 189: [ 12.115810] kasan_save_stack+0x45/0x70 [ 12.115995] kasan_save_track+0x18/0x40 [ 12.116186] kasan_save_alloc_info+0x3b/0x50 [ 12.116666] __kasan_kmalloc+0xb7/0xc0 [ 12.116854] __kmalloc_cache_noprof+0x189/0x420 [ 12.117045] kmalloc_oob_memset_2+0xac/0x330 [ 12.117258] kunit_try_run_case+0x1a5/0x480 [ 12.117470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.117989] kthread+0x337/0x6f0 [ 12.118165] ret_from_fork+0x116/0x1d0 [ 12.118344] ret_from_fork_asm+0x1a/0x30 [ 12.118679] [ 12.118780] The buggy address belongs to the object at ffff8881027d6900 [ 12.118780] which belongs to the cache kmalloc-128 of size 128 [ 12.119273] The buggy address is located 119 bytes inside of [ 12.119273] allocated 120-byte region [ffff8881027d6900, ffff8881027d6978) [ 12.120136] [ 12.120245] The buggy address belongs to the physical page: [ 12.120514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 12.120989] flags: 0x200000000000000(node=0|zone=2) [ 12.121241] page_type: f5(slab) [ 12.121372] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.122158] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.122584] page dumped because: kasan: bad access detected [ 12.122771] [ 12.122865] Memory state around the buggy address: [ 12.123108] ffff8881027d6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.123387] ffff8881027d6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.124160] >ffff8881027d6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.124533] ^ [ 12.125076] ffff8881027d6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125555] ffff8881027d6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.126103] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.075221] ================================================================== [ 12.075739] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.076275] Write of size 128 at addr ffff888102fd1000 by task kunit_try_catch/187 [ 12.076661] [ 12.076771] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.076813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.076824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.076843] Call Trace: [ 12.076854] <TASK> [ 12.076868] dump_stack_lvl+0x73/0xb0 [ 12.076896] print_report+0xd1/0x610 [ 12.076917] ? __virt_addr_valid+0x1db/0x2d0 [ 12.076938] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.076958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.076985] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.077017] kasan_report+0x141/0x180 [ 12.077039] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.077064] kasan_check_range+0x10c/0x1c0 [ 12.077086] __asan_memset+0x27/0x50 [ 12.077104] kmalloc_oob_in_memset+0x15f/0x320 [ 12.077125] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.077146] ? __schedule+0x10cc/0x2b60 [ 12.077167] ? __pfx_read_tsc+0x10/0x10 [ 12.077188] ? ktime_get_ts64+0x86/0x230 [ 12.077211] kunit_try_run_case+0x1a5/0x480 [ 12.077234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.077254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.077276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.077298] ? __kthread_parkme+0x82/0x180 [ 12.077317] ? preempt_count_sub+0x50/0x80 [ 12.077339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.077361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.077383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.077805] kthread+0x337/0x6f0 [ 12.077825] ? trace_preempt_on+0x20/0xc0 [ 12.077848] ? __pfx_kthread+0x10/0x10 [ 12.077867] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.077887] ? calculate_sigpending+0x7b/0xa0 [ 12.077909] ? __pfx_kthread+0x10/0x10 [ 12.077929] ret_from_fork+0x116/0x1d0 [ 12.077947] ? __pfx_kthread+0x10/0x10 [ 12.077966] ret_from_fork_asm+0x1a/0x30 [ 12.077995] </TASK> [ 12.078019] [ 12.088025] Allocated by task 187: [ 12.088326] kasan_save_stack+0x45/0x70 [ 12.088747] kasan_save_track+0x18/0x40 [ 12.088939] kasan_save_alloc_info+0x3b/0x50 [ 12.089303] __kasan_kmalloc+0xb7/0xc0 [ 12.089782] __kmalloc_cache_noprof+0x189/0x420 [ 12.090017] kmalloc_oob_in_memset+0xac/0x320 [ 12.090218] kunit_try_run_case+0x1a5/0x480 [ 12.090405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.090912] kthread+0x337/0x6f0 [ 12.091077] ret_from_fork+0x116/0x1d0 [ 12.091479] ret_from_fork_asm+0x1a/0x30 [ 12.091772] [ 12.091851] The buggy address belongs to the object at ffff888102fd1000 [ 12.091851] which belongs to the cache kmalloc-128 of size 128 [ 12.092515] The buggy address is located 0 bytes inside of [ 12.092515] allocated 120-byte region [ffff888102fd1000, ffff888102fd1078) [ 12.093155] [ 12.093364] The buggy address belongs to the physical page: [ 12.093726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1 [ 12.094084] flags: 0x200000000000000(node=0|zone=2) [ 12.094298] page_type: f5(slab) [ 12.094766] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.095123] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.095639] page dumped because: kasan: bad access detected [ 12.095839] [ 12.096089] Memory state around the buggy address: [ 12.096325] ffff888102fd0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.096796] ffff888102fd0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.097189] >ffff888102fd1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.097650] ^ [ 12.097946] ffff888102fd1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.098427] ffff888102fd1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.098829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.039102] ================================================================== [ 12.039506] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.039729] Read of size 16 at addr ffff888101ccd2c0 by task kunit_try_catch/185 [ 12.039953] [ 12.040050] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.040091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.040102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.040121] Call Trace: [ 12.040132] <TASK> [ 12.040146] dump_stack_lvl+0x73/0xb0 [ 12.040172] print_report+0xd1/0x610 [ 12.040193] ? __virt_addr_valid+0x1db/0x2d0 [ 12.040214] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.040232] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.040252] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.040272] kasan_report+0x141/0x180 [ 12.040292] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.040315] __asan_report_load16_noabort+0x18/0x20 [ 12.040338] kmalloc_uaf_16+0x47b/0x4c0 [ 12.040357] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.040377] ? __schedule+0x10cc/0x2b60 [ 12.040399] ? __pfx_read_tsc+0x10/0x10 [ 12.040418] ? ktime_get_ts64+0x86/0x230 [ 12.040441] kunit_try_run_case+0x1a5/0x480 [ 12.040463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.040484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.040506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.040527] ? __kthread_parkme+0x82/0x180 [ 12.040546] ? preempt_count_sub+0x50/0x80 [ 12.040568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.040590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.040612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.040633] kthread+0x337/0x6f0 [ 12.040651] ? trace_preempt_on+0x20/0xc0 [ 12.040672] ? __pfx_kthread+0x10/0x10 [ 12.040691] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.040710] ? calculate_sigpending+0x7b/0xa0 [ 12.040734] ? __pfx_kthread+0x10/0x10 [ 12.040754] ret_from_fork+0x116/0x1d0 [ 12.040770] ? __pfx_kthread+0x10/0x10 [ 12.040789] ret_from_fork_asm+0x1a/0x30 [ 12.040818] </TASK> [ 12.040828] [ 12.053950] Allocated by task 185: [ 12.054138] kasan_save_stack+0x45/0x70 [ 12.054559] kasan_save_track+0x18/0x40 [ 12.054948] kasan_save_alloc_info+0x3b/0x50 [ 12.055293] __kasan_kmalloc+0xb7/0xc0 [ 12.055656] __kmalloc_cache_noprof+0x189/0x420 [ 12.055956] kmalloc_uaf_16+0x15b/0x4c0 [ 12.056155] kunit_try_run_case+0x1a5/0x480 [ 12.056348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.056950] kthread+0x337/0x6f0 [ 12.057296] ret_from_fork+0x116/0x1d0 [ 12.057591] ret_from_fork_asm+0x1a/0x30 [ 12.057749] [ 12.057847] Freed by task 185: [ 12.058025] kasan_save_stack+0x45/0x70 [ 12.058216] kasan_save_track+0x18/0x40 [ 12.058374] kasan_save_free_info+0x3f/0x60 [ 12.059074] __kasan_slab_free+0x56/0x70 [ 12.059271] kfree+0x222/0x3f0 [ 12.059752] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.059951] kunit_try_run_case+0x1a5/0x480 [ 12.060277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.060751] kthread+0x337/0x6f0 [ 12.060931] ret_from_fork+0x116/0x1d0 [ 12.061313] ret_from_fork_asm+0x1a/0x30 [ 12.061768] [ 12.062015] The buggy address belongs to the object at ffff888101ccd2c0 [ 12.062015] which belongs to the cache kmalloc-16 of size 16 [ 12.062752] The buggy address is located 0 bytes inside of [ 12.062752] freed 16-byte region [ffff888101ccd2c0, ffff888101ccd2d0) [ 12.063293] [ 12.063613] The buggy address belongs to the physical page: [ 12.063847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ccd [ 12.064350] flags: 0x200000000000000(node=0|zone=2) [ 12.064832] page_type: f5(slab) [ 12.065019] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.065617] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.066135] page dumped because: kasan: bad access detected [ 12.066558] [ 12.066635] Memory state around the buggy address: [ 12.066842] ffff888101ccd180: fa fb fc fc fa fb fc fc 00 00 fc fc 00 00 fc fc [ 12.067155] ffff888101ccd200: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.067780] >ffff888101ccd280: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.068092] ^ [ 12.068305] ffff888101ccd300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.068856] ffff888101ccd380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069247] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.011062] ================================================================== [ 12.011636] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.012145] Write of size 16 at addr ffff888101df6ce0 by task kunit_try_catch/183 [ 12.012585] [ 12.012944] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.012999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.013020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.013042] Call Trace: [ 12.013053] <TASK> [ 12.013069] dump_stack_lvl+0x73/0xb0 [ 12.013100] print_report+0xd1/0x610 [ 12.013123] ? __virt_addr_valid+0x1db/0x2d0 [ 12.013146] ? kmalloc_oob_16+0x452/0x4a0 [ 12.013166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.013186] ? kmalloc_oob_16+0x452/0x4a0 [ 12.013206] kasan_report+0x141/0x180 [ 12.013227] ? kmalloc_oob_16+0x452/0x4a0 [ 12.013252] __asan_report_store16_noabort+0x1b/0x30 [ 12.013276] kmalloc_oob_16+0x452/0x4a0 [ 12.013296] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.013316] ? __schedule+0x10cc/0x2b60 [ 12.013338] ? __pfx_read_tsc+0x10/0x10 [ 12.013359] ? ktime_get_ts64+0x86/0x230 [ 12.013383] kunit_try_run_case+0x1a5/0x480 [ 12.013407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.013429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.013461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.013482] ? __kthread_parkme+0x82/0x180 [ 12.013502] ? preempt_count_sub+0x50/0x80 [ 12.013525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.013548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.013570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.013592] kthread+0x337/0x6f0 [ 12.013610] ? trace_preempt_on+0x20/0xc0 [ 12.013632] ? __pfx_kthread+0x10/0x10 [ 12.013652] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.013671] ? calculate_sigpending+0x7b/0xa0 [ 12.013695] ? __pfx_kthread+0x10/0x10 [ 12.013715] ret_from_fork+0x116/0x1d0 [ 12.013732] ? __pfx_kthread+0x10/0x10 [ 12.013751] ret_from_fork_asm+0x1a/0x30 [ 12.013781] </TASK> [ 12.013791] [ 12.024240] Allocated by task 183: [ 12.024394] kasan_save_stack+0x45/0x70 [ 12.024605] kasan_save_track+0x18/0x40 [ 12.025300] kasan_save_alloc_info+0x3b/0x50 [ 12.025464] __kasan_kmalloc+0xb7/0xc0 [ 12.026025] __kmalloc_cache_noprof+0x189/0x420 [ 12.026425] kmalloc_oob_16+0xa8/0x4a0 [ 12.026627] kunit_try_run_case+0x1a5/0x480 [ 12.026825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.027075] kthread+0x337/0x6f0 [ 12.027231] ret_from_fork+0x116/0x1d0 [ 12.027407] ret_from_fork_asm+0x1a/0x30 [ 12.027979] [ 12.028074] The buggy address belongs to the object at ffff888101df6ce0 [ 12.028074] which belongs to the cache kmalloc-16 of size 16 [ 12.028917] The buggy address is located 0 bytes inside of [ 12.028917] allocated 13-byte region [ffff888101df6ce0, ffff888101df6ced) [ 12.029708] [ 12.029820] The buggy address belongs to the physical page: [ 12.030042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 12.030821] flags: 0x200000000000000(node=0|zone=2) [ 12.031020] page_type: f5(slab) [ 12.031577] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.031891] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.032451] page dumped because: kasan: bad access detected [ 12.032829] [ 12.032954] Memory state around the buggy address: [ 12.033429] ffff888101df6b80: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.033908] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.034254] >ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 12.034812] ^ [ 12.035115] ffff888101df6d00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.035687] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.973270] ================================================================== [ 11.973918] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.974243] Read of size 1 at addr ffff888100350600 by task kunit_try_catch/181 [ 11.974824] [ 11.975197] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.975245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.975256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.975275] Call Trace: [ 11.975289] <TASK> [ 11.975304] dump_stack_lvl+0x73/0xb0 [ 11.975334] print_report+0xd1/0x610 [ 11.975356] ? __virt_addr_valid+0x1db/0x2d0 [ 11.975409] ? krealloc_uaf+0x53c/0x5e0 [ 11.975429] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.975464] ? krealloc_uaf+0x53c/0x5e0 [ 11.975484] kasan_report+0x141/0x180 [ 11.975505] ? krealloc_uaf+0x53c/0x5e0 [ 11.975530] __asan_report_load1_noabort+0x18/0x20 [ 11.975553] krealloc_uaf+0x53c/0x5e0 [ 11.975573] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.975593] ? finish_task_switch.isra.0+0x153/0x700 [ 11.975613] ? __switch_to+0x47/0xf50 [ 11.975638] ? __schedule+0x10cc/0x2b60 [ 11.975659] ? __pfx_read_tsc+0x10/0x10 [ 11.975680] ? ktime_get_ts64+0x86/0x230 [ 11.975704] kunit_try_run_case+0x1a5/0x480 [ 11.975727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.975748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.975770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.975792] ? __kthread_parkme+0x82/0x180 [ 11.975811] ? preempt_count_sub+0x50/0x80 [ 11.975832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.975855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.975876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.975898] kthread+0x337/0x6f0 [ 11.975917] ? trace_preempt_on+0x20/0xc0 [ 11.975938] ? __pfx_kthread+0x10/0x10 [ 11.975957] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.975977] ? calculate_sigpending+0x7b/0xa0 [ 11.976000] ? __pfx_kthread+0x10/0x10 [ 11.976032] ret_from_fork+0x116/0x1d0 [ 11.976050] ? __pfx_kthread+0x10/0x10 [ 11.976069] ret_from_fork_asm+0x1a/0x30 [ 11.976098] </TASK> [ 11.976107] [ 11.986733] Allocated by task 181: [ 11.986916] kasan_save_stack+0x45/0x70 [ 11.987124] kasan_save_track+0x18/0x40 [ 11.987312] kasan_save_alloc_info+0x3b/0x50 [ 11.988218] __kasan_kmalloc+0xb7/0xc0 [ 11.988387] __kmalloc_cache_noprof+0x189/0x420 [ 11.988547] krealloc_uaf+0xbb/0x5e0 [ 11.988681] kunit_try_run_case+0x1a5/0x480 [ 11.988826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.989014] kthread+0x337/0x6f0 [ 11.989184] ret_from_fork+0x116/0x1d0 [ 11.989370] ret_from_fork_asm+0x1a/0x30 [ 11.989566] [ 11.989664] Freed by task 181: [ 11.989823] kasan_save_stack+0x45/0x70 [ 11.990150] kasan_save_track+0x18/0x40 [ 11.990572] kasan_save_free_info+0x3f/0x60 [ 11.990795] __kasan_slab_free+0x56/0x70 [ 11.990993] kfree+0x222/0x3f0 [ 11.991271] krealloc_uaf+0x13d/0x5e0 [ 11.991613] kunit_try_run_case+0x1a5/0x480 [ 11.992045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.992325] kthread+0x337/0x6f0 [ 11.992760] ret_from_fork+0x116/0x1d0 [ 11.993025] ret_from_fork_asm+0x1a/0x30 [ 11.993163] [ 11.993234] The buggy address belongs to the object at ffff888100350600 [ 11.993234] which belongs to the cache kmalloc-256 of size 256 [ 11.994228] The buggy address is located 0 bytes inside of [ 11.994228] freed 256-byte region [ffff888100350600, ffff888100350700) [ 11.995546] [ 11.995735] The buggy address belongs to the physical page: [ 11.996069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.996571] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.997139] flags: 0x200000000000040(head|node=0|zone=2) [ 11.997321] page_type: f5(slab) [ 11.997723] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.998438] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.999122] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.999943] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.001315] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 12.002317] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.003158] page dumped because: kasan: bad access detected [ 12.004165] [ 12.004705] Memory state around the buggy address: [ 12.005683] ffff888100350500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.006112] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.006330] >ffff888100350600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.006867] ^ [ 12.007061] ffff888100350680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.007399] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007699] ================================================================== [ 11.944083] ================================================================== [ 11.944877] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.945227] Read of size 1 at addr ffff888100350600 by task kunit_try_catch/181 [ 11.945712] [ 11.945832] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.945876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.945886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.945907] Call Trace: [ 11.945917] <TASK> [ 11.945931] dump_stack_lvl+0x73/0xb0 [ 11.945961] print_report+0xd1/0x610 [ 11.945982] ? __virt_addr_valid+0x1db/0x2d0 [ 11.946017] ? krealloc_uaf+0x1b8/0x5e0 [ 11.946038] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.946059] ? krealloc_uaf+0x1b8/0x5e0 [ 11.946079] kasan_report+0x141/0x180 [ 11.946100] ? krealloc_uaf+0x1b8/0x5e0 [ 11.946123] ? krealloc_uaf+0x1b8/0x5e0 [ 11.946143] __kasan_check_byte+0x3d/0x50 [ 11.946163] krealloc_noprof+0x3f/0x340 [ 11.946185] krealloc_uaf+0x1b8/0x5e0 [ 11.946206] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.946225] ? finish_task_switch.isra.0+0x153/0x700 [ 11.946245] ? __switch_to+0x47/0xf50 [ 11.946270] ? __schedule+0x10cc/0x2b60 [ 11.946292] ? __pfx_read_tsc+0x10/0x10 [ 11.946311] ? ktime_get_ts64+0x86/0x230 [ 11.946334] kunit_try_run_case+0x1a5/0x480 [ 11.946358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.946402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.946452] ? __kthread_parkme+0x82/0x180 [ 11.946473] ? preempt_count_sub+0x50/0x80 [ 11.946494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.946551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.946573] kthread+0x337/0x6f0 [ 11.946591] ? trace_preempt_on+0x20/0xc0 [ 11.946613] ? __pfx_kthread+0x10/0x10 [ 11.946633] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.946652] ? calculate_sigpending+0x7b/0xa0 [ 11.946675] ? __pfx_kthread+0x10/0x10 [ 11.946695] ret_from_fork+0x116/0x1d0 [ 11.946712] ? __pfx_kthread+0x10/0x10 [ 11.946732] ret_from_fork_asm+0x1a/0x30 [ 11.946761] </TASK> [ 11.946771] [ 11.955854] Allocated by task 181: [ 11.956054] kasan_save_stack+0x45/0x70 [ 11.956243] kasan_save_track+0x18/0x40 [ 11.956377] kasan_save_alloc_info+0x3b/0x50 [ 11.956586] __kasan_kmalloc+0xb7/0xc0 [ 11.957028] __kmalloc_cache_noprof+0x189/0x420 [ 11.957276] krealloc_uaf+0xbb/0x5e0 [ 11.957617] kunit_try_run_case+0x1a5/0x480 [ 11.957769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.958100] kthread+0x337/0x6f0 [ 11.958324] ret_from_fork+0x116/0x1d0 [ 11.958488] ret_from_fork_asm+0x1a/0x30 [ 11.958626] [ 11.958696] Freed by task 181: [ 11.958858] kasan_save_stack+0x45/0x70 [ 11.959128] kasan_save_track+0x18/0x40 [ 11.959324] kasan_save_free_info+0x3f/0x60 [ 11.959797] __kasan_slab_free+0x56/0x70 [ 11.959968] kfree+0x222/0x3f0 [ 11.960173] krealloc_uaf+0x13d/0x5e0 [ 11.960528] kunit_try_run_case+0x1a5/0x480 [ 11.960752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.960928] kthread+0x337/0x6f0 [ 11.961103] ret_from_fork+0x116/0x1d0 [ 11.961296] ret_from_fork_asm+0x1a/0x30 [ 11.961783] [ 11.961892] The buggy address belongs to the object at ffff888100350600 [ 11.961892] which belongs to the cache kmalloc-256 of size 256 [ 11.962744] The buggy address is located 0 bytes inside of [ 11.962744] freed 256-byte region [ffff888100350600, ffff888100350700) [ 11.963120] [ 11.963222] The buggy address belongs to the physical page: [ 11.963973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.964807] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.965265] flags: 0x200000000000040(head|node=0|zone=2) [ 11.965846] page_type: f5(slab) [ 11.965979] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.966612] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.967037] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.967647] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.967947] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.968404] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.969024] page dumped because: kasan: bad access detected [ 11.969558] [ 11.969655] Memory state around the buggy address: [ 11.969885] ffff888100350500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.970192] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.970810] >ffff888100350600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.971060] ^ [ 11.971423] ffff888100350680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.971996] ffff888100350700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.972472] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.842210] ================================================================== [ 11.842938] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.843301] Write of size 1 at addr ffff888102a3a0c9 by task kunit_try_catch/179 [ 11.843569] [ 11.843723] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.843921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.843937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.843981] Call Trace: [ 11.843992] <TASK> [ 11.844015] dump_stack_lvl+0x73/0xb0 [ 11.844045] print_report+0xd1/0x610 [ 11.844066] ? __virt_addr_valid+0x1db/0x2d0 [ 11.844087] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.844110] ? kasan_addr_to_slab+0x11/0xa0 [ 11.844129] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.844151] kasan_report+0x141/0x180 [ 11.844172] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.844199] __asan_report_store1_noabort+0x1b/0x30 [ 11.844222] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.844246] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.844269] ? finish_task_switch.isra.0+0x153/0x700 [ 11.844289] ? __switch_to+0x47/0xf50 [ 11.844312] ? __schedule+0x10cc/0x2b60 [ 11.844333] ? __pfx_read_tsc+0x10/0x10 [ 11.844356] krealloc_large_less_oob+0x1c/0x30 [ 11.844378] kunit_try_run_case+0x1a5/0x480 [ 11.844586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.844609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.844631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.844653] ? __kthread_parkme+0x82/0x180 [ 11.844673] ? preempt_count_sub+0x50/0x80 [ 11.844695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.844718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.844740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.844762] kthread+0x337/0x6f0 [ 11.844781] ? trace_preempt_on+0x20/0xc0 [ 11.844802] ? __pfx_kthread+0x10/0x10 [ 11.844821] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.844841] ? calculate_sigpending+0x7b/0xa0 [ 11.844865] ? __pfx_kthread+0x10/0x10 [ 11.844885] ret_from_fork+0x116/0x1d0 [ 11.844903] ? __pfx_kthread+0x10/0x10 [ 11.844922] ret_from_fork_asm+0x1a/0x30 [ 11.844951] </TASK> [ 11.844961] [ 11.852954] The buggy address belongs to the physical page: [ 11.853205] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.853630] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.853931] flags: 0x200000000000040(head|node=0|zone=2) [ 11.854203] page_type: f8(unknown) [ 11.854380] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.854629] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.854889] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.855240] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.855631] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.855897] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.856238] page dumped because: kasan: bad access detected [ 11.856614] [ 11.856698] Memory state around the buggy address: [ 11.856853] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.857118] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.857479] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.857908] ^ [ 11.858157] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.858373] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.858698] ================================================================== [ 11.876988] ================================================================== [ 11.877745] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.878122] Write of size 1 at addr ffff888102a3a0da by task kunit_try_catch/179 [ 11.878491] [ 11.878621] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.878662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.878672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.878702] Call Trace: [ 11.878714] <TASK> [ 11.878727] dump_stack_lvl+0x73/0xb0 [ 11.878753] print_report+0xd1/0x610 [ 11.878774] ? __virt_addr_valid+0x1db/0x2d0 [ 11.878795] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.878817] ? kasan_addr_to_slab+0x11/0xa0 [ 11.878838] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.878860] kasan_report+0x141/0x180 [ 11.878912] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.878940] __asan_report_store1_noabort+0x1b/0x30 [ 11.878974] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.878998] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.879032] ? finish_task_switch.isra.0+0x153/0x700 [ 11.879052] ? __switch_to+0x47/0xf50 [ 11.879076] ? __schedule+0x10cc/0x2b60 [ 11.879097] ? __pfx_read_tsc+0x10/0x10 [ 11.879119] krealloc_large_less_oob+0x1c/0x30 [ 11.879141] kunit_try_run_case+0x1a5/0x480 [ 11.879164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.879213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.879236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.879258] ? __kthread_parkme+0x82/0x180 [ 11.879287] ? preempt_count_sub+0x50/0x80 [ 11.879309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.879332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.879353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.879375] kthread+0x337/0x6f0 [ 11.879393] ? trace_preempt_on+0x20/0xc0 [ 11.879414] ? __pfx_kthread+0x10/0x10 [ 11.879434] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.879455] ? calculate_sigpending+0x7b/0xa0 [ 11.879479] ? __pfx_kthread+0x10/0x10 [ 11.879500] ret_from_fork+0x116/0x1d0 [ 11.879524] ? __pfx_kthread+0x10/0x10 [ 11.879543] ret_from_fork_asm+0x1a/0x30 [ 11.879572] </TASK> [ 11.879582] [ 11.887278] The buggy address belongs to the physical page: [ 11.887580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.888363] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.888738] flags: 0x200000000000040(head|node=0|zone=2) [ 11.888961] page_type: f8(unknown) [ 11.889156] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.890089] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.890543] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.891025] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.891381] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.891974] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.892411] page dumped because: kasan: bad access detected [ 11.892784] [ 11.892886] Memory state around the buggy address: [ 11.893310] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.893748] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.894080] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.894380] ^ [ 11.894865] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.895278] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.895794] ================================================================== [ 11.771231] ================================================================== [ 11.771481] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.771899] Write of size 1 at addr ffff888100a240eb by task kunit_try_catch/175 [ 11.772601] [ 11.772704] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.772783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.772795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.772827] Call Trace: [ 11.772852] <TASK> [ 11.772866] dump_stack_lvl+0x73/0xb0 [ 11.772893] print_report+0xd1/0x610 [ 11.772914] ? __virt_addr_valid+0x1db/0x2d0 [ 11.772934] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.772956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.772985] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.773018] kasan_report+0x141/0x180 [ 11.773038] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.773066] __asan_report_store1_noabort+0x1b/0x30 [ 11.773089] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.773114] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.773137] ? finish_task_switch.isra.0+0x153/0x700 [ 11.773157] ? __switch_to+0x47/0xf50 [ 11.773180] ? __schedule+0x10cc/0x2b60 [ 11.773203] ? __pfx_read_tsc+0x10/0x10 [ 11.773226] krealloc_less_oob+0x1c/0x30 [ 11.773246] kunit_try_run_case+0x1a5/0x480 [ 11.773269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.773290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.773312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.773333] ? __kthread_parkme+0x82/0x180 [ 11.773352] ? preempt_count_sub+0x50/0x80 [ 11.773453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.773476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.773498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.773520] kthread+0x337/0x6f0 [ 11.773539] ? trace_preempt_on+0x20/0xc0 [ 11.773560] ? __pfx_kthread+0x10/0x10 [ 11.773580] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.773637] ? calculate_sigpending+0x7b/0xa0 [ 11.773662] ? __pfx_kthread+0x10/0x10 [ 11.773682] ret_from_fork+0x116/0x1d0 [ 11.773712] ? __pfx_kthread+0x10/0x10 [ 11.773732] ret_from_fork_asm+0x1a/0x30 [ 11.773761] </TASK> [ 11.773770] [ 11.782257] Allocated by task 175: [ 11.782453] kasan_save_stack+0x45/0x70 [ 11.782777] kasan_save_track+0x18/0x40 [ 11.782950] kasan_save_alloc_info+0x3b/0x50 [ 11.783182] __kasan_krealloc+0x190/0x1f0 [ 11.783418] krealloc_noprof+0xf3/0x340 [ 11.783572] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.783949] krealloc_less_oob+0x1c/0x30 [ 11.784184] kunit_try_run_case+0x1a5/0x480 [ 11.784529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.785071] kthread+0x337/0x6f0 [ 11.785198] ret_from_fork+0x116/0x1d0 [ 11.785370] ret_from_fork_asm+0x1a/0x30 [ 11.785598] [ 11.785833] The buggy address belongs to the object at ffff888100a24000 [ 11.785833] which belongs to the cache kmalloc-256 of size 256 [ 11.786237] The buggy address is located 34 bytes to the right of [ 11.786237] allocated 201-byte region [ffff888100a24000, ffff888100a240c9) [ 11.787109] [ 11.787185] The buggy address belongs to the physical page: [ 11.787365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 11.787693] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.787990] flags: 0x200000000000040(head|node=0|zone=2) [ 11.788200] page_type: f5(slab) [ 11.788359] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.788803] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.789213] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.789680] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.790145] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 11.790566] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.790878] page dumped because: kasan: bad access detected [ 11.791135] [ 11.791213] Memory state around the buggy address: [ 11.791532] ffff888100a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.791763] ffff888100a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.792078] >ffff888100a24080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.792547] ^ [ 11.792897] ffff888100a24100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.793235] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.793456] ================================================================== [ 11.723571] ================================================================== [ 11.723840] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.724197] Write of size 1 at addr ffff888100a240da by task kunit_try_catch/175 [ 11.724811] [ 11.724944] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.725016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.725027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.725046] Call Trace: [ 11.725058] <TASK> [ 11.725071] dump_stack_lvl+0x73/0xb0 [ 11.725099] print_report+0xd1/0x610 [ 11.725119] ? __virt_addr_valid+0x1db/0x2d0 [ 11.725141] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.725163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.725184] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.725206] kasan_report+0x141/0x180 [ 11.725227] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.725254] __asan_report_store1_noabort+0x1b/0x30 [ 11.725277] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.725301] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.725324] ? finish_task_switch.isra.0+0x153/0x700 [ 11.725344] ? __switch_to+0x47/0xf50 [ 11.725441] ? __schedule+0x10cc/0x2b60 [ 11.725468] ? __pfx_read_tsc+0x10/0x10 [ 11.725532] krealloc_less_oob+0x1c/0x30 [ 11.725553] kunit_try_run_case+0x1a5/0x480 [ 11.725588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.725609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.725660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.725682] ? __kthread_parkme+0x82/0x180 [ 11.725703] ? preempt_count_sub+0x50/0x80 [ 11.725736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.725760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.725781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.725803] kthread+0x337/0x6f0 [ 11.725822] ? trace_preempt_on+0x20/0xc0 [ 11.725843] ? __pfx_kthread+0x10/0x10 [ 11.725862] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.725882] ? calculate_sigpending+0x7b/0xa0 [ 11.725907] ? __pfx_kthread+0x10/0x10 [ 11.725927] ret_from_fork+0x116/0x1d0 [ 11.725944] ? __pfx_kthread+0x10/0x10 [ 11.725963] ret_from_fork_asm+0x1a/0x30 [ 11.725993] </TASK> [ 11.726002] [ 11.735136] Allocated by task 175: [ 11.735355] kasan_save_stack+0x45/0x70 [ 11.735575] kasan_save_track+0x18/0x40 [ 11.735846] kasan_save_alloc_info+0x3b/0x50 [ 11.736087] __kasan_krealloc+0x190/0x1f0 [ 11.736287] krealloc_noprof+0xf3/0x340 [ 11.736550] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.736949] krealloc_less_oob+0x1c/0x30 [ 11.737197] kunit_try_run_case+0x1a5/0x480 [ 11.737499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.737752] kthread+0x337/0x6f0 [ 11.738029] ret_from_fork+0x116/0x1d0 [ 11.738166] ret_from_fork_asm+0x1a/0x30 [ 11.738304] [ 11.738460] The buggy address belongs to the object at ffff888100a24000 [ 11.738460] which belongs to the cache kmalloc-256 of size 256 [ 11.739168] The buggy address is located 17 bytes to the right of [ 11.739168] allocated 201-byte region [ffff888100a24000, ffff888100a240c9) [ 11.740155] [ 11.740296] The buggy address belongs to the physical page: [ 11.740489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 11.741261] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.741501] flags: 0x200000000000040(head|node=0|zone=2) [ 11.741861] page_type: f5(slab) [ 11.742103] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.742530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.742855] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.743147] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.743683] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 11.743996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.744328] page dumped because: kasan: bad access detected [ 11.744722] [ 11.744822] Memory state around the buggy address: [ 11.745065] ffff888100a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.745452] ffff888100a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.745770] >ffff888100a24080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.746068] ^ [ 11.746300] ffff888100a24100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.746828] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.747118] ================================================================== [ 11.699995] ================================================================== [ 11.700368] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.700609] Write of size 1 at addr ffff888100a240d0 by task kunit_try_catch/175 [ 11.701373] [ 11.701749] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.701807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.701818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.701838] Call Trace: [ 11.701853] <TASK> [ 11.701868] dump_stack_lvl+0x73/0xb0 [ 11.701895] print_report+0xd1/0x610 [ 11.701916] ? __virt_addr_valid+0x1db/0x2d0 [ 11.701937] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.701959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.701980] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.702002] kasan_report+0x141/0x180 [ 11.702034] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.702061] __asan_report_store1_noabort+0x1b/0x30 [ 11.702083] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.702108] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.702131] ? finish_task_switch.isra.0+0x153/0x700 [ 11.702151] ? __switch_to+0x47/0xf50 [ 11.702174] ? __schedule+0x10cc/0x2b60 [ 11.702196] ? __pfx_read_tsc+0x10/0x10 [ 11.702219] krealloc_less_oob+0x1c/0x30 [ 11.702239] kunit_try_run_case+0x1a5/0x480 [ 11.702262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.702305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.702327] ? __kthread_parkme+0x82/0x180 [ 11.702346] ? preempt_count_sub+0x50/0x80 [ 11.702611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.702640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.702677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.702700] kthread+0x337/0x6f0 [ 11.702718] ? trace_preempt_on+0x20/0xc0 [ 11.702740] ? __pfx_kthread+0x10/0x10 [ 11.702760] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.702780] ? calculate_sigpending+0x7b/0xa0 [ 11.702805] ? __pfx_kthread+0x10/0x10 [ 11.702825] ret_from_fork+0x116/0x1d0 [ 11.702843] ? __pfx_kthread+0x10/0x10 [ 11.702862] ret_from_fork_asm+0x1a/0x30 [ 11.702892] </TASK> [ 11.702901] [ 11.711798] Allocated by task 175: [ 11.711927] kasan_save_stack+0x45/0x70 [ 11.712172] kasan_save_track+0x18/0x40 [ 11.712362] kasan_save_alloc_info+0x3b/0x50 [ 11.712628] __kasan_krealloc+0x190/0x1f0 [ 11.712832] krealloc_noprof+0xf3/0x340 [ 11.713051] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.713273] krealloc_less_oob+0x1c/0x30 [ 11.713485] kunit_try_run_case+0x1a5/0x480 [ 11.713693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.714079] kthread+0x337/0x6f0 [ 11.714253] ret_from_fork+0x116/0x1d0 [ 11.714399] ret_from_fork_asm+0x1a/0x30 [ 11.714628] [ 11.714778] The buggy address belongs to the object at ffff888100a24000 [ 11.714778] which belongs to the cache kmalloc-256 of size 256 [ 11.715452] The buggy address is located 7 bytes to the right of [ 11.715452] allocated 201-byte region [ffff888100a24000, ffff888100a240c9) [ 11.716080] [ 11.716153] The buggy address belongs to the physical page: [ 11.716322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 11.716807] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.717177] flags: 0x200000000000040(head|node=0|zone=2) [ 11.717551] page_type: f5(slab) [ 11.717720] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.718039] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.718615] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.718948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.719197] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 11.719737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.720172] page dumped because: kasan: bad access detected [ 11.720622] [ 11.720765] Memory state around the buggy address: [ 11.720947] ffff888100a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721296] ffff888100a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.721689] >ffff888100a24080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.722029] ^ [ 11.722333] ffff888100a24100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722714] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722932] ================================================================== [ 11.747673] ================================================================== [ 11.748018] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.748338] Write of size 1 at addr ffff888100a240ea by task kunit_try_catch/175 [ 11.748808] [ 11.748923] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.748966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.748981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.749000] Call Trace: [ 11.749027] <TASK> [ 11.749039] dump_stack_lvl+0x73/0xb0 [ 11.749067] print_report+0xd1/0x610 [ 11.749087] ? __virt_addr_valid+0x1db/0x2d0 [ 11.749108] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.749130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.749150] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.749173] kasan_report+0x141/0x180 [ 11.749194] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.749221] __asan_report_store1_noabort+0x1b/0x30 [ 11.749245] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.749270] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.749292] ? finish_task_switch.isra.0+0x153/0x700 [ 11.749313] ? __switch_to+0x47/0xf50 [ 11.749337] ? __schedule+0x10cc/0x2b60 [ 11.749357] ? __pfx_read_tsc+0x10/0x10 [ 11.749487] krealloc_less_oob+0x1c/0x30 [ 11.749508] kunit_try_run_case+0x1a5/0x480 [ 11.749531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.749552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.749575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.749596] ? __kthread_parkme+0x82/0x180 [ 11.749615] ? preempt_count_sub+0x50/0x80 [ 11.749637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.749660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.749681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.749703] kthread+0x337/0x6f0 [ 11.749721] ? trace_preempt_on+0x20/0xc0 [ 11.749742] ? __pfx_kthread+0x10/0x10 [ 11.749762] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.749782] ? calculate_sigpending+0x7b/0xa0 [ 11.749805] ? __pfx_kthread+0x10/0x10 [ 11.749826] ret_from_fork+0x116/0x1d0 [ 11.749883] ? __pfx_kthread+0x10/0x10 [ 11.749904] ret_from_fork_asm+0x1a/0x30 [ 11.749933] </TASK> [ 11.749953] [ 11.758282] Allocated by task 175: [ 11.758682] kasan_save_stack+0x45/0x70 [ 11.758906] kasan_save_track+0x18/0x40 [ 11.759185] kasan_save_alloc_info+0x3b/0x50 [ 11.759531] __kasan_krealloc+0x190/0x1f0 [ 11.759781] krealloc_noprof+0xf3/0x340 [ 11.759956] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.760198] krealloc_less_oob+0x1c/0x30 [ 11.760347] kunit_try_run_case+0x1a5/0x480 [ 11.760605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.760957] kthread+0x337/0x6f0 [ 11.761166] ret_from_fork+0x116/0x1d0 [ 11.761301] ret_from_fork_asm+0x1a/0x30 [ 11.761686] [ 11.761786] The buggy address belongs to the object at ffff888100a24000 [ 11.761786] which belongs to the cache kmalloc-256 of size 256 [ 11.762273] The buggy address is located 33 bytes to the right of [ 11.762273] allocated 201-byte region [ffff888100a24000, ffff888100a240c9) [ 11.763242] [ 11.763353] The buggy address belongs to the physical page: [ 11.763624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 11.763912] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.764323] flags: 0x200000000000040(head|node=0|zone=2) [ 11.764581] page_type: f5(slab) [ 11.764752] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.765244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.765781] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.766030] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.766322] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 11.766953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.767288] page dumped because: kasan: bad access detected [ 11.767871] [ 11.767950] Memory state around the buggy address: [ 11.768138] ffff888100a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.768537] ffff888100a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.769251] >ffff888100a24080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.769660] ^ [ 11.770138] ffff888100a24100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.770492] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.770774] ================================================================== [ 11.664150] ================================================================== [ 11.665505] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.666753] Write of size 1 at addr ffff888100a240c9 by task kunit_try_catch/175 [ 11.667328] [ 11.667578] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.667704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.667717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.667738] Call Trace: [ 11.667763] <TASK> [ 11.667778] dump_stack_lvl+0x73/0xb0 [ 11.667816] print_report+0xd1/0x610 [ 11.667837] ? __virt_addr_valid+0x1db/0x2d0 [ 11.667860] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.667882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.667903] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.667925] kasan_report+0x141/0x180 [ 11.667945] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.667972] __asan_report_store1_noabort+0x1b/0x30 [ 11.667995] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.668030] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.668052] ? finish_task_switch.isra.0+0x153/0x700 [ 11.668074] ? __switch_to+0x47/0xf50 [ 11.668099] ? __schedule+0x10cc/0x2b60 [ 11.668120] ? __pfx_read_tsc+0x10/0x10 [ 11.668144] krealloc_less_oob+0x1c/0x30 [ 11.668164] kunit_try_run_case+0x1a5/0x480 [ 11.668188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.668210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.668232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.668254] ? __kthread_parkme+0x82/0x180 [ 11.668273] ? preempt_count_sub+0x50/0x80 [ 11.668294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.668317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.668338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.668360] kthread+0x337/0x6f0 [ 11.668411] ? trace_preempt_on+0x20/0xc0 [ 11.668451] ? __pfx_kthread+0x10/0x10 [ 11.668471] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.668491] ? calculate_sigpending+0x7b/0xa0 [ 11.668516] ? __pfx_kthread+0x10/0x10 [ 11.668536] ret_from_fork+0x116/0x1d0 [ 11.668554] ? __pfx_kthread+0x10/0x10 [ 11.668573] ret_from_fork_asm+0x1a/0x30 [ 11.668602] </TASK> [ 11.668612] [ 11.683320] Allocated by task 175: [ 11.683685] kasan_save_stack+0x45/0x70 [ 11.684169] kasan_save_track+0x18/0x40 [ 11.684590] kasan_save_alloc_info+0x3b/0x50 [ 11.684843] __kasan_krealloc+0x190/0x1f0 [ 11.685151] krealloc_noprof+0xf3/0x340 [ 11.685593] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.686101] krealloc_less_oob+0x1c/0x30 [ 11.686487] kunit_try_run_case+0x1a5/0x480 [ 11.686813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.687257] kthread+0x337/0x6f0 [ 11.687543] ret_from_fork+0x116/0x1d0 [ 11.687708] ret_from_fork_asm+0x1a/0x30 [ 11.687958] [ 11.688148] The buggy address belongs to the object at ffff888100a24000 [ 11.688148] which belongs to the cache kmalloc-256 of size 256 [ 11.689360] The buggy address is located 0 bytes to the right of [ 11.689360] allocated 201-byte region [ffff888100a24000, ffff888100a240c9) [ 11.690261] [ 11.690339] The buggy address belongs to the physical page: [ 11.690747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 11.691175] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.691556] flags: 0x200000000000040(head|node=0|zone=2) [ 11.692070] page_type: f5(slab) [ 11.692437] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.693152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.693607] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.694287] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.695014] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 11.695335] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.696142] page dumped because: kasan: bad access detected [ 11.696733] [ 11.696858] Memory state around the buggy address: [ 11.697035] ffff888100a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.697250] ffff888100a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.697482] >ffff888100a24080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.698188] ^ [ 11.698407] ffff888100a24100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.698966] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.699338] ================================================================== [ 11.859881] ================================================================== [ 11.860209] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.860612] Write of size 1 at addr ffff888102a3a0d0 by task kunit_try_catch/179 [ 11.860948] [ 11.861102] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.861142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.861164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.861184] Call Trace: [ 11.861194] <TASK> [ 11.861207] dump_stack_lvl+0x73/0xb0 [ 11.861234] print_report+0xd1/0x610 [ 11.861255] ? __virt_addr_valid+0x1db/0x2d0 [ 11.861276] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.861298] ? kasan_addr_to_slab+0x11/0xa0 [ 11.861317] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.861339] kasan_report+0x141/0x180 [ 11.861360] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.861387] __asan_report_store1_noabort+0x1b/0x30 [ 11.861410] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.861435] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.861457] ? finish_task_switch.isra.0+0x153/0x700 [ 11.861477] ? __switch_to+0x47/0xf50 [ 11.861500] ? __schedule+0x10cc/0x2b60 [ 11.861555] ? __pfx_read_tsc+0x10/0x10 [ 11.861578] krealloc_large_less_oob+0x1c/0x30 [ 11.861636] kunit_try_run_case+0x1a5/0x480 [ 11.861661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.861683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.861715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.861737] ? __kthread_parkme+0x82/0x180 [ 11.861756] ? preempt_count_sub+0x50/0x80 [ 11.861778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.861801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.861822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.861844] kthread+0x337/0x6f0 [ 11.861892] ? trace_preempt_on+0x20/0xc0 [ 11.861913] ? __pfx_kthread+0x10/0x10 [ 11.861953] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.861974] ? calculate_sigpending+0x7b/0xa0 [ 11.861998] ? __pfx_kthread+0x10/0x10 [ 11.862026] ret_from_fork+0x116/0x1d0 [ 11.862044] ? __pfx_kthread+0x10/0x10 [ 11.862063] ret_from_fork_asm+0x1a/0x30 [ 11.862092] </TASK> [ 11.862101] [ 11.870080] The buggy address belongs to the physical page: [ 11.870378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.871027] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.871281] flags: 0x200000000000040(head|node=0|zone=2) [ 11.871577] page_type: f8(unknown) [ 11.871861] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.872144] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.872566] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.872915] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.873169] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.873649] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.873955] page dumped because: kasan: bad access detected [ 11.874247] [ 11.874341] Memory state around the buggy address: [ 11.874650] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.874878] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.875220] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.875541] ^ [ 11.875722] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.876127] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.876408] ================================================================== [ 11.918598] ================================================================== [ 11.919657] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.920084] Write of size 1 at addr ffff888102a3a0eb by task kunit_try_catch/179 [ 11.920701] [ 11.920838] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.921052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.921066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.921085] Call Trace: [ 11.921099] <TASK> [ 11.921112] dump_stack_lvl+0x73/0xb0 [ 11.921140] print_report+0xd1/0x610 [ 11.921161] ? __virt_addr_valid+0x1db/0x2d0 [ 11.921181] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.921204] ? kasan_addr_to_slab+0x11/0xa0 [ 11.921223] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.921246] kasan_report+0x141/0x180 [ 11.921267] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.921294] __asan_report_store1_noabort+0x1b/0x30 [ 11.921317] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.921341] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.921364] ? finish_task_switch.isra.0+0x153/0x700 [ 11.921384] ? __switch_to+0x47/0xf50 [ 11.921418] ? __schedule+0x10cc/0x2b60 [ 11.921439] ? __pfx_read_tsc+0x10/0x10 [ 11.921463] krealloc_large_less_oob+0x1c/0x30 [ 11.921486] kunit_try_run_case+0x1a5/0x480 [ 11.921509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.921530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.921552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.921574] ? __kthread_parkme+0x82/0x180 [ 11.921593] ? preempt_count_sub+0x50/0x80 [ 11.921615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.921637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.921659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.921681] kthread+0x337/0x6f0 [ 11.921699] ? trace_preempt_on+0x20/0xc0 [ 11.921720] ? __pfx_kthread+0x10/0x10 [ 11.921739] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.921759] ? calculate_sigpending+0x7b/0xa0 [ 11.921783] ? __pfx_kthread+0x10/0x10 [ 11.921804] ret_from_fork+0x116/0x1d0 [ 11.921821] ? __pfx_kthread+0x10/0x10 [ 11.921840] ret_from_fork_asm+0x1a/0x30 [ 11.921869] </TASK> [ 11.921878] [ 11.932961] The buggy address belongs to the physical page: [ 11.933262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.933839] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.934285] flags: 0x200000000000040(head|node=0|zone=2) [ 11.934667] page_type: f8(unknown) [ 11.935016] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.935337] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.935815] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.936172] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.936674] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.937026] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.937346] page dumped because: kasan: bad access detected [ 11.937778] [ 11.937879] Memory state around the buggy address: [ 11.938093] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.938406] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.938714] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.938987] ^ [ 11.939285] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.939696] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.939985] ================================================================== [ 11.896485] ================================================================== [ 11.897271] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.897803] Write of size 1 at addr ffff888102a3a0ea by task kunit_try_catch/179 [ 11.898131] [ 11.898223] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.898263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.898274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.898293] Call Trace: [ 11.898306] <TASK> [ 11.898318] dump_stack_lvl+0x73/0xb0 [ 11.898345] print_report+0xd1/0x610 [ 11.898366] ? __virt_addr_valid+0x1db/0x2d0 [ 11.898387] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.898748] ? kasan_addr_to_slab+0x11/0xa0 [ 11.898769] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.898791] kasan_report+0x141/0x180 [ 11.898813] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.898840] __asan_report_store1_noabort+0x1b/0x30 [ 11.898864] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.898890] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.898913] ? finish_task_switch.isra.0+0x153/0x700 [ 11.898935] ? __switch_to+0x47/0xf50 [ 11.898959] ? __schedule+0x10cc/0x2b60 [ 11.898981] ? __pfx_read_tsc+0x10/0x10 [ 11.899015] krealloc_large_less_oob+0x1c/0x30 [ 11.899038] kunit_try_run_case+0x1a5/0x480 [ 11.899061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.899082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.899105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.899127] ? __kthread_parkme+0x82/0x180 [ 11.899146] ? preempt_count_sub+0x50/0x80 [ 11.899167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.899190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.899211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.899233] kthread+0x337/0x6f0 [ 11.899251] ? trace_preempt_on+0x20/0xc0 [ 11.899273] ? __pfx_kthread+0x10/0x10 [ 11.899292] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.899312] ? calculate_sigpending+0x7b/0xa0 [ 11.899336] ? __pfx_kthread+0x10/0x10 [ 11.899356] ret_from_fork+0x116/0x1d0 [ 11.899374] ? __pfx_kthread+0x10/0x10 [ 11.899393] ret_from_fork_asm+0x1a/0x30 [ 11.899422] </TASK> [ 11.899431] [ 11.910001] The buggy address belongs to the physical page: [ 11.910302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.911043] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.911556] flags: 0x200000000000040(head|node=0|zone=2) [ 11.911902] page_type: f8(unknown) [ 11.912090] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.912400] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.913029] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.913486] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.913915] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.914373] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.914889] page dumped because: kasan: bad access detected [ 11.915145] [ 11.915236] Memory state around the buggy address: [ 11.915399] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.915709] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.916031] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.916334] ^ [ 11.917037] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.917450] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.917829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.607928] ================================================================== [ 11.609049] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.609618] Write of size 1 at addr ffff8881003504eb by task kunit_try_catch/173 [ 11.610208] [ 11.610421] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.610473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.610485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.610505] Call Trace: [ 11.610515] <TASK> [ 11.610529] dump_stack_lvl+0x73/0xb0 [ 11.610557] print_report+0xd1/0x610 [ 11.610578] ? __virt_addr_valid+0x1db/0x2d0 [ 11.610599] ? krealloc_more_oob_helper+0x821/0x930 [ 11.610621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.610642] ? krealloc_more_oob_helper+0x821/0x930 [ 11.610664] kasan_report+0x141/0x180 [ 11.610685] ? krealloc_more_oob_helper+0x821/0x930 [ 11.610713] __asan_report_store1_noabort+0x1b/0x30 [ 11.610736] krealloc_more_oob_helper+0x821/0x930 [ 11.610756] ? __schedule+0x10cc/0x2b60 [ 11.610778] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.610801] ? finish_task_switch.isra.0+0x153/0x700 [ 11.610822] ? __switch_to+0x47/0xf50 [ 11.610847] ? __schedule+0x10cc/0x2b60 [ 11.610867] ? __pfx_read_tsc+0x10/0x10 [ 11.610891] krealloc_more_oob+0x1c/0x30 [ 11.610911] kunit_try_run_case+0x1a5/0x480 [ 11.610935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.610956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.610978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.611000] ? __kthread_parkme+0x82/0x180 [ 11.611032] ? preempt_count_sub+0x50/0x80 [ 11.611054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.611098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.611120] kthread+0x337/0x6f0 [ 11.611139] ? trace_preempt_on+0x20/0xc0 [ 11.611160] ? __pfx_kthread+0x10/0x10 [ 11.611180] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.611200] ? calculate_sigpending+0x7b/0xa0 [ 11.611223] ? __pfx_kthread+0x10/0x10 [ 11.611244] ret_from_fork+0x116/0x1d0 [ 11.611261] ? __pfx_kthread+0x10/0x10 [ 11.611281] ret_from_fork_asm+0x1a/0x30 [ 11.611310] </TASK> [ 11.611320] [ 11.625474] Allocated by task 173: [ 11.625892] kasan_save_stack+0x45/0x70 [ 11.626307] kasan_save_track+0x18/0x40 [ 11.626814] kasan_save_alloc_info+0x3b/0x50 [ 11.627091] __kasan_krealloc+0x190/0x1f0 [ 11.627499] krealloc_noprof+0xf3/0x340 [ 11.627691] krealloc_more_oob_helper+0x1a9/0x930 [ 11.628214] krealloc_more_oob+0x1c/0x30 [ 11.628478] kunit_try_run_case+0x1a5/0x480 [ 11.628884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.629096] kthread+0x337/0x6f0 [ 11.629264] ret_from_fork+0x116/0x1d0 [ 11.629605] ret_from_fork_asm+0x1a/0x30 [ 11.630109] [ 11.630299] The buggy address belongs to the object at ffff888100350400 [ 11.630299] which belongs to the cache kmalloc-256 of size 256 [ 11.631571] The buggy address is located 0 bytes to the right of [ 11.631571] allocated 235-byte region [ffff888100350400, ffff8881003504eb) [ 11.631957] [ 11.632039] The buggy address belongs to the physical page: [ 11.632207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.632455] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.632757] flags: 0x200000000000040(head|node=0|zone=2) [ 11.633001] page_type: f5(slab) [ 11.633133] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.633682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.634011] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.634304] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.634640] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.634865] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.635184] page dumped because: kasan: bad access detected [ 11.635447] [ 11.635559] Memory state around the buggy address: [ 11.635731] ffff888100350380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.635938] ffff888100350400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.636538] >ffff888100350480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.636889] ^ [ 11.637217] ffff888100350500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.637423] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.637929] ================================================================== [ 11.638549] ================================================================== [ 11.638840] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.639246] Write of size 1 at addr ffff8881003504f0 by task kunit_try_catch/173 [ 11.639673] [ 11.639814] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.639854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.639865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.639883] Call Trace: [ 11.639893] <TASK> [ 11.639907] dump_stack_lvl+0x73/0xb0 [ 11.639933] print_report+0xd1/0x610 [ 11.639954] ? __virt_addr_valid+0x1db/0x2d0 [ 11.639975] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.639997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.640029] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.640052] kasan_report+0x141/0x180 [ 11.640073] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.640100] __asan_report_store1_noabort+0x1b/0x30 [ 11.640123] krealloc_more_oob_helper+0x7eb/0x930 [ 11.640143] ? __schedule+0x10cc/0x2b60 [ 11.640165] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.640187] ? finish_task_switch.isra.0+0x153/0x700 [ 11.640208] ? __switch_to+0x47/0xf50 [ 11.640231] ? __schedule+0x10cc/0x2b60 [ 11.640251] ? __pfx_read_tsc+0x10/0x10 [ 11.640276] krealloc_more_oob+0x1c/0x30 [ 11.640296] kunit_try_run_case+0x1a5/0x480 [ 11.640319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.640340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.640363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.640403] ? __kthread_parkme+0x82/0x180 [ 11.640422] ? preempt_count_sub+0x50/0x80 [ 11.640482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.640504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.640526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.640548] kthread+0x337/0x6f0 [ 11.640566] ? trace_preempt_on+0x20/0xc0 [ 11.640588] ? __pfx_kthread+0x10/0x10 [ 11.640608] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.640628] ? calculate_sigpending+0x7b/0xa0 [ 11.640651] ? __pfx_kthread+0x10/0x10 [ 11.640671] ret_from_fork+0x116/0x1d0 [ 11.640689] ? __pfx_kthread+0x10/0x10 [ 11.640708] ret_from_fork_asm+0x1a/0x30 [ 11.640737] </TASK> [ 11.640746] [ 11.648652] Allocated by task 173: [ 11.648808] kasan_save_stack+0x45/0x70 [ 11.649076] kasan_save_track+0x18/0x40 [ 11.649316] kasan_save_alloc_info+0x3b/0x50 [ 11.649663] __kasan_krealloc+0x190/0x1f0 [ 11.649809] krealloc_noprof+0xf3/0x340 [ 11.649943] krealloc_more_oob_helper+0x1a9/0x930 [ 11.650157] krealloc_more_oob+0x1c/0x30 [ 11.650355] kunit_try_run_case+0x1a5/0x480 [ 11.650591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.651030] kthread+0x337/0x6f0 [ 11.651170] ret_from_fork+0x116/0x1d0 [ 11.651330] ret_from_fork_asm+0x1a/0x30 [ 11.651656] [ 11.651768] The buggy address belongs to the object at ffff888100350400 [ 11.651768] which belongs to the cache kmalloc-256 of size 256 [ 11.652291] The buggy address is located 5 bytes to the right of [ 11.652291] allocated 235-byte region [ffff888100350400, ffff8881003504eb) [ 11.652877] [ 11.652988] The buggy address belongs to the physical page: [ 11.653225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100350 [ 11.653616] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.653984] flags: 0x200000000000040(head|node=0|zone=2) [ 11.654196] page_type: f5(slab) [ 11.654362] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.654663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.655055] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.655287] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.655517] head: 0200000000000001 ffffea000400d401 00000000ffffffff 00000000ffffffff [ 11.655747] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.655975] page dumped because: kasan: bad access detected [ 11.656427] [ 11.656615] Memory state around the buggy address: [ 11.656837] ffff888100350380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.657491] ffff888100350400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.658155] >ffff888100350480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.658614] ^ [ 11.658818] ffff888100350500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.659043] ffff888100350580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.659254] ================================================================== [ 11.799329] ================================================================== [ 11.799994] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.800343] Write of size 1 at addr ffff888102a3a0eb by task kunit_try_catch/177 [ 11.800742] [ 11.800875] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.800934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.800945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.800964] Call Trace: [ 11.800980] <TASK> [ 11.800995] dump_stack_lvl+0x73/0xb0 [ 11.801044] print_report+0xd1/0x610 [ 11.801066] ? __virt_addr_valid+0x1db/0x2d0 [ 11.801099] ? krealloc_more_oob_helper+0x821/0x930 [ 11.801122] ? kasan_addr_to_slab+0x11/0xa0 [ 11.801141] ? krealloc_more_oob_helper+0x821/0x930 [ 11.801175] kasan_report+0x141/0x180 [ 11.801196] ? krealloc_more_oob_helper+0x821/0x930 [ 11.801223] __asan_report_store1_noabort+0x1b/0x30 [ 11.801258] krealloc_more_oob_helper+0x821/0x930 [ 11.801279] ? __schedule+0x10cc/0x2b60 [ 11.801302] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.801336] ? finish_task_switch.isra.0+0x153/0x700 [ 11.801359] ? __switch_to+0x47/0xf50 [ 11.801492] ? __schedule+0x10cc/0x2b60 [ 11.801516] ? __pfx_read_tsc+0x10/0x10 [ 11.801540] krealloc_large_more_oob+0x1c/0x30 [ 11.801576] kunit_try_run_case+0x1a5/0x480 [ 11.801600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.801622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.801656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.801678] ? __kthread_parkme+0x82/0x180 [ 11.801698] ? preempt_count_sub+0x50/0x80 [ 11.801748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.801772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.801806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.801828] kthread+0x337/0x6f0 [ 11.801847] ? trace_preempt_on+0x20/0xc0 [ 11.801869] ? __pfx_kthread+0x10/0x10 [ 11.801889] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.801909] ? calculate_sigpending+0x7b/0xa0 [ 11.801932] ? __pfx_kthread+0x10/0x10 [ 11.801953] ret_from_fork+0x116/0x1d0 [ 11.801970] ? __pfx_kthread+0x10/0x10 [ 11.801990] ret_from_fork_asm+0x1a/0x30 [ 11.802030] </TASK> [ 11.802041] [ 11.810496] The buggy address belongs to the physical page: [ 11.810765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.811687] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.811926] flags: 0x200000000000040(head|node=0|zone=2) [ 11.812157] page_type: f8(unknown) [ 11.812353] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.813048] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.813421] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.813954] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.814273] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.814695] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.814927] page dumped because: kasan: bad access detected [ 11.815187] [ 11.815281] Memory state around the buggy address: [ 11.815553] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.815958] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.816546] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.816813] ^ [ 11.817130] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.817567] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.817861] ================================================================== [ 11.818349] ================================================================== [ 11.818762] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.819171] Write of size 1 at addr ffff888102a3a0f0 by task kunit_try_catch/177 [ 11.819559] [ 11.819901] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.819946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.819957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.820024] Call Trace: [ 11.820036] <TASK> [ 11.820050] dump_stack_lvl+0x73/0xb0 [ 11.820123] print_report+0xd1/0x610 [ 11.820144] ? __virt_addr_valid+0x1db/0x2d0 [ 11.820178] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.820200] ? kasan_addr_to_slab+0x11/0xa0 [ 11.820219] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.820242] kasan_report+0x141/0x180 [ 11.820263] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.820290] __asan_report_store1_noabort+0x1b/0x30 [ 11.820313] krealloc_more_oob_helper+0x7eb/0x930 [ 11.820334] ? __schedule+0x10cc/0x2b60 [ 11.820356] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.820437] ? finish_task_switch.isra.0+0x153/0x700 [ 11.820459] ? __switch_to+0x47/0xf50 [ 11.820484] ? __schedule+0x10cc/0x2b60 [ 11.820504] ? __pfx_read_tsc+0x10/0x10 [ 11.820528] krealloc_large_more_oob+0x1c/0x30 [ 11.820550] kunit_try_run_case+0x1a5/0x480 [ 11.820574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.820596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.820618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.820640] ? __kthread_parkme+0x82/0x180 [ 11.820659] ? preempt_count_sub+0x50/0x80 [ 11.820681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.820703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.820725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.820747] kthread+0x337/0x6f0 [ 11.820777] ? trace_preempt_on+0x20/0xc0 [ 11.820817] ? __pfx_kthread+0x10/0x10 [ 11.820837] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.820857] ? calculate_sigpending+0x7b/0xa0 [ 11.820879] ? __pfx_kthread+0x10/0x10 [ 11.820900] ret_from_fork+0x116/0x1d0 [ 11.820917] ? __pfx_kthread+0x10/0x10 [ 11.820937] ret_from_fork_asm+0x1a/0x30 [ 11.820972] </TASK> [ 11.820982] [ 11.830925] The buggy address belongs to the physical page: [ 11.831194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 11.831809] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.832209] flags: 0x200000000000040(head|node=0|zone=2) [ 11.832590] page_type: f8(unknown) [ 11.832855] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.833144] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.833543] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.833980] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.834339] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 11.834788] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.835145] page dumped because: kasan: bad access detected [ 11.835363] [ 11.835613] Memory state around the buggy address: [ 11.835849] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.836152] ffff888102a3a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.836591] >ffff888102a3a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.836881] ^ [ 11.837125] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.837484] ffff888102a3a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.838019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.579096] ================================================================== [ 11.579703] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.579981] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/171 [ 11.580769] [ 11.581115] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.581164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.581177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.581197] Call Trace: [ 11.581210] <TASK> [ 11.581224] dump_stack_lvl+0x73/0xb0 [ 11.581253] print_report+0xd1/0x610 [ 11.581276] ? __virt_addr_valid+0x1db/0x2d0 [ 11.581454] ? page_alloc_uaf+0x356/0x3d0 [ 11.581487] ? kasan_addr_to_slab+0x11/0xa0 [ 11.581509] ? page_alloc_uaf+0x356/0x3d0 [ 11.581530] kasan_report+0x141/0x180 [ 11.581551] ? page_alloc_uaf+0x356/0x3d0 [ 11.581577] __asan_report_load1_noabort+0x18/0x20 [ 11.581606] page_alloc_uaf+0x356/0x3d0 [ 11.581627] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.581649] ? __schedule+0x10cc/0x2b60 [ 11.581670] ? __pfx_read_tsc+0x10/0x10 [ 11.581691] ? ktime_get_ts64+0x86/0x230 [ 11.581714] kunit_try_run_case+0x1a5/0x480 [ 11.581737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.581758] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.581779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.581801] ? __kthread_parkme+0x82/0x180 [ 11.581820] ? preempt_count_sub+0x50/0x80 [ 11.581842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.581866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.581888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.581910] kthread+0x337/0x6f0 [ 11.581928] ? trace_preempt_on+0x20/0xc0 [ 11.581950] ? __pfx_kthread+0x10/0x10 [ 11.581969] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.581989] ? calculate_sigpending+0x7b/0xa0 [ 11.582022] ? __pfx_kthread+0x10/0x10 [ 11.582042] ret_from_fork+0x116/0x1d0 [ 11.582060] ? __pfx_kthread+0x10/0x10 [ 11.582079] ret_from_fork_asm+0x1a/0x30 [ 11.582108] </TASK> [ 11.582118] [ 11.596411] The buggy address belongs to the physical page: [ 11.597073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.597773] flags: 0x200000000000000(node=0|zone=2) [ 11.598343] page_type: f0(buddy) [ 11.598781] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 11.599351] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.600035] page dumped because: kasan: bad access detected [ 11.600435] [ 11.600719] Memory state around the buggy address: [ 11.601144] ffff88810390ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.601374] ffff88810390ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.602267] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.603080] ^ [ 11.603629] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.604233] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.604727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.550123] ================================================================== [ 11.551112] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.551322] Free of addr ffff888102944001 by task kunit_try_catch/167 [ 11.551538] [ 11.551624] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.551665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.551676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.551695] Call Trace: [ 11.551706] <TASK> [ 11.551720] dump_stack_lvl+0x73/0xb0 [ 11.551746] print_report+0xd1/0x610 [ 11.551768] ? __virt_addr_valid+0x1db/0x2d0 [ 11.551790] ? kasan_addr_to_slab+0x11/0xa0 [ 11.551809] ? kfree+0x274/0x3f0 [ 11.551829] kasan_report_invalid_free+0x10a/0x130 [ 11.551852] ? kfree+0x274/0x3f0 [ 11.551873] ? kfree+0x274/0x3f0 [ 11.551892] __kasan_kfree_large+0x86/0xd0 [ 11.551912] free_large_kmalloc+0x4b/0x110 [ 11.551934] kfree+0x274/0x3f0 [ 11.551957] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.551979] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.552001] ? __schedule+0x10cc/0x2b60 [ 11.552059] ? __pfx_read_tsc+0x10/0x10 [ 11.552080] ? ktime_get_ts64+0x86/0x230 [ 11.552104] kunit_try_run_case+0x1a5/0x480 [ 11.552128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.552149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.552171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.552193] ? __kthread_parkme+0x82/0x180 [ 11.552212] ? preempt_count_sub+0x50/0x80 [ 11.552233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.552256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.552277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.552299] kthread+0x337/0x6f0 [ 11.552317] ? trace_preempt_on+0x20/0xc0 [ 11.552362] ? __pfx_kthread+0x10/0x10 [ 11.552417] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.552439] ? calculate_sigpending+0x7b/0xa0 [ 11.552461] ? __pfx_kthread+0x10/0x10 [ 11.552481] ret_from_fork+0x116/0x1d0 [ 11.552499] ? __pfx_kthread+0x10/0x10 [ 11.552518] ret_from_fork_asm+0x1a/0x30 [ 11.552547] </TASK> [ 11.552557] [ 11.565180] The buggy address belongs to the physical page: [ 11.565362] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102944 [ 11.565618] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.565933] flags: 0x200000000000040(head|node=0|zone=2) [ 11.566193] page_type: f8(unknown) [ 11.566348] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.566682] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.566965] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.567282] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.567969] head: 0200000000000002 ffffea00040a5101 00000000ffffffff 00000000ffffffff [ 11.568843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.569281] page dumped because: kasan: bad access detected [ 11.569833] [ 11.570024] Memory state around the buggy address: [ 11.570239] ffff888102943f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.570783] ffff888102943f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.571091] >ffff888102944000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.571702] ^ [ 11.571889] ffff888102944080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.572187] ffff888102944100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.572907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.523298] ================================================================== [ 11.524909] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.526263] Read of size 1 at addr ffff888102944000 by task kunit_try_catch/165 [ 11.527357] [ 11.527771] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.527858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.527870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.527890] Call Trace: [ 11.527902] <TASK> [ 11.527917] dump_stack_lvl+0x73/0xb0 [ 11.527947] print_report+0xd1/0x610 [ 11.527968] ? __virt_addr_valid+0x1db/0x2d0 [ 11.527989] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.528018] ? kasan_addr_to_slab+0x11/0xa0 [ 11.528038] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.528058] kasan_report+0x141/0x180 [ 11.528078] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.528102] __asan_report_load1_noabort+0x18/0x20 [ 11.528125] kmalloc_large_uaf+0x2f1/0x340 [ 11.528144] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.528165] ? __schedule+0x207f/0x2b60 [ 11.528186] ? __pfx_read_tsc+0x10/0x10 [ 11.528208] ? ktime_get_ts64+0x86/0x230 [ 11.528233] kunit_try_run_case+0x1a5/0x480 [ 11.528257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.528279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.528302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.528324] ? __kthread_parkme+0x82/0x180 [ 11.528344] ? preempt_count_sub+0x50/0x80 [ 11.528365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.528388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.528409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.528455] kthread+0x337/0x6f0 [ 11.528473] ? trace_preempt_on+0x20/0xc0 [ 11.528495] ? __pfx_kthread+0x10/0x10 [ 11.528515] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.528534] ? calculate_sigpending+0x7b/0xa0 [ 11.528558] ? __pfx_kthread+0x10/0x10 [ 11.528578] ret_from_fork+0x116/0x1d0 [ 11.528595] ? __pfx_kthread+0x10/0x10 [ 11.528614] ret_from_fork_asm+0x1a/0x30 [ 11.528643] </TASK> [ 11.528653] [ 11.541538] The buggy address belongs to the physical page: [ 11.542122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102944 [ 11.542738] flags: 0x200000000000000(node=0|zone=2) [ 11.542921] raw: 0200000000000000 ffffea00040a5208 ffff88815b039f80 0000000000000000 [ 11.543166] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.543409] page dumped because: kasan: bad access detected [ 11.543615] [ 11.543710] Memory state around the buggy address: [ 11.543932] ffff888102943f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.544216] ffff888102943f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.544620] >ffff888102944000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.544974] ^ [ 11.545130] ffff888102944080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.545477] ffff888102944100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.545924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.500316] ================================================================== [ 11.500846] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.501191] Write of size 1 at addr ffff888102a3600a by task kunit_try_catch/163 [ 11.501555] [ 11.501676] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.501720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.501730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.501751] Call Trace: [ 11.501762] <TASK> [ 11.501776] dump_stack_lvl+0x73/0xb0 [ 11.501805] print_report+0xd1/0x610 [ 11.501827] ? __virt_addr_valid+0x1db/0x2d0 [ 11.501849] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.501869] ? kasan_addr_to_slab+0x11/0xa0 [ 11.501888] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.501910] kasan_report+0x141/0x180 [ 11.501930] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.501956] __asan_report_store1_noabort+0x1b/0x30 [ 11.501979] kmalloc_large_oob_right+0x2e9/0x330 [ 11.502000] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.502034] ? __schedule+0x10cc/0x2b60 [ 11.502055] ? __pfx_read_tsc+0x10/0x10 [ 11.502075] ? ktime_get_ts64+0x86/0x230 [ 11.502099] kunit_try_run_case+0x1a5/0x480 [ 11.502123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.502145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.502168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.502190] ? __kthread_parkme+0x82/0x180 [ 11.502209] ? preempt_count_sub+0x50/0x80 [ 11.502233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.502256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.502278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.502300] kthread+0x337/0x6f0 [ 11.502318] ? trace_preempt_on+0x20/0xc0 [ 11.502341] ? __pfx_kthread+0x10/0x10 [ 11.502367] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.502387] ? calculate_sigpending+0x7b/0xa0 [ 11.502410] ? __pfx_kthread+0x10/0x10 [ 11.502430] ret_from_fork+0x116/0x1d0 [ 11.502448] ? __pfx_kthread+0x10/0x10 [ 11.502467] ret_from_fork_asm+0x1a/0x30 [ 11.502497] </TASK> [ 11.502506] [ 11.509702] The buggy address belongs to the physical page: [ 11.509920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 11.510181] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.510517] flags: 0x200000000000040(head|node=0|zone=2) [ 11.510787] page_type: f8(unknown) [ 11.510961] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.511308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.511866] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.512209] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.512640] head: 0200000000000002 ffffea00040a8d01 00000000ffffffff 00000000ffffffff [ 11.512934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.513247] page dumped because: kasan: bad access detected [ 11.513569] [ 11.513649] Memory state around the buggy address: [ 11.513851] ffff888102a35f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.514156] ffff888102a35f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.514513] >ffff888102a36000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.514788] ^ [ 11.514948] ffff888102a36080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.515243] ffff888102a36100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.515616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.467782] ================================================================== [ 11.468816] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.469534] Write of size 1 at addr ffff888102b39f00 by task kunit_try_catch/161 [ 11.469795] [ 11.469882] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.469924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.469935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.469953] Call Trace: [ 11.469964] <TASK> [ 11.469978] dump_stack_lvl+0x73/0xb0 [ 11.470023] print_report+0xd1/0x610 [ 11.470044] ? __virt_addr_valid+0x1db/0x2d0 [ 11.470065] ? kmalloc_big_oob_right+0x316/0x370 [ 11.470086] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.470106] ? kmalloc_big_oob_right+0x316/0x370 [ 11.470127] kasan_report+0x141/0x180 [ 11.470148] ? kmalloc_big_oob_right+0x316/0x370 [ 11.470174] __asan_report_store1_noabort+0x1b/0x30 [ 11.470197] kmalloc_big_oob_right+0x316/0x370 [ 11.470218] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.470239] ? __schedule+0x10cc/0x2b60 [ 11.470261] ? __pfx_read_tsc+0x10/0x10 [ 11.470281] ? ktime_get_ts64+0x86/0x230 [ 11.470303] kunit_try_run_case+0x1a5/0x480 [ 11.470326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.470415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.470442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.470464] ? __kthread_parkme+0x82/0x180 [ 11.470482] ? preempt_count_sub+0x50/0x80 [ 11.470504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.470527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.470549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.470571] kthread+0x337/0x6f0 [ 11.470589] ? trace_preempt_on+0x20/0xc0 [ 11.470611] ? __pfx_kthread+0x10/0x10 [ 11.470630] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.470650] ? calculate_sigpending+0x7b/0xa0 [ 11.470674] ? __pfx_kthread+0x10/0x10 [ 11.470694] ret_from_fork+0x116/0x1d0 [ 11.470713] ? __pfx_kthread+0x10/0x10 [ 11.470734] ret_from_fork_asm+0x1a/0x30 [ 11.470764] </TASK> [ 11.470773] [ 11.482309] Allocated by task 161: [ 11.482863] kasan_save_stack+0x45/0x70 [ 11.483240] kasan_save_track+0x18/0x40 [ 11.483657] kasan_save_alloc_info+0x3b/0x50 [ 11.484046] __kasan_kmalloc+0xb7/0xc0 [ 11.484179] __kmalloc_cache_noprof+0x189/0x420 [ 11.484335] kmalloc_big_oob_right+0xa9/0x370 [ 11.484781] kunit_try_run_case+0x1a5/0x480 [ 11.485178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.485709] kthread+0x337/0x6f0 [ 11.485971] ret_from_fork+0x116/0x1d0 [ 11.486313] ret_from_fork_asm+0x1a/0x30 [ 11.486528] [ 11.486601] The buggy address belongs to the object at ffff888102b38000 [ 11.486601] which belongs to the cache kmalloc-8k of size 8192 [ 11.486957] The buggy address is located 0 bytes to the right of [ 11.486957] allocated 7936-byte region [ffff888102b38000, ffff888102b39f00) [ 11.487891] [ 11.488068] The buggy address belongs to the physical page: [ 11.488572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b38 [ 11.488820] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.489061] flags: 0x200000000000040(head|node=0|zone=2) [ 11.489240] page_type: f5(slab) [ 11.489359] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.490082] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.490861] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.491702] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.492467] head: 0200000000000003 ffffea00040ace01 00000000ffffffff 00000000ffffffff [ 11.493139] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.493975] page dumped because: kasan: bad access detected [ 11.494559] [ 11.494738] Memory state around the buggy address: [ 11.495110] ffff888102b39e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.495796] ffff888102b39e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.496232] >ffff888102b39f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.496454] ^ [ 11.496571] ffff888102b39f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.496786] ffff888102b3a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.497014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.416337] ================================================================== [ 11.417081] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.417569] Write of size 1 at addr ffff8881027d6778 by task kunit_try_catch/159 [ 11.417971] [ 11.418083] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.418128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.418139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.418161] Call Trace: [ 11.418172] <TASK> [ 11.418190] dump_stack_lvl+0x73/0xb0 [ 11.418220] print_report+0xd1/0x610 [ 11.418241] ? __virt_addr_valid+0x1db/0x2d0 [ 11.418263] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.418286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.418306] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.418330] kasan_report+0x141/0x180 [ 11.418358] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.418386] __asan_report_store1_noabort+0x1b/0x30 [ 11.418408] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.418431] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.418455] ? __schedule+0x10cc/0x2b60 [ 11.418476] ? __pfx_read_tsc+0x10/0x10 [ 11.418495] ? ktime_get_ts64+0x86/0x230 [ 11.418519] kunit_try_run_case+0x1a5/0x480 [ 11.418543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.418563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.418585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.418607] ? __kthread_parkme+0x82/0x180 [ 11.418626] ? preempt_count_sub+0x50/0x80 [ 11.418649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.418671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.418692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.418714] kthread+0x337/0x6f0 [ 11.418732] ? trace_preempt_on+0x20/0xc0 [ 11.418753] ? __pfx_kthread+0x10/0x10 [ 11.418772] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.418792] ? calculate_sigpending+0x7b/0xa0 [ 11.418815] ? __pfx_kthread+0x10/0x10 [ 11.418835] ret_from_fork+0x116/0x1d0 [ 11.418852] ? __pfx_kthread+0x10/0x10 [ 11.418872] ret_from_fork_asm+0x1a/0x30 [ 11.418901] </TASK> [ 11.418911] [ 11.426731] Allocated by task 159: [ 11.426891] kasan_save_stack+0x45/0x70 [ 11.427160] kasan_save_track+0x18/0x40 [ 11.427355] kasan_save_alloc_info+0x3b/0x50 [ 11.427581] __kasan_kmalloc+0xb7/0xc0 [ 11.427720] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.427898] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.428109] kunit_try_run_case+0x1a5/0x480 [ 11.428316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.428647] kthread+0x337/0x6f0 [ 11.428846] ret_from_fork+0x116/0x1d0 [ 11.429049] ret_from_fork_asm+0x1a/0x30 [ 11.429188] [ 11.429258] The buggy address belongs to the object at ffff8881027d6700 [ 11.429258] which belongs to the cache kmalloc-128 of size 128 [ 11.429756] The buggy address is located 0 bytes to the right of [ 11.429756] allocated 120-byte region [ffff8881027d6700, ffff8881027d6778) [ 11.430356] [ 11.430504] The buggy address belongs to the physical page: [ 11.430693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 11.430933] flags: 0x200000000000000(node=0|zone=2) [ 11.431155] page_type: f5(slab) [ 11.431322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.431992] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.432327] page dumped because: kasan: bad access detected [ 11.433168] [ 11.433273] Memory state around the buggy address: [ 11.434194] ffff8881027d6600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.434970] ffff8881027d6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.435316] >ffff8881027d6700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.435885] ^ [ 11.436275] ffff8881027d6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.436805] ffff8881027d6800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.437351] ================================================================== [ 11.437982] ================================================================== [ 11.438305] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.438853] Write of size 1 at addr ffff8881027d6878 by task kunit_try_catch/159 [ 11.439585] [ 11.439790] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.439834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440033] Call Trace: [ 11.440044] <TASK> [ 11.440058] dump_stack_lvl+0x73/0xb0 [ 11.440086] print_report+0xd1/0x610 [ 11.440106] ? __virt_addr_valid+0x1db/0x2d0 [ 11.440127] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.440170] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440194] kasan_report+0x141/0x180 [ 11.440215] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440243] __asan_report_store1_noabort+0x1b/0x30 [ 11.440265] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440288] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.440312] ? __schedule+0x10cc/0x2b60 [ 11.440332] ? __pfx_read_tsc+0x10/0x10 [ 11.440352] ? ktime_get_ts64+0x86/0x230 [ 11.440535] kunit_try_run_case+0x1a5/0x480 [ 11.440561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.440603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.440625] ? __kthread_parkme+0x82/0x180 [ 11.440645] ? preempt_count_sub+0x50/0x80 [ 11.440667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.440711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.440733] kthread+0x337/0x6f0 [ 11.440751] ? trace_preempt_on+0x20/0xc0 [ 11.440772] ? __pfx_kthread+0x10/0x10 [ 11.440792] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.440811] ? calculate_sigpending+0x7b/0xa0 [ 11.440833] ? __pfx_kthread+0x10/0x10 [ 11.440853] ret_from_fork+0x116/0x1d0 [ 11.440870] ? __pfx_kthread+0x10/0x10 [ 11.440890] ret_from_fork_asm+0x1a/0x30 [ 11.440918] </TASK> [ 11.440927] [ 11.452534] Allocated by task 159: [ 11.452929] kasan_save_stack+0x45/0x70 [ 11.453424] kasan_save_track+0x18/0x40 [ 11.453791] kasan_save_alloc_info+0x3b/0x50 [ 11.453946] __kasan_kmalloc+0xb7/0xc0 [ 11.454091] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.454269] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.454767] kunit_try_run_case+0x1a5/0x480 [ 11.455152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.455663] kthread+0x337/0x6f0 [ 11.455849] ret_from_fork+0x116/0x1d0 [ 11.456037] ret_from_fork_asm+0x1a/0x30 [ 11.456220] [ 11.456309] The buggy address belongs to the object at ffff8881027d6800 [ 11.456309] which belongs to the cache kmalloc-128 of size 128 [ 11.457224] The buggy address is located 0 bytes to the right of [ 11.457224] allocated 120-byte region [ffff8881027d6800, ffff8881027d6878) [ 11.458099] [ 11.458193] The buggy address belongs to the physical page: [ 11.458695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d6 [ 11.459141] flags: 0x200000000000000(node=0|zone=2) [ 11.459613] page_type: f5(slab) [ 11.459797] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.460124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.460672] page dumped because: kasan: bad access detected [ 11.460949] [ 11.461188] Memory state around the buggy address: [ 11.461690] ffff8881027d6700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.462063] ffff8881027d6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.462530] >ffff8881027d6800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.463037] ^ [ 11.463341] ffff8881027d6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.463823] ffff8881027d6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.464135] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.383132] ================================================================== [ 11.384310] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.385048] Read of size 1 at addr ffff88810290d000 by task kunit_try_catch/157 [ 11.385471] [ 11.385702] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.385765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.385776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.385809] Call Trace: [ 11.385821] <TASK> [ 11.385836] dump_stack_lvl+0x73/0xb0 [ 11.385865] print_report+0xd1/0x610 [ 11.385886] ? __virt_addr_valid+0x1db/0x2d0 [ 11.385909] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.385931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.385952] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.385974] kasan_report+0x141/0x180 [ 11.385995] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.386032] __asan_report_load1_noabort+0x18/0x20 [ 11.386054] kmalloc_node_oob_right+0x369/0x3c0 [ 11.386076] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.386099] ? __schedule+0x10cc/0x2b60 [ 11.386121] ? __pfx_read_tsc+0x10/0x10 [ 11.386142] ? ktime_get_ts64+0x86/0x230 [ 11.386166] kunit_try_run_case+0x1a5/0x480 [ 11.386190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.386211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.386234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.386255] ? __kthread_parkme+0x82/0x180 [ 11.386275] ? preempt_count_sub+0x50/0x80 [ 11.386297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.386319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.386340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.386362] kthread+0x337/0x6f0 [ 11.386380] ? trace_preempt_on+0x20/0xc0 [ 11.386402] ? __pfx_kthread+0x10/0x10 [ 11.386619] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.386639] ? calculate_sigpending+0x7b/0xa0 [ 11.386663] ? __pfx_kthread+0x10/0x10 [ 11.386683] ret_from_fork+0x116/0x1d0 [ 11.386700] ? __pfx_kthread+0x10/0x10 [ 11.386719] ret_from_fork_asm+0x1a/0x30 [ 11.386749] </TASK> [ 11.386759] [ 11.399220] Allocated by task 157: [ 11.399353] kasan_save_stack+0x45/0x70 [ 11.399514] kasan_save_track+0x18/0x40 [ 11.399712] kasan_save_alloc_info+0x3b/0x50 [ 11.400175] __kasan_kmalloc+0xb7/0xc0 [ 11.400559] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.401082] kmalloc_node_oob_right+0xab/0x3c0 [ 11.401542] kunit_try_run_case+0x1a5/0x480 [ 11.401839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.402250] kthread+0x337/0x6f0 [ 11.402580] ret_from_fork+0x116/0x1d0 [ 11.402964] ret_from_fork_asm+0x1a/0x30 [ 11.403320] [ 11.403397] The buggy address belongs to the object at ffff88810290c000 [ 11.403397] which belongs to the cache kmalloc-4k of size 4096 [ 11.403854] The buggy address is located 0 bytes to the right of [ 11.403854] allocated 4096-byte region [ffff88810290c000, ffff88810290d000) [ 11.404597] [ 11.404675] The buggy address belongs to the physical page: [ 11.404934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102908 [ 11.405381] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.406218] flags: 0x200000000000040(head|node=0|zone=2) [ 11.406828] page_type: f5(slab) [ 11.407128] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.407951] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.408719] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.409279] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.410038] head: 0200000000000003 ffffea00040a4201 00000000ffffffff 00000000ffffffff [ 11.410450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.411000] page dumped because: kasan: bad access detected [ 11.411545] [ 11.411669] Memory state around the buggy address: [ 11.411865] ffff88810290cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.412090] ffff88810290cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.412304] >ffff88810290d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.412723] ^ [ 11.412932] ffff88810290d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.413202] ffff88810290d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.413425] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.429887] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.429987] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.431846] Modules linked in: [ 141.432020] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.432349] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.432617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.433620] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.433977] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 20 8c 3e 96 4c 89 f2 48 c7 c7 e0 88 3e 96 48 89 c6 e8 f4 a7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.434905] RSP: 0000:ffff88810a727d18 EFLAGS: 00010286 [ 141.435264] RAX: 0000000000000000 RBX: ffff888103be9000 RCX: 1ffffffff2e24cf0 [ 141.435693] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.435916] RBP: ffff88810a727d48 R08: 0000000000000000 R09: fffffbfff2e24cf0 [ 141.436150] R10: 0000000000000003 R11: 0000000000039d60 R12: ffff88810ae4e800 [ 141.436429] R13: ffff888103be90f8 R14: ffff8881021f9180 R15: ffff88810039fb40 [ 141.436823] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 141.437129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.437614] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 141.437917] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 141.438307] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.438685] Call Trace: [ 141.438823] <TASK> [ 141.438944] ? trace_preempt_on+0x20/0xc0 [ 141.439180] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.439426] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.439666] __kunit_action_free+0x57/0x70 [ 141.439919] kunit_remove_resource+0x133/0x200 [ 141.440157] ? preempt_count_sub+0x50/0x80 [ 141.440365] kunit_cleanup+0x7a/0x120 [ 141.440607] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.440856] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.441123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.441316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.443113] kthread+0x337/0x6f0 [ 141.443566] ? trace_preempt_on+0x20/0xc0 [ 141.443732] ? __pfx_kthread+0x10/0x10 [ 141.443869] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.444031] ? calculate_sigpending+0x7b/0xa0 [ 141.444184] ? __pfx_kthread+0x10/0x10 [ 141.444317] ret_from_fork+0x116/0x1d0 [ 141.444638] ? __pfx_kthread+0x10/0x10 [ 141.444785] ret_from_fork_asm+0x1a/0x30 [ 141.445145] </TASK> [ 141.445402] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 141.299696] WARNING: CPU: 0 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 141.301022] Modules linked in: [ 141.301220] CPU: 0 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.302237] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.302792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.303218] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 141.303601] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 141.304338] RSP: 0000:ffff88810ae37b20 EFLAGS: 00010246 [ 141.304700] RAX: ffff88810ae37ba8 RBX: ffff88810ae37c28 RCX: 1ffff110215c6f8e [ 141.305015] RDX: dffffc0000000000 RSI: ffff88810ad9b000 RDI: ffff88810ad9b000 [ 141.305330] RBP: ffff88810ae37b70 R08: ffff88810ad9b000 R09: ffffffff963d8f60 [ 141.305677] R10: 0000000000000003 R11: 000000004b390ab9 R12: 1ffff110215c6f71 [ 141.306086] R13: ffff88810ae37c70 R14: ffff88810ae37db8 R15: 0000000000000000 [ 141.306727] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 141.307097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.307318] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 141.307709] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 141.308042] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.308331] Call Trace: [ 141.308531] <TASK> [ 141.308662] ? trace_preempt_on+0x20/0xc0 [ 141.309070] ? add_dr+0xc1/0x1d0 [ 141.309246] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 141.309601] ? add_dr+0x148/0x1d0 [ 141.309786] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.310099] ? __drmm_add_action+0x1a4/0x280 [ 141.310314] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.310555] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.311099] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.311340] ? __schedule+0x10cc/0x2b60 [ 141.311698] ? __pfx_read_tsc+0x10/0x10 [ 141.311943] ? ktime_get_ts64+0x86/0x230 [ 141.312156] kunit_try_run_case+0x1a5/0x480 [ 141.312347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.312719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.312975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.313217] ? __kthread_parkme+0x82/0x180 [ 141.313511] ? preempt_count_sub+0x50/0x80 [ 141.313705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.313908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.314152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.314917] kthread+0x337/0x6f0 [ 141.315193] ? trace_preempt_on+0x20/0xc0 [ 141.315355] ? __pfx_kthread+0x10/0x10 [ 141.315615] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.315787] ? calculate_sigpending+0x7b/0xa0 [ 141.316022] ? __pfx_kthread+0x10/0x10 [ 141.316221] ret_from_fork+0x116/0x1d0 [ 141.316365] ? __pfx_kthread+0x10/0x10 [ 141.316516] ret_from_fork_asm+0x1a/0x30 [ 141.316886] </TASK> [ 141.317045] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 141.260931] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 141.261083] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 141.263786] Modules linked in: [ 141.264341] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.265865] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.266074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.266342] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 141.267196] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 00 3a 3d 96 4c 89 fa 48 c7 c7 60 3a 3d 96 48 89 c6 e8 72 ce 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 141.268657] RSP: 0000:ffff88810ae37b68 EFLAGS: 00010282 [ 141.268853] RAX: 0000000000000000 RBX: ffff88810ae37c40 RCX: 1ffffffff2e24cf0 [ 141.269239] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.269767] RBP: ffff88810ae37b90 R08: 0000000000000000 R09: fffffbfff2e24cf0 [ 141.270032] R10: 0000000000000003 R11: 00000000000383a0 R12: ffff88810ae37c18 [ 141.270239] R13: ffff88810ae98800 R14: ffff88810ae3f000 R15: ffff88810954c480 [ 141.270730] FS: 0000000000000000(0000) GS:ffff8881c2d72000(0000) knlGS:0000000000000000 [ 141.271464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.272144] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 141.272922] DR0: ffffffff98452444 DR1: ffffffff98452449 DR2: ffffffff9845244a [ 141.273167] DR3: ffffffff9845244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.273420] Call Trace: [ 141.273746] <TASK> [ 141.273978] drm_test_framebuffer_free+0x1ab/0x610 [ 141.274545] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 141.275070] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.275547] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.276027] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.276214] ? __schedule+0x10cc/0x2b60 [ 141.276362] ? __pfx_read_tsc+0x10/0x10 [ 141.276926] ? ktime_get_ts64+0x86/0x230 [ 141.277347] kunit_try_run_case+0x1a5/0x480 [ 141.278032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.278528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.278821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.278994] ? __kthread_parkme+0x82/0x180 [ 141.279159] ? preempt_count_sub+0x50/0x80 [ 141.279306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.279811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.280317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.281096] kthread+0x337/0x6f0 [ 141.281480] ? trace_preempt_on+0x20/0xc0 [ 141.281891] ? __pfx_kthread+0x10/0x10 [ 141.282219] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.282453] ? calculate_sigpending+0x7b/0xa0 [ 141.282878] ? __pfx_kthread+0x10/0x10 [ 141.283223] ret_from_fork+0x116/0x1d0 [ 141.283368] ? __pfx_kthread+0x10/0x10 [ 141.284143] ret_from_fork_asm+0x1a/0x30 [ 141.284592] </TASK> [ 141.284908] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 140.042888] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.043305] Modules linked in: [ 140.043762] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.044227] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.044586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.044995] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.045295] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.046233] RSP: 0000:ffff888109c07c90 EFLAGS: 00010246 [ 140.046596] RAX: dffffc0000000000 RBX: ffff888109d24000 RCX: 0000000000000000 [ 140.046879] RDX: 1ffff110213a4832 RSI: ffffffff93607838 RDI: ffff888109d24190 [ 140.047177] RBP: ffff888109c07ca0 R08: 1ffff11020073f69 R09: ffffed1021380f65 [ 140.047589] R10: 0000000000000003 R11: ffffffff92b85988 R12: 0000000000000000 [ 140.047872] R13: ffff888109c07d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.048171] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 140.048614] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.049033] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 140.049784] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 140.050094] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.050380] Call Trace: [ 140.050769] <TASK> [ 140.050902] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 140.051328] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 140.051965] ? __schedule+0x10cc/0x2b60 [ 140.052228] ? __pfx_read_tsc+0x10/0x10 [ 140.052697] ? ktime_get_ts64+0x86/0x230 [ 140.052885] kunit_try_run_case+0x1a5/0x480 [ 140.053133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.053343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.053986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.054231] ? __kthread_parkme+0x82/0x180 [ 140.054692] ? preempt_count_sub+0x50/0x80 [ 140.055000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.055233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.055481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.055999] kthread+0x337/0x6f0 [ 140.056178] ? trace_preempt_on+0x20/0xc0 [ 140.056654] ? __pfx_kthread+0x10/0x10 [ 140.056841] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.057057] ? calculate_sigpending+0x7b/0xa0 [ 140.057252] ? __pfx_kthread+0x10/0x10 [ 140.057430] ret_from_fork+0x116/0x1d0 [ 140.058042] ? __pfx_kthread+0x10/0x10 [ 140.058224] ret_from_fork_asm+0x1a/0x30 [ 140.058756] </TASK> [ 140.059042] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.966330] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.967074] Modules linked in: [ 139.967278] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.968038] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.968431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.968805] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.969097] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.970137] RSP: 0000:ffff888109cc7c90 EFLAGS: 00010246 [ 139.970575] RAX: dffffc0000000000 RBX: ffff888109f9e000 RCX: 0000000000000000 [ 139.970863] RDX: 1ffff110213f3c32 RSI: ffffffff93607838 RDI: ffff888109f9e190 [ 139.971159] RBP: ffff888109cc7ca0 R08: 1ffff11020073f69 R09: ffffed1021398f65 [ 139.971796] R10: 0000000000000003 R11: ffffffff920049da R12: 0000000000000000 [ 139.972095] R13: ffff888109cc7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.972595] FS: 0000000000000000(0000) GS:ffff8881c2d72000(0000) knlGS:0000000000000000 [ 139.973052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.973489] CR2: 00007ffff7ffe000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 139.973904] DR0: ffffffff98452444 DR1: ffffffff98452449 DR2: ffffffff9845244a [ 139.974242] DR3: ffffffff9845244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.974821] Call Trace: [ 139.975071] <TASK> [ 139.975228] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.975807] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.976253] ? __schedule+0x10cc/0x2b60 [ 139.976534] ? __pfx_read_tsc+0x10/0x10 [ 139.976878] ? ktime_get_ts64+0x86/0x230 [ 139.977198] kunit_try_run_case+0x1a5/0x480 [ 139.977585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.977884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.978294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.978638] ? __kthread_parkme+0x82/0x180 [ 139.978981] ? preempt_count_sub+0x50/0x80 [ 139.979273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.979752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.980031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.980316] kthread+0x337/0x6f0 [ 139.980483] ? trace_preempt_on+0x20/0xc0 [ 139.980782] ? __pfx_kthread+0x10/0x10 [ 139.980947] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.981209] ? calculate_sigpending+0x7b/0xa0 [ 139.981440] ? __pfx_kthread+0x10/0x10 [ 139.981703] ret_from_fork+0x116/0x1d0 [ 139.981869] ? __pfx_kthread+0x10/0x10 [ 139.982100] ret_from_fork_asm+0x1a/0x30 [ 139.982322] </TASK> [ 139.982582] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 109.963954] WARNING: CPU: 1 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 109.964267] Modules linked in: [ 109.965483] CPU: 1 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.965939] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 109.966347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.966909] RIP: 0010:intlog10+0x2a/0x40 [ 109.967309] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 c7 b9 86 02 90 <0f> 0b 90 31 c0 e9 bc b9 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 109.968441] RSP: 0000:ffff888103847cb0 EFLAGS: 00010246 [ 109.969096] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020708fb4 [ 109.970131] RDX: 1ffffffff2c52dec RSI: 1ffff11020708fb3 RDI: 0000000000000000 [ 109.971054] RBP: ffff888103847d60 R08: 0000000000000000 R09: ffffed10207d11c0 [ 109.971723] R10: ffff888103e88e07 R11: 0000000000000000 R12: 1ffff11020708f97 [ 109.972515] R13: ffffffff96296f60 R14: 0000000000000000 R15: ffff888103847d38 [ 109.972736] FS: 0000000000000000(0000) GS:ffff8881c2d72000(0000) knlGS:0000000000000000 [ 109.972977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.973197] CR2: dffffc0000000000 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 109.973494] DR0: ffffffff98452444 DR1: ffffffff98452449 DR2: ffffffff9845244a [ 109.973776] DR3: ffffffff9845244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.974252] Call Trace: [ 109.974432] <TASK> [ 109.974567] ? intlog10_test+0xf2/0x220 [ 109.974805] ? __pfx_intlog10_test+0x10/0x10 [ 109.975039] ? __schedule+0x10cc/0x2b60 [ 109.975232] ? __pfx_read_tsc+0x10/0x10 [ 109.975738] ? ktime_get_ts64+0x86/0x230 [ 109.975945] kunit_try_run_case+0x1a5/0x480 [ 109.976172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.976535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.976769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.977026] ? __kthread_parkme+0x82/0x180 [ 109.977257] ? preempt_count_sub+0x50/0x80 [ 109.977604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.977834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.978054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.978349] kthread+0x337/0x6f0 [ 109.978666] ? trace_preempt_on+0x20/0xc0 [ 109.978839] ? __pfx_kthread+0x10/0x10 [ 109.979070] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.979257] ? calculate_sigpending+0x7b/0xa0 [ 109.979710] ? __pfx_kthread+0x10/0x10 [ 109.979945] ret_from_fork+0x116/0x1d0 [ 109.980155] ? __pfx_kthread+0x10/0x10 [ 109.980312] ret_from_fork_asm+0x1a/0x30 [ 109.980670] </TASK> [ 109.980811] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 109.928742] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 109.929198] Modules linked in: [ 109.929546] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.930070] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 109.930279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.930776] RIP: 0010:intlog2+0xdf/0x110 [ 109.931030] Code: 29 96 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 bf c7 55 ff 8b 45 e4 eb [ 109.931930] RSP: 0000:ffff888100cf7cb0 EFLAGS: 00010246 [ 109.932185] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102019efb4 [ 109.932576] RDX: 1ffffffff2c52e40 RSI: 1ffff1102019efb3 RDI: 0000000000000000 [ 109.932991] RBP: ffff888100cf7d60 R08: 0000000000000000 R09: ffffed10204f9dc0 [ 109.933485] R10: ffff8881027cee07 R11: 0000000000000000 R12: 1ffff1102019ef97 [ 109.933845] R13: ffffffff96297200 R14: 0000000000000000 R15: ffff888100cf7d38 [ 109.934174] FS: 0000000000000000(0000) GS:ffff8881c2c72000(0000) knlGS:0000000000000000 [ 109.934556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.934828] CR2: ffff88815a926fe0 CR3: 00000001314bc000 CR4: 00000000000006f0 [ 109.935148] DR0: ffffffff98452440 DR1: ffffffff98452441 DR2: ffffffff98452443 [ 109.935503] DR3: ffffffff98452445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.935809] Call Trace: [ 109.935952] <TASK> [ 109.936055] ? intlog2_test+0xf2/0x220 [ 109.936290] ? __pfx_intlog2_test+0x10/0x10 [ 109.936579] ? __schedule+0x10cc/0x2b60 [ 109.936841] ? __pfx_read_tsc+0x10/0x10 [ 109.937034] ? ktime_get_ts64+0x86/0x230 [ 109.937264] kunit_try_run_case+0x1a5/0x480 [ 109.937549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.937844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.938089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.938311] ? __kthread_parkme+0x82/0x180 [ 109.938638] ? preempt_count_sub+0x50/0x80 [ 109.938823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.939128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.939489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.939785] kthread+0x337/0x6f0 [ 109.939991] ? trace_preempt_on+0x20/0xc0 [ 109.940149] ? __pfx_kthread+0x10/0x10 [ 109.940298] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.941775] ? calculate_sigpending+0x7b/0xa0 [ 109.942424] ? __pfx_kthread+0x10/0x10 [ 109.943122] ret_from_fork+0x116/0x1d0 [ 109.943959] ? __pfx_kthread+0x10/0x10 [ 109.944241] ret_from_fork_asm+0x1a/0x30 [ 109.944802] </TASK> [ 109.944982] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 109.353150] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI